|    |    |    | Today: 14-Nov-2019 |

Soundcloud mp3 extract0r

February 4, 2013 | Posted in ExploitAlert


<?php
/* @name: soundcloud-mp3-extract0r.php
* @author: c0re &lt;http://enigmagroup.org/&gt;
* @version: 1.0
* @copyright: &lt;http://creativecommons.org/licenses/by-nc-sa/3.0/&gt;
*/

print
'------------------------------------------------------
_ _ _
___ ___ _ _ ___ _| |___| |___ _ _ _| |
|_ -| . | | | | . | _| | . | | | . |
|___|___|___|_|_|___|___|_|___|___|___|
mp3 extract0r

by c0re &lt;http://enigmagroup.org/&gt;

usage: php '.htmlspecialchars($_SERVER['PHP_SELF']).' &lt;URL&gt; &lt;newName&gt;
------------------------------------------------------';

$url = urldecode(@$argv[1]); //1 parameter is original url
$name = htmlspecialchars(@$argv[2]); //2 parameter is the name of the file
if(empty($url) || empty($name)) {
die("\n[-]ERROR: invalide arguments passed");
}

//now we combine all and get our mp3 ;)
downloadMp3(getSource($url),$name);
print("\n\n[DONE] file saved in ".@getcwd()."\\".$name.".mp3\n");
?>

<?php
function getSource($url)
{
//with a strong regex pattern to validate urls copy as you like..
$pattern = '%\b(?:(?:http|https)://|www\.)[\d.a-z-]+\.[a-z]{2,6}(?::\d{1,5}+)?(?:/[!$\'()*+,._a-z-]++){0,10}(?:/[!$\'()*+,._a-z-]+)?(?:\?[!$&amp;\'()*+,.=_a-z-]*)?%i';
//..we check if url is valid
if(!preg_match($pattern, $url)) {
die("\n[-]ERROR: argv[1] doesnt look like an URL");
}
//next check if curl is available
if (!function_exists('curl_init')) {
print("\n\nWARNING: cURL not installed!\ntrying file_get_contents ...\n");
$markup = file_get_contents($url);
if(empty($markup)) {
die("\n[-]ERROR: couldnt get markup");
}
//find anything between streamUrl":" and ",
//( eg: "streamUrl":"http://media.soundcloud.com/stream/3mZyUWW9iikL?stream_token=wK1Cm", )
if(preg_match('/streamUrl\"\:\"(.*?)\"\,/', $markup, $stream)) {
//return the splitted array from the regex
return $stream[1];
}
}
//set a blank + useragent for the header
$referer = "";
$useragent = "Mozilla/5.0 (Windows; U; Windows NT 6.1; de; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13";
//send an header array containing normal looking firefox 3.x.x data
$header = array(
"Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8",
"Accept-Language: en-us;q=0.5,en;q=0.3",
"Accept-Encoding: gzip,deflate",
"Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7",
"Keep-Alive: 115",
"Connection: keep-alive"
);
//initialize the handle
$curl = curl_init();
//stuff it all in an array for curl_setopt
$options = array(
CURLOPT_URL =&gt; $url, //set the url
CURLOPT_RETURNTRANSFER =&gt; true, //return webpage
CURLOPT_BINARYTRANSFER =&gt; true, //return untouch data
CURLOPT_USERAGENT =&gt; $useragent, //send custom useragent
CURLOPT_REFERER =&gt; $referer, //send custom refferer
CURLOPT_HTTPHEADER =&gt; $header, //send custom header
CURLOPT_ENCODING =&gt; "", //handle all encodings
CURLOPT_HEADER =&gt; false, //dont return headers
CURLOPT_TIMEOUT =&gt; 10 //a little break
);
//apply the options array
curl_setopt_array($curl, $options);
//execute the whole thing
$markup = curl_exec($curl);
//get the answer for error code checking
$returncode = curl_getinfo($curl, CURLINFO_HTTP_CODE);
//close handle, free up memory
curl_close($curl);
//check for html error codes
if($returncode != 200 &amp;&amp; $returncode != 302 &amp;&amp; $returncode != 304) {
die("\n[-]ERROR: this URL seems not alive!");
}
//check if we got html source to search
if(!empty($markup)) {
//find anything between streamUrl":" and ",
//( eg: "streamUrl":"http://media.soundcloud.com/stream/3mZyUWW9iikL?stream_token=wK1Cm", )
if(preg_match('/streamUrl\"\:\"(.*?)\"\,/', $markup, $stream)) {
//return the splitted array from the regex
return $stream[1];
}
else { die("\[-]nERROR: cant find the streamUrl"); }
}
else { die("\n[-]ERROR: couldnt receive html source"); }
}
function downloadMp3($stream,$name)
{
//check if we find any extension in $name
if(stristr($name, '.mp3')) {
die("\n[-]ERROR: argv[2] doesnt need any kind of extension");
}
//just send a blank referer now
$referer = "";
//initialize the handle
$curl = curl_init();
//set the new filename
$filename = dirname(__FILE__).'/'.$name.'.mp3';
//set the filehandle for writing
$handle = fopen($filename,'w');
//stuff it all in an array for curl_setopt
$options = array(
CURLOPT_URL =&gt; $stream, //set the url
CURLOPT_FOLLOWLOCATION =&gt; true, //follow location headers
/*
PLEASE NOTE: without curlopt_followlocation set this wont
work because soundcloud redirects you to a
random created link
*/
CURLOPT_REFERER =&gt; $referer, //sent custom refferer
CURLOPT_HEADER =&gt; false, //dont return headers
CURLOPT_FILE =&gt; $handle, //set the file handle
);
//apply the options array
curl_setopt_array($curl, $options);
//execute it
curl_exec($curl);
//close handle, free up memory
curl_close($curl);
//close the file handle, free up memory
fclose($handle);
}
?>


By: c0re - Date Submitted: 2011-01-19 09:05:43

Taged in: extract0r, soundcloud