From 18ea928d668301c113a782fcfa1b736471eb6e45 Mon Sep 17 00:00:00 2001 From: William Nelson <83034852+wnelson03@users.noreply.github.com> Date: Tue, 1 Feb 2022 03:38:51 -0500 Subject: [PATCH 001/106] Implement Linux HWID retrieval --- keyauth.py | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/keyauth.py b/keyauth.py index 1acdd77..6472228 100644 --- a/keyauth.py +++ b/keyauth.py @@ -301,7 +301,7 @@ class others: @staticmethod def get_hwid(): if platform.system() != "Windows": - return "None" + return subprocess.Popen('hal-get-property --udi /org/freedesktop/Hal/devices/computer --key system.hardware.uuid'.split()) cmd = subprocess.Popen( "wmic useraccount where name='%username%' get sid", stdout=subprocess.PIPE, shell=True) From a2bcfd822c5b5014d56ab625bfe4dd8d1b706f81 Mon Sep 17 00:00:00 2001 From: William Nelson <83034852+wnelson03@users.noreply.github.com> Date: Sun, 6 Feb 2022 14:46:37 -0500 Subject: [PATCH 002/106] Update links in README --- README.md | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/README.md b/README.md index c80b1ba..8fcc200 100644 --- a/README.md +++ b/README.md @@ -1,5 +1,5 @@ # KeyAuth-Python-Example -KeyAuth Python Example For The https://keyauth.com Authentication system. +KeyAuth Python Example For The https://keyauth.win Authentication system. # Instructions @@ -20,4 +20,4 @@ Setup video: https://www.youtube.com/watch?v=L2eAQOmuUiA **What is KeyAuth?** KeyAuth is a GameChanging authentication system. We have never-seen before features, and we listen to our customers. -Feel free to join https://keyauth.com/discord/ if you have questions or suggestions. +Feel free to join https://keyauth.win/discord/ if you have questions or suggestions. From ab37f05f0991f15138e524a645ede96be5024b1d Mon Sep 17 00:00:00 2001 From: Weebzo <74221482+weebzo@users.noreply.github.com> Date: Fri, 11 Feb 2022 17:50:07 -0500 Subject: [PATCH 003/106] Added subscription to user data --- keyauth.py | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/keyauth.py b/keyauth.py index 6472228..5fe1235 100644 --- a/keyauth.py +++ b/keyauth.py @@ -284,7 +284,7 @@ def __do_request(self, post_data): # region user_data class user_data_class: - username = ip = hwid = expires = createdate = lastlogin = "" + username = ip = hwid = expires = createdate = lastlogin = subscription = "" user_data = user_data_class() @@ -295,6 +295,7 @@ def __load_user_data(self, data): self.user_data.expires = data["subscriptions"][0]["expiry"] self.user_data.createdate = data["createdate"] self.user_data.lastlogin = data["lastlogin"] + self.user_data.subcription = data["subscriptions"][0]["subscription"] class others: From e205cd16f5cfc9847ece66afc86b480712b2ac51 Mon Sep 17 00:00:00 2001 From: Weebzo <74221482+weebzo@users.noreply.github.com> Date: Sat, 12 Feb 2022 12:44:23 -0800 Subject: [PATCH 004/106] added open download link if version doesnt match --- keyauth.py | 10 ++++++++++ 1 file changed, 10 insertions(+) diff --git a/keyauth.py b/keyauth.py index 5fe1235..65ecad6 100644 --- a/keyauth.py +++ b/keyauth.py @@ -60,6 +60,16 @@ def init(self): response = encryption.decrypt(response, self.secret, init_iv) json = jsond.loads(response) + + if json["message"] == "invalidver": + if json["download"] != "": + print("New Version Available") + download_link = json["download"] + os.system(f"start {download_link}") + sys.exit() + else: + print("Invalid Version, Contact owner to add download link to latest app version") + sys.exit() if not json["success"]: print(json["message"]) From 70b8c752c41307f50adc345f907e41679a0949cf Mon Sep 17 00:00:00 2001 From: Weebzo <74221482+weebzo@users.noreply.github.com> Date: Sat, 12 Feb 2022 13:51:32 -0800 Subject: [PATCH 005/106] Added check endpoint added the check endpoint that no other example has added for now, checks if the current session is validated or not --- keyauth.py | 18 ++++++++++++++++++ 1 file changed, 18 insertions(+) diff --git a/keyauth.py b/keyauth.py index 5fe1235..f32eb3e 100644 --- a/keyauth.py +++ b/keyauth.py @@ -231,6 +231,24 @@ def file(self, fileid): time.sleep(5) sys.exit() return binascii.unhexlify(json["contents"]) + + def check(self): + init_iv = SHA256.new(str(uuid4())[:8].encode()).hexdigest() + post_data = { + "type": binascii.hexlify(("check").encode()), + "sessionid": binascii.hexlify(self.sessionid.encode()), + "name": binascii.hexlify(self.name.encode()), + "ownerid": binascii.hexlify(self.ownerid.encode()), + "init_iv": init_iv + } + response = self.__do_request(post_data) + + response = encryption.decrypt(response, self.enckey, init_iv) + json = jsond.loads(response) + if json["success"]: + return True + else: + return False def webhook(self, webid, param): From 4528e41bf55c27bf8a61283a599fbf668f3d49f3 Mon Sep 17 00:00:00 2001 From: Weebzo <74221482+weebzo@users.noreply.github.com> Date: Sat, 12 Feb 2022 13:54:48 -0800 Subject: [PATCH 006/106] example how to use the check function --- main.py | 2 ++ 1 file changed, 2 insertions(+) diff --git a/main.py b/main.py index 7f606b3..7095f13 100644 --- a/main.py +++ b/main.py @@ -19,6 +19,7 @@ 3.Upgrade 4.License Key Only """) +print(f"Current Session Validation Status: {keyauthapp.check()}") ans=input("Select Option: ") if ans=="1": user = input('Provide username: ') @@ -47,3 +48,4 @@ print("Created at: " + datetime.utcfromtimestamp(int(keyauthapp.user_data.createdate)).strftime('%Y-%m-%d %H:%M:%S')) print("Last login at: " + datetime.utcfromtimestamp(int(keyauthapp.user_data.lastlogin)).strftime('%Y-%m-%d %H:%M:%S')) print("Expires at: " + datetime.utcfromtimestamp(int(keyauthapp.user_data.expires)).strftime('%Y-%m-%d %H:%M:%S')) +print(f"Current Session Validation Status: {keyauthapp.check()}") From d84431b58c6af4d45cc05a8e24413c1e5fec49bc Mon Sep 17 00:00:00 2001 From: Weebzo <74221482+weebzo@users.noreply.github.com> Date: Sat, 12 Feb 2022 18:04:25 -0800 Subject: [PATCH 007/106] added forgotten Initialization checks --- keyauth.py | 64 ++++++++++++++++++++++++++++++++++++------------------ 1 file changed, 43 insertions(+), 21 deletions(-) diff --git a/keyauth.py b/keyauth.py index f32eb3e..d01bf4e 100644 --- a/keyauth.py +++ b/keyauth.py @@ -36,6 +36,7 @@ def __init__(self, name, ownerid, secret, version): self.version = version sessionid = enckey = "" + initialized = False def init(self): @@ -61,13 +62,25 @@ def init(self): response = encryption.decrypt(response, self.secret, init_iv) json = jsond.loads(response) + if json["message"] == "invalidver": + if json["download"] != "": + print("New Version Available") + download_link = json["download"] + os.system(f"start {download_link}") + sys.exit() + else: + print("Invalid Version, Contact owner to add download link to latest app version") + sys.exit() + if not json["success"]: print(json["message"]) sys.exit() self.sessionid = json["sessionid"] + self.initialized = True def register(self, user, password, license, hwid=None): + self.checkinit() if hwid is None: hwid = others.get_hwid() @@ -98,7 +111,7 @@ def register(self, user, password, license, hwid=None): sys.exit() def upgrade(self, user, license): - + self.checkinit() init_iv = SHA256.new(str(uuid4())[:8].encode()).hexdigest() post_data = { @@ -124,6 +137,7 @@ def upgrade(self, user, license): sys.exit() def login(self, user, password, hwid=None): + self.checkinit() if hwid is None: hwid = others.get_hwid() @@ -154,6 +168,7 @@ def login(self, user, password, hwid=None): sys.exit() def license(self, key, hwid=None): + self.checkinit() if hwid is None: hwid = others.get_hwid() @@ -182,7 +197,7 @@ def license(self, key, hwid=None): sys.exit() def var(self, name): - + self.checkinit() init_iv = SHA256.new(str(uuid4())[:8].encode()).hexdigest() post_data = { @@ -208,7 +223,7 @@ def var(self, name): sys.exit() def file(self, fileid): - + self.checkinit() init_iv = SHA256.new(str(uuid4())[:8].encode()).hexdigest() post_data = { @@ -231,53 +246,55 @@ def file(self, fileid): time.sleep(5) sys.exit() return binascii.unhexlify(json["contents"]) - - def check(self): + + def webhook(self, webid, param): + self.checkinit() init_iv = SHA256.new(str(uuid4())[:8].encode()).hexdigest() + post_data = { - "type": binascii.hexlify(("check").encode()), + "type": binascii.hexlify(("webhook").encode()), + "webid": encryption.encrypt(webid, self.enckey, init_iv), + "params": encryption.encrypt(param, self.enckey, init_iv), "sessionid": binascii.hexlify(self.sessionid.encode()), "name": binascii.hexlify(self.name.encode()), "ownerid": binascii.hexlify(self.ownerid.encode()), "init_iv": init_iv } + response = self.__do_request(post_data) response = encryption.decrypt(response, self.enckey, init_iv) json = jsond.loads(response) + if json["success"]: - return True + return json["message"] else: - return False - - def webhook(self, webid, param): + print(json["message"]) + time.sleep(5) + sys.exit() + def check(self): + self.checkinit() init_iv = SHA256.new(str(uuid4())[:8].encode()).hexdigest() - post_data = { - "type": binascii.hexlify(("webhook").encode()), - "webid": encryption.encrypt(webid, self.enckey, init_iv), - "params": encryption.encrypt(param, self.enckey, init_iv), + "type": binascii.hexlify(("check").encode()), "sessionid": binascii.hexlify(self.sessionid.encode()), "name": binascii.hexlify(self.name.encode()), "ownerid": binascii.hexlify(self.ownerid.encode()), "init_iv": init_iv } - response = self.__do_request(post_data) response = encryption.decrypt(response, self.enckey, init_iv) json = jsond.loads(response) - if json["success"]: - return json["message"] + return True else: - print(json["message"]) - time.sleep(5) - sys.exit() + return False - def log(self, message): + def log(self, message): + self.checkinit() init_iv = SHA256.new(str(uuid4())[:8].encode()).hexdigest() post_data = { @@ -292,6 +309,11 @@ def log(self, message): self.__do_request(post_data) + def checkinit(self): + if not self.initialized: + print("Initialize first, in order to use the functions") + sys.exit() + def __do_request(self, post_data): rq_out = requests.post( From 4f7b50cfae66b49ccbc1846c97f6faf2d4a7b83e Mon Sep 17 00:00:00 2001 From: Weebzo <74221482+weebzo@users.noreply.github.com> Date: Sat, 12 Feb 2022 22:33:48 -0800 Subject: [PATCH 008/106] Added missing features Added Ban function Added Get/set user var function Added Check Blacklist function Added Init Checks --- keyauth.py | 98 ++++++++++++++++++++++++++++++++++++++++++++++++------ 1 file changed, 88 insertions(+), 10 deletions(-) diff --git a/keyauth.py b/keyauth.py index 476c329..4b46912 100644 --- a/keyauth.py +++ b/keyauth.py @@ -61,16 +61,6 @@ def init(self): response = encryption.decrypt(response, self.secret, init_iv) json = jsond.loads(response) - - if json["message"] == "invalidver": - if json["download"] != "": - print("New Version Available") - download_link = json["download"] - os.system(f"start {download_link}") - sys.exit() - else: - print("Invalid Version, Contact owner to add download link to latest app version") - sys.exit() if json["message"] == "invalidver": if json["download"] != "": @@ -89,6 +79,8 @@ def init(self): self.sessionid = json["sessionid"] self.initialized = True + + def register(self, user, password, license, hwid=None): self.checkinit() if hwid is None: @@ -232,6 +224,71 @@ def var(self, name): time.sleep(5) sys.exit() + def getvar(self, var_name): + self.checkinit() + init_iv = SHA256.new(str(uuid4())[:8].encode()).hexdigest() + + post_data = { + "type": binascii.hexlify(("getvar").encode()), + "var": encryption.encrypt(var_name, self.enckey, init_iv), + "sessionid": binascii.hexlify(self.sessionid.encode()), + "name": binascii.hexlify(self.name.encode()), + "ownerid": binascii.hexlify(self.ownerid.encode()), + "init_iv": init_iv + } + response = self.__do_request(post_data) + response = encryption.decrypt(response, self.enckey, init_iv) + json = jsond.loads(response) + + if json["success"]: + return json["response"] + else: + print(json["message"]) + time.sleep(5) + sys.exit() + + def setvar(self, var_name, var_data): + self.checkinit() + init_iv = SHA256.new(str(uuid4())[:8].encode()).hexdigest() + post_data = { + "type": binascii.hexlify(("setvar").encode()), + "var": encryption.encrypt(var_name, self.enckey, init_iv), + "data": encryption.encrypt(var_data, self.enckey, init_iv), + "sessionid": binascii.hexlify(self.sessionid.encode()), + "name": binascii.hexlify(self.name.encode()), + "ownerid": binascii.hexlify(self.ownerid.encode()), + "init_iv": init_iv + } + response = self.__do_request(post_data) + response = encryption.decrypt(response, self.enckey, init_iv) + + if json["success"]: + return True + else: + print(json["message"]) + time.sleep(5) + sys.exit() + + def ban(self): + self.checkinit() + init_iv = SHA256.new(str(uuid4())[:8].encode()).hexdigest() + post_data = { + "type": binascii.hexlify(("ban").encode()), + "sessionid": binascii.hexlify(self.sessionid.encode()), + "name": binascii.hexlify(self.name.encode()), + "ownerid": binascii.hexlify(self.ownerid.encode()), + "init_iv": init_iv + } + response = self.__do_request(post_data) + response = encryption.decrypt(response, self.enckey, init_iv) + + if json["success"]: + return True + else: + print(json["message"]) + time.sleep(5) + sys.exit() + def file(self, fileid): self.checkinit() init_iv = SHA256.new(str(uuid4())[:8].encode()).hexdigest() @@ -302,6 +359,26 @@ def check(self): else: return False + def checkblacklist(self): + self.checkinit() + hwid = others.get_hwid() + init_iv = SHA256.new(str(uuid4())[:8].encode()).hexdigest() + post_data = { + "type": binascii.hexlify(("checkblacklist").encode()), + "hwid": encryption.encrypt(hwid, self.enckey, init_iv), + "sessionid": binascii.hexlify(self.sessionid.encode()), + "name": binascii.hexlify(self.name.encode()), + "ownerid": binascii.hexlify(self.ownerid.encode()), + "init_iv": init_iv + } + response = self.__do_request(post_data) + + response = encryption.decrypt(response, self.enckey, init_iv) + json = jsond.loads(response) + if json["success"]: + return True + else: + return False def log(self, message): self.checkinit() @@ -348,6 +425,7 @@ def __load_user_data(self, data): self.user_data.subcription = data["subscriptions"][0]["subscription"] + class others: @staticmethod def get_hwid(): From c70866f5556f13ec315348597c373b787e9aeac7 Mon Sep 17 00:00:00 2001 From: Weebzo <74221482+weebzo@users.noreply.github.com> Date: Sat, 12 Feb 2022 22:44:36 -0800 Subject: [PATCH 009/106] Fixes --- keyauth.py | 2 ++ 1 file changed, 2 insertions(+) diff --git a/keyauth.py b/keyauth.py index 4b46912..61ba40e 100644 --- a/keyauth.py +++ b/keyauth.py @@ -261,6 +261,7 @@ def setvar(self, var_name, var_data): } response = self.__do_request(post_data) response = encryption.decrypt(response, self.enckey, init_iv) + json = jsond.loads(response) if json["success"]: return True @@ -281,6 +282,7 @@ def ban(self): } response = self.__do_request(post_data) response = encryption.decrypt(response, self.enckey, init_iv) + json = jsond.loads(response) if json["success"]: return True From dde0a6837049384acff4378e523d60f622b38ae4 Mon Sep 17 00:00:00 2001 From: Weebzo <74221482+weebzo@users.noreply.github.com> Date: Sun, 13 Feb 2022 20:46:01 -0800 Subject: [PATCH 010/106] Module not found handling everyone using the py example had the module missing error, this should solve it --- keyauth.py | 24 +++++++++++++++++------- 1 file changed, 17 insertions(+), 7 deletions(-) diff --git a/keyauth.py b/keyauth.py index 61ba40e..8d7d996 100644 --- a/keyauth.py +++ b/keyauth.py @@ -4,15 +4,9 @@ import binascii # hex encoding -import requests # https requests + # https requests from uuid import uuid4 # gen random guid - -from Crypto.Cipher import AES -from Crypto.Hash import SHA256 -from Crypto.Util.Padding import pad, unpad -# aes + padding, sha256 - import webbrowser import platform import subprocess @@ -20,6 +14,22 @@ import sys import os +try: + from Crypto.Cipher import AES + from Crypto.Hash import SHA256 + from Crypto.Util.Padding import pad, unpad + from requests_toolbelt.adapters.fingerprint import FingerprintAdapter + import requests +except Exception as f: + print("Exception when importing modules: " + str(f)) + print("installing necessary modules....") + os.system("pip install pycryptodome") + os.system("pip install requests_toolbelt") + os.system("pip install requests") + print("Modules installed!") + time.sleep(1.5) + exit(0) + from requests_toolbelt.adapters.fingerprint import FingerprintAdapter From ecd587817c35cb8777d8ff293075985f7f19b465 Mon Sep 17 00:00:00 2001 From: Weebzo <74221482+weebzo@users.noreply.github.com> Date: Mon, 14 Feb 2022 09:11:54 -0500 Subject: [PATCH 011/106] Specific Exception --- keyauth.py | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/keyauth.py b/keyauth.py index 8d7d996..a758865 100644 --- a/keyauth.py +++ b/keyauth.py @@ -20,8 +20,8 @@ from Crypto.Util.Padding import pad, unpad from requests_toolbelt.adapters.fingerprint import FingerprintAdapter import requests -except Exception as f: - print("Exception when importing modules: " + str(f)) +except ModuleNotFoundError: + print("Exception when importing modules") print("installing necessary modules....") os.system("pip install pycryptodome") os.system("pip install requests_toolbelt") From a9fd8e2b8116d9267185377cb911bb1059ba77be Mon Sep 17 00:00:00 2001 From: Weebzo <74221482+weebzo@users.noreply.github.com> Date: Mon, 14 Feb 2022 12:41:26 -0500 Subject: [PATCH 012/106] Update keyauth.py --- keyauth.py | 10 ++++------ 1 file changed, 4 insertions(+), 6 deletions(-) diff --git a/keyauth.py b/keyauth.py index a758865..d5d0860 100644 --- a/keyauth.py +++ b/keyauth.py @@ -12,25 +12,23 @@ import subprocess import datetime import sys +import requests import os +from requests_toolbelt.adapters.fingerprint import FingerprintAdapter try: from Crypto.Cipher import AES from Crypto.Hash import SHA256 - from Crypto.Util.Padding import pad, unpad - from requests_toolbelt.adapters.fingerprint import FingerprintAdapter - import requests + from Crypto.Util.Padding import pad, unpad except ModuleNotFoundError: print("Exception when importing modules") print("installing necessary modules....") os.system("pip install pycryptodome") - os.system("pip install requests_toolbelt") - os.system("pip install requests") print("Modules installed!") time.sleep(1.5) exit(0) -from requests_toolbelt.adapters.fingerprint import FingerprintAdapter + class api: From 1c715dafab1fb45eec9ac0458013087035eff642 Mon Sep 17 00:00:00 2001 From: Weebzo <74221482+weebzo@users.noreply.github.com> Date: Tue, 15 Feb 2022 17:00:56 -0800 Subject: [PATCH 013/106] Update Added Hash Checks Added App Data Added Automatic initialization when class is initialized aka no longer have to call the init function yourself *Credits to @xFGhoul for the idea* --- keyauth.py | 38 ++++++++++++++++++++++++++++++++------ 1 file changed, 32 insertions(+), 6 deletions(-) diff --git a/keyauth.py b/keyauth.py index d5d0860..a174ff7 100644 --- a/keyauth.py +++ b/keyauth.py @@ -3,6 +3,7 @@ import time # sleep before exit import binascii # hex encoding +import hashlib # https requests @@ -12,8 +13,8 @@ import subprocess import datetime import sys -import requests import os +import requests from requests_toolbelt.adapters.fingerprint import FingerprintAdapter try: @@ -28,9 +29,6 @@ time.sleep(1.5) exit(0) - - - class api: name = ownerid = secret = version = "" @@ -42,12 +40,17 @@ def __init__(self, name, ownerid, secret, version): self.secret = secret self.version = version + self.init() sessionid = enckey = "" initialized = False def init(self): - + if sessionid != "": + print("You've already initialized!") + time.sleep(2) + exit(0) + init_iv = SHA256.new(str(uuid4())[:8].encode()).hexdigest() self.enckey = SHA256.new(str(uuid4())[:8].encode()).hexdigest() @@ -55,6 +58,7 @@ def init(self): post_data = { "type": binascii.hexlify(("init").encode()), "ver": encryption.encrypt(self.version, self.secret, init_iv), + "hash": self.getchecksum(), "enckey": encryption.encrypt(self.enckey, self.secret, init_iv), "name": binascii.hexlify(self.name.encode()), "ownerid": binascii.hexlify(self.ownerid.encode()), @@ -86,6 +90,7 @@ def init(self): self.sessionid = json["sessionid"] self.initialized = True + self.__load_app_data(json["appinfo"]) @@ -410,7 +415,18 @@ def checkinit(self): if not self.initialized: print("Initialize first, in order to use the functions") sys.exit() - + + def getchecksum(self): + path = os.path.realpath(__file__) + md5_hash = hashlib.md5() + + a_file = open(path, "rb") + content = a_file.read() + md5_hash.update(content) + + digest = md5_hash.hexdigest() + return digest + def __do_request(self, post_data): rq_out = requests.post( @@ -419,11 +435,21 @@ def __do_request(self, post_data): return rq_out.text + class application_data_class: + numUsers = numKeys = app_ver = customer_panel = onlineUsers = "" # region user_data class user_data_class: username = ip = hwid = expires = createdate = lastlogin = subscription = "" user_data = user_data_class() + app_data = application_data_class() + + def __load_app_data(self, data): + self.app_data.numUsers = data["numUsers"] + self.app_data.numKeys = data["numKeys"] + self.app_data.app_ver = data["version"] + self.app_data.customer_panel = data["customerPanelLink"] + self.app_data.onlineUsers = data["numOnlineUsers"] def __load_user_data(self, data): self.user_data.username = data["username"] From b2435c923ec4275efe07a50a05db7810630f9718 Mon Sep 17 00:00:00 2001 From: Weebzo <74221482+weebzo@users.noreply.github.com> Date: Tue, 15 Feb 2022 17:02:59 -0800 Subject: [PATCH 014/106] Updated Example --- main.py | 31 +++++++++++++++++++++++++------ 1 file changed, 25 insertions(+), 6 deletions(-) diff --git a/main.py b/main.py index 7095f13..6714ccd 100644 --- a/main.py +++ b/main.py @@ -1,25 +1,40 @@ from keyauth import api - import os import sys import os.path import platform +from time import sleep from datetime import datetime # watch setup video if you need help https://www.youtube.com/watch?v=L2eAQOmuUiA - -keyauthapp = api("app name here", "owner id here", "app secret here","1.0") - +os.system("cls") +os.system("title Python Example") print("Initializing") -keyauthapp.init() - +keyauthapp = api( + name = "", + ownerid = "", + secret = "", + version = "1.0", +) print (""" 1.Login 2.Register 3.Upgrade 4.License Key Only """) +print(f""" +App data: +Number of users: {keyauthapp.app_data.numUsers} +Number of online users: {keyauthapp.app_data.onlineUsers} +Number of keys: {keyauthapp.app_data.numKeys} +Application Version: {keyauthapp.app_data.app_ver} +Customer panel link: {keyauthapp.app_data.customer_panel} +""") +sleep(1.5) # rate limit print(f"Current Session Validation Status: {keyauthapp.check()}") +sleep(1.5) # rate limit +print(f"Blacklisted? : {keyauthapp.checkblacklist()}") # check if blacklisted, you can edit this and make it exit the program if blacklisted + ans=input("Select Option: ") if ans=="1": user = input('Provide username: ') @@ -45,7 +60,11 @@ print("Username: " + keyauthapp.user_data.username) print("IP address: " + keyauthapp.user_data.ip) print("Hardware-Id: " + keyauthapp.user_data.hwid) +print("Subcription: " + keyauthapp.user_data.subscription) print("Created at: " + datetime.utcfromtimestamp(int(keyauthapp.user_data.createdate)).strftime('%Y-%m-%d %H:%M:%S')) print("Last login at: " + datetime.utcfromtimestamp(int(keyauthapp.user_data.lastlogin)).strftime('%Y-%m-%d %H:%M:%S')) print("Expires at: " + datetime.utcfromtimestamp(int(keyauthapp.user_data.expires)).strftime('%Y-%m-%d %H:%M:%S')) print(f"Current Session Validation Status: {keyauthapp.check()}") +print("Exiting in 10 secs....") +sleep(10) +exit(0) From ea22a0f9784daf6f0542c696e003c40e843ccbf5 Mon Sep 17 00:00:00 2001 From: Weebzo <74221482+weebzo@users.noreply.github.com> Date: Tue, 15 Feb 2022 17:06:16 -0800 Subject: [PATCH 015/106] Update keyauth.py --- keyauth.py | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/keyauth.py b/keyauth.py index a174ff7..9e8a828 100644 --- a/keyauth.py +++ b/keyauth.py @@ -46,7 +46,7 @@ def __init__(self, name, ownerid, secret, version): initialized = False def init(self): - if sessionid != "": + if self.sessionid != "": print("You've already initialized!") time.sleep(2) exit(0) From c2862fb995a2fb88664887dac0834fed80405a31 Mon Sep 17 00:00:00 2001 From: Weebzo <74221482+weebzo@users.noreply.github.com> Date: Fri, 18 Feb 2022 13:24:56 -0800 Subject: [PATCH 016/106] fixed hash issue --- keyauth.py | 21 +++++---------------- 1 file changed, 5 insertions(+), 16 deletions(-) diff --git a/keyauth.py b/keyauth.py index 9e8a828..8dc7ac9 100644 --- a/keyauth.py +++ b/keyauth.py @@ -3,7 +3,6 @@ import time # sleep before exit import binascii # hex encoding -import hashlib # https requests @@ -30,9 +29,9 @@ exit(0) class api: - name = ownerid = secret = version = "" + name = ownerid = secret = version = hash_to_check = "" - def __init__(self, name, ownerid, secret, version): + def __init__(self, name, ownerid, secret, version, hash_to_check): self.name = name self.ownerid = ownerid @@ -40,17 +39,18 @@ def __init__(self, name, ownerid, secret, version): self.secret = secret self.version = version + self.hash_to_check = hash_to_check self.init() sessionid = enckey = "" initialized = False def init(self): + if self.sessionid != "": print("You've already initialized!") time.sleep(2) exit(0) - init_iv = SHA256.new(str(uuid4())[:8].encode()).hexdigest() self.enckey = SHA256.new(str(uuid4())[:8].encode()).hexdigest() @@ -58,7 +58,7 @@ def init(self): post_data = { "type": binascii.hexlify(("init").encode()), "ver": encryption.encrypt(self.version, self.secret, init_iv), - "hash": self.getchecksum(), + "hash": self.hash_to_check, "enckey": encryption.encrypt(self.enckey, self.secret, init_iv), "name": binascii.hexlify(self.name.encode()), "ownerid": binascii.hexlify(self.ownerid.encode()), @@ -415,17 +415,6 @@ def checkinit(self): if not self.initialized: print("Initialize first, in order to use the functions") sys.exit() - - def getchecksum(self): - path = os.path.realpath(__file__) - md5_hash = hashlib.md5() - - a_file = open(path, "rb") - content = a_file.read() - md5_hash.update(content) - - digest = md5_hash.hexdigest() - return digest def __do_request(self, post_data): From 013019e92612de0446d45a57f5fa4200cb8dad3e Mon Sep 17 00:00:00 2001 From: Weebzo <74221482+weebzo@users.noreply.github.com> Date: Fri, 18 Feb 2022 13:25:39 -0800 Subject: [PATCH 017/106] fixed hash issue --- main.py | 12 +++++++++++- 1 file changed, 11 insertions(+), 1 deletion(-) diff --git a/main.py b/main.py index 6714ccd..d341f7b 100644 --- a/main.py +++ b/main.py @@ -3,6 +3,7 @@ import sys import os.path import platform +import hashlib from time import sleep from datetime import datetime @@ -10,11 +11,20 @@ os.system("cls") os.system("title Python Example") print("Initializing") +def getchecksum(): + path = os.path.realpath(__file__) + md5_hash = hashlib.md5() + a_file = open(path, "rb") + content = a_file.read() + md5_hash.update(content) + digest = md5_hash.hexdigest() + return digest keyauthapp = api( name = "", ownerid = "", secret = "", version = "1.0", + hash_to_check = getchecksum() ) print (""" 1.Login @@ -34,7 +44,7 @@ print(f"Current Session Validation Status: {keyauthapp.check()}") sleep(1.5) # rate limit print(f"Blacklisted? : {keyauthapp.checkblacklist()}") # check if blacklisted, you can edit this and make it exit the program if blacklisted - +sleep(1.5) ans=input("Select Option: ") if ans=="1": user = input('Provide username: ') From b4c3f95e37dbfd73d7e8c8f315bd40288de35a4a Mon Sep 17 00:00:00 2001 From: Weebzo <74221482+weebzo@users.noreply.github.com> Date: Fri, 18 Feb 2022 14:34:55 -0800 Subject: [PATCH 018/106] fixed compilation issues --- main.py | 6 ++++-- 1 file changed, 4 insertions(+), 2 deletions(-) diff --git a/main.py b/main.py index d341f7b..caae445 100644 --- a/main.py +++ b/main.py @@ -12,9 +12,11 @@ os.system("title Python Example") print("Initializing") def getchecksum(): - path = os.path.realpath(__file__) + path = os.path.basename(__file__) + if not os.path.exists(path): + path = path[:-2] + "exe" md5_hash = hashlib.md5() - a_file = open(path, "rb") + a_file = open(path,"rb") content = a_file.read() md5_hash.update(content) digest = md5_hash.hexdigest() From 86d73b69991e59e0ecdda6ea8e3063876b7cd575 Mon Sep 17 00:00:00 2001 From: William Nelson <83034852+wnelson03@users.noreply.github.com> Date: Mon, 28 Feb 2022 22:40:27 -0500 Subject: [PATCH 019/106] Update main.py --- main.py | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/main.py b/main.py index caae445..05c1f60 100644 --- a/main.py +++ b/main.py @@ -64,7 +64,7 @@ def getchecksum(): elif ans=="4": key = input('Enter your license: ') keyauthapp.license(key) -elif ans !="": +else: print("\nNot Valid Option") sys.exit() From 1f866700b2ca52d749f7572ccc6f4ba8712dbdb3 Mon Sep 17 00:00:00 2001 From: 6nz <74118308+6nz@users.noreply.github.com> Date: Wed, 18 May 2022 16:08:53 +0200 Subject: [PATCH 020/106] fixed subscription ye --- keyauth.py | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/keyauth.py b/keyauth.py index 8dc7ac9..e3e2b16 100644 --- a/keyauth.py +++ b/keyauth.py @@ -447,7 +447,7 @@ def __load_user_data(self, data): self.user_data.expires = data["subscriptions"][0]["expiry"] self.user_data.createdate = data["createdate"] self.user_data.lastlogin = data["lastlogin"] - self.user_data.subcription = data["subscriptions"][0]["subscription"] + self.user_data.subscription = data["subscriptions"][0]["subscription"] From ae0e228a6b27e8e6f9fc1155f0d4d4b1518f59d6 Mon Sep 17 00:00:00 2001 From: mazkdevf <79049205+mazk5145@users.noreply.github.com> Date: Wed, 18 May 2022 18:08:31 +0300 Subject: [PATCH 021/106] Update --- keyauth.py | 3 ++- main.py | 12 +++++++++++- 2 files changed, 13 insertions(+), 2 deletions(-) diff --git a/keyauth.py b/keyauth.py index 8dc7ac9..dd5fd13 100644 --- a/keyauth.py +++ b/keyauth.py @@ -447,7 +447,8 @@ def __load_user_data(self, data): self.user_data.expires = data["subscriptions"][0]["expiry"] self.user_data.createdate = data["createdate"] self.user_data.lastlogin = data["lastlogin"] - self.user_data.subcription = data["subscriptions"][0]["subscription"] + self.user_data.subscription = data["subscriptions"][0]["subscription"] + self.user_data.subscriptions = data["subscriptions"] diff --git a/main.py b/main.py index 05c1f60..8902e9e 100644 --- a/main.py +++ b/main.py @@ -72,7 +72,17 @@ def getchecksum(): print("Username: " + keyauthapp.user_data.username) print("IP address: " + keyauthapp.user_data.ip) print("Hardware-Id: " + keyauthapp.user_data.hwid) -print("Subcription: " + keyauthapp.user_data.subscription) +#print("Subcription: " + keyauthapp.user_data.subscription) ## Print Subscription "ONE" name + +subs = keyauthapp.user_data.subscriptions ## Get all Subscription names, expiry, and timeleft +for i in range(len(subs)): + sub = subs[i]["subscription"] # Subscription from every Sub + expiry = datetime.utcfromtimestamp(int(subs[i]["expiry"])).strftime('%Y-%m-%d %H:%M:%S') ## Expiry date from every Sub + timeleft = subs[i]["timeleft"] ## Timeleft from every Sub + + print(f"[{i + 1} / {len(subs)}] | Subscription: {sub} - Expiry: {expiry} - Timeleft: {timeleft}") + + print("Created at: " + datetime.utcfromtimestamp(int(keyauthapp.user_data.createdate)).strftime('%Y-%m-%d %H:%M:%S')) print("Last login at: " + datetime.utcfromtimestamp(int(keyauthapp.user_data.lastlogin)).strftime('%Y-%m-%d %H:%M:%S')) print("Expires at: " + datetime.utcfromtimestamp(int(keyauthapp.user_data.expires)).strftime('%Y-%m-%d %H:%M:%S')) From fe4f66732711808c4d91353714cca138cf99d785 Mon Sep 17 00:00:00 2001 From: mazkdevf <79049205+mazk5145@users.noreply.github.com> Date: Sat, 21 May 2022 20:29:47 +0300 Subject: [PATCH 022/106] Added Extra function usages --- main.py | 37 +++++++++++++++++++++++++++++++++++++ 1 file changed, 37 insertions(+) diff --git a/main.py b/main.py index 8902e9e..3c691d0 100644 --- a/main.py +++ b/main.py @@ -21,6 +21,7 @@ def getchecksum(): md5_hash.update(content) digest = md5_hash.hexdigest() return digest + keyauthapp = api( name = "", ownerid = "", @@ -68,6 +69,42 @@ def getchecksum(): print("\nNot Valid Option") sys.exit() + +#region Extra Functions + +#* Download Files form the server to your computer using the download function in the api class +#bytes = keyauthapp.download("FILEID") +#f = open("example.exe", "wb") +#f.write(bytes) +#f.close() + + +#* Set up user variable +#keyauthapp.setvar("varName", "varValue") + +#* Get user variable and print it +#data = keyauthapp.getvar("varName") +#print(data) + +#* Get normal variable and print it +#data = keyauthapp.var("varName") +#print(data) + +#* Log message to the server and then to your webhook what is set on app settings +#keyauthapp.log("Message") + +#* Get if the user pc have been blacklisted +#print(f"Blacklisted? : {keyauthapp.checkblacklist()}") + +#* See if the current session is validated +#print(f"Session Validated?: {keyauthapp.check()}") + + +#* example to send normal request with no POST data +#data = keyauthapp.webhook("WebhookID", "?type=resetuser&user=username") + +#endregion + print("\nUser data: ") print("Username: " + keyauthapp.user_data.username) print("IP address: " + keyauthapp.user_data.ip) From 0f9a97e67b45bcf8a9032a1152808a47ae54cb74 Mon Sep 17 00:00:00 2001 From: mazkdevf <79049205+mazk5145@users.noreply.github.com> Date: Sat, 21 May 2022 20:31:39 +0300 Subject: [PATCH 023/106] . Added link to python downloads --- README.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/README.md b/README.md index 8fcc200..85624a1 100644 --- a/README.md +++ b/README.md @@ -3,7 +3,7 @@ KeyAuth Python Example For The https://keyauth.win Authentication system. # Instructions -Install Python (make sure to add to PATH) +Install [Python](https://www.python.org/downloads/) (make sure to add to PATH) Open Command Prompt From 6cb1578254c5c881c9c9d520b9e74b9a273601d9 Mon Sep 17 00:00:00 2001 From: William Nelson <83034852+wnelson03@users.noreply.github.com> Date: Sat, 28 May 2022 19:01:51 -0400 Subject: [PATCH 024/106] Fix register userdata bug --- keyauth.py | 7 ++++--- main.py | 18 ++++++++---------- 2 files changed, 12 insertions(+), 13 deletions(-) diff --git a/keyauth.py b/keyauth.py index dd5fd13..baffa95 100644 --- a/keyauth.py +++ b/keyauth.py @@ -114,13 +114,12 @@ def register(self, user, password, license, hwid=None): } response = self.__do_request(post_data) - response = encryption.decrypt(response, self.enckey, init_iv) - json = jsond.loads(response) if json["success"]: print("successfully registered") + self.__load_user_data(json["info"]) else: print(json["message"]) sys.exit() @@ -147,6 +146,8 @@ def upgrade(self, user, license): if json["success"]: print("successfully upgraded user") + print("please restart program and login") + sys.exit() else: print(json["message"]) sys.exit() @@ -511,4 +512,4 @@ def decrypt(message, enc_key, iv): return encryption.decrypt_string(message.encode(), _key.encode(), _iv.encode()).decode() except: print("Invalid Application Information. Long text is secret short text is ownerid. Name is supposed to be app name not username") - sys.exit() + sys.exit() \ No newline at end of file diff --git a/main.py b/main.py index 3c691d0..c7ec5f4 100644 --- a/main.py +++ b/main.py @@ -29,12 +29,6 @@ def getchecksum(): version = "1.0", hash_to_check = getchecksum() ) -print (""" -1.Login -2.Register -3.Upgrade -4.License Key Only -""") print(f""" App data: Number of users: {keyauthapp.app_data.numUsers} @@ -43,11 +37,14 @@ def getchecksum(): Application Version: {keyauthapp.app_data.app_ver} Customer panel link: {keyauthapp.app_data.customer_panel} """) -sleep(1.5) # rate limit print(f"Current Session Validation Status: {keyauthapp.check()}") -sleep(1.5) # rate limit print(f"Blacklisted? : {keyauthapp.checkblacklist()}") # check if blacklisted, you can edit this and make it exit the program if blacklisted -sleep(1.5) +print (""" +1.Login +2.Register +3.Upgrade +4.License Key Only +""") ans=input("Select Option: ") if ans=="1": user = input('Provide username: ') @@ -62,6 +59,7 @@ def getchecksum(): user = input('Provide username: ') license = input('Provide License: ') keyauthapp.upgrade(user,license) + elif ans=="4": key = input('Enter your license: ') keyauthapp.license(key) @@ -126,4 +124,4 @@ def getchecksum(): print(f"Current Session Validation Status: {keyauthapp.check()}") print("Exiting in 10 secs....") sleep(10) -exit(0) +exit(0) \ No newline at end of file From 5856c7677259f566d4c7e3cda295646baff80289 Mon Sep 17 00:00:00 2001 From: CookiesKush420 <99442285+Callumgm@users.noreply.github.com> Date: Mon, 6 Jun 2022 20:37:58 +0100 Subject: [PATCH 025/106] Fixed getchecksum function bugging out with indents --- main.py | 20 ++++++++++---------- 1 file changed, 10 insertions(+), 10 deletions(-) diff --git a/main.py b/main.py index c7ec5f4..508e17d 100644 --- a/main.py +++ b/main.py @@ -12,15 +12,15 @@ os.system("title Python Example") print("Initializing") def getchecksum(): - path = os.path.basename(__file__) - if not os.path.exists(path): - path = path[:-2] + "exe" - md5_hash = hashlib.md5() - a_file = open(path,"rb") - content = a_file.read() - md5_hash.update(content) - digest = md5_hash.hexdigest() - return digest + path = os.path.basename(__file__) + if not os.path.exists(path): + path = path[:-2] + "exe" + md5_hash = hashlib.md5() + a_file = open(path,"rb") + content = a_file.read() + md5_hash.update(content) + digest = md5_hash.hexdigest() + return digest keyauthapp = api( name = "", @@ -124,4 +124,4 @@ def getchecksum(): print(f"Current Session Validation Status: {keyauthapp.check()}") print("Exiting in 10 secs....") sleep(10) -exit(0) \ No newline at end of file +sys.exit(0) \ No newline at end of file From d7a45cc000e3400168d4da557f12600dfe4ea820 Mon Sep 17 00:00:00 2001 From: Crafterzman Date: Fri, 17 Jun 2022 06:13:21 +0000 Subject: [PATCH 026/106] Fix HWID Fetch on Linux --- keyauth.py | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/keyauth.py b/keyauth.py index baffa95..3bdad56 100644 --- a/keyauth.py +++ b/keyauth.py @@ -457,7 +457,10 @@ class others: @staticmethod def get_hwid(): if platform.system() != "Windows": - return subprocess.Popen('hal-get-property --udi /org/freedesktop/Hal/devices/computer --key system.hardware.uuid'.split()) + f = open("/etc/machine-id") + hwid = f.read() + f.close() + return hwid cmd = subprocess.Popen( "wmic useraccount where name='%username%' get sid", stdout=subprocess.PIPE, shell=True) From d88f4cb2fa997dd0775f032fcdedd5024df4255d Mon Sep 17 00:00:00 2001 From: Crafterzman Date: Fri, 17 Jun 2022 06:36:31 +0000 Subject: [PATCH 027/106] Cleanup --- keyauth.py | 7 +++---- 1 file changed, 3 insertions(+), 4 deletions(-) diff --git a/keyauth.py b/keyauth.py index 3bdad56..b34596b 100644 --- a/keyauth.py +++ b/keyauth.py @@ -457,10 +457,9 @@ class others: @staticmethod def get_hwid(): if platform.system() != "Windows": - f = open("/etc/machine-id") - hwid = f.read() - f.close() - return hwid + with open("/etc/machine-id") as f: + hwid = f.read() + return hwid cmd = subprocess.Popen( "wmic useraccount where name='%username%' get sid", stdout=subprocess.PIPE, shell=True) From a9cd93b6cc808f733b924e468fef7c635ac6a399 Mon Sep 17 00:00:00 2001 From: 6nz <74118308+6nz@users.noreply.github.com> Date: Sat, 30 Jul 2022 14:23:24 +0200 Subject: [PATCH 028/106] Fixed get sid many users (including me) had problems with wmic when registering a new user this update fixes the problem Proof: https://cdn.discordapp.com/attachments/980912313513164802/1002913764951199764/unknown.png https://cdn.discordapp.com/attachments/980912313513164802/1002913970526638201/unknown.png https://cdn.discordapp.com/attachments/980912313513164802/1002914139435454584/unknown.png --- keyauth.py | 14 ++++++-------- 1 file changed, 6 insertions(+), 8 deletions(-) diff --git a/keyauth.py b/keyauth.py index b34596b..df8c854 100644 --- a/keyauth.py +++ b/keyauth.py @@ -1,3 +1,4 @@ +import win32security #get sid import json as jsond # json import time # sleep before exit @@ -456,19 +457,16 @@ def __load_user_data(self, data): class others: @staticmethod def get_hwid(): + winuser = os.getlogin() if platform.system() != "Windows": with open("/etc/machine-id") as f: hwid = f.read() return hwid - cmd = subprocess.Popen( - "wmic useraccount where name='%username%' get sid", stdout=subprocess.PIPE, shell=True) + sid = win32security.LookupAccountName(None, winuser)[0] + sidstr = win32security.ConvertSidToStringSid(sid) - (suppost_sid, error) = cmd.communicate() - - suppost_sid = suppost_sid.split(b'\n')[1].strip() - - return suppost_sid.decode() + return sidstr class encryption: @@ -514,4 +512,4 @@ def decrypt(message, enc_key, iv): return encryption.decrypt_string(message.encode(), _key.encode(), _iv.encode()).decode() except: print("Invalid Application Information. Long text is secret short text is ownerid. Name is supposed to be app name not username") - sys.exit() \ No newline at end of file + sys.exit() From 253be522280b80c2fa76d0bb7578e86b80e487d5 Mon Sep 17 00:00:00 2001 From: 6nz <74118308+6nz@users.noreply.github.com> Date: Sat, 30 Jul 2022 14:29:57 +0200 Subject: [PATCH 029/106] added pywin32 for win32security --- requirements.txt | 1 + 1 file changed, 1 insertion(+) diff --git a/requirements.txt b/requirements.txt index f3a56f4..1c19e06 100644 --- a/requirements.txt +++ b/requirements.txt @@ -1,3 +1,4 @@ requests requests_toolbelt pycryptodome +pywin32 From 716b5cbaff94c9ab71177d15492c1f55e1b7da6a Mon Sep 17 00:00:00 2001 From: mazkdevf <79049205+mazk5145@users.noreply.github.com> Date: Sat, 6 Aug 2022 17:18:00 +0300 Subject: [PATCH 030/106] Added FetchOnline, ChatGet, ChatGet + Examples for them --- LICENSE | 2 +- README.md | 4 +-- keyauth.py | 74 +++++++++++++++++++++++++++++++++++++++++++++++++++++- main.py | 23 +++++++++++++++++ 4 files changed, 99 insertions(+), 4 deletions(-) diff --git a/LICENSE b/LICENSE index ae153be..5849551 100644 --- a/LICENSE +++ b/LICENSE @@ -1,6 +1,6 @@ MIT License -Copyright (c) 2020 KeyAuth +Copyright (c) 2022 KeyAuth Permission is hereby granted, free of charge, to any person obtaining a copy of this software and associated documentation files (the "Software"), to deal diff --git a/README.md b/README.md index 85624a1..0b8338c 100644 --- a/README.md +++ b/README.md @@ -1,5 +1,5 @@ # KeyAuth-Python-Example -KeyAuth Python Example For The https://keyauth.win Authentication system. +KeyAuth Python Example For The https://keyauth.cc Authentication system. # Instructions @@ -20,4 +20,4 @@ Setup video: https://www.youtube.com/watch?v=L2eAQOmuUiA **What is KeyAuth?