o ŌjO@sddlZddlZddlZddlZddlZddlZddlZddlZddlZddl Z ddl m Z ddl m Z ddlmZddlmZddlZGdddZdS)N)Optional)urlparse)requests)AESGCMc @speZdZUiZeed<dZedZ e e Z dZ dZ dZddd d d d Zd ZdZddddddddddddddddgZd]dedededed df d!d"Zd^d#ed$ejd efd%d&Zd ejfd'd(Zd efd)d*Zd^d+ed,ed efd-d.Zd/ed efd0d1Zd2ed efd3d4Zd efd5d6Zd7ed efd8d9Zd efd:d;Z e!dd?Z$d@edAed=e"d efdBdCZ%d@edAed=e"d efdDdEZ&d@edAed=e"d efdFdGZ'e!d e(fdHdIZ)e!d#ed e*efdJdKZ+e!d#ed efdLdMZ,e!d#ed e*efdNdOZ-e!dPed efdQdRZ.e!dSed efdTdUZ/dVed efdWdXZ0dVed efdYdZZ1d^d#ed$ejd efd[d\Z2dS)_AwsWaf_JS_CONFIG_CACHEZ@6f71a512b1e035eaab53d8be73120d3fb68a0ca346b9560aab3e5cdf753d5e98ZAh72f957df656e80ba55f5d8ce2e8c7ccb59687dba3bfb273d54b08a261b2f3002ZAh7b0c470f0cfe3a80a9e26526ad185f484f6817d0832712a4a37a908786a6a67fZAha9faaffd31b4d5ede2a2e19d2d7fd525f66fee61911511960dcbb52d3c48ce25i(iiiz2.4.0zoMozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36zGoogle Inc. (Apple)zFANGLE (Apple, ANGLE Metal Renderer: Apple M2 Pro, Unspecified Version)awANGLE_instanced_arrays;EXT_blend_minmax;EXT_clip_control;EXT_color_buffer_half_float;EXT_depth_clamp;EXT_float_blend;EXT_frag_depth;EXT_shader_texture_lod;EXT_texture_compression_bptc;EXT_texture_compression_rgtc;EXT_texture_filter_anisotropic;EXT_sRGB;OES_element_index_uint;OES_standard_derivatives;OES_texture_float;OES_texture_float_linear;OES_texture_half_float;OES_texture_half_float_linear;OES_vertex_array_object;WEBGL_color_buffer_float;WEBGL_compressed_texture_s3tc;WEBGL_compressed_texture_s3tc_srgb;WEBGL_debug_renderer_info;WEBGL_debug_shaders;WEBGL_depth_texture;WEBGL_draw_buffers;WEBGL_lose_context;WEBGL_multi_drawvendormodel extensionszGoogle Inc. (AMD)zDANGLE (AMD, AMD Radeon(TM) Graphics Direct3D11 vs_5_0 ps_5_0, D3D11)afANGLE_instanced_arrays;EXT_blend_minmax;EXT_color_buffer_half_float;EXT_depth_clamp;EXT_float_blend;EXT_frag_depth;EXT_shader_texture_lod;EXT_texture_compression_bptc;EXT_texture_compression_rgtc;EXT_texture_filter_anisotropic;EXT_sRGB;OES_element_index_uint;OES_standard_derivatives;OES_texture_float;OES_texture_float_linear;OES_texture_half_float;OES_texture_half_float_linear;OES_vertex_array_object;WEBGL_color_buffer_float;WEBGL_compressed_texture_s3tc;WEBGL_compressed_texture_s3tc_srgb;WEBGL_debug_renderer_info;WEBGL_debug_shaders;WEBGL_depth_texture;WEBGL_draw_buffers;WEBGL_lose_context;WEBGL_multi_drawzGoogle Inc. (Intel)zKANGLE (Intel, Intel(R) Iris(R) Xe Graphics Direct3D11 vs_5_0 ps_5_0, D3D11)zGoogle Inc. (NVIDIA)zGANGLE (NVIDIA, NVIDIA GeForce RTX 3060 Direct3D11 vs_5_0 ps_5_0, D3D11)Nchrome websiteURLproxy userAgent impersonatereturncCs(||_||_|p |j|_||_d|_dSN)_AwsWaf__websiteURL_AwsWaf__proxy_AwsWaf__DEFAULT_UA_AwsWaf__userAgent_AwsWaf__impersonate_AwsWaf__jsConfig)selfrrrrr"'/Users/user/Downloads/amz/amazon/waf.py__init__!s   zAwsWaf.__init__htmlsessionc Csz&t}|j||d\}}t|}dd|j|jpd|||dddWSty?}z dt|d WYd}~Sd}~ww) N)r%r&TzAWS WAF Challenge Token Bypassdirectz.2fs)statuscontexturlrtoken challenge timeTakenF)r) description)time_AwsWaf__solveChallengerr Exceptionstr)r!r%r&startr, challengeInfoelapsederrorr"r"r#solve)s    z AwsWaf.solvecCs2d|ji}|jr|j|jd|d<tjdi|S)Nrhttpshttpproxiesr")rrrSession)r!kwargsr"r"r#Z __makeSession<s zAwsWaf.__makeSessionc Cs ddddddddd d d |jd S) Nz?text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8en-US,en;q=0.9zno-cacheA"Chromium";v="136", "Google Chrome";v="136", "Not.A/Brand";v="99"?0 "Windows"documentnavigatenonez?11) acceptaccept-languagez cache-control sec-ch-uasec-ch-ua-mobilesec-ch-ua-platformsec-fetch-destsec-fetch-modesec-fetch-sitezsec-fetch-userzupgrade-insecure-requests user-agentr)r!r"r"r#Z __pageHeadersBs zAwsWaf.__pageHeadersoriginrefererc Cs:dd|jddddddd d d }|r||d <|r||d <|S)Nz keep-aliverBr@rAz*/*z cross-siteZcorsemptyzgzip, deflate, br, zstdr?) connectionrKrOrIrJrGrNrMrLzaccept-encodingrHrQrRrP)r!rQrRhr"r"r#Z __apiHeadersEs  zAwsWaf.__apiHeaders plaintextcCsZtd}|j||d}|dd|dd}}t|d|d|S)N iz::)osurandom_AwsWaf__AESGCMencryptbase64 b64encodedecodehex)r!rVivciphertag ciphertextr"r"r#Z __aesEncryptKs &zAwsWaf.__aesEncryptdatacCst|d@dS)Nl08X)zlibcrc32)r!rdr"r"r#Z__crc32QszAwsWaf.__crc32cCsttd}t|j}ddtdD}tdd|d<tdd|d<id d dd d ddddd ddd d dd d|ddddddddddddddddddgddddd d!d"|jd#d!d$d%d&d d d d d d d d d'd(td(d%gd)d%d(td(d%gd*d d+d,|d-|d.|d/d0d1d2dd3d4d5d6d7d8d9gggd:id9d;giid<d=ddd dd%d>d?d d d(d(d(d(d(d(d(d(d(d(d(d@ tdAdBd|dCd%dddDd%i|t d d g|j t t dE S)FNicSsg|]}tddqS)r()random randrange).0_r"r"r# Wsz0AwsWaf.__generateFingerprint..i8i@rmetricsr r)fp2browser capabilitiesgpudntmathscreen navigatorautostealthsubtlecanvasZ formdetectorber4 flashVersionpluginsz PDF Viewerz PDF Viewer )namer3zChrome PDF ViewerzChrome PDF Viewer zChromium PDF ViewerzChromium PDF Viewer zMicrosoft Edge PDF ViewerzMicrosoft Edge PDF Viewer zWebKit built-in PDFzWebKit built-in PDF dupedPluginszxPDF Viewer Chrome PDF Viewer Chromium PDF Viewer Microsoft Edge PDF Viewer WebKit built-in PDF ||1920-1080-1032-24-*-*-* screenInfoz1920-1080-1032-24-*-*-*referrerrlocation webDriverFrt) textShadowWebkitTextStroke boxShadow borderRadius borderImageopacity transform transitionT supported)audio geolocation localStoragetouchvideo webWorker)cssjsr6rurrr;rrvrwz-1.4214488238747245z0.8178819121159085z-0.5753861119575491)tansincos automation properties)rCwindowryr)wdphantomr{)t1t2iZmteZmtdcrypto) rr|r[decryptZwrapKeyZ unwrapKeysignverifydigestZ deriveBitsZ deriveKeyZgetRandomValuesZ randomUUIDiGt&i$+)hash emailHash histogramBinssi) r}Z formDetectedZnumFormsZnumFormElementsr~enderrorsversionid)intr0richoice_AwsWaf__GPU_PROFILESrangerjrsplitrandint_AwsWaf__FP_VERSIONr3uuiduuid4)r!tsrubinsr"r"r#Z__generateFingerprintTs` ",  @      zAwsWaf.__generateFingerprintfpcCs8tj|ddd}||}|dd|}||fS)N,: separatorsutf-8ascii#)jsondumpsencode_AwsWaf__crc32)r!rpayloadchecksumcombinedr"r"r#Z__encodeFingerprintvs zAwsWaf.__encodeFingerprintcCs(|}||\}}||}||fSr)_AwsWaf__generateFingerprint_AwsWaf__encodeFingerprint_AwsWaf__aesEncrypt)r!rrraw encryptedr"r"r#Z__buildSignalPayload|s zAwsWaf.__buildSignalPayloadr difficultycCsBt|d\}}|d|d|krdS|r||d|?rdSdS)NFT)divmod)rrfullremr"r"r#Z__checkDifficultyszAwsWaf.__checkDifficultychallengeInputrc Csf||}|d}tdD]"}|t|d}tj||ddddd}|||r0t|SqdS)Nrrrr )saltnrpZdklen)r itertoolscountr3hashlibscrypt_AwsWaf__checkDifficulty) r!rrrrrnoncepasswordrr"r"r#Z __solveScrypts zAwsWaf.__solveScryptcCsV||d}tdD]}t|t|d}|||r(t|Sq dS)Nrr)rrrrsha256r3rr)r!rrrrrrr"r"r#Z __solveSha256s zAwsWaf.__solveSha256cCs<|jr |jdr |jdn|j}td||ddS)Nbandwidth_sizesrr r)r _AwsWaf__DEFAULT_BANDWIDTH_SIZESr\r]getr^)r!rrrsizesr"r"r#Z__solveBandwidths zAwsWaf.__solveBandwidthcCsdtdddddddddddddddddd ddd dddd dddd dddd ddddddddddddddddddddddddddddddddddddtdddddddddtdddddtddddd td!d"ddd#dddgS)$N2rr )rvalueunitZ100Z101Z102Z103rZ104Z105Z106Z107Z108 undefinedZ110Z111r Z1123r74rF g@B@562<08)riuniformr"r"r"r#Z__buildMetricss"    zAwsWaf.__buildMetricscCs(td|tj}|rt|dSdS)Nz%window\.gokuProps\s*=\s*(\{.*?\})\s*;r )researchDOTALLrloadsgroupr%mr"r"r#Z__extractGokuPropsszAwsWaf.__extractGokuPropscCs"td|}|s td|dS)Nz(src="https://([^"]+)/challenge[^"]*\.js"z"challenge.js src not found in pager )rr ValueErrorrrr"r"r#Z__extractWafHosts   zAwsWaf.__extractWafHostcCstd|}|r |dSdS)Nz(src="(https://[^"]+/challenge[^"]*\.js)"r )rrrrr"r"r#Z__extractChallengeJsUrls zAwsWaf.__extractChallengeJsUrlr+cCs$t|jp|}|dr|Sd|S)Nzwww.)rhostname startswith)r+rUr"r"r#Z__extractDomainszAwsWaf.__extractDomainjsTextc Csi}td|D] }|d||d<qd\}}td|}|r+|d}|d}i}td|}|r{t|ddt|ddt|ddt|d dt|d dt|d dt|d dt|d dt|ddd}|||f|dS)Nz-'(h[0-9a-f]{8,})'[+].*?