def execute(self, old_password, new_password): self._form.update({ "pwd1": new_password, "pwd2": new_password, "javax.faces.partial.ajax": "true", "javax.faces.source": "j_idt30", "javax.faces.partial.execute": "@all", "javax.faces.partial.render": "form", "j_idt30": "j_idt30" }) r = self._session.post( "https://comptes.utc.fr/accounts-web/tools/changePassword.xhtml", data=self._form, headers={ "origin": "https://comptes.utc.fr", "referer": "https://comptes.utc.fr/accounts-web/tools/changePassword.xhtml", "Faces-Request": "partial/ajax", "X-Requested-With": "XMLHttpRequest" }) soup = BeautifulSoup(r.text, features="html5lib") err = soup.find("div", {"class": "ui-messages-error"}) if err: raise Exception("Unable to change password for CAS : \n" + '\n'.join([e.text for e in err.findAll("span")])) register_provider(CasUTC)
PromptType.sms) else: raise Exception("Unsupported two-factor method '{}'".format( challenge_type)) data.update({"challenge_response": response}) r = self._session.post( "https://mobile.twitter.com/account/login_verification", data=data) url = urlparse(r.url) r = self._session.get("https://twitter.com") r = self._session.get("https://twitter.com/settings/password") self._form = get_form(r.text, id="password-form") def execute(self, old_password, new_password): self._form.update({ "current_password": old_password, "user_password": new_password, "user_password_confirmation": new_password, }) r = self._session.post("https://twitter.com/settings/passwords/update", data=self._form, headers={ "origin": "https://twitter.com", "referer": "https://twitter.com/settings/password" }) register_provider(Twitter)
def __init__(self, options): self.username = options["username"] def _login(self, old_password): login_url = "https://aur.archlinux.org/login/" r = self._session.post(login_url, data={ "user": self.username, "passwd": old_password }) if r.status_code != 200: raise Exception( "Unable to log into your Arch User Repository account with current password" ) return r def prepare(self, old_password): self._session = requests.Session() self._login(old_password) password_change_url = "https://aur.archlinux.org/account/" + self.username + "/edit" r = self._session.get(password_change_url) self._form = get_form(r.text, id="edit-profile-form") def execute(self, old_password, new_password): post_url = "https://aur.archlinux.org/account/" + self.username + "/update" self._form.update({"P": new_password, "C": new_password}) r = self._session.post(post_url, data=self._form) register_provider(ArchUserRepository)
bs = get_bootstrap(r.text) form = { "email": self.email, "password": old_password, "security_token": bs["data"]["security_token"] } r = self._session.post("https://www.cloudflare.com/a/login", data=form) url = urlparse(r.url) if url.path != "/a/overview": raise Exception( "Failed to log into Cloudflare with current password") r = self._session.get( "https://www.cloudflare.com/a/account/my-account") bs = get_bootstrap(r.text) self._atok = bs["atok"] def execute(self, old_password, new_password): r = self._session.put( "https://www.cloudflare.com/api/v4/user/password", json={ "new_password": new_password, "new_password_confirm": new_password, "old_password": old_password, }, headers={"x-atok": self._atok}) if r.status_code != 200: raise Exception("Failed to update Cloudflare password") register_provider(Cloudflare)
self._session = requests.Session() ###authenticate r = self._session.get("https://m.facebook.com/login.php") form = get_form(r.text, id="login_form") form.update({"email": self.username, "pass": old_password}) r = self._session.post("https://m.facebook.com/login.php", data=form) ###check for authentication failure if "The email address that you've entered doesn't match any account" in r.text: raise Exception("Facebook doesn't recognise this email") if "The password you entered is incorrect" in r.text: raise Exception("Incorrect password") ###load form r = self._session.get( "https://m.facebook.com/settings/security/password/") self._form = get_form(r.text, method="post") def execute(self, old_password, new_password): self._form.update({ "password_old": old_password, "password_new": new_password, "password_confirm": new_password }) r = self._session.post("https://m.facebook.com/password/change/", data=self._form) register_provider(Facebook)
"ctl00$ctl00$ctl00$ctl00$base_content$web_base_content$home_content$page_content_left$CntrlAuthorization$btnSendVerification": "Send Security Code" }) r = self._session.post("https://www.namecheap.com/myaccount/twofa/secondauth.aspx", data=form) if "You have reached the limit" in r.text: raise Exception("Namecheap has locked us out of further 2FA attempts. Wait 60 minutes and try again.") while url.path == "/myaccount/twofa/secondauth.aspx": form = get_form(r.text, id="aspnetForm") code = self.prompt("Enter your SMS authorization code", PromptType.sms) form.update({ "ctl00$ctl00$ctl00$ctl00$base_content$web_base_content$home_content$page_content_left$CntrlAuthorization$txtAuthVerification": code, }) r = self._session.post("https://www.namecheap.com/myaccount/twofa/secondauth.aspx", data=form) url = urlparse(r.url) r = self._session.get("https://ap.www.namecheap.com/Profile/Security") soup = BeautifulSoup(r.text, "html.parser") self._ncCompliance = soup.find("input", attrs={ "name": "ncCompliance" }).get("value", "") def execute(self, old_password, new_password): r = self._session.post("https://ap.www.namecheap.com/profile/security/password/change", data={ "newPassword": new_password, "oldPassword": old_password, }, headers={ "_NcCompliance": self._ncCompliance } ,allow_redirects=False) if r.status_code != 200: raise Exception("Failed to update NameCheap password") register_provider(Namecheap)