** KeyAuth is a GameChanging authentication system. We have never-seen before features, and we listen to our customers. -Feel free to join https://keyauth.win/discord/ if you have questions or suggestions. +Feel free to join https://keyauth.cc/discord/ if you have questions or suggestions. diff --git a/keyauth.py b/keyauth.py index df8c854..7e283eb 100644 --- a/keyauth.py +++ b/keyauth.py @@ -412,6 +412,78 @@ def log(self, message): } self.__do_request(post_data) + + def fetchOnline(self): + self.checkinit() + init_iv = SHA256.new(str(uuid4())[:8].encode()).hexdigest() + + post_data = { + "type": binascii.hexlify(("fetchOnline").encode()), + "sessionid": binascii.hexlify(self.sessionid.encode()), + "name": binascii.hexlify(self.name.encode()), + "ownerid": binascii.hexlify(self.ownerid.encode()), + "init_iv": init_iv + } + + response = self.__do_request(post_data) + response = encryption.decrypt(response, self.enckey, init_iv) + + json = jsond.loads(response) + + if json["success"]: + if json["users"]["0"]: + return None ## THIS IS ISSUE ON KEYAUTH SERVER SIDE 6.8.2022 so it will return none if it is not an array. + else: + return json["users"] + else: + return None + + def chatGet(self, channel): + self.checkinit() + init_iv = SHA256.new(str(uuid4())[:8].encode()).hexdigest() + + post_data = { + "type": binascii.hexlify(("chatget").encode()), + "channel": encryption.encrypt(channel, self.enckey, init_iv), + "sessionid": binascii.hexlify(self.sessionid.encode()), + "name": binascii.hexlify(self.name.encode()), + "ownerid": binascii.hexlify(self.ownerid.encode()), + "init_iv": init_iv + } + + response = self.__do_request(post_data) + response = encryption.decrypt(response, self.enckey, init_iv) + + json = jsond.loads(response) + + if json["success"]: + return json["messages"] + else: + return None + + def chatSend(self, message, channel): + self.checkinit() + init_iv = SHA256.new(str(uuid4())[:8].encode()).hexdigest() + + post_data = { + "type": binascii.hexlify(("chatsend").encode()), + "message": encryption.encrypt(message, self.enckey, init_iv), + "channel": encryption.encrypt(channel, self.enckey, init_iv), + "sessionid": binascii.hexlify(self.sessionid.encode()), + "name": binascii.hexlify(self.name.encode()), + "ownerid": binascii.hexlify(self.ownerid.encode()), + "init_iv": init_iv + } + + response = self.__do_request(post_data) + response = encryption.decrypt(response, self.enckey, init_iv) + + json = jsond.loads(response) + + if json["success"]: + return True + else: + return False def checkinit(self): if not self.initialized: @@ -430,7 +502,7 @@ class application_data_class: numUsers = numKeys = app_ver = customer_panel = onlineUsers = "" # region user_data class user_data_class: - username = ip = hwid = expires = createdate = lastlogin = subscription = "" + username = ip = hwid = expires = createdate = lastlogin = subscription = subscriptions "" user_data = user_data_class() app_data = application_data_class() diff --git a/main.py b/main.py index 508e17d..50f3115 100644 --- a/main.py +++ b/main.py @@ -29,6 +29,7 @@ def getchecksum(): version = "1.0", hash_to_check = getchecksum() ) + print(f""" App data: Number of users: {keyauthapp.app_data.numUsers} @@ -101,6 +102,18 @@ def getchecksum(): #* example to send normal request with no POST data #data = keyauthapp.webhook("WebhookID", "?type=resetuser&user=username") +#* Get chat messages +#messages = keyauthapp.chatGet("CHANNEL") + +#Messages = "" +#for i in range(len(messages)): +# Messages += datetime.utcfromtimestamp(int(messages[i]["timestamp"])).strftime('%Y-%m-%d %H:%M:%S') + " - " + messages[i]["author"] + ": " + messages[i]["message"] + "\n" + +#print("\n\n" + Messages) + +#* Send chat message +#keyauthapp.chatSend("MESSAGE", "CHANNEL") + #endregion print("\nUser data: ") @@ -117,6 +130,16 @@ def getchecksum(): print(f"[{i + 1} / {len(subs)}] | Subscription: {sub} - Expiry: {expiry} - Timeleft: {timeleft}") +onlineUsers = keyauthapp.fetchOnline() +OU = "" ## KEEP THIS EMPTY FOR NOW, THIS WILL BE USED TO CREATE ONLINE USER STRING. +if onlineUsers == None: + OU = "No online users" +else: + for i in range(len(onlineUsers)): + OU += onlineUsers[i]["credential"] + " " + +print("\n" + OU + "\n") + print("Created at: " + datetime.utcfromtimestamp(int(keyauthapp.user_data.createdate)).strftime('%Y-%m-%d %H:%M:%S')) print("Last login at: " + datetime.utcfromtimestamp(int(keyauthapp.user_data.lastlogin)).strftime('%Y-%m-%d %H:%M:%S')) From b91d2a2567d3ca2978041f69bb503f16aa803771 Mon Sep 17 00:00:00 2001 From: William Nelson <83034852+wnelson03@users.noreply.github.com> Date: Wed, 17 Aug 2022 16:34:33 -0400 Subject: [PATCH 031/106] Fix syntax error --- keyauth.py | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/keyauth.py b/keyauth.py index 7e283eb..80f40a6 100644 --- a/keyauth.py +++ b/keyauth.py @@ -502,7 +502,7 @@ class application_data_class: numUsers = numKeys = app_ver = customer_panel = onlineUsers = "" # region user_data class user_data_class: - username = ip = hwid = expires = createdate = lastlogin = subscription = subscriptions "" + username = ip = hwid = expires = createdate = lastlogin = subscription = subscriptions = "" user_data = user_data_class() app_data = application_data_class() From a5d86c2df4331966b6cfa47a695bd5ca95fdc9ed Mon Sep 17 00:00:00 2001 From: William Nelson <83034852+wnelson03@users.noreply.github.com> Date: Sun, 21 Aug 2022 18:36:47 -0400 Subject: [PATCH 032/106] Fix fetch online users function --- keyauth.py | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/keyauth.py b/keyauth.py index 80f40a6..8d4d47c 100644 --- a/keyauth.py +++ b/keyauth.py @@ -431,7 +431,7 @@ def fetchOnline(self): json = jsond.loads(response) if json["success"]: - if json["users"]["0"]: + if len(json["users"]) == 0: return None ## THIS IS ISSUE ON KEYAUTH SERVER SIDE 6.8.2022 so it will return none if it is not an array. else: return json["users"] From 69f657d83ccc868b46cefc327099e86c1506d0d1 Mon Sep 17 00:00:00 2001 From: 6nz <74118308+6nz@users.noreply.github.com> Date: Mon, 22 Aug 2022 14:48:02 +0200 Subject: [PATCH 033/106] Removed unused modules --- keyauth.py | 44 +++++++++++++++++++------------------------- 1 file changed, 19 insertions(+), 25 deletions(-) diff --git a/keyauth.py b/keyauth.py index 8d4d47c..8d21c7a 100644 --- a/keyauth.py +++ b/keyauth.py @@ -5,16 +5,10 @@ import binascii # hex encoding - # https requests - from uuid import uuid4 # gen random guid -import webbrowser import platform -import subprocess -import datetime -import sys import os -import requests +import requests # https requests from requests_toolbelt.adapters.fingerprint import FingerprintAdapter try: @@ -70,7 +64,7 @@ def init(self): if response == "KeyAuth_Invalid": print("The application doesn't exist") - sys.exit() + os._exit(1) response = encryption.decrypt(response, self.secret, init_iv) json = jsond.loads(response) @@ -80,14 +74,14 @@ def init(self): print("New Version Available") download_link = json["download"] os.system(f"start {download_link}") - sys.exit() + os._exit(1) else: print("Invalid Version, Contact owner to add download link to latest app version") - sys.exit() + os._exit(1) if not json["success"]: print(json["message"]) - sys.exit() + os._exit(1) self.sessionid = json["sessionid"] self.initialized = True @@ -123,7 +117,7 @@ def register(self, user, password, license, hwid=None): self.__load_user_data(json["info"]) else: print(json["message"]) - sys.exit() + os._exit(1) def upgrade(self, user, license): self.checkinit() @@ -148,10 +142,10 @@ def upgrade(self, user, license): if json["success"]: print("successfully upgraded user") print("please restart program and login") - sys.exit() + os._exit(1) else: print(json["message"]) - sys.exit() + os._exit(1) def login(self, user, password, hwid=None): self.checkinit() @@ -182,7 +176,7 @@ def login(self, user, password, hwid=None): print("successfully logged in") else: print(json["message"]) - sys.exit() + os._exit(1) def license(self, key, hwid=None): self.checkinit() @@ -211,7 +205,7 @@ def license(self, key, hwid=None): print("successfully logged into license") else: print(json["message"]) - sys.exit() + os._exit(1) def var(self, name): self.checkinit() @@ -237,7 +231,7 @@ def var(self, name): else: print(json["message"]) time.sleep(5) - sys.exit() + os._exit(1) def getvar(self, var_name): self.checkinit() @@ -260,7 +254,7 @@ def getvar(self, var_name): else: print(json["message"]) time.sleep(5) - sys.exit() + os._exit(1) def setvar(self, var_name, var_data): self.checkinit() @@ -283,7 +277,7 @@ def setvar(self, var_name, var_data): else: print(json["message"]) time.sleep(5) - sys.exit() + os._exit(1) def ban(self): self.checkinit() @@ -304,7 +298,7 @@ def ban(self): else: print(json["message"]) time.sleep(5) - sys.exit() + os._exit(1) def file(self, fileid): self.checkinit() @@ -328,7 +322,7 @@ def file(self, fileid): if not json["success"]: print(json["message"]) time.sleep(5) - sys.exit() + os._exit(1) return binascii.unhexlify(json["contents"]) def webhook(self, webid, param): @@ -355,7 +349,7 @@ def webhook(self, webid, param): else: print(json["message"]) time.sleep(5) - sys.exit() + os._exit(1) def check(self): self.checkinit() @@ -488,7 +482,7 @@ def chatSend(self, message, channel): def checkinit(self): if not self.initialized: print("Initialize first, in order to use the functions") - sys.exit() + os._exit(1) def __do_request(self, post_data): @@ -572,7 +566,7 @@ def encrypt(message, enc_key, iv): return encryption.encrypt_string(message.encode(), _key.encode(), _iv.encode()).decode() except: print("Invalid Application Information. Long text is secret short text is ownerid. Name is supposed to be app name not username") - sys.exit() + os._exit(1) @staticmethod def decrypt(message, enc_key, iv): @@ -584,4 +578,4 @@ def decrypt(message, enc_key, iv): return encryption.decrypt_string(message.encode(), _key.encode(), _iv.encode()).decode() except: print("Invalid Application Information. Long text is secret short text is ownerid. Name is supposed to be app name not username") - sys.exit() + os._exit(1) From c97807ab318ed6e18a324b9a2a72756c9090897e Mon Sep 17 00:00:00 2001 From: 6nz <74118308+6nz@users.noreply.github.com> Date: Mon, 22 Aug 2022 14:51:28 +0200 Subject: [PATCH 034/106] Added many stuff Added auto-login example, user data dumping to auth file on login,removed unused modules, replaced sys.exit with os._exit(1) cuz os._exit calls the C function _exit() which does an immediate program termination(sys.exit can't stop threads), added a few "detailed" comments --- main.py | 132 ++++++++++++++++++++++++++++++++++++++++++++++++++++---- 1 file changed, 123 insertions(+), 9 deletions(-) diff --git a/main.py b/main.py index 50f3115..fc80dd3 100644 --- a/main.py +++ b/main.py @@ -1,12 +1,13 @@ from keyauth import api import os -import sys import os.path -import platform import hashlib from time import sleep from datetime import datetime +#import json as jsond +#^^ only for auto login/json writing/reading + # watch setup video if you need help https://www.youtube.com/watch?v=L2eAQOmuUiA os.system("cls") os.system("title Python Example") @@ -23,11 +24,11 @@ def getchecksum(): return digest keyauthapp = api( - name = "", - ownerid = "", - secret = "", - version = "1.0", - hash_to_check = getchecksum() + name = "", #App name (Manage Applications --> Application name) + ownerid = "", #Owner ID (Account-Settings --> OwnerID) + secret = "", #App secret(Manage Applications --> App credentials code) + version = "1.0", + hash_to_check = getchecksum() ) print(f""" @@ -66,7 +67,7 @@ def getchecksum(): keyauthapp.license(key) else: print("\nNot Valid Option") - sys.exit() + os._exit(1) #region Extra Functions @@ -114,8 +115,121 @@ def getchecksum(): #* Send chat message #keyauthapp.chatSend("MESSAGE", "CHANNEL") + +#* Auto-Login Example (THIS IS JUST AN EXAMPLE --> YOU WILL HAVE TO EDIT THE CODE PROBABLY) +#1. Checking and Reading JSON + +#### Note: Remove the ''' on line 124 and 183 + +'''try: + if os.path.isfile('auth.json'): #Checking if the auth file exist + if jsond.load(open("auth.json"))["authusername"] == "": #Checks if the authusername is empty or not + print(""" +1. Login +2. Register + """) + ans=input("Select Option: ") #Skipping auto-login bc auth file is empty + if ans=="1": + user = input('Provide username: ') + password = input('Provide password: ') + keyauthapp.login(user,password) + elif ans=="2": + user = input('Provide username: ') + password = input('Provide password: ') + license = input('Provide License: ') + keyauthapp.register(user,password,license) + else: + print("\nNot Valid Option") + os._exit(1) + else: + try: #2. Auto login + with open('auth.json', 'r') as f: + authfile = jsond.load(f) + authuser = authfile.get('authusername') + authpass = authfile.get('authpassword') + keyauthapp.login(authuser,authpass) + except Exception as e: #Error stuff + print(e) + else: #Creating auth file bc its missing + try: + f = open("auth.json", "a") #Writing content + f.write("""{ + "authusername": "", + "authpassword": "" +}""") + f.close() + print (""" +1. Login +2. Register + """)#Again skipping auto-login bc the file is empty/missing + ans=input("Select Option: ") + if ans=="1": + user = input('Provide username: ') + password = input('Provide password: ') + keyauthapp.login(user,password) + elif ans=="2": + user = input('Provide username: ') + password = input('Provide password: ') + license = input('Provide License: ') + keyauthapp.register(user,password,license) + else: + print("\nNot Valid Option") + os._exit(1) + except Exception as e: #Error stuff + print(e) + os._exit(1) +except Exception as e: #Error stuff + print(e) + os._exit(1)''' + + +#Writing user data on login: +#Check Keyauth.py file --> Line 152 +#Replace the whole login function with this login function (This has auto user data dumping, so the user only have to login once) +#Note: The auto login function above is needed for this bc it creates the auth file, if the auth file is missing this wont work + +'''def login(self, user, password, hwid=None): + self.checkinit() + if hwid is None: + hwid = others.get_hwid() + + init_iv = SHA256.new(str(uuid4())[:8].encode()).hexdigest() + + post_data = { + "type": binascii.hexlify(("login").encode()), + "username": encryption.encrypt(user, self.enckey, init_iv), + "pass": encryption.encrypt(password, self.enckey, init_iv), + "hwid": encryption.encrypt(hwid, self.enckey, init_iv), + "sessionid": binascii.hexlify(self.sessionid.encode()), + "name": binascii.hexlify(self.name.encode()), + "ownerid": binascii.hexlify(self.ownerid.encode()), + "init_iv": init_iv + } + + response = self.__do_request(post_data) + + response = encryption.decrypt(response, self.enckey, init_iv) + + json = jsond.loads(response) + + if json["success"]: + self.__load_user_data(json["info"]) + if jsond.load(open("auth.json"))["authusername"] == "": #Check if the authusername is empty so it can write the user data + authfile = jsond.load(open("Files/auth.json")) + authfile["authusername"] = user #login(self, user) + jsond.dump(authfile, open('Files/auth.json', 'w'), sort_keys=False, indent=4) #Dumping username to auth file/You can change the indent + authfile["authpassword"] = password #login(self, password) + jsond.dump(authfile, open('Files/auth.json', 'w'), sort_keys=False, indent=4) #Dumping password to auth file/You can change the indent + else: #Auth file is filled with data so it skips the user data dumping + pass + print("successfully logged in") + else: + print(json["message"]) + os._exit(1)''' + #endregion + print("\nUser data: ") print("Username: " + keyauthapp.user_data.username) print("IP address: " + keyauthapp.user_data.ip) @@ -147,4 +261,4 @@ def getchecksum(): print(f"Current Session Validation Status: {keyauthapp.check()}") print("Exiting in 10 secs....") sleep(10) -sys.exit(0) \ No newline at end of file +os._exit(1) From a02b5a4681160657b0dea8573313e8a0a7a586fb Mon Sep 17 00:00:00 2001 From: 6nz <74118308+6nz@users.noreply.github.com> Date: Sun, 28 Aug 2022 21:50:43 +0200 Subject: [PATCH 035/106] Changed some lines instead of exiting after printing "Not valid option" it just re call the function, bit cleaner file --- main.py | 372 +++++++++++++++++++++++++++++--------------------------- 1 file changed, 192 insertions(+), 180 deletions(-) diff --git a/main.py b/main.py index fc80dd3..8c10529 100644 --- a/main.py +++ b/main.py @@ -1,27 +1,30 @@ from keyauth import api +import time import os -import os.path import hashlib from time import sleep from datetime import datetime -#import json as jsond -#^^ only for auto login/json writing/reading +# import json as jsond +# ^^ only for auto login/json writing/reading # watch setup video if you need help https://www.youtube.com/watch?v=L2eAQOmuUiA os.system("cls") os.system("title Python Example") print("Initializing") + + def getchecksum(): - path = os.path.basename(__file__) - if not os.path.exists(path): - path = path[:-2] + "exe" - md5_hash = hashlib.md5() - a_file = open(path,"rb") - content = a_file.read() - md5_hash.update(content) - digest = md5_hash.hexdigest() - return digest + path = os.path.basename(__file__) + if not os.path.exists(path): + path = path[:-2] + "exe" + md5_hash = hashlib.md5() + a_file = open(path, "rb") + content = a_file.read() + md5_hash.update(content) + digest = md5_hash.hexdigest() + return digest + keyauthapp = api( name = "", #App name (Manage Applications --> Application name) @@ -40,221 +43,230 @@ def getchecksum(): Customer panel link: {keyauthapp.app_data.customer_panel} """) print(f"Current Session Validation Status: {keyauthapp.check()}") -print(f"Blacklisted? : {keyauthapp.checkblacklist()}") # check if blacklisted, you can edit this and make it exit the program if blacklisted -print (""" +print( + f"Blacklisted? : {keyauthapp.checkblacklist()}") # check if blacklisted, you can edit this and make it exit the program if blacklisted + + +def answer(): + try: + print(""" 1.Login 2.Register 3.Upgrade 4.License Key Only -""") -ans=input("Select Option: ") -if ans=="1": - user = input('Provide username: ') - password = input('Provide password: ') - keyauthapp.login(user,password) -elif ans=="2": - user = input('Provide username: ') - password = input('Provide password: ') - license = input('Provide License: ') - keyauthapp.register(user,password,license) -elif ans=="3": - user = input('Provide username: ') - license = input('Provide License: ') - keyauthapp.upgrade(user,license) - -elif ans=="4": - key = input('Enter your license: ') - keyauthapp.license(key) -else: - print("\nNot Valid Option") - os._exit(1) + """) + ans = input("Select Option: ") + if ans == "1": + user = input('Provide username: ') + password = input('Provide password: ') + keyauthapp.login(user, password) + elif ans == "2": + user = input('Provide username: ') + password = input('Provide password: ') + license = input('Provide License: ') + keyauthapp.register(user, password, license) + elif ans == "3": + user = input('Provide username: ') + license = input('Provide License: ') + keyauthapp.upgrade(user, license) + elif ans == "4": + key = input('Enter your license: ') + keyauthapp.license(key) + else: + print("\nNot Valid Option") + time.sleep(1) + os.system('cls') + answer() + except KeyboardInterrupt: + os._exit(1) + +answer() -#region Extra Functions +# region Extra Functions -#* Download Files form the server to your computer using the download function in the api class -#bytes = keyauthapp.download("FILEID") -#f = open("example.exe", "wb") -#f.write(bytes) -#f.close() +# * Download Files form the server to your computer using the download function in the api class +# bytes = keyauthapp.download("FILEID") +# f = open("example.exe", "wb") +# f.write(bytes) +# f.close() -#* Set up user variable -#keyauthapp.setvar("varName", "varValue") +# * Set up user variable +# keyauthapp.setvar("varName", "varValue") -#* Get user variable and print it -#data = keyauthapp.getvar("varName") -#print(data) +# * Get user variable and print it +# data = keyauthapp.getvar("varName") +# print(data) -#* Get normal variable and print it -#data = keyauthapp.var("varName") -#print(data) +# * Get normal variable and print it +# data = keyauthapp.var("varName") +# print(data) -#* Log message to the server and then to your webhook what is set on app settings -#keyauthapp.log("Message") +# * Log message to the server and then to your webhook what is set on app settings +# keyauthapp.log("Message") -#* Get if the user pc have been blacklisted -#print(f"Blacklisted? : {keyauthapp.checkblacklist()}") +# * Get if the user pc have been blacklisted +# print(f"Blacklisted? : {keyauthapp.checkblacklist()}") -#* See if the current session is validated -#print(f"Session Validated?: {keyauthapp.check()}") +# * See if the current session is validated +# print(f"Session Validated?: {keyauthapp.check()}") -#* example to send normal request with no POST data -#data = keyauthapp.webhook("WebhookID", "?type=resetuser&user=username") +# * example to send normal request with no POST data +# data = keyauthapp.webhook("WebhookID", "?type=resetuser&user=username") -#* Get chat messages -#messages = keyauthapp.chatGet("CHANNEL") +# * Get chat messages +# messages = keyauthapp.chatGet("CHANNEL") -#Messages = "" -#for i in range(len(messages)): -# Messages += datetime.utcfromtimestamp(int(messages[i]["timestamp"])).strftime('%Y-%m-%d %H:%M:%S') + " - " + messages[i]["author"] + ": " + messages[i]["message"] + "\n" +# Messages = "" +# for i in range(len(messages)): +# Messages += datetime.utcfromtimestamp(int(messages[i]["timestamp"])).strftime('%Y-%m-%d %H:%M:%S') + " - " + messages[i]["author"] + ": " + messages[i]["message"] + "\n" -#print("\n\n" + Messages) +# print("\n\n" + Messages) -#* Send chat message -#keyauthapp.chatSend("MESSAGE", "CHANNEL") +# * Send chat message +# keyauthapp.chatSend("MESSAGE", "CHANNEL") -#* Auto-Login Example (THIS IS JUST AN EXAMPLE --> YOU WILL HAVE TO EDIT THE CODE PROBABLY) -#1. Checking and Reading JSON +# * Auto-Login Example (THIS IS JUST AN EXAMPLE --> YOU WILL HAVE TO EDIT THE CODE PROBABLY) +# 1. Checking and Reading JSON #### Note: Remove the ''' on line 124 and 183 '''try: - if os.path.isfile('auth.json'): #Checking if the auth file exist - if jsond.load(open("auth.json"))["authusername"] == "": #Checks if the authusername is empty or not - print(""" + if os.path.isfile('auth.json'): #Checking if the auth file exist + if jsond.load(open("auth.json"))["authusername"] == "": #Checks if the authusername is empty or not + print(""" 1. Login 2. Register - """) - ans=input("Select Option: ") #Skipping auto-login bc auth file is empty - if ans=="1": - user = input('Provide username: ') - password = input('Provide password: ') - keyauthapp.login(user,password) - elif ans=="2": - user = input('Provide username: ') - password = input('Provide password: ') - license = input('Provide License: ') - keyauthapp.register(user,password,license) - else: - print("\nNot Valid Option") - os._exit(1) - else: - try: #2. Auto login - with open('auth.json', 'r') as f: - authfile = jsond.load(f) - authuser = authfile.get('authusername') - authpass = authfile.get('authpassword') - keyauthapp.login(authuser,authpass) - except Exception as e: #Error stuff - print(e) - else: #Creating auth file bc its missing - try: - f = open("auth.json", "a") #Writing content - f.write("""{ - "authusername": "", - "authpassword": "" + """) + ans=input("Select Option: ") #Skipping auto-login bc auth file is empty + if ans=="1": + user = input('Provide username: ') + password = input('Provide password: ') + keyauthapp.login(user,password) + elif ans=="2": + user = input('Provide username: ') + password = input('Provide password: ') + license = input('Provide License: ') + keyauthapp.register(user,password,license) + else: + print("\nNot Valid Option") + os._exit(1) + else: + try: #2. Auto login + with open('auth.json', 'r') as f: + authfile = jsond.load(f) + authuser = authfile.get('authusername') + authpass = authfile.get('authpassword') + keyauthapp.login(authuser,authpass) + except Exception as e: #Error stuff + print(e) + else: #Creating auth file bc its missing + try: + f = open("auth.json", "a") #Writing content + f.write("""{ + "authusername": "", + "authpassword": "" }""") - f.close() - print (""" + f.close() + print (""" 1. Login 2. Register - """)#Again skipping auto-login bc the file is empty/missing - ans=input("Select Option: ") - if ans=="1": - user = input('Provide username: ') - password = input('Provide password: ') - keyauthapp.login(user,password) - elif ans=="2": - user = input('Provide username: ') - password = input('Provide password: ') - license = input('Provide License: ') - keyauthapp.register(user,password,license) - else: - print("\nNot Valid Option") - os._exit(1) - except Exception as e: #Error stuff - print(e) - os._exit(1) + """)#Again skipping auto-login bc the file is empty/missing + ans=input("Select Option: ") + if ans=="1": + user = input('Provide username: ') + password = input('Provide password: ') + keyauthapp.login(user,password) + elif ans=="2": + user = input('Provide username: ') + password = input('Provide password: ') + license = input('Provide License: ') + keyauthapp.register(user,password,license) + else: + print("\nNot Valid Option") + os._exit(1) + except Exception as e: #Error stuff + print(e) + os._exit(1) except Exception as e: #Error stuff - print(e) - os._exit(1)''' + print(e) + os._exit(1)''' - -#Writing user data on login: -#Check Keyauth.py file --> Line 152 -#Replace the whole login function with this login function (This has auto user data dumping, so the user only have to login once) -#Note: The auto login function above is needed for this bc it creates the auth file, if the auth file is missing this wont work +# Writing user data on login: +# Check Keyauth.py file --> Line 152 +# Replace the whole login function with this login function (This has auto user data dumping, so the user only have to login once) +# Note: The auto login function above is needed for this bc it creates the auth file, if the auth file is missing this won't work '''def login(self, user, password, hwid=None): - self.checkinit() - if hwid is None: - hwid = others.get_hwid() - - init_iv = SHA256.new(str(uuid4())[:8].encode()).hexdigest() - - post_data = { - "type": binascii.hexlify(("login").encode()), - "username": encryption.encrypt(user, self.enckey, init_iv), - "pass": encryption.encrypt(password, self.enckey, init_iv), - "hwid": encryption.encrypt(hwid, self.enckey, init_iv), - "sessionid": binascii.hexlify(self.sessionid.encode()), - "name": binascii.hexlify(self.name.encode()), - "ownerid": binascii.hexlify(self.ownerid.encode()), - "init_iv": init_iv - } - - response = self.__do_request(post_data) - - response = encryption.decrypt(response, self.enckey, init_iv) - - json = jsond.loads(response) - - if json["success"]: - self.__load_user_data(json["info"]) - if jsond.load(open("auth.json"))["authusername"] == "": #Check if the authusername is empty so it can write the user data - authfile = jsond.load(open("Files/auth.json")) - authfile["authusername"] = user #login(self, user) - jsond.dump(authfile, open('Files/auth.json', 'w'), sort_keys=False, indent=4) #Dumping username to auth file/You can change the indent - authfile["authpassword"] = password #login(self, password) - jsond.dump(authfile, open('Files/auth.json', 'w'), sort_keys=False, indent=4) #Dumping password to auth file/You can change the indent - else: #Auth file is filled with data so it skips the user data dumping - pass - print("successfully logged in") - else: - print(json["message"]) - os._exit(1)''' - -#endregion - - -print("\nUser data: ") + self.checkinit() + if hwid is None: + hwid = others.get_hwid() + + init_iv = SHA256.new(str(uuid4())[:8].encode()).hexdigest() + + post_data = { + "type": binascii.hexlify(("login").encode()), + "username": encryption.encrypt(user, self.enckey, init_iv), + "pass": encryption.encrypt(password, self.enckey, init_iv), + "hwid": encryption.encrypt(hwid, self.enckey, init_iv), + "sessionid": binascii.hexlify(self.sessionid.encode()), + "name": binascii.hexlify(self.name.encode()), + "ownerid": binascii.hexlify(self.ownerid.encode()), + "init_iv": init_iv + } + + response = self.__do_request(post_data) + + response = encryption.decrypt(response, self.enckey, init_iv) + + json = jsond.loads(response) + + if json["success"]: + self.__load_user_data(json["info"]) + if jsond.load(open("auth.json"))["authusername"] == "": #Check if the authusername is empty so it can write the user data + authfile = jsond.load(open("Files/auth.json")) + authfile["authusername"] = user #login(self, user) + jsond.dump(authfile, open('Files/auth.json', 'w'), sort_keys=False, indent=4) #Dumping username to auth file/You can change the indent + authfile["authpassword"] = password #login(self, password) + jsond.dump(authfile, open('Files/auth.json', 'w'), sort_keys=False, indent=4) #Dumping password to auth file/You can change the indent + else: #Auth file is filled with data so it skips the user data dumping + pass + print("successfully logged in") + else: + print(json["message"]) + os._exit(1)''' + +# endregion + + +print("\nUser data: ") print("Username: " + keyauthapp.user_data.username) print("IP address: " + keyauthapp.user_data.ip) print("Hardware-Id: " + keyauthapp.user_data.hwid) -#print("Subcription: " + keyauthapp.user_data.subscription) ## Print Subscription "ONE" name +# print("Subcription: " + keyauthapp.user_data.subscription) ## Print Subscription "ONE" name -subs = keyauthapp.user_data.subscriptions ## Get all Subscription names, expiry, and timeleft +subs = keyauthapp.user_data.subscriptions # Get all Subscription names, expiry, and timeleft for i in range(len(subs)): - sub = subs[i]["subscription"] # Subscription from every Sub - expiry = datetime.utcfromtimestamp(int(subs[i]["expiry"])).strftime('%Y-%m-%d %H:%M:%S') ## Expiry date from every Sub - timeleft = subs[i]["timeleft"] ## Timeleft from every Sub + sub = subs[i]["subscription"] # Subscription from every Sub + expiry = datetime.utcfromtimestamp(int(subs[i]["expiry"])).strftime( + '%Y-%m-%d %H:%M:%S') # Expiry date from every Sub + timeleft = subs[i]["timeleft"] # Timeleft from every Sub - print(f"[{i + 1} / {len(subs)}] | Subscription: {sub} - Expiry: {expiry} - Timeleft: {timeleft}") + print(f"[{i + 1} / {len(subs)}] | Subscription: {sub} - Expiry: {expiry} - Timeleft: {timeleft}") onlineUsers = keyauthapp.fetchOnline() -OU = "" ## KEEP THIS EMPTY FOR NOW, THIS WILL BE USED TO CREATE ONLINE USER STRING. -if onlineUsers == None: - OU = "No online users" +OU = "" # KEEP THIS EMPTY FOR NOW, THIS WILL BE USED TO CREATE ONLINE USER STRING. +if onlineUsers is None: + OU = "No online users" else: - for i in range(len(onlineUsers)): - OU += onlineUsers[i]["credential"] + " " + for i in range(len(onlineUsers)): + OU += onlineUsers[i]["credential"] + " " print("\n" + OU + "\n") - print("Created at: " + datetime.utcfromtimestamp(int(keyauthapp.user_data.createdate)).strftime('%Y-%m-%d %H:%M:%S')) print("Last login at: " + datetime.utcfromtimestamp(int(keyauthapp.user_data.lastlogin)).strftime('%Y-%m-%d %H:%M:%S')) print("Expires at: " + datetime.utcfromtimestamp(int(keyauthapp.user_data.expires)).strftime('%Y-%m-%d %H:%M:%S')) From 05e3c6f6009a9443c0ea336696cf7d515391824e Mon Sep 17 00:00:00 2001 From: 6nz <74118308+6nz@users.noreply.github.com> Date: Sun, 28 Aug 2022 21:51:52 +0200 Subject: [PATCH 036/106] Changed some lines instead of exiting after printing "Not valid option" it just re call the function, bit cleaner file --- main.py | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) diff --git a/main.py b/main.py index 8c10529..8cd3ebc 100644 --- a/main.py +++ b/main.py @@ -43,8 +43,7 @@ def getchecksum(): Customer panel link: {keyauthapp.app_data.customer_panel} """) print(f"Current Session Validation Status: {keyauthapp.check()}") -print( - f"Blacklisted? : {keyauthapp.checkblacklist()}") # check if blacklisted, you can edit this and make it exit the program if blacklisted +print(f"Blacklisted? : {keyauthapp.checkblacklist()}") # check if blacklisted, you can edit this and make it exit the program if blacklisted def answer(): From 319d0348f1e2cbf718b8fb31cde26e3035c924f8 Mon Sep 17 00:00:00 2001 From: 6nz <74118308+6nz@users.noreply.github.com> Date: Sun, 28 Aug 2022 21:55:55 +0200 Subject: [PATCH 037/106] Changed some lines Removed unused module, added connection check and timeout, error handling, added requests session, changed a few lines --- keyauth.py | 62 +++++++++++++++++++++++++++++++----------------------- 1 file changed, 36 insertions(+), 26 deletions(-) diff --git a/keyauth.py b/keyauth.py index 8d21c7a..6748a74 100644 --- a/keyauth.py +++ b/keyauth.py @@ -1,4 +1,4 @@ -import win32security #get sid +import win32security # get sid import json as jsond # json import time # sleep before exit @@ -8,22 +8,31 @@ from uuid import uuid4 # gen random guid import platform import os -import requests # https requests -from requests_toolbelt.adapters.fingerprint import FingerprintAdapter +import requests # https requests try: from Crypto.Cipher import AES from Crypto.Hash import SHA256 - from Crypto.Util.Padding import pad, unpad + from Crypto.Util.Padding import pad, unpad except ModuleNotFoundError: print("Exception when importing modules") print("installing necessary modules....") os.system("pip install pycryptodome") print("Modules installed!") time.sleep(1.5) - exit(0) + os._exit(1) + +try: # Connection check + s = requests.Session() # Session + s.get('https://google.com') +except requests.exceptions.RequestException as e: + print(e) + time.sleep(3) + os._exit(1) + class api: + name = ownerid = secret = version = hash_to_check = "" def __init__(self, name, ownerid, secret, version, hash_to_check): @@ -45,7 +54,7 @@ def init(self): if self.sessionid != "": print("You've already initialized!") time.sleep(2) - exit(0) + os._exit(1) init_iv = SHA256.new(str(uuid4())[:8].encode()).hexdigest() self.enckey = SHA256.new(str(uuid4())[:8].encode()).hexdigest() @@ -87,8 +96,6 @@ def init(self): self.initialized = True self.__load_app_data(json["appinfo"]) - - def register(self, user, password, license, hwid=None): self.checkinit() if hwid is None: @@ -142,6 +149,7 @@ def upgrade(self, user, license): if json["success"]: print("successfully upgraded user") print("please restart program and login") + time.sleep(2) os._exit(1) else: print(json["message"]) @@ -271,13 +279,13 @@ def setvar(self, var_name, var_data): response = self.__do_request(post_data) response = encryption.decrypt(response, self.enckey, init_iv) json = jsond.loads(response) - + if json["success"]: return True else: print(json["message"]) time.sleep(5) - os._exit(1) + os._exit(1) def ban(self): self.checkinit() @@ -292,13 +300,13 @@ def ban(self): response = self.__do_request(post_data) response = encryption.decrypt(response, self.enckey, init_iv) json = jsond.loads(response) - + if json["success"]: return True else: print(json["message"]) time.sleep(5) - os._exit(1) + os._exit(1) def file(self, fileid): self.checkinit() @@ -406,8 +414,8 @@ def log(self, message): } self.__do_request(post_data) - - def fetchOnline(self): + + def fetchOnline(self): self.checkinit() init_iv = SHA256.new(str(uuid4())[:8].encode()).hexdigest() @@ -423,13 +431,13 @@ def fetchOnline(self): response = encryption.decrypt(response, self.enckey, init_iv) json = jsond.loads(response) - + if json["success"]: if len(json["users"]) == 0: - return None ## THIS IS ISSUE ON KEYAUTH SERVER SIDE 6.8.2022 so it will return none if it is not an array. - else: + return None # THIS IS ISSUE ON KEYAUTH SERVER SIDE 6.8.2022, so it will return none if it is not an array. + else: return json["users"] - else: + else: return None def chatGet(self, channel): @@ -455,7 +463,7 @@ def chatGet(self, channel): else: return None - def chatSend(self, message, channel): + def chatSend(self, message, channel): self.checkinit() init_iv = SHA256.new(str(uuid4())[:8].encode()).hexdigest() @@ -482,19 +490,22 @@ def chatSend(self, message, channel): def checkinit(self): if not self.initialized: print("Initialize first, in order to use the functions") + time.sleep(2) os._exit(1) def __do_request(self, post_data): - - rq_out = requests.post( - "https://keyauth.win/api/1.0/", data=post_data - ) - - return rq_out.text + try: + rq_out = s.post( + "https://keyauth.win/api/1.0/", data=post_data, timeout=30 + ) + return rq_out.text + except requests.exceptions.Timeout: + print("Request timed out") class application_data_class: numUsers = numKeys = app_ver = customer_panel = onlineUsers = "" # region user_data + class user_data_class: username = ip = hwid = expires = createdate = lastlogin = subscription = subscriptions = "" @@ -519,7 +530,6 @@ def __load_user_data(self, data): self.user_data.subscriptions = data["subscriptions"] - class others: @staticmethod def get_hwid(): From 5496f8748ab7cab3aee5af129776d82d8bc73ed9 Mon Sep 17 00:00:00 2001 From: 6nz <74118308+6nz@users.noreply.github.com> Date: Sun, 28 Aug 2022 21:57:33 +0200 Subject: [PATCH 038/106] Removed unused module --- requirements.txt | 1 - 1 file changed, 1 deletion(-) diff --git a/requirements.txt b/requirements.txt index 1c19e06..0b0eaf5 100644 --- a/requirements.txt +++ b/requirements.txt @@ -1,4 +1,3 @@ requests -requests_toolbelt pycryptodome pywin32 From e8a43d3769364036398f09c4278e0e9761b2f630 Mon Sep 17 00:00:00 2001 From: 6nz <74118308+6nz@users.noreply.github.com> Date: Wed, 31 Aug 2022 10:41:31 +0200 Subject: [PATCH 039/106] Fix --- main.py | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/main.py b/main.py index 8cd3ebc..87a6233 100644 --- a/main.py +++ b/main.py @@ -131,7 +131,7 @@ def answer(): # * Auto-Login Example (THIS IS JUST AN EXAMPLE --> YOU WILL HAVE TO EDIT THE CODE PROBABLY) # 1. Checking and Reading JSON -#### Note: Remove the ''' on line 124 and 183 +#### Note: Remove the ''' on line 136 and 195 '''try: if os.path.isfile('auth.json'): #Checking if the auth file exist @@ -195,8 +195,8 @@ def answer(): os._exit(1)''' # Writing user data on login: -# Check Keyauth.py file --> Line 152 -# Replace the whole login function with this login function (This has auto user data dumping, so the user only have to login once) +# Check Keyauth.py file --> Line 158 +# Replace the whole login function with this login function (This has auto user data dumping, so the user only have to login once), dont forget to remove the ''' on line 202,239 # Note: The auto login function above is needed for this bc it creates the auth file, if the auth file is missing this won't work '''def login(self, user, password, hwid=None): From dab58c3aa7730e6caf8736d88b0275c7fd913d55 Mon Sep 17 00:00:00 2001 From: William Nelson <83034852+wnelson03@users.noreply.github.com> Date: Thu, 1 Sep 2022 21:56:57 -0400 Subject: [PATCH 040/106] Update webhook code --- keyauth.py | 4 +++- main.py | 6 ++++++ 2 files changed, 9 insertions(+), 1 deletion(-) diff --git a/keyauth.py b/keyauth.py index 6748a74..229ecfe 100644 --- a/keyauth.py +++ b/keyauth.py @@ -333,7 +333,7 @@ def file(self, fileid): os._exit(1) return binascii.unhexlify(json["contents"]) - def webhook(self, webid, param): + def webhook(self, webid, param, body = "", conttype = ""): self.checkinit() init_iv = SHA256.new(str(uuid4())[:8].encode()).hexdigest() @@ -341,6 +341,8 @@ def webhook(self, webid, param): "type": binascii.hexlify(("webhook").encode()), "webid": encryption.encrypt(webid, self.enckey, init_iv), "params": encryption.encrypt(param, self.enckey, init_iv), + "body": encryption.encrypt(body, self.enckey, init_iv), + "conttype": encryption.encrypt(conttype, self.enckey, init_iv), "sessionid": binascii.hexlify(self.sessionid.encode()), "name": binascii.hexlify(self.name.encode()), "ownerid": binascii.hexlify(self.ownerid.encode()), diff --git a/main.py b/main.py index 87a6233..ca0ba0f 100644 --- a/main.py +++ b/main.py @@ -115,6 +115,12 @@ def answer(): # * example to send normal request with no POST data # data = keyauthapp.webhook("WebhookID", "?type=resetuser&user=username") +# * example to send form data +# data = keyauthapp.webhook("WebhookID", "", "type=init&name=test&ownerid=j9Gj0FTemM", "application/x-www-form-urlencoded") + +# * example to send JSON +# data = keyauthapp.webhook("WebhookID", "", "{\"content\": \"webhook message here\",\"embeds\": null}", "application/json") + # * Get chat messages # messages = keyauthapp.chatGet("CHANNEL") From 09e6492dfd236bec1c8d3500f52c8b23181427d9 Mon Sep 17 00:00:00 2001 From: 6nz <74118308+6nz@users.noreply.github.com> Date: Fri, 2 Sep 2022 18:08:26 +0200 Subject: [PATCH 041/106] Improvements better "getchecksum" function, changed cls and title to 1 line, typo fix --- main.py | 20 +++++++++----------- 1 file changed, 9 insertions(+), 11 deletions(-) diff --git a/main.py b/main.py index ca0ba0f..a47cbab 100644 --- a/main.py +++ b/main.py @@ -1,3 +1,5 @@ +import sys + from keyauth import api import time import os @@ -9,19 +11,15 @@ # ^^ only for auto login/json writing/reading # watch setup video if you need help https://www.youtube.com/watch?v=L2eAQOmuUiA -os.system("cls") -os.system("title Python Example") + +os.system("cls & title Python Example") print("Initializing") def getchecksum(): - path = os.path.basename(__file__) - if not os.path.exists(path): - path = path[:-2] + "exe" md5_hash = hashlib.md5() - a_file = open(path, "rb") - content = a_file.read() - md5_hash.update(content) + file = open(''.join(sys.argv), "rb") + md5_hash.update(file.read()) digest = md5_hash.hexdigest() return digest @@ -34,7 +32,7 @@ def getchecksum(): hash_to_check = getchecksum() ) -print(f""" +print(f"""1 App data: Number of users: {keyauthapp.app_data.numUsers} Number of online users: {keyauthapp.app_data.onlineUsers} @@ -137,7 +135,7 @@ def answer(): # * Auto-Login Example (THIS IS JUST AN EXAMPLE --> YOU WILL HAVE TO EDIT THE CODE PROBABLY) # 1. Checking and Reading JSON -#### Note: Remove the ''' on line 136 and 195 +#### Note: Remove the ''' on line 140 and 199 '''try: if os.path.isfile('auth.json'): #Checking if the auth file exist @@ -202,7 +200,7 @@ def answer(): # Writing user data on login: # Check Keyauth.py file --> Line 158 -# Replace the whole login function with this login function (This has auto user data dumping, so the user only have to login once), dont forget to remove the ''' on line 202,239 +# Replace the whole login function with this login function (This has auto user data dumping, so the user only have to log in once), don't forget to remove the ''' on line 206,243 # Note: The auto login function above is needed for this bc it creates the auth file, if the auth file is missing this won't work '''def login(self, user, password, hwid=None): From dbc53f2054ba30f47ec97ce2651ea4a476c9cbe3 Mon Sep 17 00:00:00 2001 From: 6nz <74118308+6nz@users.noreply.github.com> Date: Sat, 3 Sep 2022 20:18:24 +0200 Subject: [PATCH 042/106] fix --- main.py | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/main.py b/main.py index a47cbab..bd12657 100644 --- a/main.py +++ b/main.py @@ -32,7 +32,7 @@ def getchecksum(): hash_to_check = getchecksum() ) -print(f"""1 +print(f""" App data: Number of users: {keyauthapp.app_data.numUsers} Number of online users: {keyauthapp.app_data.onlineUsers} From 13c96b58e2697c7e109780d27f42cdc0937c254f Mon Sep 17 00:00:00 2001 From: William Nelson <83034852+wnelson03@users.noreply.github.com> Date: Sun, 4 Sep 2022 10:57:38 -0400 Subject: [PATCH 043/106] Fix auto-login example --- main.py | 64 ++++++++++++++++----------------------------------------- 1 file changed, 18 insertions(+), 46 deletions(-) diff --git a/main.py b/main.py index bd12657..35f0e9e 100644 --- a/main.py +++ b/main.py @@ -149,11 +149,19 @@ def answer(): user = input('Provide username: ') password = input('Provide password: ') keyauthapp.login(user,password) + authfile = jsond.load(open("auth.json")) + authfile["authusername"] = user + authfile["authpassword"] = password + jsond.dump(authfile, open('auth.json', 'w'), sort_keys=False, indent=4) elif ans=="2": user = input('Provide username: ') password = input('Provide password: ') license = input('Provide License: ') keyauthapp.register(user,password,license) + authfile = jsond.load(open("auth.json")) + authfile["authusername"] = user + authfile["authpassword"] = password + jsond.dump(authfile, open('auth.json', 'w'), sort_keys=False, indent=4) else: print("\nNot Valid Option") os._exit(1) @@ -183,11 +191,19 @@ def answer(): user = input('Provide username: ') password = input('Provide password: ') keyauthapp.login(user,password) + authfile = jsond.load(open("auth.json")) + authfile["authusername"] = user + authfile["authpassword"] = password + jsond.dump(authfile, open('auth.json', 'w'), sort_keys=False, indent=4) elif ans=="2": user = input('Provide username: ') password = input('Provide password: ') license = input('Provide License: ') - keyauthapp.register(user,password,license) + keyauthapp.register(user,password,license) + authfile = jsond.load(open("auth.json")) + authfile["authusername"] = user + authfile["authpassword"] = password + jsond.dump(authfile, open('auth.json', 'w'), sort_keys=False, indent=4) else: print("\nNot Valid Option") os._exit(1) @@ -198,50 +214,6 @@ def answer(): print(e) os._exit(1)''' -# Writing user data on login: -# Check Keyauth.py file --> Line 158 -# Replace the whole login function with this login function (This has auto user data dumping, so the user only have to log in once), don't forget to remove the ''' on line 206,243 -# Note: The auto login function above is needed for this bc it creates the auth file, if the auth file is missing this won't work - -'''def login(self, user, password, hwid=None): - self.checkinit() - if hwid is None: - hwid = others.get_hwid() - - init_iv = SHA256.new(str(uuid4())[:8].encode()).hexdigest() - - post_data = { - "type": binascii.hexlify(("login").encode()), - "username": encryption.encrypt(user, self.enckey, init_iv), - "pass": encryption.encrypt(password, self.enckey, init_iv), - "hwid": encryption.encrypt(hwid, self.enckey, init_iv), - "sessionid": binascii.hexlify(self.sessionid.encode()), - "name": binascii.hexlify(self.name.encode()), - "ownerid": binascii.hexlify(self.ownerid.encode()), - "init_iv": init_iv - } - - response = self.__do_request(post_data) - - response = encryption.decrypt(response, self.enckey, init_iv) - - json = jsond.loads(response) - - if json["success"]: - self.__load_user_data(json["info"]) - if jsond.load(open("auth.json"))["authusername"] == "": #Check if the authusername is empty so it can write the user data - authfile = jsond.load(open("Files/auth.json")) - authfile["authusername"] = user #login(self, user) - jsond.dump(authfile, open('Files/auth.json', 'w'), sort_keys=False, indent=4) #Dumping username to auth file/You can change the indent - authfile["authpassword"] = password #login(self, password) - jsond.dump(authfile, open('Files/auth.json', 'w'), sort_keys=False, indent=4) #Dumping password to auth file/You can change the indent - else: #Auth file is filled with data so it skips the user data dumping - pass - print("successfully logged in") - else: - print(json["message"]) - os._exit(1)''' - # endregion @@ -276,4 +248,4 @@ def answer(): print(f"Current Session Validation Status: {keyauthapp.check()}") print("Exiting in 10 secs....") sleep(10) -os._exit(1) +os._exit(1) \ No newline at end of file From c6590d1c0327fa45e3db52c44543dc70c731898c Mon Sep 17 00:00:00 2001 From: mazkdevf <79049205+mazkdevf@users.noreply.github.com> Date: Sun, 4 Sep 2022 20:41:41 +0300 Subject: [PATCH 044/106] Added example to add KeyAuth Application information to Title --- main.py | 3 +++ 1 file changed, 3 insertions(+) diff --git a/main.py b/main.py index 35f0e9e..0bcb48e 100644 --- a/main.py +++ b/main.py @@ -135,6 +135,9 @@ def answer(): # * Auto-Login Example (THIS IS JUST AN EXAMPLE --> YOU WILL HAVE TO EDIT THE CODE PROBABLY) # 1. Checking and Reading JSON +# * Add Application Information to Title +# os.system(f"cls & title KeyAuth Python Example - Total Users: {keyauthapp.app_data.numUsers} - Online Users: {keyauthapp.app_data.onlineUsers} - Total Keys: {keyauthapp.app_data.numKeys}") + #### Note: Remove the ''' on line 140 and 199 '''try: From 62b93b9d82811dc187a7f3b7f76debf9a34e1812 Mon Sep 17 00:00:00 2001 From: 6nz <74118308+6nz@users.noreply.github.com> Date: Mon, 12 Sep 2022 00:04:36 +0200 Subject: [PATCH 045/106] Important fix/improvements Linux fix + compatibility + small improvements --- main.py | 20 ++++++++++++-------- 1 file changed, 12 insertions(+), 8 deletions(-) diff --git a/main.py b/main.py index 0bcb48e..6dc7f79 100644 --- a/main.py +++ b/main.py @@ -1,6 +1,6 @@ -import sys - from keyauth import api + +import sys import time import os import hashlib @@ -12,7 +12,12 @@ # watch setup video if you need help https://www.youtube.com/watch?v=L2eAQOmuUiA -os.system("cls & title Python Example") +if os.name == 'nt': + os.system('cls & title Python Example') +else: + os.system('clear') + sys.stdout.write("\x1b]0;Python Example\x07") + print("Initializing") @@ -131,14 +136,13 @@ def answer(): # * Send chat message # keyauthapp.chatSend("MESSAGE", "CHANNEL") +# * Add Application Information to Title +# os.system(f"cls & title KeyAuth Python Example - Total Users: {keyauthapp.app_data.numUsers} - Online Users: {keyauthapp.app_data.onlineUsers} - Total Keys: {keyauthapp.app_data.numKeys}") # * Auto-Login Example (THIS IS JUST AN EXAMPLE --> YOU WILL HAVE TO EDIT THE CODE PROBABLY) # 1. Checking and Reading JSON -# * Add Application Information to Title -# os.system(f"cls & title KeyAuth Python Example - Total Users: {keyauthapp.app_data.numUsers} - Online Users: {keyauthapp.app_data.onlineUsers} - Total Keys: {keyauthapp.app_data.numKeys}") - -#### Note: Remove the ''' on line 140 and 199 +#### Note: Remove the ''' on line 147 and 222 '''try: if os.path.isfile('auth.json'): #Checking if the auth file exist @@ -251,4 +255,4 @@ def answer(): print(f"Current Session Validation Status: {keyauthapp.check()}") print("Exiting in 10 secs....") sleep(10) -os._exit(1) \ No newline at end of file +os._exit(1) From 781297db4242a95b335c5db2674f60159761caaa Mon Sep 17 00:00:00 2001 From: 6nz <74118308+6nz@users.noreply.github.com> Date: Mon, 12 Sep 2022 00:06:11 +0200 Subject: [PATCH 046/106] Improvements + important fix --- keyauth.py | 19 +++++++++++-------- 1 file changed, 11 insertions(+), 8 deletions(-) diff --git a/keyauth.py b/keyauth.py index 229ecfe..9f9c3df 100644 --- a/keyauth.py +++ b/keyauth.py @@ -1,23 +1,26 @@ -import win32security # get sid +import os import json as jsond # json - import time # sleep before exit - import binascii # hex encoding - from uuid import uuid4 # gen random guid import platform -import os -import requests # https requests try: + if os.name == 'nt': + import win32security # get sid (WIN only) + import requests # https requests from Crypto.Cipher import AES from Crypto.Hash import SHA256 from Crypto.Util.Padding import pad, unpad except ModuleNotFoundError: print("Exception when importing modules") - print("installing necessary modules....") - os.system("pip install pycryptodome") + print("Installing necessary modules....") + if os.path.isfile("requirements.txt"): + os.system("pip install -r requirements.txt") + else: + os.system("pip install pywin32") + os.system("pip install pycryptodome") + os.system("pip install requests") print("Modules installed!") time.sleep(1.5) os._exit(1) From e81f4e44f68e35def0ae0062df52226b2463ae55 Mon Sep 17 00:00:00 2001 From: 6nz <74118308+6nz@users.noreply.github.com> Date: Fri, 16 Sep 2022 21:44:02 +0200 Subject: [PATCH 047/106] fix --- main.py | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/main.py b/main.py index 6dc7f79..ccfe448 100644 --- a/main.py +++ b/main.py @@ -88,7 +88,7 @@ def answer(): # region Extra Functions # * Download Files form the server to your computer using the download function in the api class -# bytes = keyauthapp.download("FILEID") +# bytes = keyauthapp.file("FILEID") # f = open("example.exe", "wb") # f.write(bytes) # f.close() From f993471aae83ba250c8b8d301c15a13970c6165b Mon Sep 17 00:00:00 2001 From: 6nz <74118308+6nz@users.noreply.github.com> Date: Sat, 17 Sep 2022 14:52:33 +0200 Subject: [PATCH 048/106] Now mac devices are also supported yes epic update for mac users --- keyauth.py | 20 +++++++++++++------- 1 file changed, 13 insertions(+), 7 deletions(-) diff --git a/keyauth.py b/keyauth.py index 9f9c3df..42b204c 100644 --- a/keyauth.py +++ b/keyauth.py @@ -3,7 +3,8 @@ import time # sleep before exit import binascii # hex encoding from uuid import uuid4 # gen random guid -import platform +import platform # check platform +import subprocess # needed for mac device try: if os.name == 'nt': @@ -538,16 +539,21 @@ def __load_user_data(self, data): class others: @staticmethod def get_hwid(): - winuser = os.getlogin() - if platform.system() != "Windows": + if platform.system() == "Linux": with open("/etc/machine-id") as f: hwid = f.read() return hwid + elif platform.system() == 'Windows': + winuser = os.getlogin() + sid = win32security.LookupAccountName(None, winuser)[0] + hwid = win32security.ConvertSidToStringSid(sid) + return hwid + elif platform.system() == 'Darwin': + output = subprocess.Popen("ioreg -l | grep IOPlatformSerialNumber", stdout=subprocess.PIPE, shell=True).communicate()[0] + serial = output.decode().split('=', 1)[1].replace(' ', '') + hwid = serial[1:-2] + return hwid - sid = win32security.LookupAccountName(None, winuser)[0] - sidstr = win32security.ConvertSidToStringSid(sid) - - return sidstr class encryption: From 866f9f658c67e654e655d3f34fde49a70c56a7d7 Mon Sep 17 00:00:00 2001 From: 6nz <74118308+6nz@users.noreply.github.com> Date: Sat, 17 Sep 2022 14:56:58 +0200 Subject: [PATCH 049/106] Now supports mac devices --- main.py | 18 +++++++++++------- 1 file changed, 11 insertions(+), 7 deletions(-) diff --git a/main.py b/main.py index ccfe448..162b921 100644 --- a/main.py +++ b/main.py @@ -2,21 +2,25 @@ import sys import time +import platform import os import hashlib from time import sleep from datetime import datetime -# import json as jsond +# import json as jsonds # ^^ only for auto login/json writing/reading # watch setup video if you need help https://www.youtube.com/watch?v=L2eAQOmuUiA -if os.name == 'nt': - os.system('cls & title Python Example') -else: - os.system('clear') - sys.stdout.write("\x1b]0;Python Example\x07") +if platform.system() == 'Windows': + os.system('cls & title Python Example') # clear console, change title +elif platform.system() == 'Linux': + os.system('clear') # clear console + sys.stdout.write("\x1b]0;Python Example\x07") # change title +elif platform.system() == 'Darwin': + os.system("clear && printf '\e[3J'") # clear console + os.system('''echo - n - e "\033]0;Python Example\007"''') # change title print("Initializing") @@ -142,7 +146,7 @@ def answer(): # * Auto-Login Example (THIS IS JUST AN EXAMPLE --> YOU WILL HAVE TO EDIT THE CODE PROBABLY) # 1. Checking and Reading JSON -#### Note: Remove the ''' on line 147 and 222 +#### Note: Remove the ''' on line 151 and 226 '''try: if os.path.isfile('auth.json'): #Checking if the auth file exist From 28ad75d043e261c33c9b34b989ea77747fa763a3 Mon Sep 17 00:00:00 2001 From: 6nz <74118308+6nz@users.noreply.github.com> Date: Sat, 17 Sep 2022 14:57:18 +0200 Subject: [PATCH 050/106] Update main.py --- main.py | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/main.py b/main.py index 162b921..f862662 100644 --- a/main.py +++ b/main.py @@ -8,7 +8,7 @@ from time import sleep from datetime import datetime -# import json as jsonds +# import json as jsond # ^^ only for auto login/json writing/reading # watch setup video if you need help https://www.youtube.com/watch?v=L2eAQOmuUiA From 47b35a4845c8011290981b3da71d53727cfbeded Mon Sep 17 00:00:00 2001 From: William Nelson <83034852+wnelson03@users.noreply.github.com> Date: Mon, 19 Sep 2022 21:11:40 -0400 Subject: [PATCH 051/106] Update README.md --- README.md | 248 +++++++++++++++++++++++++++++++++++++++++++++++++++--- 1 file changed, 237 insertions(+), 11 deletions(-) diff --git a/README.md b/README.md index 0b8338c..f58628a 100644 --- a/README.md +++ b/README.md @@ -1,23 +1,249 @@ # KeyAuth-Python-Example KeyAuth Python Example For The https://keyauth.cc Authentication system. -# Instructions +**What is KeyAuth?** -Install [Python](https://www.python.org/downloads/) (make sure to add to PATH) +KeyAuth is an Open source authentication system with cloud hosting plans as well. Client SDKs available for C++, C#, Python, Rust, PHP, JS, GO, Ruby and VB.NET. KeyAuth has several unique features such as memory streaming, webhook function where you can send requests to API without leaking the API, discord webhook notifications, ban the user securely through the application at your discretion. Feel free to join https://keyauth.cc/discord/ If you are experiencing account issues. -Open Command Prompt +**Customer connection issues?** -use the cd command to navigate to the path of the KeyAuth files +This is common amongst all authentication systems. Program obfuscation causes false positives in virus scanners, and with the scale of KeyAuth this is perceived as a malicious domain. So, `keyauth.com` and `keyauth.win` have been blocked by many internet providers. for dashbord, reseller panel, customer panel, use `keyauth.cc` -run `pip install -r requirements.txt` +For API, `keyauth.cc` will not work because I purposefully blocked it on there so `keyauth.cc` doesn't get blocked also. So, you should create your own domain and follow this tutorial video https://www.youtube.com/watch?v=a2SROFJ0eYc. The tutorial video shows you how to create a domain name for 100% free if you don't want to purchase one. -set your application information in main.py +**`KeyAuthApp` instance definition** -then run `python main.py` +Visit and select your application, then click on the **C#** tab -Setup video: https://www.youtube.com/watch?v=L2eAQOmuUiA +It'll provide you with the code which you should replace with in the `Program.cs` file (or `Login.cs` file if using Form example) -**What is KeyAuth?** +```PY +keyauthapp = api( + name = "example", #App name (Manage Applications --> Application name) + ownerid = "JjPMBVlIOd", #Owner ID (Account-Settings --> OwnerID) + secret = "db40d586f4b189e04e5c18c3c94b7e72221be3f6551995adc05236948d1762bc", #App secret(Manage Applications --> App credentials code) + version = "1.0", + hash_to_check = getchecksum() +) +``` + +**Initialize application** + +You don't need to add any code to initalize. KeyAuth will initalize when the instance definition is made. + +**Display application information** + +```py +print(f""" +App data: +Number of users: {keyauthapp.app_data.numUsers} +Number of online users: {keyauthapp.app_data.onlineUsers} +Number of keys: {keyauthapp.app_data.numKeys} +Application Version: {keyauthapp.app_data.app_ver} +Customer panel link: {keyauthapp.app_data.customer_panel} +""") +``` + +**Check session validation** + +Use this to see if the user is logged in or not. + +```py +print(f"Current Session Validation Status: {keyauthapp.check()}") +``` + +**Check blacklist status** + +Check if HWID or IP Address is blacklisted. You can add this if you want, just to make sure nobody can open your program for less than a second if they're blacklisted. Though, if you don't mind a blacklisted user having the program for a few seconds until they try to login and register, and you care about having the quickest program for your users, you shouldn't use this function then. If a blacklisted user tries to login/register, the KeyAuth server will check if they're blacklisted and deny entry if so. So the check blacklist function is just auxiliary function that's optional. + +```py +if(keyauthapp.checkblacklist()) { + os._exit(1) +} +``` + +**Login with username/password** + +```py +user = input('Provide username: ') +password = input('Provide password: ') +keyauthapp.login(user, password) +``` + +**Register with username/password/key** + +```py +user = input('Provide username: ') +password = input('Provide password: ') +license = input('Provide License: ') +keyauthapp.register(user, password, license) +``` + +**Upgrade user username/key** + +Used so the user can add extra time to their account by claiming new key. + +> **Warning** +> No password is needed to upgrade account. So, unlike login, register, and license functions - you should **not** log user in after successful upgrade. + +```py +user = input('Provide username: ') +license = input('Provide License: ') +keyauthapp.upgrade(user, license) +``` + +**Login with just license key** + +Users can use this function if their license key has never been used before, and if it has been used before. So if you plan to just allow users to use keys, you can remove the login and register functions from your code. + +```py +key = input('Enter your license: ') +keyauthapp.license(key) +``` + +**User Data** + +Show information for current logged-in user. + +```py +print("\nUser data: ") +print("Username: " + keyauthapp.user_data.username) +print("IP address: " + keyauthapp.user_data.ip) +print("Hardware-Id: " + keyauthapp.user_data.hwid) + +subs = keyauthapp.user_data.subscriptions # Get all Subscription names, expiry, and timeleft +for i in range(len(subs)): + sub = subs[i]["subscription"] # Subscription from every Sub + expiry = datetime.utcfromtimestamp(int(subs[i]["expiry"])).strftime( + '%Y-%m-%d %H:%M:%S') # Expiry date from every Sub + timeleft = subs[i]["timeleft"] # Timeleft from every Sub + + print(f"[{i + 1} / {len(subs)}] | Subscription: {sub} - Expiry: {expiry} - Timeleft: {timeleft}") +print("Created at: " + datetime.utcfromtimestamp(int(keyauthapp.user_data.createdate)).strftime('%Y-%m-%d %H:%M:%S')) +print("Last login at: " + datetime.utcfromtimestamp(int(keyauthapp.user_data.lastlogin)).strftime('%Y-%m-%d %H:%M:%S')) +print("Expires at: " + datetime.utcfromtimestamp(int(keyauthapp.user_data.expires)).strftime('%Y-%m-%d %H:%M:%S')) +print(f"Current Session Validation Status: {keyauthapp.check()}") +``` + +**Show list of online users** + +```py +onlineUsers = keyauthapp.fetchOnline() +OU = "" # KEEP THIS EMPTY FOR NOW, THIS WILL BE USED TO CREATE ONLINE USER STRING. +if onlineUsers is None: + OU = "No online users" +else: + for i in range(len(onlineUsers)): + OU += onlineUsers[i]["credential"] + " " + +print("\n" + OU + "\n") +``` + +**Application variables** + +A string that is kept on the server-side of KeyAuth. On the dashboard you can choose for each variable to be authenticated (only logged in users can access), or not authenticated (any user can access before login). These are global and static for all users, unlike User Variables which will be dicussed below this section. + +```py +* Get normal variable and print it +data = keyauthapp.var("varName") +print(data) +``` + +**User Variables** + +User variables are strings kept on the server-side of KeyAuth. They are specific to users. They can be set on Dashboard in the Users tab, via SellerAPI, or via your loader using the code below. `discord` is the user variable name you fetch the user variable by. `test#0001` is the variable data you get when fetching the user variable. + +```py +* Set up user variable +keyauthapp.setvar("varName", "varValue") +``` + +And here's how you fetch the user variable: + +```py +* Get user variable and print it +data = keyauthapp.getvar("varName") +print(data) +``` + +**Application Logs** + +Can be used to log data. Good for anti-debug alerts and maybe error debugging. If you set Discord webhook in the app settings of the Dashboard, it will send log messages to your Discord webhook rather than store them on site. It's recommended that you set Discord webhook, as logs on site may be deleted after a couple months of their creation. + +You can use the log function before login & after login. + +```py +* Log message to the server and then to your webhook what is set on app settings +keyauthapp.log("Message") +``` + +**Ban the user** + +Ban the user and blacklist their HWID and IP Address. Good function to call upon if you use anti-debug and have detected an intrusion attempt. + +Function only works after login. + +```py +keyauthapp.ban(); +``` + +**Server-sided webhooks** + +Tutorial video https://www.youtube.com/watch?v=ENRaNPPYJbc + +Send HTTP requests to URLs securely without leaking the URL in your application. You should definitely use if you want to send requests to SellerAPI from your application, otherwise if you don't use you'll be leaking your seller key to everyone. And then someone can mess up your application. + +1st example is how to send request with no POST data. just a GET request to the URL. `7kR0UedlVI` is the webhook ID, `https://keyauth.win/api/seller/?sellerkey=sellerkeyhere&type=black` is what you should put as the webhook endpoint on the dashboard. This is the part you don't want users to see. And then you have `&ip=1.1.1.1&hwid=abc` in your program code which will be added to the webhook endpoint on the keyauth server and then the request will be sent. + +2nd example includes post data. it is form data. it is an example request to the KeyAuth API. `7kR0UedlVI` is the webhook ID, `https://keyauth.win/api/1.2/` is the webhook endpoint. + +3rd examples included post data though it's JSON. It's an example reques to Discord webhook `7kR0UedlVI` is the webhook ID, `https://discord.com/api/webhooks/...` is the webhook endpoint. + +```py +* example to send normal request with no POST data +data = keyauthapp.webhook("7kR0UedlVI", "&ip=1.1.1.1&hwid=abc") + +* example to send form data +data = keyauthapp.webhook("7kR0UedlVI", "", "type=init&name=test&ownerid=j9Gj0FTemM", "application/x-www-form-urlencoded") + +* example to send JSON +data = keyauthapp.webhook("7kR0UedlVI", "", "{\"content\": \"webhook message here\",\"embeds\": null}", "application/json") +``` + +**Download file** + +Keep files secure by providing KeyAuth your file download link on the KeyAuth dashboard. Make sure this is a direct download link (as soon as you go to the link, it starts downloading without you clicking anything). The KeyAuth download function provides the bytes, and then you get to decide what to do with those. This example shows how to write it to a file named `text.txt` in the same folder as the program, though you could execute with RunPE or whatever you want. + +`385624` is the file ID you get from the dashboard after adding file. + +```py +* Download Files form the server to your computer using the download function in the api class +bytes = keyauthapp.file("385624") +f = open("example.exe", "wb") +f.write(bytes) +f.close() +``` + +**Chat channels** + +Allow users to communicate amongst themselves in your program. + +Example from the form example on how to fetch the chat messages. + +```py +* Get chat messages +messages = keyauthapp.chatGet("CHANNEL") + +Messages = "" +for i in range(len(messages)): +Messages += datetime.utcfromtimestamp(int(messages[i]["timestamp"])).strftime('%Y-%m-%d %H:%M:%S') + " - " + messages[i]["author"] + ": " + messages[i]["message"] + "\n" + +print("\n\n" + Messages) +``` + +Example on how to send chat message. -KeyAuth is a GameChanging authentication system. We have never-seen before features, and we listen to our customers. -Feel free to join https://keyauth.cc/discord/ if you have questions or suggestions. +```py +* Send chat message +keyauthapp.chatSend("MESSAGE", "CHANNEL") +``` From 6d6278ebfdbc5aa99d4da1d5100a9db3916f3d06 Mon Sep 17 00:00:00 2001 From: William Nelson <83034852+wnelson03@users.noreply.github.com> Date: Mon, 19 Sep 2022 21:17:53 -0400 Subject: [PATCH 052/106] Update README.md --- README.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/README.md b/README.md index f58628a..81fed97 100644 --- a/README.md +++ b/README.md @@ -13,7 +13,7 @@ For API, `keyauth.cc` will not work because I purposefully blocked it on there s **`KeyAuthApp` instance definition** -Visit and select your application, then click on the **C#** tab +Visit and select your application, then click on the **Python** tab It'll provide you with the code which you should replace with in the `Program.cs` file (or `Login.cs` file if using Form example) From 123acfd112410a8c1a8794aeeb30557e0cf7575c Mon Sep 17 00:00:00 2001 From: 6nz <74118308+6nz@users.noreply.github.com> Date: Tue, 20 Sep 2022 07:27:20 +0200 Subject: [PATCH 053/106] Typo --- README.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/README.md b/README.md index 81fed97..7637587 100644 --- a/README.md +++ b/README.md @@ -15,7 +15,7 @@ For API, `keyauth.cc` will not work because I purposefully blocked it on there s Visit and select your application, then click on the **Python** tab -It'll provide you with the code which you should replace with in the `Program.cs` file (or `Login.cs` file if using Form example) +It'll provide you with the code which you should replace with in the `main.py`. ```PY keyauthapp = api( From 0bcdc81296fac84d24565a4874e9cc45cc11b64f Mon Sep 17 00:00:00 2001 From: 6nz <74118308+6nz@users.noreply.github.com> Date: Tue, 20 Sep 2022 07:28:28 +0200 Subject: [PATCH 054/106] Update README.md --- README.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/README.md b/README.md index 7637587..69f2f39 100644 --- a/README.md +++ b/README.md @@ -15,7 +15,7 @@ For API, `keyauth.cc` will not work because I purposefully blocked it on there s Visit and select your application, then click on the **Python** tab -It'll provide you with the code which you should replace with in the `main.py`. +It'll provide you with the code which you should replace with in the `main.py` file. ```PY keyauthapp = api( From 21446bc7c875044bbe12c24947ab878473d46e36 Mon Sep 17 00:00:00 2001 From: 6nz <74118308+6nz@users.noreply.github.com> Date: Thu, 6 Oct 2022 20:45:12 +0200 Subject: [PATCH 055/106] =?UTF-8?q?fix=20=F0=9F=91=8C?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- README.md | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/README.md b/README.md index 69f2f39..64d3d8f 100644 --- a/README.md +++ b/README.md @@ -57,9 +57,9 @@ print(f"Current Session Validation Status: {keyauthapp.check()}") Check if HWID or IP Address is blacklisted. You can add this if you want, just to make sure nobody can open your program for less than a second if they're blacklisted. Though, if you don't mind a blacklisted user having the program for a few seconds until they try to login and register, and you care about having the quickest program for your users, you shouldn't use this function then. If a blacklisted user tries to login/register, the KeyAuth server will check if they're blacklisted and deny entry if so. So the check blacklist function is just auxiliary function that's optional. ```py -if(keyauthapp.checkblacklist()) { +if keyauthapp.checkblacklist(): + print("You've been blacklisted from our application.") os._exit(1) -} ``` **Login with username/password** @@ -184,7 +184,7 @@ Ban the user and blacklist their HWID and IP Address. Good function to call upon Function only works after login. ```py -keyauthapp.ban(); +keyauthapp.ban() ``` **Server-sided webhooks** From 1ae9d9153b6b20b2e7e52edd940d3f108c959b8a Mon Sep 17 00:00:00 2001 From: William Nelson <83034852+wnelson03@users.noreply.github.com> Date: Tue, 11 Oct 2022 20:27:46 -0400 Subject: [PATCH 056/106] Update README.md --- README.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/README.md b/README.md index 64d3d8f..0af1212 100644 --- a/README.md +++ b/README.md @@ -3,7 +3,7 @@ KeyAuth Python Example For The https://keyauth.cc Authentication system. **What is KeyAuth?** -KeyAuth is an Open source authentication system with cloud hosting plans as well. Client SDKs available for C++, C#, Python, Rust, PHP, JS, GO, Ruby and VB.NET. KeyAuth has several unique features such as memory streaming, webhook function where you can send requests to API without leaking the API, discord webhook notifications, ban the user securely through the application at your discretion. Feel free to join https://keyauth.cc/discord/ If you are experiencing account issues. +KeyAuth is an Open source authentication system with cloud hosting plans as well. Client SDKs available for C++, C#, Python, Rust, PHP, JS, GO, Ruby and VB.NET. KeyAuth has several unique features such as memory streaming, webhook function where you can send requests to API without leaking the API, discord webhook notifications, ban the user securely through the application at your discretion. Feel free to join https://discord.gg/keyauth If you are experiencing account issues. **Customer connection issues?** From e3aa3619bc23d83370d7dbbb242e544e5cb9520f Mon Sep 17 00:00:00 2001 From: 6nz <74118308+6nz@users.noreply.github.com> Date: Mon, 17 Oct 2022 22:28:40 +0200 Subject: [PATCH 057/106] Small update --- main.py | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/main.py b/main.py index f862662..8415db7 100644 --- a/main.py +++ b/main.py @@ -13,6 +13,10 @@ # watch setup video if you need help https://www.youtube.com/watch?v=L2eAQOmuUiA +if sys.version_info.minor < 10: # Python version check (Bypass Patch) + print("[Security] - Python 3.10 or higher is recommended. The bypass will not work on 3.10+") + print("You are using Python {}.{}".format(sys.version_info.major, sys.version_info.minor)) + if platform.system() == 'Windows': os.system('cls & title Python Example') # clear console, change title elif platform.system() == 'Linux': From 9ec0cb2a889dc01be95df17d360e97d196af5712 Mon Sep 17 00:00:00 2001 From: 6nz <74118308+6nz@users.noreply.github.com> Date: Sun, 30 Oct 2022 00:12:15 +0200 Subject: [PATCH 058/106] Create merged_example.py --- other-examples/merged_example.py | 864 +++++++++++++++++++++++++++++++ 1 file changed, 864 insertions(+) create mode 100644 other-examples/merged_example.py diff --git a/other-examples/merged_example.py b/other-examples/merged_example.py new file mode 100644 index 0000000..0a624df --- /dev/null +++ b/other-examples/merged_example.py @@ -0,0 +1,864 @@ +import binascii # hex encoding +import hashlib +import json as jsond # json +import os +import platform # check platform +import subprocess # needed for mac device +import sys +import time # sleep before exit +from datetime import datetime +from time import sleep +from uuid import uuid4 # gen random guid + +try: + if os.name == 'nt': + import win32security # get sid (WIN only) + import requests # https requests + from Crypto.Cipher import AES + from Crypto.Hash import SHA256 + from Crypto.Util.Padding import pad, unpad +except ModuleNotFoundError: + print("Exception when importing modules") + print("Installing necessary modules....") + if os.path.isfile("requirements.txt"): + os.system("pip install -r requirements.txt") + else: + os.system("pip install pywin32") + os.system("pip install pycryptodome") + os.system("pip install requests") + print("Modules installed!") + time.sleep(1.5) + os._exit(1) + +try: # Connection check + s = requests.Session() # Session + s.get('https://google.com') +except requests.exceptions.RequestException as e: + print(e) + time.sleep(3) + os._exit(1) + + +class api: + + name = ownerid = secret = version = hash_to_check = "" + + def __init__(self, name, ownerid, secret, version, hash_to_check): + self.name = name + + self.ownerid = ownerid + + self.secret = secret + + self.version = version + self.hash_to_check = hash_to_check + self.init() + + sessionid = enckey = "" + initialized = False + + def init(self): + + if self.sessionid != "": + print("You've already initialized!") + time.sleep(2) + os._exit(1) + init_iv = SHA256.new(str(uuid4())[:8].encode()).hexdigest() + + self.enckey = SHA256.new(str(uuid4())[:8].encode()).hexdigest() + + post_data = { + "type": binascii.hexlify(("init").encode()), + "ver": encryption.encrypt(self.version, self.secret, init_iv), + "hash": self.hash_to_check, + "enckey": encryption.encrypt(self.enckey, self.secret, init_iv), + "name": binascii.hexlify(self.name.encode()), + "ownerid": binascii.hexlify(self.ownerid.encode()), + "init_iv": init_iv + } + + response = self.__do_request(post_data) + + if response == "KeyAuth_Invalid": + print("The application doesn't exist") + os._exit(1) + + response = encryption.decrypt(response, self.secret, init_iv) + json = jsond.loads(response) + + if json["message"] == "invalidver": + if json["download"] != "": + print("New Version Available") + download_link = json["download"] + os.system(f"start {download_link}") + os._exit(1) + else: + print("Invalid Version, Contact owner to add download link to latest app version") + os._exit(1) + + if not json["success"]: + print(json["message"]) + os._exit(1) + + self.sessionid = json["sessionid"] + self.initialized = True + self.__load_app_data(json["appinfo"]) + + def register(self, user, password, license, hwid=None): + self.checkinit() + if hwid is None: + hwid = others.get_hwid() + + init_iv = SHA256.new(str(uuid4())[:8].encode()).hexdigest() + + post_data = { + "type": binascii.hexlify(("register").encode()), + "username": encryption.encrypt(user, self.enckey, init_iv), + "pass": encryption.encrypt(password, self.enckey, init_iv), + "key": encryption.encrypt(license, self.enckey, init_iv), + "hwid": encryption.encrypt(hwid, self.enckey, init_iv), + "sessionid": binascii.hexlify(self.sessionid.encode()), + "name": binascii.hexlify(self.name.encode()), + "ownerid": binascii.hexlify(self.ownerid.encode()), + "init_iv": init_iv + } + + response = self.__do_request(post_data) + response = encryption.decrypt(response, self.enckey, init_iv) + json = jsond.loads(response) + + if json["success"]: + print("successfully registered") + self.__load_user_data(json["info"]) + else: + print(json["message"]) + os._exit(1) + + def upgrade(self, user, license): + self.checkinit() + init_iv = SHA256.new(str(uuid4())[:8].encode()).hexdigest() + + post_data = { + "type": binascii.hexlify(("upgrade").encode()), + "username": encryption.encrypt(user, self.enckey, init_iv), + "key": encryption.encrypt(license, self.enckey, init_iv), + "sessionid": binascii.hexlify(self.sessionid.encode()), + "name": binascii.hexlify(self.name.encode()), + "ownerid": binascii.hexlify(self.ownerid.encode()), + "init_iv": init_iv + } + + response = self.__do_request(post_data) + + response = encryption.decrypt(response, self.enckey, init_iv) + + json = jsond.loads(response) + + if json["success"]: + print("successfully upgraded user") + print("please restart program and login") + time.sleep(2) + os._exit(1) + else: + print(json["message"]) + os._exit(1) + + def login(self, user, password, hwid=None): + self.checkinit() + if hwid is None: + hwid = others.get_hwid() + + init_iv = SHA256.new(str(uuid4())[:8].encode()).hexdigest() + + post_data = { + "type": binascii.hexlify(("login").encode()), + "username": encryption.encrypt(user, self.enckey, init_iv), + "pass": encryption.encrypt(password, self.enckey, init_iv), + "hwid": encryption.encrypt(hwid, self.enckey, init_iv), + "sessionid": binascii.hexlify(self.sessionid.encode()), + "name": binascii.hexlify(self.name.encode()), + "ownerid": binascii.hexlify(self.ownerid.encode()), + "init_iv": init_iv + } + + response = self.__do_request(post_data) + + response = encryption.decrypt(response, self.enckey, init_iv) + + json = jsond.loads(response) + + if json["success"]: + self.__load_user_data(json["info"]) + print("successfully logged in") + else: + print(json["message"]) + os._exit(1) + + def license(self, key, hwid=None): + self.checkinit() + if hwid is None: + hwid = others.get_hwid() + + init_iv = SHA256.new(str(uuid4())[:8].encode()).hexdigest() + + post_data = { + "type": binascii.hexlify(("license").encode()), + "key": encryption.encrypt(key, self.enckey, init_iv), + "hwid": encryption.encrypt(hwid, self.enckey, init_iv), + "sessionid": binascii.hexlify(self.sessionid.encode()), + "name": binascii.hexlify(self.name.encode()), + "ownerid": binascii.hexlify(self.ownerid.encode()), + "init_iv": init_iv + } + + response = self.__do_request(post_data) + response = encryption.decrypt(response, self.enckey, init_iv) + + json = jsond.loads(response) + + if json["success"]: + self.__load_user_data(json["info"]) + print("successfully logged into license") + else: + print(json["message"]) + os._exit(1) + + def var(self, name): + self.checkinit() + init_iv = SHA256.new(str(uuid4())[:8].encode()).hexdigest() + + post_data = { + "type": binascii.hexlify(("var").encode()), + "varid": encryption.encrypt(name, self.enckey, init_iv), + "sessionid": binascii.hexlify(self.sessionid.encode()), + "name": binascii.hexlify(self.name.encode()), + "ownerid": binascii.hexlify(self.ownerid.encode()), + "init_iv": init_iv + } + + response = self.__do_request(post_data) + + response = encryption.decrypt(response, self.enckey, init_iv) + + json = jsond.loads(response) + + if json["success"]: + return json["message"] + else: + print(json["message"]) + time.sleep(5) + os._exit(1) + + def getvar(self, var_name): + self.checkinit() + init_iv = SHA256.new(str(uuid4())[:8].encode()).hexdigest() + + post_data = { + "type": binascii.hexlify(("getvar").encode()), + "var": encryption.encrypt(var_name, self.enckey, init_iv), + "sessionid": binascii.hexlify(self.sessionid.encode()), + "name": binascii.hexlify(self.name.encode()), + "ownerid": binascii.hexlify(self.ownerid.encode()), + "init_iv": init_iv + } + response = self.__do_request(post_data) + response = encryption.decrypt(response, self.enckey, init_iv) + json = jsond.loads(response) + + if json["success"]: + return json["response"] + else: + print(json["message"]) + time.sleep(5) + os._exit(1) + + def setvar(self, var_name, var_data): + self.checkinit() + init_iv = SHA256.new(str(uuid4())[:8].encode()).hexdigest() + post_data = { + "type": binascii.hexlify(("setvar").encode()), + "var": encryption.encrypt(var_name, self.enckey, init_iv), + "data": encryption.encrypt(var_data, self.enckey, init_iv), + "sessionid": binascii.hexlify(self.sessionid.encode()), + "name": binascii.hexlify(self.name.encode()), + "ownerid": binascii.hexlify(self.ownerid.encode()), + "init_iv": init_iv + } + response = self.__do_request(post_data) + response = encryption.decrypt(response, self.enckey, init_iv) + json = jsond.loads(response) + + if json["success"]: + return True + else: + print(json["message"]) + time.sleep(5) + os._exit(1) + + def ban(self): + self.checkinit() + init_iv = SHA256.new(str(uuid4())[:8].encode()).hexdigest() + post_data = { + "type": binascii.hexlify(("ban").encode()), + "sessionid": binascii.hexlify(self.sessionid.encode()), + "name": binascii.hexlify(self.name.encode()), + "ownerid": binascii.hexlify(self.ownerid.encode()), + "init_iv": init_iv + } + response = self.__do_request(post_data) + response = encryption.decrypt(response, self.enckey, init_iv) + json = jsond.loads(response) + + if json["success"]: + return True + else: + print(json["message"]) + time.sleep(5) + os._exit(1) + + def file(self, fileid): + self.checkinit() + init_iv = SHA256.new(str(uuid4())[:8].encode()).hexdigest() + + post_data = { + "type": binascii.hexlify(("file").encode()), + "fileid": encryption.encrypt(fileid, self.enckey, init_iv), + "sessionid": binascii.hexlify(self.sessionid.encode()), + "name": binascii.hexlify(self.name.encode()), + "ownerid": binascii.hexlify(self.ownerid.encode()), + "init_iv": init_iv + } + + response = self.