enigmaquip/flex-account-management
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

Fix for account verifications

Browse Source
This commit is contained in:
enigmaquip
2019-02-14 10:04:01 -07:00
parent 510c3d7bcc
commit 69d1d468f7
3 changed files with 69 additions and 68 deletions
Download Patch File Download Diff File Expand all files Collapse all files

BIN
account-management.exe
View File

Binary file not shown.

62
amazon-api.json
View File

@@ -1,62 +0,0 @@
{
"api_payload": {
"auth_data": {
"use_global_authentication": "true",
"user_id_password": {
"user_id": "email",
"password": "password"
}
},
"registration_data": {
"domain": "Device",
"device_type": "A1MPSLFC7L5AFK",
"device_serial": "94908c6a28ff4aa191ef6dc9f3d7a5fe",
"app_name": "com.amazon.rabbit",
"app_version": "303558483",
"device_model": "A0001",
"os_version": "oneplus\/bacon\/A0001:6.0.1\/MHC19Q\/ZNH2KAS1KN:user\/release-keys",
"software_version": "130050002"
},
"requested_token_type": [
"bearer",
"mac_dms",
"store_authentication_cookie",
"website_cookies"
],
"cookies": {
"domain": "amazon.com",
"website_cookies": []
},
"user_context_map": {
"frc": "AAaX8sTizWltIgbmD8Dlozbdss3Evn2UXP1OZ9jsqgmXa0fzhs6KH1FfP2mVf6kRsWz2LrxvfAIRbqWJMLNt8YAgxaz524w+voVxKvhjUKfi+LTfL+fGv\/HqJSUn76flmj1hvWzGrRkmSxOmb2uA2VVuMlVwZeCAbvoDTXrBvPLbMUNDL6Ydqf7qz\/Pv4jvFNOS5dRhvwfdt8iuYec8W1iXB\/UwLMCSnJqXMzEh0yhHnBIhZpsWzmwBORJ9ePySqtooYl7F9h6BJhhcDfMWVgaN7Y4Tb926j+1a6auCoGW5o3rei1lUlSwrIokENDEhg+NpJtCfm+7IYrsyVUYplGZQtrwOPukW0109+xBxTY5iGsn\/Je1NThQa7\/H6CQ7xth1mEaAiQNASBj18Iknij7cZ3MOWBp88orQ=="
},
"device_metadata": {
"device_os_family": "android",
"device_type": "A1MPSLFC7L5AFK",
"device_serial": "94908c6a28ff4aa191ef6dc9f3d7a5fe",
"mac_address": "C248C629AF1FE0A8C46B95668064C1D2952A9E91D207BC0CC3C5D584C2F7553A",
"imei": "31C64C373E1BCA0EBE4C1916A7BBCDD39FAA98557290DF38B6748F3863C6D256",
"manufacturer": "OnePlus",
"model": "A0001",
"os_version": "23",
"android_id": "c3510a10140e5b33",
"build_serial": "16f68f70",
"product": "bacon"
},
"requested_extensions": [
"device_info",
"customer_info"
]
},
"headers": {
"login": "Dalvik\/2.1.0 (Linux; U; Android 6.0.1 Build\/MOI10E)",
"refresh": "AmazonWebView\/MAPClientLib\/130050002\/Android\/6.0.1\/A0001",
"main": "Dalvik\/2.1.0 (Linux; U; Android 6.0.1 Build\/MOI10E) RabbitAndroid\/3.7.33.0",
"app_instance": "d266005d-1ff8-4097-9499-152bc756c0d5",
"map_version": {
"current_version": "20180807N",
"package_name": "com.amazon.rabbit",
"platform": "Android"
}
}
}

