All I know, is, at some points the login page will do a call to /batch/OE or something like that.
Theres a JSON array in that request and in there under a few dropdown's, is "m": "longstring". This "m" is the metadata1.
I found the code block (search THEMETADATA and you will spot it).
So now im just slowly tryna make it more readable so I can figure out exactly what its doing.
What I can tell so far:
- Seems to try and check if your able to run certain code types, like "DOTNET" and "YHOO" which seems surprisingly like "Yahoo".
- Will get a bunch of different stuff like if your browser uses Moz(firefox) or Webkit(Others) aswell as if it can do stuff like textShadow, boxShadow all that kind of stuff.
- Seems to grab and store screen width and heights aswell as DPI.
- It does a LOT of calls in the backend. Theres like 100 _2s .when's, .register's and .declare's etc. _2s seemingly is _LI["AmazonUIPageJS"] where _LS is "window". The AmazonUIPageJS is setup BEFORE the obfuscated code and that code is not obfuscated.
Have a look and let me know if you get any bit further.
Note both files are around 6-7k lines.
Original:
Progress:
I was streaming for HOURS my progress on it on twitch.
Update 5th/04/2018
- I found out how to generate the "amaznfbguid" that is stored in "localStorage".
Bunch of bitwise operations (common) and just generated serverside variables that change each refresh.
This is what im expecting for the md1 if I find it.