domains = ["ycombinator.com", "news.ycombinator.com"] options = {"username": ProviderOption(str, "Your Hacker News username")} def __init__(self, options): self.username = options["username"] def prepare(self, old_password): self._session = requests.Session() r = self._session.post("https://news.ycombinator.com/login", data={ "acct": self.username, "pw": old_password }, allow_redirects=False) if "Bad login" in r.text: raise Exception( "Unable to log into Hacker News with current password") r = self._session.get("https://news.ycombinator.com/changepw") self._form = get_form(r.text) def execute(self, old_password, new_password): self._form.update({"oldpw": old_password, "pw": new_password}) r = self._session.post("https://news.ycombinator.com/r", data=self._form, allow_redirects=False) if r.status_code != 302: raise Exception("Failed to update Hacker News password") register_provider(YCombinator)
"https://discordapp.com/api/v6/auth/mfa/totp", json=data) if r.status_code != 200: raise Exception( "Failed to authenticate with the TOTP token: {}".format( r.json())) self._session.headers["authorization"] = r.json().get("token") def execute(self, old_password, new_password): data = {"password": old_password, "new_password": new_password} while True: r = self._session.patch("https://discordapp.com/api/v6/users/@me", json=data) if r.status_code != 200: json = r.json() if json.get("code") == 60008: # Invalid two-factor code code = self.prompt("Enter your two factor (TOTP) code", PromptType.totp) data["code"] = code else: raise Exception( "Failed to update Discord password: {}".format(json)) else: break register_provider(Discord)
r = self._session.post("https://gitlab.com/users/sign_in", data=form) if r.status_code != 200: raise Exception( "Unable to log into GitLab account with current password") return r def _set_form(self): r = self._session.get("https://gitlab.com/profile/password/edit") self._form = get_form(r.text, id="edit_user_{}".format(self.user_id)) def prepare(self, old_password): self._session = requests.Session() r = self._login(old_password) self._handle_two_factor_auth(r) self._read_userid() self._set_form() def execute(self, old_password, new_password): self._form.update({ "user[current_password]": old_password, "user[password]": new_password, "user[password_confirmation]": new_password, }) r = self._session.post("https://gitlab.com/profile/password", data=self._form) register_provider(GitLab)
def prepare(self, old_password): self._session = requests.Session() r = self._session.get( "https://pypi.python.org/pypi?%3Aaction=login_form") self._form = get_form(r.text, type="div", id="content") self._form.update({ "username": self.username, "password": old_password }) r = self._session.post("https://pypi.python.org/pypi", data=self._form, allow_redirects=False) if not r.ok: raise Exception("Unable to log into PyPI with current password") r = self._session.get( "https://pypi.python.org/pypi?%3Aaction=user_form") self._form = custom_get_form( r.text, lambda x: x.find(id="content").find("form").find_all("input")) def execute(self, old_password, new_password): self._form.update({"password": new_password, "confirm": new_password}) r = self._session.post("https://pypi.python.org/pypi", data=self._form, allow_redirects=False) if not r.ok: raise Exception("Failed to update PyPI password") register_provider(PyPI)
def prepare(self, old_password): self._session = requests.Session() r = self._session.get("https://ankiweb.net/account/login") self._form = get_form(r.text, id="form") self._form.update({ "username": self.username, "password": old_password }) r = self._session.post("https://ankiweb.net/account/login", data=self._form, allow_redirects=False) if not r.ok or r.status_code != 302: raise Exception("Unable to log into AnkiWeb with current password") r = self._session.get("https://ankiweb.net/account/settings") self._form = get_form(r.text) def execute(self, old_password, new_password): self._form.update({ "oldpw": old_password, "pass1": new_password, "pass2": new_password }) r = self._session.post("https://ankiweb.net/account/settings", data=self._form, allow_redirects=False) if not r.ok or r.status_code != 302: raise Exception("Failed to update AnkiWeb password") register_provider(AnkiWeb)
# Linode has a weird form on this page soup = BeautifulSoup(r.text, "html.parser") inputs = soup.find_all("input") form = get_form_data(inputs) form.update({"auth_password": old_password}) r = self._session.post("https://manager.linode.com/profile/reauth", data=form) r = self._session.get("https://manager.linode.com/profile/auth") # This form is also weird. Why you gotta be weird, Linode? soup = BeautifulSoup(r.text, "html.parser") self._form = { "authenticity_token": soup.find("input", attrs={ "name": "authenticity_token" }).get("value", "") } def execute(self, old_password, new_password): self._form.update({ "password": new_password, "password2": new_password, "expires": self.expiry }) r = self._session.post("https://manager.linode.com/profile/password", data=self._form) if r.status_code != 200: raise Exception("Failed to update Linode password") register_provider(Linode)
self._user_id = j.get("uuid") break if not