A script that just creates a post to indigo.cafe, and requires a login token
| #!/bin/python3 | |
| # requirements: hyper selectolax | |
| from sys import exit | |
| from ssl import CERT_NONE | |
| try: | |
| import hyper | |
| except ModuleNotFoundError: | |
| exit('you need to install `hyper`: https://hyper.readthedocs.io/en/latest/quickstart.html#installing-hyper') | |
| try: | |
| from selectolax.parser import HTMLParser | |
| except ModuleNotFoundError: | |
| exit('you need to install `selectolax`: https://github.com/rushter/selectolax#Installation') | |
| # a target indigo instance can also go here | |
| connection = hyper.HTTPConnection('indigo.cafe:443') | |
| #hyper.tls._context = hyper.tls.init_context() | |
| #hyper.tls._context.check_hostname = False | |
| #hyper.tls._context.verify_mode = CERT_NONE | |
| #connection = hyper.HTTPConnection('192.168.1.127:92', secure=True) | |
| # declare file name status thing so that we can print status messages fancily | |
| STATUS_PREFIX = '[' + __file__ + '] ' | |
| # we are connected | |
| print(STATUS_PREFIX + 'connected to ingido serv') | |
| # declare headers, we're going to pass these to every request with `headers=headers` | |
| headers = { | |
| # put your login cookie thing here | |
| 'Cookie': 'gosessionid=(removed);indigo-auth=(removed);_gorilla_csrf=MTU0MjQ5MTY1NXxJaTh3ZGpSbVJERjVTazFLTkVoUGREZFpZa2hWYjJwNVRqVnFRVU53ZWswNFFuSkJSMmhvWW1kUVRITTlJZ289fCEgaCd7HaU3YAbQ3WOkh_hqsSRZAzeE-ybUe2Bcmfc3', | |
| } | |
| # get csrf token/check if banned by requesting /reset | |
| # this endpoint is chosen since it's fast, contains csrf token and works when logged in | |
| connection.request('GET', '/reset', headers=headers) | |
| response = connection.get_response() | |
| # we have /reset response | |
| print(STATUS_PREFIX + 'got /reset body') | |
| # response html, we'll use it no matter if there's an error or not | |
| body = response.read().decode() | |
| if response.status != 200: | |
| # output html returned AND exit if there's error | |
| print(body) | |
| exit('\nresponse code ' + str(response.status) + ' while getting /reset!! (above is response text)') | |
| # now see if csrfmiddlewaretoken from the user sidebar exists | |
| # if this doesn't exist (user sidebar doesn't exist) then assume we are logged out or banned | |
| query = HTMLParser(body).css_first('li > form > [name=csrfmiddlewaretoken]') | |
| if query is None: | |
| # exit | |
| print(body) | |
| exit('\ncouldn\'t find csrfmiddlewaretoken while getting /reset!! (above is response text)') | |
| # now actually use the token | |
| csrfmiddlewaretoken = query.attributes['value'] | |
| # we have csrfmiddlewaretoken! | |
| print(STATUS_PREFIX + 'we now have csrfmiddlewaretoken from /reset') | |
| # now create the post, make a request body | |
| req_body = bytes( | |
| # here is the post body right here | |
| 'body=time to watch gay porn and sex porn&' | |
| # meta stuff including csrfmiddlewaretoken (url encode it) | |
| + 'feeling_id=0&csrfmiddlewaretoken=' + csrfmiddlewaretoken.replace('+', '%2b') + '&' | |
| # community id | |
| #+ 'community=2' | |
| + 'community=1' | |
| , 'utf-8') | |
| # copy of the headers with content type | |
| headers_plus_content_type = headers.copy() | |
| headers_plus_content_type['Content-Type'] = 'application/x-www-form-urlencoded' | |
| # ingido doesn't care about uri community id | |
| connection.request('POST', '/communities/0/posts', headers=headers_plus_content_type, body=req_body) | |
| response = connection.get_response() | |
| body = response.read().decode() | |
| # check response code | |
| if response.status != 200: | |
| # print body returned | |
| print(body) | |
| exit('\nresponse code ' + str(response.status) + ' while posting to /communities/0/posts!! (above is response text)') | |
| # successfully posted the post | |
| print(STATUS_PREFIX + 'posted to /communities/0/posts') |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment