Parsing CloudFlare-protected emails


  • Admin

    Sometimes on websites you see something like this

    <a href="/cdn-cgi/l/email-protection" class="__cf_email__" data-cfemail="LONG HEX STRING HERE">[email&#160;protected]</a>
    

    In order to decrypt it, you can make use of the Jint interpreter and write this LoliScript piece of code:

    PARSE "<SOURCE>" LR "cfemail=\"" "\"" -> VAR "LONGHEX"
    
    ## DECODING
    BEGIN SCRIPT JavaScript
    function cfDecodeEmail(encodedString) {
        var email = "", r = parseInt(encodedString.substr(0, 2), 16), n, i;
        for (n = 2; encodedString.length - n; n += 2){
        	i = parseInt(encodedString.substr(n, 2), 16) ^ r;
    		email += String.fromCharCode(i);
        }
        return email;
    }
    
    var EMAIL = cfDecodeEmail(LONGHEX);
    END SCRIPT -> VARS "EMAIL"
    PRINT <EMAIL>
    

    It will print the email in cleartext ^_^



  • 8fb71511-1799-40bf-ad5f-e8f3a6b293ed-image.png
    012dd44b-c9a6-48e5-bab8-92cd06eac030-image.png
    thanks ❤


  • Mod

    very useful 🙂
    take note yall



  • Noted.... Tnx Ruri



  • lets say there is bunch of email in single page is it possible to split the capture so they can become like
    LONG HEX STRING HERE
    LONG HEX STRING HERE
    LONG HEX STRING HERE
    LONG HEX STRING HERE

    and make ur script do his job ?


  • Admin

    You simply need to parse recursively into an array and then pass the array to the js, it should be automatically converted to a js array and you can execute the function multiple times and return the output array. If that doesn't work, simply join the list into a single string using the UTILITY List Join function and pass the string, then split it again into the js, perform the operations, join it again, return it, and then split it using UTILITY Variable Split.



  • thank you so much


  • Banned

    This post is deleted!

Log in to reply