Add main.py
This commit is contained in:
parent
e20232281b
commit
b4a7877732
|
@ -0,0 +1,154 @@
|
|||
import requests, datetime, hashlib, hmac, jwt
|
||||
from urllib3.util import SKIP_HEADER
|
||||
|
||||
device_model = "Redmi Note 7" # change to spoof another device
|
||||
debug = False # True to enable debug
|
||||
|
||||
api_base = "https://myid.sieltecloud.it/mobileapi/"
|
||||
headers = {
|
||||
"User-Agent": SKIP_HEADER,
|
||||
"Accept-Encoding": SKIP_HEADER,
|
||||
"Accept": None,
|
||||
"Connection": None,
|
||||
}
|
||||
|
||||
def auth(cf: str, password: str) -> object:
|
||||
url = api_base + "verifyCredentials"
|
||||
data = {
|
||||
"fiscalNumber": cf,
|
||||
"userPassword": password
|
||||
}
|
||||
s = requests.Session()
|
||||
s.headers = {}
|
||||
response = s.post(url, data=data, headers=headers, timeout=60)
|
||||
if debug:
|
||||
print("verifyCredentials: ", response.text)
|
||||
return response.json()
|
||||
|
||||
def create_api_token(user_id: str, secret_key: str) -> str:
|
||||
payload = {
|
||||
"str": datetime.datetime.now(datetime.UTC).strftime("%d/%m/%Y %H:%M:%S"),
|
||||
"usetz": "True"
|
||||
}
|
||||
return jwt.encode(payload, secret_key, algorithm="HS256")
|
||||
|
||||
def generate_token(cf: str, auth_token: str, password: str) -> object:
|
||||
url = api_base + "generateTokenByApp"
|
||||
data = {
|
||||
"authToken": auth_token,
|
||||
"fiscalNumber": cf,
|
||||
"userPassword": password,
|
||||
"model": device_model
|
||||
}
|
||||
s = requests.Session()
|
||||
s.headers = {}
|
||||
response = s.post(url, data=data, headers=headers, timeout=60)
|
||||
if debug:
|
||||
print("generateTokenByApp: ", response.text)
|
||||
if response:
|
||||
result = response.json()
|
||||
if result["errore"] == "":
|
||||
return result
|
||||
return None
|
||||
|
||||
def check_otp_code(cf: str, auth_token: str, code: str) -> object:
|
||||
url = api_base + "verifyOTPCode"
|
||||
data = {
|
||||
"authToken": auth_token,
|
||||
"fiscalNumber": cf,
|
||||
"code": code
|
||||
}
|
||||
s = requests.Session()
|
||||
s.headers = {}
|
||||
response = s.post(url, data=data, headers=headers, timeout=60)
|
||||
response.raise_for_status()
|
||||
if debug:
|
||||
print("verifyOTPCode: ", response.text)
|
||||
return response.json()
|
||||
|
||||
def send_otp_code(cf: str, auth_token: str) -> bool:
|
||||
url = api_base + "sendOTPCode"
|
||||
data = {
|
||||
"authToken": auth_token,
|
||||
"fiscalNumber": cf
|
||||
}
|
||||
s = requests.Session()
|
||||
s.headers = {}
|
||||
response = s.post(url, data=data, headers=headers, timeout=60)
|
||||
if debug:
|
||||
print("sendOTPCode: ", response.text)
|
||||
if response is not None:
|
||||
result = response.json()
|
||||
return result is not None and result["errore"] == ""
|
||||
else:
|
||||
return False
|
||||
|
||||
def main():
|
||||
|
||||
print("""You must read the entire README on https://git.disroot.org/Antidote4296/sielteextract/src/branch/main/README.md before continuing.
|
||||
It contains important information, such as:
|
||||
- This product comes with no warranty or support, if something goes wrong you're basically on your own
|
||||
- We are not affiliated with Sielte S.p.A., this is not an official product
|
||||
- After entering the SMS code, you will be logged out of the MySielteID app (but you will be able to log back in at any time)""")
|
||||
|
||||
if(input("Enter CONTINUE if you've read and understood the entire README, and still wish to continue: ") != "CONTINUE"):
|
||||
print("Operation aborted.")
|
||||
return
|
||||
|
||||
cf = input("Fiscal code: ")
|
||||
password = input("Password: ")
|
||||
|
||||
print("Starting authentication...")
|
||||
auth_obj = auth(cf, password)
|
||||
secret_key = ""
|
||||
try:
|
||||
secret_key = auth_obj["secretKey"]
|
||||
if debug:
|
||||
print("Got secretKey:", secret_key)
|
||||
except KeyError:
|
||||
print("secretKey missing from server reply. Have you entered the correct credentials?")
|
||||
return
|
||||
|
||||
print("Generating JWT token...")
|
||||
auth_token = create_api_token(cf, secret_key)
|
||||
if debug:
|
||||
print("Generated token:", auth_token)
|
||||
|
||||
print("Sending SMS...")
|
||||
if not send_otp_code(cf, auth_token):
|
||||
print("SMS sending error")
|
||||
return
|
||||
print("SMS is sent")
|
||||
|
||||
otp = input("SMS code: ")
|
||||
print("Checking the code and getting new secretKey...")
|
||||
check_otp_obj = check_otp_code(cf, auth_token, otp)
|
||||
try:
|
||||
secret_key = check_otp_obj["secretKey"]
|
||||
if debug:
|
||||
print("Got new secretKey:", secret_key)
|
||||
except KeyError:
|
||||
print("new secretKey missing from server reply. Have you entered the correct code?")
|
||||
return
|
||||
|
||||
print("Generating new JWT token...")
|
||||
auth_token = create_api_token(cf, secret_key)
|
||||
if debug:
|
||||
print("Generated token:", auth_token)
|
||||
|
||||
print("Finalizing login and getting TOTP secret...")
|
||||
generate_token_obj = generate_token(cf, auth_token, password)
|
||||
secret = ""
|
||||
try:
|
||||
secret = generate_token_obj["secret"]
|
||||
if debug:
|
||||
print("Got secret:", secret)
|
||||
except KeyError:
|
||||
print("secret missing from server reply")
|
||||
return
|
||||
|
||||
seed = "otpauth://totp/SielteID?secret=" + secret + "&algorithm=SHA1&digits=6&period=60"
|
||||
print("The TOTP seed is:", seed)
|
||||
|
||||
if __name__ == '__main__':
|
||||
main()
|
Loading…
Reference in New Issue