Linkvertise Downloader

[Nerixyz]

Domain

https://linkvertise.download

Link

Any link on https://linkvertise.com (there are trending links). Make sure to disable the addon, so you will be redirected to linkvertise.download.

Version

0.0.0

What browsers are you seeing the problem on?

Firefox

What OS are you seeing the problem on?

Windows

(Optional) Anything else?

This isn't really needed as linkvertise is already bypassed. But if you're on linkvertise.download, there's no bypass.

Just throwing it out here if anyone needs it. Note: It's really easy to detect and prevent by checking the UA or updating the downloader.

This is roughly how it works:

// Step 1: get the downloader URL
// Step 2: get the final name of the downloader-file
// Step 3: emulate the requests done by the downloader

// example implementation

// the string from the url
const LINK_STUFF = '12345/Name';
const downloaderInfo = await fetch(
  `https://publisher.linkvertise.com/api/v1/redirect/link/${LINK_STUFF}/download-info`,
  {
    method: 'POST',
    body: JSON.stringify({
      // this is the last part in the url,
      // that comes after LINK_STUFF
      key: 'c3R1ZmYgZnJvbSB0aGUgdXJsIC0gYSBrZXk',
    }),
    headers: {
      'Content-Type': 'application/json',
    },
  },
).then(x => x.json());

const downloaderUrl = downloaderInfo.data?.downloadUrl;
// if (!downloaderUrl) return;

handleDownload(downloaderUrl);

/**
 * @param {string} url
 * @returns {Promise<void>}
 */
async function handleDownload(url) {
  // only get the headers
  const response = await fetch(url);
  // Example value: attachment; filename="Channel%20-%20Linkvertise%20Downloader_exS-5as.exe"; ...
  // This might be a zip file with a file like this inside,
  // though it doesn't change the fact that the last part is matched.
  const name = response.headers.get('content-disposition')?.match(/Downloader_([^ .]+)/)?.[1];
  if (!name) return;

  // this is the stuff the downloader does
  // we can't emulate the UA (it's something with WinHttpClient)
  const oResponse = await fetch('https://d17kz3i6hbr7d3.cloudfront.net/o', {
    method: 'POST',
    headers: {
      'Content-Type': 'application/json',
    },
    body: JSON.stringify({
      prv: '0.1',
      // still works but might be updated
      plv: '1.34.2.8157',
      l: 'en',
      a: 'Linkvertise',
      i: 'Linkvertise_DLM',
      s: 'Linkvertise',
      u: name,
      o: '10', // os-version
    }),
  }).then(x => x.json());

  if (oResponse.i?.cu) {
    // this would be `safelyNavigate`
    await browser.tabs.update(tabId, {
      url: oResponse.i.cu,
    });
  }
}

Code of Conduct

• [X] I agree to follow this project's Code of Conduct

[lostdusty]

@UnJust1ce @BS-zombie @NotAProton looks like a fix for linkvertise

[Nerixyz]

I've updated the version and host. It should still work. Though as I mentioned, you might get a zip file and need to extract the filename from it.

[lostdusty]

@UnJust1ce @reashetyrr could you check this?

[reashetyrr]

Yes, I will take a look tomorrow!

[reashetyrr]

im pinning this for later, currently found differences in the chromium and spidermonkey browsers that will make this very browser specific

[github-actions[bot]]

This issue is stale because it has been open for 30 days with no activity. To undo this, make some activity on this issue or create a new one.

[Nerixyz]

It's still an issue afaik.

[reashetyrr]

it is yes, still have to work on a fix for this

[github-actions[bot]]

This issue is stale because it has been open for 30 days with no activity. To undo this, make some activity on this issue or create a new one.

[github-actions[bot]]

This issue was automatically closed because it has been inactive for 14 days since being marked as stale. If you bypass/problem wasn't solved, please create a new issue.