Bypass the AIAS DDoS protection #118

New Issue

lucidiot · 2022-11-19T06:41:32Z

lucidiot commented

2022-11-19 06:41:32 +00:00

The AIAS official feed is now hidden behind a very dumb "DDoS protection" thing. It seems to work by using some weird JavaScript that sets a cookie then refreshes the page. Performing a request without a User-Agent header results in being blocked by a WAF, and setting the User-Agent to anything but sending no cookie or an invalid cookie results in a page showing a "Verifying your browser" loading screen and the weird JS.

No feed readers can bypass this type of protection, so the AIAS official feed is now completely useless. However, we could definitely bypass it by applying a heavy dose of sed and running the JS code using node or qjs or some other interpreter to get a Cookie: header that we can send ourselves. This could let us make a custom feed that just downloads the official feed.

The [AIAS official feed](http://www.aias.gov.ro/index.php/ro/publicatii/rapoarte-de-investigatie-privind-siguranta?format=feed&type=rss) is now hidden behind a very dumb "DDoS protection" thing. It seems to work by using some weird JavaScript that sets a cookie then refreshes the page. Performing a request without a `User-Agent` header results in being blocked by a [WAF](https://en.wikipedia.org/wiki/Web_application_firewall), and setting the `User-Agent` to anything but sending no cookie or an invalid cookie results in a page showing a "Verifying your browser" loading screen and the weird JS. No feed readers can bypass this type of protection, so the AIAS official feed is now completely useless. However, we could definitely bypass it by applying a heavy dose of `sed` and running the JS code using `node` or `qjs` or some other interpreter to get a `Cookie:` header that we can send ourselves. This could let us make a custom feed that just downloads the official feed.

lucidiot added the

feed

label 2022-11-19 06:41:32 +00:00

Sign in to join this conversation.