From a5ef80d78b0299db70143b2940b93b5a8d83b17c Mon Sep 17 00:00:00 2001 From: DarkCat09 Date: Fri, 13 May 2022 17:44:00 +0400 Subject: [PATCH] Important bugfix in javascript parser --- python_aternos/atconnect.py | 28 ++++++++++++++++++++++------ python_aternos/atjsparse.py | 5 +++++ tests/js2py_test.py | 31 +++++++++++++++++++++++++++---- token.txt | 2 ++ 4 files changed, 56 insertions(+), 10 deletions(-) diff --git a/python_aternos/atconnect.py b/python_aternos/atconnect.py index 6b12d67..d3af148 100644 --- a/python_aternos/atconnect.py +++ b/python_aternos/atconnect.py @@ -4,12 +4,12 @@ import logging import lxml.html from requests import Response from cloudscraper import CloudScraper -from typing import Optional, Union +from typing import Optional, Union, Dict from . import atjsparse from .aterrors import CredentialsError, CloudflareError -REQUA = 'Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:68.0) Gecko/20100101 Goanna/4.8 Firefox/68.0 PaleMoon/29.4.0.2' +REQUA = 'Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36 OPR/85.0.4341.47' class AternosConnect: @@ -86,13 +86,29 @@ class AternosConnect: num //= base return result + def add_headers(self, headers:Optional[Dict[str,str]]=None): + + headers = headers or {} + headers.update({ + 'host': 'aternos.org', + 'user-agent': REQUA, + 'sec-ch-ua': '" Not A;Brand";v="99", "Chromium";v="100", "Opera";v="86"', + 'sec-ch-ua-mobile': '?0', + 'sec-ch-ua-platform': '"Linux"', + 'sec-fetch-dest': 'document', + 'sec-fetch-mode': 'navigate', + 'sec-fetch-site': 'same-origin', + 'sec-fetch-user': '?1', + 'upgrade-insecure-requests': '1' + }) + def request_cloudflare( self, url:str, method:str, params:Optional[dict]=None, data:Optional[dict]=None, headers:Optional[dict]=None, reqcookies:Optional[dict]=None, sendtoken:bool=False, redirect:bool=True, retry:int=0) -> Response: - if retry > 2: + if retry > 3: raise CloudflareError('Unable to bypass Cloudflare protection') try: @@ -105,9 +121,8 @@ class AternosConnect: params = params or {} data = data or {} - headers = headers or {} reqcookies = reqcookies or {} - headers['User-Agent'] = REQUA + self.add_headers(headers) if sendtoken: params['TOKEN'] = self.token @@ -143,7 +158,8 @@ class AternosConnect: url, method, params, data, headers, reqcookies, - sendtoken, redirect + sendtoken, redirect, + retry - 1 ) logging.info( diff --git a/python_aternos/atjsparse.py b/python_aternos/atjsparse.py index f865074..43a15d4 100644 --- a/python_aternos/atjsparse.py +++ b/python_aternos/atjsparse.py @@ -20,5 +20,10 @@ def atob(s:str) -> str: def exec(f:str) -> Any: ctx = js2py.EvalJs({'atob': atob}) + ctx.execute('window.document = { };') + ctx.execute('window.Map = function(_i){ };') + ctx.execute('window.setTimeout = function(_f,_t){ };') + ctx.execute('window.setInterval = function(_f,_t){ };') + ctx.execute('window.encodeURIComponent = function(_s){ };') ctx.execute(to_ecma5_function(f)) return ctx diff --git a/tests/js2py_test.py