Last active
August 29, 2015 14:01
-
-
Save bullno1/3542179c43df937ae4f2 to your computer and use it in GitHub Desktop.
Give me SSD
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
#!/usr/bin/env python | |
import sys, httplib, urllib, hashlib, random, json | |
# Relevant JS code: | |
# | |
# return e = "52297d8e78ff8aed", | |
# t = CryptoJS.SHA256(Math.random().toString().substr(2, 5)).toString(), | |
# n = "//fastestgameonearth-com.herokuapp.com", | |
# $.ajax({ | |
# url: n + "/handshake", | |
# type: "POST", | |
# data: {publicKey: t}, | |
# error: this._onRegistrationError, | |
# success: function(r) { | |
# var s, o; | |
# return r.publicKey !== CryptoJS.SHA256(e + 1 + t).toString() | |
# ? i._onRegistrationError() | |
# : (t = CryptoJS.SHA256(7182 + r.publicKey).toString(), | |
# o = r.session_id, r = i.$("form").serialize(), | |
# s = "127.0.0.1", | |
# $.ajax({ | |
# url: n + "/entries", | |
# type: "POST", | |
# data: r + "&entry[ip]=" + s + "&session_id=" + o + "&publicKey=" + t, | |
# success: i._onRegistrationSuccess, | |
# error: i._onRegistrationError | |
# }))) | |
def main(): | |
#Parse particulars | |
if len(sys.argv) >= 4: | |
first_name = sys.argv[1] | |
last_name = sys.argv[2] | |
email = sys.argv[3] | |
print "First name: " + first_name | |
print "Last name: " + last_name | |
print "Email: " + email | |
else: | |
print "Usage: give-me-ssd.py <first_name> <last_name> <email> [session_id]" | |
print "Run once for a session id and reuse it" | |
return | |
#Parse session id | |
session_id = None | |
headers = { | |
"Content-type": "application/x-www-form-urlencoded", | |
"Accept": "*", | |
'X-Requested-With': 'XMLHttpRequest' | |
} | |
if len(sys.argv) == 5: | |
session_id = sys.argv[4] | |
print "Using session_id: " + session_id | |
headers['Cookie'] = 'request_method=POST; _ssd-api_session=' + session_id | |
prefix = '52297d8e78ff8aed' | |
random.seed() | |
handshake_key = sha256(str(random.random())[2:5]) | |
expected_key = sha256(prefix + '1' + handshake_key) | |
print "Handshake with key: " + handshake_key | |
print "Expect : " + expected_key | |
response = json.loads(post("/handshake", headers, {'publicKey': handshake_key})[1]) | |
submit_key = response['publicKey'] | |
session_id = response['session_id'] | |
print "Got submit key: " + submit_key | |
print "Got session id: " + session_id | |
assert submit_key == expected_key | |
submit_key = sha256('7182' + submit_key) | |
submission = { | |
'entry[first_name]':first_name, | |
'entry[last_name]':last_name, | |
'entry[email]':email, | |
'entry[remember]':'on', | |
'entry[ip]':'127.0.0.1', | |
'session_id':session_id, | |
'publicKey':submit_key | |
} | |
headers['Cookie'] = 'request_method=POST; _ssd-api_session=' + session_id | |
print post('/entries', headers, submission) | |
def sha256(term): | |
return hashlib.sha256(term).hexdigest() | |
def post(path, headers, body): | |
params = urllib.urlencode(body, doseq = True) | |
conn = httplib.HTTPConnection("fastestgameonearth-com.herokuapp.com") | |
conn.request("POST", path, params, headers) | |
response = conn.getresponse() | |
return (response.status, response.read()) | |
if __name__ == "__main__": | |
main() |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment