loot-link bypass shit

public

rrixh Apr 11, 2024 Never 2981

JavaScript loot-link.bypasser 104 lines (93 loc) | 3.98 KB

Raw

This is a UserScript that bypasses loot-link.com and related websites quickly and efficiently. The script intercepts the fetch requests on the specified URLs and processes the data to allow for redirection to the intended destination. Here is an analysis of the key components and functionalities of the code: 1. Metadata: The script contains metadata in comments at the beginning which provides information about the script such as name, author, description, version, matches URLs, license, etc. 2. Overriding fetch: The script overrides the global fetch function with a custom implementation to intercept and modify the outgoing requests. 3. Data Processing: The script processes the response data from the fetch requests to extract and manipulate necessary information for bypassing the loot-link websites. 4. Bypass Function: The `bypass()` function is called when the session data is successfully retrieved. It calculates the server address based on the `urid`, establishes a WebSocket connection, and handles the response to redirect the user to the final destination. 5. Decrypt Data Function: The `decryptData()` function decrypts the encoded data by applying XOR operation with a key, which is derived from the base64 encoded data. 6. Error Handling: The script includes error handling logic to catch and display errors, allowing users to report errors if needed or reload the page. Overall, the script is designed to automate the bypass process for loot-link websites by efficiently processing data and establishing a WebSocket connection to redirect users to the intended target.

1 // ==UserScript==
2 // @name         [Working] loot-link.com bypasser (includes all lootlabs.gg link variations)
3 // @homepageURL  https://discord.gg/keybypass
4 // @description  bypasses loot-link.com quickly and efficiently, saving you time and energy.
5 // @author       d15c0rdh4ckr (768868463459434517)
6 // @match        https://loot-link.com/s?*
7 // @match        https://loot-links.com/s?*
8 // @match        https://lootlink.org/s?*
9 // @match        https://lootlinks.co/s?*
10 // @match        https://lootdest.info/s?*
11 // @match        https://lootdest.org/s?*
12 // @match        https://lootdest.com/s?*
13 // @match        https://links-loot.com/s?*
14 // @match        https://linksloot.net/s?*
15 // @grant        unsafeWindow
16 // @run-at       document-start
17 // @version      4.1
18 // @license      MIT
19 // @supportURL   https://discord.gg/keybypass
20 // @icon         https://files.catbox.moe/kflwuj.png
21 // @namespace https://greasyfork.org/users/1237543
22 // @downloadURL https://update.greasyfork.org/scripts/483207/%5BWorking%5D%20loot-linkcom%20bypasser%20%28includes%20all%20lootlabsgg%20link%20variations%29.user.js
23 // @updateURL https://update.greasyfork.org/scripts/483207/%5BWorking%5D%20loot-linkcom%20bypasser%20%28includes%20all%20lootlabsgg%20link%20variations%29.meta.js
24 // ==/UserScript==
25  
26 let initData;
27  
28 let syncer;
29  
30 let sessionData;
31  
32 let origFetch = fetch;
33 unsafeWindow.fetch = function (url, ...options) {
34     return new Promise(async (resolve, reject) => {
35         try {
36             let res = await origFetch(url, ...options);
37             try {
38                 if (url.includes(p.CDN_DOMAIN)) {
39                     initData = res.clone();
40                     initData = await initData.text();
41                     initData = '[' + initData.slice(1, -2) + ']';
42                     initData = JSON.parse(initData);
43                     syncer = initData[10];
44                 }
45                 else if (url.includes(syncer) && !sessionData) {
46                     sessionData = res.clone();
47                     sessionData = await sessionData.json();
48                     bypass();
49                 }
50             } catch (e) {
51                 console.error(e);
52                 let reportError = confirm(`${e.message}\n\nwould you like to report this error?`);
53                 if (reportError) {
54                     navigator.clipboard.writeText(e.message);
55                     window.location.replace('https://discord.gg/keybypass');
56                 }
57                 else {
58                     window.location.reload();
59                 }
60             }
61             resolve(res);
62         } catch (e) {
63             reject(e);
64         }
65     });
66 }
67  
68 async function bypass() {
69     let urid = sessionData[0].urid;
70  
71     let server = initData[9];
72     server = (Number(urid.toString().substr(-5)) % 3) + '.' + server;
73  
74     let websocket = new WebSocket(`wss://${server}/c?uid=${urid}&cat=54&key=${p.KEY}`);
75     fetch(sessionData[0].action_pixel_url)
76     websocket.onopen = async function (event) {
77         await fetch(`https://${server}/st?uid=${urid}&cat=54`, { method: 'POST', })
78         await fetch(`https://${syncer}/td?ac=1&urid=${urid}&&cat=54&tid=${p.TID}`)
79     };
80     websocket.onmessage = function (event) {
81         if (event.data.startsWith('r:')) {
82             let data = event.data.split(':')[1];
83             data = decryptData(data);
84             window.location.assign(data);
85         }
86     };
87 }
88  
89 function decryptData(encodedData, keyLength = 5) {
90     let decryptedData = '',
91         base64Decoded = atob(encodedData),
92         key = base64Decoded.substring(0, keyLength),
93         encryptedContent = base64Decoded.substring(keyLength);
94  
95     for (let i = 0; i < encryptedContent.length; i++) {
96         let charCodeEncrypted = encryptedContent.charCodeAt(i),
97             charCodeKey = key.charCodeAt(i % key.length),
98             decryptedCharCode = charCodeEncrypted ^ charCodeKey;
99  
100         decryptedData += String.fromCharCode(decryptedCharCode);
101     }
102  
103     return decryptedData;
104 }

1	// ==UserScript==
2	// @name [Working] loot-link.com bypasser (includes all lootlabs.gg link variations)
3	// @homepageURL https://discord.gg/keybypass
4	// @description bypasses loot-link.com quickly and efficiently, saving you time and energy.
5	// @author d15c0rdh4ckr (768868463459434517)
6	// @match https://loot-link.com/s?*
7	// @match https://loot-links.com/s?*
8	// @match https://lootlink.org/s?*
9	// @match https://lootlinks.co/s?*
10	// @match https://lootdest.info/s?*
11	// @match https://lootdest.org/s?*
12	// @match https://lootdest.com/s?*
13	// @match https://links-loot.com/s?*
14	// @match https://linksloot.net/s?*
15	// @grant unsafeWindow
16	// @run-at document-start
17	// @version 4.1
18	// @license MIT
19	// @supportURL https://discord.gg/keybypass
20	// @icon https://files.catbox.moe/kflwuj.png
21	// @namespace https://greasyfork.org/users/1237543
22	// @downloadURL https://update.greasyfork.org/scripts/483207/%5BWorking%5D%20loot-linkcom%20bypasser%20%28includes%20all%20lootlabsgg%20link%20variations%29.user.js
23	// @updateURL https://update.greasyfork.org/scripts/483207/%5BWorking%5D%20loot-linkcom%20bypasser%20%28includes%20all%20lootlabsgg%20link%20variations%29.meta.js
24	// ==/UserScript==
25
26	let initData;
27
28	let syncer;
29
30	let sessionData;
31
32	let origFetch = fetch;
33	unsafeWindow.fetch = function (url, ...options) {
34	return new Promise(async (resolve, reject) => {
35	try {
36	let res = await origFetch(url, ...options);
37	try {
38	if (url.includes(p.CDN_DOMAIN)) {
39	initData = res.clone();
40	initData = await initData.text();
41	initData = '[' + initData.slice(1, -2) + ']';
42	initData = JSON.parse(initData);
43	syncer = initData[10];
44	}
45	else if (url.includes(syncer) && !sessionData) {
46	sessionData = res.clone();
47	sessionData = await sessionData.json();
48	bypass();
49	}
50	} catch (e) {
51	console.error(e);
52	let reportError = confirm(`${e.message}\n\nwould you like to report this error?`);
53	if (reportError) {
54	navigator.clipboard.writeText(e.message);
55	window.location.replace('https://discord.gg/keybypass');
56	}
57	else {
58	window.location.reload();
59	}
60	}
61	resolve(res);
62	} catch (e) {
63	reject(e);
64	}
65	});
66	}
67
68	async function bypass() {
69	let urid = sessionData[0].urid;
70
71	let server = initData[9];
72	server = (Number(urid.toString().substr(-5)) % 3) + '.' + server;
73
74	let websocket = new WebSocket(`wss://${server}/c?uid=${urid}&cat=54&key=${p.KEY}`);
75	fetch(sessionData[0].action_pixel_url)
76	websocket.onopen = async function (event) {
77	await fetch(`https://${server}/st?uid=${urid}&cat=54`, { method: 'POST', })
78	await fetch(`https://${syncer}/td?ac=1&urid=${urid}&&cat=54&tid=${p.TID}`)
79	};
80	websocket.onmessage = function (event) {
81	if (event.data.startsWith('r:')) {
82	let data = event.data.split(':')[1];
83	data = decryptData(data);
84	window.location.assign(data);
85	}
86	};
87	}
88
89	function decryptData(encodedData, keyLength = 5) {
90	let decryptedData = '',
91	base64Decoded = atob(encodedData),
92	key = base64Decoded.substring(0, keyLength),
93	encryptedContent = base64Decoded.substring(keyLength);
94
95	for (let i = 0; i < encryptedContent.length; i++) {
96	let charCodeEncrypted = encryptedContent.charCodeAt(i),
97	charCodeKey = key.charCodeAt(i % key.length),
98	decryptedCharCode = charCodeEncrypted ^ charCodeKey;
99
100	decryptedData += String.fromCharCode(decryptedCharCode);
101	}
102
103	return decryptedData;
104	}