__do_request(post_data) + + response = encryption.decrypt(response, self.enckey, init_iv) + + json = jsond.loads(response) + + if not json["success"]: + print(json["message"]) + time.sleep(5) + os._exit(1) + return binascii.unhexlify(json["contents"]) + + def webhook(self, webid, param, body = "", conttype = ""): + self.checkinit() + init_iv = SHA256.new(str(uuid4())[:8].encode()).hexdigest() + + post_data = { + "type": binascii.hexlify(("webhook").encode()), + "webid": encryption.encrypt(webid, self.enckey, init_iv), + "params": encryption.encrypt(param, self.enckey, init_iv), + "body": encryption.encrypt(body, self.enckey, init_iv), + "conttype": encryption.encrypt(conttype, self.enckey, init_iv), + "sessionid": binascii.hexlify(self.sessionid.encode()), + "name": binascii.hexlify(self.name.encode()), + "ownerid": binascii.hexlify(self.ownerid.encode()), + "init_iv": init_iv + } + + response = self.__do_request(post_data) + + response = encryption.decrypt(response, self.enckey, init_iv) + json = jsond.loads(response) + + if json["success"]: + return json["message"] + else: + print(json["message"]) + time.sleep(5) + os._exit(1) + + def check(self): + self.checkinit() + init_iv = SHA256.new(str(uuid4())[:8].encode()).hexdigest() + post_data = { + "type": binascii.hexlify(("check").encode()), + "sessionid": binascii.hexlify(self.sessionid.encode()), + "name": binascii.hexlify(self.name.encode()), + "ownerid": binascii.hexlify(self.ownerid.encode()), + "init_iv": init_iv + } + response = self.__do_request(post_data) + + response = encryption.decrypt(response, self.enckey, init_iv) + json = jsond.loads(response) + if json["success"]: + return True + else: + return False + + def checkblacklist(self): + self.checkinit() + hwid = others.get_hwid() + init_iv = SHA256.new(str(uuid4())[:8].encode()).hexdigest() + post_data = { + "type": binascii.hexlify(("checkblacklist").encode()), + "hwid": encryption.encrypt(hwid, self.enckey, init_iv), + "sessionid": binascii.hexlify(self.sessionid.encode()), + "name": binascii.hexlify(self.name.encode()), + "ownerid": binascii.hexlify(self.ownerid.encode()), + "init_iv": init_iv + } + response = self.__do_request(post_data) + + response = encryption.decrypt(response, self.enckey, init_iv) + json = jsond.loads(response) + if json["success"]: + return True + else: + return False + + def log(self, message): + self.checkinit() + init_iv = SHA256.new(str(uuid4())[:8].encode()).hexdigest() + + post_data = { + "type": binascii.hexlify(("log").encode()), + "pcuser": encryption.encrypt(os.getenv('username'), self.enckey, init_iv), + "message": encryption.encrypt(message, self.enckey, init_iv), + "sessionid": binascii.hexlify(self.sessionid.encode()), + "name": binascii.hexlify(self.name.encode()), + "ownerid": binascii.hexlify(self.ownerid.encode()), + "init_iv": init_iv + } + + self.__do_request(post_data) + + def fetchOnline(self): + self.checkinit() + init_iv = SHA256.new(str(uuid4())[:8].encode()).hexdigest() + + post_data = { + "type": binascii.hexlify(("fetchOnline").encode()), + "sessionid": binascii.hexlify(self.sessionid.encode()), + "name": binascii.hexlify(self.name.encode()), + "ownerid": binascii.hexlify(self.ownerid.encode()), + "init_iv": init_iv + } + + response = self.__do_request(post_data) + response = encryption.decrypt(response, self.enckey, init_iv) + + json = jsond.loads(response) + + if json["success"]: + if len(json["users"]) == 0: + return None # THIS IS ISSUE ON KEYAUTH SERVER SIDE 6.8.2022, so it will return none if it is not an array. + else: + return json["users"] + else: + return None + + def chatGet(self, channel): + self.checkinit() + init_iv = SHA256.new(str(uuid4())[:8].encode()).hexdigest() + + post_data = { + "type": binascii.hexlify(("chatget").encode()), + "channel": encryption.encrypt(channel, self.enckey, init_iv), + "sessionid": binascii.hexlify(self.sessionid.encode()), + "name": binascii.hexlify(self.name.encode()), + "ownerid": binascii.hexlify(self.ownerid.encode()), + "init_iv": init_iv + } + + response = self.__do_request(post_data) + response = encryption.decrypt(response, self.enckey, init_iv) + + json = jsond.loads(response) + + if json["success"]: + return json["messages"] + else: + return None + + def chatSend(self, message, channel): + self.checkinit() + init_iv = SHA256.new(str(uuid4())[:8].encode()).hexdigest() + + post_data = { + "type": binascii.hexlify(("chatsend").encode()), + "message": encryption.encrypt(message, self.enckey, init_iv), + "channel": encryption.encrypt(channel, self.enckey, init_iv), + "sessionid": binascii.hexlify(self.sessionid.encode()), + "name": binascii.hexlify(self.name.encode()), + "ownerid": binascii.hexlify(self.ownerid.encode()), + "init_iv": init_iv + } + + response = self.__do_request(post_data) + response = encryption.decrypt(response, self.enckey, init_iv) + + json = jsond.loads(response) + + if json["success"]: + return True + else: + return False + + def checkinit(self): + if not self.initialized: + print("Initialize first, in order to use the functions") + time.sleep(2) + os._exit(1) + + def __do_request(self, post_data): + try: + rq_out = s.post( + "https://keyauth.win/api/1.0/", data=post_data, timeout=30 + ) + return rq_out.text + except requests.exceptions.Timeout: + print("Request timed out") + + class application_data_class: + numUsers = numKeys = app_ver = customer_panel = onlineUsers = "" + # region user_data + + class user_data_class: + username = ip = hwid = expires = createdate = lastlogin = subscription = subscriptions = "" + + user_data = user_data_class() + app_data = application_data_class() + + def __load_app_data(self, data): + self.app_data.numUsers = data["numUsers"] + self.app_data.numKeys = data["numKeys"] + self.app_data.app_ver = data["version"] + self.app_data.customer_panel = data["customerPanelLink"] + self.app_data.onlineUsers = data["numOnlineUsers"] + + def __load_user_data(self, data): + self.user_data.username = data["username"] + self.user_data.ip = data["ip"] + self.user_data.hwid = data["hwid"] + self.user_data.expires = data["subscriptions"][0]["expiry"] + self.user_data.createdate = data["createdate"] + self.user_data.lastlogin = data["lastlogin"] + self.user_data.subscription = data["subscriptions"][0]["subscription"] + self.user_data.subscriptions = data["subscriptions"] + + +class others: + @staticmethod + def get_hwid(): + if platform.system() == "Linux": + with open("/etc/machine-id") as f: + hwid = f.read() + return hwid + elif platform.system() == 'Windows': + winuser = os.getlogin() + sid = win32security.LookupAccountName(None, winuser)[0] + hwid = win32security.ConvertSidToStringSid(sid) + return hwid + elif platform.system() == 'Darwin': + output = subprocess.Popen("ioreg -l | grep IOPlatformSerialNumber", stdout=subprocess.PIPE, shell=True).communicate()[0] + serial = output.decode().split('=', 1)[1].replace(' ', '') + hwid = serial[1:-2] + return hwid + + + +class encryption: + @staticmethod + def encrypt_string(plain_text, key, iv): + plain_text = pad(plain_text, 16) + + aes_instance = AES.new(key, AES.MODE_CBC, iv) + + raw_out = aes_instance.encrypt(plain_text) + + return binascii.hexlify(raw_out) + + @staticmethod + def decrypt_string(cipher_text, key, iv): + cipher_text = binascii.unhexlify(cipher_text) + + aes_instance = AES.new(key, AES.MODE_CBC, iv) + + cipher_text = aes_instance.decrypt(cipher_text) + + return unpad(cipher_text, 16) + + @staticmethod + def encrypt(message, enc_key, iv): + try: + _key = SHA256.new(enc_key.encode()).hexdigest()[:32] + + _iv = SHA256.new(iv.encode()).hexdigest()[:16] + + return encryption.encrypt_string(message.encode(), _key.encode(), _iv.encode()).decode() + except: + print("Invalid Application Information. Long text is secret short text is ownerid. Name is supposed to be app name not username") + os._exit(1) + + @staticmethod + def decrypt(message, enc_key, iv): + try: + _key = SHA256.new(enc_key.encode()).hexdigest()[:32] + + _iv = SHA256.new(iv.encode()).hexdigest()[:16] + + return encryption.decrypt_string(message.encode(), _key.encode(), _iv.encode()).decode() + except: + print("Invalid Application Information. Long text is secret short text is ownerid. Name is supposed to be app name not username") + os._exit(1) + + +# import json as jsond +# ^^ only for auto login/json writing/reading + +# watch setup video if you need help https://www.youtube.com/watch?v=L2eAQOmuUiA + +if sys.version_info.minor < 10: # Python version check (Bypass Patch) + print("[Security] - Python 3.10 or higher is recommended. The bypass will not work on 3.10+") + print("You are using Python {}.{}".format(sys.version_info.major, sys.version_info.minor)) + +if platform.system() == 'Windows': + os.system('cls & title Python Example') # clear console, change title +elif platform.system() == 'Linux': + os.system('clear') # clear console + sys.stdout.write("\x1b]0;Python Example\x07") # change title +elif platform.system() == 'Darwin': + os.system("clear && printf '\e[3J'") # clear console + os.system('''echo - n - e "\033]0;Python Example\007"''') # change title + +print("Initializing") + + +def getchecksum(): + md5_hash = hashlib.md5() + file = open(''.join(sys.argv), "rb") + md5_hash.update(file.read()) + digest = md5_hash.hexdigest() + return digest + + +keyauthapp = api( + name = "", #App name (Manage Applications --> Application name) + ownerid = "", #Owner ID (Account-Settings --> OwnerID) + secret = "", #App secret(Manage Applications --> App credentials code) + version = "1.0", + hash_to_check = getchecksum() +) + +print(f""" +App data: +Number of users: {keyauthapp.app_data.numUsers} +Number of online users: {keyauthapp.app_data.onlineUsers} +Number of keys: {keyauthapp.app_data.numKeys} +Application Version: {keyauthapp.app_data.app_ver} +Customer panel link: {keyauthapp.app_data.customer_panel} +""") +print(f"Current Session Validation Status: {keyauthapp.check()}") +print(f"Blacklisted? : {keyauthapp.checkblacklist()}") # check if blacklisted, you can edit this and make it exit the program if blacklisted + + +def answer(): + try: + print(""" +1.Login +2.Register +3.Upgrade +4.License Key Only + """) + ans = input("Select Option: ") + if ans == "1": + user = input('Provide username: ') + password = input('Provide password: ') + keyauthapp.login(user, password) + elif ans == "2": + user = input('Provide username: ') + password = input('Provide password: ') + license = input('Provide License: ') + keyauthapp.register(user, password, license) + elif ans == "3": + user = input('Provide username: ') + license = input('Provide License: ') + keyauthapp.upgrade(user, license) + elif ans == "4": + key = input('Enter your license: ') + keyauthapp.license(key) + else: + print("\nNot Valid Option") + time.sleep(1) + os.system('cls') + answer() + except KeyboardInterrupt: + os._exit(1) + + +answer() + +# region Extra Functions + +# * Download Files form the server to your computer using the download function in the api class +# bytes = keyauthapp.file("FILEID") +# f = open("example.exe", "wb") +# f.write(bytes) +# f.close() + + +# * Set up user variable +# keyauthapp.setvar("varName", "varValue") + +# * Get user variable and print it +# data = keyauthapp.getvar("varName") +# print(data) + +# * Get normal variable and print it +# data = keyauthapp.var("varName") +# print(data) + +# * Log message to the server and then to your webhook what is set on app settings +# keyauthapp.log("Message") + +# * Get if the user pc have been blacklisted +# print(f"Blacklisted? : {keyauthapp.checkblacklist()}") + +# * See if the current session is validated +# print(f"Session Validated?: {keyauthapp.check()}") + + +# * example to send normal request with no POST data +# data = keyauthapp.webhook("WebhookID", "?type=resetuser&user=username") + +# * example to send form data +# data = keyauthapp.webhook("WebhookID", "", "type=init&name=test&ownerid=j9Gj0FTemM", "application/x-www-form-urlencoded") + +# * example to send JSON +# data = keyauthapp.webhook("WebhookID", "", "{\"content\": \"webhook message here\",\"embeds\": null}", "application/json") + +# * Get chat messages +# messages = keyauthapp.chatGet("CHANNEL") + +# Messages = "" +# for i in range(len(messages)): +# Messages += datetime.utcfromtimestamp(int(messages[i]["timestamp"])).strftime('%Y-%m-%d %H:%M:%S') + " - " + messages[i]["author"] + ": " + messages[i]["message"] + "\n" + +# print("\n\n" + Messages) + +# * Send chat message +# keyauthapp.chatSend("MESSAGE", "CHANNEL") + +# * Add Application Information to Title +# os.system(f"cls & title KeyAuth Python Example - Total Users: {keyauthapp.app_data.numUsers} - Online Users: {keyauthapp.app_data.onlineUsers} - Total Keys: {keyauthapp.app_data.numKeys}") + +# * Auto-Login Example (THIS IS JUST AN EXAMPLE --> YOU WILL HAVE TO EDIT THE CODE PROBABLY) +# 1. Checking and Reading JSON + +#### Note: Remove the ''' on line 151 and 226 + +'''try: + if os.path.isfile('auth.json'): #Checking if the auth file exist + if jsond.load(open("auth.json"))["authusername"] == "": #Checks if the authusername is empty or not + print(""" +1. Login +2. Register + """) + ans=input("Select Option: ") #Skipping auto-login bc auth file is empty + if ans=="1": + user = input('Provide username: ') + password = input('Provide password: ') + keyauthapp.login(user,password) + authfile = jsond.load(open("auth.json")) + authfile["authusername"] = user + authfile["authpassword"] = password + jsond.dump(authfile, open('auth.json', 'w'), sort_keys=False, indent=4) + elif ans=="2": + user = input('Provide username: ') + password = input('Provide password: ') + license = input('Provide License: ') + keyauthapp.register(user,password,license) + authfile = jsond.load(open("auth.json")) + authfile["authusername"] = user + authfile["authpassword"] = password + jsond.dump(authfile, open('auth.json', 'w'), sort_keys=False, indent=4) + else: + print("\nNot Valid Option") + os._exit(1) + else: + try: #2. Auto login + with open('auth.json', 'r') as f: + authfile = jsond.load(f) + authuser = authfile.get('authusername') + authpass = authfile.get('authpassword') + keyauthapp.login(authuser,authpass) + except Exception as e: #Error stuff + print(e) + else: #Creating auth file bc its missing + try: + f = open("auth.json", "a") #Writing content + f.write("""{ + "authusername": "", + "authpassword": "" +}""") + f.close() + print (""" +1. Login +2. Register + """)#Again skipping auto-login bc the file is empty/missing + ans=input("Select Option: ") + if ans=="1": + user = input('Provide username: ') + password = input('Provide password: ') + keyauthapp.login(user,password) + authfile = jsond.load(open("auth.json")) + authfile["authusername"] = user + authfile["authpassword"] = password + jsond.dump(authfile, open('auth.json', 'w'), sort_keys=False, indent=4) + elif ans=="2": + user = input('Provide username: ') + password = input('Provide password: ') + license = input('Provide License: ') + keyauthapp.register(user,password,license) + authfile = jsond.load(open("auth.json")) + authfile["authusername"] = user + authfile["authpassword"] = password + jsond.dump(authfile, open('auth.json', 'w'), sort_keys=False, indent=4) + else: + print("\nNot Valid Option") + os._exit(1) + except Exception as e: #Error stuff + print(e) + os._exit(1) +except Exception as e: #Error stuff + print(e) + os._exit(1)''' + +# endregion + + +print("\nUser data: ") +print("Username: " + keyauthapp.user_data.username) +print("IP address: " + keyauthapp.user_data.ip) +print("Hardware-Id: " + keyauthapp.user_data.hwid) +# print("Subcription: " + keyauthapp.user_data.subscription) ## Print Subscription "ONE" name + +subs = keyauthapp.user_data.subscriptions # Get all Subscription names, expiry, and timeleft +for i in range(len(subs)): + sub = subs[i]["subscription"] # Subscription from every Sub + expiry = datetime.utcfromtimestamp(int(subs[i]["expiry"])).strftime( + '%Y-%m-%d %H:%M:%S') # Expiry date from every Sub + timeleft = subs[i]["timeleft"] # Timeleft from every Sub + + print(f"[{i + 1} / {len(subs)}] | Subscription: {sub} - Expiry: {expiry} - Timeleft: {timeleft}") + +onlineUsers = keyauthapp.fetchOnline() +OU = "" # KEEP THIS EMPTY FOR NOW, THIS WILL BE USED TO CREATE ONLINE USER STRING. +if onlineUsers is None: + OU = "No online users" +else: + for i in range(len(onlineUsers)): + OU += onlineUsers[i]["credential"] + " " + +print("\n" + OU + "\n") + +print("Created at: " + datetime.utcfromtimestamp(int(keyauthapp.user_data.createdate)).strftime('%Y-%m-%d %H:%M:%S')) +print("Last login at: " + datetime.utcfromtimestamp(int(keyauthapp.user_data.lastlogin)).strftime('%Y-%m-%d %H:%M:%S')) +print("Expires at: " + datetime.utcfromtimestamp(int(keyauthapp.user_data.expires)).strftime('%Y-%m-%d %H:%M:%S')) +print(f"Current Session Validation Status: {keyauthapp.check()}") +print("Exiting in 10 secs....") +sleep(10) +os._exit(1) From a58ac9b96519f1354f1d89587152491a9c329309 Mon Sep 17 00:00:00 2001 From: 6nz <74118308+6nz@users.noreply.github.com> Date: Sun, 30 Oct 2022 00:12:53 +0200 Subject: [PATCH 059/106] Update merged_example.py --- other-examples/merged_example.py | 2 ++ 1 file changed, 2 insertions(+) diff --git a/other-examples/merged_example.py b/other-examples/merged_example.py index 0a624df..2e653ac 100644 --- a/other-examples/merged_example.py +++ b/other-examples/merged_example.py @@ -1,3 +1,5 @@ +# 1 file version + import binascii # hex encoding import hashlib import json as jsond # json From 20861aa7d49bb8b85d8a09e7316b1974cd755ac8 Mon Sep 17 00:00:00 2001 From: 6nz <74118308+6nz@users.noreply.github.com> Date: Sun, 30 Oct 2022 00:40:22 +0200 Subject: [PATCH 060/106] Create method1.py --- other-examples/method1.py | 875 ++++++++++++++++++++++++++++++++++++++ 1 file changed, 875 insertions(+) create mode 100644 other-examples/method1.py diff --git a/other-examples/method1.py b/other-examples/method1.py new file mode 100644 index 0000000..415356c --- /dev/null +++ b/other-examples/method1.py @@ -0,0 +1,875 @@ +import binascii # hex encoding +import hashlib +import json as jsond # json +import os +import platform # check platform +import subprocess # needed for mac device +import sys +import time # sleep before exit +from datetime import datetime +from time import sleep +from uuid import uuid4 # gen random guid + +try: + if os.name == 'nt': + import win32security # get sid (WIN only) + import requests # https requests + from Crypto.Cipher import AES + from Crypto.Hash import SHA256 + from Crypto.Util.Padding import pad, unpad +except ModuleNotFoundError: + print("Exception when importing modules") + print("Installing necessary modules....") + if os.path.isfile("requirements.txt"): + os.system("pip install -r requirements.txt") + else: + os.system("pip install pywin32") + os.system("pip install pycryptodome") + os.system("pip install requests") + print("Modules installed!") + time.sleep(1.5) + os._exit(1) + +try: # Connection check + s = requests.Session() # Session + s.get('https://google.com') +except requests.exceptions.RequestException as e: + print(e) + time.sleep(3) + os._exit(1) + + +class api: + + name = ownerid = secret = version = hash_to_check = "" + + def __init__(self, name, ownerid, secret, version, hash_to_check): + self.name = name + + self.ownerid = ownerid + + self.secret = secret + + self.version = version + self.hash_to_check = hash_to_check + self.init() + + sessionid = enckey = "" + initialized = False + + def init(self): + + if self.sessionid != "": + print("You've already initialized!") + time.sleep(2) + os._exit(1) + init_iv = SHA256.new(str(uuid4())[:8].encode()).hexdigest() + + self.enckey = SHA256.new(str(uuid4())[:8].encode()).hexdigest() + + post_data = { + "type": binascii.hexlify(("init").encode()), + "ver": encryption.encrypt(self.version, self.secret, init_iv), + "hash": self.hash_to_check, + "enckey": encryption.encrypt(self.enckey, self.secret, init_iv), + "name": binascii.hexlify(self.name.encode()), + "ownerid": binascii.hexlify(self.ownerid.encode()), + "init_iv": init_iv + } + + response = self.__do_request(post_data) + + if response == "KeyAuth_Invalid": + print("The application doesn't exist") + os._exit(1) + + response = encryption.decrypt(response, self.secret, init_iv) + json = jsond.loads(response) + + if json["message"] == "invalidver": + if json["download"] != "": + print("New Version Available") + download_link = json["download"] + os.system(f"start {download_link}") + os._exit(1) + else: + print("Invalid Version, Contact owner to add download link to latest app version") + os._exit(1) + + if not json["success"]: + print(json["message"]) + os._exit(1) + + self.sessionid = json["sessionid"] + self.initialized = True + self.__load_app_data(json["appinfo"]) + + def register(self, user, password, license, hwid=None): + self.checkinit() + if hwid is None: + hwid = others.get_hwid() + + init_iv = SHA256.new(str(uuid4())[:8].encode()).hexdigest() + + post_data = { + "type": binascii.hexlify(("register").encode()), + "username": encryption.encrypt(user, self.enckey, init_iv), + "pass": encryption.encrypt(password, self.enckey, init_iv), + "key": encryption.encrypt(license, self.enckey, init_iv), + "hwid": encryption.encrypt(hwid, self.enckey, init_iv), + "sessionid": binascii.hexlify(self.sessionid.encode()), + "name": binascii.hexlify(self.name.encode()), + "ownerid": binascii.hexlify(self.ownerid.encode()), + "init_iv": init_iv + } + + response = self.__do_request(post_data) + response = encryption.decrypt(response, self.enckey, init_iv) + json = jsond.loads(response) + + if json["success"]: + print("successfully registered") + self.__load_user_data(json["info"]) + else: + print(json["message"]) + os._exit(1) + + def upgrade(self, user, license): + self.checkinit() + init_iv = SHA256.new(str(uuid4())[:8].encode()).hexdigest() + + post_data = { + "type": binascii.hexlify(("upgrade").encode()), + "username": encryption.encrypt(user, self.enckey, init_iv), + "key": encryption.encrypt(license, self.enckey, init_iv), + "sessionid": binascii.hexlify(self.sessionid.encode()), + "name": binascii.hexlify(self.name.encode()), + "ownerid": binascii.hexlify(self.ownerid.encode()), + "init_iv": init_iv + } + + response = self.__do_request(post_data) + + response = encryption.decrypt(response, self.enckey, init_iv) + + json = jsond.loads(response) + + if json["success"]: + print("successfully upgraded user") + print("please restart program and login") + time.sleep(2) + os._exit(1) + else: + print(json["message"]) + os._exit(1) + + def login(self, user, password, hwid=None): + self.checkinit() + if hwid is None: + hwid = others.get_hwid() + + init_iv = SHA256.new(str(uuid4())[:8].encode()).hexdigest() + + post_data = { + "type": binascii.hexlify(("login").encode()), + "username": encryption.encrypt(user, self.enckey, init_iv), + "pass": encryption.encrypt(password, self.enckey, init_iv), + "hwid": encryption.encrypt(hwid, self.enckey, init_iv), + "sessionid": binascii.hexlify(self.sessionid.encode()), + "name": binascii.hexlify(self.name.encode()), + "ownerid": binascii.hexlify(self.ownerid.encode()), + "init_iv": init_iv + } + + response = self.__do_request(post_data) + + response = encryption.decrypt(response, self.enckey, init_iv) + + json = jsond.loads(response) + + if json["success"]: + self.__load_user_data(json["info"]) + print("successfully logged in") + else: + print(json["message"]) + os._exit(1) + + def license(self, key, hwid=None): + self.checkinit() + if hwid is None: + hwid = others.get_hwid() + + init_iv = SHA256.new(str(uuid4())[:8].encode()).hexdigest() + + post_data = { + "type": binascii.hexlify(("license").encode()), + "key": encryption.encrypt(key, self.enckey, init_iv), + "hwid": encryption.encrypt(hwid, self.enckey, init_iv), + "sessionid": binascii.hexlify(self.sessionid.encode()), + "name": binascii.hexlify(self.name.encode()), + "ownerid": binascii.hexlify(self.ownerid.encode()), + "init_iv": init_iv + } + + response = self.__do_request(post_data) + response = encryption.decrypt(response, self.enckey, init_iv) + + json = jsond.loads(response) + + if json["success"]: + self.__load_user_data(json["info"]) + print("successfully logged into license") + else: + print(json["message"]) + os._exit(1) + + def var(self, name): + self.checkinit() + init_iv = SHA256.new(str(uuid4())[:8].encode()).hexdigest() + + post_data = { + "type": binascii.hexlify(("var").encode()), + "varid": encryption.encrypt(name, self.enckey, init_iv), + "sessionid": binascii.hexlify(self.sessionid.encode()), + "name": binascii.hexlify(self.name.encode()), + "ownerid": binascii.hexlify(self.ownerid.encode()), + "init_iv": init_iv + } + + response = self.__do_request(post_data) + + response = encryption.decrypt(response, self.enckey, init_iv) + + json = jsond.loads(response) + + if json["success"]: + return json["message"] + else: + print(json["message"]) + time.sleep(5) + os._exit(1) + + def getvar(self, var_name): + self.checkinit() + init_iv = SHA256.new(str(uuid4())[:8].encode()).hexdigest() + + post_data = { + "type": binascii.hexlify(("getvar").encode()), + "var": encryption.encrypt(var_name, self.enckey, init_iv), + "sessionid": binascii.hexlify(self.sessionid.encode()), + "name": binascii.hexlify(self.name.encode()), + "ownerid": binascii.hexlify(self.ownerid.encode()), + "init_iv": init_iv + } + response = self.__do_request(post_data) + response = encryption.decrypt(response, self.enckey, init_iv) + json = jsond.loads(response) + + if json["success"]: + return json["response"] + else: + print(json["message"]) + time.sleep(5) + os._exit(1) + + def setvar(self, var_name, var_data): + self.checkinit() + init_iv = SHA256.new(str(uuid4())[:8].encode()).hexdigest() + post_data = { + "type": binascii.hexlify(("setvar").encode()), + "var": encryption.encrypt(var_name, self.enckey, init_iv), + "data": encryption.encrypt(var_data, self.enckey, init_iv), + "sessionid": binascii.hexlify(self.sessionid.encode()), + "name": binascii.hexlify(self.name.encode()), + "ownerid": binascii.hexlify(self.ownerid.encode()), + "init_iv": init_iv + } + response = self.__do_request(post_data) + response = encryption.decrypt(response, self.enckey, init_iv) + json = jsond.loads(response) + + if json["success"]: + return True + else: + print(json["message"]) + time.sleep(5) + os._exit(1) + + def ban(self): + self.checkinit() + init_iv = SHA256.new(str(uuid4())[:8].encode()).hexdigest() + post_data = { + "type": binascii.hexlify(("ban").encode()), + "sessionid": binascii.hexlify(self.sessionid.encode()), + "name": binascii.hexlify(self.name.encode()), + "ownerid": binascii.hexlify(self.ownerid.encode()), + "init_iv": init_iv + } + response = self.__do_request(post_data) + response = encryption.decrypt(response, self.enckey, init_iv) + json = jsond.loads(response) + + if json["success"]: + return True + else: + print(json["message"]) + time.sleep(5) + os._exit(1) + + def file(self, fileid): + self.checkinit() + init_iv = SHA256.new(str(uuid4())[:8].encode()).hexdigest() + + post_data = { + "type": binascii.hexlify(("file").encode()), + "fileid": encryption.encrypt(fileid, self.enckey, init_iv), + "sessionid": binascii.hexlify(self.sessionid.encode()), + "name": binascii.hexlify(self.name.encode()), + "ownerid": binascii.hexlify(self.ownerid.encode()), + "init_iv": init_iv + } + + response = self.__do_request(post_data) + + response = encryption.decrypt(response, self.enckey, init_iv) + + json = jsond.loads(response) + + if not json["success"]: + print(json["message"]) + time.sleep(5) + os._exit(1) + return binascii.unhexlify(json["contents"]) + + def webhook(self, webid, param, body = "", conttype = ""): + self.checkinit() + init_iv = SHA256.new(str(uuid4())[:8].encode()).hexdigest() + + post_data = { + "type": binascii.hexlify(("webhook").encode()), + "webid": encryption.encrypt(webid, self.enckey, init_iv), + "params": encryption.encrypt(param, self.enckey, init_iv), + "body": encryption.encrypt(body, self.enckey, init_iv), + "conttype": encryption.encrypt(conttype, self.enckey, init_iv), + "sessionid": binascii.hexlify(self.sessionid.encode()), + "name": binascii.hexlify(self.name.encode()), + "ownerid": binascii.hexlify(self.ownerid.encode()), + "init_iv": init_iv + } + + response = self.__do_request(post_data) + + response = encryption.decrypt(response, self.enckey, init_iv) + json = jsond.loads(response) + + if json["success"]: + return json["message"] + else: + print(json["message"]) + time.sleep(5) + os._exit(1) + + def check(self): + self.checkinit() + init_iv = SHA256.new(str(uuid4())[:8].encode()).hexdigest() + post_data = { + "type": binascii.hexlify(("check").encode()), + "sessionid": binascii.hexlify(self.sessionid.encode()), + "name": binascii.hexlify(self.name.encode()), + "ownerid": binascii.hexlify(self.ownerid.encode()), + "init_iv": init_iv + } + response = self.__do_request(post_data) + + response = encryption.decrypt(response, self.enckey, init_iv) + json = jsond.loads(response) + if json["success"]: + return True + else: + return False + + def checkblacklist(self): + self.checkinit() + hwid = others.get_hwid() + init_iv = SHA256.new(str(uuid4())[:8].encode()).hexdigest() + post_data = { + "type": binascii.hexlify(("checkblacklist").encode()), + "hwid": encryption.encrypt(hwid, self.enckey, init_iv), + "sessionid": binascii.hexlify(self.sessionid.encode()), + "name": binascii.hexlify(self.name.encode()), + "ownerid": binascii.hexlify(self.ownerid.encode()), + "init_iv": init_iv + } + response = self.__do_request(post_data) + + response = encryption.decrypt(response, self.enckey, init_iv) + json = jsond.loads(response) + if json["success"]: + return True + else: + return False + + def log(self, message): + self.checkinit() + init_iv = SHA256.new(str(uuid4())[:8].encode()).hexdigest() + + post_data = { + "type": binascii.hexlify(("log").encode()), + "pcuser": encryption.encrypt(os.getenv('username'), self.enckey, init_iv), + "message": encryption.encrypt(message, self.enckey, init_iv), + "sessionid": binascii.hexlify(self.sessionid.encode()), + "name": binascii.hexlify(self.name.encode()), + "ownerid": binascii.hexlify(self.ownerid.encode()), + "init_iv": init_iv + } + + self.__do_request(post_data) + + def fetchOnline(self): + self.checkinit() + init_iv = SHA256.new(str(uuid4())[:8].encode()).hexdigest() + + post_data = { + "type": binascii.hexlify(("fetchOnline").encode()), + "sessionid": binascii.hexlify(self.sessionid.encode()), + "name": binascii.hexlify(self.name.encode()), + "ownerid": binascii.hexlify(self.ownerid.encode()), + "init_iv": init_iv + } + + response = self.__do_request(post_data) + response = encryption.decrypt(response, self.enckey, init_iv) + + json = jsond.loads(response) + + if json["success"]: + if len(json["users"]) == 0: + return None # THIS IS ISSUE ON KEYAUTH SERVER SIDE 6.8.2022, so it will return none if it is not an array. + else: + return json["users"] + else: + return None + + def chatGet(self, channel): + self.checkinit() + init_iv = SHA256.new(str(uuid4())[:8].encode()).hexdigest() + + post_data = { + "type": binascii.hexlify(("chatget").encode()), + "channel": encryption.encrypt(channel, self.enckey, init_iv), + "sessionid": binascii.hexlify(self.sessionid.encode()), + "name": binascii.hexlify(self.name.encode()), + "ownerid": binascii.hexlify(self.ownerid.encode()), + "init_iv": init_iv + } + + response = self.__do_request(post_data) + response = encryption.decrypt(response, self.enckey, init_iv) + + json = jsond.loads(response) + + if json["success"]: + return json["messages"] + else: + return None + + def chatSend(self, message, channel): + self.checkinit() + init_iv = SHA256.new(str(uuid4())[:8].encode()).hexdigest() + + post_data = { + "type": binascii.hexlify(("chatsend").encode()), + "message": encryption.encrypt(message, self.enckey, init_iv), + "channel": encryption.encrypt(channel, self.enckey, init_iv), + "sessionid": binascii.hexlify(self.sessionid.encode()), + "name": binascii.hexlify(self.name.encode()), + "ownerid": binascii.hexlify(self.ownerid.encode()), + "init_iv": init_iv + } + + response = self.__do_request(post_data) + response = encryption.decrypt(response, self.enckey, init_iv) + + json = jsond.loads(response) + + if json["success"]: + return True + else: + return False + + def checkinit(self): + if not self.initialized: + print("Initialize first, in order to use the functions") + time.sleep(2) + os._exit(1) + + def __do_request(self, post_data): + try: + rq_out = s.post( + "https://keyauth.win/api/1.0/", data=post_data, timeout=30 + ) + return rq_out.text + except requests.exceptions.Timeout: + print("Request timed out") + + class application_data_class: + numUsers = numKeys = app_ver = customer_panel = onlineUsers = "" + # region user_data + + class user_data_class: + username = ip = hwid = expires = createdate = lastlogin = subscription = subscriptions = "" + + user_data = user_data_class() + app_data = application_data_class() + + def __load_app_data(self, data): + self.app_data.numUsers = data["numUsers"] + self.app_data.numKeys = data["numKeys"] + self.app_data.app_ver = data["version"] + self.app_data.customer_panel = data["customerPanelLink"] + self.app_data.onlineUsers = data["numOnlineUsers"] + + def __load_user_data(self, data): + self.user_data.username = data["username"] + self.user_data.ip = data["ip"] + self.user_data.hwid = data["hwid"] + self.user_data.expires = data["subscriptions"][0]["expiry"] + self.user_data.createdate = data["createdate"] + self.user_data.lastlogin = data["lastlogin"] + self.user_data.subscription = data["subscriptions"][0]["subscription"] + self.user_data.subscriptions = data["subscriptions"] + + +class others: + @staticmethod + def get_hwid(): + if platform.system() == "Linux": + with open("/etc/machine-id") as f: + hwid = f.read() + return hwid + elif platform.system() == 'Windows': + winuser = os.getlogin() + sid = win32security.LookupAccountName(None, winuser)[0] + hwid = win32security.ConvertSidToStringSid(sid) + return hwid + elif platform.system() == 'Darwin': + output = subprocess.Popen("ioreg -l | grep IOPlatformSerialNumber", stdout=subprocess.PIPE, shell=True).communicate()[0] + serial = output.decode().split('=', 1)[1].replace(' ', '') + hwid = serial[1:-2] + return hwid + + + +class encryption: + @staticmethod + def encrypt_string(plain_text, key, iv): + plain_text = pad(plain_text, 16) + + aes_instance = AES.new(key, AES.MODE_CBC, iv) + + raw_out = aes_instance.encrypt(plain_text) + + return binascii.hexlify(raw_out) + + @staticmethod + def decrypt_string(cipher_text, key, iv): + cipher_text = binascii.unhexlify(cipher_text) + + aes_instance = AES.new(key, AES.MODE_CBC, iv) + + cipher_text = aes_instance.decrypt(cipher_text) + + return unpad(cipher_text, 16) + + @staticmethod + def encrypt(message, enc_key, iv): + try: + _key = SHA256.new(enc_key.encode()).hexdigest()[:32] + + _iv = SHA256.new(iv.encode()).hexdigest()[:16] + + return encryption.encrypt_string(message.encode(), _key.encode(), _iv.encode()).decode() + except: + print("Invalid Application Information. Long text is secret short text is ownerid. Name is supposed to be app name not username") + os._exit(1) + + @staticmethod + def decrypt(message, enc_key, iv): + try: + _key = SHA256.new(enc_key.encode()).hexdigest()[:32] + + _iv = SHA256.new(iv.encode()).hexdigest()[:16] + + return encryption.decrypt_string(message.encode(), _key.encode(), _iv.encode()).decode() + except: + print("Invalid Application Information. Long text is secret short text is ownerid. Name is supposed to be app name not username") + os._exit(1) + + +# import json as jsond +# ^^ only for auto login/json writing/reading + +# watch setup video if you need help https://www.youtube.com/watch?v=L2eAQOmuUiA + +if sys.version_info.minor < 10: # Python version check (Bypass Patch) + print("[Security] - Python 3.10 or higher is recommended. The bypass will not work on 3.10+") + print("You are using Python {}.{}".format(sys.version_info.major, sys.version_info.minor)) + +if platform.system() == 'Windows': + os.system('cls & title Python Example') # clear console, change title +elif platform.system() == 'Linux': + os.system('clear') # clear console + sys.stdout.write("\x1b]0;Python Example\x07") # change title +elif platform.system() == 'Darwin': + os.system("clear && printf '\e[3J'") # clear console + os.system('''echo - n - e "\033]0;Python Example\007"''') # change title + +print("Initializing") + + +def getchecksum(): + md5_hash = hashlib.md5() + file = open(''.join(sys.argv), "rb") + md5_hash.update(file.read()) + digest = md5_hash.hexdigest() + return digest + + +keyauthapp = api( + name = "Teszt APP", + ownerid = "gAoE07oIAC", + secret = "ace6246e3879e947aa323e3464d5fb75aa6c40cce3bb4d03d2c722ec60b138f8", + version = "1.0", + hash_to_check = getchecksum() +) + +print(f""" +App data: +Number of users: {keyauthapp.app_data.numUsers} +Number of online users: {keyauthapp.app_data.onlineUsers} +Number of keys: {keyauthapp.app_data.numKeys} +Application Version: {keyauthapp.app_data.app_ver} +Customer panel link: {keyauthapp.app_data.customer_panel} +""") +print(f"Current Session Validation Status: {keyauthapp.check()}") +print(f"Blacklisted? : {keyauthapp.checkblacklist()}") # check if blacklisted, you can edit this and make it exit the program if blacklisted + + +def answer(): + try: + print(""" +1.Login +2.Register +3.Upgrade +4.License Key Only + """) + ans = input("Select Option: ") + if ans == "1": + user = input('Provide username: ') + password = input('Provide password: ') + keyauthapp.login(user, password) + elif ans == "2": + user = input('Provide username: ') + password = input('Provide password: ') + license = input('Provide License: ') + keyauthapp.register(user, password, license) + elif ans == "3": + user = input('Provide username: ') + license = input('Provide License: ') + keyauthapp.upgrade(user, license) + elif ans == "4": + key = input('Enter your license: ') + keyauthapp.license(key) + else: + print("\nNot Valid Option") + time.sleep(1) + os.system('cls') + answer() + except KeyboardInterrupt: + os._exit(1) + + +answer() + +# region Extra Functions + +# * Download Files form the server to your computer using the download function in the api class +# bytes = keyauthapp.file("FILEID") +# f = open("example.exe", "wb") +# f.write(bytes) +# f.close() + + +# * Set up user variable +# keyauthapp.setvar("varName", "varValue") + +# * Get user variable and print it +# data = keyauthapp.getvar("varName") +# print(data) + +# * Get normal variable and print it +# data = keyauthapp.var("varName") +# print(data) + +# * Log message to the server and then to your webhook what is set on app settings +# keyauthapp.log("Message") + +# * Get if the user pc have been blacklisted +# print(f"Blacklisted? : {keyauthapp.checkblacklist()}") + +# * See if the current session is validated +# print(f"Session Validated?: {keyauthapp.check()}") + + +# * example to send normal request with no POST data +# data = keyauthapp.webhook("WebhookID", "?type=resetuser&user=username") + +# * example to send form data +# data = keyauthapp.webhook("WebhookID", "", "type=init&name=test&ownerid=j9Gj0FTemM", "application/x-www-form-urlencoded") + +# * example to send JSON +# data = keyauthapp.webhook("WebhookID", "", "{\"content\": \"webhook message here\",\"embeds\": null}", "application/json") + +# * Get chat messages +# messages = keyauthapp.chatGet("CHANNEL") + +# Messages = "" +# for i in range(len(messages)): +# Messages += datetime.utcfromtimestamp(int(messages[i]["timestamp"])).strftime('%Y-%m-%d %H:%M:%S') + " - " + messages[i]["author"] + ": " + messages[i]["message"] + "\n" + +# print("\n\n" + Messages) + +# * Send chat message +# keyauthapp.chatSend("MESSAGE", "CHANNEL") + +# * Add Application Information to Title +# os.system(f"cls & title KeyAuth Python Example - Total Users: {keyauthapp.app_data.numUsers} - Online Users: {keyauthapp.app_data.onlineUsers} - Total Keys: {keyauthapp.app_data.numKeys}") + +# * Auto-Login Example (THIS IS JUST AN EXAMPLE --> YOU WILL HAVE TO EDIT THE CODE PROBABLY) +# 1. Checking and Reading JSON + +#### Note: Remove the ''' on line 151 and 226 + +'''try: + if os.path.isfile('auth.json'): #Checking if the auth file exist + if jsond.load(open("auth.json"))["authusername"] == "": #Checks if the authusername is empty or not + print(""" +1. Login +2. Register + """) + ans=input("Select Option: ") #Skipping auto-login bc auth file is empty + if ans=="1": + user = input('Provide username: ') + password = input('Provide password: ') + keyauthapp.login(user,password) + authfile = jsond.load(open("auth.json")) + authfile["authusername"] = user + authfile["authpassword"] = password + jsond.dump(authfile, open('auth.json', 'w'), sort_keys=False, indent=4) + elif ans=="2": + user = input('Provide username: ') + password = input('Provide password: ') + license = input('Provide License: ') + keyauthapp.register(user,password,license) + authfile = jsond.load(open("auth.json")) + authfile["authusername"] = user + authfile["authpassword"] = password + jsond.dump(authfile, open('auth.json', 'w'), sort_keys=False, indent=4) + else: + print("\nNot Valid Option") + os._exit(1) + else: + try: #2. Auto login + with open('auth.json', 'r') as f: + authfile = jsond.load(f) + authuser = authfile.get('authusername') + authpass = authfile.get('authpassword') + keyauthapp.login(authuser,authpass) + except Exception as e: #Error stuff + print(e) + else: #Creating auth file bc its missing + try: + f = open("auth.json", "a") #Writing content + f.write("""{ + "authusername": "", + "authpassword": "" +}""") + f.close() + print (""" +1. Login +2. Register + """)#Again skipping auto-login bc the file is empty/missing + ans=input("Select Option: ") + if ans=="1": + user = input('Provide username: ') + password = input('Provide password: ') + keyauthapp.login(user,password) + authfile = jsond.load(open("auth.json")) + authfile["authusername"] = user + authfile["authpassword"] = password + jsond.dump(authfile, open('auth.json', 'w'), sort_keys=False, indent=4) + elif ans=="2": + user = input('Provide username: ') + password = input('Provide password: ') + license = input('Provide License: ') + keyauthapp.register(user,password,license) + authfile = jsond.load(open("auth.json")) + authfile["authusername"] = user + authfile["authpassword"] = password + jsond.dump(authfile, open('auth.json', 'w'), sort_keys=False, indent=4) + else: + print("\nNot Valid Option") + os._exit(1) + except Exception as e: #Error stuff + print(e) + os._exit(1) +except Exception as e: #Error stuff + print(e) + os._exit(1)''' + +# endregion + + +print("\nUser data: ") +print("Username: " + keyauthapp.user_data.username) +print("IP address: " + keyauthapp.user_data.ip) +print("Hardware-Id: " + keyauthapp.user_data.hwid) +# print("Subcription: " + keyauthapp.user_data.subscription) ## Print Subscription "ONE" name + +subs = keyauthapp.user_data.subscriptions # Get all Subscription names, expiry, and timeleft +for i in range(len(subs)): + sub = subs[i]["subscription"] # Subscription from every Sub + expiry = datetime.utcfromtimestamp(int(subs[i]["expiry"])).strftime( + '%Y-%m-%d %H:%M:%S') # Expiry date from every Sub + timeleft = subs[i]["timeleft"] # Timeleft from every Sub + + print(f"[{i + 1} / {len(subs)}] | Subscription: {sub} - Expiry: {expiry} - Timeleft: {timeleft}") + +onlineUsers = keyauthapp.fetchOnline() +OU = "" # KEEP THIS EMPTY FOR NOW, THIS WILL BE USED TO CREATE ONLINE USER STRING. +if onlineUsers is None: + OU = "No online users" +else: + for i in range(len(onlineUsers)): + OU += onlineUsers[i]["credential"] + " " + +print("\n" + OU + "\n") + +print("Created at: " + datetime.utcfromtimestamp(int(keyauthapp.user_data.createdate)).strftime('%Y-%m-%d %H:%M:%S')) +print("Last login at: " + datetime.utcfromtimestamp(int(keyauthapp.user_data.lastlogin)).strftime('%Y-%m-%d %H:%M:%S')) +print("Expires at: " + datetime.utcfromtimestamp(int(keyauthapp.user_data.expires)).strftime('%Y-%m-%d %H:%M:%S')) +print(f"Current Session Validation Status: {keyauthapp.check()}") + + +# Method 1 +# Example +# Put all your code here, remove the example_program function and the "if __name__ == '__main__':" + +def example_program(): + print("\nHello world.") + time.sleep(3) + os._exit(1) + + +if __name__ == '__main__': + example_program() From 6979e425f8353899830f15d2033e8248073d9aec Mon Sep 17 00:00:00 2001 From: 6nz <74118308+6nz@users.noreply.github.com> Date: Sun, 30 Oct 2022 00:48:40 +0200 Subject: [PATCH 061/106] Update method1.py --- other-examples/method1.py | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/other-examples/method1.py b/other-examples/method1.py index 415356c..0c03ee8 100644 --- a/other-examples/method1.py +++ b/other-examples/method1.py @@ -636,9 +636,9 @@ def getchecksum(): keyauthapp = api( - name = "Teszt APP", - ownerid = "gAoE07oIAC", - secret = "ace6246e3879e947aa323e3464d5fb75aa6c40cce3bb4d03d2c722ec60b138f8", + name = "", #App name (Manage Applications --> Application name) + ownerid = "", #Owner ID (Account-Settings --> OwnerID) + secret = "", #App secret(Manage Applications --> App credentials code) version = "1.0", hash_to_check = getchecksum() ) From 04d9cf4782e0c1cfbaea4e321960746099489fae Mon Sep 17 00:00:00 2001 From: 6nz <74118308+6nz@users.noreply.github.com> Date: Sun, 30 Oct 2022 01:00:41 +0200 Subject: [PATCH 062/106] Create method2.py --- other-examples/method2.py | 876 ++++++++++++++++++++++++++++++++++++++ 1 file changed, 876 insertions(+) create mode 100644 other-examples/method2.py diff --git a/other-examples/method2.py b/other-examples/method2.py new file mode 100644 index 0000000..efb0dda --- /dev/null +++ b/other-examples/method2.py @@ -0,0 +1,876 @@ +import binascii # hex encoding +import hashlib +import json as jsond # json +import os +import platform # check platform +import subprocess # needed for mac device +import sys +import time # sleep before exit +from datetime import datetime +from uuid import uuid4 # gen random guid + + +# Method 2 +# Example +# Put all your code here, remove the example_program function. This method will only work if you call your functions after login. Line 207 +# Create 1 function that will call all the other needed functions. You can also create 1 function and put everything in it. This is all your choice, method 1 would be a better idea. +# This can be exploited with Python code injection, for example injecting a code that will call the function before login. + + +def example_program(): + print("\nHello world.") + time.sleep(3) + os._exit(1) + + + +try: + if os.name == 'nt': + import win32security # get sid (WIN only) + import requests # https requests + from Crypto.Cipher import AES + from Crypto.Hash import SHA256 + from Crypto.Util.Padding import pad, unpad +except ModuleNotFoundError: + print("Exception when importing modules") + print("Installing necessary modules....") + if os.path.isfile("requirements.txt"): + os.system("pip install -r requirements.txt") + else: + os.system("pip install pywin32") + os.system("pip install pycryptodome") + os.system("pip install requests") + print("Modules installed!") + time.sleep(1.5) + os._exit(1) + +try: # Connection check + s = requests.Session() # Session + s.get('https://google.com') +except requests.exceptions.RequestException as e: + print(e) + time.sleep(3) + os._exit(1) + + +class api: + + name = ownerid = secret = version = hash_to_check = "" + + def __init__(self, name, ownerid, secret, version, hash_to_check): + self.name = name + + self.ownerid = ownerid + + self.secret = secret + + self.version = version + self.hash_to_check = hash_to_check + self.init() + + sessionid = enckey = "" + initialized = False + + def init(self): + + if self.sessionid != "": + print("You've already initialized!") + time.sleep(2) + os._exit(1) + init_iv = SHA256.new(str(uuid4())[:8].encode()).hexdigest() + + self.enckey = SHA256.new(str(uuid4())[:8].encode()).hexdigest() + + post_data = { + "type": binascii.hexlify(("init").encode()), + "ver": encryption.encrypt(self.version, self.secret, init_iv), + "hash": self.hash_to_check, + "enckey": encryption.encrypt(self.enckey, self.secret, init_iv), + "name": binascii.hexlify(self.name.encode()), + "ownerid": binascii.hexlify(self.ownerid.encode()), + "init_iv": init_iv + } + + response = self.__do_request(post_data) + + if response == "KeyAuth_Invalid": + print("The application doesn't exist") + os._exit(1) + + response = encryption.decrypt(response, self.secret, init_iv) + json = jsond.loads(response) + + if json["message"] == "invalidver": + if json["download"] != "": + print("New Version Available") + download_link = json["download"] + os.system(f"start {download_link}") + os._exit(1) + else: + print("Invalid Version, Contact owner to add download link to latest app version") + os._exit(1) + + if not json["success"]: + print(json["message"]) + os._exit(1) + + self.sessionid = json["sessionid"] + self.initialized = True + self.__load_app_data(json["appinfo"]) + + def register(self, user, password, license, hwid=None): + self.checkinit() + if hwid is None: + hwid = others.get_hwid() + + init_iv = SHA256.new(str(uuid4())[:8].encode()).hexdigest() + + post_data = { + "type": binascii.hexlify(("register").encode()), + "username": encryption.encrypt(user, self.enckey, init_iv), + "pass": encryption.encrypt(password, self.enckey, init_iv), + "key": encryption.encrypt(license, self.enckey, init_iv), + "hwid": encryption.encrypt(hwid, self.enckey, init_iv), + "sessionid": binascii.hexlify(self.sessionid.encode()), + "name": binascii.hexlify(self.name.encode()), + "ownerid": binascii.hexlify(self.ownerid.encode()), + "init_iv": init_iv + } + + response = self.__do_request(post_data) + response = encryption.decrypt(response, self.enckey, init_iv) + json = jsond.loads(response) + + if json["success"]: + print("successfully registered") + self.__load_user_data(json["info"]) + else: + print(json["message"]) + os._exit(1) + + def upgrade(self, user, license): + self.checkinit() + init_iv = SHA256.new(str(uuid4())[:8].encode()).hexdigest() + + post_data = { + "type": binascii.hexlify(("upgrade").encode()), + "username": encryption.encrypt(user, self.enckey, init_iv), + "key": encryption.encrypt(license, self.enckey, init_iv), + "sessionid": binascii.hexlify(self.sessionid.encode()), + "name": binascii.hexlify(self.name.encode()), + "ownerid": binascii.hexlify(self.ownerid.encode()), + "init_iv": init_iv + } + + response = self.__do_request(post_data) + + response = encryption.decrypt(response, self.enckey, init_iv) + + json = jsond.loads(response) + + if json["success"]: + print("successfully upgraded user") + print("please restart program and login") + time.sleep(2) + os._exit(1) + else: + print(json["message"]) + os._exit(1) + + def login(self, user, password, hwid=None): + self.checkinit() + if hwid is None: + hwid = others.get_hwid() + + init_iv = SHA256.new(str(uuid4())[:8].encode()).hexdigest() + + post_data = { + "type": binascii.hexlify(("login").encode()), + "username": encryption.encrypt(user, self.enckey, init_iv), + "pass": encryption.encrypt(password, self.enckey, init_iv), + "hwid": encryption.encrypt(hwid, self.enckey, init_iv), + "sessionid": binascii.hexlify(self.sessionid.encode()), + "name": binascii.hexlify(self.name.encode()), + "ownerid": binascii.hexlify(self.ownerid.encode()), + "init_iv": init_iv + } + + response = self.__do_request(post_data) + + response = encryption.decrypt(response, self.enckey, init_iv) + + json = jsond.loads(response) + + if json["success"]: + self.__load_user_data(json["info"]) + print("successfully logged in") + example_program() + else: + print(json["message"]) + os._exit(1) + + def license(self, key, hwid=None): + self.checkinit() + if hwid is None: + hwid = others.get_hwid() + + init_iv = SHA256.new(str(uuid4())[:8].encode()).hexdigest() + + post_data = { + "type": binascii.hexlify(("license").encode()), + "key": encryption.encrypt(key, self.enckey, init_iv), + "hwid": encryption.encrypt(hwid, self.enckey, init_iv), + "sessionid": binascii.hexlify(self.sessionid.encode()), + "name": binascii.hexlify(self.name.encode()), + "ownerid": binascii.hexlify(self.ownerid.encode()), + "init_iv": init_iv + } + + response = self.__do_request(post_data) + response = encryption.decrypt(response, self.enckey, init_iv) + + json = jsond.loads(response) + + if json["success"]: + self.__load_user_data(json["info"]) + print("successfully logged into license") + else: + print(json["message"]) + os._exit(1) + + def var(self, name): + self.checkinit() + init_iv = SHA256.new(str(uuid4())[:8].encode()).hexdigest() + + post_data = { + "type": binascii.hexlify(("var").encode()), + "varid": encryption.encrypt(name, self.enckey, init_iv), + "sessionid": binascii.hexlify(self.sessionid.encode()), + "name": binascii.hexlify(self.name.encode()), + "ownerid": binascii.hexlify(self.ownerid.encode()), + "init_iv": init_iv + } + + response = self.__do_request(post_data) + + response = encryption.decrypt(response, self.enckey, init_iv) + + json = jsond.loads(response) + + if json["success"]: + return json["message"] + else: + print(json["message"]) + time.sleep(5) + os._exit(1) + + def getvar(self, var_name): + self.checkinit() + init_iv = SHA256.new(str(uuid4())[:8].encode()).hexdigest() + + post_data = { + "type": binascii.hexlify(("getvar").encode()), + "var": encryption.encrypt(var_name, self.enckey, init_iv), + "sessionid": binascii.hexlify(self.sessionid.encode()), + "name": binascii.hexlify(self.name.encode()), + "ownerid": binascii.hexlify(self.ownerid.encode()), + "init_iv": init_iv + } + response = self.__do_request(post_data) + response = encryption.decrypt(response, self.enckey, init_iv) + json = jsond.loads(response) + + if json["success"]: + return json["response"] + else: + print(json["message"]) + time.sleep(5) + os._exit(1) + + def setvar(self, var_name, var_data): + self.checkinit() + init_iv = SHA256.new(str(uuid4())[:8].encode()).hexdigest() + post_data = { + "type": binascii.hexlify(("setvar").encode()), + "var": encryption.encrypt(var_name, self.enckey, init_iv), + "data": encryption.encrypt(var_data, self.enckey, init_iv), + "sessionid": binascii.hexlify(self.sessionid.encode()), + "name": binascii.hexlify(self.name.encode()), + "ownerid": binascii.hexlify(self.ownerid.encode()), + "init_iv": init_iv + } + response = self.__do_request(post_data) + response = encryption.decrypt(response, self.enckey, init_iv) + json = jsond.loads(response) + + if json["success"]: + return True + else: + print(json["message"]) + time.sleep(5) + os._exit(1) + + def ban(self): + self.checkinit() + init_iv = SHA256.new(str(uuid4())[:8].encode()).hexdigest() + post_data = { + "type": binascii.hexlify(("ban").encode()), + "sessionid": binascii.hexlify(self.sessionid.encode()), + "name": binascii.hexlify(self.name.encode()), + "ownerid": binascii.hexlify(self.ownerid.encode()), + "init_iv": init_iv + } + response = self.__do_request(post_data) + response = encryption.decrypt(response, self.enckey, init_iv) + json = jsond.loads(response) + + if json["success"]: + return True + else: + print(json["message"]) + time.sleep(5) + os._exit(1) + + def file(self, fileid): + self.checkinit() + init_iv = SHA256.new(str(uuid4())[:8].encode()).hexdigest() + + post_data = { + "type": binascii.hexlify(("file").encode()), + "fileid": encryption.encrypt(fileid, self.enckey, init_iv), + "sessionid": binascii.hexlify(self.sessionid.encode()), + "name": binascii.hexlify(self.name.encode()), + "ownerid": binascii.hexlify(self.ownerid.encode()), + "init_iv": init_iv + } + + response = self.__do_request(post_data) + + response = encryption.decrypt(response, self.enckey, init_iv) + + json = jsond.loads(response) + + if not json["success"]: + print(json["message"]) + time.sleep(5) + os._exit(1) + return binascii.unhexlify(json["contents"]) + + def webhook(self, webid, param, body = "", conttype = ""): + self.checkinit() + init_iv = SHA256.new(str(uuid4())[:8].encode()).hexdigest() + + post_data = { + "type": binascii.hexlify(("webhook").encode()), + "webid": encryption.encrypt(webid, self.enckey, init_iv), + "params": encryption.encrypt(param, self.enckey, init_iv), + "body": encryption.encrypt(body, self.enckey, init_iv), + "conttype": encryption.encrypt(conttype, self.enckey, init_iv), + "sessionid": binascii.hexlify(self.sessionid.encode()), + "name": binascii.hexlify(self.name.encode()), + "ownerid": binascii.hexlify(self.ownerid.encode()), + "init_iv": init_iv + } + + response = self.__do_request(post_data) + + response = encryption.decrypt(response, self.enckey, init_iv) + json = jsond.loads(response) + + if json["success"]: + return json["message"] + else: + print(json["message"]) + time.sleep(5) + os._exit(1) + + def check(self): + self.checkinit() + init_iv = SHA256.new(str(uuid4())[:8].encode()).hexdigest() + post_data = { + "type": binascii.hexlify(("check").encode()), + "sessionid": binascii.hexlify(self.sessionid.encode()), + "name": binascii.hexlify(self.name.encode()), + "ownerid": binascii.hexlify(self.ownerid.encode()), + "init_iv": init_iv + } + response = self.__do_request(post_data) + + response = encryption.decrypt(response, self.enckey, init_iv) + json = jsond.loads(response) + if json["success"]: + return True + else: + return False + + def checkblacklist(self): + self.checkinit() + hwid = others.get_hwid() + init_iv = SHA256.new(str(uuid4())[:8].encode()).hexdigest() + post_data = { + "type": binascii.hexlify(("checkblacklist").encode()), + "hwid": encryption.encrypt(hwid, self.enckey, init_iv), + "sessionid": binascii.hexlify(self.sessionid.encode()), + "name": binascii.hexlify(self.name.encode()), + "ownerid": binascii.hexlify(self.ownerid.encode()), + "init_iv": init_iv + } + response = self.__do_request(post_data) + + response = encryption.decrypt(response, self.enckey, init_iv) + json = jsond.loads(response) + if json["success"]: + return True + else: + return False + + def log(self, message): + self.checkinit() + init_iv = SHA256.new(str(uuid4())[:8].encode()).hexdigest() + + post_data = { + "type": binascii.hexlify(("log").encode()), + "pcuser": encryption.encrypt(os.getenv('username'), self.enckey, init_iv), + "message": encryption.encrypt(message, self.enckey, init_iv), + "sessionid": binascii.hexlify(self.sessionid.encode()), + "name": binascii.hexlify(self.name.encode()), + "ownerid": binascii.hexlify(self.ownerid.encode()), + "init_iv": init_iv + } + + self.__do_request(post_data) + + def fetchOnline(self): + self.checkinit() + init_iv = SHA256.new(str(uuid4())[:8].encode()).hexdigest() + + post_data = { + "type": binascii.hexlify(("fetchOnline").encode()), + "sessionid": binascii.hexlify(self.sessionid.encode()), + "name": binascii.hexlify(self.name.encode()), + "ownerid": binascii.hexlify(self.ownerid.encode()), + "init_iv": init_iv + } + + response = self.__do_request(post_data) + response = encryption.decrypt(response, self.enckey, init_iv) + + json = jsond.loads(response) + + if json["success"]: + if len(json["users"]) == 0: + return None # THIS IS ISSUE ON KEYAUTH SERVER SIDE 6.8.2022, so it will return none if it is not an array. + else: + return json["users"] + else: + return None + + def chatGet(self, channel): + self.checkinit() + init_iv = SHA256.new(str(uuid4())[:8].encode()).hexdigest() + + post_data = { + "type": binascii.hexlify(("chatget").encode()), + "channel": encryption.encrypt(channel, self.enckey, init_iv), + "sessionid": binascii.hexlify(self.sessionid.encode()), + "name": binascii.hexlify(self.name.encode()), + "ownerid": binascii.hexlify(self.ownerid.encode()), + "init_iv": init_iv + } + + response = self.__do_request(post_data) + response = encryption.decrypt(response, self.enckey, init_iv) + + json = jsond.loads(response) + + if json["success"]: + return json["messages"] + else: + return None + + def chatSend(self, message, channel): + self.checkinit() + init_iv = SHA256.new(str(uuid4())[:8].encode()).hexdigest() + + post_data = { + "type": binascii.hexlify(("chatsend").encode()), + "message": encryption.encrypt(message, self.enckey, init_iv), + "channel": encryption.encrypt(channel, self.enckey, init_iv), + "sessionid": binascii.hexlify(self.sessionid.encode()), + "name": binascii.hexlify(self.name.encode()), + "ownerid": binascii.hexlify(self.ownerid.encode()), + "init_iv": init_iv + } + + response = self.__do_request(post_data) + response = encryption.decrypt(response, self.enckey, init_iv) + + json = jsond.loads(response) + + if json["success"]: + return True + else: + return False + + def checkinit(self): + if not self.initialized: + print("Initialize first, in order to use the functions") + time.sleep(2) + os._exit(1) + + def __do_request(self, post_data): + try: + rq_out = s.post( + "https://keyauth.win/api/1.0/", data=post_data, timeout=30 + ) + return rq_out.text + except requests.exceptions.Timeout: + print("Request timed out") + + class application_data_class: + numUsers = numKeys = app_ver = customer_panel = onlineUsers = "" + # region user_data + + class user_data_class: + username = ip = hwid = expires = createdate = lastlogin = subscription = subscriptions = "" + + user_data = user_data_class() + app_data = application_data_class() + + def __load_app_data(self, data): + self.app_data.numUsers = data["numUsers"] + self.app_data.numKeys = data["numKeys"] + self.app_data.app_ver = data["version"] + self.app_data.customer_panel = data["customerPanelLink"] + self.app_data.onlineUsers = data["numOnlineUsers"] + + def __load_user_data(self, data): + self.user_data.username = data["username"] + self.user_data.ip = data["ip"] + self.user_data.hwid = data["hwid"] + self.user_data.expires = data["subscriptions"][0]["expiry"] + self.user_data.createdate = data["createdate"] + self.user_data.lastlogin = data["lastlogin"] + self.user_data.subscription = data["subscriptions"][0]["subscription"] + self.user_data.subscriptions = data["subscriptions"] + + +class others: + @staticmethod + def get_hwid(): + if platform.system() == "Linux": + with open("/etc/machine-id") as f: + hwid = f.read() + return hwid + elif platform.system() == 'Windows': + winuser = os.getlogin() + sid = win32security.LookupAccountName(None, winuser)[0] + hwid = win32security.ConvertSidToStringSid(sid) + return hwid + elif platform.system() == 'Darwin': + output = subprocess.Popen("ioreg -l | grep IOPlatformSerialNumber", stdout=subprocess.PIPE, shell=True).communicate()[0] + serial = output.decode().split('=', 1)[1].replace(' ', '') + hwid = serial[1:-2] + return hwid + + + +class encryption: + @staticmethod + def encrypt_string(plain_text, key, iv): + plain_text = pad(plain_text, 16) + + aes_instance = AES.new(key, AES.MODE_CBC, iv) + + raw_out = aes_instance.encrypt(plain_text) + + return binascii.hexlify(raw_out) + + @staticmethod + def decrypt_string(cipher_text, key, iv): + cipher_text = binascii.unhexlify(cipher_text) + + aes_instance = AES.new(key, AES.MODE_CBC, iv) + + cipher_text = aes_instance.decrypt(cipher_text) + + return unpad(cipher_text, 16) + + @staticmethod + def encrypt(message, enc_key, iv): + try: + _key = SHA256.new(enc_key.encode()).hexdigest()[:32] + + _iv = SHA256.new(iv.encode()).hexdigest()[:16] + + return encryption.encrypt_string(message.encode(), _key.encode(), _iv.encode()).decode() + except: + print("Invalid Application Information. Long text is secret short text is ownerid. Name is supposed to be app name not username") + os._exit(1) + + @staticmethod + def decrypt(message, enc_key, iv): + try: + _key = SHA256.new(enc_key.encode()).hexdigest()[:32] + + _iv = SHA256.new(iv.encode()).hexdigest()[:16] + + return encryption.decrypt_string(message.encode(), _key.encode(), _iv.encode()).decode() + except: + print("Invalid Application Information. Long text is secret short text is ownerid. Name is supposed to be app name not username") + os._exit(1) + + +# import json as jsond +# ^^ only for auto login/json writing/reading + +# watch setup video if you need help https://www.youtube.com/watch?v=L2eAQOmuUiA + +if sys.version_info.minor < 10: # Python version check (Bypass Patch) + print("[Security] - Python 3.10 or higher is recommended. The bypass will not work on 3.10+") + print("You are using Python {}.{}".format(sys.version_info.major, sys.version_info.minor)) + +if platform.system() == 'Windows': + os.system('cls & title Python Example') # clear console, change title +elif platform.system() == 'Linux': + os.system('clear') # clear console + sys.stdout.write("\x1b]0;Python Example\x07") # change title +elif platform.system() == 'Darwin': + os.system("clear && printf '\e[3J'") # clear console + os.system('''echo - n - e "\033]0;Python Example\007"''') # change title + +print("Initializing") + + +def getchecksum(): + md5_hash = hashlib.md5() + file = open(''.join(sys.argv), "rb") + md5_hash.update(file.read()) + digest = md5_hash.hexdigest() + return digest + + +keyauthapp = api( + name = "Teszt APP", + ownerid = "gAoE07oIAC", + secret = "ace6246e3879e947aa323e3464d5fb75aa6c40cce3bb4d03d2c722ec60b138f8", + version = "1.0", + hash_to_check = getchecksum() +) + +print(f""" +App data: +Number of users: {keyauthapp.app_data.numUsers} +Number of online users: {keyauthapp.app_data.onlineUsers} +Number of keys: {keyauthapp.app_data.numKeys} +Application Version: {keyauthapp.app_data.app_ver} +Customer panel link: {keyauthapp.app_data.customer_panel} +""") +print(f"Current Session Validation Status: {keyauthapp.check()}") +print(f"Blacklisted? : {keyauthapp.checkblacklist()}") # check if blacklisted, you can edit this and make it exit the program if blacklisted + + +def answer(): + try: + print(""" +1.Login +2.Register +3.Upgrade +4.License Key Only + """) + ans = input("Select Option: ") + if ans == "1": + user = input('Provide username: ') + password = input('Provide password: ') + keyauthapp.login(user, password) + elif ans == "2": + user = input('Provide username: ') + password = input('Provide password: ') + license = input('Provide License: ') + keyauthapp.register(user, password, license) + elif ans == "3": + user = input('Provide username: ') + license = input('Provide License: ') + keyauthapp.upgrade(user, license) + elif ans == "4": + key = input('Enter your license: ') + keyauthapp.license(key) + else: + print("\nNot Valid Option") + time.sleep(1) + os.system('cls') + answer() + except KeyboardInterrupt: + os._exit(1) + + +answer() + +# region Extra Functions + +# * Download Files form the server to your computer using the download function in the api class +# bytes = keyauthapp.file("FILEID") +# f = open("example.exe", "wb") +# f.write(bytes) +# f.close() + + +# * Set up user variable +# keyauthapp.setvar("varName", "varValue") + +# * Get user variable and print it +# data = keyauthapp.getvar("varName") +# print(data) + +# * Get normal variable and print it +# data = keyauthapp.var("varName") +# print(data) + +# * Log message to the server and then to your webhook what is set on app settings +# keyauthapp.log("Message") + +# * Get if the user pc have been blacklisted +# print(f"Blacklisted? : {keyauthapp.checkblacklist()}") + +# * See if the current session is validated +# print(f"Session Validated?: {keyauthapp.check()}") + + +# * example to send normal request with no POST data +# data = keyauthapp.webhook("WebhookID", "?type=resetuser&user=username") + +# * example to send form data +# data = keyauthapp.webhook("WebhookID", "", "type=init&name=test&ownerid=j9Gj0FTemM", "application/x-www-form-urlencoded") + +# * example to send JSON +# data = keyauthapp.webhook("WebhookID", "", "{\"content\": \"webhook message here\",\"embeds\": null}", "application/json") + +# * Get chat messages +# messages = keyauthapp.chatGet("CHANNEL") + +# Messages = "" +# for i in range(len(messages)): +# Messages += datetime.utcfromtimestamp(int(messages[i]["timestamp"])).strftime('%Y-%m-%d %H:%M:%S') + " - " + messages[i]["author"] + ": " + messages[i]["message"] + "\n" + +# print("\n\n" + Messages) + +# * Send chat message +# keyauthapp.chatSend("MESSAGE", "CHANNEL") + +# * Add Application Information to Title +# os.system(f"cls & title KeyAuth Python Example - Total Users: {keyauthapp.app_data.numUsers} - Online Users: {keyauthapp.app_data.onlineUsers} - Total Keys: {keyauthapp.app_data.numKeys}") + +# * Auto-Login Example (THIS IS JUST AN EXAMPLE --> YOU WILL HAVE TO EDIT THE CODE PROBABLY) +# 1. Checking and Reading JSON + +#### Note: Remove the ''' on line 151 and 226 + +'''try: + if os.path.isfile('auth.json'): #Checking if the auth file exist + if jsond.load(open("auth.json"))["authusername"] == "": #Checks if the authusername is empty or not + print(""" +1. Login +2. Register + """) + ans=input("Select Option: ") #Skipping auto-login bc auth file is empty + if ans=="1": + user = input('Provide username: ') + password = input('Provide password: ') + keyauthapp.login(user,password) + authfile = jsond.load(open("auth.json")) + authfile["authusername"] = user + authfile["authpassword"] = password + jsond.dump(authfile, open('auth.json', 'w'), sort_keys=False, indent=4) + elif ans=="2": + user = input('Provide username: ') + password = input('Provide password: ') + license = input('Provide License: ') + keyauthapp.register(user,password,license) + authfile = jsond.load(open("auth.json")) + authfile["authusername"] = user + authfile["authpassword"] = password + jsond.dump(authfile, open('auth.json', 'w'), sort_keys=False, indent=4) + else: + print("\nNot Valid Option") + os._exit(1) + else: + try: #2. Auto login + with open('auth.json', 'r') as f: + authfile = jsond.load(f) + authuser = authfile.get('authusername') + authpass = authfile.get('authpassword') + keyauthapp.login(authuser,authpass) + except Exception as e: #Error stuff + print(e) + else: #Creating auth file bc its missing + try: + f = open("auth.json", "a") #Writing content + f.write("""{ + "authusername": "", + "authpassword": "" +}""") + f.close() + print (""" +1. Login +2. Register + """)#Again skipping auto-login bc the file is empty/missing + ans=input("Select Option: ") + if ans=="1": + user = input('Provide username: ') + password = input('Provide password: ') + keyauthapp.login(user,password) + authfile = jsond.load(open("auth.json")) + authfile["authusername"] = user + authfile["authpassword"] = password + jsond.dump(authfile, open('auth.json', 'w'), sort_keys=False, indent=4) + elif ans=="2": + user = input('Provide username: ') + password = input('Provide password: ') + license = input('Provide License: ') + keyauthapp.register(user,password,license) + authfile = jsond.load(open("auth.json")) + authfile["authusername"] = user + authfile["authpassword"] = password + jsond.dump(authfile, open('auth.json', 'w'), sort_keys=False, indent=4) + else: + print("\nNot Valid Option") + os._exit(1) + except Exception as e: #Error stuff + print(e) + os._exit(1) +except Exception as e: #Error stuff + print(e) + os._exit(1)''' + +# endregion + + +print("\nUser data: ") +print("Username: " + keyauthapp.user_data.username) +print("IP address: " + keyauthapp.user_data.ip) +print("Hardware-Id: " + keyauthapp.user_data.hwid) +# print("Subcription: " + keyauthapp.user_data.subscription) ## Print Subscription "ONE" name + +subs = keyauthapp.user_data.subscriptions # Get all Subscription names, expiry, and timeleft +for i in range(len(subs)): + sub = subs[i]["subscription"] # Subscription from every Sub + expiry = datetime.utcfromtimestamp(int(subs[i]["expiry"])).strftime( + '%Y-%m-%d %H:%M:%S') # Expiry date from every Sub + timeleft = subs[i]["timeleft"] # Timeleft from every Sub + + print(f"[{i + 1} / {len(subs)}] | Subscription: {sub} - Expiry: {expiry} - Timeleft: {timeleft}") + +onlineUsers = keyauthapp.fetchOnline() +OU = "" # KEEP THIS EMPTY FOR NOW, THIS WILL BE USED TO CREATE ONLINE USER STRING. +if onlineUsers is None: + OU = "No online users" +else: + for i in range(len(onlineUsers)): + OU += onlineUsers[i]["credential"] + " " + +print("\n" + OU + "\n") + +print("Created at: " + datetime.utcfromtimestamp(int(keyauthapp.user_data.createdate)).strftime('%Y-%m-%d %H:%M:%S')) +print("Last login at: " + datetime.utcfromtimestamp(int(keyauthapp.user_data.lastlogin)).strftime('%Y-%m-%d %H:%M:%S')) +print("Expires at: " + datetime.utcfromtimestamp(int(keyauthapp.user_data.expires)).strftime('%Y-%m-%d %H:%M:%S')) +print(f"Current Session Validation Status: {keyauthapp.check()}") From 6a96583c1eaf6c6f2fbb3a180db90f21e23fdf2d Mon Sep 17 00:00:00 2001 From: 6nz <74118308+6nz@users.noreply.github.com> Date: Sun, 30 Oct 2022 01:08:18 +0200 Subject: [PATCH 063/106] Update method2.py --- other-examples/method2.py | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/other-examples/method2.py b/other-examples/method2.py index efb0dda..1a4d17b 100644 --- a/other-examples/method2.py +++ b/other-examples/method2.py @@ -651,9 +651,9 @@ def getchecksum(): keyauthapp = api( - name = "Teszt APP", - ownerid = "gAoE07oIAC", - secret = "ace6246e3879e947aa323e3464d5fb75aa6c40cce3bb4d03d2c722ec60b138f8", + name = "", #App name (Manage Applications --> Application name) + ownerid = "", #Owner ID (Account-Settings --> OwnerID) + secret = "", #App secret(Manage Applications --> App credentials code) version = "1.0", hash_to_check = getchecksum() ) From 8296fa9cffddf745a2b0f6f5a5cc8ec94bb3e497 Mon Sep 17 00:00:00 2001 From: 6nz <74118308+6nz@users.noreply.github.com> Date: Sun, 30 Oct 2022 01:11:29 +0200 Subject: [PATCH 064/106] Create README.md --- other-examples/README.md | 26 ++++++++++++++++++++++++++ 1 file changed, 26 insertions(+) create mode 100644 other-examples/README.md diff --git a/other-examples/README.md b/other-examples/README.md new file mode 100644 index 0000000..8447c31 --- /dev/null +++ b/other-examples/README.md @@ -0,0 +1,26 @@ +# Other-Examples +KeyAuth Python Examples + +**merged_example.py** + +Yes title says everything. This file contains the `keyauth.py` and `main.py` from https://github.com/KeyAuth/KeyAuth-Python-Example + +A few people did not know how to merge the files, so I made an example. + +**method1.py** + +This file shows you how to add your program to keyauth example. + +All you have to do is copy and paste your code below the example, you can check it in the `method1.py` file. + +**method2.py** + +This file shows you how to use your code if it's above the example code. + +- This method will only work if you call your functions after login. +- **Example:** +Create 1 function that will call all the other needed functions. You can also create 1 function and put everything in it. This is all your choice, method 1 would be a better idea. +- This can be exploited with Python code injection, for example injecting a code that will call the function before login. + + +>Created by: `Marci#1337` From 4f22941893fd80677d9213c1b3e384cd59ff98b3 Mon Sep 17 00:00:00 2001 From: 6nz <74118308+6nz@users.noreply.github.com> Date: Sun, 30 Oct 2022 01:22:42 +0200 Subject: [PATCH 065/106] Added compile tutorial --- README.md | 14 ++++++++++++++ 1 file changed, 14 insertions(+) diff --git a/README.md b/README.md index 0af1212..e65c886 100644 --- a/README.md +++ b/README.md @@ -247,3 +247,17 @@ Example on how to send chat message. * Send chat message keyauthapp.chatSend("MESSAGE", "CHANNEL") ``` + +**How to compile?** + +You can either use Pyinstaller or Nuitka. + +Links: +- Nutika: https://nuitka.net/ +- Pyinstaller: https://pyinstaller.org/ + +Pyinstaller: +- Basic command: `pyinstaller --onefile main.py` + +Nutika: +- Basic command: `python -m nuitka --follow-imports --onefile main.py` From 715fe6e4680d1a2164acdffebedf57a2797af3a0 Mon Sep 17 00:00:00 2001 From: William Nelson <83034852+wnelson03@users.noreply.github.com> Date: Fri, 11 Nov 2022 14:04:08 -0500 Subject: [PATCH 066/106] Update README.md --- README.md | 50 ++++++++++++++++++++++++++++---------------------- 1 file changed, 28 insertions(+), 22 deletions(-) diff --git a/README.md b/README.md index e65c886..caba3ba 100644 --- a/README.md +++ b/README.md @@ -1,17 +1,23 @@ # KeyAuth-Python-Example KeyAuth Python Example For The https://keyauth.cc Authentication system. -**What is KeyAuth?** +#### **Bugs** -KeyAuth is an Open source authentication system with cloud hosting plans as well. Client SDKs available for C++, C#, Python, Rust, PHP, JS, GO, Ruby and VB.NET. KeyAuth has several unique features such as memory streaming, webhook function where you can send requests to API without leaking the API, discord webhook notifications, ban the user securely through the application at your discretion. Feel free to join https://discord.gg/keyauth If you are experiencing account issues. +If the default example not added to your software isn't functioning how it should, please join the Discord server https://discord.gg/keyauth and submit the issue in the `#bugs` channel. -**Customer connection issues?** +However, we do **NOT** provide support for adding KeyAuth to your project. If you can't figure this out you should use Google or YouTube to learn more about the programming language you want to sell a program in. + +#### **What is KeyAuth?** + +KeyAuth is an Open source authentication system with cloud hosting plans as well. Client SDKs available for [C#](https://github.com/KeyAuth/KeyAuth-CSHARP-Example), [C++](https://github.com/KeyAuth/KeyAuth-CPP-Example), [Python](https://github.com/KeyAuth/KeyAuth-Python-Example), [Java](https://github.com/SprayDown/KeyAuth-JAVA-api), [JavaScript](https://github.com/mazkdevf/KeyAuth-JS-Example), [VB.NET](https://github.com/KeyAuth/KeyAuth-VB-Example), [PHP](https://github.com/KeyAuth/KeyAuth-PHP-Example), [Rust](https://github.com/KeyAuth/KeyAuth-Rust-Example), [Go](https://github.com/mazkdevf/KeyAuth-Go-Example), [Lua](https://github.com/mazkdevf/KeyAuth-Lua-Examples), [Ruby](https://github.com/mazkdevf/KeyAuth-Ruby-Example), and [Perl](https://github.com/mazkdevf/KeyAuth-Perl-Example). KeyAuth has several unique features such as memory streaming, webhook function where you can send requests to API without leaking the API, discord webhook notifications, ban the user securely through the application at your discretion. Feel free to join https://discord.gg/keyauth if you have questions or suggestions. + +#### **Customer connection issues?** This is common amongst all authentication systems. Program obfuscation causes false positives in virus scanners, and with the scale of KeyAuth this is perceived as a malicious domain. So, `keyauth.com` and `keyauth.win` have been blocked by many internet providers. for dashbord, reseller panel, customer panel, use `keyauth.cc` For API, `keyauth.cc` will not work because I purposefully blocked it on there so `keyauth.cc` doesn't get blocked also. So, you should create your own domain and follow this tutorial video https://www.youtube.com/watch?v=a2SROFJ0eYc. The tutorial video shows you how to create a domain name for 100% free if you don't want to purchase one. -**`KeyAuthApp` instance definition** +#### **`KeyAuthApp` instance definition** Visit and select your application, then click on the **Python** tab @@ -27,11 +33,11 @@ keyauthapp = api( ) ``` -**Initialize application** +#### **Initialize application** You don't need to add any code to initalize. KeyAuth will initalize when the instance definition is made. -**Display application information** +#### **Display application information** ```py print(f""" @@ -44,7 +50,7 @@ Customer panel link: {keyauthapp.app_data.customer_panel} """) ``` -**Check session validation** +#### **Check session validation** Use this to see if the user is logged in or not. @@ -52,7 +58,7 @@ Use this to see if the user is logged in or not. print(f"Current Session Validation Status: {keyauthapp.check()}") ``` -**Check blacklist status** +#### **Check blacklist status** Check if HWID or IP Address is blacklisted. You can add this if you want, just to make sure nobody can open your program for less than a second if they're blacklisted. Though, if you don't mind a blacklisted user having the program for a few seconds until they try to login and register, and you care about having the quickest program for your users, you shouldn't use this function then. If a blacklisted user tries to login/register, the KeyAuth server will check if they're blacklisted and deny entry if so. So the check blacklist function is just auxiliary function that's optional. @@ -62,7 +68,7 @@ if keyauthapp.checkblacklist(): os._exit(1) ``` -**Login with username/password** +#### **Login with username/password** ```py user = input('Provide username: ') @@ -70,7 +76,7 @@ password = input('Provide password: ') keyauthapp.login(user, password) ``` -**Register with username/password/key** +#### **Register with username/password/key** ```py user = input('Provide username: ') @@ -79,7 +85,7 @@ license = input('Provide License: ') keyauthapp.register(user, password, license) ``` -**Upgrade user username/key** +#### **Upgrade user username/key** Used so the user can add extra time to their account by claiming new key. @@ -92,7 +98,7 @@ license = input('Provide License: ') keyauthapp.upgrade(user, license) ``` -**Login with just license key** +#### **Login with just license key** Users can use this function if their license key has never been used before, and if it has been used before. So if you plan to just allow users to use keys, you can remove the login and register functions from your code. @@ -101,7 +107,7 @@ key = input('Enter your license: ') keyauthapp.license(key) ``` -**User Data** +#### **User Data** Show information for current logged-in user. @@ -125,7 +131,7 @@ print("Expires at: " + datetime.utcfromtimestamp(int(keyauthapp.user_data.expire print(f"Current Session Validation Status: {keyauthapp.check()}") ``` -**Show list of online users** +#### **Show list of online users** ```py onlineUsers = keyauthapp.fetchOnline() @@ -139,7 +145,7 @@ else: print("\n" + OU + "\n") ``` -**Application variables** +#### **Application variables** A string that is kept on the server-side of KeyAuth. On the dashboard you can choose for each variable to be authenticated (only logged in users can access), or not authenticated (any user can access before login). These are global and static for all users, unlike User Variables which will be dicussed below this section. @@ -149,7 +155,7 @@ data = keyauthapp.var("varName") print(data) ``` -**User Variables** +#### **User Variables** User variables are strings kept on the server-side of KeyAuth. They are specific to users. They can be set on Dashboard in the Users tab, via SellerAPI, or via your loader using the code below. `discord` is the user variable name you fetch the user variable by. `test#0001` is the variable data you get when fetching the user variable. @@ -166,7 +172,7 @@ data = keyauthapp.getvar("varName") print(data) ``` -**Application Logs** +#### **Application Logs** Can be used to log data. Good for anti-debug alerts and maybe error debugging. If you set Discord webhook in the app settings of the Dashboard, it will send log messages to your Discord webhook rather than store them on site. It's recommended that you set Discord webhook, as logs on site may be deleted after a couple months of their creation. @@ -177,7 +183,7 @@ You can use the log function before login & after login. keyauthapp.log("Message") ``` -**Ban the user** +#### **Ban the user** Ban the user and blacklist their HWID and IP Address. Good function to call upon if you use anti-debug and have detected an intrusion attempt. @@ -187,7 +193,7 @@ Function only works after login. keyauthapp.ban() ``` -**Server-sided webhooks** +#### **Server-sided webhooks** Tutorial video https://www.youtube.com/watch?v=ENRaNPPYJbc @@ -210,7 +216,7 @@ data = keyauthapp.webhook("7kR0UedlVI", "", "type=init&name=test&ownerid=j9Gj0FT data = keyauthapp.webhook("7kR0UedlVI", "", "{\"content\": \"webhook message here\",\"embeds\": null}", "application/json") ``` -**Download file** +#### **Download file** Keep files secure by providing KeyAuth your file download link on the KeyAuth dashboard. Make sure this is a direct download link (as soon as you go to the link, it starts downloading without you clicking anything). The KeyAuth download function provides the bytes, and then you get to decide what to do with those. This example shows how to write it to a file named `text.txt` in the same folder as the program, though you could execute with RunPE or whatever you want. @@ -224,7 +230,7 @@ f.write(bytes) f.close() ``` -**Chat channels** +#### **Chat channels** Allow users to communicate amongst themselves in your program. @@ -248,7 +254,7 @@ Example on how to send chat message. keyauthapp.chatSend("MESSAGE", "CHANNEL") ``` -**How to compile?