ŌjOddlZddlZddlZddlZddlZddlZddlZddlZddlZddl Z ddl m Z ddl m Z ddlmZddlmZddlZGddZy)N)Optional)urlparse)requests)AESGCMc eZdZUiZeed<dZejdZ e e Z dZ dZ dZddd d d d Zd ZdZddddddddddddddddgZdEdededededdf d ZdFd!ed"ej,defd#Zdej,fd$Zdefd%ZdFd&ed'edefd(Zd)edefd*Zd+edefd,Zdefd-Zd.edefd/Zdefd0Z e!d1ed2e"de#fd3Z$d4ed5ed2e"defd6Z%d4ed5ed2e"defd7Z&d4ed5ed2e"defd8Z'e!de(fd9Z)e!d!ede*efd:Z+e!d!edefd;Z,e!d!ede*efd<Z-e!d=edefd>Z.e!d?edefd@Z/dAedefdBZ0dAedefdCZ1dFd!ed"ej,defdDZ2y)GAwsWaf_JS_CONFIG_CACHE@6f71a512b1e035eaab53d8be73120d3fb68a0ca346b9560aab3e5cdf753d5e98Ah72f957df656e80ba55f5d8ce2e8c7ccb59687dba3bfb273d54b08a261b2f3002Ah7b0c470f0cfe3a80a9e26526ad185f484f6817d0832712a4a37a908786a6a67fAha9faaffd31b4d5ede2a2e19d2d7fd525f66fee61911511960dcbb52d3c48ce25i(iiiz2.4.0zoMozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36zGoogle Inc. (Apple)zFANGLE (Apple, ANGLE Metal Renderer: Apple M2 Pro, Unspecified Version)awANGLE_instanced_arrays;EXT_blend_minmax;EXT_clip_control;EXT_color_buffer_half_float;EXT_depth_clamp;EXT_float_blend;EXT_frag_depth;EXT_shader_texture_lod;EXT_texture_compression_bptc;EXT_texture_compression_rgtc;EXT_texture_filter_anisotropic;EXT_sRGB;OES_element_index_uint;OES_standard_derivatives;OES_texture_float;OES_texture_float_linear;OES_texture_half_float;OES_texture_half_float_linear;OES_vertex_array_object;WEBGL_color_buffer_float;WEBGL_compressed_texture_s3tc;WEBGL_compressed_texture_s3tc_srgb;WEBGL_debug_renderer_info;WEBGL_debug_shaders;WEBGL_depth_texture;WEBGL_draw_buffers;WEBGL_lose_context;WEBGL_multi_drawvendormodel extensionszGoogle Inc. (AMD)zDANGLE (AMD, AMD Radeon(TM) Graphics Direct3D11 vs_5_0 ps_5_0, D3D11)afANGLE_instanced_arrays;EXT_blend_minmax;EXT_color_buffer_half_float;EXT_depth_clamp;EXT_float_blend;EXT_frag_depth;EXT_shader_texture_lod;EXT_texture_compression_bptc;EXT_texture_compression_rgtc;EXT_texture_filter_anisotropic;EXT_sRGB;OES_element_index_uint;OES_standard_derivatives;OES_texture_float;OES_texture_float_linear;OES_texture_half_float;OES_texture_half_float_linear;OES_vertex_array_object;WEBGL_color_buffer_float;WEBGL_compressed_texture_s3tc;WEBGL_compressed_texture_s3tc_srgb;WEBGL_debug_renderer_info;WEBGL_debug_shaders;WEBGL_depth_texture;WEBGL_draw_buffers;WEBGL_lose_context;WEBGL_multi_drawzGoogle Inc. (Intel)zKANGLE (Intel, Intel(R) Iris(R) Xe Graphics