self._user_id: raise Exception("Unable to extract user ID") r = self._session.get( "https://cloud.digitalocean.com/settings/profile?i=" + self._user_id[:6]) soup = BeautifulSoup(r.text, "html.parser") self._csrf_token = soup.find("meta", attrs={ "name": "csrf-token" }).get("content", "") self._user = self._session.get( "https://cloud.digitalocean.com/api/v1/users/" + self._user_id).json() def execute(self, old_password, new_password): self._user["user"].update({ "current_password": old_password, "password": new_password, "password_confirmation": new_password, }) r = self._session.put("https://cloud.digitalocean.com/api/v1/users/" + self._user_id, json=self._user, headers={"X-CSRF-Token": self._csrf_token}) if r.status_code != 200: raise Exception("Failed to update Digital Ocean password") register_provider(DigitalOcean)
self._session = requests.Session() r = self._session.get("https://github.com/login") form = get_form(r.text) form.update({"login": self.username, "password": old_password}) r = self._session.post("https://github.com/session", data=form) if r.status_code != 200: raise Exception( "Unable to log into GitHub account with current password") url = urlparse(r.url) while url.path == "/sessions/two-factor": form = get_form(r.text) code = self.prompt("Enter your two factor (TOTP) code", PromptType.totp) form.update({"otp": code}) r = self._session.post("https://github.com/sessions/two-factor", data=form) url = urlparse(r.url) r = self._session.get("https://github.com/settings/admin") self._form = get_form(r.text, id="change_password") def execute(self, old_password, new_password): self._form.update({ "user[old_password]": old_password, "user[password]": new_password, "user[password_confirmation]": new_password, }) r = self._session.post("https://github.com/account", data=self._form) register_provider(GitHub)
###authenticate r = self._session.get("https://archiveofourown.org/users/login") form = get_form(r.text, id="new_user") form.update({ "user[login]": self.login, "user[password]": old_password }) r = self._session.post("https://archiveofourown.org/users/login", data=form) self.username = list(filter(None, str.split(r.url, "/")))[-1] ###load form r = self._session.get("https://archiveofourown.org/users/" + self.username + "/change_password") self._form = get_form(r.text, method="post") def execute(self, old_password, new_password): self._form.update({ "password_check": old_password, "password": new_password, "password_confirmation": new_password }) r = self._session.post("https://archiveofourown.org/users/" + self.username + "/changed_password", data=self._form) register_provider(Ao3)
def prepare(self, old_password): self._session = requests.Session() self._session.get("https://www.zotero.org/user/login") r = self._session.post("https://www.zotero.org/user/login", data={ "username": self.username, "password": old_password, "remember": 0, "login": "", "oid_identifier": "" }) if "Invalid credentials provided" in r.text: raise Exception("Unable to log into Zotero with current password") r = self._session.get("https://www.zotero.org/settings/account") def execute(self, old_password, new_password): form_data = { "password": old_password, "new_password": new_password, "new_password2": new_password, "updatesettings": "" } r = self._session.post("https://www.zotero.org/settings/account", data=form_data, allow_redirects=False) if "Account Settings Saved" not in r.text: raise Exception("Failed to update Zotero password") register_provider(Zotero)
_login_url = "https://en.wikipedia.org/w/index.php?title=Special:UserLogin" _password_change_url = "https://en.wikipedia.org/w/index.php?" \ "title=Special:ChangeCredentials" \ "/MediaWiki\Auth\PasswordAuthenticationRequest" def __init__(self, options): self.username = options["username"] def _login(self, old_password): r = self._session.get(self._login_url) form = get_form(r.text) form.update({"wpName": self.username, "wpPassword": old_password}) r = self._session.post(self._login_url, data=form) if r.status_code != 200: raise Exception( "Unable to log into Wikipedia account with current password") return r def prepare(self, old_password): self._session = requests.Session() self._login(old_password) r = self._session.get(self._password_change_url) self._form = get_form(r.text) def execute(self, old_password, new_password): self._form.update({"password": new_password, "retype": new_password}) r = self._session.post(self._password_change_url, data=self._form) register_provider(Wikipedia)
"pixiv_id": self.username, "password": old_password }) r = self._session.post("https://accounts.pixiv.net/api/login", data=self._form) r = self._session.get("https://www.pixiv.net/setting_userdata.php", params={"type": "password"}) url = urlparse(r.url) if url.path != "/setting_userdata.php": raise Exception("Current password for pixiv is incorrect") self._form = get_form(r.text, action="setting_userdata.php") self._form.update({"check_pass": old_password}) r = self._session.post("https://www.pixiv.net/setting_userdata.php", data=self._form) self._form = get_form(r.text, action="setting_userdata.php") def execute(self, old_password, new_password): self._form.update({ "new_password_1": new_password, "new_password_2": new_password }) r = self._session.post("https://www.pixiv.net/setting_userdata.php", data=self._form) url = urlparse(r.url) if url.path == "/setting_userdata.php": raise Exception("Failed to update pixiv password") register_provider(Pixiv)