** +#### **How to compile?** You can either use Pyinstaller or Nuitka. From c15eb10ebb15f5e4b5ada425ecbadcdb12661ffd Mon Sep 17 00:00:00 2001 From: 6nz <74118308+6nz@users.noreply.github.com> Date: Tue, 13 Dec 2022 00:07:45 +0100 Subject: [PATCH 067/106] small cleanup --- keyauth.py | 36 ++++++++++++++++++------------------ 1 file changed, 18 insertions(+), 18 deletions(-) diff --git a/keyauth.py b/keyauth.py index 42b204c..c11205d 100644 --- a/keyauth.py +++ b/keyauth.py @@ -64,7 +64,7 @@ def init(self): self.enckey = SHA256.new(str(uuid4())[:8].encode()).hexdigest() post_data = { - "type": binascii.hexlify(("init").encode()), + "type": binascii.hexlify("init".encode()), "ver": encryption.encrypt(self.version, self.secret, init_iv), "hash": self.hash_to_check, "enckey": encryption.encrypt(self.enckey, self.secret, init_iv), @@ -108,7 +108,7 @@ def register(self, user, password, license, hwid=None): init_iv = SHA256.new(str(uuid4())[:8].encode()).hexdigest() post_data = { - "type": binascii.hexlify(("register").encode()), + "type": binascii.hexlify("register".encode()), "username": encryption.encrypt(user, self.enckey, init_iv), "pass": encryption.encrypt(password, self.enckey, init_iv), "key": encryption.encrypt(license, self.enckey, init_iv), @@ -135,7 +135,7 @@ def upgrade(self, user, license): init_iv = SHA256.new(str(uuid4())[:8].encode()).hexdigest() post_data = { - "type": binascii.hexlify(("upgrade").encode()), + "type": binascii.hexlify("upgrade".encode()), "username": encryption.encrypt(user, self.enckey, init_iv), "key": encryption.encrypt(license, self.enckey, init_iv), "sessionid": binascii.hexlify(self.sessionid.encode()), @@ -167,7 +167,7 @@ def login(self, user, password, hwid=None): init_iv = SHA256.new(str(uuid4())[:8].encode()).hexdigest() post_data = { - "type": binascii.hexlify(("login").encode()), + "type": binascii.hexlify("login".encode()), "username": encryption.encrypt(user, self.enckey, init_iv), "pass": encryption.encrypt(password, self.enckey, init_iv), "hwid": encryption.encrypt(hwid, self.enckey, init_iv), @@ -198,7 +198,7 @@ def license(self, key, hwid=None): init_iv = SHA256.new(str(uuid4())[:8].encode()).hexdigest() post_data = { - "type": binascii.hexlify(("license").encode()), + "type": binascii.hexlify("license".encode()), "key": encryption.encrypt(key, self.enckey, init_iv), "hwid": encryption.encrypt(hwid, self.enckey, init_iv), "sessionid": binascii.hexlify(self.sessionid.encode()), @@ -224,7 +224,7 @@ def var(self, name): init_iv = SHA256.new(str(uuid4())[:8].encode()).hexdigest() post_data = { - "type": binascii.hexlify(("var").encode()), + "type": binascii.hexlify("var".encode()), "varid": encryption.encrypt(name, self.enckey, init_iv), "sessionid": binascii.hexlify(self.sessionid.encode()), "name": binascii.hexlify(self.name.encode()), @@ -250,7 +250,7 @@ def getvar(self, var_name): init_iv = SHA256.new(str(uuid4())[:8].encode()).hexdigest() post_data = { - "type": binascii.hexlify(("getvar").encode()), + "type": binascii.hexlify("getvar".encode()), "var": encryption.encrypt(var_name, self.enckey, init_iv), "sessionid": binascii.hexlify(self.sessionid.encode()), "name": binascii.hexlify(self.name.encode()), @@ -272,7 +272,7 @@ def setvar(self, var_name, var_data): self.checkinit() init_iv = SHA256.new(str(uuid4())[:8].encode()).hexdigest() post_data = { - "type": binascii.hexlify(("setvar").encode()), + "type": binascii.hexlify("setvar".encode()), "var": encryption.encrypt(var_name, self.enckey, init_iv), "data": encryption.encrypt(var_data, self.enckey, init_iv), "sessionid": binascii.hexlify(self.sessionid.encode()), @@ -295,7 +295,7 @@ def ban(self): self.checkinit() init_iv = SHA256.new(str(uuid4())[:8].encode()).hexdigest() post_data = { - "type": binascii.hexlify(("ban").encode()), + "type": binascii.hexlify("ban".encode()), "sessionid": binascii.hexlify(self.sessionid.encode()), "name": binascii.hexlify(self.name.encode()), "ownerid": binascii.hexlify(self.ownerid.encode()), @@ -317,7 +317,7 @@ def file(self, fileid): init_iv = SHA256.new(str(uuid4())[:8].encode()).hexdigest() post_data = { - "type": binascii.hexlify(("file").encode()), + "type": binascii.hexlify("file".encode()), "fileid": encryption.encrypt(fileid, self.enckey, init_iv), "sessionid": binascii.hexlify(self.sessionid.encode()), "name": binascii.hexlify(self.name.encode()), @@ -342,7 +342,7 @@ def webhook(self, webid, param, body = "", conttype = ""): init_iv = SHA256.new(str(uuid4())[:8].encode()).hexdigest() post_data = { - "type": binascii.hexlify(("webhook").encode()), + "type": binascii.hexlify("webhook".encode()), "webid": encryption.encrypt(webid, self.enckey, init_iv), "params": encryption.encrypt(param, self.enckey, init_iv), "body": encryption.encrypt(body, self.enckey, init_iv), @@ -369,7 +369,7 @@ def check(self): self.checkinit() init_iv = SHA256.new(str(uuid4())[:8].encode()).hexdigest() post_data = { - "type": binascii.hexlify(("check").encode()), + "type": binascii.hexlify("check".encode()), "sessionid": binascii.hexlify(self.sessionid.encode()), "name": binascii.hexlify(self.name.encode()), "ownerid": binascii.hexlify(self.ownerid.encode()), @@ -389,7 +389,7 @@ def checkblacklist(self): hwid = others.get_hwid() init_iv = SHA256.new(str(uuid4())[:8].encode()).hexdigest() post_data = { - "type": binascii.hexlify(("checkblacklist").encode()), + "type": binascii.hexlify("checkblacklist".encode()), "hwid": encryption.encrypt(hwid, self.enckey, init_iv), "sessionid": binascii.hexlify(self.sessionid.encode()), "name": binascii.hexlify(self.name.encode()), @@ -410,7 +410,7 @@ def log(self, message): init_iv = SHA256.new(str(uuid4())[:8].encode()).hexdigest() post_data = { - "type": binascii.hexlify(("log").encode()), + "type": binascii.hexlify("log".encode()), "pcuser": encryption.encrypt(os.getenv('username'), self.enckey, init_iv), "message": encryption.encrypt(message, self.enckey, init_iv), "sessionid": binascii.hexlify(self.sessionid.encode()), @@ -426,7 +426,7 @@ def fetchOnline(self): init_iv = SHA256.new(str(uuid4())[:8].encode()).hexdigest() post_data = { - "type": binascii.hexlify(("fetchOnline").encode()), + "type": binascii.hexlify("fetchOnline".encode()), "sessionid": binascii.hexlify(self.sessionid.encode()), "name": binascii.hexlify(self.name.encode()), "ownerid": binascii.hexlify(self.ownerid.encode()), @@ -451,7 +451,7 @@ def chatGet(self, channel): init_iv = SHA256.new(str(uuid4())[:8].encode()).hexdigest() post_data = { - "type": binascii.hexlify(("chatget").encode()), + "type": binascii.hexlify("chatget".encode()), "channel": encryption.encrypt(channel, self.enckey, init_iv), "sessionid": binascii.hexlify(self.sessionid.encode()), "name": binascii.hexlify(self.name.encode()), @@ -474,7 +474,7 @@ def chatSend(self, message, channel): init_iv = SHA256.new(str(uuid4())[:8].encode()).hexdigest() post_data = { - "type": binascii.hexlify(("chatsend").encode()), + "type": binascii.hexlify("chatsend".encode()), "message": encryption.encrypt(message, self.enckey, init_iv), "channel": encryption.encrypt(channel, self.enckey, init_iv), "sessionid": binascii.hexlify(self.sessionid.encode()), @@ -545,7 +545,7 @@ def get_hwid(): return hwid elif platform.system() == 'Windows': winuser = os.getlogin() - sid = win32security.LookupAccountName(None, winuser)[0] + sid = win32security.LookupAccountName(None, winuser)[0] # You can also use WMIC (better than SID, some users had problems with WMIC) hwid = win32security.ConvertSidToStringSid(sid) return hwid elif platform.system() == 'Darwin': From a0b209d626b07522cef45918509a79a4e89e7e25 Mon Sep 17 00:00:00 2001 From: William Nelson <83034852+wnelson03@users.noreply.github.com> Date: Sat, 31 Dec 2022 11:08:35 -0500 Subject: [PATCH 068/106] Update LICENSE --- LICENSE | 114 +++++++++++++++++++++++++++++++++++++++++++++----------- 1 file changed, 93 insertions(+), 21 deletions(-) diff --git a/LICENSE b/LICENSE index 5849551..809108b 100644 --- a/LICENSE +++ b/LICENSE @@ -1,21 +1,93 @@ -MIT License - -Copyright (c) 2022 KeyAuth - -Permission is hereby granted, free of charge, to any person obtaining a copy -of this software and associated documentation files (the "Software"), to deal -in the Software without restriction, including without limitation the rights -to use, copy, modify, merge, publish, distribute, sublicense, and/or sell -copies of the Software, and to permit persons to whom the Software is -furnished to do so, subject to the following conditions: - -The above copyright notice and this permission notice shall be included in all -copies or substantial portions of the Software. - -THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR -IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, -FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE -AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER -LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, -OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE -SOFTWARE. +Elastic License 2.0 + +URL: https://www.elastic.co/licensing/elastic-license + +## Acceptance + +By using the software, you agree to all of the terms and conditions below. + +## Copyright License + +The licensor grants you a non-exclusive, royalty-free, worldwide, +non-sublicensable, non-transferable license to use, copy, distribute, make +available, and prepare derivative works of the software, in each case subject to +the limitations and conditions below. + +## Limitations + +You may not provide the software to third parties as a hosted or managed +service, where the service provides users with access to any substantial set of +the features or functionality of the software. + +You may not move, change, disable, or circumvent the license key functionality +in the software, and you may not remove or obscure any functionality in the +software that is protected by the license key. + +You may not alter, remove, or obscure any licensing, copyright, or other notices +of the licensor in the software. Any use of the licensor’s trademarks is subject +to applicable law. + +## Patents + +The licensor grants you a license, under any patent claims the licensor can +license, or becomes able to license, to make, have made, use, sell, offer for +sale, import and have imported the software, in each case subject to the +limitations and conditions in this license. This license does not cover any +patent claims that you cause to be infringed by modifications or additions to +the software. If you or your company make any written claim that the software +infringes or contributes to infringement of any patent, your patent license for +the software granted under these terms ends immediately. If your company makes +such a claim, your patent license ends immediately for work on behalf of your +company. + +## Notices + +You must ensure that anyone who gets a copy of any part of the software from you +also gets a copy of these terms. + +If you modify the software, you must include in any modified copies of the +software prominent notices stating that you have modified the software. + +## No Other Rights + +These terms do not imply any licenses other than those expressly granted in +these terms. + +## Termination + +If you use the software in violation of these terms, such use is not licensed, +and your licenses will automatically terminate. If the licensor provides you +with a notice of your violation, and you cease all violation of this license no +later than 30 days after you receive that notice, your licenses will be +reinstated retroactively. However, if you violate these terms after such +reinstatement, any additional violation of these terms will cause your licenses +to terminate automatically and permanently. + +## No Liability + +*As far as the law allows, the software comes as is, without any warranty or +condition, and the licensor will not be liable to you for any damages arising +out of these terms or the use or nature of the software, under any kind of +legal claim.* + +## Definitions + +The **licensor** is the entity offering these terms, and the **software** is the +software the licensor makes available under these terms, including any portion +of it. + +**you** refers to the individual or entity agreeing to these terms. + +**your company** is any legal entity, sole proprietorship, or other kind of +organization that you work for, plus all organizations that have control over, +are under the control of, or are under common control with that +organization. **control** means ownership of substantially all the assets of an +entity, or the power to direct its management and policies by vote, contract, or +otherwise. Control can be direct or indirect. + +**your licenses** are all the licenses granted to you for the software under +these terms. + +**use** means anything you do with the software requiring one of your licenses. + +**trademark** means trademarks, service marks, and similar rights. From 694de606958b8800f662e457d20b32c94378efa1 Mon Sep 17 00:00:00 2001 From: William Nelson <83034852+wnelson03@users.noreply.github.com> Date: Sat, 31 Dec 2022 11:10:54 -0500 Subject: [PATCH 069/106] Update README.md --- README.md | 88 +++++++++++++++++++++++++++++++++---------------------- 1 file changed, 53 insertions(+), 35 deletions(-) diff --git a/README.md b/README.md index caba3ba..1e4e1ff 100644 --- a/README.md +++ b/README.md @@ -1,23 +1,55 @@ # KeyAuth-Python-Example KeyAuth Python Example For The https://keyauth.cc Authentication system. -#### **Bugs** +## **Bugs** If the default example not added to your software isn't functioning how it should, please join the Discord server https://discord.gg/keyauth and submit the issue in the `#bugs` channel. However, we do **NOT** provide support for adding KeyAuth to your project. If you can't figure this out you should use Google or YouTube to learn more about the programming language you want to sell a program in. -#### **What is KeyAuth?** +## Copyright License + +KeyAuth is licensed under **Elastic License 2.0** + +* You may not provide the software to third parties as a hosted or managed +service, where the service provides users with access to any substantial set of +the features or functionality of the software. + +* You may not move, change, disable, or circumvent the license key functionality +in the software, and you may not remove or obscure any functionality in the +software that is protected by the license key. + +* You may not alter, remove, or obscure any licensing, copyright, or other notices +of the licensor in the software. Any use of the licensor’s trademarks is subject +to applicable law. + +Thank you for your compliance, we work hard on the development of KeyAuth and do not appreciate our copyright being infringed. + +## **What is KeyAuth?** KeyAuth is an Open source authentication system with cloud hosting plans as well. Client SDKs available for [C#](https://github.com/KeyAuth/KeyAuth-CSHARP-Example), [C++](https://github.com/KeyAuth/KeyAuth-CPP-Example), [Python](https://github.com/KeyAuth/KeyAuth-Python-Example), [Java](https://github.com/SprayDown/KeyAuth-JAVA-api), [JavaScript](https://github.com/mazkdevf/KeyAuth-JS-Example), [VB.NET](https://github.com/KeyAuth/KeyAuth-VB-Example), [PHP](https://github.com/KeyAuth/KeyAuth-PHP-Example), [Rust](https://github.com/KeyAuth/KeyAuth-Rust-Example), [Go](https://github.com/mazkdevf/KeyAuth-Go-Example), [Lua](https://github.com/mazkdevf/KeyAuth-Lua-Examples), [Ruby](https://github.com/mazkdevf/KeyAuth-Ruby-Example), and [Perl](https://github.com/mazkdevf/KeyAuth-Perl-Example). KeyAuth has several unique features such as memory streaming, webhook function where you can send requests to API without leaking the API, discord webhook notifications, ban the user securely through the application at your discretion. Feel free to join https://discord.gg/keyauth if you have questions or suggestions. -#### **Customer connection issues?** +## **Customer connection issues?** This is common amongst all authentication systems. Program obfuscation causes false positives in virus scanners, and with the scale of KeyAuth this is perceived as a malicious domain. So, `keyauth.com` and `keyauth.win` have been blocked by many internet providers. for dashbord, reseller panel, customer panel, use `keyauth.cc` For API, `keyauth.cc` will not work because I purposefully blocked it on there so `keyauth.cc` doesn't get blocked also. So, you should create your own domain and follow this tutorial video https://www.youtube.com/watch?v=a2SROFJ0eYc. The tutorial video shows you how to create a domain name for 100% free if you don't want to purchase one. -#### **`KeyAuthApp` instance definition** +## **How to compile?** + +You can either use Pyinstaller or Nuitka. + +Links: +- Nutika: https://nuitka.net/ +- Pyinstaller: https://pyinstaller.org/ + +Pyinstaller: +- Basic command: `pyinstaller --onefile main.py` + +Nutika: +- Basic command: `python -m nuitka --follow-imports --onefile main.py` + +## **`KeyAuthApp` instance definition** Visit and select your application, then click on the **Python** tab @@ -33,11 +65,11 @@ keyauthapp = api( ) ``` -#### **Initialize application** +## **Initialize application** You don't need to add any code to initalize. KeyAuth will initalize when the instance definition is made. -#### **Display application information** +## **Display application information** ```py print(f""" @@ -50,7 +82,7 @@ Customer panel link: {keyauthapp.app_data.customer_panel} """) ``` -#### **Check session validation** +## **Check session validation** Use this to see if the user is logged in or not. @@ -58,7 +90,7 @@ Use this to see if the user is logged in or not. print(f"Current Session Validation Status: {keyauthapp.check()}") ``` -#### **Check blacklist status** +## **Check blacklist status** Check if HWID or IP Address is blacklisted. You can add this if you want, just to make sure nobody can open your program for less than a second if they're blacklisted. Though, if you don't mind a blacklisted user having the program for a few seconds until they try to login and register, and you care about having the quickest program for your users, you shouldn't use this function then. If a blacklisted user tries to login/register, the KeyAuth server will check if they're blacklisted and deny entry if so. So the check blacklist function is just auxiliary function that's optional. @@ -68,7 +100,7 @@ if keyauthapp.checkblacklist(): os._exit(1) ``` -#### **Login with username/password** +## **Login with username/password** ```py user = input('Provide username: ') @@ -76,7 +108,7 @@ password = input('Provide password: ') keyauthapp.login(user, password) ``` -#### **Register with username/password/key** +## **Register with username/password/key** ```py user = input('Provide username: ') @@ -85,7 +117,7 @@ license = input('Provide License: ') keyauthapp.register(user, password, license) ``` -#### **Upgrade user username/key** +## **Upgrade user username/key** Used so the user can add extra time to their account by claiming new key. @@ -98,7 +130,7 @@ license = input('Provide License: ') keyauthapp.upgrade(user, license) ``` -#### **Login with just license key** +## **Login with just license key** Users can use this function if their license key has never been used before, and if it has been used before. So if you plan to just allow users to use keys, you can remove the login and register functions from your code. @@ -107,7 +139,7 @@ key = input('Enter your license: ') keyauthapp.license(key) ``` -#### **User Data** +## **User Data** Show information for current logged-in user. @@ -131,7 +163,7 @@ print("Expires at: " + datetime.utcfromtimestamp(int(keyauthapp.user_data.expire print(f"Current Session Validation Status: {keyauthapp.check()}") ``` -#### **Show list of online users** +## **Show list of online users** ```py onlineUsers = keyauthapp.fetchOnline() @@ -145,7 +177,7 @@ else: print("\n" + OU + "\n") ``` -#### **Application variables** +## **Application variables** A string that is kept on the server-side of KeyAuth. On the dashboard you can choose for each variable to be authenticated (only logged in users can access), or not authenticated (any user can access before login). These are global and static for all users, unlike User Variables which will be dicussed below this section. @@ -155,7 +187,7 @@ data = keyauthapp.var("varName") print(data) ``` -#### **User Variables** +## **User Variables** User variables are strings kept on the server-side of KeyAuth. They are specific to users. They can be set on Dashboard in the Users tab, via SellerAPI, or via your loader using the code below. `discord` is the user variable name you fetch the user variable by. `test#0001` is the variable data you get when fetching the user variable. @@ -172,7 +204,7 @@ data = keyauthapp.getvar("varName") print(data) ``` -#### **Application Logs** +## **Application Logs** Can be used to log data. Good for anti-debug alerts and maybe error debugging. If you set Discord webhook in the app settings of the Dashboard, it will send log messages to your Discord webhook rather than store them on site. It's recommended that you set Discord webhook, as logs on site may be deleted after a couple months of their creation. @@ -183,7 +215,7 @@ You can use the log function before login & after login. keyauthapp.log("Message") ``` -#### **Ban the user** +## **Ban the user** Ban the user and blacklist their HWID and IP Address. Good function to call upon if you use anti-debug and have detected an intrusion attempt. @@ -193,7 +225,7 @@ Function only works after login. keyauthapp.ban() ``` -#### **Server-sided webhooks** +## **Server-sided webhooks** Tutorial video https://www.youtube.com/watch?v=ENRaNPPYJbc @@ -216,7 +248,7 @@ data = keyauthapp.webhook("7kR0UedlVI", "", "type=init&name=test&ownerid=j9Gj0FT data = keyauthapp.webhook("7kR0UedlVI", "", "{\"content\": \"webhook message here\",\"embeds\": null}", "application/json") ``` -#### **Download file** +## **Download file** Keep files secure by providing KeyAuth your file download link on the KeyAuth dashboard. Make sure this is a direct download link (as soon as you go to the link, it starts downloading without you clicking anything). The KeyAuth download function provides the bytes, and then you get to decide what to do with those. This example shows how to write it to a file named `text.txt` in the same folder as the program, though you could execute with RunPE or whatever you want. @@ -230,7 +262,7 @@ f.write(bytes) f.close() ``` -#### **Chat channels** +## **Chat channels** Allow users to communicate amongst themselves in your program. @@ -253,17 +285,3 @@ Example on how to send chat message. * Send chat message keyauthapp.chatSend("MESSAGE", "CHANNEL") ``` - -#### **How to compile?** - -You can either use Pyinstaller or Nuitka. - -Links: -- Nutika: https://nuitka.net/ -- Pyinstaller: https://pyinstaller.org/ - -Pyinstaller: -- Basic command: `pyinstaller --onefile main.py` - -Nutika: -- Basic command: `python -m nuitka --follow-imports --onefile main.py` From c1d158913ef299650f824c17a36ebff707108923 Mon Sep 17 00:00:00 2001 From: William Nelson <83034852+wnelson03@users.noreply.github.com> Date: Mon, 30 Jan 2023 13:06:58 -0500 Subject: [PATCH 070/106] improve README --- README.md | 12 +++++++++--- 1 file changed, 9 insertions(+), 3 deletions(-) diff --git a/README.md b/README.md index 1e4e1ff..6dadfab 100644 --- a/README.md +++ b/README.md @@ -1,5 +1,5 @@ # KeyAuth-Python-Example -KeyAuth Python Example For The https://keyauth.cc Authentication system. +KeyAuth Python example for the https://keyauth.cc authentication system. ## **Bugs** @@ -51,7 +51,7 @@ Nutika: ## **`KeyAuthApp` instance definition** -Visit and select your application, then click on the **Python** tab +Visit https://keyauth.cc/app/ and select your application, then click on the **Python** tab It'll provide you with the code which you should replace with in the `main.py` file. @@ -206,7 +206,7 @@ print(data) ## **Application Logs** -Can be used to log data. Good for anti-debug alerts and maybe error debugging. If you set Discord webhook in the app settings of the Dashboard, it will send log messages to your Discord webhook rather than store them on site. It's recommended that you set Discord webhook, as logs on site may be deleted after a couple months of their creation. +Can be used to log data. Good for anti-debug alerts and maybe error debugging. If you set Discord webhook in the app settings of the Dashboard, it will send log messages to your Discord webhook rather than store them on site. It's recommended that you set Discord webhook, as logs on site are deleted 1 month after being sent. You can use the log function before login & after login. @@ -229,6 +229,9 @@ keyauthapp.ban() Tutorial video https://www.youtube.com/watch?v=ENRaNPPYJbc +> **Note** +> Read documentation for KeyAuth webhooks here https://docs.keyauth.cc/website/dashboard/webhooks + Send HTTP requests to URLs securely without leaking the URL in your application. You should definitely use if you want to send requests to SellerAPI from your application, otherwise if you don't use you'll be leaking your seller key to everyone. And then someone can mess up your application. 1st example is how to send request with no POST data. just a GET request to the URL. `7kR0UedlVI` is the webhook ID, `https://keyauth.win/api/seller/?sellerkey=sellerkeyhere&type=black` is what you should put as the webhook endpoint on the dashboard. This is the part you don't want users to see. And then you have `&ip=1.1.1.1&hwid=abc` in your program code which will be added to the webhook endpoint on the keyauth server and then the request will be sent. @@ -250,6 +253,9 @@ data = keyauthapp.webhook("7kR0UedlVI", "", "{\"content\": \"webhook message her ## **Download file** +> **Note** +> Read documentation for KeyAuth files here https://docs.keyauth.cc/website/dashboard/files + Keep files secure by providing KeyAuth your file download link on the KeyAuth dashboard. Make sure this is a direct download link (as soon as you go to the link, it starts downloading without you clicking anything). The KeyAuth download function provides the bytes, and then you get to decide what to do with those. This example shows how to write it to a file named `text.txt` in the same folder as the program, though you could execute with RunPE or whatever you want. `385624` is the file ID you get from the dashboard after adding file. From c52378707b672134c56841d30b0013f015a84b4d Mon Sep 17 00:00:00 2001 From: Shxde <112267394+Shxde1@users.noreply.github.com> Date: Sat, 4 Feb 2023 13:11:10 -0500 Subject: [PATCH 071/106] Update keyauth.py --- keyauth.py | 22 ++++++++++++++++++++++ 1 file changed, 22 insertions(+) diff --git a/keyauth.py b/keyauth.py index c11205d..f0a2d67 100644 --- a/keyauth.py +++ b/keyauth.py @@ -499,6 +499,28 @@ def checkinit(self): time.sleep(2) os._exit(1) + def changeUsername(self, username): + self.checkinit() + init_iv = SHA256.new(str(uuid4())[:8].encode()).hexdigest() + post_data = { + "type": binascii.hexlify("changeUsername".encode()), + "newUsername": username, + "sessionid": binascii.hexlify(self.sessionid.encode()), + "name": binascii.hexlify(self.name.encode()), + "ownerid": binascii.hexlify(self.ownerid.encode()), + "init_iv": init_iv + } + + response = self.__do_request(post_data) + response = encryption.decrypt(response, self.enckey, init_iv) + json = jsond.loads(response) + + if json["success"]: + print("successfully Changed Username") + else: + print(json["message"]) + os._exit(1) + def __do_request(self, post_data): try: rq_out = s.post( From 6660c121feb81ac311202ced537598a999f65a72 Mon Sep 17 00:00:00 2001 From: William Nelson <83034852+wnelson03@users.noreply.github.com> Date: Fri, 17 Feb 2023 16:11:52 -0500 Subject: [PATCH 072/106] Add Snyk.io GitHub Action --- .github/workflows/snyk-infrastructure.yml | 54 +++++++++++++++++++++++ 1 file changed, 54 insertions(+) create mode 100644 .github/workflows/snyk-infrastructure.yml diff --git a/.github/workflows/snyk-infrastructure.yml b/.github/workflows/snyk-infrastructure.yml new file mode 100644 index 0000000..dcd0cef --- /dev/null +++ b/.github/workflows/snyk-infrastructure.yml @@ -0,0 +1,54 @@ +# This workflow uses actions that are not certified by GitHub. +# They are provided by a third-party and are governed by +# separate terms of service, privacy policy, and support +# documentation. + +# A sample workflow which checks out your Infrastructure as Code Configuration files, +# such as Kubernetes, Helm & Terraform and scans them for any security issues. +# The results are then uploaded to GitHub Security Code Scanning +# +# For more examples, including how to limit scans to only high-severity issues +# and fail PR checks, see https://github.com/snyk/actions/ + +name: Snyk Infrastructure as Code + +on: + push: + branches: [ "main" ] + pull_request: + # The branches below must be a subset of the branches above + branches: [ "main" ] + schedule: + - cron: '15 3 * * 5' + +permissions: + contents: read + +jobs: + snyk: + permissions: + contents: read # for actions/checkout to fetch code + security-events: write # for github/codeql-action/upload-sarif to upload SARIF results + actions: read # only required for a private repository by github/codeql-action/upload-sarif to get the Action run status + runs-on: ubuntu-latest + steps: + - uses: actions/checkout@v3 + - name: Run Snyk to check configuration files for security issues + # Snyk can be used to break the build when it detects security issues. + # In this case we want to upload the issues to GitHub Code Scanning + continue-on-error: true + uses: snyk/actions/iac@14818c4695ecc4045f33c9cee9e795a788711ca4 + env: + # In order to use the Snyk Action you will need to have a Snyk API token. + # More details in https://github.com/snyk/actions#getting-your-snyk-token + # or you can signup for free at https://snyk.io/login + SNYK_TOKEN: ${{ secrets.SNYK_TOKEN }} + with: + # Add the path to the configuration file that you would like to test. + # For example `deployment.yaml` for a Kubernetes deployment manifest + # or `main.tf` for a Terraform configuration file + file: your-file-to-test.yaml + - name: Upload result to GitHub Code Scanning + uses: github/codeql-action/upload-sarif@v2 + with: + sarif_file: snyk.sarif From 209c98c4051abca83bdf5cc399ead8bb2fbff72d Mon Sep 17 00:00:00 2001 From: William Nelson <83034852+wnelson03@users.noreply.github.com> Date: Fri, 17 Feb 2023 16:12:15 -0500 Subject: [PATCH 073/106] Added GitHub Action to wrong repository --- .github/workflows/snyk-infrastructure.yml | 54 ----------------------- 1 file changed, 54 deletions(-) delete mode 100644 .github/workflows/snyk-infrastructure.yml diff --git a/.github/workflows/snyk-infrastructure.yml b/.github/workflows/snyk-infrastructure.yml deleted file mode 100644 index dcd0cef..0000000 --- a/.github/workflows/snyk-infrastructure.yml +++ /dev/null @@ -1,54 +0,0 @@ -# This workflow uses actions that are not certified by GitHub. -# They are provided by a third-party and are governed by -# separate terms of service, privacy policy, and support -# documentation. - -# A sample workflow which checks out your Infrastructure as Code Configuration files, -# such as Kubernetes, Helm & Terraform and scans them for any security issues. -# The results are then uploaded to GitHub Security Code Scanning -# -# For more examples, including how to limit scans to only high-severity issues -# and fail PR checks, see https://github.com/snyk/actions/ - -name: Snyk Infrastructure as Code - -on: - push: - branches: [ "main" ] - pull_request: - # The branches below must be a subset of the branches above - branches: [ "main" ] - schedule: - - cron: '15 3 * * 5' - -permissions: - contents: read - -jobs: - snyk: - permissions: - contents: read # for actions/checkout to fetch code - security-events: write # for github/codeql-action/upload-sarif to upload SARIF results - actions: read # only required for a private repository by github/codeql-action/upload-sarif to get the Action run status - runs-on: ubuntu-latest - steps: - - uses: actions/checkout@v3 - - name: Run Snyk to check configuration files for security issues - # Snyk can be used to break the build when it detects security issues. - # In this case we want to upload the issues to GitHub Code Scanning - continue-on-error: true - uses: snyk/actions/iac@14818c4695ecc4045f33c9cee9e795a788711ca4 - env: - # In order to use the Snyk Action you will need to have a Snyk API token. - # More details in https://github.com/snyk/actions#getting-your-snyk-token - # or you can signup for free at https://snyk.io/login - SNYK_TOKEN: ${{ secrets.SNYK_TOKEN }} - with: - # Add the path to the configuration file that you would like to test. - # For example `deployment.yaml` for a Kubernetes deployment manifest - # or `main.tf` for a Terraform configuration file - file: your-file-to-test.yaml - - name: Upload result to GitHub Code Scanning - uses: github/codeql-action/upload-sarif@v2 - with: - sarif_file: snyk.sarif From fc936f071e620aca944dce1e4a844e9967d88d6b Mon Sep 17 00:00:00 2001 From: William Nelson <83034852+wnelson03@users.noreply.github.com> Date: Wed, 22 Feb 2023 15:56:02 -0500 Subject: [PATCH 074/106] Update Discord --- README.md | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/README.md b/README.md index 6dadfab..7294d87 100644 --- a/README.md +++ b/README.md @@ -3,7 +3,7 @@ KeyAuth Python example for the https://keyauth.cc authentication system. ## **Bugs** -If the default example not added to your software isn't functioning how it should, please join the Discord server https://discord.gg/keyauth and submit the issue in the `#bugs` channel. +If the default example not added to your software isn't functioning how it should, please join the Discord server https://discord.gg/HjfhCe4eE2 and submit the issue in the `#bugs` channel. However, we do **NOT** provide support for adding KeyAuth to your project. If you can't figure this out you should use Google or YouTube to learn more about the programming language you want to sell a program in. @@ -27,7 +27,7 @@ Thank you for your compliance, we work hard on the development of KeyAuth and do ## **What is KeyAuth?** -KeyAuth is an Open source authentication system with cloud hosting plans as well. Client SDKs available for [C#](https://github.com/KeyAuth/KeyAuth-CSHARP-Example), [C++](https://github.com/KeyAuth/KeyAuth-CPP-Example), [Python](https://github.com/KeyAuth/KeyAuth-Python-Example), [Java](https://github.com/SprayDown/KeyAuth-JAVA-api), [JavaScript](https://github.com/mazkdevf/KeyAuth-JS-Example), [VB.NET](https://github.com/KeyAuth/KeyAuth-VB-Example), [PHP](https://github.com/KeyAuth/KeyAuth-PHP-Example), [Rust](https://github.com/KeyAuth/KeyAuth-Rust-Example), [Go](https://github.com/mazkdevf/KeyAuth-Go-Example), [Lua](https://github.com/mazkdevf/KeyAuth-Lua-Examples), [Ruby](https://github.com/mazkdevf/KeyAuth-Ruby-Example), and [Perl](https://github.com/mazkdevf/KeyAuth-Perl-Example). KeyAuth has several unique features such as memory streaming, webhook function where you can send requests to API without leaking the API, discord webhook notifications, ban the user securely through the application at your discretion. Feel free to join https://discord.gg/keyauth if you have questions or suggestions. +KeyAuth is an Open source authentication system with cloud hosting plans as well. Client SDKs available for [C#](https://github.com/KeyAuth/KeyAuth-CSHARP-Example), [C++](https://github.com/KeyAuth/KeyAuth-CPP-Example), [Python](https://github.com/KeyAuth/KeyAuth-Python-Example), [Java](https://github.com/SprayDown/KeyAuth-JAVA-api), [JavaScript](https://github.com/mazkdevf/KeyAuth-JS-Example), [VB.NET](https://github.com/KeyAuth/KeyAuth-VB-Example), [PHP](https://github.com/KeyAuth/KeyAuth-PHP-Example), [Rust](https://github.com/KeyAuth/KeyAuth-Rust-Example), [Go](https://github.com/mazkdevf/KeyAuth-Go-Example), [Lua](https://github.com/mazkdevf/KeyAuth-Lua-Examples), [Ruby](https://github.com/mazkdevf/KeyAuth-Ruby-Example), and [Perl](https://github.com/mazkdevf/KeyAuth-Perl-Example). KeyAuth has several unique features such as memory streaming, webhook function where you can send requests to API without leaking the API, discord webhook notifications, ban the user securely through the application at your discretion. Feel free to join https://discord.gg/HjfhCe4eE2 if you have questions or suggestions. ## **Customer connection issues?** From 280696a31a26f5b23fe19ee3a87dacb24eabc48a Mon Sep 17 00:00:00 2001 From: William Nelson <83034852+wnelson03@users.noreply.github.com> Date: Wed, 22 Feb 2023 23:50:32 -0500 Subject: [PATCH 075/106] Update Discord --- README.md | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/README.md b/README.md index 7294d87..6dadfab 100644 --- a/README.md +++ b/README.md @@ -3,7 +3,7 @@ KeyAuth Python example for the https://keyauth.cc authentication system. ## **Bugs** -If the default example not added to your software isn't functioning how it should, please join the Discord server https://discord.gg/HjfhCe4eE2 and submit the issue in the `#bugs` channel. +If the default example not added to your software isn't functioning how it should, please join the Discord server https://discord.gg/keyauth and submit the issue in the `#bugs` channel. However, we do **NOT** provide support for adding KeyAuth to your project. If you can't figure this out you should use Google or YouTube to learn more about the programming language you want to sell a program in. @@ -27,7 +27,7 @@ Thank you for your compliance, we work hard on the development of KeyAuth and do ## **What is KeyAuth?** -KeyAuth is an Open source authentication system with cloud hosting plans as well. Client SDKs available for [C#](https://github.com/KeyAuth/KeyAuth-CSHARP-Example), [C++](https://github.com/KeyAuth/KeyAuth-CPP-Example), [Python](https://github.com/KeyAuth/KeyAuth-Python-Example), [Java](https://github.com/SprayDown/KeyAuth-JAVA-api), [JavaScript](https://github.com/mazkdevf/KeyAuth-JS-Example), [VB.NET](https://github.com/KeyAuth/KeyAuth-VB-Example), [PHP](https://github.com/KeyAuth/KeyAuth-PHP-Example), [Rust](https://github.com/KeyAuth/KeyAuth-Rust-Example), [Go](https://github.com/mazkdevf/KeyAuth-Go-Example), [Lua](https://github.com/mazkdevf/KeyAuth-Lua-Examples), [Ruby](https://github.com/mazkdevf/KeyAuth-Ruby-Example), and [Perl](https://github.com/mazkdevf/KeyAuth-Perl-Example). KeyAuth has several unique features such as memory streaming, webhook function where you can send requests to API without leaking the API, discord webhook notifications, ban the user securely through the application at your discretion. Feel free to join https://discord.gg/HjfhCe4eE2 if you have questions or suggestions. +KeyAuth is an Open source authentication system with cloud hosting plans as well. Client SDKs available for [C#](https://github.com/KeyAuth/KeyAuth-CSHARP-Example), [C++](https://github.com/KeyAuth/KeyAuth-CPP-Example), [Python](https://github.com/KeyAuth/KeyAuth-Python-Example), [Java](https://github.com/SprayDown/KeyAuth-JAVA-api), [JavaScript](https://github.com/mazkdevf/KeyAuth-JS-Example), [VB.NET](https://github.com/KeyAuth/KeyAuth-VB-Example), [PHP](https://github.com/KeyAuth/KeyAuth-PHP-Example), [Rust](https://github.com/KeyAuth/KeyAuth-Rust-Example), [Go](https://github.com/mazkdevf/KeyAuth-Go-Example), [Lua](https://github.com/mazkdevf/KeyAuth-Lua-Examples), [Ruby](https://github.com/mazkdevf/KeyAuth-Ruby-Example), and [Perl](https://github.com/mazkdevf/KeyAuth-Perl-Example). KeyAuth has several unique features such as memory streaming, webhook function where you can send requests to API without leaking the API, discord webhook notifications, ban the user securely through the application at your discretion. Feel free to join https://discord.gg/keyauth if you have questions or suggestions. ## **Customer connection issues?** From a4bbd3d8352896e1a33bc3d5af453a6279baee7a Mon Sep 17 00:00:00 2001 From: William Nelson <83034852+wnelson03@users.noreply.github.com> Date: Sun, 19 Mar 2023 18:42:55 -0400 Subject: [PATCH 076/106] Add PR Workflow --- .github/workflows/pr_notification.yml | 12 ++++++++++++ 1 file changed, 12 insertions(+) create mode 100644 .github/workflows/pr_notification.yml diff --git a/.github/workflows/pr_notification.yml b/.github/workflows/pr_notification.yml new file mode 100644 index 0000000..de44c8b --- /dev/null +++ b/.github/workflows/pr_notification.yml @@ -0,0 +1,12 @@ +name: Pull Request Notification + +on: + pull_request_target: + types: + - opened + +jobs: + notify: + uses: KeyAuth/.github/.github/workflows/pr_notification_global.yml@main + secrets: + DISCORD_PR: ${{ secrets.DISCORD_PR }} From b6514b3998d4b1f31089eebed7563524b7465867 Mon Sep 17 00:00:00 2001 From: William Nelson Date: Tue, 4 Apr 2023 12:57:06 -0400 Subject: [PATCH 077/106] Add disclaimer about user var/normal var misunderstanding --- keyauth.py | 1 + 1 file changed, 1 insertion(+) diff --git a/keyauth.py b/keyauth.py index f0a2d67..8d8a6e7 100644 --- a/keyauth.py +++ b/keyauth.py @@ -264,6 +264,7 @@ def getvar(self, var_name): if json["success"]: return json["response"] else: + print(f"NOTE: This is commonly misunderstood. This is for user variables, not the normal variables.\nUse keyauthapp.var(\"{var_name}\") for normal variables"); print(json["message"]) time.sleep(5) os._exit(1) From 9756f09caa9f4ffdc44b7ec216ce4a55dd79867d Mon Sep 17 00:00:00 2001 From: api <110469682+apilol@users.noreply.github.com> Date: Fri, 7 Apr 2023 08:00:56 -0700 Subject: [PATCH 078/106] Sleep on error of functions --- keyauth.py | 10 +++++++++- 1 file changed, 9 insertions(+), 1 deletion(-) diff --git a/keyauth.py b/keyauth.py index 8d8a6e7..af4fa4b 100644 --- a/keyauth.py +++ b/keyauth.py @@ -31,7 +31,7 @@ s.get('https://google.com') except requests.exceptions.RequestException as e: print(e) - time.sleep(3) + time.sleep(5) os._exit(1) @@ -87,6 +87,7 @@ def init(self): print("New Version Available") download_link = json["download"] os.system(f"start {download_link}") + time.sleep(3) os._exit(1) else: print("Invalid Version, Contact owner to add download link to latest app version") @@ -94,6 +95,7 @@ def init(self): if not json["success"]: print(json["message"]) + time.sleep(3) os._exit(1) self.sessionid = json["sessionid"] @@ -128,6 +130,7 @@ def register(self, user, password, license, hwid=None): self.__load_user_data(json["info"]) else: print(json["message"]) + time.sleep(5) os._exit(1) def upgrade(self, user, license): @@ -157,6 +160,7 @@ def upgrade(self, user, license): os._exit(1) else: print(json["message"]) + time.sleep(5) os._exit(1) def login(self, user, password, hwid=None): @@ -188,6 +192,7 @@ def login(self, user, password, hwid=None): print("successfully logged in") else: print(json["message"]) + time.sleep(5) os._exit(1) def license(self, key, hwid=None): @@ -217,6 +222,7 @@ def license(self, key, hwid=None): print("successfully logged into license") else: print(json["message"]) + time.sleep(5) os._exit(1) def var(self, name): @@ -610,6 +616,7 @@ def encrypt(message, enc_key, iv): return encryption.encrypt_string(message.encode(), _key.encode(), _iv.encode()).decode() except: print("Invalid Application Information. Long text is secret short text is ownerid. Name is supposed to be app name not username") + time.sleep(5) os._exit(1) @staticmethod @@ -622,4 +629,5 @@ def decrypt(message, enc_key, iv): return encryption.decrypt_string(message.encode(), _key.encode(), _iv.encode()).decode() except: print("Invalid Application Information. Long text is secret short text is ownerid. Name is supposed to be app name not username") + time.sleep(5) os._exit(1) From c450f41312a236ec7692e02c16b82ff0e2237727 Mon Sep 17 00:00:00 2001 From: api <110469682+apilol@users.noreply.github.com> Date: Tue, 6 Jun 2023 02:47:18 -0700 Subject: [PATCH 079/106] Update keyauth.py --- keyauth.py | 3 +++ 1 file changed, 3 insertions(+) diff --git a/keyauth.py b/keyauth.py index af4fa4b..ce2b3c6 100644 --- a/keyauth.py +++ b/keyauth.py @@ -77,6 +77,7 @@ def init(self): if response == "KeyAuth_Invalid": print("The application doesn't exist") + time.sleep(5) os._exit(1) response = encryption.decrypt(response, self.secret, init_iv) @@ -91,6 +92,7 @@ def init(self): os._exit(1) else: print("Invalid Version, Contact owner to add download link to latest app version") + time.sleep(5) os._exit(1) if not json["success"]: @@ -526,6 +528,7 @@ def changeUsername(self, username): print("successfully Changed Username") else: print(json["message"]) + time.sleep(5) os._exit(1) def __do_request(self, post_data): From 704727df90b794c10510b7abe0366c5568717785 Mon Sep 17 00:00:00 2001 From: William Nelson Date: Wed, 7 Jun 2023 11:30:26 -0400 Subject: [PATCH 080/106] Improve instructions, fix empty HWID error --- keyauth.py | 56 ++++++++++++++++++++++++++++-------------------------- main.py | 37 ++++++++++++++++++++---------------- 2 files changed, 50 insertions(+), 43 deletions(-) diff --git a/keyauth.py b/keyauth.py index ce2b3c6..76efe65 100644 --- a/keyauth.py +++ b/keyauth.py @@ -31,7 +31,7 @@ s.get('https://google.com') except requests.exceptions.RequestException as e: print(e) - time.sleep(5) + time.sleep(3) os._exit(1) @@ -57,7 +57,7 @@ def init(self): if self.sessionid != "": print("You've already initialized!") - time.sleep(2) + time.sleep(3) os._exit(1) init_iv = SHA256.new(str(uuid4())[:8].encode()).hexdigest() @@ -77,7 +77,7 @@ def init(self): if response == "KeyAuth_Invalid": print("The application doesn't exist") - time.sleep(5) + time.sleep(3) os._exit(1) response = encryption.decrypt(response, self.secret, init_iv) @@ -92,7 +92,7 @@ def init(self): os._exit(1) else: print("Invalid Version, Contact owner to add download link to latest app version") - time.sleep(5) + time.sleep(3) os._exit(1) if not json["success"]: @@ -132,7 +132,7 @@ def register(self, user, password, license, hwid=None): self.__load_user_data(json["info"]) else: print(json["message"]) - time.sleep(5) + time.sleep(3) os._exit(1) def upgrade(self, user, license): @@ -156,13 +156,13 @@ def upgrade(self, user, license): json = jsond.loads(response) if json["success"]: - print("successfully upgraded user") - print("please restart program and login") - time.sleep(2) + print("Successfully upgraded user") + print("Please restart program and login") + time.sleep(3) os._exit(1) else: print(json["message"]) - time.sleep(5) + time.sleep(3) os._exit(1) def login(self, user, password, hwid=None): @@ -191,10 +191,10 @@ def login(self, user, password, hwid=None): if json["success"]: self.__load_user_data(json["info"]) - print("successfully logged in") + print("Successfully logged in") else: print(json["message"]) - time.sleep(5) + time.sleep(3) os._exit(1) def license(self, key, hwid=None): @@ -221,10 +221,10 @@ def license(self, key, hwid=None): if json["success"]: self.__load_user_data(json["info"]) - print("successfully logged into license") + print("Successfully logged in with license") else: print(json["message"]) - time.sleep(5) + time.sleep(3) os._exit(1) def var(self, name): @@ -250,7 +250,7 @@ def var(self, name): return json["message"] else: print(json["message"]) - time.sleep(5) + time.sleep(3) os._exit(1) def getvar(self, var_name): @@ -274,7 +274,7 @@ def getvar(self, var_name): else: print(f"NOTE: This is commonly misunderstood. This is for user variables, not the normal variables.\nUse keyauthapp.var(\"{var_name}\") for normal variables"); print(json["message"]) - time.sleep(5) + time.sleep(3) os._exit(1) def setvar(self, var_name, var_data): @@ -297,7 +297,7 @@ def setvar(self, var_name, var_data): return True else: print(json["message"]) - time.sleep(5) + time.sleep(3) os._exit(1) def ban(self): @@ -318,7 +318,7 @@ def ban(self): return True else: print(json["message"]) - time.sleep(5) + time.sleep(3) os._exit(1) def file(self, fileid): @@ -342,7 +342,7 @@ def file(self, fileid): if not json["success"]: print(json["message"]) - time.sleep(5) + time.sleep(3) os._exit(1) return binascii.unhexlify(json["contents"]) @@ -371,7 +371,7 @@ def webhook(self, webid, param, body = "", conttype = ""): return json["message"] else: print(json["message"]) - time.sleep(5) + time.sleep(3) os._exit(1) def check(self): @@ -505,7 +505,7 @@ def chatSend(self, message, channel): def checkinit(self): if not self.initialized: print("Initialize first, in order to use the functions") - time.sleep(2) + time.sleep(3) os._exit(1) def changeUsername(self, username): @@ -525,10 +525,10 @@ def changeUsername(self, username): json = jsond.loads(response) if json["success"]: - print("successfully Changed Username") + print("Successfully changed username") else: print(json["message"]) - time.sleep(5) + time.sleep(3) os._exit(1) def __do_request(self, post_data): @@ -560,7 +560,7 @@ def __load_app_data(self, data): def __load_user_data(self, data): self.user_data.username = data["username"] self.user_data.ip = data["ip"] - self.user_data.hwid = data["hwid"] + self.user_data.hwid = data["hwid"] or "N/A" self.user_data.expires = data["subscriptions"][0]["expiry"] self.user_data.createdate = data["createdate"] self.user_data.lastlogin = data["lastlogin"] @@ -618,8 +618,9 @@ def encrypt(message, enc_key, iv): return encryption.encrypt_string(message.encode(), _key.encode(), _iv.encode()).decode() except: - print("Invalid Application Information. Long text is secret short text is ownerid. Name is supposed to be app name not username") - time.sleep(5) + print("Encryption error. Make sure your app details are correct, see response below") + print("Response: " + message) + time.sleep(3) os._exit(1) @staticmethod @@ -631,6 +632,7 @@ def decrypt(message, enc_key, iv): return encryption.decrypt_string(message.encode(), _key.encode(), _iv.encode()).decode() except: - print("Invalid Application Information. Long text is secret short text is ownerid. Name is supposed to be app name not username") - time.sleep(5) + print("Encryption error. Make sure your app details are correct, see response below") + print("Response: " + message) + time.sleep(3) os._exit(1) diff --git a/main.py b/main.py index 8415db7..c18561e 100644 --- a/main.py +++ b/main.py @@ -1,3 +1,12 @@ +''' +KeyAuth.cc Python Example + +Go to https://keyauth.cc/app/ and click the Python tab. Copy that code and replace the existing keyauthapp instance in this file. + +If you get an error saying it can't find module KeyAuth, try following this https://github.com/KeyAuth/KeyAuth-Python-Example#how-to-compile + +If that doesn't work for you, you can paste the contents of KeyAuth.py ABOVE this comment and then remove the "from keyauth import api" and that should work too. +''' from keyauth import api import sys @@ -13,18 +22,15 @@ # watch setup video if you need help https://www.youtube.com/watch?v=L2eAQOmuUiA -if sys.version_info.minor < 10: # Python version check (Bypass Patch) - print("[Security] - Python 3.10 or higher is recommended. The bypass will not work on 3.10+") - print("You are using Python {}.{}".format(sys.version_info.major, sys.version_info.minor)) - -if platform.system() == 'Windows': - os.system('cls & title Python Example') # clear console, change title -elif platform.system() == 'Linux': - os.system('clear') # clear console - sys.stdout.write("\x1b]0;Python Example\x07") # change title -elif platform.system() == 'Darwin': - os.system("clear && printf '\e[3J'") # clear console - os.system('''echo - n - e "\033]0;Python Example\007"''') # change title +def clear(): + if platform.system() == 'Windows': + os.system('cls & title Python Example') # clear console, change title + elif platform.system() == 'Linux': + os.system('clear') # clear console + sys.stdout.write("\x1b]0;Python Example\x07") # change title + elif platform.system() == 'Darwin': + os.system("clear && printf '\e[3J'") # clear console + os.system('''echo - n - e "\033]0;Python Example\007"''') # change title print("Initializing") @@ -56,7 +62,6 @@ def getchecksum(): print(f"Current Session Validation Status: {keyauthapp.check()}") print(f"Blacklisted? : {keyauthapp.checkblacklist()}") # check if blacklisted, you can edit this and make it exit the program if blacklisted - def answer(): try: print(""" @@ -83,9 +88,9 @@ def answer(): key = input('Enter your license: ') keyauthapp.license(key) else: - print("\nNot Valid Option") - time.sleep(1) - os.system('cls') + print("\nInvalid option") + sleep(1) + clear() answer() except KeyboardInterrupt: os._exit(1) From e9f728cbd01685150071141bf18c87ccc31ff047 Mon Sep 17 00:00:00 2001 From: William Nelson Date: Thu, 22 Jun 2023 10:35:26 -0400 Subject: [PATCH 081/106] Improve security and performance, bug fixes --- keyauth.py | 374 ++++++++++++++++++----------------------------- main.py | 84 +---------- requirements.txt | 1 - 3 files changed, 146 insertions(+), 313 deletions(-) diff --git a/keyauth.py b/keyauth.py index 76efe65..b07853c 100644 --- a/keyauth.py +++ b/keyauth.py @@ -5,41 +5,37 @@ from uuid import uuid4 # gen random guid import platform # check platform import subprocess # needed for mac device +import hmac # signature checksum +import hashlib # signature checksum try: if os.name == 'nt': import win32security # get sid (WIN only) import requests # https requests - from Crypto.Cipher import AES - from Crypto.Hash import SHA256 - from Crypto.Util.Padding import pad, unpad except ModuleNotFoundError: print("Exception when importing modules") print("Installing necessary modules....") if os.path.isfile("requirements.txt"): os.system("pip install -r requirements.txt") else: - os.system("pip install pywin32") - os.system("pip install pycryptodome") + if os.name == 'nt': + os.system("pip install pywin32") os.system("pip install requests") print("Modules installed!") time.sleep(1.5) os._exit(1) -try: # Connection check - s = requests.Session() # Session - s.get('https://google.com') -except requests.exceptions.RequestException as e: - print(e) - time.sleep(3) - os._exit(1) - class api: name = ownerid = secret = version = hash_to_check = "" def __init__(self, name, ownerid, secret, version, hash_to_check): + if len(ownerid) != 10 and len(secret) != 64: + print("Go to Manage Applications on dashboard, copy python code, and replace code in main.py with that") + time.sleep(3) + os._exit(1) + self.name = name self.ownerid = ownerid @@ -54,23 +50,22 @@ def __init__(self, name, ownerid, secret, version, hash_to_check): initialized = False def init(self): - if self.sessionid != "": print("You've already initialized!") time.sleep(3) os._exit(1) - init_iv = SHA256.new(str(uuid4())[:8].encode()).hexdigest() - - self.enckey = SHA256.new(str(uuid4())[:8].encode()).hexdigest() + sent_key = str(uuid4())[:16] + + self.enckey = sent_key + "-" + self.secret + post_data = { - "type": binascii.hexlify("init".encode()), - "ver": encryption.encrypt(self.version, self.secret, init_iv), + "type": "init", + "ver": self.version, "hash": self.hash_to_check, - "enckey": encryption.encrypt(self.enckey, self.secret, init_iv), - "name": binascii.hexlify(self.name.encode()), - "ownerid": binascii.hexlify(self.ownerid.encode()), - "init_iv": init_iv + "enckey": sent_key, + "name": self.name, + "ownerid": self.ownerid } response = self.__do_request(post_data) @@ -80,7 +75,6 @@ def init(self): time.sleep(3) os._exit(1) - response = encryption.decrypt(response, self.secret, init_iv) json = jsond.loads(response) if json["message"] == "invalidver": @@ -109,26 +103,23 @@ def register(self, user, password, license, hwid=None): if hwid is None: hwid = others.get_hwid() - init_iv = SHA256.new(str(uuid4())[:8].encode()).hexdigest() - post_data = { - "type": binascii.hexlify("register".encode()), - "username": encryption.encrypt(user, self.enckey, init_iv), - "pass": encryption.encrypt(password, self.enckey, init_iv), - "key": encryption.encrypt(license, self.enckey, init_iv), - "hwid": encryption.encrypt(hwid, self.enckey, init_iv), - "sessionid": binascii.hexlify(self.sessionid.encode()), - "name": binascii.hexlify(self.name.encode()), - "ownerid": binascii.hexlify(self.ownerid.encode()), - "init_iv": init_iv + "type": "register", + "username": user, + "pass": password, + "key": license, + "hwid": hwid, + "sessionid": self.sessionid, + "name": self.name, + "ownerid": self.ownerid } response = self.__do_request(post_data) - response = encryption.decrypt(response, self.enckey, init_iv) + json = jsond.loads(response) if json["success"]: - print("successfully registered") + print("Successfully registered") self.__load_user_data(json["info"]) else: print(json["message"]) @@ -137,22 +128,18 @@ def register(self, user, password, license, hwid=None): def upgrade(self, user, license): self.checkinit() - init_iv = SHA256.new(str(uuid4())[:8].encode()).hexdigest() post_data = { - "type": binascii.hexlify("upgrade".encode()), - "username": encryption.encrypt(user, self.enckey, init_iv), - "key": encryption.encrypt(license, self.enckey, init_iv), - "sessionid": binascii.hexlify(self.sessionid.encode()), - "name": binascii.hexlify(self.name.encode()), - "ownerid": binascii.hexlify(self.ownerid.encode()), - "init_iv": init_iv + "type": "upgrade", + "username": user, + "key": license, + "sessionid": self.sessionid, + "name": self.name, + "ownerid": self.ownerid } response = self.__do_request(post_data) - response = encryption.decrypt(response, self.enckey, init_iv) - json = jsond.loads(response) if json["success"]: @@ -170,23 +157,18 @@ def login(self, user, password, hwid=None): if hwid is None: hwid = others.get_hwid() - init_iv = SHA256.new(str(uuid4())[:8].encode()).hexdigest() - post_data = { - "type": binascii.hexlify("login".encode()), - "username": encryption.encrypt(user, self.enckey, init_iv), - "pass": encryption.encrypt(password, self.enckey, init_iv), - "hwid": encryption.encrypt(hwid, self.enckey, init_iv), - "sessionid": binascii.hexlify(self.sessionid.encode()), - "name": binascii.hexlify(self.name.encode()), - "ownerid": binascii.hexlify(self.ownerid.encode()), - "init_iv": init_iv + "type": "login", + "username": user, + "pass": password, + "hwid": hwid, + "sessionid": self.sessionid, + "name": self.name, + "ownerid": self.ownerid } response = self.__do_request(post_data) - response = encryption.decrypt(response, self.enckey, init_iv) - json = jsond.loads(response) if json["success"]: @@ -202,20 +184,16 @@ def license(self, key, hwid=None): if hwid is None: hwid = others.get_hwid() - init_iv = SHA256.new(str(uuid4())[:8].encode()).hexdigest() - post_data = { - "type": binascii.hexlify("license".encode()), - "key": encryption.encrypt(key, self.enckey, init_iv), - "hwid": encryption.encrypt(hwid, self.enckey, init_iv), - "sessionid": binascii.hexlify(self.sessionid.encode()), - "name": binascii.hexlify(self.name.encode()), - "ownerid": binascii.hexlify(self.ownerid.encode()), - "init_iv": init_iv + "type": "license", + "key": key, + "hwid": hwid, + "sessionid": self.sessionid, + "name": self.name, + "ownerid": self.ownerid } response = self.__do_request(post_data) - response = encryption.decrypt(response, self.enckey, init_iv) json = jsond.loads(response) @@ -229,21 +207,17 @@ def license(self, key, hwid=None): def var(self, name): self.checkinit() - init_iv = SHA256.new(str(uuid4())[:8].encode()).hexdigest() post_data = { - "type": binascii.hexlify("var".encode()), - "varid": encryption.encrypt(name, self.enckey, init_iv), - "sessionid": binascii.hexlify(self.sessionid.encode()), - "name": binascii.hexlify(self.name.encode()), - "ownerid": binascii.hexlify(self.ownerid.encode()), - "init_iv": init_iv + "type": "var", + "varid": name, + "sessionid": self.sessionid, + "name": self.name, + "ownerid": self.ownerid } response = self.__do_request(post_data) - response = encryption.decrypt(response, self.enckey, init_iv) - json = jsond.loads(response) if json["success"]: @@ -255,18 +229,16 @@ def var(self, name): def getvar(self, var_name): self.checkinit() - init_iv = SHA256.new(str(uuid4())[:8].encode()).hexdigest() post_data = { - "type": binascii.hexlify("getvar".encode()), - "var": encryption.encrypt(var_name, self.enckey, init_iv), - "sessionid": binascii.hexlify(self.sessionid.encode()), - "name": binascii.hexlify(self.name.encode()), - "ownerid": binascii.hexlify(self.ownerid.encode()), - "init_iv": init_iv + "type": "getvar", + "var": var_name, + "sessionid": self.sessionid, + "name": self.name, + "ownerid": self.ownerid } response = self.__do_request(post_data) - response = encryption.decrypt(response, self.enckey, init_iv) + json = jsond.loads(response) if json["success"]: @@ -279,18 +251,17 @@ def getvar(self, var_name): def setvar(self, var_name, var_data): self.checkinit() - init_iv = SHA256.new(str(uuid4())[:8].encode()).hexdigest() + post_data = { - "type": binascii.hexlify("setvar".encode()), - "var": encryption.encrypt(var_name, self.enckey, init_iv), - "data": encryption.encrypt(var_data, self.enckey, init_iv), - "sessionid": binascii.hexlify(self.sessionid.encode()), - "name": binascii.hexlify(self.name.encode()), - "ownerid": binascii.hexlify(self.ownerid.encode()), - "init_iv": init_iv + "type": "setvar", + "var": var_name, + "data": var_data, + "sessionid": self.sessionid, + "name": self.name, + "ownerid": self.ownerid } response = self.__do_request(post_data) - response = encryption.decrypt(response, self.enckey, init_iv) + json = jsond.loads(response) if json["success"]: @@ -302,16 +273,15 @@ def setvar(self, var_name, var_data): def ban(self): self.checkinit() - init_iv = SHA256.new(str(uuid4())[:8].encode()).hexdigest() + post_data = { - "type": binascii.hexlify("ban".encode()), - "sessionid": binascii.hexlify(self.sessionid.encode()), - "name": binascii.hexlify(self.name.encode()), - "ownerid": binascii.hexlify(self.ownerid.encode()), - "init_iv": init_iv + "type": "ban", + "sessionid": self.sessionid, + "name": self.name, + "ownerid": self.ownerid } response = self.__do_request(post_data) - response = encryption.decrypt(response, self.enckey, init_iv) + json = jsond.loads(response) if json["success"]: @@ -323,21 +293,17 @@ def ban(self): def file(self, fileid): self.checkinit() - init_iv = SHA256.new(str(uuid4())[:8].encode()).hexdigest() post_data = { - "type": binascii.hexlify("file".encode()), - "fileid": encryption.encrypt(fileid, self.enckey, init_iv), - "sessionid": binascii.hexlify(self.sessionid.encode()), - "name": binascii.hexlify(self.name.encode()), - "ownerid": binascii.hexlify(self.ownerid.encode()), - "init_iv": init_iv + "type": "file", + "fileid": fileid, + "sessionid": self.sessionid, + "name": self.name, + "ownerid": self.ownerid } response = self.__do_request(post_data) - response = encryption.decrypt(response, self.enckey, init_iv) - json = jsond.loads(response) if not json["success"]: @@ -348,23 +314,20 @@ def file(self, fileid): def webhook(self, webid, param, body = "", conttype = ""): self.checkinit() - init_iv = SHA256.new(str(uuid4())[:8].encode()).hexdigest() post_data = { - "type": binascii.hexlify("webhook".encode()), - "webid": encryption.encrypt(webid, self.enckey, init_iv), - "params": encryption.encrypt(param, self.enckey, init_iv), - "body": encryption.encrypt(body, self.enckey, init_iv), - "conttype": encryption.encrypt(conttype, self.enckey, init_iv), - "sessionid": binascii.hexlify(self.sessionid.encode()), - "name": binascii.hexlify(self.name.encode()), - "ownerid": binascii.hexlify(self.ownerid.encode()), - "init_iv": init_iv + "type": "webhook", + "webid": webid, + "params": param, + "body": body, + "conttype": conttype, + "sessionid": self.sessionid, + "name": self.name, + "ownerid": self.ownerid } response = self.__do_request(post_data) - response = encryption.decrypt(response, self.enckey, init_iv) json = jsond.loads(response) if json["success"]: @@ -376,17 +339,15 @@ def webhook(self, webid, param, body = "", conttype = ""): def check(self): self.checkinit() - init_iv = SHA256.new(str(uuid4())[:8].encode()).hexdigest() + post_data = { - "type": binascii.hexlify("check".encode()), - "sessionid": binascii.hexlify(self.sessionid.encode()), - "name": binascii.hexlify(self.name.encode()), - "ownerid": binascii.hexlify(self.ownerid.encode()), - "init_iv": init_iv + "type": "check", + "sessionid": self.sessionid, + "name": self.name, + "ownerid": self.ownerid } response = self.__do_request(post_data) - response = encryption.decrypt(response, self.enckey, init_iv) json = jsond.loads(response) if json["success"]: return True @@ -396,18 +357,16 @@ def check(self): def checkblacklist(self): self.checkinit() hwid = others.get_hwid() - init_iv = SHA256.new(str(uuid4())[:8].encode()).hexdigest() + post_data = { - "type": binascii.hexlify("checkblacklist".encode()), - "hwid": encryption.encrypt(hwid, self.enckey, init_iv), - "sessionid": binascii.hexlify(self.sessionid.encode()), - "name": binascii.hexlify(self.name.encode()), - "ownerid": binascii.hexlify(self.ownerid.encode()), - "init_iv": init_iv + "type": "checkblacklist", + "hwid": hwid, + "sessionid": self.sessionid, + "name": self.name, + "ownerid": self.ownerid } response = self.__do_request(post_data) - response = encryption.decrypt(response, self.enckey, init_iv) json = jsond.loads(response) if json["success"]: return True @@ -416,40 +375,35 @@ def checkblacklist(self): def log(self, message): self.checkinit() - init_iv = SHA256.new(str(uuid4())[:8].encode()).hexdigest() post_data = { - "type": binascii.hexlify("log".encode()), - "pcuser": encryption.encrypt(os.getenv('username'), self.enckey, init_iv), - "message": encryption.encrypt(message, self.enckey, init_iv), - "sessionid": binascii.hexlify(self.sessionid.encode()), - "name": binascii.hexlify(self.name.encode()), - "ownerid": binascii.hexlify(self.ownerid.encode()), - "init_iv": init_iv + "type": "log", + "pcuser": os.getenv('username'), + "message": message, + "sessionid": self.sessionid, + "name": self.name, + "ownerid": self.ownerid } self.__do_request(post_data) def fetchOnline(self): self.checkinit() - init_iv = SHA256.new(str(uuid4())[:8].encode()).hexdigest() post_data = { - "type": binascii.hexlify("fetchOnline".encode()), - "sessionid": binascii.hexlify(self.sessionid.encode()), - "name": binascii.hexlify(self.name.encode()), - "ownerid": binascii.hexlify(self.ownerid.encode()), - "init_iv": init_iv + "type": "fetchOnline", + "sessionid": self.sessionid, + "name": self.name, + "ownerid": self.ownerid } response = self.__do_request(post_data) - response = encryption.decrypt(response, self.enckey, init_iv) json = jsond.loads(response) if json["success"]: if len(json["users"]) == 0: - return None # THIS IS ISSUE ON KEYAUTH SERVER SIDE 6.8.2022, so it will return none if it is not an array. + return None else: return json["users"] else: @@ -457,19 +411,16 @@ def fetchOnline(self): def chatGet(self, channel): self.checkinit() - init_iv = SHA256.new(str(uuid4())[:8].encode()).hexdigest() post_data = { - "type": binascii.hexlify("chatget".encode()), - "channel": encryption.encrypt(channel, self.enckey, init_iv), - "sessionid": binascii.hexlify(self.sessionid.encode()), - "name": binascii.hexlify(self.name.encode()), - "ownerid": binascii.hexlify(self.ownerid.encode()), - "init_iv": init_iv + "type": "chatget", + "channel": channel, + "sessionid": self.sessionid, + "name": self.name, + "ownerid": self.ownerid } response = self.__do_request(post_data) - response = encryption.decrypt(response, self.enckey, init_iv) json = jsond.loads(response) @@ -480,20 +431,17 @@ def chatGet(self, channel): def chatSend(self, message, channel): self.checkinit() - init_iv = SHA256.new(str(uuid4())[:8].encode()).hexdigest() post_data = { - "type": binascii.hexlify("chatsend".encode()), - "message": encryption.encrypt(message, self.enckey, init_iv), - "channel": encryption.encrypt(channel, self.enckey, init_iv), - "sessionid": binascii.hexlify(self.sessionid.encode()), - "name": binascii.hexlify(self.name.encode()), - "ownerid": binascii.hexlify(self.ownerid.encode()), - "init_iv": init_iv + "type": "chatsend", + "message": message, + "channel": channel, + "sessionid": self.sessionid, + "name": self.name, + "ownerid": self.ownerid } response = self.__do_request(post_data) - response = encryption.decrypt(response, self.enckey, init_iv) json = jsond.loads(response) @@ -510,18 +458,17 @@ def checkinit(self): def changeUsername(self, username): self.checkinit() - init_iv = SHA256.new(str(uuid4())[:8].encode()).hexdigest() + post_data = { - "type": binascii.hexlify("changeUsername".encode()), + "type": "changeUsername", "newUsername": username, - "sessionid": binascii.hexlify(self.sessionid.encode()), - "name": binascii.hexlify(self.name.encode()), - "ownerid": binascii.hexlify(self.ownerid.encode()), - "init_iv": init_iv + "sessionid": self.sessionid, + "name": self.name, + "ownerid": self.ownerid } response = self.__do_request(post_data) - response = encryption.decrypt(response, self.enckey, init_iv) + json = jsond.loads(response) if json["success"]: @@ -533,16 +480,28 @@ def changeUsername(self, username): def __do_request(self, post_data): try: - rq_out = s.post( - "https://keyauth.win/api/1.0/", data=post_data, timeout=30 + response = requests.post( + "https://keyauth.win/api/1.2/", data=post_data, timeout=10 ) - return rq_out.text + + key = self.secret if post_data["type"] == "init" else self.enckey + + client_computed = hmac.new(key.encode('utf-8'), response.text.encode('utf-8'), hashlib.sha256).hexdigest() + + signature = response.headers["signature"] + + if not hmac.compare_digest(client_computed, signature): + print("Signature checksum failed. Request was tampered with or session ended most likely.") + print("Response: " + response.text) + time.sleep(3) + os._exit(1) + + return response.text except requests.exceptions.Timeout: - print("Request timed out") + print("Request timed out. Server is probably down/slow at the moment") class application_data_class: numUsers = numKeys = app_ver = customer_panel = onlineUsers = "" - # region user_data class user_data_class: username = ip = hwid = expires = createdate = lastlogin = subscription = subscriptions = "" @@ -585,54 +544,3 @@ def get_hwid(): serial = output.decode().split('=', 1)[1].replace(' ', '') hwid = serial[1:-2] return hwid - - - -class encryption: - @staticmethod - def encrypt_string(plain_text, key, iv): - plain_text = pad(plain_text, 16) - - aes_instance = AES.new(key, AES.MODE_CBC, iv) - - raw_out = aes_instance.encrypt(plain_text) - - return binascii.hexlify(raw_out) - - @staticmethod - def decrypt_string(cipher_text, key, iv): - cipher_text = binascii.unhexlify(cipher_text) - - aes_instance = AES.new(key, AES.MODE_CBC, iv) - - cipher_text = aes_instance.decrypt(cipher_text) - - return unpad(cipher_text, 16) - - @staticmethod - def encrypt(message, enc_key, iv): - try: - _key = SHA256.new(enc_key.encode()).hexdigest()[:32] - - _iv = SHA256.new(iv.encode()).hexdigest()[:16] - - return encryption.encrypt_string(message.encode(), _key.encode(), _iv.encode()).decode() - except: - print("Encryption error. Make sure your app details are correct, see response below") - print("Response: " + message) - time.sleep(3) - os._exit(1) - - @staticmethod - def decrypt(message, enc_key, iv): - try: - _key = SHA256.new(enc_key.encode()).hexdigest()[:32] - - _iv = SHA256.new(iv.encode()).hexdigest()[:16] - - return encryption.decrypt_string(message.encode(), _key.encode(), _iv.encode()).decode() - except: - print("Encryption error. Make sure your app details are correct, see response below") - print("Response: " + message) - time.sleep(3) - os._exit(1) diff --git a/main.py b/main.py index c18561e..811b1bc 100644 --- a/main.py +++ b/main.py @@ -6,6 +6,8 @@ If you get an error saying it can't find module KeyAuth, try following this https://github.com/KeyAuth/KeyAuth-Python-Example#how-to-compile If that doesn't work for you, you can paste the contents of KeyAuth.py ABOVE this comment and then remove the "from keyauth import api" and that should work too. + +READ HERE TO LEARN ABOUT KEYAUTH FUNCTIONS https://github.com/KeyAuth/KeyAuth-Python-Example#keyauthapp-instance-definition ''' from keyauth import api @@ -59,13 +61,10 @@ def getchecksum(): Application Version: {keyauthapp.app_data.app_ver} Customer panel link: {keyauthapp.app_data.customer_panel} """) -print(f"Current Session Validation Status: {keyauthapp.check()}") -print(f"Blacklisted? : {keyauthapp.checkblacklist()}") # check if blacklisted, you can edit this and make it exit the program if blacklisted def answer(): try: - print(""" -1.Login + print("""1.Login 2.Register 3.Upgrade 4.License Key Only @@ -98,65 +97,6 @@ def answer(): answer() -# region Extra Functions - -# * Download Files form the server to your computer using the download function in the api class -# bytes = keyauthapp.file("FILEID") -# f = open("example.exe", "wb") -# f.write(bytes) -# f.close() - - -# * Set up user variable -# keyauthapp.setvar("varName", "varValue") - -# * Get user variable and print it -# data = keyauthapp.getvar("varName") -# print(data) - -# * Get normal variable and print it -# data = keyauthapp.var("varName") -# print(data) - -# * Log message to the server and then to your webhook what is set on app settings -# keyauthapp.log("Message") - -# * Get if the user pc have been blacklisted -# print(f"Blacklisted? : {keyauthapp.checkblacklist()}") - -# * See if the current session is validated -# print(f"Session Validated?: {keyauthapp.check()}") - - -# * example to send normal request with no POST data -# data = keyauthapp.webhook("WebhookID", "?type=resetuser&user=username") - -# * example to send form data -# data = keyauthapp.webhook("WebhookID", "", "type=init&name=test&ownerid=j9Gj0FTemM", "application/x-www-form-urlencoded") - -# * example to send JSON -# data = keyauthapp.webhook("WebhookID", "", "{\"content\": \"webhook message here\",\"embeds\": null}", "application/json") - -# * Get chat messages -# messages = keyauthapp.chatGet("CHANNEL") - -# Messages = "" -# for i in range(len(messages)): -# Messages += datetime.utcfromtimestamp(int(messages[i]["timestamp"])).strftime('%Y-%m-%d %H:%M:%S') + " - " + messages[i]["author"] + ": " + messages[i]["message"] + "\n" - -# print("\n\n" + Messages) - -# * Send chat message -# keyauthapp.chatSend("MESSAGE", "CHANNEL") - -# * Add Application Information to Title -# os.system(f"cls & title KeyAuth Python Example - Total Users: {keyauthapp.app_data.numUsers} - Online Users: {keyauthapp.app_data.onlineUsers} - Total Keys: {keyauthapp.app_data.numKeys}") - -# * Auto-Login Example (THIS IS JUST AN EXAMPLE --> YOU WILL HAVE TO EDIT THE CODE PROBABLY) -# 1. Checking and Reading JSON - -#### Note: Remove the ''' on line 151 and 226 - '''try: if os.path.isfile('auth.json'): #Checking if the auth file exist if jsond.load(open("auth.json"))["authusername"] == "": #Checks if the authusername is empty or not @@ -234,14 +174,11 @@ def answer(): print(e) os._exit(1)''' -# endregion - print("\nUser data: ") print("Username: " + keyauthapp.user_data.username) print("IP address: " + keyauthapp.user_data.ip) print("Hardware-Id: " + keyauthapp.user_data.hwid) -# print("Subcription: " + keyauthapp.user_data.subscription) ## Print Subscription "ONE" name subs = keyauthapp.user_data.subscriptions # Get all Subscription names, expiry, and timeleft for i in range(len(subs)): @@ -252,20 +189,9 @@ def answer(): print(f"[{i + 1} / {len(subs)}] | Subscription: {sub} - Expiry: {expiry} - Timeleft: {timeleft}") -onlineUsers = keyauthapp.fetchOnline() -OU = "" # KEEP THIS EMPTY FOR NOW, THIS WILL BE USED TO CREATE ONLINE USER STRING. -if onlineUsers is None: - OU = "No online users" -else: - for i in range(len(onlineUsers)): - OU += onlineUsers[i]["credential"] + " " - -print("\n" + OU + "\n") - print("Created at: " + datetime.utcfromtimestamp(int(keyauthapp.user_data.createdate)).strftime('%Y-%m-%d %H:%M:%S')) print("Last login at: " + datetime.utcfromtimestamp(int(keyauthapp.user_data.lastlogin)).strftime('%Y-%m-%d %H:%M:%S')) print("Expires at: " + datetime.utcfromtimestamp(int(keyauthapp.user_data.expires)).strftime('%Y-%m-%d %H:%M:%S')) -print(f"Current Session Validation Status: {keyauthapp.check()}") -print("Exiting in 10 secs....") -sleep(10) +print("\nExiting in five seconds..") +sleep(5) os._exit(1) diff --git a/requirements.txt b/requirements.txt index 0b0eaf5..e2c27ec 100644 --- a/requirements.txt +++ b/requirements.txt @@ -1,3 +1,2 @@ requests -pycryptodome pywin32 From ff42c0459572876c2e12d43778e7d31686affa5b Mon Sep 17 00:00:00 2001 From: William Nelson Date: Tue, 4 Jul 2023 10:48:53 -0400 Subject: [PATCH 082/106] Add fetchStats() function, fix session not found --- README.md | 1 + keyauth.py | 21 ++++++++++++++++++++- main.py | 15 +++------------ 3 files changed, 24 insertions(+), 13 deletions(-) diff --git a/README.md b/README.md index 6dadfab..aeffad4 100644 --- a/README.md +++ b/README.md @@ -72,6 +72,7 @@ You don't need to add any code to initalize. KeyAuth will initalize when the ins ## **Display application information** ```py +keyauthapp.fetchStats() print(f""" App data: Number of users: {keyauthapp.app_data.numUsers} diff --git a/keyauth.py b/keyauth.py index b07853c..1e13667 100644 --- a/keyauth.py +++ b/keyauth.py @@ -96,7 +96,9 @@ def init(self): self.sessionid = json["sessionid"] self.initialized = True - self.__load_app_data(json["appinfo"]) + + if json["newSession"]: + time.sleep(0.1) def register(self, user, password, license, hwid=None): self.checkinit() @@ -408,7 +410,24 @@ def fetchOnline(self): return json["users"] else: return None + + def fetchStats(self): + self.checkinit() + post_data = { + "type": "fetchStats", + "sessionid": self.sessionid, + "name": self.name, + "ownerid": self.ownerid + } + + response = self.__do_request(post_data) + + json = jsond.loads(response) + + if json["success"]: + self.__load_app_data(json["appinfo"]) + def chatGet(self, channel): self.checkinit() diff --git a/main.py b/main.py index 811b1bc..06e7fac 100644 --- a/main.py +++ b/main.py @@ -46,22 +46,13 @@ def getchecksum(): keyauthapp = api( - name = "", #App name (Manage Applications --> Application name) - ownerid = "", #Owner ID (Account-Settings --> OwnerID) - secret = "", #App secret(Manage Applications --> App credentials code) + name = "", + ownerid = "", + secret = "", version = "1.0", hash_to_check = getchecksum() ) -print(f""" -App data: -Number of users: {keyauthapp.app_data.numUsers} -Number of online users: {keyauthapp.app_data.onlineUsers} -Number of keys: {keyauthapp.app_data.numKeys} -Application Version: {keyauthapp.app_data.app_ver} -Customer panel link: {keyauthapp.app_data.customer_panel} -""") - def answer(): try: print("""1.Login From 968ad2aa10478eba0be967def2dda3e29416de48 Mon Sep 17 00:00:00 2001 From: api <110469682+apilol@users.noreply.github.com> Date: Sun, 16 Jul 2023 22:56:34 -0700 Subject: [PATCH 083/106] Add logout() function --- keyauth.py | 25 ++++++++++++++++++++++++- 1 file changed, 24 insertions(+), 1 deletion(-) diff --git a/keyauth.py b/keyauth.py index 1e13667..fe97d25 100644 --- a/keyauth.py +++ b/keyauth.py @@ -495,7 +495,30 @@ def changeUsername(self, username): else: print(json["message"]) time.sleep(3) - os._exit(1) + os._exit(1) + + def logout(self): + self.checkinit() + + post_data = { + "type": "logout", + "sessionid": self.sessionid, + "name": self.name, + "ownerid": self.ownerid + } + + response = self.__do_request(post_data) + + json = jsond.loads(response) + + if json["success"]: + print("Successfully logged out") + time.sleep(3) + os._exit(1) + else: + print(json["message"]) + time.sleep(3) + os._exit(1) def __do_request(self, post_data): try: From d86712f049e0ec813e36596dc9bd986b0a7df4b9 Mon Sep 17 00:00:00 2001 From: William Nelson <83034852+wnelson03@users.noreply.github.com> Date: Tue, 18 Jul 2023 10:38:00 -0400 Subject: [PATCH 084/106] Remove Discord --- README.md | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/README.md b/README.md index aeffad4..a65ae0c 100644 --- a/README.md +++ b/README.md @@ -3,7 +3,7 @@ KeyAuth Python example for the https://keyauth.cc authentication system. ## **Bugs** -If the default example not added to your software isn't functioning how it should, please join the Discord server https://discord.gg/keyauth and submit the issue in the `#bugs` channel. +If the default example not added to your software isn't functioning how it should, please report a bug here https://keyauth.cc/app/?page=forms However, we do **NOT** provide support for adding KeyAuth to your project. If you can't figure this out you should use Google or YouTube to learn more about the programming language you want to sell a program in. @@ -27,7 +27,7 @@ Thank you for your compliance, we work hard on the development of KeyAuth and do ## **What is KeyAuth?** -KeyAuth is an Open source authentication system with cloud hosting plans as well. Client SDKs available for [C#](https://github.com/KeyAuth/KeyAuth-CSHARP-Example), [C++](https://github.com/KeyAuth/KeyAuth-CPP-Example), [Python](https://github.com/KeyAuth/KeyAuth-Python-Example), [Java](https://github.com/SprayDown/KeyAuth-JAVA-api), [JavaScript](https://github.com/mazkdevf/KeyAuth-JS-Example), [VB.NET](https://github.com/KeyAuth/KeyAuth-VB-Example), [PHP](https://github.com/KeyAuth/KeyAuth-PHP-Example), [Rust](https://github.com/KeyAuth/KeyAuth-Rust-Example), [Go](https://github.com/mazkdevf/KeyAuth-Go-Example), [Lua](https://github.com/mazkdevf/KeyAuth-Lua-Examples), [Ruby](https://github.com/mazkdevf/KeyAuth-Ruby-Example), and [Perl](https://github.com/mazkdevf/KeyAuth-Perl-Example). KeyAuth has several unique features such as memory streaming, webhook function where you can send requests to API without leaking the API, discord webhook notifications, ban the user securely through the application at your discretion. Feel free to join https://discord.gg/keyauth if you have questions or suggestions. +KeyAuth is an Open source authentication system with cloud hosting plans as well. Client SDKs available for [C#](https://github.com/KeyAuth/KeyAuth-CSHARP-Example), [C++](https://github.com/KeyAuth/KeyAuth-CPP-Example), [Python](https://github.com/KeyAuth/KeyAuth-Python-Example), [Java](https://github.com/SprayDown/KeyAuth-JAVA-api), [JavaScript](https://github.com/mazkdevf/KeyAuth-JS-Example), [VB.NET](https://github.com/KeyAuth/KeyAuth-VB-Example), [PHP](https://github.com/KeyAuth/KeyAuth-PHP-Example), [Rust](https://github.com/KeyAuth/KeyAuth-Rust-Example), [Go](https://github.com/mazkdevf/KeyAuth-Go-Example), [Lua](https://github.com/mazkdevf/KeyAuth-Lua-Examples), [Ruby](https://github.com/mazkdevf/KeyAuth-Ruby-Example), and [Perl](https://github.com/mazkdevf/KeyAuth-Perl-Example). KeyAuth has several unique features such as memory streaming, webhook function where you can send requests to API without leaking the API, discord webhook notifications, ban the user securely through the application at your discretion. Feel free to join https://t.me/keyauth if you have questions or suggestions. ## **Customer connection issues?** From abe2c105eecfc762099179f7aa52013045a2adeb Mon Sep 17 00:00:00 2001 From: William Nelson <83034852+wnelson03@users.noreply.github.com> Date: Wed, 19 Jul 2023 22:43:40 -0400 Subject: [PATCH 085/106] Update Java link --- README.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/README.md b/README.md index a65ae0c..0f7b9a3 100644 --- a/README.md +++ b/README.md @@ -27,7 +27,7 @@ Thank you for your compliance, we work hard on the development of KeyAuth and do ## **What is KeyAuth?