Direct3D11 vs_5_0 ps_5_0, D3D11)zGoogle Inc. (NVIDIA)zGANGLE (NVIDIA, NVIDIA GeForce RTX 3060 Direct3D11 vs_5_0 ps_5_0, D3D11)N websiteURLproxy userAgent impersonatereturncf||_||_|xs |j|_||_d|_yN)_AwsWaf__websiteURL_AwsWaf__proxy_AwsWaf__DEFAULT_UA_AwsWaf__userAgent_AwsWaf__impersonate_AwsWaf__jsConfig)selfrrrrs 1C:\Users\Sxnti\OneDrive\Desktop\amz\amazon\waf.py__init__zAwsWaf.__init__!s3'" &;$*;*;(!htmlsessionc tj}|j||\}}tj|z }dd|j|jxsd|||dddS#t$r}dt |d cYd}~Sd}~wwxYw) N)r+r,TzAWS WAF Challenge Token Bypassdirectz.2fs)statuscontexturlrtoken challenge timeTakenF)r0 description)time_AwsWaf__solveChallenger!r" Exceptionstr)r'r+r,startr3 challengeInfoelapsederrors r(solvez AwsWaf.solve)s @IIKE#'#8#8dG#8#T E=iikE)G;((1* '}A.  @#CJ? ? @sA&A)) B 2 B?B B cd|ji}|jr|j|jd|d<tjdi|S)Nrhttpshttpproxies)r%r"rSession)r'kwargss r( __makeSessionzAwsWaf.__makeSession<sD!3!34 <<*.,, MF9 )&))r*c 4ddddddddd d d |jd S) Nz?text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8en-US,en;q=0.9zno-cacheA"Chromium";v="136", "Google Chrome";v="136", "Not.A/Brand";v="99"?0 "Windows"documentnavigatenonez?11) acceptaccept-languagez cache-control sec-ch-uasec-ch-ua-mobilesec-ch-ua-platformsec-fetch-destsec-fetch-modesec-fetch-sitezsec-fetch-userzupgrade-insecure-requests user-agentr$)r's r( __pageHeaderszAwsWaf.__pageHeadersBsl[qAT^mpFJbmAK_i}CW[z}MQM]M]^ ^r*originrefererc Rdd|jddddddd d d }|r||d <|r||d <|S)Nz keep-aliverMrKrLz*/*z cross-sitecorsemptyzgzip, deflate, br, zstdrJ) connectionrVrZrTrUrRrYrXrWzaccept-encodingrSr]r^r[)r'r]r^hs r( __apiHeaderszAwsWaf.__apiHeadersEsk'{Z^ZjZjz}SWch|H\bv}Rk@P Q 6AhK 7AiLr* plaintextctjd}|jj||d}|dd|dd}}t j |j d|jd|jS)N iz::)osurandom_AwsWaf__AESGCMencryptbase64 b64encodedecodehex)r'reivciphertag ciphertexts r( __aesEncryptzAwsWaf.__aesEncryptKsv ZZ^&&r9d; ,t Z""2&--/03779+R @P?QRRr*datac6tj|dzdS)Nl08X)zlibcrc32)r'rus r(__crc32zAwsWaf.__crc32Qs**T"Z/45r*cttjdz}tj|j}t dDcgc]}tj dd}}tj dd|d<tj dd|d<idd dd d ddddd ddd d dd d |ddddddddddddddddddgdddddd d!