jkcgs/functions.py

## functions.py
from Crypto.PublicKey import RSA
from Crypto.Cipher import PKCS1_v1_5
from base64 import b64encode
from datetime import datetime


def find_str(cont, ini, end):
    try:
        idx_ini = cont.index(ini) + len(ini)
        idx_end = cont[idx_ini:].index(end) + idx_ini
        return cont[idx_ini:idx_end]
    except ValueError:
        return ''


def glb_date():
    # basado en cyberbank.getDateForGlb
    # en js a veces suma enteros, y otras, concatena strings; aquí se trata de respetar eso
    b = datetime.now()
    f = b.year

    for x in [b.month, b.day, b.hour, b.minute, b.second]:
        f = '{}0{}'.format(f, x) if x < 10 else (f + (str(x) if isinstance(f, str) else x))

    return f


class Encrypter:
    def __init__(self, public_key):
        self.key = PKCS1_v1_5.new(RSA.importKey(public_key))

    def encrypt(self, text):
        return b64encode(self.key.encrypt(text.encode('utf-8'))).decode('utf-8')

## login.py
import requests
from bs4 import BeautifulSoup
from functions import find_str, glb_date, Encrypter
client = requests.Session()

url_form = 'https://web.bancofalabella.cl/Techbank/sso'
url_login = 'https://web.bancofalabella.cl/Techbank/index'

headers = {
    'Content-Type': 'application/x-www-form-urlencoded;charset=UTF-8',
    'Get-Form': 'true',
    'User-Agent': 'Mozilla/5.0 (X11; Linux x86_64; rv:70.0) Gecko/20100101 Firefox/70.0',
    'X-Requested-With': 'XMLHttpRequest'
}

rut1 = '11.111.111-1'
rut2 = rut1.replace('.', '').replace('-', '').upper()
pswd = '112233'


def run():
    print('[~] Loading login page to fetch public key...')
    response = client.get(url_form)
    print('[+] Login page loaded.')

    html_form = response.text
    public_key = find_str(html_form, 'clientFieldEncryptPublicKey\' value="', '\n" />')

    if not public_key:
        print('[!] Public key not found. Exiting...')
        return

    uuid1 = find_str(html_form, 'uuid" value="', '"')
    if not uuid1:
        print('[!] First UUID not found. Exiting...')
        return
    else:
        print('[+] First UUID:', uuid1)

    data_form = {
        'seleccion': 'singleSelectDynamicAuthenticationByTipoNroDocFalaSeguridad',
        'uuid': uuid1,
        'IDContexto': 'null'
    }

    print('[~] Fetching input form...')
    rform = client.post(url_login, data_form, headers=headers)
    uuid2 = find_str(rform.text, 'name="uuid" value="', '"')

    if not uuid2:
        print('[!] Second UUID not found. Exiting...')
        return
    else:
        print('[+] Second UUID:', uuid2)

    k = Encrypter(public_key)
    print('[+] Public key initialized')
    # print(public_key)

    form = {
        'login_textField012': k.encrypt(rut1),
        '_PASSWORD_textFieldClave02': k.encrypt(pswd),
        'login_textFieldOcult': k.encrypt(rut2),
        # 'IDContexto': 'null',
        'execute': 'actionButtonIngresarBFCH',
        # 'uuid': uuid2,
        # 'isLandpage': 'true',
        # 'glb_date': glb_date(),
    }

    print('[~] Sending login data...')
    # print(repr(form))
    x = client.post(url_login, form, headers=headers)
    print('[~] Login data sent')
    print('[~] Response status code:', x.status_code)

    # print('[~] ----- Request headers -----')
    # print(x.request.headers)
    # print('[~] ----- Request content -----')
    # print(x.request.body)
    # print('[~] ----- Response headers -----')
    # print(x.headers)

    if 'exception_container' in x.text:
        print('[!] There was a server side exception.')
        dom = BeautifulSoup(x.content, 'html.parser')
        print('[!]', dom.find(class_='exception_container_title').text.strip())
        print('[!]', dom.find(class_='exception_container_msg').text.strip())
        return
    elif x.text.strip() != 'successLogin':
        print('[!] Something happened')
        print('[~] ----- Response content -----')
        print(x.text)
        return

    print('[+] Login successful!')
    cont = client.post(
        url_login, {'seleccion': 'massiveSelectCustomerOperationSeleccionConsolidadaFramework'}, headers=headers)
    dom = BeautifulSoup(cont.text, 'html.parser')
    print('Saldo cuenta corriente:', dom.find(attrs={'id': 'sectionAccount_repeat0_valorSaldoContable'}).text.strip())


