75 lines
1.5 KiB
Python
75 lines
1.5 KiB
Python
#!/usr/bin/env python3
|
|
import re
|
|
import base64
|
|
import js2py
|
|
|
|
# Use tests from a file
|
|
tests = []
|
|
with open('../token.txt', 'rt') as f:
|
|
lines = re.split(r'[\r\n]', f.read())
|
|
del lines[len(lines)-1] # Remove empty string
|
|
tests = lines
|
|
|
|
brkregex = re.compile(r'\((?!\)|[\'\"])(.+?)(?<!\(|[\'\"])\)')
|
|
|
|
def parse_brackets(f, arrow=True):
|
|
|
|
match = brkregex.finditer(f)
|
|
if not arrow:
|
|
return match[0].group(1)
|
|
|
|
for r in match:
|
|
func = r.group(1)
|
|
if '=>' in func:
|
|
return func
|
|
|
|
def to_ecma5_function(f):
|
|
# return "(function() { " + f[f.index("{")+1 : f.index("}")] + "})();"
|
|
fnstart = f.find('{')+1
|
|
fnend = f.rfind('}')
|
|
f = arrow_conv(f[fnstart:fnend])
|
|
return f
|
|
|
|
def atob(s):
|
|
return base64.standard_b64decode(str(s)).decode('utf-8')
|
|
|
|
def arrow_conv(f):
|
|
if '=>' in f:
|
|
inner = parse_brackets(f)
|
|
print(inner)
|
|
while brkregex.match(inner) != None:
|
|
print(inner)
|
|
inner = parse_brackets(inner)
|
|
|
|
func = re.sub(
|
|
r'(\w+)\s*=>\s*(.+)',
|
|
r'function(\1){return \2}', inner
|
|
)
|
|
start = f.find(inner)
|
|
end = start + len(inner)
|
|
f = f[:start] + func + f[end:]
|
|
print('*r:', f)
|
|
return f
|
|
|
|
ctx = js2py.EvalJs({'atob': atob})
|
|
|
|
for f in tests:
|
|
c = to_ecma5_function(f)
|
|
ctx.execute(c)
|
|
print(ctx.window['AJAX_TOKEN'])
|
|
|
|
# Expected output:
|
|
# 2rKOA1IFdBcHhEM616cb
|
|
# 2rKOA1IFdBcHhEM616cb
|
|
# 2rKOA1IFdBcHhEM616cb
|
|
# 2rKOA1IFdBcHhEM616cb
|
|
# 2rKOA1IFdBcHhEM616cb
|
|
# 2rKOA1IFdBcHhEM616cb
|
|
# 2rKOA1IFdBcHhEM616cb
|
|
# 2rKOA1IFdBcHhEM616cb
|
|
# 2rKOA1IFdBcHhEM616cb
|
|
# 2iXh5W5uEYq5fWJIazQ6
|
|
# CuUcmZ27Fb8bVBNw12Vj
|
|
# YPPe8Ph7vzYaZ9PF9oQP
|
|
# (Note: The last four
|
|
# tokens are different)
|