|jd"d d#d$d%d d d d d d d d d&d'tjd'd$gd(d$d'tjd'd$gd)d d*d+|d,|d-|d.jd/d0d1dd2d3d4d5d6d7d8gggd9id8d:giid;dd d d'd'd'd'd'd'd'd'd'd'd'd? tj d@dAd|dBd$dddCd$i|tjd d zg|jttjdD Scc}w)ENir(i8i@metricsrr)fp2browser capabilitiesgpudntmathscreen navigatorautostealthsubtlecanvas formdetectorber; flashVersionpluginsz PDF Viewerz PDF Viewer )namer:zChrome PDF ViewerzChrome PDF Viewer zChromium PDF ViewerzChromium PDF Viewer zMicrosoft Edge PDF ViewerzMicrosoft Edge PDF Viewer zWebKit built-in PDFzWebKit built-in PDF dupedPluginszxPDF Viewer Chrome PDF Viewer Chromium PDF Viewer Microsoft Edge PDF Viewer WebKit built-in PDF ||1920-1080-1032-24-*-*-* screenInfoz1920-1080-1032-24-*-*-*referrerrlocation webDriverFr) textShadowWebkitTextStroke boxShadow borderRadius borderImageopacity transform transitionT supported)audio geolocation localStoragetouchvideo webWorker)cssjsr=rrrr;rrrz-1.4214488238747245z0.8178819121159085z-0.5753861119575491)tansincos automation properties)rNwindowrr)wdphantomr)t1t2imtemtdcrypto) rrrkdecryptwrapKey unwrapKeysignverifydigest deriveBits deriveKeygetRandomValues randomUUIDiGt&i$+)hash emailHash histogramBinssi) r formDetectednumFormsnumFormElementsrenderrorsversionid)intr7randomchoice_AwsWaf__GPU_PROFILESrange randranger$splitrandint_AwsWaf__FP_VERSIONr:uuiduuid4)r'tsr_binss r(__generateFingerprintzAwsWaf.__generateFingerprintTs$))+$%mmD//016s<A  B'<""5%0Q##E51R qQ!TU_`lm|}HIVWcdpqCDLMN R  D  mDObkGALaj@CALgpLCMXmvLOMN  W  3     ))      1!Z[mn@ANO^_op%qCGX^XeXegkmrfsXtFQ\alpELLNRTYMZ[y\ijk  c(mc'lRUVbRcRiRijmRno  4  1:NWlm  ,R2\^0_!`nz~FHJ}KnLM aqq5I! " aDT^bqu@DPT`dtxGK`dtxy# $ &// 9ETXkop!qQ-q!,,((djjl#1  =s G!fpctj|djd}|j|}|jddz|z}||fS)N,: separatorsutf-8ascii#)jsondumpsencode_AwsWaf__crc32)r'rpayloadchecksumcombineds r(__encodeFingerprintzAwsWaf.__encodeFingerprintvsN::bZ8??H<<(??7+d2W<!!r*ct|j}|j|\}}|j|}||fSr )_AwsWaf__generateFingerprint_AwsWaf__encodeFingerprint_AwsWaf__aesEncrypt)r'rrraw encrypteds r(__buildSignalPayloadzAwsWaf.__buildSignalPayload|s?  ' ' )004 #%%c* ""r*r difficultycVt|d\}}|d|d|zk7ry|r ||d|z z ryy)NFT)divmod)rrfullrems r(__checkDifficultyzAwsWaf.__checkDifficultys=:q) c %4=GdN *5 F4LQW-r*challengeInputrc ||z}|jd}tjdD]Y}|t|zjd}t j ||dddd}|j ||sNt|cSy)Nrrrr)saltnrpdklen)r itertoolscountr:hashlibscrypt_AwsWaf__checkDifficulty) r'rrrrrnoncepasswordrs r( __solveScryptzAwsWaf.__solveScryptsx!H,w'__Q'E 3u:-55g>H^^H43!qPRSF%%fj9#e*;L(r*c||zjd}tjdD]_}tj|t |jdzj }|j||sTt |cSy)Nrr)rrrrsha256r:rr )r'rrrrr rs r( __solveSha256zAwsWaf.__solveSha256sn"X-55g>__Q'E^^Hs5z/@/@/I$IJQQSF%%fj9#e*;L(r*c|jr|jdr|jdn |j}tjd|j |dzj dS)Nbandwidth_sizesrrr)r& _AwsWaf__DEFAULT_BANDWIDTH_SIZESrlrmgetrn)r'rrrsizess r(__solveBandwidthzAwsWaf.__solveBandwidths`6:oo$//ZkJl 12rvsQsQ%))J*F FGNNwWWr*cdtjdddddddddddddddddd ddd dddd dddd dddd ddddddddddddddddddddddddddddddddddddtjdddddddddtjdddddtjddddd tjd!d"ddd#dddgS)$N2rr)rvalueunit100101102103r104105106107108 undefined110111r1123r74rQ g@B@562<08)runiformrEr*r(__buildMetricszAwsWaf.__buildMetricss-V^^Aq%9c JQ 4uqZ]6^Q 4uqZ]6^Q 4uqZ]6^Q 4uqZ]6^Q 4{UV`c6dQ 4uqZ]6^Q 4{UV`c6dQc JQc JV^^B%;c JTc JV^^Aq%9c JV^^B%;c JV^^C%=c JQc J!  r*ctjd|tj}|r$tj|j dSy)Nz%window\.gokuProps\s*=\s*(\{.*?\})\s*;r)researchDOTALLrloadsgroupr+ms r(__extractGokuPropszAwsWaf.__extractGokuPropss5 II>bii P TZZ ++r*cjtjd|}|s td|jdS)Nz(src="https://([^"]+)/challenge[^"]*\.js"z"challenge.js src not found in pager)r8r9 ValueErrorr<r=s r(__extractWafHostzAwsWaf.__extractWafHosts/ IIA4 H #GHHwwqzr*cXtjd|}|r|jdSdS)Nz(src="(https://[^"]+/challenge[^"]*\.js)"r)r8r9r<r=s r(__extractChallengeJsUrlzAwsWaf.__extractChallengeJsUrls( IIA4 Hqwwqz(D(r*r2cdt|jxs|}|jdr|Sd|zS)Nzwww.)rhostname startswith)r2rcs r(__extractDomainzAwsWaf.__extractDomains0 SM " " )cLL(q8fqj8r*jsTextc .i}tjd|D]%}|jd||jd<'d\}}tjd|}|r"|jd}|jd}i}tjd|}|rt |jddt |jddt |jddzt |jd dt |jd dzt |jd dt |jd dzt |jd dt |jddzd}|||f|dS)Nz-'(h[0-9a-f]{8,})'[+].*?=\s*'((?:mp_)?verify)'rr solution_datasolution_metadatazN'verify'\s*,\s*'\w+'\s*:\s*'(solution_\w+)'\s*,\s*'\w+'\s*:\s*'(solution_\w+)'zcase\s+0x1:return\s+(0x[0-9a-f]+);case\s+0x2:return[^;]*\((0x[0-9a-f]+),(0x[0-9a-f]+)\);case\s+0x3:return[^;]*\((0x[0-9a-f]+),(0x[0-9a-f]+)\);case\s+0x4:return[^;]*\((0x[0-9a-f]+),(0x[0-9a-f]+)\);case\s+0x5:return[^;]*\((0x[0-9a-f]+),(0x[0-9a-f]+)\)rrrrrr r)challenge_typesmp_field_namesr)r8finditerr<r9r)rIchallengeTypesr>mpSolutionFieldmpMetadataField fieldMatchbandwidthSizes sizeMatchs r(__parseChallengeJszAwsWaf.__parseChallengeJsszMvVA)*N1771: &W,P(YYprxy (..q1O(..q1OII EGM N yq)2.yq)2.Y__Q5G1LLyq)2.Y__Q5G1LLyq)2.Y__Q5G1LLyq)2.Y__Q5G1LL N$2oWfEg}KL Lr* challengeTypec||jk(ry|jrE|jd}||vr||S|jD]\}}|j|s|cSy)N mp_verifyrPr)_AwsWaf__CHALLENGE_BANDWIDTHr&itemsrG)r'rZctprefixendpoints r( __getEndpointzAwsWaf.__getEndpointsf D66 6{ ??!23B"2m+<$<$&HHJ  ++F3H_%/r*c|j|jdf|j|jdf|j|j dfi}||vr||S|j |dk(r|j dfStd|)Nr r bandwidthr\zUnknown challenge_type: )_AwsWaf__CHALLENGE_SCRYPT_AwsWaf__solveScrypt_AwsWaf__CHALLENGE_SHA256_AwsWaf__solveSha256r]_AwsWaf__solveBandwidth_AwsWaf__getEndpointrA)r'rZsolverss r( __getSolverzAwsWaf.