if __name__ == '__main__':
    run()
    print('Process finished.')
	from Crypto.PublicKey import RSA
	from Crypto.Cipher import PKCS1_v1_5
	from base64 import b64encode
	from datetime import datetime


	def find_str(cont, ini, end):
	try:
	idx_ini = cont.index(ini) + len(ini)
	idx_end = cont[idx_ini:].index(end) + idx_ini
	return cont[idx_ini:idx_end]
	except ValueError:
	return ''


	def glb_date():
	# basado en cyberbank.getDateForGlb
	# en js a veces suma enteros, y otras, concatena strings; aquí se trata de respetar eso
	b = datetime.now()
	f = b.year

	for x in [b.month, b.day, b.hour, b.minute, b.second]:
	f = '{}0{}'.format(f, x) if x < 10 else (f + (str(x) if isinstance(f, str) else x))

	return f


	class Encrypter:
	def __init__(self, public_key):
	self.key = PKCS1_v1_5.new(RSA.importKey(public_key))

	def encrypt(self, text):
	return b64encode(self.key.encrypt(text.encode('utf-8'))).decode('utf-8')
	import requests
	from bs4 import BeautifulSoup
	from functions import find_str, glb_date, Encrypter
	client = requests.Session()

	url_form = 'https://web.bancofalabella.cl/Techbank/sso'
	url_login = 'https://web.bancofalabella.cl/Techbank/index'

	headers = {
	'Content-Type': 'application/x-www-form-urlencoded;charset=UTF-8',
	'Get-Form': 'true',
	'User-Agent': 'Mozilla/5.0 (X11; Linux x86_64; rv:70.0) Gecko/20100101 Firefox/70.0',
	'X-Requested-With': 'XMLHttpRequest'
	}

	rut1 = '11.111.111-1'
	rut2 = rut1.replace('.', '').replace('-', '').upper()
	pswd = '112233'


	def run():
	print('[~] Loading login page to fetch public key...')
	response = client.get(url_form)
	print('[+] Login page loaded.')

	html_form = response.text
	public_key = find_str(html_form, 'clientFieldEncryptPublicKey\' value="', '\n" />')

	if not public_key:
	print('[!] Public key not found. Exiting...')
	return

	uuid1 = find_str(html_form, 'uuid" value="', '"')
	if not uuid1:
	print('[!] First UUID not found. Exiting...')
	return
	else:
	print('[+] First UUID:', uuid1)

	data_form = {
	'seleccion': 'singleSelectDynamicAuthenticationByTipoNroDocFalaSeguridad',
	'uuid': uuid1,
	'IDContexto': 'null'
	}

	print('[~] Fetching input form...')
	rform = client.post(url_login, data_form, headers=headers)
	uuid2 = find_str(rform.text, 'name="uuid" value="', '"')

	if not uuid2:
	print('[!] Second UUID not found. Exiting...')
	return
	else:
	print('[+] Second UUID:', uuid2)

	k = Encrypter(public_key)
	print('[+] Public key initialized')
	# print(public_key)

	form = {
	'login_textField012': k.encrypt(rut1),
	'_PASSWORD_textFieldClave02': k.encrypt(pswd),
	'login_textFieldOcult': k.encrypt(rut2),
	# 'IDContexto': 'null',
	'execute': 'actionButtonIngresarBFCH',
	# 'uuid': uuid2,
	# 'isLandpage': 'true',
	# 'glb_date': glb_date(),
	}

	print('[~] Sending login data...')
	# print(repr(form))
	x = client.post(url_login, form, headers=headers)
	print('[~] Login data sent')
	print('[~] Response status code:', x.status_code)

	# print('[~] ----- Request headers -----')
	# print(x.request.headers)
	# print('[~] ----- Request content -----')
	# print(x.request.body)
	# print('[~] ----- Response headers -----')
	# print(x.headers)

	if 'exception_container' in x.text:
	print('[!] There was a server side exception.')
	dom = BeautifulSoup(x.content, 'html.parser')
	print('[!]', dom.find(class_='exception_container_title').text.strip())
	print('[!]', dom.find(class_='exception_container_msg').text.strip())
	return
	elif x.text.strip() != 'successLogin':
	print('[!] Something happened')
	print('[~] ----- Response content -----')
	print(x.text)
	return

	print('[+] Login successful!')
	cont = client.post(
	url_login, {'seleccion': 'massiveSelectCustomerOperationSeleccionConsolidadaFramework'}, headers=headers)
	dom = BeautifulSoup(cont.text, 'html.parser')
	print('Saldo cuenta corriente:', dom.find(attrs={'id': 'sectionAccount_repeat0_valorSaldoContable'}).text.strip())


	if __name__ == '__main__':
	run()
	print('Process finished.')