I would like to share the method used to capture the "X-Net-Sync-Term" header of the HTTP request.
Currently the Bet365 index page does not have "boot.nsu (str1, str2)", they have changed the way the website is displayed.
let generate = (param) => {
let arr;
if(typeof param == 'string')
arr = eval('[' + param.split('var a=[')[1].split('];')[0] + ']');
else if(Array.isArray(param))
arr = param
else
return false
let n = arr[397];
let q = arr[158] + '.' + arr[375] + arr[182] + arr[294];
let parts = q.split('.')
let compressed = decodeURIComponent(parts[0])
let decompress = function(o) {
o = decodeURIComponent(o);
let s = +atob(n) * -1;
s = s % 64;
let r = '';
for (var t = 0; t < o.length; t++) {
var u = o.charCodeAt(t)
, v = String.fromCharCode((u + s) % 256);
r += v;
}
return r;
}
return decompress(compressed) + '.' + parts[1];
}
The parameter can be the entire HTML returned by the Bet365 website, or an array, if you choose to pass an array, the array must be the one shown in the image.
Ps: The above function will return the token (encrypted) of the page, which in this case is: idS4bd==.KavFYZJwIEwXZ1nkv6zdXI/FqYJYQiHNxQDhvhnLP1E= with this token, you will need to decode
class Bet365 {
mapLen = 64;
charMap = [["A", "d"], ["B", "e"], ["C", "f"], ["D", "g"], ["E", "h"],
["F", "i"], ["G", "j"], ["H", "k"], ["I", "l"], ["J", "m"], ["K", "n"], ["L", "o"],
["M", "p"], ["N", "q"], ["O", "r"], ["P", "s"], ["Q", "t"], ["R", "u"], ["S", "v"],
["T", "w"], ["U", "x"], ["V", "y"], ["W", "z"], ["X", "a"], ["Y", "b"], ["Z", "c"],
["a", "Q"], ["b", "R"], ["c", "S"], ["d", "T"], ["e", "U"], ["f", "V"], ["g", "W"],
["h", "X"], ["i", "Y"], ["j", "Z"], ["k", "A"], ["l", "B"], ["m", "C"], ["n", "D"],
["o", "E"], ["p", "F"], ["q", "0"], ["r", "1"], ["s", "2"], ["t", "3"], ["u", "4"],
["v", "5"], ["w", "6"], ["x", "7"], ["y", "8"], ["z", "9"], ["0", "G"], ["1", "H"],
["2", "I"], ["3", "J"], ["4", "K"], ["5", "L"], ["6", "M"], ["7", "N"], ["8", "O"],
["9", "P"], ["\n", ":|~"], ["\r", ""]];
encrypt( txt ){
let result = "";
for( let i = 0; i < txt.length; i++ ){
let c = txt.substr(i, 1)
for( let j = 0; j < this.mapLen; j++ ){
if( c == this.charMap[j][0] ){
c = this.charMap[j][1];
break;
}
}
result += c;
}
return result;
}
decrypt( txt ){
let result = "";
for(let i = 0; i < txt.length; i++){
let c = txt.substr(i, 1)
for( let j = 0; j < this.mapLen; j++ ){
if( ":" == c && ":|~" == substr( txt, i, 3 ) ){
c = "\n";
i+=2;
break;
}
if( c == this.charMap[j][1] ){
c = this.charMap[j][0];
break;
}
}
result += c;
}
return result;
}
}
let tool = new Bet365
After sending the token in the initial request, which looks something like this: "time,S{PSTK},D{DecodedToken}"
let initReq = atob("IwNQAV9fdGltZSxTX1BTVEssRF9ERUNPREVEX1RPS0VOAA==")
initReq = initReq.replace('PSTK', PSTK)
initReq = initReq.replace('DECODED_TOKEN', DecodedToken)