Created
October 18, 2019 19:05
-
-
Save jkcgs/23d0c3bbc14889d044f4c51070b4b7e2 to your computer and use it in GitHub Desktop.
Login banco falabella
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
from Crypto.PublicKey import RSA | |
from Crypto.Cipher import PKCS1_v1_5 | |
from base64 import b64encode | |
from datetime import datetime | |
def find_str(cont, ini, end): | |
try: | |
idx_ini = cont.index(ini) + len(ini) | |
idx_end = cont[idx_ini:].index(end) + idx_ini | |
return cont[idx_ini:idx_end] | |
except ValueError: | |
return '' | |
def glb_date(): | |
# basado en cyberbank.getDateForGlb | |
# en js a veces suma enteros, y otras, concatena strings; aquí se trata de respetar eso | |
b = datetime.now() | |
f = b.year | |
for x in [b.month, b.day, b.hour, b.minute, b.second]: | |
f = '{}0{}'.format(f, x) if x < 10 else (f + (str(x) if isinstance(f, str) else x)) | |
return f | |
class Encrypter: | |
def __init__(self, public_key): | |
self.key = PKCS1_v1_5.new(RSA.importKey(public_key)) | |
def encrypt(self, text): | |
return b64encode(self.key.encrypt(text.encode('utf-8'))).decode('utf-8') |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
import requests | |
from bs4 import BeautifulSoup | |
from functions import find_str, glb_date, Encrypter | |
client = requests.Session() | |
url_form = 'https://web.bancofalabella.cl/Techbank/sso' | |
url_login = 'https://web.bancofalabella.cl/Techbank/index' | |
headers = { | |
'Content-Type': 'application/x-www-form-urlencoded;charset=UTF-8', | |
'Get-Form': 'true', | |
'User-Agent': 'Mozilla/5.0 (X11; Linux x86_64; rv:70.0) Gecko/20100101 Firefox/70.0', | |
'X-Requested-With': 'XMLHttpRequest' | |
} | |
rut1 = '11.111.111-1' | |
rut2 = rut1.replace('.', '').replace('-', '').upper() | |
pswd = '112233' | |
def run(): | |
print('[~] Loading login page to fetch public key...') | |
response = client.get(url_form) | |
print('[+] Login page loaded.') | |
html_form = response.text | |
public_key = find_str(html_form, 'clientFieldEncryptPublicKey\' value="', '\n" />') | |
if not public_key: | |
print('[!] Public key not found. Exiting...') | |
return | |
uuid1 = find_str(html_form, 'uuid" value="', '"') | |
if not uuid1: | |
print('[!] First UUID not found. Exiting...') | |
return | |
else: | |
print('[+] First UUID:', uuid1) | |
data_form = { | |
'seleccion': 'singleSelectDynamicAuthenticationByTipoNroDocFalaSeguridad', | |
'uuid': uuid1, | |
'IDContexto': 'null' | |
} | |
print('[~] Fetching input form...') | |
rform = client.post(url_login, data_form, headers=headers) | |
uuid2 = find_str(rform.text, 'name="uuid" value="', '"') | |
if not uuid2: | |
print('[!] Second UUID not found. Exiting...') | |
return | |
else: | |
print('[+] Second UUID:', uuid2) | |
k = Encrypter(public_key) | |
print('[+] Public key initialized') | |
# print(public_key) | |
form = { | |
'login_textField012': k.encrypt(rut1), | |
'_PASSWORD_textFieldClave02': k.encrypt(pswd), | |
'login_textFieldOcult': k.encrypt(rut2), | |
# 'IDContexto': 'null', | |
'execute': 'actionButtonIngresarBFCH', | |
# 'uuid': uuid2, | |
# 'isLandpage': 'true', | |
# 'glb_date': glb_date(), | |
} | |
print('[~] Sending login data...') | |
# print(repr(form)) | |
x = client.post(url_login, form, headers=headers) | |
print('[~] Login data sent') | |
print('[~] Response status code:', x.status_code) | |
# print('[~] ----- Request headers -----') | |
# print(x.request.headers) | |
# print('[~] ----- Request content -----') | |
# print(x.request.body) | |
# print('[~] ----- Response headers -----') | |
# print(x.headers) | |
if 'exception_container' in x.text: | |
print('[!] There was a server side exception.') | |
dom = BeautifulSoup(x.content, 'html.parser') | |
print('[!]', dom.find(class_='exception_container_title').text.strip()) | |
print('[!]', dom.find(class_='exception_container_msg').text.strip()) | |
return | |
elif x.text.strip() != 'successLogin': | |
print('[!] Something happened') | |
print('[~] ----- Response content -----') | |
print(x.text) | |
return | |
print('[+] Login successful!') | |
cont = client.post( | |
url_login, {'seleccion': 'massiveSelectCustomerOperationSeleccionConsolidadaFramework'}, headers=headers) | |
dom = BeautifulSoup(cont.text, 'html.parser') | |
print('Saldo cuenta corriente:', dom.find(attrs={'id': 'sectionAccount_repeat0_valorSaldoContable'}).text.strip()) | |
if __name__ == '__main__': | |
run() | |
print('Process finished.') |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment