Zero_Himself Posted March 26, 2011 Share Posted March 26, 2011 Hey guys, i figured this might be the place to ask this. I am trying to scrape some 411 from a website, and hit a snag I am trying to pull a string out of a url, but it appears to be encoded in some way that i haven't been able to decode(i know it's something simple, i just haven't figured it out yet) The source string is 30 chars wide, and appears to contain null values too. The site calls a php script with a ?q=($OUR_STRING)vMj7Fzqp-sidC2rZrQnquLtbKtiLKRnZrIua5zupanm8itpJuZjLWJ0LCvddieqbG-k513qpasjKqxr5rMjqma4JOsscuBsXfItq($EXTRA_JUNK) only the first 30 chars seem to be in use(==$OUR_STRING) ex. $OUR_STRING "xsKovKuxm7_GlH3Rr6GznN-7c7Wos4"="AT&T Mobility" "y9mtyLbGyefGy3W5rrKR2NyviMjC6Y"="Verizon Wireless" ex. complete string AT&T Mobility=="xsKovKuxm7_GlH3Rr6GznN-7c7Wos4 vMj7Fzqp-sidC2rZrQnquLtbKtiLKRnZrIua5zupanm8itpJuZjLWJ0LCvddieqbG-k513qpasjKqxr5rMjqma4JOsscuBsXfItq hviw.." Verizon Wireless="y9mtyLbGyefGy3W5rrKR2NyviMjC6Y vMj7Fzqp-sidC2rZrQnquLtbKtiLKRnZrIua5zupanm8itpJuZjLWJ0LCvddieqbG-k513qpasjKqxr5rMjqma4JOsscuBsXfItq pztbixlq4." the character encoding seems to be 2-bytes wide, but i have been unable to figure it out so far. my goal is to be able to decode $OUR_STRING to read the data passed to the script. Any help, or hints would be greatly appreciated. Quote Link to comment Share on other sites More sharing options...
Infiltrator Posted March 28, 2011 Share Posted March 28, 2011 (edited) I can tell you that the string was not encoded using base64 It must have be encoded in a different format, may be in ASCII code. Not sure, it could've been encoded by anything. From which website did you get those strings from? Edited March 28, 2011 by Infiltrator Quote Link to comment Share on other sites More sharing options...
digip Posted March 28, 2011 Share Posted March 28, 2011 (edited) It decodes fine as base64, but not to plain text, so probably not straight base64 encoded information, might have another layer of encoding once you decode it from base64. Can you post the entire string or give us the actual url it came from? Could just be random session data. Check your cookies for anything corresponding, might show up there as well. Edited March 28, 2011 by digip Quote Link to comment Share on other sites More sharing options...
Infiltrator Posted March 28, 2011 Share Posted March 28, 2011 It decodes fine as base64, but not to plain text, so probably not straight base64 encoded information, might have another layer of encoding once you decode it from base64. I attempted decoding the string using base64 decoder, but it said something about not a valid base64 string. You could be right, it could have been encoded into base64 before being encoded into something else. The only way to verify this assumption is looking at the source code, that encoded the string. Quote Link to comment Share on other sites More sharing options...
Zero_Himself Posted March 29, 2011 Author Share Posted March 29, 2011 (edited) its on http://tnid.us I was hoping it was something simple such as changing the encoding scheme like from utf8 to utf16, or a simple xor or something that someone may have actually seen... it is a service that provides cell phone info.(i could pay for the api, but that wouldn't be as much fun) the info i'm trying to scrape is out of the current provider php script, i am trying to get the current network as plain text.(i have a solution that uses OCR, but it is somewhat unstable.. and not as much of a challenge) I mean, in the worst case, i could always just build a table of values, and what their plain-text counterparts are... But now i want to know how they encoded it ;-P I noticed that I can change certain parts and get an immediate result. like this example(sorry, i don't feel like making it cleaner, but you get the id once you start playing with it) zAmt=Y y8mt=U y5mt=U y4mt=U y0mt=U yZmt=Me yYmt=Me yXmt=Me yWmt=Me w9m = 6er x9m = Fer y9m = Ver z9m = fer 29m = ~er 29a = ~5r x9a = F5r here is another one for you: does anyone know of a free(non hacked) way to find out someones cell phone provider(so we can properly route SMS messages to people) Edited March 29, 2011 by Zero_Himself Quote Link to comment Share on other sites More sharing options...
digip Posted March 29, 2011 Share Posted March 29, 2011 here is another one for you: does anyone know of a free(non hacked) way to find out someones cell phone provider(so we can properly route SMS messages to people) Get them to visit a specific page in their phones web browser, compare IP to DNS name lookup, get their carrier (ie: user visits with blackberry browser, ip might belong to sprint, then you know what carrier they are on) The other is to have them call you and then lookup the number via something like tnid.org. Mitnick also had some kind of setup with asterisk where he could get peoples numbers on caller ID, even when they were blocking caller ID or had a private unlisted number, but would require the end user to call your special number to pull the private number data. Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.