=\s*'((?:mp_)?verify)'r r Z solution_dataZsolution_metadatazN'verify'\s*,\s*'\w+'\s*:\s*'(solution_\w+)'\s*,\s*'\w+'\s*:\s*'(solution_\w+)'zcase\s+0x1:return\s+(0x[0-9a-f]+);case\s+0x2:return[^;]*\((0x[0-9a-f]+),(0x[0-9a-f]+)\);case\s+0x3:return[^;]*\((0x[0-9a-f]+),(0x[0-9a-f]+)\);case\s+0x4:return[^;]*\((0x[0-9a-f]+),(0x[0-9a-f]+)\);case\s+0x5:return[^;]*\((0x[0-9a-f]+),(0x[0-9a-f]+)\)rr rrrqr r )challenge_typesmp_field_namesr)rfinditerrrr)rZchallengeTypesrZmpSolutionFieldZmpMetadataFieldZ fieldMatchZbandwidthSizesZ sizeMatchr"r"r#Z__parseChallengeJss*   zAwsWaf.__parseChallengeJs challengeTypecCsV||jkrdS|jr)|jd}||vr||S|D] \}}||r(|SqdS)N mp_verifyr r)_AwsWaf__CHALLENGE_BANDWIDTHr itemsr)r!rctprefixendpointr"r"r#Z __getEndpoints zAwsWaf.__getEndpointcCs^|j|jdf|j|jdf|j|jdfi}||vr||S||dkr(|jdfStd|)Nrr bandwidthrzUnknown challenge_type: )_AwsWaf__CHALLENGE_SCRYPT_AwsWaf__solveScrypt_AwsWaf__CHALLENGE_SHA256_AwsWaf__solveSha256r_AwsWaf__solveBandwidth_AwsWaf__getEndpointr)r!rZsolversr"r"r#Z __getSolvers    zAwsWaf.__getSolverc! Cs|p|}|j}||}t|}|jd|j}d}|j}|dur9||_|j ||d} | j }| j d}| |} | sGt d|| |} ||} | |jvr]|j| |_n+z|j||d|_|j | |d} || j |_|j|j| <Wn tyd|_Ynw|j||d|_|j d| d|d}|\}}|d}|d }|d }| d d }||\}}||||}||}|j||d|_|d kr?|jr|jdnd\}}tj|ddd|idg|d||dd| rd| inidd}d|ji}|d|f|d|fi}|jr)tjd| d||||j|jd|d} n||_|jd| d|||d} | }n1|||dd|idgdd||d}i|j||dddi|_|jd| d ||d!} | }d"|vr|t d#||d||pd d$} |d"| fS)%Nz://)timeoutzx-amzn-waf-actionz!No AWS WAF challenge detected on )rQrRzhttps://z/inputs?client=browserZchallenge_typerr-inputrrr rZZoeyZPresent)rrZBrowser)r-solutionsignalsrclientdomainrpexisting_tokenZ goku_propsrrrO/r9)filesheadersr<r)r$r)r-rrrr"r r!rpz content-typeztext/plain;charset=UTF-8z/verify)rrr,zNo token in response: )Zsolverr wafAction)_AwsWaf__makeSessionr_AwsWaf__extractDomainrschemer _HTTP_TIMEOUT_AwsWaf__pageHeadersr%rtext_AwsWaf__extractChallengeJsUrl RuntimeError_AwsWaf__extractGokuProps_AwsWaf__extractWafHostrr _AwsWaf__apiHeaders_AwsWaf__parseChallengeJsr2r_AwsWaf__buildSignalPayload_AwsWaf__getSolverrr_AwsWaf__buildMetricsrr std_requestspost)!r!r%r&r+r!parsedrQr&rrespZchallengeJsUrlZ gokuPropsZwafHostZjsRespZinputsrZencryptedSignalsrrr-rZsolverFnZ solverNamerZ endpointNameZ solutionFieldZ metadataFieldmetadataZ mp_headersZmp_filesresultrr5r"r"r#Z__solveChallenges                  & zAwsWaf.__solveChallenge)NNr)NN)3__name__ __module__ __qualname__rdict__annotations__r*bytesfromhexZ_AwsWaf__AES_KEYrrZrrrrrrrr3r$rr=r8r'r+r1rrrtuplerr3 staticmethodrboolrrrrlistr5rr/r0r-r(r2rr4r1r"r"r"r#r s\       "  r)rXrrr0rfrr\rirrtypingr urllib.parser curl_cffir+cryptography.hazmat.primitives.ciphers.aeadrr6rr"r"r"r#sP