** -KeyAuth is an Open source authentication system with cloud hosting plans as well. Client SDKs available for [C#](https://github.com/KeyAuth/KeyAuth-CSHARP-Example), [C++](https://github.com/KeyAuth/KeyAuth-CPP-Example), [Python](https://github.com/KeyAuth/KeyAuth-Python-Example), [Java](https://github.com/SprayDown/KeyAuth-JAVA-api), [JavaScript](https://github.com/mazkdevf/KeyAuth-JS-Example), [VB.NET](https://github.com/KeyAuth/KeyAuth-VB-Example), [PHP](https://github.com/KeyAuth/KeyAuth-PHP-Example), [Rust](https://github.com/KeyAuth/KeyAuth-Rust-Example), [Go](https://github.com/mazkdevf/KeyAuth-Go-Example), [Lua](https://github.com/mazkdevf/KeyAuth-Lua-Examples), [Ruby](https://github.com/mazkdevf/KeyAuth-Ruby-Example), and [Perl](https://github.com/mazkdevf/KeyAuth-Perl-Example). KeyAuth has several unique features such as memory streaming, webhook function where you can send requests to API without leaking the API, discord webhook notifications, ban the user securely through the application at your discretion. Feel free to join https://t.me/keyauth if you have questions or suggestions. +KeyAuth is an Open source authentication system with cloud hosting plans as well. Client SDKs available for [C#](https://github.com/KeyAuth/KeyAuth-CSHARP-Example), [C++](https://github.com/KeyAuth/KeyAuth-CPP-Example), [Python](https://github.com/KeyAuth/KeyAuth-Python-Example), [Java](https://github.com/KeyAuth-Archive/KeyAuth-JAVA-api), [JavaScript](https://github.com/mazkdevf/KeyAuth-JS-Example), [VB.NET](https://github.com/KeyAuth/KeyAuth-VB-Example), [PHP](https://github.com/KeyAuth/KeyAuth-PHP-Example), [Rust](https://github.com/KeyAuth/KeyAuth-Rust-Example), [Go](https://github.com/mazkdevf/KeyAuth-Go-Example), [Lua](https://github.com/mazkdevf/KeyAuth-Lua-Examples), [Ruby](https://github.com/mazkdevf/KeyAuth-Ruby-Example), and [Perl](https://github.com/mazkdevf/KeyAuth-Perl-Example). KeyAuth has several unique features such as memory streaming, webhook function where you can send requests to API without leaking the API, discord webhook notifications, ban the user securely through the application at your discretion. Feel free to join https://t.me/keyauth if you have questions or suggestions. ## **Customer connection issues?** From bc33e4ded2c775c69b10feb1a2088a3db2fa1a25 Mon Sep 17 00:00:00 2001 From: api <110469682+apilol@users.noreply.github.com> Date: Fri, 28 Jul 2023 05:10:21 -0700 Subject: [PATCH 086/106] Fix log() function from erroring with signature check --- keyauth.py | 1 + 1 file changed, 1 insertion(+) diff --git a/keyauth.py b/keyauth.py index fe97d25..6a292db 100644 --- a/keyauth.py +++ b/keyauth.py @@ -527,6 +527,7 @@ def __do_request(self, post_data): ) key = self.secret if post_data["type"] == "init" else self.enckey + if post_data["type"] == "log": return response.text client_computed = hmac.new(key.encode('utf-8'), response.text.encode('utf-8'), hashlib.sha256).hexdigest() From eca4723e76faca86de12e7117f3379326d63142f Mon Sep 17 00:00:00 2001 From: api <110469682+apilol@users.noreply.github.com> Date: Wed, 2 Aug 2023 09:08:14 -0700 Subject: [PATCH 087/106] Update README to add logout func --- README.md | 9 +++++++++ 1 file changed, 9 insertions(+) diff --git a/README.md b/README.md index 0f7b9a3..5f9e24d 100644 --- a/README.md +++ b/README.md @@ -226,6 +226,15 @@ Function only works after login. keyauthapp.ban() ``` +## **Logout session** + +Logout the users session and close the application. + +This only works if the user is authenticated (logged in) +```py +keyauthapp.logout() +``` + ## **Server-sided webhooks** Tutorial video https://www.youtube.com/watch?v=ENRaNPPYJbc From 3948cfd541f52c76053195243c6034a78efb4726 Mon Sep 17 00:00:00 2001 From: api <110469682+apilol@users.noreply.github.com> Date: Wed, 16 Aug 2023 14:58:22 -0700 Subject: [PATCH 088/106] Update to support in-app custom responses & show how to support wmic as a get_hwid option --- keyauth.py | 23 +++++++++++++++++++---- 1 file changed, 19 insertions(+), 4 deletions(-) diff --git a/keyauth.py b/keyauth.py index 6a292db..2434bcb 100644 --- a/keyauth.py +++ b/keyauth.py @@ -121,7 +121,7 @@ def register(self, user, password, license, hwid=None): json = jsond.loads(response) if json["success"]: - print("Successfully registered") + print(json["message"]) self.__load_user_data(json["info"]) else: print(json["message"]) @@ -145,7 +145,7 @@ def upgrade(self, user, license): json = jsond.loads(response) if json["success"]: - print("Successfully upgraded user") + print(json["message"]) print("Please restart program and login") time.sleep(3) os._exit(1) @@ -175,7 +175,7 @@ def login(self, user, password, hwid=None): if json["success"]: self.__load_user_data(json["info"]) - print("Successfully logged in") + print(json["message"]) else: print(json["message"]) time.sleep(3) @@ -201,7 +201,7 @@ def license(self, key, hwid=None): if json["success"]: self.__load_user_data(json["info"]) - print("Successfully logged in with license") + print(json["message"]) else: print(json["message"]) time.sleep(3) @@ -582,6 +582,21 @@ def get_hwid(): sid = win32security.LookupAccountName(None, winuser)[0] # You can also use WMIC (better than SID, some users had problems with WMIC) hwid = win32security.ConvertSidToStringSid(sid) return hwid + ''' + cmd = subprocess.Popen( + "wmic useraccount where name='%username%' get sid", + stdout=subprocess.PIPE, + shell=True, + ) + + (suppost_sid, error) = cmd.communicate() + + suppost_sid = suppost_sid.split(b"\n")[1].strip() + + return suppost_sid.decode() + + ^^ HOW TO DO IT USING WMIC + ''' elif platform.system() == 'Darwin': output = subprocess.Popen("ioreg -l | grep IOPlatformSerialNumber", stdout=subprocess.PIPE, shell=True).communicate()[0] serial = output.decode().split('=', 1)[1].replace(' ', '') From f600402834817afa6759ea24a921c6d6b0a7aad3 Mon Sep 17 00:00:00 2001 From: William Nelson <83034852+wnelson03@users.noreply.github.com> Date: Mon, 21 Aug 2023 13:53:15 -0400 Subject: [PATCH 089/106] Link to VaultCord.com Looking for a Discord bot made by the KeyAuth & RestoreCord founder that you can use to backup your Discord members, server settings, and messages? Go to https://vaultcord.com --- README.md | 2 ++ 1 file changed, 2 insertions(+) diff --git a/README.md b/README.md index 5f9e24d..8c37d06 100644 --- a/README.md +++ b/README.md @@ -301,3 +301,5 @@ Example on how to send chat message. * Send chat message keyauthapp.chatSend("MESSAGE", "CHANNEL") ``` + +Looking for a Discord bot made by the KeyAuth & RestoreCord founder that you can use to backup your Discord members, server settings, and messages? Go to https://vaultcord.com From 3f43a4a539b47e906f584e60576aab8c2a54cf25 Mon Sep 17 00:00:00 2001 From: It's Networking <87145183+Its-Networking@users.noreply.github.com> Date: Wed, 15 Nov 2023 18:45:05 -0500 Subject: [PATCH 090/106] Update README.md --- README.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/README.md b/README.md index 8c37d06..9492941 100644 --- a/README.md +++ b/README.md @@ -1,4 +1,4 @@ -# KeyAuth-Python-Example +# KeyAuth-Python-Example : Please star 🌟 KeyAuth Python example for the https://keyauth.cc authentication system. ## **Bugs** From 1c7aea60a3f758bb341adfb43f911ef43de6334f Mon Sep 17 00:00:00 2001 From: It's Networking <87145183+Its-Networking@users.noreply.github.com> Date: Thu, 7 Dec 2023 14:18:10 -0500 Subject: [PATCH 091/106] Update README.md --- README.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/README.md b/README.md index 9492941..ce6a0f9 100644 --- a/README.md +++ b/README.md @@ -240,7 +240,7 @@ keyauthapp.logout() Tutorial video https://www.youtube.com/watch?v=ENRaNPPYJbc > **Note** -> Read documentation for KeyAuth webhooks here https://docs.keyauth.cc/website/dashboard/webhooks +> Read documentation for KeyAuth webhooks here https://docs.keyauth.cc/website/dashboard/webhooks](https://docs.keyauth.cc/website/dashboard/webhooks](https://keyauth.readme.io/reference/webhooks-1 Send HTTP requests to URLs securely without leaking the URL in your application. You should definitely use if you want to send requests to SellerAPI from your application, otherwise if you don't use you'll be leaking your seller key to everyone. And then someone can mess up your application. From 4c45951d98fcd37693b179c7e88f6bc243c8f0d3 Mon Sep 17 00:00:00 2001 From: It's Networking <87145183+Its-Networking@users.noreply.github.com> Date: Thu, 7 Dec 2023 14:21:54 -0500 Subject: [PATCH 092/106] Update README.md --- README.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/README.md b/README.md index ce6a0f9..9c8ce81 100644 --- a/README.md +++ b/README.md @@ -240,7 +240,7 @@ keyauthapp.logout() Tutorial video https://www.youtube.com/watch?v=ENRaNPPYJbc > **Note** -> Read documentation for KeyAuth webhooks here https://docs.keyauth.cc/website/dashboard/webhooks](https://docs.keyauth.cc/website/dashboard/webhooks](https://keyauth.readme.io/reference/webhooks-1 +> Read documentation for KeyAuth webhooks here https://keyauth.readme.io/reference/webhooks-1 Send HTTP requests to URLs securely without leaking the URL in your application. You should definitely use if you want to send requests to SellerAPI from your application, otherwise if you don't use you'll be leaking your seller key to everyone. And then someone can mess up your application. From a98c943f3a50b7d9595c15846f765b54c53d8cf9 Mon Sep 17 00:00:00 2001 From: Shxde <112267394+Shxde1@users.noreply.github.com> Date: Sun, 25 Feb 2024 15:08:21 -0500 Subject: [PATCH 093/106] Debug logs update --- keyauth.py | 15 +++++++++++++++ 1 file changed, 15 insertions(+) diff --git a/keyauth.py b/keyauth.py index 2434bcb..3987731 100644 --- a/keyauth.py +++ b/keyauth.py @@ -532,6 +532,20 @@ def __do_request(self, post_data): client_computed = hmac.new(key.encode('utf-8'), response.text.encode('utf-8'), hashlib.sha256).hexdigest() signature = response.headers["signature"] + + if not os.path.exists("C:\\ProgramData\\KeyAuth"): + os.makedirs("C:\\ProgramData\\KeyAuth") + os.makedirs("C:\\ProgramData\\KeyAuth\\Debug") + + exe_name = os.path.basename(__file__) + if not os.path.exists(f"C:\\ProgramData\\KeyAuth\\Debug\\{exe_name}"): + os.makedirs(f"C:\\ProgramData\\KeyAuth\\Debug\\{exe_name}") + + with open(f"C:\\ProgramData\\KeyAuth\\Debug\\{exe_name}\\log.txt", "a") as log_file: + if len(response.text) <= 200: + tampered = not hmac.compare_digest(client_computed, signature) + execution_time = time.strftime("%I:%M %p | %m/%d/%Y") + log_file.write(f"\n{execution_time} | {post_data['type']} \nResponse: {response.text}\n Was response tampered with? {tampered}\n") if not hmac.compare_digest(client_computed, signature): print("Signature checksum failed. Request was tampered with or session ended most likely.") @@ -602,3 +616,4 @@ def get_hwid(): serial = output.decode().split('=', 1)[1].replace(' ', '') hwid = serial[1:-2] return hwid + From 36499e3a571e83f4e7f03a186df803d44a0c8edd Mon Sep 17 00:00:00 2001 From: It's Networking <87145183+Its-Networking@users.noreply.github.com> Date: Thu, 15 Aug 2024 17:05:47 -0400 Subject: [PATCH 094/106] Update README.md --- README.md | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/README.md b/README.md index 9c8ce81..b70c708 100644 --- a/README.md +++ b/README.md @@ -57,10 +57,10 @@ It'll provide you with the code which you should replace with in the `main.py` f ```PY keyauthapp = api( - name = "example", #App name (Manage Applications --> Application name) - ownerid = "JjPMBVlIOd", #Owner ID (Account-Settings --> OwnerID) - secret = "db40d586f4b189e04e5c18c3c94b7e72221be3f6551995adc05236948d1762bc", #App secret(Manage Applications --> App credentials code) - version = "1.0", + name = "", #App name (Manage Applications --> Application name) + ownerid = "", #Owner ID (Account-Settings --> OwnerID) + secret = "", #App secret(Manage Applications --> App credentials code) + version = "", hash_to_check = getchecksum() ) ``` From de203125baafca3052a49560452753ab4295a678 Mon Sep 17 00:00:00 2001 From: William Nelson Date: Sat, 12 Oct 2024 01:04:22 -0400 Subject: [PATCH 095/106] Security update --- keyauth.py | 48 ++++++++++++++++++++++-------------------------- main.py | 7 +++---- requirements.txt | 1 + 3 files changed, 26 insertions(+), 30 deletions(-) diff --git a/keyauth.py b/keyauth.py index 3987731..045bcf1 100644 --- a/keyauth.py +++ b/keyauth.py @@ -2,11 +2,10 @@ import json as jsond # json import time # sleep before exit import binascii # hex encoding -from uuid import uuid4 # gen random guid import platform # check platform import subprocess # needed for mac device -import hmac # signature checksum -import hashlib # signature checksum +from datetime import datetime +from discord_interactions import verify_key # used for signature verification try: if os.name == 'nt': @@ -28,11 +27,11 @@ class api: - name = ownerid = secret = version = hash_to_check = "" + name = ownerid = version = hash_to_check = "" - def __init__(self, name, ownerid, secret, version, hash_to_check): - if len(ownerid) != 10 and len(secret) != 64: - print("Go to Manage Applications on dashboard, copy python code, and replace code in main.py with that") + def __init__(self, name, ownerid, version, hash_to_check): + if len(ownerid) != 10: + print("Visit https://keyauth.cc/app/, copy Pthon code, and replace code in main.py with that") time.sleep(3) os._exit(1) @@ -40,8 +39,6 @@ def __init__(self, name, ownerid, secret, version, hash_to_check): self.ownerid = ownerid - self.secret = secret - self.version = version self.hash_to_check = hash_to_check self.init() @@ -54,16 +51,11 @@ def init(self): print("You've already initialized!") time.sleep(3) os._exit(1) - - sent_key = str(uuid4())[:16] - - self.enckey = sent_key + "-" + self.secret post_data = { "type": "init", "ver": self.version, "hash": self.hash_to_check, - "enckey": sent_key, "name": self.name, "ownerid": self.ownerid } @@ -96,9 +88,6 @@ def init(self): self.sessionid = json["sessionid"] self.initialized = True - - if json["newSession"]: - time.sleep(0.1) def register(self, user, password, license, hwid=None): self.checkinit() @@ -523,15 +512,23 @@ def logout(self): def __do_request(self, post_data): try: response = requests.post( - "https://keyauth.win/api/1.2/", data=post_data, timeout=10 + "https://keyauth.win/api/1.3/", data=post_data, timeout=10 ) - key = self.secret if post_data["type"] == "init" else self.enckey - if post_data["type"] == "log": return response.text - - client_computed = hmac.new(key.encode('utf-8'), response.text.encode('utf-8'), hashlib.sha256).hexdigest() + if post_data["type"] == "log" or post_data["type"] == "file": return response.text - signature = response.headers["signature"] + signature = response.headers["x-signature-ed25519"] + timestamp = response.headers["x-signature-timestamp"] + + unix_timestamp = int(timestamp) + # Get the current time + current_time = datetime.now().timestamp() + + # Check if the timestamp is older than 15 seconds + if current_time - unix_timestamp > 15: + print("Timestamp OLD") + time.sleep(3) + os._exit(1) if not os.path.exists("C:\\ProgramData\\KeyAuth"): os.makedirs("C:\\ProgramData\\KeyAuth") @@ -543,11 +540,10 @@ def __do_request(self, post_data): with open(f"C:\\ProgramData\\KeyAuth\\Debug\\{exe_name}\\log.txt", "a") as log_file: if len(response.text) <= 200: - tampered = not hmac.compare_digest(client_computed, signature) execution_time = time.strftime("%I:%M %p | %m/%d/%Y") - log_file.write(f"\n{execution_time} | {post_data['type']} \nResponse: {response.text}\n Was response tampered with? {tampered}\n") + log_file.write(f"\n{execution_time} | {post_data['type']} \nResponse: {response.text}") - if not hmac.compare_digest(client_computed, signature): + if not verify_key(response.text.encode('utf-8'), signature, timestamp, '5586b4bc69c7a4b487e4563a4cd96afd39140f919bd31cea7d1c6a1e8439422b'): print("Signature checksum failed. Request was tampered with or session ended most likely.") print("Response: " + response.text) time.sleep(3) diff --git a/main.py b/main.py index 06e7fac..8aaded8 100644 --- a/main.py +++ b/main.py @@ -46,10 +46,9 @@ def getchecksum(): keyauthapp = api( - name = "", - ownerid = "", - secret = "", - version = "1.0", + name = "", # Application Name + ownerid = "", # Owner ID + version = "1.0", # Application Version hash_to_check = getchecksum() ) diff --git a/requirements.txt b/requirements.txt index e2c27ec..1778876 100644 --- a/requirements.txt +++ b/requirements.txt @@ -1,2 +1,3 @@ requests pywin32 +discord-interactions From c975c47c3aba0042da657cd49353e05be24963db Mon Sep 17 00:00:00 2001 From: William Nelson Date: Sat, 12 Oct 2024 16:32:57 -0400 Subject: [PATCH 096/106] Security Update - by VaultCord.com --- keyauth.py | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/keyauth.py b/keyauth.py index 045bcf1..78e872d 100644 --- a/keyauth.py +++ b/keyauth.py @@ -524,8 +524,8 @@ def __do_request(self, post_data): # Get the current time current_time = datetime.now().timestamp() - # Check if the timestamp is older than 15 seconds - if current_time - unix_timestamp > 15: + # Check if the timestamp is older than 20 seconds + if current_time - unix_timestamp > 20: print("Timestamp OLD") time.sleep(3) os._exit(1) From f738bfd59aeb60aa7be1ffe9e8b53cf362d61868 Mon Sep 17 00:00:00 2001 From: William Nelson <83034852+wnelson03@users.noreply.github.com> Date: Thu, 17 Oct 2024 12:30:51 -0400 Subject: [PATCH 097/106] Update README.md --- README.md | 10 +++++++--- 1 file changed, 7 insertions(+), 3 deletions(-) diff --git a/README.md b/README.md index b70c708..721a437 100644 --- a/README.md +++ b/README.md @@ -1,9 +1,10 @@ # KeyAuth-Python-Example : Please star 🌟 -KeyAuth Python example for the https://keyauth.cc authentication system. + +KeyAuth Python example SDK for https://keyauth.cc license key API auth. ## **Bugs** -If the default example not added to your software isn't functioning how it should, please report a bug here https://keyauth.cc/app/?page=forms +If you are using our example with no significant changes, and you are having problems, please Report Bug here https://keyauth.cc/app/?page=forms However, we do **NOT** provide support for adding KeyAuth to your project. If you can't figure this out you should use Google or YouTube to learn more about the programming language you want to sell a program in. @@ -29,6 +30,9 @@ Thank you for your compliance, we work hard on the development of KeyAuth and do KeyAuth is an Open source authentication system with cloud hosting plans as well. Client SDKs available for [C#](https://github.com/KeyAuth/KeyAuth-CSHARP-Example), [C++](https://github.com/KeyAuth/KeyAuth-CPP-Example), [Python](https://github.com/KeyAuth/KeyAuth-Python-Example), [Java](https://github.com/KeyAuth-Archive/KeyAuth-JAVA-api), [JavaScript](https://github.com/mazkdevf/KeyAuth-JS-Example), [VB.NET](https://github.com/KeyAuth/KeyAuth-VB-Example), [PHP](https://github.com/KeyAuth/KeyAuth-PHP-Example), [Rust](https://github.com/KeyAuth/KeyAuth-Rust-Example), [Go](https://github.com/mazkdevf/KeyAuth-Go-Example), [Lua](https://github.com/mazkdevf/KeyAuth-Lua-Examples), [Ruby](https://github.com/mazkdevf/KeyAuth-Ruby-Example), and [Perl](https://github.com/mazkdevf/KeyAuth-Perl-Example). KeyAuth has several unique features such as memory streaming, webhook function where you can send requests to API without leaking the API, discord webhook notifications, ban the user securely through the application at your discretion. Feel free to join https://t.me/keyauth if you have questions or suggestions. +> [!TIP] +> https://vaultcord.com FREE Discord bot to Backup server, members, channels, messages & more. Custom verify page, block alt accounts, VPNs & more. + ## **Customer connection issues?** This is common amongst all authentication systems. Program obfuscation causes false positives in virus scanners, and with the scale of KeyAuth this is perceived as a malicious domain. So, `keyauth.com` and `keyauth.win` have been blocked by many internet providers. for dashbord, reseller panel, customer panel, use `keyauth.cc` @@ -122,7 +126,7 @@ keyauthapp.register(user, password, license) Used so the user can add extra time to their account by claiming new key. -> **Warning** +> [!Warning] > No password is needed to upgrade account. So, unlike login, register, and license functions - you should **not** log user in after successful upgrade. ```py From 79031786c1ed29277bcbd2ce1944cd787a4bfffb Mon Sep 17 00:00:00 2001 From: William Nelson <83034852+wnelson03@users.noreply.github.com> Date: Thu, 17 Oct 2024 13:00:52 -0400 Subject: [PATCH 098/106] Update README.md --- README.md | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/README.md b/README.md index 721a437..8a3cc9f 100644 --- a/README.md +++ b/README.md @@ -243,7 +243,7 @@ keyauthapp.logout() Tutorial video https://www.youtube.com/watch?v=ENRaNPPYJbc -> **Note** +> [!NOTE] > Read documentation for KeyAuth webhooks here https://keyauth.readme.io/reference/webhooks-1 Send HTTP requests to URLs securely without leaking the URL in your application. You should definitely use if you want to send requests to SellerAPI from your application, otherwise if you don't use you'll be leaking your seller key to everyone. And then someone can mess up your application. @@ -267,7 +267,7 @@ data = keyauthapp.webhook("7kR0UedlVI", "", "{\"content\": \"webhook message her ## **Download file** -> **Note** +> [!NOTE] > Read documentation for KeyAuth files here https://docs.keyauth.cc/website/dashboard/files Keep files secure by providing KeyAuth your file download link on the KeyAuth dashboard. Make sure this is a direct download link (as soon as you go to the link, it starts downloading without you clicking anything). The KeyAuth download function provides the bytes, and then you get to decide what to do with those. This example shows how to write it to a file named `text.txt` in the same folder as the program, though you could execute with RunPE or whatever you want. From 11cc4cf10ef4e6614180328951c174f93e709904 Mon Sep 17 00:00:00 2001 From: William Nelson Date: Tue, 22 Oct 2024 16:27:04 -0400 Subject: [PATCH 099/106] Fix timestamp check --- keyauth.py | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/keyauth.py b/keyauth.py index 78e872d..b11b4cd 100644 --- a/keyauth.py +++ b/keyauth.py @@ -522,7 +522,7 @@ def __do_request(self, post_data): unix_timestamp = int(timestamp) # Get the current time - current_time = datetime.now().timestamp() + current_time = int(datetime.utcnow().timestamp()) # Check if the timestamp is older than 20 seconds if current_time - unix_timestamp > 20: From 1b89725436ddef4dd986662739f8c24388f5b8d9 Mon Sep 17 00:00:00 2001 From: It's Networking Date: Fri, 15 Nov 2024 15:05:11 -0500 Subject: [PATCH 100/106] Fix for TIMESTAMP OLD error some users would receive --- keyauth.py | 57 +++++++++++++++++++++++++++++++----------------------- 1 file changed, 33 insertions(+), 24 deletions(-) diff --git a/keyauth.py b/keyauth.py index b11b4cd..0b66678 100644 --- a/keyauth.py +++ b/keyauth.py @@ -4,7 +4,7 @@ import binascii # hex encoding import platform # check platform import subprocess # needed for mac device -from datetime import datetime +from datetime import datetime, timedelta from discord_interactions import verify_key # used for signature verification try: @@ -512,44 +512,54 @@ def logout(self): def __do_request(self, post_data): try: response = requests.post( - "https://keyauth.win/api/1.3/", data=post_data, timeout=10 + "https://keyauth.win/api/1.3/", data=post_data, timeout=10 ) - - if post_data["type"] == "log" or post_data["type"] == "file": return response.text - - signature = response.headers["x-signature-ed25519"] - timestamp = response.headers["x-signature-timestamp"] - - unix_timestamp = int(timestamp) - # Get the current time - current_time = int(datetime.utcnow().timestamp()) - - # Check if the timestamp is older than 20 seconds - if current_time - unix_timestamp > 20: - print("Timestamp OLD") + + if post_data["type"] == "log" or post_data["type"] == "file": + return response.text + + # Get the signature and timestamp from the headers + signature = response.headers.get("x-signature-ed25519") + timestamp = response.headers.get("x-signature-timestamp") + + if not signature or not timestamp: + print("Missing headers for signature verification.") + time.sleep(3) + os._exit(1) + + server_time = datetime.utcfromtimestamp(int(timestamp)) + current_time = datetime.utcnow() + + buffer_seconds = 5 + time_difference = current_time - server_time + + if time_difference > timedelta(seconds=20 + buffer_seconds): + print("Timestamp is too old (exceeded 20 seconds + buffer).") time.sleep(3) os._exit(1) + # Proceed with creating debug folders and logging if not os.path.exists("C:\\ProgramData\\KeyAuth"): - os.makedirs("C:\\ProgramData\\KeyAuth") os.makedirs("C:\\ProgramData\\KeyAuth\\Debug") exe_name = os.path.basename(__file__) - if not os.path.exists(f"C:\\ProgramData\\KeyAuth\\Debug\\{exe_name}"): - os.makedirs(f"C:\\ProgramData\\KeyAuth\\Debug\\{exe_name}") + log_dir = f"C:\\ProgramData\\KeyAuth\\Debug\\{exe_name}" + if not os.path.exists(log_dir): + os.makedirs(log_dir) - with open(f"C:\\ProgramData\\KeyAuth\\Debug\\{exe_name}\\log.txt", "a") as log_file: + with open(f"{log_dir}\\log.txt", "a") as log_file: if len(response.text) <= 200: execution_time = time.strftime("%I:%M %p | %m/%d/%Y") log_file.write(f"\n{execution_time} | {post_data['type']} \nResponse: {response.text}") - + if not verify_key(response.text.encode('utf-8'), signature, timestamp, '5586b4bc69c7a4b487e4563a4cd96afd39140f919bd31cea7d1c6a1e8439422b'): print("Signature checksum failed. Request was tampered with or session ended most likely.") print("Response: " + response.text) time.sleep(3) - os._exit(1) - + os._exit(1) + return response.text + except requests.exceptions.Timeout: print("Request timed out. Server is probably down/slow at the moment") @@ -611,5 +621,4 @@ def get_hwid(): output = subprocess.Popen("ioreg -l | grep IOPlatformSerialNumber", stdout=subprocess.PIPE, shell=True).communicate()[0] serial = output.decode().split('=', 1)[1].replace(' ', '') hwid = serial[1:-2] - return hwid - + return hwid \ No newline at end of file From 40a896a6beb4da2f8c7c655d7faef71064a8be12 Mon Sep 17 00:00:00 2001 From: CodeGraph <87975966+Coolbossco@users.noreply.github.com> Date: Mon, 18 Nov 2024 10:18:05 -0500 Subject: [PATCH 101/106] Fixed .utcfromtimestamp() deprecation error --- main.py | 10 +++++----- 1 file changed, 5 insertions(+), 5 deletions(-) diff --git a/main.py b/main.py index 8aaded8..02d918c 100644 --- a/main.py +++ b/main.py @@ -17,7 +17,7 @@ import os import hashlib from time import sleep -from datetime import datetime +from datetime import datetime, UTC # import json as jsond # ^^ only for auto login/json writing/reading @@ -173,15 +173,15 @@ def answer(): subs = keyauthapp.user_data.subscriptions # Get all Subscription names, expiry, and timeleft for i in range(len(subs)): sub = subs[i]["subscription"] # Subscription from every Sub - expiry = datetime.utcfromtimestamp(int(subs[i]["expiry"])).strftime( + expiry = datetime.fromtimestamp(int(subs[i]["expiry"]), UTC).strftime( '%Y-%m-%d %H:%M:%S') # Expiry date from every Sub timeleft = subs[i]["timeleft"] # Timeleft from every Sub print(f"[{i + 1} / {len(subs)}] | Subscription: {sub} - Expiry: {expiry} - Timeleft: {timeleft}") -print("Created at: " + datetime.utcfromtimestamp(int(keyauthapp.user_data.createdate)).strftime('%Y-%m-%d %H:%M:%S')) -print("Last login at: " + datetime.utcfromtimestamp(int(keyauthapp.user_data.lastlogin)).strftime('%Y-%m-%d %H:%M:%S')) -print("Expires at: " + datetime.utcfromtimestamp(int(keyauthapp.user_data.expires)).strftime('%Y-%m-%d %H:%M:%S')) +print("Created at: " + datetime.fromtimestamp(int(keyauthapp.user_data.createdate), UTC).strftime('%Y-%m-%d %H:%M:%S')) +print("Last login at: " + datetime.fromtimestamp(int(keyauthapp.user_data.lastlogin), UTC).strftime('%Y-%m-%d %H:%M:%S')) +print("Expires at: " + datetime.fromtimestamp(int(keyauthapp.user_data.expires), UTC).strftime('%Y-%m-%d %H:%M:%S')) print("\nExiting in five seconds..") sleep(5) os._exit(1) From ec1d376907baf4692ce9c7c78a70aebeb76a56b2 Mon Sep 17 00:00:00 2001 From: CodeGraph <87975966+Coolbossco@users.noreply.github.com> Date: Mon, 18 Nov 2024 11:05:08 -0500 Subject: [PATCH 102/106] Update README.md --- README.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/README.md b/README.md index 8a3cc9f..68dce63 100644 --- a/README.md +++ b/README.md @@ -44,7 +44,7 @@ For API, `keyauth.cc` will not work because I purposefully blocked it on there s You can either use Pyinstaller or Nuitka. Links: -- Nutika: https://nuitka.net/ +- Nuitka: https://nuitka.net/ - Pyinstaller: https://pyinstaller.org/ Pyinstaller: From a39741cc811bf0a1a1b14c547c4a9a14be0c9013 Mon Sep 17 00:00:00 2001 From: It's Networking Date: Thu, 19 Dec 2024 11:08:23 -0500 Subject: [PATCH 103/106] Two Factor Authentication Added --- keyauth.py | 123 ++++++++++++++++++++++++++++++++++++++++++----------- main.py | 44 +++++++++++++++---- 2 files changed, 132 insertions(+), 35 deletions(-) diff --git a/keyauth.py b/keyauth.py index 0b66678..4eb9558 100644 --- a/keyauth.py +++ b/keyauth.py @@ -4,8 +4,11 @@ import binascii # hex encoding import platform # check platform import subprocess # needed for mac device -from datetime import datetime, timedelta +import qrcode +from datetime import datetime, timezone, timedelta from discord_interactions import verify_key # used for signature verification +from PIL import Image + try: if os.name == 'nt': @@ -143,7 +146,7 @@ def upgrade(self, user, license): time.sleep(3) os._exit(1) - def login(self, user, password, hwid=None): + def login(self, user, password, code=None, hwid=None): self.checkinit() if hwid is None: hwid = others.get_hwid() @@ -155,8 +158,11 @@ def login(self, user, password, hwid=None): "hwid": hwid, "sessionid": self.sessionid, "name": self.name, - "ownerid": self.ownerid + "ownerid": self.ownerid, } + + if code is not None: + post_data["code"] = code response = self.__do_request(post_data) @@ -170,7 +176,7 @@ def login(self, user, password, hwid=None): time.sleep(3) os._exit(1) - def license(self, key, hwid=None): + def license(self, key, code=None, hwid=None): self.checkinit() if hwid is None: hwid = others.get_hwid() @@ -183,6 +189,9 @@ def license(self, key, hwid=None): "name": self.name, "ownerid": self.ownerid } + + if code is not None: + post_data["code"] = code response = self.__do_request(post_data) @@ -507,15 +516,87 @@ def logout(self): else: print(json["message"]) time.sleep(3) - os._exit(1) + os._exit(1) + + def enable2fa(self, code=None): + self.checkinit() + + post_data = { + "type": "2faenable", + "sessionid": self.sessionid, + "name": self.name, + "ownerid": self.ownerid, + "code": code + } + + response = self.__do_request(post_data) + + json = jsond.loads(response) + + if json["success"]: + if code is None: + # First request: Display the 2FA secret code + print(f"Your 2FA secret code is: {json['2fa']['secret_code']}") + qr_code = json['2fa']['QRCode'] + self.display_qr_code(qr_code) + code_input = input("Enter the 6 digit 2fa code to enable 2fa: ") + self.enable2fa(code_input); + else: + # Second request: Confirm successful 2FA activation + print("2FA has been successfully enabled!") + time.sleep(3) + else: + print(f"Error: {json['message']}") + time.sleep(3) + os._exit(1) + + def disable2fa(self, code=None): + self.checkinit() + + code = input("Enter the 6 digit 2fa code to disable 2fa: ") + + post_data = { + "type": "2fadisable", + "sessionid": self.sessionid, + "name": self.name, + "ownerid": self.ownerid, + "code": code + } + + response = self.__do_request(post_data) + + json = jsond.loads(response) + + print(json['message']) + time.sleep(3) + + + def display_qr_code(self, qr_code_url): + # Generate QR code image + qr = qrcode.QRCode( + version=1, + error_correction=qrcode.constants.ERROR_CORRECT_L, + box_size=10, + border=4, + ) + + # Add the QR code URL data + qr.add_data(qr_code_url) + qr.make(fit=True) + + # Create an image from the QR code + img = qr.make_image(fill='black', back_color='white') + + # Display the QR code image + img.show() def __do_request(self, post_data): try: response = requests.post( - "https://keyauth.win/api/1.3/", data=post_data, timeout=10 + "https://keyauth.win/api/1.3/", data=post_data, timeout=10 ) - if post_data["type"] == "log" or post_data["type"] == "file": + if post_data["type"] == "log" or post_data["type"] == "file" or post_data["type"] == "2faenable" or post_data["type"] == "2fadisable": return response.text # Get the signature and timestamp from the headers @@ -527,8 +608,12 @@ def __do_request(self, post_data): time.sleep(3) os._exit(1) - server_time = datetime.utcfromtimestamp(int(timestamp)) - current_time = datetime.utcnow() + server_time = datetime.fromtimestamp(int(timestamp), timezone.utc) + current_time = datetime.now(timezone.utc) + + #print(f"Server Timestamp (UTC seconds): {timestamp}") + #print(f"Server Time (UTC seconds): {server_time.timestamp()}") + #print(f"Current Time (UTC seconds): {current_time.timestamp()}") buffer_seconds = 5 time_difference = current_time - server_time @@ -538,31 +623,17 @@ def __do_request(self, post_data): time.sleep(3) os._exit(1) - # Proceed with creating debug folders and logging - if not os.path.exists("C:\\ProgramData\\KeyAuth"): - os.makedirs("C:\\ProgramData\\KeyAuth\\Debug") - - exe_name = os.path.basename(__file__) - log_dir = f"C:\\ProgramData\\KeyAuth\\Debug\\{exe_name}" - if not os.path.exists(log_dir): - os.makedirs(log_dir) - - with open(f"{log_dir}\\log.txt", "a") as log_file: - if len(response.text) <= 200: - execution_time = time.strftime("%I:%M %p | %m/%d/%Y") - log_file.write(f"\n{execution_time} | {post_data['type']} \nResponse: {response.text}") - if not verify_key(response.text.encode('utf-8'), signature, timestamp, '5586b4bc69c7a4b487e4563a4cd96afd39140f919bd31cea7d1c6a1e8439422b'): print("Signature checksum failed. Request was tampered with or session ended most likely.") - print("Response: " + response.text) time.sleep(3) os._exit(1) return response.text - except requests.exceptions.Timeout: + except requests.exceptions.Timeout: print("Request timed out. Server is probably down/slow at the moment") - + + class application_data_class: numUsers = numKeys = app_ver = customer_panel = onlineUsers = "" diff --git a/main.py b/main.py index 02d918c..6fc86d7 100644 --- a/main.py +++ b/main.py @@ -28,11 +28,12 @@ def clear(): if platform.system() == 'Windows': os.system('cls & title Python Example') # clear console, change title elif platform.system() == 'Linux': - os.system('clear') # clear console - sys.stdout.write("\x1b]0;Python Example\x07") # change title + os.system('clear') # Clear the terminal + sys.stdout.write("\033]0;Python Example\007") # Set terminal title + sys.stdout.flush() elif platform.system() == 'Darwin': - os.system("clear && printf '\e[3J'") # clear console - os.system('''echo - n - e "\033]0;Python Example\007"''') # change title + os.system("clear && printf '\033[3J'") # Clear terminal and scrollback + os.system('echo -n -e "\033]0;Python Example\007"') # Set terminal title print("Initializing") @@ -46,9 +47,9 @@ def getchecksum(): keyauthapp = api( - name = "", # Application Name - ownerid = "", # Owner ID - version = "1.0", # Application Version + name = "", # App name + ownerid = "", # Account ID + version = "", # Application version. Used for automatic downloads see video here https://www.youtube.com/watch?v=kW195PLCBKs hash_to_check = getchecksum() ) @@ -63,7 +64,8 @@ def answer(): if ans == "1": user = input('Provide username: ') password = input('Provide password: ') - keyauthapp.login(user, password) + code = input('Enter 2fa code: (not using 2fa? Just press enter)') + keyauthapp.login(user, password, code) elif ans == "2": user = input('Provide username: ') password = input('Provide password: ') @@ -75,7 +77,8 @@ def answer(): keyauthapp.upgrade(user, license) elif ans == "4": key = input('Enter your license: ') - keyauthapp.license(key) + code = input('Enter 2fa code: (not using 2fa? Just press enter)') + keyauthapp.license(key, code) else: print("\nInvalid option") sleep(1) @@ -164,7 +167,16 @@ def answer(): print(e) os._exit(1)''' +keyauthapp.fetchStats() +# Display Application Data +print("\nApplication data: ") +print("App Version: " + keyauthapp.app_data.app_ver) +print("Customer Panel Link: " + keyauthapp.app_data.customer_panel) +print("Number of Keys: " + keyauthapp.app_data.numKeys) +print("Number of Users: " + keyauthapp.app_data.numUsers) +print("Online Users: " + keyauthapp.app_data.onlineUsers) +# Display User Data print("\nUser data: ") print("Username: " + keyauthapp.user_data.username) print("IP address: " + keyauthapp.user_data.ip) @@ -182,6 +194,20 @@ def answer(): print("Created at: " + datetime.fromtimestamp(int(keyauthapp.user_data.createdate), UTC).strftime('%Y-%m-%d %H:%M:%S')) print("Last login at: " + datetime.fromtimestamp(int(keyauthapp.user_data.lastlogin), UTC).strftime('%Y-%m-%d %H:%M:%S')) print("Expires at: " + datetime.fromtimestamp(int(keyauthapp.user_data.expires), UTC).strftime('%Y-%m-%d %H:%M:%S')) + +# Two Factor Authentication +print("\nTwo Factor Authentication:") +print("1. Enable 2FA") +print("2. Disable 2FA") + +tfaans = input("Select Option: ") +if tfaans == "1": + keyauthapp.enable2fa() # You only need to call this once as it's called in the API file. +elif tfaans == "2": + keyauthapp.disable2fa() # You only need to call this once as it's called in the API file, and should ideally only need to be called once anyways. +else: + print("\nInvalid Option") + print("\nExiting in five seconds..") sleep(5) os._exit(1) From 0383ac005370aeee0fa86e85981b85df7f81ad50 Mon Sep 17 00:00:00 2001 From: It's Networking <87145183+Its-Networking@users.noreply.github.com> Date: Fri, 20 Dec 2024 17:20:55 -0500 Subject: [PATCH 104/106] Update README.md --- README.md | 16 ++++++++++++++++ 1 file changed, 16 insertions(+) diff --git a/README.md b/README.md index 68dce63..1ee9dc3 100644 --- a/README.md +++ b/README.md @@ -230,6 +230,22 @@ Function only works after login. keyauthapp.ban() ``` +## **Enable Two Factor Authentication (2fa)** + +Enable two factor authentication (2fa) on a client account. + +```py +keyauthapp.enable2fa() +``` + +## **Disable Two Factor Authentication (2fa)** + +Disable two factor authentication (2fa) on a client account. + +```py +keyauthapp.disable2fa() +``` + ## **Logout session** Logout the users session and close the application. From 12a6657b304dd5177e02aeff66a984adbf4e012a Mon Sep 17 00:00:00 2001 From: u8ej1337 Date: Sun, 12 Jan 2025 09:06:46 -0500 Subject: [PATCH 105/106] you forgot to add requirements for the qrcode stuff. --- requirements.txt | 2 ++ 1 file changed, 2 insertions(+) diff --git a/requirements.txt b/requirements.txt index 1778876..b57953d 100644 --- a/requirements.txt +++ b/requirements.txt @@ -1,3 +1,5 @@ requests pywin32 discord-interactions +qrcode +pillow From fd663900d7c7aa637ecc4df6652d927c1d300a86 Mon Sep 17 00:00:00 2001 From: It's Networking <87145183+Its-Networking@users.noreply.github.com> Date: Sat, 13 Dec 2025 17:03:22 -0500 Subject: [PATCH 106/106] Revise KeyAuth description for clarity and impact --- README.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/README.md b/README.md index 1ee9dc3..82cdd14 100644 --- a/README.md +++ b/README.md @@ -28,7 +28,7 @@ Thank you for your compliance, we work hard on the development of KeyAuth and do ## **What is KeyAuth?** -KeyAuth is an Open source authentication system with cloud hosting plans as well. Client SDKs available for [C#](https://github.com/KeyAuth/KeyAuth-CSHARP-Example), [C++](https://github.com/KeyAuth/KeyAuth-CPP-Example), [Python](https://github.com/KeyAuth/KeyAuth-Python-Example), [Java](https://github.com/KeyAuth-Archive/KeyAuth-JAVA-api), [JavaScript](https://github.com/mazkdevf/KeyAuth-JS-Example), [VB.NET](https://github.com/KeyAuth/KeyAuth-VB-Example), [PHP](https://github.com/KeyAuth/KeyAuth-PHP-Example), [Rust](https://github.com/KeyAuth/KeyAuth-Rust-Example), [Go](https://github.com/mazkdevf/KeyAuth-Go-Example), [Lua](https://github.com/mazkdevf/KeyAuth-Lua-Examples), [Ruby](https://github.com/mazkdevf/KeyAuth-Ruby-Example), and [Perl](https://github.com/mazkdevf/KeyAuth-Perl-Example). KeyAuth has several unique features such as memory streaming, webhook function where you can send requests to API without leaking the API, discord webhook notifications, ban the user securely through the application at your discretion. Feel free to join https://t.me/keyauth if you have questions or suggestions. +KeyAuth is a powerful cloud-based authentication system designed to protect your software from piracy and unauthorized access. With KeyAuth, you can implement secure licensing, user management, and subscription systems in minutes. Client SDKs available for [C#](https://github.com/KeyAuth/KeyAuth-CSHARP-Example), [C++](https://github.com/KeyAuth/KeyAuth-CPP-Example), [Python](https://github.com/KeyAuth/KeyAuth-Python-Example), [Java](https://github.com/KeyAuth-Archive/KeyAuth-JAVA-api), [JavaScript](https://github.com/mazkdevf/KeyAuth-JS-Example), [VB.NET](https://github.com/KeyAuth/KeyAuth-VB-Example), [PHP](https://github.com/KeyAuth/KeyAuth-PHP-Example), [Rust](https://github.com/KeyAuth/KeyAuth-Rust-Example), [Go](https://github.com/mazkdevf/KeyAuth-Go-Example), [Lua](https://github.com/mazkdevf/KeyAuth-Lua-Examples), [Ruby](https://github.com/mazkdevf/KeyAuth-Ruby-Example), and [Perl](https://github.com/mazkdevf/KeyAuth-Perl-Example). KeyAuth has several unique features such as memory streaming, webhook function where you can send requests to API without leaking the API, discord webhook notifications, ban the user securely through the application at your discretion. Feel free to join https://t.me/keyauth if you have questions or suggestions. > [!TIP] > https://vaultcord.com FREE Discord bot to Backup server, members, channels, messages & more. Custom verify page, block alt accounts, VPNs & more.