73
token.go
View File

@@ -209,11 +209,11 @@ func login() {
if err != nil { if err != nil {
fmt.Println(err) fmt.Println(err)
} }
if response.Response.Challenge.Reason == "MissingRequiredAuthenticationData" {
if response.Response.Challenge.Method == "OTPCode" {
client3 := &http.Client{Jar: cookieJar, CheckRedirect: func(req *http.Request, via []*http.Request) error { client3 := &http.Client{Jar: cookieJar, CheckRedirect: func(req *http.Request, via []*http.Request) error {
return http.ErrUseLastResponse return http.ErrUseLastResponse
}} }}
if response.Response.Challenge.Reason == "MissingRequiredAuthenticationData" {
if response.Response.Challenge.Method == "OTPCode" {
fmt.Println("Account set for 2 Factor Authentication") fmt.Println("Account set for 2 Factor Authentication")
fmt.Print("Enter One Time Code: ") fmt.Print("Enter One Time Code: ")
scanner.Scan() scanner.Scan()
@@ -222,10 +222,10 @@ func login() {
stuff := re.FindAllStringSubmatch(string(body), -1) stuff := re.FindAllStringSubmatch(string(body), -1)
data2 := url.Values{} data2 := url.Values{}
for _, value := range stuff { for _, value := range stuff {
data2.Add(value[1], value[2]) data2.Set(value[1], value[2])
} }
data2.Add("otpCode", otp) data2.Set("otpCode", otp)
data2.Add("rememberDevice", "") data2.Set("rememberDevice", "")
req3, _ := http.NewRequest("POST", "https://www.amazon.com/ap/signin", strings.NewReader(data2.Encode())) req3, _ := http.NewRequest("POST", "https://www.amazon.com/ap/signin", strings.NewReader(data2.Encode()))
req3.Header.Add("x-amzn-identity-auth-domain", ".amazon.com") req3.Header.Add("x-amzn-identity-auth-domain", ".amazon.com")
req3.Header.Add("User-Agent", api.Headers.Login) req3.Header.Add("User-Agent", api.Headers.Login)
@@ -248,19 +248,82 @@ func login() {
} else { } else {
fmt.Println(response.Response.Challenge) fmt.Println(response.Response.Challenge)
fmt.Println("MissingRequiredAuthenticationData - Unknown Method") fmt.Println("MissingRequiredAuthenticationData - Unknown Method")
os.Exit(0)
} }
} else if response.Response.Challenge.Reason == "HandleOnWebView" { } else if response.Response.Challenge.Reason == "HandleOnWebView" {
fmt.Println("HandleOnWebView") fmt.Println("HandleOnWebView")
if strings.Contains(referer, "CAPTCHA") {
fmt.Println("CAPTCHA Verification Required")
} else {
fmt.Println("Verification Code Required")
re := regexp.MustCompile(`<input type="hidden" name="(.+?)" value="(.+?)"`)
stuff := re.FindAllStringSubmatch(string(body), -1)
data2 := url.Values{}
for _, value := range stuff {
data2.Set(value[1], value[2])
}
data2.Set("option", "email")
req3, _ := http.NewRequest("POST", "https://www.amazon.com/ap/cvf/verify", strings.NewReader(data2.Encode()))
req3.Header.Add("x-amzn-identity-auth-domain", ".amazon.com")
req3.Header.Add("User-Agent", api.Headers.Login)
req3.Header.Add("Content-Type", "application/x-www-form-urlencoded")
resp3, err := client2.Do(req3)
if err != nil {
fmt.Println(err)
}
if resp3.StatusCode == 200 {
fmt.Println("Code Sent to Email")
fmt.Print("Verification Code: ")
scanner.Scan()
data2.Del("option")
data2.Set("code", scanner.Text())
data2.Set("action", "code")
req4, _ := http.NewRequest("POST", "https://www.amazon.com/ap/cvf/verify", strings.NewReader(data2.Encode()))
req4.Header.Add("x-amzn-identity-auth-domain", ".amazon.com")
req4.Header.Add("User-Agent", api.Headers.Login)
req4.Header.Add("Content-Type", "application/x-www-form-urlencoded")
resp4, err := client3.Do(req4)
if err != nil {
fmt.Println(err)
}
if resp4.StatusCode == 302 {
redir := resp4.Header.Get("Location")
if strings.Contains(redir, "signin") {
req5, _ := http.NewRequest("GET", redir, nil)
req5.Header.Add("x-amzn-identity-auth-domain", ".amazon.com")
req5.Header.Add("User-Agent", api.Headers.Login)
resp5, err := client3.Do(req5)
if err != nil {
fmt.Println(err)
}
if resp5.StatusCode == 302 {
redir2 := resp5.Header.Get("Location")
if strings.Contains(redir2, "maplanding") {
fmt.Println("Verification Successful")
redir_url, _ := url.Parse(redir2)
data3 := redir_url.Query()
token := data3.Get("openid.oa2.access_token")
api.Payload.AuthData.AccessToken = token
login()
}
}
}
}
}
}
} else if response.Response.Challenge.Reason == "AuthenticationFailed" { } else if response.Response.Challenge.Reason == "AuthenticationFailed" {
fmt.Println("Login Failed - Incorrect User/Pass") fmt.Println("Login Failed - Incorrect User/Pass")
os.Exit(0)
} else { } else {
fmt.Println(response.Response.Challenge) fmt.Println(response.Response.Challenge)
fmt.Println("Login Failed due to Challenge") fmt.Println("Login Failed due to Challenge")
os.Exit(0)
} }
} else { } else {
fmt.Println("Login Failed for unknown reason") fmt.Println("Login Failed for unknown reason")
fmt.Println(resp.Status) fmt.Println(resp.Status)
io.Copy(os.Stdout, resp.Body) io.Copy(os.Stdout, resp.Body)
os.Exit(0)
} }
} }