__getSolvers  # #););(I  # #););(I  & &)>)> (L  G #=) )   m , ;));7 73M?CDDr*c |xs|j}|j}|j|}t|}|jd|j }d}|j }|O|j|_|j||} | j}| jjd}|j|} | std||j|} |j|} | |jvr|j| |_ne |j#|||_|j| |} |j%| j|_|j |j| <|j#|||_|jd| d|j)}|j+\}}|d}|d }|d }|jd d }|j-|\}}||||}|j/|}|j#|||_|d k(r|j r|j dnd\}}t)j0|ddd|idg|d||j3dd| rd| inid}d|j4i}|d|f|d|fi}|j6r8t9j:d| d||||j6|j6d|} n!||_|j;d| d|||} | j)}ne|||dd|idgdd||j3d}i|j#||ddi|_|j;d| d ||!} | j)}d"|vrtd#||d||xsd d$} |d"| fS#t&$r d|_YEwxYw)%Nz://)timeoutzx-amzn-waf-actionz!No AWS WAF challenge detected on )r]r^zhttps://z/inputs?client=browserchallenge_typerr4inputrr\rQrKZoeyPresent)rrBrowser)r4solutionsignalsrclientdomainrexisting_token goku_propsrrrZ/rA)filesheadersrDrn)r{rn)r4rrtrurxrvrwrz content-typeztext/plain;charset=UTF-8z/verify)rrnr3zNo token in response: )solverra wafAction)_AwsWaf__makeSessionr!_AwsWaf__extractDomainrschemerF _HTTP_TIMEOUT_AwsWaf__pageHeadersr|rtext_AwsWaf__extractChallengeJsUrl RuntimeError_AwsWaf__extractGokuProps_AwsWaf__extractWafHostr r&_AwsWaf__apiHeaders_AwsWaf__parseChallengeJsr9r_AwsWaf__buildSignalPayload_AwsWaf__getSolverrjr_AwsWaf__buildMetricsr$r" std_requestspost)!r'r+r,r2rwparsedr]r~rnrespchallengeJsUrl gokuPropswafHostjsRespinputsrencryptedSignalsrZrr4rsolverFn solverNamert endpointName solutionField metadataFieldmetadata mp_headersmp_filesresultrr<s! r(__solveChallengezAwsWaf.__solveChallengesh1T//1%%((-SM}}oS(9: && <"002GO;;sG;4D99D (()<=I55d;!B3%HI I++D1 ))$/ T22 2"33NCDO '"&"3"363"3"O ^WE"&"9"9&++"F8<%%n5++63+Gxy0FGQXY^^`%)%>%>%@"" 01  -  , "w3#// >*NHjA))-8 ++63+G ; &59__ 01; )M=zz&D%+yBR6STU$ V..0D # 1:L),r # % &H'(8(89J%h'7xHXYH||#((wiq7"J&*llDLLI# #-||wiq7"G$YY[F$-8QYpvCLN^B_h`gauyENZ`mqm@m@mBCG{!2!2&#!2!N{P^`z{GO<<(7)7 ;'SZ<[DYY[F & 7MfX5V(W"W#-Q|n;M\e\titu g --q '"& 'sA$N44OO)NNchrome)NN)3__name__ __module__ __qualname__r dict__annotations__rbytesfromhex_AwsWaf__AES_KEYrrjrergr]rrr#rr:r)rrFr?rrrrrrtuplerr staticmethodrboolr rfrhrilistrrrrrrrrjrr8rEr*r(rr sNdM `aIy!H___$)klx\j kLEL)4|MF G &4zKs t (5BRz { )4}Nv w N"3"s"c"_b"rv"@#@x/?/?@4@&*x//* ^t^3t SeSS 6E6c6  t  D"d"u" #e# %ST MCM3MCMTWMMCM3MCMTWM XsXcXsXWZX D  ($ ss )c)hsm))9S9S99L3L4LL: 3 3  E E EV.SV.(:J:JV.V[V.r*r)rhr8rr7rxrrlrrrtypingr urllib.parser curl_cffir+cryptography.hazmat.primitives.ciphers.aeadrrrrEr*r(rs/IIIII!>H.H.r*