diff --git a/main.py b/main.py index 85b9f36d..279a92c0 100644 --- a/main.py +++ b/main.py @@ -1,25 +1,28 @@ import requests import re import json -import datetime import argparse import pokemon_pb2 +from datetime import datetime from requests.packages.urllib3.exceptions import InsecureRequestWarning requests.packages.urllib3.disable_warnings(InsecureRequestWarning) -api_url = 'https://pgorelease.nianticlabs.com/plfe/rpc' -login_url = 'https://sso.pokemon.com/sso/login?service=https%3A%2F%2Fsso.pokemon.com%2Fsso%2Foauth2.0%2FcallbackAuthorize' -login_oauth = 'https://sso.pokemon.com/sso/oauth2.0/accessToken' -s = requests.session() -s.headers.update({'User-Agent':'Niantic App'}) -s.verify = False +API_URL = 'https://pgorelease.nianticlabs.com/plfe/rpc' +LOGIN_URL = 'https://sso.pokemon.com/sso/login?service=https%3A%2F%2Fsso.pokemon.com%2Fsso%2Foauth2.0%2FcallbackAuthorize' +LOGIN_OAUTH = 'https://sso.pokemon.com/sso/oauth2.0/accessToken' + +SESSION = requests.session() +SESSION.headers.update({'User-Agent': 'Niantic App'}) +SESSION.verify = False + def get_gps_coords(): return (0x404aca0660000000, 0x40241f55a0000000, 0x4048000000000000) -def api_req(api_endpoint, access_token, req): + +def api_req(api_endpoint, access_token, req): try: p_req = pokemon_pb2.RequestEnvelop() p_req.unknown1 = 2 @@ -35,14 +38,15 @@ def api_req(api_endpoint, access_token, req): p_req.auth.token.unknown13 = 59 protobuf = p_req.SerializeToString() - r = s.post(api_endpoint,data=protobuf,verify=False) + r = SESSION.post(api_endpoint, data=protobuf, verify=False) p_ret = pokemon_pb2.ResponseEnvelop() p_ret.ParseFromString(r.content) - return p_ret + return p_ret except: return None + def get_api_endpoint(access_token): req = pokemon_pb2.RequestEnvelop() @@ -58,13 +62,14 @@ def get_api_endpoint(access_token): req5.type = 5 req5.message.unknown4 = "4a2e9bc330dae60e7b74fc85b98868ab4700802e" - p_ret = api_req(api_url, access_token, req.requests) + p_ret = api_req(API_URL, access_token, req.requests) try: - return ('https://%s/rpc' % p_ret.api_url) + return ('https://%s/rpc' % p_ret.API_URL) except: return None + def get_profile(api_endpoint, access_token): req = pokemon_pb2.RequestEnvelop() @@ -75,66 +80,74 @@ def get_profile(api_endpoint, access_token): def login_ptc(username, password): - print( '[!] login for: %s' % username ) + print('[!] login for: {}'.format(username)) head = {'User-Agent': 'niantic'} - r = s.get(login_url, headers=head) + r = SESSION.get(LOGIN_URL, headers=head) jdata = json.loads(r.content) - data = {'lt': jdata['lt'], + data = { + 'lt': jdata['lt'], 'execution': jdata['execution'], '_eventId': 'submit', 'username': username, - 'password': password} - r1 = s.post(login_url,data=data,headers=head) + 'password': password, + } + r1 = SESSION.post(LOGIN_URL, data=data, headers=head) ticket = None try: - ticket = re.sub('.*ticket=','',r1.history[0].headers['Location']) + ticket = re.sub('.*ticket=', '', r1.history[0].headers['Location']) except: return False - data1 = {'client_id':'mobile-app_pokemon-go', - 'redirect_uri':'https://www.nianticlabs.com/pokemongo/error', - 'client_secret':'w8ScCUXJQc6kXKw8FiOhd8Fixzht18Dq3PEVkUCP5ZPxtgyWsbTvWHFLm2wNY0JR', - 'grant_type':'refresh_token', - 'code':ticket} - r2 = s.post(login_oauth,data=data1) - access_token = re.sub('&expires.*','',r2.content) - access_token = re.sub('.*access_token=','',access_token) + data1 = { + 'client_id': 'mobile-app_pokemon-go', + 'redirect_uri': 'https://www.nianticlabs.com/pokemongo/error', + 'client_secret': 'w8ScCUXJQc6kXKw8FiOhd8Fixzht18Dq3PEVkUCP5ZPxtgyWsbTvWHFLm2wNY0JR', + 'grant_type': 'refresh_token', + 'code': ticket, + } + r2 = SESSION.post(LOGIN_OAUTH, data=data1) + access_token = re.sub('&expires.*', '', r2.content) + access_token = re.sub('.*access_token=', '', access_token) return access_token - -def main(): + +def main(): parser = argparse.ArgumentParser() parser.add_argument("-u", "--username", help="PTC Username", required=True) parser.add_argument("-p", "--password", help="PTC Password", required=True) args = parser.parse_args() - access_token = login_ptc(args.username, args.password) if access_token is None: - print( "[-] Wrong username/password" ) - return - print( '[+] RPC Session Token: %s ...' % access_token[:25] ) + print('[-] Wrong username/password') + return + print('[+] RPC Session Token: {} ...'.format(access_token[:25])) api_endpoint = get_api_endpoint(access_token) if api_endpoint is None: - print( '[-] RPC server offline' ) + print('[-] RPC server offline') return - print( '[+] Received API endpoint: %s' % api_endpoint ) + print('[+] Received API endpoint: {}'.format(api_endpoint)) profile = get_profile(api_endpoint, access_token) if profile is not None: - print( '[+] Login successful' ) - profile = profile.payload[0].profile - print( '[+] Username: %s' % profile.username ) - print( '[+] You are playing Pokemon Go since: %s' % datetime.datetime.fromtimestamp(int(profile.creation_time)/1000).strftime('%Y-%m-%d %H:%M:%S')) + print('[+] Login successful') + + profile = profile.payload[0].profile + print('[+] Username: {}'.format(profile.username)) + + creation_time = datetime.fromtimestamp(int(profile.creation_time)/1000) + print('[+] You are playing Pokemon Go since: {}'.format( + creation_time.strftime('%Y-%m-%d %H:%M:%S'), + )) for curr in profile.currency: - print( '[+] %s: %s' % (curr.type, curr.amount) ) + print('[+] {}: {}'.format(curr.type, curr.amount)) else: - print( '[-] Ooops...' ) + print('[-] Ooops...') + - if __name__ == '__main__': main()