b/tests/js2py_test.py index 225fa9c..fe88b1f 100644 --- a/tests/js2py_test.py +++ b/tests/js2py_test.py @@ -27,10 +27,12 @@ class TestJs2Py(unittest.TestCase): 'CuUcmZ27Fb8bVBNw12Vj', 'YPPe8Ph7vzYaZ9PF9oQP', 'UfLlemvKEE16ltk0hZNM', - 'q6pYdP6r7xiVHhbotvlN', - 'q6pYdP6r7xiVHhbotvlN', - 'XAIbksgkVX9JYboMDI7D', - 'sBImgVg6RL98W1khPYMl' + 'S1Oban9UGRXVIepREw9q', + 'S1Oban9UGRXVIepREw9q', + 'KYDDyT1DWOJTZpNtJWhM', + 'lZPFwRqIGIf8JKk1LG02', + 'KbxzYCJUrFjWzbeZcAmE', + 'KbxzYCJUrFjWzbeZcAmE' ] def test_base64(self) -> None: @@ -45,6 +47,27 @@ class TestJs2Py(unittest.TestCase): f = atjsparse.to_ecma5_function(token) self.assertEqual(f, '(function(){window["AJAX_TOKEN"]=("2r" + "KO" + "A1" + "IFdBcHhEM" + "61" + "6cb");})()') + def test_ecma6parse(self) -> None: + + code = ''' + window.t0 = + window['document']&& + !window[["p","Ma"].reverse().join('')]|| + !window[["ut","meo","i","etT","s"].reverse().join('')];''' + + part1 = '''window.t1 = Boolean(window['document']);''' + part2 = '''window.t2 = Boolean(!window[["p","Ma"].reverse().join('')]);''' + part3 = '''window.t3 = Boolean(!window[["ut","meo","i","etT","s"].reverse().join('')]);''' + + ctx0 = atjsparse.exec(code) + ctx1 = atjsparse.exec(part1) + ctx2 = atjsparse.exec(part2) + ctx3 = atjsparse.exec(part3) + + self.assertEqual(ctx1.window['t1'], True) + self.assertEqual(ctx2.window['t2'], False) + self.assertEqual(ctx3.window['t3'], False) + def test_exec(self) -> None: for i, f in enumerate(self.tests): diff --git a/token.txt b/token.txt index 0f17465..893d7d5 100644 --- a/token.txt +++ b/token.txt @@ -15,3 +15,5 @@ (() => {window["AJAX_TOKEN"]=window['document']&&window["Map"]&&window[["out","e","Tim","et","s"].reverse().join('')]?["pREw9q","XVIe","UGR","S1Oban9"].reverse().join(''):["dYp6q","Vix7r6P","tobhH","Nlv"].map(s => s.split('').reverse().join('')).join('');})(); (() => {window[["OKEN", "T", "_", "AJAX"].reverse().join("")] = window["document"] && window["Map"] && window["set" + "T" + "im" + "e" + "o" + "u" + "t"] ? ["DYK", "OWD1TyD", "TJ", "JtNpZ", "MhW"].map((s) => s.split("").reverse().join("")).join("") : "XAIbksgkVX9JYboMDI7D";})(); (() => {window[["XAJA","T_","NEKO"].map(s => s.split('').reverse().join('')).join('')]=window['document']&&window[["ap","M"].reverse().join('')]&&window[["es","iTt","oem","u","t"].map(s => s.split('').reverse().join('')).join('')]?["Kk1LG02","If8J","lZPFwRqIG"].reverse().join(''):("sBI" + "mgV" + "g6RL98W1" + "khPY" + "Ml");})(); +(() => {window[["N","KE","_TO","X","JA","A"].reverse().join('')]=window['document']&&!window[["p","Ma"].reverse().join('')]||!window[["ut","meo","i","etT","s"].reverse().join('')]?("1UY5" + "1inS" + "kzlSO" + "QmKU0mK"):"KbxzYCJUrFjWzbeZcAmE";})(); +(() => {window[["EN", "TOK", "AJAX_"].reverse().join('')] = window['document'] && window["Map"] && window[("s" + "et" + "Tim" + "e" + "o" + "ut")] ? "KbxzYCJUrFjWzbeZcAmE" : ["mK", "SOQmKU0", "zl", "1inSk", "1UY5"].reverse().join('');})();