A simple PHP library designed to help you bypass the protection mechanism of the Nginx testcookie module.
First, download the testcookie-decrypt.php file and include it in your project:
require_once './testcookie-decrypt.php';
// Your code here...You can use the php-curl-class library to fetch the HTML of the validation page, or alternatively, use cURL or file_get_contents():
$url = 'http://nihao.rf.gd/'; // Replace with your target URL
// Initialize cURL
$curl = new Curl();
$curl->setUserAgent('Mozilla/5.0 (iPad; U; CPU OS 4_3_3 like Mac OS X; en-us) AppleWebKit/533.17.9 (KHTML, like Gecko) Version/5.0.2 Mobile/8J2 Safari/6533.18.5');
$curl->get($url);
// Handle potential errors
if ($curl->error) {
die('Error: ' . $curl->errorMessage);
}
// Store the HTML response
$html = $curl->response; // Ensure that $html contains the HTML of the validation page.With just two lines of code, you can extract the test cookie value:
$abc = parseabc($html);
$value = getTestCookieValue($abc[0], $abc[1], $abc[2]);Now, set the cookie named __test with the value of $value, and send another request to verify if the bypass is successful:
$curl->setCookies(array(
'__test' => $value
));
$curl->get($url);
// Further actions...Special thanks to slowaAES for their contributions.