OP 19 December, 2019 - 07:46 PM
Requirements:
- Traffic Analyzer(Wireshark,Burp,Http Debugger,Fiddler, etc) #Anything that captures traffic
- Brain # Don't be stupid.
- OpenBullet #Fucking basic thing on.
- Download this Environment settings for Openbullet( for <USER> and <PASS>)
FYI : I'm not gonna teach you to capture requests learn it on your own.
FYI #1: OpenBullet is a 'ORDER OF OPERATION'
I'm gonna use Spotify this site is fucked up, so we literally gonna fuck it more.
Head on to your Openbullet create a config
Now create a requests, Spotify need csrf_token, so you need to request is they're login page to get 'csrf_token'
Because I'm a caution man I will keycheck to avoid getting csrf_token emptyhanded
FYI : I use AND as a statement (what is AND, this statement checks the keys if the two keys is evaluated to True: the AND will output True)
So we need to capture the csrf_token from the cookies header, since we don't see csrf_token from the source data,
we must capture it on the Cookies header
change the Parse to <Cookies(target cookies ex.stupid_token)> and set the Var/Cap name < this is important cause its a variable name I will show it later how it is used
Now is the last request process we need to post the data, create another request and set the method to 'POST' set the post data
Now the last process is keychecking again because we need to know the output like invalid,success,ban,retry
I will not explain anymore the capture process you must do it the world is vast and you need to learn it yourself.
Disclaimer : I don't care if you don't like it and just post it for those who are willing to learn. learning it by yourself is habit, and in the future you won't need tutorial you need documentation and your good to go. :feelsgood:
FYI #1: OpenBullet is a 'ORDER OF OPERATION'
I'm gonna use Spotify this site is fucked up, so we literally gonna fuck it more.
Head on to your Openbullet create a config
Now create a requests, Spotify need csrf_token, so you need to request is they're login page to get 'csrf_token'
Because I'm a caution man I will keycheck to avoid getting csrf_token emptyhanded
FYI : I use AND as a statement (what is AND, this statement checks the keys if the two keys is evaluated to True: the AND will output True)
So we need to capture the csrf_token from the cookies header, since we don't see csrf_token from the source data,
we must capture it on the Cookies header
change the Parse to <Cookies(target cookies ex.stupid_token)> and set the Var/Cap name < this is important cause its a variable name I will show it later how it is used
Now is the last request process we need to post the data, create another request and set the method to 'POST' set the post data
Now the last process is keychecking again because we need to know the output like invalid,success,ban,retry
I will not explain anymore the capture process you must do it the world is vast and you need to learn it yourself.
Disclaimer : I don't care if you don't like it and just post it for those who are willing to learn. learning it by yourself is habit, and in the future you won't need tutorial you need documentation and your good to go. :feelsgood: