diff --git a/.github/workflows/pr_notification.yml b/.github/workflows/pr_notification.yml new file mode 100644 index 0000000..de44c8b --- /dev/null +++ b/.github/workflows/pr_notification.yml @@ -0,0 +1,12 @@ +name: Pull Request Notification + +on: + pull_request_target: + types: + - opened + +jobs: + notify: + uses: KeyAuth/.github/.github/workflows/pr_notification_global.yml@main + secrets: + DISCORD_PR: ${{ secrets.DISCORD_PR }} diff --git a/LICENSE b/LICENSE index ae153be..809108b 100644 --- a/LICENSE +++ b/LICENSE @@ -1,21 +1,93 @@ -MIT License - -Copyright (c) 2020 KeyAuth - -Permission is hereby granted, free of charge, to any person obtaining a copy -of this software and associated documentation files (the "Software"), to deal -in the Software without restriction, including without limitation the rights -to use, copy, modify, merge, publish, distribute, sublicense, and/or sell -copies of the Software, and to permit persons to whom the Software is -furnished to do so, subject to the following conditions: - -The above copyright notice and this permission notice shall be included in all -copies or substantial portions of the Software. - -THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR -IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, -FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE -AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER -LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, -OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE -SOFTWARE. +Elastic License 2.0 + +URL: https://www.elastic.co/licensing/elastic-license + +## Acceptance + +By using the software, you agree to all of the terms and conditions below. + +## Copyright License + +The licensor grants you a non-exclusive, royalty-free, worldwide, +non-sublicensable, non-transferable license to use, copy, distribute, make +available, and prepare derivative works of the software, in each case subject to +the limitations and conditions below. + +## Limitations + +You may not provide the software to third parties as a hosted or managed +service, where the service provides users with access to any substantial set of +the features or functionality of the software. + +You may not move, change, disable, or circumvent the license key functionality +in the software, and you may not remove or obscure any functionality in the +software that is protected by the license key. + +You may not alter, remove, or obscure any licensing, copyright, or other notices +of the licensor in the software. Any use of the licensor’s trademarks is subject +to applicable law. + +## Patents + +The licensor grants you a license, under any patent claims the licensor can +license, or becomes able to license, to make, have made, use, sell, offer for +sale, import and have imported the software, in each case subject to the +limitations and conditions in this license. This license does not cover any +patent claims that you cause to be infringed by modifications or additions to +the software. If you or your company make any written claim that the software +infringes or contributes to infringement of any patent, your patent license for +the software granted under these terms ends immediately. If your company makes +such a claim, your patent license ends immediately for work on behalf of your +company. + +## Notices + +You must ensure that anyone who gets a copy of any part of the software from you +also gets a copy of these terms. + +If you modify the software, you must include in any modified copies of the +software prominent notices stating that you have modified the software. + +## No Other Rights + +These terms do not imply any licenses other than those expressly granted in +these terms. + +## Termination + +If you use the software in violation of these terms, such use is not licensed, +and your licenses will automatically terminate. If the licensor provides you +with a notice of your violation, and you cease all violation of this license no +later than 30 days after you receive that notice, your licenses will be +reinstated retroactively. However, if you violate these terms after such +reinstatement, any additional violation of these terms will cause your licenses +to terminate automatically and permanently. + +## No Liability + +*As far as the law allows, the software comes as is, without any warranty or +condition, and the licensor will not be liable to you for any damages arising +out of these terms or the use or nature of the software, under any kind of +legal claim.* + +## Definitions + +The **licensor** is the entity offering these terms, and the **software** is the +software the licensor makes available under these terms, including any portion +of it. + +**you** refers to the individual or entity agreeing to these terms. + +**your company** is any legal entity, sole proprietorship, or other kind of +organization that you work for, plus all organizations that have control over, +are under the control of, or are under common control with that +organization. **control** means ownership of substantially all the assets of an +entity, or the power to direct its management and policies by vote, contract, or +otherwise. Control can be direct or indirect. + +**your licenses** are all the licenses granted to you for the software under +these terms. + +**use** means anything you do with the software requiring one of your licenses. + +**trademark** means trademarks, service marks, and similar rights. diff --git a/README.md b/README.md index c80b1ba..82cdd14 100644 --- a/README.md +++ b/README.md @@ -1,23 +1,325 @@ -# KeyAuth-Python-Example -KeyAuth Python Example For The https://keyauth.com Authentication system. +# KeyAuth-Python-Example : Please star 🌟 -# Instructions +KeyAuth Python example SDK for https://keyauth.cc license key API auth. -Install Python (make sure to add to PATH) +## **Bugs** -Open Command Prompt +If you are using our example with no significant changes, and you are having problems, please Report Bug here https://keyauth.cc/app/?page=forms -use the cd command to navigate to the path of the KeyAuth files +However, we do **NOT** provide support for adding KeyAuth to your project. If you can't figure this out you should use Google or YouTube to learn more about the programming language you want to sell a program in. -run `pip install -r requirements.txt` +## Copyright License -set your application information in main.py +KeyAuth is licensed under **Elastic License 2.0** -then run `python main.py` +* You may not provide the software to third parties as a hosted or managed +service, where the service provides users with access to any substantial set of +the features or functionality of the software. -Setup video: https://www.youtube.com/watch?v=L2eAQOmuUiA +* You may not move, change, disable, or circumvent the license key functionality +in the software, and you may not remove or obscure any functionality in the +software that is protected by the license key. -**What is KeyAuth?** +* You may not alter, remove, or obscure any licensing, copyright, or other notices +of the licensor in the software. Any use of the licensor’s trademarks is subject +to applicable law. -KeyAuth is a GameChanging authentication system. We have never-seen before features, and we listen to our customers. -Feel free to join https://keyauth.com/discord/ if you have questions or suggestions. +Thank you for your compliance, we work hard on the development of KeyAuth and do not appreciate our copyright being infringed. + +## **What is KeyAuth?** + +KeyAuth is a powerful cloud-based authentication system designed to protect your software from piracy and unauthorized access. With KeyAuth, you can implement secure licensing, user management, and subscription systems in minutes. Client SDKs available for [C#](https://github.com/KeyAuth/KeyAuth-CSHARP-Example), [C++](https://github.com/KeyAuth/KeyAuth-CPP-Example), [Python](https://github.com/KeyAuth/KeyAuth-Python-Example), [Java](https://github.com/KeyAuth-Archive/KeyAuth-JAVA-api), [JavaScript](https://github.com/mazkdevf/KeyAuth-JS-Example), [VB.NET](https://github.com/KeyAuth/KeyAuth-VB-Example), [PHP](https://github.com/KeyAuth/KeyAuth-PHP-Example), [Rust](https://github.com/KeyAuth/KeyAuth-Rust-Example), [Go](https://github.com/mazkdevf/KeyAuth-Go-Example), [Lua](https://github.com/mazkdevf/KeyAuth-Lua-Examples), [Ruby](https://github.com/mazkdevf/KeyAuth-Ruby-Example), and [Perl](https://github.com/mazkdevf/KeyAuth-Perl-Example). KeyAuth has several unique features such as memory streaming, webhook function where you can send requests to API without leaking the API, discord webhook notifications, ban the user securely through the application at your discretion. Feel free to join https://t.me/keyauth if you have questions or suggestions. + +> [!TIP] +> https://vaultcord.com FREE Discord bot to Backup server, members, channels, messages & more. Custom verify page, block alt accounts, VPNs & more. + +## **Customer connection issues?** + +This is common amongst all authentication systems. Program obfuscation causes false positives in virus scanners, and with the scale of KeyAuth this is perceived as a malicious domain. So, `keyauth.com` and `keyauth.win` have been blocked by many internet providers. for dashbord, reseller panel, customer panel, use `keyauth.cc` + +For API, `keyauth.cc` will not work because I purposefully blocked it on there so `keyauth.cc` doesn't get blocked also. So, you should create your own domain and follow this tutorial video https://www.youtube.com/watch?v=a2SROFJ0eYc. The tutorial video shows you how to create a domain name for 100% free if you don't want to purchase one. + +## **How to compile?** + +You can either use Pyinstaller or Nuitka. + +Links: +- Nuitka: https://nuitka.net/ +- Pyinstaller: https://pyinstaller.org/ + +Pyinstaller: +- Basic command: `pyinstaller --onefile main.py` + +Nutika: +- Basic command: `python -m nuitka --follow-imports --onefile main.py` + +## **`KeyAuthApp` instance definition** + +Visit https://keyauth.cc/app/ and select your application, then click on the **Python** tab + +It'll provide you with the code which you should replace with in the `main.py` file. + +```PY +keyauthapp = api( + name = "", #App name (Manage Applications --> Application name) + ownerid = "", #Owner ID (Account-Settings --> OwnerID) + secret = "", #App secret(Manage Applications --> App credentials code) + version = "", + hash_to_check = getchecksum() +) +``` + +## **Initialize application** + +You don't need to add any code to initalize. KeyAuth will initalize when the instance definition is made. + +## **Display application information** + +```py +keyauthapp.fetchStats() +print(f""" +App data: +Number of users: {keyauthapp.app_data.numUsers} +Number of online users: {keyauthapp.app_data.onlineUsers} +Number of keys: {keyauthapp.app_data.numKeys} +Application Version: {keyauthapp.app_data.app_ver} +Customer panel link: {keyauthapp.app_data.customer_panel} +""") +``` + +## **Check session validation** + +Use this to see if the user is logged in or not. + +```py +print(f"Current Session Validation Status: {keyauthapp.check()}") +``` + +## **Check blacklist status** + +Check if HWID or IP Address is blacklisted. You can add this if you want, just to make sure nobody can open your program for less than a second if they're blacklisted. Though, if you don't mind a blacklisted user having the program for a few seconds until they try to login and register, and you care about having the quickest program for your users, you shouldn't use this function then. If a blacklisted user tries to login/register, the KeyAuth server will check if they're blacklisted and deny entry if so. So the check blacklist function is just auxiliary function that's optional. + +```py +if keyauthapp.checkblacklist(): + print("You've been blacklisted from our application.") + os._exit(1) +``` + +## **Login with username/password** + +```py +user = input('Provide username: ') +password = input('Provide password: ') +keyauthapp.login(user, password) +``` + +## **Register with username/password/key** + +```py +user = input('Provide username: ') +password = input('Provide password: ') +license = input('Provide License: ') +keyauthapp.register(user, password, license) +``` + +## **Upgrade user username/key** + +Used so the user can add extra time to their account by claiming new key. + +> [!Warning] +> No password is needed to upgrade account. So, unlike login, register, and license functions - you should **not** log user in after successful upgrade. + +```py +user = input('Provide username: ') +license = input('Provide License: ') +keyauthapp.upgrade(user, license) +``` + +## **Login with just license key** + +Users can use this function if their license key has never been used before, and if it has been used before. So if you plan to just allow users to use keys, you can remove the login and register functions from your code. + +```py +key = input('Enter your license: ') +keyauthapp.license(key) +``` + +## **User Data** + +Show information for current logged-in user. + +```py +print("\nUser data: ") +print("Username: " + keyauthapp.user_data.username) +print("IP address: " + keyauthapp.user_data.ip) +print("Hardware-Id: " + keyauthapp.user_data.hwid) + +subs = keyauthapp.user_data.subscriptions # Get all Subscription names, expiry, and timeleft +for i in range(len(subs)): + sub = subs[i]["subscription"] # Subscription from every Sub + expiry = datetime.utcfromtimestamp(int(subs[i]["expiry"])).strftime( + '%Y-%m-%d %H:%M:%S') # Expiry date from every Sub + timeleft = subs[i]["timeleft"] # Timeleft from every Sub + + print(f"[{i + 1} / {len(subs)}] | Subscription: {sub} - Expiry: {expiry} - Timeleft: {timeleft}") +print("Created at: " + datetime.utcfromtimestamp(int(keyauthapp.user_data.createdate)).strftime('%Y-%m-%d %H:%M:%S')) +print("Last login at: " + datetime.utcfromtimestamp(int(keyauthapp.user_data.lastlogin)).strftime('%Y-%m-%d %H:%M:%S')) +print("Expires at: " + datetime.utcfromtimestamp(int(keyauthapp.user_data.expires)).strftime('%Y-%m-%d %H:%M:%S')) +print(f"Current Session Validation Status: {keyauthapp.check()}") +``` + +## **Show list of online users** + +```py +onlineUsers = keyauthapp.fetchOnline() +OU = "" # KEEP THIS EMPTY FOR NOW, THIS WILL BE USED TO CREATE ONLINE USER STRING. +if onlineUsers is None: + OU = "No online users" +else: + for i in range(len(onlineUsers)): + OU += onlineUsers[i]["credential"] + " " + +print("\n" + OU + "\n") +``` + +## **Application variables** + +A string that is kept on the server-side of KeyAuth. On the dashboard you can choose for each variable to be authenticated (only logged in users can access), or not authenticated (any user can access before login). These are global and static for all users, unlike User Variables which will be dicussed below this section. + +```py +* Get normal variable and print it +data = keyauthapp.var("varName") +print(data) +``` + +## **User Variables** + +User variables are strings kept on the server-side of KeyAuth. They are specific to users. They can be set on Dashboard in the Users tab, via SellerAPI, or via your loader using the code below. `discord` is the user variable name you fetch the user variable by. `test#0001` is the variable data you get when fetching the user variable. + +```py +* Set up user variable +keyauthapp.setvar("varName", "varValue") +``` + +And here's how you fetch the user variable: + +```py +* Get user variable and print it +data = keyauthapp.getvar("varName") +print(data) +``` + +## **Application Logs** + +Can be used to log data. Good for anti-debug alerts and maybe error debugging. If you set Discord webhook in the app settings of the Dashboard, it will send log messages to your Discord webhook rather than store them on site. It's recommended that you set Discord webhook, as logs on site are deleted 1 month after being sent. + +You can use the log function before login & after login. + +```py +* Log message to the server and then to your webhook what is set on app settings +keyauthapp.log("Message") +``` + +## **Ban the user** + +Ban the user and blacklist their HWID and IP Address. Good function to call upon if you use anti-debug and have detected an intrusion attempt. + +Function only works after login. + +```py +keyauthapp.ban() +``` + +## **Enable Two Factor Authentication (2fa)** + +Enable two factor authentication (2fa) on a client account. + +```py +keyauthapp.enable2fa() +``` + +## **Disable Two Factor Authentication (2fa)** + +Disable two factor authentication (2fa) on a client account. + +```py +keyauthapp.disable2fa() +``` + +## **Logout session** + +Logout the users session and close the application. + +This only works if the user is authenticated (logged in) +```py +keyauthapp.logout() +``` + +## **Server-sided webhooks** + +Tutorial video https://www.youtube.com/watch?v=ENRaNPPYJbc + +> [!NOTE] +> Read documentation for KeyAuth webhooks here https://keyauth.readme.io/reference/webhooks-1 + +Send HTTP requests to URLs securely without leaking the URL in your application. You should definitely use if you want to send requests to SellerAPI from your application, otherwise if you don't use you'll be leaking your seller key to everyone. And then someone can mess up your application. + +1st example is how to send request with no POST data. just a GET request to the URL. `7kR0UedlVI` is the webhook ID, `https://keyauth.win/api/seller/?sellerkey=sellerkeyhere&type=black` is what you should put as the webhook endpoint on the dashboard. This is the part you don't want users to see. And then you have `&ip=1.1.1.1&hwid=abc` in your program code which will be added to the webhook endpoint on the keyauth server and then the request will be sent. + +2nd example includes post data. it is form data. it is an example request to the KeyAuth API. `7kR0UedlVI` is the webhook ID, `https://keyauth.win/api/1.2/` is the webhook endpoint. + +3rd examples included post data though it's JSON. It's an example reques to Discord webhook `7kR0UedlVI` is the webhook ID, `https://discord.com/api/webhooks/...` is the webhook endpoint. + +```py +* example to send normal request with no POST data +data = keyauthapp.webhook("7kR0UedlVI", "&ip=1.1.1.1&hwid=abc") + +* example to send form data +data = keyauthapp.webhook("7kR0UedlVI", "", "type=init&name=test&ownerid=j9Gj0FTemM", "application/x-www-form-urlencoded") + +* example to send JSON +data = keyauthapp.webhook("7kR0UedlVI", "", "{\"content\": \"webhook message here\",\"embeds\": null}", "application/json") +``` + +## **Download file** + +> [!NOTE] +> Read documentation for KeyAuth files here https://docs.keyauth.cc/website/dashboard/files + +Keep files secure by providing KeyAuth your file download link on the KeyAuth dashboard. Make sure this is a direct download link (as soon as you go to the link, it starts downloading without you clicking anything). The KeyAuth download function provides the bytes, and then you get to decide what to do with those. This example shows how to write it to a file named `text.txt` in the same folder as the program, though you could execute with RunPE or whatever you want. + +`385624` is the file ID you get from the dashboard after adding file. + +```py +* Download Files form the server to your computer using the download function in the api class +bytes = keyauthapp.file("385624") +f = open("example.exe", "wb") +f.write(bytes) +f.close() +``` + +## **Chat channels** + +Allow users to communicate amongst themselves in your program. + +Example from the form example on how to fetch the chat messages. + +```py +* Get chat messages +messages = keyauthapp.chatGet("CHANNEL") + +Messages = "" +for i in range(len(messages)): +Messages += datetime.utcfromtimestamp(int(messages[i]["timestamp"])).strftime('%Y-%m-%d %H:%M:%S') + " - " + messages[i]["author"] + ": " + messages[i]["message"] + "\n" + +print("\n\n" + Messages) +``` + +Example on how to send chat message. + +```py +* Send chat message +keyauthapp.chatSend("MESSAGE", "CHANNEL") +``` + +Looking for a Discord bot made by the KeyAuth & RestoreCord founder that you can use to backup your Discord members, server settings, and messages? Go to https://vaultcord.com diff --git a/keyauth.py b/keyauth.py index 7031171..4eb9558 100644 --- a/keyauth.py +++ b/keyauth.py @@ -1,356 +1,695 @@ +import os import json as jsond # json - import time # sleep before exit - import binascii # hex encoding - -import requests # https requests - -from uuid import uuid4 # gen random guid - -from Crypto.Cipher import AES -from Crypto.Hash import SHA256 -from Crypto.Util.Padding import pad, unpad -# aes + padding, sha256 - -import webbrowser -import platform -import subprocess -import datetime -import datetime -import sys -import os - -from requests_toolbelt.adapters.fingerprint import FingerprintAdapter +import platform # check platform +import subprocess # needed for mac device +import qrcode +from datetime import datetime, timezone, timedelta +from discord_interactions import verify_key # used for signature verification +from PIL import Image + + +try: + if os.name == 'nt': + import win32security # get sid (WIN only) + import requests # https requests +except ModuleNotFoundError: + print("Exception when importing modules") + print("Installing necessary modules....") + if os.path.isfile("requirements.txt"): + os.system("pip install -r requirements.txt") + else: + if os.name == 'nt': + os.system("pip install pywin32") + os.system("pip install requests") + print("Modules installed!") + time.sleep(1.5) + os._exit(1) class api: - name = ownerid = secret = version = "" - def __init__(self, name, ownerid, secret, version): + name = ownerid = version = hash_to_check = "" + + def __init__(self, name, ownerid, version, hash_to_check): + if len(ownerid) != 10: + print("Visit https://keyauth.cc/app/, copy Pthon code, and replace code in main.py with that") + time.sleep(3) + os._exit(1) + self.name = name self.ownerid = ownerid - self.secret = secret - self.version = version + self.hash_to_check = hash_to_check + self.init() sessionid = enckey = "" + initialized = False def init(self): - - init_iv = SHA256.new(str(uuid4())[:8].encode()).hexdigest() - - self.enckey = SHA256.new(str(uuid4())[:8].encode()).hexdigest() - + if self.sessionid != "": + print("You've already initialized!") + time.sleep(3) + os._exit(1) + post_data = { - "type": binascii.hexlify(("init").encode()), - "ver": encryption.encrypt(self.version, self.secret, init_iv), - "enckey": encryption.encrypt(self.enckey, self.secret, init_iv), - "name": binascii.hexlify(self.name.encode()), - "ownerid": binascii.hexlify(self.ownerid.encode()), - "init_iv": init_iv + "type": "init", + "ver": self.version, + "hash": self.hash_to_check, + "name": self.name, + "ownerid": self.ownerid } response = self.__do_request(post_data) if response == "KeyAuth_Invalid": print("The application doesn't exist") - sys.exit() + time.sleep(3) + os._exit(1) - response = encryption.decrypt(response, self.secret, init_iv) json = jsond.loads(response) + if json["message"] == "invalidver": + if json["download"] != "": + print("New Version Available") + download_link = json["download"] + os.system(f"start {download_link}") + time.sleep(3) + os._exit(1) + else: + print("Invalid Version, Contact owner to add download link to latest app version") + time.sleep(3) + os._exit(1) + if not json["success"]: print(json["message"]) - sys.exit() + time.sleep(3) + os._exit(1) self.sessionid = json["sessionid"] + self.initialized = True def register(self, user, password, license, hwid=None): + self.checkinit() if hwid is None: hwid = others.get_hwid() - init_iv = SHA256.new(str(uuid4())[:8].encode()).hexdigest() - post_data = { - "type": binascii.hexlify(("register").encode()), - "username": encryption.encrypt(user, self.enckey, init_iv), - "pass": encryption.encrypt(password, self.enckey, init_iv), - "key": encryption.encrypt(license, self.enckey, init_iv), - "hwid": encryption.encrypt(hwid, self.enckey, init_iv), - "sessionid": binascii.hexlify(self.sessionid.encode()), - "name": binascii.hexlify(self.name.encode()), - "ownerid": binascii.hexlify(self.ownerid.encode()), - "init_iv": init_iv + "type": "register", + "username": user, + "pass": password, + "key": license, + "hwid": hwid, + "sessionid": self.sessionid, + "name": self.name, + "ownerid": self.ownerid } response = self.__do_request(post_data) - response = encryption.decrypt(response, self.enckey, init_iv) - json = jsond.loads(response) if json["success"]: - print("successfully registered") + print(json["message"]) + self.__load_user_data(json["info"]) else: print(json["message"]) - sys.exit() + time.sleep(3) + os._exit(1) def upgrade(self, user, license): - - init_iv = SHA256.new(str(uuid4())[:8].encode()).hexdigest() + self.checkinit() post_data = { - "type": binascii.hexlify(("upgrade").encode()), - "username": encryption.encrypt(user, self.enckey, init_iv), - "key": encryption.encrypt(license, self.enckey, init_iv), - "sessionid": binascii.hexlify(self.sessionid.encode()), - "name": binascii.hexlify(self.name.encode()), - "ownerid": binascii.hexlify(self.ownerid.encode()), - "init_iv": init_iv + "type": "upgrade", + "username": user, + "key": license, + "sessionid": self.sessionid, + "name": self.name, + "ownerid": self.ownerid } response = self.__do_request(post_data) - response = encryption.decrypt(response, self.enckey, init_iv) - json = jsond.loads(response) if json["success"]: - print("successfully upgraded user") + print(json["message"]) + print("Please restart program and login") + time.sleep(3) + os._exit(1) else: print(json["message"]) - sys.exit() + time.sleep(3) + os._exit(1) - def login(self, user, password, hwid=None): + def login(self, user, password, code=None, hwid=None): + self.checkinit() if hwid is None: hwid = others.get_hwid() - init_iv = SHA256.new(str(uuid4())[:8].encode()).hexdigest() - post_data = { - "type": binascii.hexlify(("login").encode()), - "username": encryption.encrypt(user, self.enckey, init_iv), - "pass": encryption.encrypt(password, self.enckey, init_iv), - "hwid": encryption.encrypt(hwid, self.enckey, init_iv), - "sessionid": binascii.hexlify(self.sessionid.encode()), - "name": binascii.hexlify(self.name.encode()), - "ownerid": binascii.hexlify(self.ownerid.encode()), - "init_iv": init_iv + "type": "login", + "username": user, + "pass": password, + "hwid": hwid, + "sessionid": self.sessionid, + "name": self.name, + "ownerid": self.ownerid, } + + if code is not None: + post_data["code"] = code response = self.__do_request(post_data) - response = encryption.decrypt(response, self.enckey, init_iv) - json = jsond.loads(response) if json["success"]: - print("successfully logged in") + self.__load_user_data(json["info"]) + print(json["message"]) else: print(json["message"]) - sys.exit() + time.sleep(3) + os._exit(1) - def license(self, key, hwid=None): + def license(self, key, code=None, hwid=None): + self.checkinit() if hwid is None: hwid = others.get_hwid() - init_iv = SHA256.new(str(uuid4())[:8].encode()).hexdigest() - post_data = { - "type": binascii.hexlify(("license").encode()), - "key": encryption.encrypt(key, self.enckey, init_iv), - "hwid": encryption.encrypt(hwid, self.enckey, init_iv), - "sessionid": binascii.hexlify(self.sessionid.encode()), - "name": binascii.hexlify(self.name.encode()), - "ownerid": binascii.hexlify(self.ownerid.encode()), - "init_iv": init_iv + "type": "license", + "key": key, + "hwid": hwid, + "sessionid": self.sessionid, + "name": self.name, + "ownerid": self.ownerid } + + if code is not None: + post_data["code"] = code response = self.__do_request(post_data) - response = encryption.decrypt(response, self.enckey, init_iv) json = jsond.loads(response) if json["success"]: self.__load_user_data(json["info"]) - print("successfully logged into license") + print(json["message"]) else: print(json["message"]) - sys.exit() + time.sleep(3) + os._exit(1) def var(self, name): - - init_iv = SHA256.new(str(uuid4())[:8].encode()).hexdigest() + self.checkinit() post_data = { - "type": binascii.hexlify(("var").encode()), - "varid": encryption.encrypt(name, self.enckey, init_iv), - "sessionid": binascii.hexlify(self.sessionid.encode()), - "name": binascii.hexlify(self.name.encode()), - "ownerid": binascii.hexlify(self.ownerid.encode()), - "init_iv": init_iv + "type": "var", + "varid": name, + "sessionid": self.sessionid, + "name": self.name, + "ownerid": self.ownerid } response = self.__do_request(post_data) - response = encryption.decrypt(response, self.enckey, init_iv) - json = jsond.loads(response) if json["success"]: return json["message"] else: print(json["message"]) - time.sleep(5) - sys.exit() + time.sleep(3) + os._exit(1) - def file(self, fileid): + def getvar(self, var_name): + self.checkinit() + + post_data = { + "type": "getvar", + "var": var_name, + "sessionid": self.sessionid, + "name": self.name, + "ownerid": self.ownerid + } + response = self.__do_request(post_data) - init_iv = SHA256.new(str(uuid4())[:8].encode()).hexdigest() + json = jsond.loads(response) + + if json["success"]: + return json["response"] + else: + print(f"NOTE: This is commonly misunderstood. This is for user variables, not the normal variables.\nUse keyauthapp.var(\"{var_name}\") for normal variables"); + print(json["message"]) + time.sleep(3) + os._exit(1) + + def setvar(self, var_name, var_data): + self.checkinit() post_data = { - "type": binascii.hexlify(("file").encode()), - "fileid": encryption.encrypt(fileid, self.enckey, init_iv), - "sessionid": binascii.hexlify(self.sessionid.encode()), - "name": binascii.hexlify(self.name.encode()), - "ownerid": binascii.hexlify(self.ownerid.encode()), - "init_iv": init_iv + "type": "setvar", + "var": var_name, + "data": var_data, + "sessionid": self.sessionid, + "name": self.name, + "ownerid": self.ownerid } + response = self.__do_request(post_data) + + json = jsond.loads(response) + + if json["success"]: + return True + else: + print(json["message"]) + time.sleep(3) + os._exit(1) + def ban(self): + self.checkinit() + + post_data = { + "type": "ban", + "sessionid": self.sessionid, + "name": self.name, + "ownerid": self.ownerid + } response = self.__do_request(post_data) - response = encryption.decrypt(response, self.enckey, init_iv) + json = jsond.loads(response) + + if json["success"]: + return True + else: + print(json["message"]) + time.sleep(3) + os._exit(1) + + def file(self, fileid): + self.checkinit() + + post_data = { + "type": "file", + "fileid": fileid, + "sessionid": self.sessionid, + "name": self.name, + "ownerid": self.ownerid + } + + response = self.__do_request(post_data) json = jsond.loads(response) if not json["success"]: print(json["message"]) - time.sleep(5) - sys.exit() + time.sleep(3) + os._exit(1) return binascii.unhexlify(json["contents"]) - def webhook(self, webid, param): - - init_iv = SHA256.new(str(uuid4())[:8].encode()).hexdigest() + def webhook(self, webid, param, body = "", conttype = ""): + self.checkinit() post_data = { - "type": binascii.hexlify(("webhook").encode()), - "webid": encryption.encrypt(webid, self.enckey, init_iv), - "params": encryption.encrypt(param, self.enckey, init_iv), - "sessionid": binascii.hexlify(self.sessionid.encode()), - "name": binascii.hexlify(self.name.encode()), - "ownerid": binascii.hexlify(self.ownerid.encode()), - "init_iv": init_iv + "type": "webhook", + "webid": webid, + "params": param, + "body": body, + "conttype": conttype, + "sessionid": self.sessionid, + "name": self.name, + "ownerid": self.ownerid } response = self.__do_request(post_data) - response = encryption.decrypt(response, self.enckey, init_iv) json = jsond.loads(response) if json["success"]: return json["message"] else: print(json["message"]) - time.sleep(5) - sys.exit() + time.sleep(3) + os._exit(1) - def log(self, message): + def check(self): + self.checkinit() + + post_data = { + "type": "check", + "sessionid": self.sessionid, + "name": self.name, + "ownerid": self.ownerid + } + response = self.__do_request(post_data) + + json = jsond.loads(response) + if json["success"]: + return True + else: + return False + + def checkblacklist(self): + self.checkinit() + hwid = others.get_hwid() + + post_data = { + "type": "checkblacklist", + "hwid": hwid, + "sessionid": self.sessionid, + "name": self.name, + "ownerid": self.ownerid + } + response = self.__do_request(post_data) + + json = jsond.loads(response) + if json["success"]: + return True + else: + return False - init_iv = SHA256.new(str(uuid4())[:8].encode()).hexdigest() + def log(self, message): + self.checkinit() post_data = { - "type": binascii.hexlify(("log").encode()), - "pcuser": encryption.encrypt(os.getenv('username'), self.enckey, init_iv), - "message": encryption.encrypt(message, self.enckey, init_iv), - "sessionid": binascii.hexlify(self.sessionid.encode()), - "name": binascii.hexlify(self.name.encode()), - "ownerid": binascii.hexlify(self.ownerid.encode()), - "init_iv": init_iv + "type": "log", + "pcuser": os.getenv('username'), + "message": message, + "sessionid": self.sessionid, + "name": self.name, + "ownerid": self.ownerid } self.__do_request(post_data) - def __do_request(self, post_data): + def fetchOnline(self): + self.checkinit() - rq_out = requests.post( - "https://keyauth.business/1.0/", data=post_data - ) + post_data = { + "type": "fetchOnline", + "sessionid": self.sessionid, + "name": self.name, + "ownerid": self.ownerid + } - return rq_out.text + response = self.__do_request(post_data) - # region user_data - class user_data_class: - key = "" - expiry = datetime.datetime.now() - level = 0 + json = jsond.loads(response) - user_data = user_data_class() + if json["success"]: + if len(json["users"]) == 0: + return None + else: + return json["users"] + else: + return None + + def fetchStats(self): + self.checkinit() - def __load_user_data(self, data): - self.user_data.username = data["username"] + post_data = { + "type": "fetchStats", + "sessionid": self.sessionid, + "name": self.name, + "ownerid": self.ownerid + } + response = self.__do_request(post_data) -class others: - @staticmethod - def get_hwid(): - if platform.system() != "Windows": - return "None" + json = jsond.loads(response) - cmd = subprocess.Popen( - "wmic useraccount where name='%username%' get sid", stdout=subprocess.PIPE, shell=True) + if json["success"]: + self.__load_app_data(json["appinfo"]) + + def chatGet(self, channel): + self.checkinit() - (suppost_sid, error) = cmd.communicate() + post_data = { + "type": "chatget", + "channel": channel, + "sessionid": self.sessionid, + "name": self.name, + "ownerid": self.ownerid + } - suppost_sid = suppost_sid.split(b'\n')[1].strip() + response = self.__do_request(post_data) - return suppost_sid.decode() + json = jsond.loads(response) + if json["success"]: + return json["messages"] + else: + return None -class encryption: - @staticmethod - def encrypt_string(plain_text, key, iv): - plain_text = pad(plain_text, 16) + def chatSend(self, message, channel): + self.checkinit() - aes_instance = AES.new(key, AES.MODE_CBC, iv) + post_data = { + "type": "chatsend", + "message": message, + "channel": channel, + "sessionid": self.sessionid, + "name": self.name, + "ownerid": self.ownerid + } - raw_out = aes_instance.encrypt(plain_text) + response = self.__do_request(post_data) - return binascii.hexlify(raw_out) + json = jsond.loads(response) - @staticmethod - def decrypt_string(cipher_text, key, iv): - cipher_text = binascii.unhexlify(cipher_text) + if json["success"]: + return True + else: + return False - aes_instance = AES.new(key, AES.MODE_CBC, iv) + def checkinit(self): + if not self.initialized: + print("Initialize first, in order to use the functions") + time.sleep(3) + os._exit(1) - cipher_text = aes_instance.decrypt(cipher_text) + def changeUsername(self, username): + self.checkinit() - return unpad(cipher_text, 16) + post_data = { + "type": "changeUsername", + "newUsername": username, + "sessionid": self.sessionid, + "name": self.name, + "ownerid": self.ownerid + } - @staticmethod - def encrypt(message, enc_key, iv): - try: - _key = SHA256.new(enc_key.encode()).hexdigest()[:32] + response = self.__do_request(post_data) - _iv = SHA256.new(iv.encode()).hexdigest()[:16] + json = jsond.loads(response) + + if json["success"]: + print("Successfully changed username") + else: + print(json["message"]) + time.sleep(3) + os._exit(1) - return encryption.encrypt_string(message.encode(), _key.encode(), _iv.encode()).decode() - except: - print("Invalid Application Information. Long text is secret short text is ownerid. Name is supposed to be app name not username") - sys.exit() + def logout(self): + self.checkinit() - @staticmethod - def decrypt(message, enc_key, iv): + post_data = { + "type": "logout", + "sessionid": self.sessionid, + "name": self.name, + "ownerid": self.ownerid + } + + response = self.__do_request(post_data) + + json = jsond.loads(response) + + if json["success"]: + print("Successfully logged out") + time.sleep(3) + os._exit(1) + else: + print(json["message"]) + time.sleep(3) + os._exit(1) + + def enable2fa(self, code=None): + self.checkinit() + + post_data = { + "type": "2faenable", + "sessionid": self.sessionid, + "name": self.name, + "ownerid": self.ownerid, + "code": code + } + + response = self.__do_request(post_data) + + json = jsond.loads(response) + + if json["success"]: + if code is None: + # First request: Display the 2FA secret code + print(f"Your 2FA secret code is: {json['2fa']['secret_code']}") + qr_code = json['2fa']['QRCode'] + self.display_qr_code(qr_code) + code_input = input("Enter the 6 digit 2fa code to enable 2fa: ") + self.enable2fa(code_input); + else: + # Second request: Confirm successful 2FA activation + print("2FA has been successfully enabled!") + time.sleep(3) + else: + print(f"Error: {json['message']}") + time.sleep(3) + os._exit(1) + + def disable2fa(self, code=None): + self.checkinit() + + code = input("Enter the 6 digit 2fa code to disable 2fa: ") + + post_data = { + "type": "2fadisable", + "sessionid": self.sessionid, + "name": self.name, + "ownerid": self.ownerid, + "code": code + } + + response = self.__do_request(post_data) + + json = jsond.loads(response) + + print(json['message']) + time.sleep(3) + + + def display_qr_code(self, qr_code_url): + # Generate QR code image + qr = qrcode.QRCode( + version=1, + error_correction=qrcode.constants.ERROR_CORRECT_L, + box_size=10, + border=4, + ) + + # Add the QR code URL data + qr.add_data(qr_code_url) + qr.make(fit=True) + + # Create an image from the QR code + img = qr.make_image(fill='black', back_color='white') + + # Display the QR code image + img.show() + + def __do_request(self, post_data): try: - _key = SHA256.new(enc_key.encode()).hexdigest()[:32] + response = requests.post( + "https://keyauth.win/api/1.3/", data=post_data, timeout=10 + ) + + if post_data["type"] == "log" or post_data["type"] == "file" or post_data["type"] == "2faenable" or post_data["type"] == "2fadisable": + return response.text + + # Get the signature and timestamp from the headers + signature = response.headers.get("x-signature-ed25519") + timestamp = response.headers.get("x-signature-timestamp") + + if not signature or not timestamp: + print("Missing headers for signature verification.") + time.sleep(3) + os._exit(1) + + server_time = datetime.fromtimestamp(int(timestamp), timezone.utc) + current_time = datetime.now(timezone.utc) + + #print(f"Server Timestamp (UTC seconds): {timestamp}") + #print(f"Server Time (UTC seconds): {server_time.timestamp()}") + #print(f"Current Time (UTC seconds): {current_time.timestamp()}") + + buffer_seconds = 5 + time_difference = current_time - server_time + + if time_difference > timedelta(seconds=20 + buffer_seconds): + print("Timestamp is too old (exceeded 20 seconds + buffer).") + time.sleep(3) + os._exit(1) + + if not verify_key(response.text.encode('utf-8'), signature, timestamp, '5586b4bc69c7a4b487e4563a4cd96afd39140f919bd31cea7d1c6a1e8439422b'): + print("Signature checksum failed. Request was tampered with or session ended most likely.") + time.sleep(3) + os._exit(1) + + return response.text + + except requests.exceptions.Timeout: + print("Request timed out. Server is probably down/slow at the moment") + + + class application_data_class: + numUsers = numKeys = app_ver = customer_panel = onlineUsers = "" - _iv = SHA256.new(iv.encode()).hexdigest()[:16] + class user_data_class: + username = ip = hwid = expires = createdate = lastlogin = subscription = subscriptions = "" - return encryption.decrypt_string(message.encode(), _key.encode(), _iv.encode()).decode() - except: - print("Invalid Application Information. Long text is secret short text is ownerid. Name is supposed to be app name not username") - sys.exit() + user_data = user_data_class() + app_data = application_data_class() + + def __load_app_data(self, data): + self.app_data.numUsers = data["numUsers"] + self.app_data.numKeys = data["numKeys"] + self.app_data.app_ver = data["version"] + self.app_data.customer_panel = data["customerPanelLink"] + self.app_data.onlineUsers = data["numOnlineUsers"] + + def __load_user_data(self, data): + self.user_data.username = data["username"] + self.user_data.ip = data["ip"] + self.user_data.hwid = data["hwid"] or "N/A" + self.user_data.expires = data["subscriptions"][0]["expiry"] + self.user_data.createdate = data["createdate"] + self.user_data.lastlogin = data["lastlogin"] + self.user_data.subscription = data["subscriptions"][0]["subscription"] + self.user_data.subscriptions = data["subscriptions"] + + +class others: + @staticmethod + def get_hwid(): + if platform.system() == "Linux": + with open("/etc/machine-id") as f: + hwid = f.read() + return hwid + elif platform.system() == 'Windows': + winuser = os.getlogin() + sid = win32security.LookupAccountName(None, winuser)[0] # You can also use WMIC (better than SID, some users had problems with WMIC) + hwid = win32security.ConvertSidToStringSid(sid) + return hwid + ''' + cmd = subprocess.Popen( + "wmic useraccount where name='%username%' get sid", + stdout=subprocess.PIPE, + shell=True, + ) + + (suppost_sid, error) = cmd.communicate() + + suppost_sid = suppost_sid.split(b"\n")[1].strip() + + return suppost_sid.decode() + + ^^ HOW TO DO IT USING WMIC + ''' + elif platform.system() == 'Darwin': + output = subprocess.Popen("ioreg -l | grep IOPlatformSerialNumber", stdout=subprocess.PIPE, shell=True).communicate()[0] + serial = output.decode().split('=', 1)[1].replace(' ', '') + hwid = serial[1:-2] + return hwid \ No newline at end of file diff --git a/main.py b/main.py index 4de2292..6fc86d7 100644 --- a/main.py +++ b/main.py @@ -1,38 +1,213 @@ +''' +KeyAuth.cc Python Example + +Go to https://keyauth.cc/app/ and click the Python tab. Copy that code and replace the existing keyauthapp instance in this file. + +If you get an error saying it can't find module KeyAuth, try following this https://github.com/KeyAuth/KeyAuth-Python-Example#how-to-compile + +If that doesn't work for you, you can paste the contents of KeyAuth.py ABOVE this comment and then remove the "from keyauth import api" and that should work too. + +READ HERE TO LEARN ABOUT KEYAUTH FUNCTIONS https://github.com/KeyAuth/KeyAuth-Python-Example#keyauthapp-instance-definition +''' from keyauth import api -import os -import os.path +import sys +import time import platform +import os +import hashlib +from time import sleep +from datetime import datetime, UTC + +# import json as jsond +# ^^ only for auto login/json writing/reading # watch setup video if you need help https://www.youtube.com/watch?v=L2eAQOmuUiA -keyauthapp = api("your application name", "your owner id", "your application secret","1.0") +def clear(): + if platform.system() == 'Windows': + os.system('cls & title Python Example') # clear console, change title + elif platform.system() == 'Linux': + os.system('clear') # Clear the terminal + sys.stdout.write("\033]0;Python Example\007") # Set terminal title + sys.stdout.flush() + elif platform.system() == 'Darwin': + os.system("clear && printf '\033[3J'") # Clear terminal and scrollback + os.system('echo -n -e "\033]0;Python Example\007"') # Set terminal title print("Initializing") -keyauthapp.init() -print (""" -1.Login + +def getchecksum(): + md5_hash = hashlib.md5() + file = open(''.join(sys.argv), "rb") + md5_hash.update(file.read()) + digest = md5_hash.hexdigest() + return digest + + +keyauthapp = api( + name = "", # App name + ownerid = "", # Account ID + version = "", # Application version. Used for automatic downloads see video here https://www.youtube.com/watch?v=kW195PLCBKs + hash_to_check = getchecksum() +) + +def answer(): + try: + print("""1.Login 2.Register 3.Upgrade 4.License Key Only -""") -ans=input("Select Option: ") -if ans=="1": - user = input('Provide username: ') - password = input('Provide password: ') - keyauthapp.login(user,password) -elif ans=="2": - user = input('Provide username: ') - password = input('Provide password: ') - license = input('Provide License: ') - keyauthapp.register(user,password,license) -elif ans=="3": - user = input('Provide username: ') - license = input('Provide License: ') - keyauthapp.upgrade(user,license) -elif ans=="4": - key = input('Enter your license: ') - keyauthapp.license(key) -elif ans !="": - print("\n Not Valid Option") + """) + ans = input("Select Option: ") + if ans == "1": + user = input('Provide username: ') + password = input('Provide password: ') + code = input('Enter 2fa code: (not using 2fa? Just press enter)') + keyauthapp.login(user, password, code) + elif ans == "2": + user = input('Provide username: ') + password = input('Provide password: ') + license = input('Provide License: ') + keyauthapp.register(user, password, license) + elif ans == "3": + user = input('Provide username: ') + license = input('Provide License: ') + keyauthapp.upgrade(user, license) + elif ans == "4": + key = input('Enter your license: ') + code = input('Enter 2fa code: (not using 2fa? Just press enter)') + keyauthapp.license(key, code) + else: + print("\nInvalid option") + sleep(1) + clear() + answer() + except KeyboardInterrupt: + os._exit(1) + + +answer() + +'''try: + if os.path.isfile('auth.json'): #Checking if the auth file exist + if jsond.load(open("auth.json"))["authusername"] == "": #Checks if the authusername is empty or not + print(""" +1. Login +2. Register + """) + ans=input("Select Option: ") #Skipping auto-login bc auth file is empty + if ans=="1": + user = input('Provide username: ') + password = input('Provide password: ') + keyauthapp.login(user,password) + authfile = jsond.load(open("auth.json")) + authfile["authusername"] = user + authfile["authpassword"] = password + jsond.dump(authfile, open('auth.json', 'w'), sort_keys=False, indent=4) + elif ans=="2": + user = input('Provide username: ') + password = input('Provide password: ') + license = input('Provide License: ') + keyauthapp.register(user,password,license) + authfile = jsond.load(open("auth.json")) + authfile["authusername"] = user + authfile["authpassword"] = password + jsond.dump(authfile, open('auth.json', 'w'), sort_keys=False, indent=4) + else: + print("\nNot Valid Option") + os._exit(1) + else: + try: #2. Auto login + with open('auth.json', 'r') as f: + authfile = jsond.load(f) + authuser = authfile.get('authusername') + authpass = authfile.get('authpassword') + keyauthapp.login(authuser,authpass) + except Exception as e: #Error stuff + print(e) + else: #Creating auth file bc its missing + try: + f = open("auth.json", "a") #Writing content + f.write("""{ + "authusername": "", + "authpassword": "" +}""") + f.close() + print (""" +1. Login +2. Register + """)#Again skipping auto-login bc the file is empty/missing + ans=input("Select Option: ") + if ans=="1": + user = input('Provide username: ') + password = input('Provide password: ') + keyauthapp.login(user,password) + authfile = jsond.load(open("auth.json")) + authfile["authusername"] = user + authfile["authpassword"] = password + jsond.dump(authfile, open('auth.json', 'w'), sort_keys=False, indent=4) + elif ans=="2": + user = input('Provide username: ') + password = input('Provide password: ') + license = input('Provide License: ') + keyauthapp.register(user,password,license) + authfile = jsond.load(open("auth.json")) + authfile["authusername"] = user + authfile["authpassword"] = password + jsond.dump(authfile, open('auth.json', 'w'), sort_keys=False, indent=4) + else: + print("\nNot Valid Option") + os._exit(1) + except Exception as e: #Error stuff + print(e) + os._exit(1) +except Exception as e: #Error stuff + print(e) + os._exit(1)''' + +keyauthapp.fetchStats() +# Display Application Data +print("\nApplication data: ") +print("App Version: " + keyauthapp.app_data.app_ver) +print("Customer Panel Link: " + keyauthapp.app_data.customer_panel) +print("Number of Keys: " + keyauthapp.app_data.numKeys) +print("Number of Users: " + keyauthapp.app_data.numUsers) +print("Online Users: " + keyauthapp.app_data.onlineUsers) + +# Display User Data +print("\nUser data: ") +print("Username: " + keyauthapp.user_data.username) +print("IP address: " + keyauthapp.user_data.ip) +print("Hardware-Id: " + keyauthapp.user_data.hwid) + +subs = keyauthapp.user_data.subscriptions # Get all Subscription names, expiry, and timeleft +for i in range(len(subs)): + sub = subs[i]["subscription"] # Subscription from every Sub + expiry = datetime.fromtimestamp(int(subs[i]["expiry"]), UTC).strftime( + '%Y-%m-%d %H:%M:%S') # Expiry date from every Sub + timeleft = subs[i]["timeleft"] # Timeleft from every Sub + + print(f"[{i + 1} / {len(subs)}] | Subscription: {sub} - Expiry: {expiry} - Timeleft: {timeleft}") + +print("Created at: " + datetime.fromtimestamp(int(keyauthapp.user_data.createdate), UTC).strftime('%Y-%m-%d %H:%M:%S')) +print("Last login at: " + datetime.fromtimestamp(int(keyauthapp.user_data.lastlogin), UTC).strftime('%Y-%m-%d %H:%M:%S')) +print("Expires at: " + datetime.fromtimestamp(int(keyauthapp.user_data.expires), UTC).strftime('%Y-%m-%d %H:%M:%S')) + +# Two Factor Authentication +print("\nTwo Factor Authentication:") +print("1. Enable 2FA") +print("2. Disable 2FA") + +tfaans = input("Select Option: ") +if tfaans == "1": + keyauthapp.enable2fa() # You only need to call this once as it's called in the API file. +elif tfaans == "2": + keyauthapp.disable2fa() # You only need to call this once as it's called in the API file, and should ideally only need to be called once anyways. +else: + print("\nInvalid Option") + +print("\nExiting in five seconds..") +sleep(5) +os._exit(1) diff --git a/other-examples/README.md b/other-examples/README.md new file mode 100644 index 0000000..8447c31 --- /dev/null +++ b/other-examples/README.md @@ -0,0 +1,26 @@ +# Other-Examples +KeyAuth Python Examples + +**merged_example.py** + +Yes title says everything. This file contains the `keyauth.py` and `main.py` from https://github.com/KeyAuth/KeyAuth-Python-Example + +A few people did not know how to merge the files, so I made an example. + +**method1.py** + +This file shows you how to add your program to keyauth example. + +All you have to do is copy and paste your code below the example, you can check it in the `method1.py` file. + +**method2.py** + +This file shows you how to use your code if it's above the example code. + +- This method will only work if you call your functions after login. +- **Example:** +Create 1 function that will call all the other needed functions. You can also create 1 function and put everything in it. This is all your choice, method 1 would be a better idea. +- This can be exploited with Python code injection, for example injecting a code that will call the function before login. + + +>Created by: `Marci#1337` diff --git a/other-examples/merged_example.py b/other-examples/merged_example.py new file mode 100644 index 0000000..2e653ac --- /dev/null +++ b/other-examples/merged_example.py @@ -0,0 +1,866 @@ +# 1 file version + +import binascii # hex encoding +import hashlib +import json as jsond # json +import os +import platform # check platform +import subprocess # needed for mac device +import sys +import time # sleep before exit +from datetime import datetime +from time import sleep +from uuid import uuid4 # gen random guid + +try: + if os.name == 'nt': + import win32security # get sid (WIN only) + import requests # https requests + from Crypto.Cipher import AES + from Crypto.Hash import SHA256 + from Crypto.Util.Padding import pad, unpad +except ModuleNotFoundError: + print("Exception when importing modules") + print("Installing necessary modules....") + if os.path.isfile("requirements.txt"): + os.system("pip install -r requirements.txt") + else: + os.system("pip install pywin32") + os.system("pip install pycryptodome") + os.system("pip install requests") + print("Modules installed!") + time.sleep(1.5) + os._exit(1) + +try: # Connection check + s = requests.Session() # Session + s.get('https://google.com') +except requests.exceptions.RequestException as e: + print(e) + time.sleep(3) + os._exit(1) + + +class api: + + name = ownerid = secret = version = hash_to_check = "" + + def __init__(self, name, ownerid, secret, version, hash_to_check): + self.name = name + + self.ownerid = ownerid + + self.secret = secret + + self.version = version + self.hash_to_check = hash_to_check + self.init() + + sessionid = enckey = "" + initialized = False + + def init(self): + + if self.sessionid != "": + print("You've already initialized!") + time.sleep(2) + os._exit(1) + init_iv = SHA256.new(str(uuid4())[:8].encode()).hexdigest() + + self.enckey = SHA256.new(str(uuid4())[:8].encode()).hexdigest() + + post_data = { + "type": binascii.hexlify(("init").encode()), + "ver": encryption.encrypt(self.version, self.secret, init_iv), + "hash": self.hash_to_check, + "enckey": encryption.encrypt(self.enckey, self.secret, init_iv), + "name": binascii.hexlify(self.name.encode()), + "ownerid": binascii.hexlify(self.ownerid.encode()), + "init_iv": init_iv + } + + response = self.__do_request(post_data) + + if response == "KeyAuth_Invalid": + print("The application doesn't exist") + os._exit(1) + + response = encryption.decrypt(response, self.secret, init_iv) + json = jsond.loads(response) + + if json["message"] == "invalidver": + if json["download"] != "": + print("New Version Available") + download_link = json["download"] + os.system(f"start {download_link}") + os._exit(1) + else: + print("Invalid Version, Contact owner to add download link to latest app version") + os._exit(1) + + if not json["success"]: + print(json["message"]) + os._exit(1) + + self.sessionid = json["sessionid"] + self.initialized = True + self.__load_app_data(json["appinfo"]) + + def register(self, user, password, license, hwid=None): + self.checkinit() + if hwid is None: + hwid = others.get_hwid() + + init_iv = SHA256.new(str(uuid4())[:8].encode()).hexdigest() + + post_data = { + "type": binascii.hexlify(("register").encode()), + "username": encryption.encrypt(user, self.enckey, init_iv), + "pass": encryption.encrypt(password, self.enckey, init_iv), + "key": encryption.encrypt(license, self.enckey, init_iv), + "hwid": encryption.encrypt(hwid, self.enckey, init_iv), + "sessionid": binascii.hexlify(self.sessionid.encode()), + "name": binascii.hexlify(self.name.encode()), + "ownerid": binascii.hexlify(self.ownerid.encode()), + "init_iv": init_iv + } + + response = self.__do_request(post_data) + response = encryption.decrypt(response, self.enckey, init_iv) + json = jsond.loads(response) + + if json["success"]: + print("successfully registered") + self.__load_user_data(json["info"]) + else: + print(json["message"]) + os._exit(1) + + def upgrade(self, user, license): + self.checkinit() + init_iv = SHA256.new(str(uuid4())[:8].encode()).hexdigest() + + post_data = { + "type": binascii.hexlify(("upgrade").encode()), + "username": encryption.encrypt(user, self.enckey, init_iv), + "key": encryption.encrypt(license, self.enckey, init_iv), + "sessionid": binascii.hexlify(self.sessionid.encode()), + "name": binascii.hexlify(self.name.encode()), + "ownerid": binascii.hexlify(self.ownerid.encode()), + "init_iv": init_iv + } + + response = self.__do_request(post_data) + + response = encryption.decrypt(response, self.enckey, init_iv) + + json = jsond.loads(response) + + if json["success"]: + print("successfully upgraded user") + print("please restart program and login") + time.sleep(2) + os._exit(1) + else: + print(json["message"]) + os._exit(1) + + def login(self, user, password, hwid=None): + self.checkinit() + if hwid is None: + hwid = others.get_hwid() + + init_iv = SHA256.new(str(uuid4())[:8].encode()).hexdigest() + + post_data = { + "type": binascii.hexlify(("login").encode()), + "username": encryption.encrypt(user, self.enckey, init_iv), + "pass": encryption.encrypt(password, self.enckey, init_iv), + "hwid": encryption.encrypt(hwid, self.enckey, init_iv), + "sessionid": binascii.hexlify(self.sessionid.encode()), + "name": binascii.hexlify(self.name.encode()), + "ownerid": binascii.hexlify(self.ownerid.encode()), + "init_iv": init_iv + } + + response = self.__do_request(post_data) + + response = encryption.decrypt(response, self.enckey, init_iv) + + json = jsond.loads(response) + + if json["success"]: + self.__load_user_data(json["info"]) + print("successfully logged in") + else: + print(json["message"]) + os._exit(1) + + def license(self, key, hwid=None): + self.checkinit() + if hwid is None: + hwid = others.get_hwid() + + init_iv = SHA256.new(str(uuid4())[:8].encode()).hexdigest() + + post_data = { + "type": binascii.hexlify(("license").encode()), + "key": encryption.encrypt(key, self.enckey, init_iv), + "hwid": encryption.encrypt(hwid, self.enckey, init_iv), + "sessionid": binascii.hexlify(self.sessionid.encode()), + "name": binascii.hexlify(self.name.encode()), + "ownerid": binascii.hexlify(self.ownerid.encode()), + "init_iv": init_iv + } + + response = self.__do_request(post_data) + response = encryption.decrypt(response, self.enckey, init_iv) + + json = jsond.loads(response) + + if json["success"]: + self.__load_user_data(json["info"]) + print("successfully logged into license") + else: + print(json["message"]) + os._exit(1) + + def var(self, name): + self.checkinit() + init_iv = SHA256.new(str(uuid4())[:8].encode()).hexdigest() + + post_data = { + "type": binascii.hexlify(("var").encode()), + "varid": encryption.encrypt(name, self.enckey, init_iv), + "sessionid": binascii.hexlify(self.sessionid.encode()), + "name": binascii.hexlify(self.name.encode()), + "ownerid": binascii.hexlify(self.ownerid.encode()), + "init_iv": init_iv + } + + response = self.__do_request(post_data) + + response = encryption.decrypt(response, self.enckey, init_iv) + + json = jsond.loads(response) + + if json["success"]: + return json["message"] + else: + print(json["message"]) + time.sleep(5) + os._exit(1) + + def getvar(self, var_name): + self.checkinit() + init_iv = SHA256.new(str(uuid4())[:8].encode()).hexdigest() + + post_data = { + "type": binascii.hexlify(("getvar").encode()), + "var": encryption.encrypt(var_name, self.enckey, init_iv), + "sessionid": binascii.hexlify(self.sessionid.encode()), + "name": binascii.hexlify(self.name.encode()), + "ownerid": binascii.hexlify(self.ownerid.encode()), + "init_iv": init_iv + } + response = self.__do_request(post_data) + response = encryption.decrypt(response, self.enckey, init_iv) + json = jsond.loads(response) + + if json["success"]: + return json["response"] + else: + print(json["message"]) + time.sleep(5) + os._exit(1) + + def setvar(self, var_name, var_data): + self.checkinit() + init_iv = SHA256.new(str(uuid4())[:8].encode()).hexdigest() + post_data = { + "type": binascii.hexlify(("setvar").encode()), + "var": encryption.encrypt(var_name, self.enckey, init_iv), + "data": encryption.encrypt(var_data, self.enckey, init_iv), + "sessionid": binascii.hexlify(self.sessionid.encode()), + "name": binascii.hexlify(self.name.encode()), + "ownerid": binascii.hexlify(self.ownerid.encode()), + "init_iv": init_iv + } + response = self.__do_request(post_data) + response = encryption.decrypt(response, self.enckey, init_iv) + json = jsond.loads(response) + + if json["success"]: + return True + else: + print(json["message"]) + time.sleep(5) + os._exit(1) + + def ban(self): + self.checkinit() + init_iv = SHA256.new(str(uuid4())[:8].encode()).hexdigest() + post_data = { + "type": binascii.hexlify(("ban").encode()), + "sessionid": binascii.hexlify(self.sessionid.encode()), + "name": binascii.hexlify(self.name.encode()), + "ownerid": binascii.hexlify(self.ownerid.encode()), + "init_iv": init_iv + } + response = self.__do_request(post_data) + response = encryption.decrypt(response, self.enckey, init_iv) + json = jsond.loads(response) + + if json["success"]: + return True + else: + print(json["message"]) + time.sleep(5) + os._exit(1) + + def file(self, fileid): + self.checkinit() + init_iv = SHA256.new(str(uuid4())[:8].encode()).hexdigest() + + post_data = { + "type": binascii.hexlify(("file").encode()), + "fileid": encryption.encrypt(fileid, self.enckey, init_iv), + "sessionid": binascii.hexlify(self.sessionid.encode()), + "name": binascii.hexlify(self.name.encode()), + "ownerid": binascii.hexlify(self.ownerid.encode()), + "init_iv": init_iv + } + + response = self.__do_request(post_data) + + response = encryption.decrypt(response, self.enckey, init_iv) + + json = jsond.loads(response) + + if not json["success"]: + print(json["message"]) + time.sleep(5) + os._exit(1) + return binascii.unhexlify(json["contents"]) + + def webhook(self, webid, param, body = "", conttype = ""): + self.checkinit() + init_iv = SHA256.new(str(uuid4())[:8].encode()).hexdigest() + + post_data = { + "type": binascii.hexlify(("webhook").encode()), + "webid": encryption.encrypt(webid, self.enckey, init_iv), + "params": encryption.encrypt(param, self.enckey, init_iv), + "body": encryption.encrypt(body, self.enckey, init_iv), + "conttype": encryption.encrypt(conttype, self.enckey, init_iv), + "sessionid": binascii.hexlify(self.sessionid.encode()), + "name": binascii.hexlify(self.name.encode()), + "ownerid": binascii.hexlify(self.ownerid.encode()), + "init_iv": init_iv + } + + response = self.__do_request(post_data) + + response = encryption.decrypt(response, self.enckey, init_iv) + json = jsond.loads(response) + + if json["success"]: + return json["message"] + else: + print(json["message"]) + time.sleep(5) + os._exit(1) + + def check(self): + self.checkinit() + init_iv = SHA256.new(str(uuid4())[:8].encode()).hexdigest() + post_data = { + "type": binascii.hexlify(("check").encode()), + "sessionid": binascii.hexlify(self.sessionid.encode()), + "name": binascii.hexlify(self.name.encode()), + "ownerid": binascii.hexlify(self.ownerid.encode()), + "init_iv": init_iv + } + response = self.__do_request(post_data) + + response = encryption.decrypt(response, self.enckey, init_iv) + json = jsond.loads(response) + if json["success"]: + return True + else: + return False + + def checkblacklist(self): + self.checkinit() + hwid = others.get_hwid() + init_iv = SHA256.new(str(uuid4())[:8].encode()).hexdigest() + post_data = { + "type": binascii.hexlify(("checkblacklist").encode()), + "hwid": encryption.encrypt(hwid, self.enckey, init_iv), + "sessionid": binascii.hexlify(self.sessionid.encode()), + "name": binascii.hexlify(self.name.encode()), + "ownerid": binascii.hexlify(self.ownerid.encode()), + "init_iv": init_iv + } + response = self.__do_request(post_data) + + response = encryption.decrypt(response, self.enckey, init_iv) + json = jsond.loads(response) + if json["success"]: + return True + else: + return False + + def log(self, message): + self.checkinit() + init_iv = SHA256.new(str(uuid4())[:8].encode()).hexdigest() + + post_data = { + "type": binascii.hexlify(("log").encode()), + "pcuser": encryption.encrypt(os.getenv('username'), self.enckey, init_iv), + "message": encryption.encrypt(message, self.enckey, init_iv), + "sessionid": binascii.hexlify(self.sessionid.encode()), + "name": binascii.hexlify(self.name.encode()), + "ownerid": binascii.hexlify(self.ownerid.encode()), + "init_iv": init_iv + } + + self.__do_request(post_data) + + def fetchOnline(self): + self.checkinit() + init_iv = SHA256.new(str(uuid4())[:8].encode()).hexdigest() + + post_data = { + "type": binascii.hexlify(("fetchOnline").encode()), + "sessionid": binascii.hexlify(self.sessionid.encode()), + "name": binascii.hexlify(self.name.encode()), + "ownerid": binascii.hexlify(self.ownerid.encode()), + "init_iv": init_iv + } + + response = self.__do_request(post_data) + response = encryption.decrypt(response, self.enckey, init_iv) + + json = jsond.loads(response) + + if json["success"]: + if len(json["users"]) == 0: + return None # THIS IS ISSUE ON KEYAUTH SERVER SIDE 6.8.2022, so it will return none if it is not an array. + else: + return json["users"] + else: + return None + + def chatGet(self, channel): + self.checkinit() + init_iv = SHA256.new(str(uuid4())[:8].encode()).hexdigest() + + post_data = { + "type": binascii.hexlify(("chatget").encode()), + "channel": encryption.encrypt(channel, self.enckey, init_iv), + "sessionid": binascii.hexlify(self.sessionid.encode()), + "name": binascii.hexlify(self.name.encode()), + "ownerid": binascii.hexlify(self.ownerid.encode()), + "init_iv": init_iv + } + + response = self.__do_request(post_data) + response = encryption.decrypt(response, self.enckey, init_iv) + + json = jsond.loads(response) + + if json["success"]: + return json["messages"] + else: + return None + + def chatSend(self, message, channel): + self.checkinit() + init_iv = SHA256.new(str(uuid4())[:8].encode()).hexdigest() + + post_data = { + "type": binascii.hexlify(("chatsend").encode()), + "message": encryption.encrypt(message, self.enckey, init_iv), + "channel": encryption.encrypt(channel, self.enckey, init_iv), + "sessionid": binascii.hexlify(self.sessionid.encode()), + "name": binascii.hexlify(self.name.encode()), + "ownerid": binascii.hexlify(self.ownerid.encode()), + "init_iv": init_iv + } + + response = self.__do_request(post_data) + response = encryption.decrypt(response, self.enckey, init_iv) + + json = jsond.loads(response) + + if json["success"]: + return True + else: + return False + + def checkinit(self): + if not self.initialized: + print("Initialize first, in order to use the functions") + time.sleep(2) + os._exit(1) + + def __do_request(self, post_data): + try: + rq_out = s.post( + "https://keyauth.win/api/1.0/", data=post_data, timeout=30 + ) + return rq_out.text + except requests.exceptions.Timeout: + print("Request timed out") + + class application_data_class: + numUsers = numKeys = app_ver = customer_panel = onlineUsers = "" + # region user_data + + class user_data_class: + username = ip = hwid = expires = createdate = lastlogin = subscription = subscriptions = "" + + user_data = user_data_class() + app_data = application_data_class() + + def __load_app_data(self, data): + self.app_data.numUsers = data["numUsers"] + self.app_data.numKeys = data["numKeys"] + self.app_data.app_ver = data["version"] + self.app_data.customer_panel = data["customerPanelLink"] + self.app_data.onlineUsers = data["numOnlineUsers"] + + def __load_user_data(self, data): + self.user_data.username = data["username"] + self.user_data.ip = data["ip"] + self.user_data.hwid = data["hwid"] + self.user_data.expires = data["subscriptions"][0]["expiry"] + self.user_data.createdate = data["createdate"] + self.user_data.lastlogin = data["lastlogin"] + self.user_data.subscription = data["subscriptions"][0]["subscription"] + self.user_data.subscriptions = data["subscriptions"] + + +class others: + @staticmethod + def get_hwid(): + if platform.system() == "Linux": + with open("/etc/machine-id") as f: + hwid = f.read() + return hwid + elif platform.system() == 'Windows': + winuser = os.getlogin() + sid = win32security.LookupAccountName(None, winuser)[0] + hwid = win32security.ConvertSidToStringSid(sid) + return hwid + elif platform.system() == 'Darwin': + output = subprocess.Popen("ioreg -l | grep IOPlatformSerialNumber", stdout=subprocess.PIPE, shell=True).communicate()[0] + serial = output.decode().split('=', 1)[1].replace(' ', '') + hwid = serial[1:-2] + return hwid + + + +class encryption: + @staticmethod + def encrypt_string(plain_text, key, iv): + plain_text = pad(plain_text, 16) + + aes_instance = AES.new(key, AES.MODE_CBC, iv) + + raw_out = aes_instance.encrypt(plain_text) + + return binascii.hexlify(raw_out) + + @staticmethod + def decrypt_string(cipher_text, key, iv): + cipher_text = binascii.unhexlify(cipher_text) + + aes_instance = AES.new(key, AES.MODE_CBC, iv) + + cipher_text = aes_instance.decrypt(cipher_text) + + return unpad(cipher_text, 16) + + @staticmethod + def encrypt(message, enc_key, iv): + try: + _key = SHA256.new(enc_key.encode()).hexdigest()[:32] + + _iv = SHA256.new(iv.encode()).hexdigest()[:16] + + return encryption.encrypt_string(message.encode(), _key.encode(), _iv.encode()).decode() + except: + print("Invalid Application Information. Long text is secret short text is ownerid. Name is supposed to be app name not username") + os._exit(1) + + @staticmethod + def decrypt(message, enc_key, iv): + try: + _key = SHA256.new(enc_key.encode()).hexdigest()[:32] + + _iv = SHA256.new(iv.encode()).hexdigest()[:16] + + return encryption.decrypt_string(message.encode(), _key.encode(), _iv.encode()).decode() + except: + print("Invalid Application Information. Long text is secret short text is ownerid. Name is supposed to be app name not username") + os._exit(1) + + +# import json as jsond +# ^^ only for auto login/json writing/reading + +# watch setup video if you need help https://www.youtube.com/watch?v=L2eAQOmuUiA + +if sys.version_info.minor < 10: # Python version check (Bypass Patch) + print("[Security] - Python 3.10 or higher is recommended. The bypass will not work on 3.10+") + print("You are using Python {}.{}".format(sys.version_info.major, sys.version_info.minor)) + +if platform.system() == 'Windows': + os.system('cls & title Python Example') # clear console, change title +elif platform.system() == 'Linux': + os.system('clear') # clear console + sys.stdout.write("\x1b]0;Python Example\x07") # change title +elif platform.system() == 'Darwin': + os.system("clear && printf '\e[3J'") # clear console + os.system('''echo - n - e "\033]0;Python Example\007"''') # change title + +print("Initializing") + + +def getchecksum(): + md5_hash = hashlib.md5() + file = open(''.join(sys.argv), "rb") + md5_hash.update(file.read()) + digest = md5_hash.hexdigest() + return digest + + +keyauthapp = api( + name = "", #App name (Manage Applications --> Application name) + ownerid = "", #Owner ID (Account-Settings --> OwnerID) + secret = "", #App secret(Manage Applications --> App credentials code) + version = "1.0", + hash_to_check = getchecksum() +) + +print(f""" +App data: +Number of users: {keyauthapp.app_data.numUsers} +Number of online users: {keyauthapp.app_data.onlineUsers} +Number of keys: {keyauthapp.app_data.numKeys} +Application Version: {keyauthapp.app_data.app_ver} +Customer panel link: {keyauthapp.app_data.customer_panel} +""") +print(f"Current Session Validation Status: {keyauthapp.check()}") +print(f"Blacklisted? : {keyauthapp.checkblacklist()}") # check if blacklisted, you can edit this and make it exit the program if blacklisted + + +def answer(): + try: + print(""" +1.Login +2.Register +3.Upgrade +4.License Key Only + """) + ans = input("Select Option: ") + if ans == "1": + user = input('Provide username: ') + password = input('Provide password: ') + keyauthapp.login(user, password) + elif ans == "2": + user = input('Provide username: ') + password = input('Provide password: ') + license = input('Provide License: ') + keyauthapp.register(user, password, license) + elif ans == "3": + user = input('Provide username: ') + license = input('Provide License: ') + keyauthapp.upgrade(user, license) + elif ans == "4": + key = input('Enter your license: ') + keyauthapp.license(key) + else: + print("\nNot Valid Option") + time.sleep(1) + os.system('cls') + answer() + except KeyboardInterrupt: + os._exit(1) + + +answer() + +# region Extra Functions + +# * Download Files form the server to your computer using the download function in the api class +# bytes = keyauthapp.file("FILEID") +# f = open("example.exe", "wb") +# f.write(bytes) +# f.close() + + +# * Set up user variable +# keyauthapp.setvar("varName", "varValue") + +# * Get user variable and print it +# data = keyauthapp.getvar("varName") +# print(data) + +# * Get normal variable and print it +# data = keyauthapp.var("varName") +# print(data) + +# * Log message to the server and then to your webhook what is set on app settings +# keyauthapp.log("Message") + +# * Get if the user pc have been blacklisted +# print(f"Blacklisted? : {keyauthapp.checkblacklist()}") + +# * See if the current session is validated +# print(f"Session Validated?: {keyauthapp.check()}") + + +# * example to send normal request with no POST data +# data = keyauthapp.webhook("WebhookID", "?type=resetuser&user=username") + +# * example to send form data +# data = keyauthapp.webhook("WebhookID", "", "type=init&name=test&ownerid=j9Gj0FTemM", "application/x-www-form-urlencoded") + +# * example to send JSON +# data = keyauthapp.webhook("WebhookID", "", "{\"content\": \"webhook message here\",\"embeds\": null}", "application/json") + +# * Get chat messages +# messages = keyauthapp.chatGet("CHANNEL") + +# Messages = "" +# for i in range(len(messages)): +# Messages += datetime.utcfromtimestamp(int(messages[i]["timestamp"])).strftime('%Y-%m-%d %H:%M:%S') + " - " + messages[i]["author"] + ": " + messages[i]["message"] + "\n" + +# print("\n\n" + Messages) + +# * Send chat message +# keyauthapp.chatSend("MESSAGE", "CHANNEL") + +# * Add Application Information to Title +# os.system(f"cls & title KeyAuth Python Example - Total Users: {keyauthapp.app_data.numUsers} - Online Users: {keyauthapp.app_data.onlineUsers} - Total Keys: {keyauthapp.app_data.numKeys}") + +# * Auto-Login Example (THIS IS JUST AN EXAMPLE --> YOU WILL HAVE TO EDIT THE CODE PROBABLY) +# 1. Checking and Reading JSON + +#### Note: Remove the ''' on line 151 and 226 + +'''try: + if os.path.isfile('auth.json'): #Checking if the auth file exist + if jsond.load(open("auth.json"))["authusername"] == "": #Checks if the authusername is empty or not + print(""" +1. Login +2. Register + """) + ans=input("Select Option: ") #Skipping auto-login bc auth file is empty + if ans=="1": + user = input('Provide username: ') + password = input('Provide password: ') + keyauthapp.login(user,password) + authfile = jsond.load(open("auth.json")) + authfile["authusername"] = user + authfile["authpassword"] = password + jsond.dump(authfile, open('auth.json', 'w'), sort_keys=False, indent=4) + elif ans=="2": + user = input('Provide username: ') + password = input('Provide password: ') + license = input('Provide License: ') + keyauthapp.register(user,password,license) + authfile = jsond.load(open("auth.json")) + authfile["authusername"] = user + authfile["authpassword"] = password + jsond.dump(authfile, open('auth.json', 'w'), sort_keys=False, indent=4) + else: + print("\nNot Valid Option") + os._exit(1) + else: + try: #2. Auto login + with open('auth.json', 'r') as f: + authfile = jsond.load(f) + authuser = authfile.get('authusername') + authpass = authfile.get('authpassword') + keyauthapp.login(authuser,authpass) + except Exception as e: #Error stuff + print(e) + else: #Creating auth file bc its missing + try: + f = open("auth.json", "a") #Writing content + f.write("""{ + "authusername": "", + "authpassword": "" +}""") + f.close() + print (""" +1. Login +2. Register + """)#Again skipping auto-login bc the file is empty/missing + ans=input("Select Option: ") + if ans=="1": + user = input('Provide username: ') + password = input('Provide password: ') + keyauthapp.login(user,password) + authfile = jsond.load(open("auth.json")) + authfile["authusername"] = user + authfile["authpassword"] = password + jsond.dump(authfile, open('auth.json', 'w'), sort_keys=False, indent=4) + elif ans=="2": + user = input('Provide username: ') + password = input('Provide password: ') + license = input('Provide License: ') + keyauthapp.register(user,password,license) + authfile = jsond.load(open("auth.json")) + authfile["authusername"] = user + authfile["authpassword"] = password + jsond.dump(authfile, open('auth.json', 'w'), sort_keys=False, indent=4) + else: + print("\nNot Valid Option") + os._exit(1) + except Exception as e: #Error stuff + print(e) + os._exit(1) +except Exception as e: #Error stuff + print(e) + os._exit(1)''' + +# endregion + + +print("\nUser data: ") +print("Username: " + keyauthapp.user_data.username) +print("IP address: " + keyauthapp.user_data.ip) +print("Hardware-Id: " + keyauthapp.user_data.hwid) +# print("Subcription: " + keyauthapp.user_data.subscription) ## Print Subscription "ONE" name + +subs = keyauthapp.user_data.subscriptions # Get all Subscription names, expiry, and timeleft +for i in range(len(subs)): + sub = subs[i]["subscription"] # Subscription from every Sub + expiry = datetime.utcfromtimestamp(int(subs[i]["expiry"])).strftime( + '%Y-%m-%d %H:%M:%S') # Expiry date from every Sub + timeleft = subs[i]["timeleft"] # Timeleft from every Sub + + print(f"[{i + 1} / {len(subs)}] | Subscription: {sub} - Expiry: {expiry} - Timeleft: {timeleft}") + +onlineUsers = keyauthapp.fetchOnline() +OU = "" # KEEP THIS EMPTY FOR NOW, THIS WILL BE USED TO CREATE ONLINE USER STRING. +if onlineUsers is None: + OU = "No online users" +else: + for i in range(len(onlineUsers)): + OU += onlineUsers[i]["credential"] + " " + +print("\n" + OU + "\n") + +print("Created at: " + datetime.utcfromtimestamp(int(keyauthapp.user_data.createdate)).strftime('%Y-%m-%d %H:%M:%S')) +print("Last login at: " + datetime.utcfromtimestamp(int(keyauthapp.user_data.lastlogin)).strftime('%Y-%m-%d %H:%M:%S')) +print("Expires at: " + datetime.utcfromtimestamp(int(keyauthapp.user_data.expires)).strftime('%Y-%m-%d %H:%M:%S')) +print(f"Current Session Validation Status: {keyauthapp.check()}") +print("Exiting in 10 secs....") +sleep(10) +os._exit(1) diff --git a/other-examples/method1.py b/other-examples/method1.py new file mode 100644 index 0000000..0c03ee8 --- /dev/null +++ b/other-examples/method1.py @@ -0,0 +1,875 @@ +import binascii # hex encoding +import hashlib +import json as jsond # json +import os +import platform # check platform +import subprocess # needed for mac device +import sys +import time # sleep before exit +from datetime import datetime +from time import sleep +from uuid import uuid4 # gen random guid + +try: + if os.name == 'nt': + import win32security # get sid (WIN only) + import requests # https requests + from Crypto.Cipher import AES + from Crypto.Hash import SHA256 + from Crypto.Util.Padding import pad, unpad +except ModuleNotFoundError: + print("Exception when importing modules") + print("Installing necessary modules....") + if os.path.isfile("requirements.txt"): + os.system("pip install -r requirements.txt") + else: + os.system("pip install pywin32") + os.system("pip install pycryptodome") + os.system("pip install requests") + print("Modules installed!") + time.sleep(1.5) + os._exit(1) + +try: # Connection check + s = requests.Session() # Session + s.get('https://google.com') +except requests.exceptions.RequestException as e: + print(e) + time.sleep(3) + os._exit(1) + + +class api: + + name = ownerid = secret = version = hash_to_check = "" + + def __init__(self, name, ownerid, secret, version, hash_to_check): + self.name = name + + self.ownerid = ownerid + + self.secret = secret + + self.version = version + self.hash_to_check = hash_to_check + self.init() + + sessionid = enckey = "" + initialized = False + + def init(self): + + if self.sessionid != "": + print("You've already initialized!") + time.sleep(2) + os._exit(1) + init_iv = SHA256.new(str(uuid4())[:8].encode()).hexdigest() + + self.enckey = SHA256.new(str(uuid4())[:8].encode()).hexdigest() + + post_data = { + "type": binascii.hexlify(("init").encode()), + "ver": encryption.encrypt(self.version, self.secret, init_iv), + "hash": self.hash_to_check, + "enckey": encryption.encrypt(self.enckey, self.secret, init_iv), + "name": binascii.hexlify(self.name.encode()), + "ownerid": binascii.hexlify(self.ownerid.encode()), + "init_iv": init_iv + } + + response = self.__do_request(post_data) + + if response == "KeyAuth_Invalid": + print("The application doesn't exist") + os._exit(1) + + response = encryption.decrypt(response, self.secret, init_iv) + json = jsond.loads(response) + + if json["message"] == "invalidver": + if json["download"] != "": + print("New Version Available") + download_link = json["download"] + os.system(f"start {download_link}") + os._exit(1) + else: + print("Invalid Version, Contact owner to add download link to latest app version") + os._exit(1) + + if not json["success"]: + print(json["message"]) + os._exit(1) + + self.sessionid = json["sessionid"] + self.initialized = True + self.__load_app_data(json["appinfo"]) + + def register(self, user, password, license, hwid=None): + self.checkinit() + if hwid is None: + hwid = others.get_hwid() + + init_iv = SHA256.new(str(uuid4())[:8].encode()).hexdigest() + + post_data = { + "type": binascii.hexlify(("register").encode()), + "username": encryption.encrypt(user, self.enckey, init_iv), + "pass": encryption.encrypt(password, self.enckey, init_iv), + "key": encryption.encrypt(license, self.enckey, init_iv), + "hwid": encryption.encrypt(hwid, self.enckey, init_iv), + "sessionid": binascii.hexlify(self.sessionid.encode()), + "name": binascii.hexlify(self.name.encode()), + "ownerid": binascii.hexlify(self.ownerid.encode()), + "init_iv": init_iv + } + + response = self.__do_request(post_data) + response = encryption.decrypt(response, self.enckey, init_iv) + json = jsond.loads(response) + + if json["success"]: + print("successfully registered") + self.__load_user_data(json["info"]) + else: + print(json["message"]) + os._exit(1) + + def upgrade(self, user, license): + self.checkinit() + init_iv = SHA256.new(str(uuid4())[:8].encode()).hexdigest() + + post_data = { + "type": binascii.hexlify(("upgrade").encode()), + "username": encryption.encrypt(user, self.enckey, init_iv), + "key": encryption.encrypt(license, self.enckey, init_iv), + "sessionid": binascii.hexlify(self.sessionid.encode()), + "name": binascii.hexlify(self.name.encode()), + "ownerid": binascii.hexlify(self.ownerid.encode()), + "init_iv": init_iv + } + + response = self.__do_request(post_data) + + response = encryption.decrypt(response, self.enckey, init_iv) + + json = jsond.loads(response) + + if json["success"]: + print("successfully upgraded user") + print("please restart program and login") + time.sleep(2) + os._exit(1) + else: + print(json["message"]) + os._exit(1) + + def login(self, user, password, hwid=None): + self.checkinit() + if hwid is None: + hwid = others.get_hwid() + + init_iv = SHA256.new(str(uuid4())[:8].encode()).hexdigest() + + post_data = { + "type": binascii.hexlify(("login").encode()), + "username": encryption.encrypt(user, self.enckey, init_iv), + "pass": encryption.encrypt(password, self.enckey, init_iv), + "hwid": encryption.encrypt(hwid, self.enckey, init_iv), + "sessionid": binascii.hexlify(self.sessionid.encode()), + "name": binascii.hexlify(self.name.encode()), + "ownerid": binascii.hexlify(self.ownerid.encode()), + "init_iv": init_iv + } + + response = self.__do_request(post_data) + + response = encryption.decrypt(response, self.enckey, init_iv) + + json = jsond.loads(response) + + if json["success"]: + self.__load_user_data(json["info"]) + print("successfully logged in") + else: + print(json["message"]) + os._exit(1) + + def license(self, key, hwid=None): + self.checkinit() + if hwid is None: + hwid = others.get_hwid() + + init_iv = SHA256.new(str(uuid4())[:8].encode()).hexdigest() + + post_data = { + "type": binascii.hexlify(("license").encode()), + "key": encryption.encrypt(key, self.enckey, init_iv), + "hwid": encryption.encrypt(hwid, self.enckey, init_iv), + "sessionid": binascii.hexlify(self.sessionid.encode()), + "name": binascii.hexlify(self.name.encode()), + "ownerid": binascii.hexlify(self.ownerid.encode()), + "init_iv": init_iv + } + + response = self.__do_request(post_data) + response = encryption.decrypt(response, self.enckey, init_iv) + + json = jsond.loads(response) + + if json["success"]: + self.__load_user_data(json["info"]) + print("successfully logged into license") + else: + print(json["message"]) + os._exit(1) + + def var(self, name): + self.checkinit() + init_iv = SHA256.new(str(uuid4())[:8].encode()).hexdigest() + + post_data = { + "type": binascii.hexlify(("var").encode()), + "varid": encryption.encrypt(name, self.enckey, init_iv), + "sessionid": binascii.hexlify(self.sessionid.encode()), + "name": binascii.hexlify(self.name.encode()), + "ownerid": binascii.hexlify(self.ownerid.encode()), + "init_iv": init_iv + } + + response = self.__do_request(post_data) + + response = encryption.decrypt(response, self.enckey, init_iv) + + json = jsond.loads(response) + + if json["success"]: + return json["message"] + else: + print(json["message"]) + time.sleep(5) + os._exit(1) + + def getvar(self, var_name): + self.checkinit() + init_iv = SHA256.new(str(uuid4())[:8].encode()).hexdigest() + + post_data = { + "type": binascii.hexlify(("getvar").encode()), + "var": encryption.encrypt(var_name, self.enckey, init_iv), + "sessionid": binascii.hexlify(self.sessionid.encode()), + "name": binascii.hexlify(self.name.encode()), + "ownerid": binascii.hexlify(self.ownerid.encode()), + "init_iv": init_iv + } + response = self.__do_request(post_data) + response = encryption.decrypt(response, self.enckey, init_iv) + json = jsond.loads(response) + + if json["success"]: + return json["response"] + else: + print(json["message"]) + time.sleep(5) + os._exit(1) + + def setvar(self, var_name, var_data): + self.checkinit() + init_iv = SHA256.new(str(uuid4())[:8].encode()).hexdigest() + post_data = { + "type": binascii.hexlify(("setvar").encode()), + "var": encryption.encrypt(var_name, self.enckey, init_iv), + "data": encryption.encrypt(var_data, self.enckey, init_iv), + "sessionid": binascii.hexlify(self.sessionid.encode()), + "name": binascii.hexlify(self.name.encode()), + "ownerid": binascii.hexlify(self.ownerid.encode()), + "init_iv": init_iv + } + response = self.__do_request(post_data) + response = encryption.decrypt(response, self.enckey, init_iv) + json = jsond.loads(response) + + if json["success"]: + return True + else: + print(json["message"]) + time.sleep(5) + os._exit(1) + + def ban(self): + self.checkinit() + init_iv = SHA256.new(str(uuid4())[:8].encode()).hexdigest() + post_data = { + "type": binascii.hexlify(("ban").encode()), + "sessionid": binascii.hexlify(self.sessionid.encode()), + "name": binascii.hexlify(self.name.encode()), + "ownerid": binascii.hexlify(self.ownerid.encode()), + "init_iv": init_iv + } + response = self.__do_request(post_data) + response = encryption.decrypt(response, self.enckey, init_iv) + json = jsond.loads(response) + + if json["success"]: + return True + else: + print(json["message"]) + time.sleep(5) + os._exit(1) + + def file(self, fileid): + self.checkinit() + init_iv = SHA256.new(str(uuid4())[:8].encode()).hexdigest() + + post_data = { + "type": binascii.hexlify(("file").encode()), + "fileid": encryption.encrypt(fileid, self.enckey, init_iv), + "sessionid": binascii.hexlify(self.sessionid.encode()), + "name": binascii.hexlify(self.name.encode()), + "ownerid": binascii.hexlify(self.ownerid.encode()), + "init_iv": init_iv + } + + response = self.__do_request(post_data) + + response = encryption.decrypt(response, self.enckey, init_iv) + + json = jsond.loads(response) + + if not json["success"]: + print(json["message"]) + time.sleep(5) + os._exit(1) + return binascii.unhexlify(json["contents"]) + + def webhook(self, webid, param, body = "", conttype = ""): + self.checkinit() + init_iv = SHA256.new(str(uuid4())[:8].encode()).hexdigest() + + post_data = { + "type": binascii.hexlify(("webhook").encode()), + "webid": encryption.encrypt(webid, self.enckey, init_iv), + "params": encryption.encrypt(param, self.enckey, init_iv), + "body": encryption.encrypt(body, self.enckey, init_iv), + "conttype": encryption.encrypt(conttype, self.enckey, init_iv), + "sessionid": binascii.hexlify(self.sessionid.encode()), + "name": binascii.hexlify(self.name.encode()), + "ownerid": binascii.hexlify(self.ownerid.encode()), + "init_iv": init_iv + } + + response = self.__do_request(post_data) + + response = encryption.decrypt(response, self.enckey, init_iv) + json = jsond.loads(response) + + if json["success"]: + return json["message"] + else: + print(json["message"]) + time.sleep(5) + os._exit(1) + + def check(self): + self.checkinit() + init_iv = SHA256.new(str(uuid4())[:8].encode()).hexdigest() + post_data = { + "type": binascii.hexlify(("check").encode()), + "sessionid": binascii.hexlify(self.sessionid.encode()), + "name": binascii.hexlify(self.name.encode()), + "ownerid": binascii.hexlify(self.ownerid.encode()), + "init_iv": init_iv + } + response = self.__do_request(post_data) + + response = encryption.decrypt(response, self.enckey, init_iv) + json = jsond.loads(response) + if json["success"]: + return True + else: + return False + + def checkblacklist(self): + self.checkinit() + hwid = others.get_hwid() + init_iv = SHA256.new(str(uuid4())[:8].encode()).hexdigest() + post_data = { + "type": binascii.hexlify(("checkblacklist").encode()), + "hwid": encryption.encrypt(hwid, self.enckey, init_iv), + "sessionid": binascii.hexlify(self.sessionid.encode()), + "name": binascii.hexlify(self.name.encode()), + "ownerid": binascii.hexlify(self.ownerid.encode()), + "init_iv": init_iv + } + response = self.__do_request(post_data) + + response = encryption.decrypt(response, self.enckey, init_iv) + json = jsond.loads(response) + if json["success"]: + return True + else: + return False + + def log(self, message): + self.checkinit() + init_iv = SHA256.new(str(uuid4())[:8].encode()).hexdigest() + + post_data = { + "type": binascii.hexlify(("log").encode()), + "pcuser": encryption.encrypt(os.getenv('username'), self.enckey, init_iv), + "message": encryption.encrypt(message, self.enckey, init_iv), + "sessionid": binascii.hexlify(self.sessionid.encode()), + "name": binascii.hexlify(self.name.encode()), + "ownerid": binascii.hexlify(self.ownerid.encode()), + "init_iv": init_iv + } + + self.__do_request(post_data) + + def fetchOnline(self): + self.checkinit() + init_iv = SHA256.new(str(uuid4())[:8].encode()).hexdigest() + + post_data = { + "type": binascii.hexlify(("fetchOnline").encode()), + "sessionid": binascii.hexlify(self.sessionid.encode()), + "name": binascii.hexlify(self.name.encode()), + "ownerid": binascii.hexlify(self.ownerid.encode()), + "init_iv": init_iv + } + + response = self.__do_request(post_data) + response = encryption.decrypt(response, self.enckey, init_iv) + + json = jsond.loads(response) + + if json["success"]: + if len(json["users"]) == 0: + return None # THIS IS ISSUE ON KEYAUTH SERVER SIDE 6.8.2022, so it will return none if it is not an array. + else: + return json["users"] + else: + return None + + def chatGet(self, channel): + self.checkinit() + init_iv = SHA256.new(str(uuid4())[:8].encode()).hexdigest() + + post_data = { + "type": binascii.hexlify(("chatget").encode()), + "channel": encryption.encrypt(channel, self.enckey, init_iv), + "sessionid": binascii.hexlify(self.sessionid.encode()), + "name": binascii.hexlify(self.name.encode()), + "ownerid": binascii.hexlify(self.ownerid.encode()), + "init_iv": init_iv + } + + response = self.__do_request(post_data) + response = encryption.decrypt(response, self.enckey, init_iv) + + json = jsond.loads(response) + + if json["success"]: + return json["messages"] + else: + return None + + def chatSend(self, message, channel): + self.checkinit() + init_iv = SHA256.new(str(uuid4())[:8].encode()).hexdigest() + + post_data = { + "type": binascii.hexlify(("chatsend").encode()), + "message": encryption.encrypt(message, self.enckey, init_iv), + "channel": encryption.encrypt(channel, self.enckey, init_iv), + "sessionid": binascii.hexlify(self.sessionid.encode()), + "name": binascii.hexlify(self.name.encode()), + "ownerid": binascii.hexlify(self.ownerid.encode()), + "init_iv": init_iv + } + + response = self.__do_request(post_data) + response = encryption.decrypt(response, self.enckey, init_iv) + + json = jsond.loads(response) + + if json["success"]: + return True + else: + return False + + def checkinit(self): + if not self.initialized: + print("Initialize first, in order to use the functions") + time.sleep(2) + os._exit(1) + + def __do_request(self, post_data): + try: + rq_out = s.post( + "https://keyauth.win/api/1.0/", data=post_data, timeout=30 + ) + return rq_out.text + except requests.exceptions.Timeout: + print("Request timed out") + + class application_data_class: + numUsers = numKeys = app_ver = customer_panel = onlineUsers = "" + # region user_data + + class user_data_class: + username = ip = hwid = expires = createdate = lastlogin = subscription = subscriptions = "" + + user_data = user_data_class() + app_data = application_data_class() + + def __load_app_data(self, data): + self.app_data.numUsers = data["numUsers"] + self.app_data.numKeys = data["numKeys"] + self.app_data.app_ver = data["version"] + self.app_data.customer_panel = data["customerPanelLink"] + self.app_data.onlineUsers = data["numOnlineUsers"] + + def __load_user_data(self, data): + self.user_data.username = data["username"] + self.user_data.ip = data["ip"] + self.user_data.hwid = data["hwid"] + self.user_data.expires = data["subscriptions"][0]["expiry"] + self.user_data.createdate = data["createdate"] + self.user_data.lastlogin = data["lastlogin"] + self.user_data.subscription = data["subscriptions"][0]["subscription"] + self.user_data.subscriptions = data["subscriptions"] + + +class others: + @staticmethod + def get_hwid(): + if platform.system() == "Linux": + with open("/etc/machine-id") as f: + hwid = f.read() + return hwid + elif platform.system() == 'Windows': + winuser = os.getlogin() + sid = win32security.LookupAccountName(None, winuser)[0] + hwid = win32security.ConvertSidToStringSid(sid) + return hwid + elif platform.system() == 'Darwin': + output = subprocess.Popen("ioreg -l | grep IOPlatformSerialNumber", stdout=subprocess.PIPE, shell=True).communicate()[0] + serial = output.decode().split('=', 1)[1].replace(' ', '') + hwid = serial[1:-2] + return hwid + + + +class encryption: + @staticmethod + def encrypt_string(plain_text, key, iv): + plain_text = pad(plain_text, 16) + + aes_instance = AES.new(key, AES.MODE_CBC, iv) + + raw_out = aes_instance.encrypt(plain_text) + + return binascii.hexlify(raw_out) + + @staticmethod + def decrypt_string(cipher_text, key, iv): + cipher_text = binascii.unhexlify(cipher_text) + + aes_instance = AES.new(key, AES.MODE_CBC, iv) + + cipher_text = aes_instance.decrypt(cipher_text) + + return unpad(cipher_text, 16) + + @staticmethod + def encrypt(message, enc_key, iv): + try: + _key = SHA256.new(enc_key.encode()).hexdigest()[:32] + + _iv = SHA256.new(iv.encode()).hexdigest()[:16] + + return encryption.encrypt_string(message.encode(), _key.encode(), _iv.encode()).decode() + except: + print("Invalid Application Information. Long text is secret short text is ownerid. Name is supposed to be app name not username") + os._exit(1) + + @staticmethod + def decrypt(message, enc_key, iv): + try: + _key = SHA256.new(enc_key.encode()).hexdigest()[:32] + + _iv = SHA256.new(iv.encode()).hexdigest()[:16] + + return encryption.decrypt_string(message.encode(), _key.encode(), _iv.encode()).decode() + except: + print("Invalid Application Information. Long text is secret short text is ownerid. Name is supposed to be app name not username") + os._exit(1) + + +# import json as jsond +# ^^ only for auto login/json writing/reading + +# watch setup video if you need help https://www.youtube.com/watch?v=L2eAQOmuUiA + +if sys.version_info.minor < 10: # Python version check (Bypass Patch) + print("[Security] - Python 3.10 or higher is recommended. The bypass will not work on 3.10+") + print("You are using Python {}.{}".format(sys.version_info.major, sys.version_info.minor)) + +if platform.system() == 'Windows': + os.system('cls & title Python Example') # clear console, change title +elif platform.system() == 'Linux': + os.system('clear') # clear console + sys.stdout.write("\x1b]0;Python Example\x07") # change title +elif platform.system() == 'Darwin': + os.system("clear && printf '\e[3J'") # clear console + os.system('''echo - n - e "\033]0;Python Example\007"''') # change title + +print("Initializing") + + +def getchecksum(): + md5_hash = hashlib.md5() + file = open(''.join(sys.argv), "rb") + md5_hash.update(file.read()) + digest = md5_hash.hexdigest() + return digest + + +keyauthapp = api( + name = "", #App name (Manage Applications --> Application name) + ownerid = "", #Owner ID (Account-Settings --> OwnerID) + secret = "", #App secret(Manage Applications --> App credentials code) + version = "1.0", + hash_to_check = getchecksum() +) + +print(f""" +App data: +Number of users: {keyauthapp.app_data.numUsers} +Number of online users: {keyauthapp.app_data.onlineUsers} +Number of keys: {keyauthapp.app_data.numKeys} +Application Version: {keyauthapp.app_data.app_ver} +Customer panel link: {keyauthapp.app_data.customer_panel} +""") +print(f"Current Session Validation Status: {keyauthapp.check()}") +print(f"Blacklisted? : {keyauthapp.checkblacklist()}") # check if blacklisted, you can edit this and make it exit the program if blacklisted + + +def answer(): + try: + print(""" +1.Login +2.Register +3.Upgrade +4.License Key Only + """) + ans = input("Select Option: ") + if ans == "1": + user = input('Provide username: ') + password = input('Provide password: ') + keyauthapp.login(user, password) + elif ans == "2": + user = input('Provide username: ') + password = input('Provide password: ') + license = input('Provide License: ') + keyauthapp.register(user, password, license) + elif ans == "3": + user = input('Provide username: ') + license = input('Provide License: ') + keyauthapp.upgrade(user, license) + elif ans == "4": + key = input('Enter your license: ') + keyauthapp.license(key) + else: + print("\nNot Valid Option") + time.sleep(1) + os.system('cls') + answer() + except KeyboardInterrupt: + os._exit(1) + + +answer() + +# region Extra Functions + +# * Download Files form the server to your computer using the download function in the api class +# bytes = keyauthapp.file("FILEID") +# f = open("example.exe", "wb") +# f.write(bytes) +# f.close() + + +# * Set up user variable +# keyauthapp.setvar("varName", "varValue") + +# * Get user variable and print it +# data = keyauthapp.getvar("varName") +# print(data) + +# * Get normal variable and print it +# data = keyauthapp.var("varName") +# print(data) + +# * Log message to the server and then to your webhook what is set on app settings +# keyauthapp.log("Message") + +# * Get if the user pc have been blacklisted +# print(f"Blacklisted? : {keyauthapp.checkblacklist()}") + +# * See if the current session is validated +# print(f"Session Validated?: {keyauthapp.check()}") + + +# * example to send normal request with no POST data +# data = keyauthapp.webhook("WebhookID", "?type=resetuser&user=username") + +# * example to send form data +# data = keyauthapp.webhook("WebhookID", "", "type=init&name=test&ownerid=j9Gj0FTemM", "application/x-www-form-urlencoded") + +# * example to send JSON +# data = keyauthapp.webhook("WebhookID", "", "{\"content\": \"webhook message here\",\"embeds\": null}", "application/json") + +# * Get chat messages +# messages = keyauthapp.chatGet("CHANNEL") + +# Messages = "" +# for i in range(len(messages)): +# Messages += datetime.utcfromtimestamp(int(messages[i]["timestamp"])).strftime('%Y-%m-%d %H:%M:%S') + " - " + messages[i]["author"] + ": " + messages[i]["message"] + "\n" + +# print("\n\n" + Messages) + +# * Send chat message +# keyauthapp.chatSend("MESSAGE", "CHANNEL") + +# * Add Application Information to Title +# os.system(f"cls & title KeyAuth Python Example - Total Users: {keyauthapp.app_data.numUsers} - Online Users: {keyauthapp.app_data.onlineUsers} - Total Keys: {keyauthapp.app_data.numKeys}") + +# * Auto-Login Example (THIS IS JUST AN EXAMPLE --> YOU WILL HAVE TO EDIT THE CODE PROBABLY) +# 1. Checking and Reading JSON + +#### Note: Remove the ''' on line 151 and 226 + +'''try: + if os.path.isfile('auth.json'): #Checking if the auth file exist + if jsond.load(open("auth.json"))["authusername"] == "": #Checks if the authusername is empty or not + print(""" +1. Login +2. Register + """) + ans=input("Select Option: ") #Skipping auto-login bc auth file is empty + if ans=="1": + user = input('Provide username: ') + password = input('Provide password: ') + keyauthapp.login(user,password) + authfile = jsond.load(open("auth.json")) + authfile["authusername"] = user + authfile["authpassword"] = password + jsond.dump(authfile, open('auth.json', 'w'), sort_keys=False, indent=4) + elif ans=="2": + user = input('Provide username: ') + password = input('Provide password: ') + license = input('Provide License: ') + keyauthapp.register(user,password,license) + authfile = jsond.load(open("auth.json")) + authfile["authusername"] = user + authfile["authpassword"] = password + jsond.dump(authfile, open('auth.json', 'w'), sort_keys=False, indent=4) + else: + print("\nNot Valid Option") + os._exit(1) + else: + try: #2. Auto login + with open('auth.json', 'r') as f: + authfile = jsond.load(f) + authuser = authfile.get('authusername') + authpass = authfile.get('authpassword') + keyauthapp.login(authuser,authpass) + except Exception as e: #Error stuff + print(e) + else: #Creating auth file bc its missing + try: + f = open("auth.json", "a") #Writing content + f.write("""{ + "authusername": "", + "authpassword": "" +}""") + f.close() + print (""" +1. Login +2. Register + """)#Again skipping auto-login bc the file is empty/missing + ans=input("Select Option: ") + if ans=="1": + user = input('Provide username: ') + password = input('Provide password: ') + keyauthapp.login(user,password) + authfile = jsond.load(open("auth.json")) + authfile["authusername"] = user + authfile["authpassword"] = password + jsond.dump(authfile, open('auth.json', 'w'), sort_keys=False, indent=4) + elif ans=="2": + user = input('Provide username: ') + password = input('Provide password: ') + license = input('Provide License: ') + keyauthapp.register(user,password,license) + authfile = jsond.load(open("auth.json")) + authfile["authusername"] = user + authfile["authpassword"] = password + jsond.dump(authfile, open('auth.json', 'w'), sort_keys=False, indent=4) + else: + print("\nNot Valid Option") + os._exit(1) + except Exception as e: #Error stuff + print(e) + os._exit(1) +except Exception as e: #Error stuff + print(e) + os._exit(1)''' + +# endregion + + +print("\nUser data: ") +print("Username: " + keyauthapp.user_data.username) +print("IP address: " + keyauthapp.user_data.ip) +print("Hardware-Id: " + keyauthapp.user_data.hwid) +# print("Subcription: " + keyauthapp.user_data.subscription) ## Print Subscription "ONE" name + +subs = keyauthapp.user_data.subscriptions # Get all Subscription names, expiry, and timeleft +for i in range(len(subs)): + sub = subs[i]["subscription"] # Subscription from every Sub + expiry = datetime.utcfromtimestamp(int(subs[i]["expiry"])).strftime( + '%Y-%m-%d %H:%M:%S') # Expiry date from every Sub + timeleft = subs[i]["timeleft"] # Timeleft from every Sub + + print(f"[{i + 1} / {len(subs)}] | Subscription: {sub} - Expiry: {expiry} - Timeleft: {timeleft}") + +onlineUsers = keyauthapp.fetchOnline() +OU = "" # KEEP THIS EMPTY FOR NOW, THIS WILL BE USED TO CREATE ONLINE USER STRING. +if onlineUsers is None: + OU = "No online users" +else: + for i in range(len(onlineUsers)): + OU += onlineUsers[i]["credential"] + " " + +print("\n" + OU + "\n") + +print("Created at: " + datetime.utcfromtimestamp(int(keyauthapp.user_data.createdate)).strftime('%Y-%m-%d %H:%M:%S')) +print("Last login at: " + datetime.utcfromtimestamp(int(keyauthapp.user_data.lastlogin)).strftime('%Y-%m-%d %H:%M:%S')) +print("Expires at: " + datetime.utcfromtimestamp(int(keyauthapp.user_data.expires)).strftime('%Y-%m-%d %H:%M:%S')) +print(f"Current Session Validation Status: {keyauthapp.check()}") + + +# Method 1 +# Example +# Put all your code here, remove the example_program function and the "if __name__ == '__main__':" + +def example_program(): + print("\nHello world.") + time.sleep(3) + os._exit(1) + + +if __name__ == '__main__': + example_program() diff --git a/other-examples/method2.py b/other-examples/method2.py new file mode 100644 index 0000000..1a4d17b --- /dev/null +++ b/other-examples/method2.py @@ -0,0 +1,876 @@ +import binascii # hex encoding +import hashlib +import json as jsond # json +import os +import platform # check platform +import subprocess # needed for mac device +import sys +import time # sleep before exit +from datetime import datetime +from uuid import uuid4 # gen random guid + + +# Method 2 +# Example +# Put all your code here, remove the example_program function. This method will only work if you call your functions after login. Line 207 +# Create 1 function that will call all the other needed functions. You can also create 1 function and put everything in it. This is all your choice, method 1 would be a better idea. +# This can be exploited with Python code injection, for example injecting a code that will call the function before login. + + +def example_program(): + print("\nHello world.") + time.sleep(3) + os._exit(1) + + + +try: + if os.name == 'nt': + import win32security # get sid (WIN only) + import requests # https requests + from Crypto.Cipher import AES + from Crypto.Hash import SHA256 + from Crypto.Util.Padding import pad, unpad +except ModuleNotFoundError: + print("Exception when importing modules") + print("Installing necessary modules....") + if os.path.isfile("requirements.txt"): + os.system("pip install -r requirements.txt") + else: + os.system("pip install pywin32") + os.system("pip install pycryptodome") + os.system("pip install requests") + print("Modules installed!") + time.sleep(1.5) + os._exit(1) + +try: # Connection check + s = requests.Session() # Session + s.get('https://google.com') +except requests.exceptions.RequestException as e: + print(e) + time.sleep(3) + os._exit(1) + + +class api: + + name = ownerid = secret = version = hash_to_check = "" + + def __init__(self, name, ownerid, secret, version, hash_to_check): + self.name = name + + self.ownerid = ownerid + + self.secret = secret + + self.version = version + self.hash_to_check = hash_to_check + self.init() + + sessionid = enckey = "" + initialized = False + + def init(self): + + if self.sessionid != "": + print("You've already initialized!") + time.sleep(2) + os._exit(1) + init_iv = SHA256.new(str(uuid4())[:8].encode()).hexdigest() + + self.enckey = SHA256.new(str(uuid4())[:8].encode()).hexdigest() + + post_data = { + "type": binascii.hexlify(("init").encode()), + "ver": encryption.encrypt(self.version, self.secret, init_iv), + "hash": self.hash_to_check, + "enckey": encryption.encrypt(self.enckey, self.secret, init_iv), + "name": binascii.hexlify(self.name.encode()), + "ownerid": binascii.hexlify(self.ownerid.encode()), + "init_iv": init_iv + } + + response = self.__do_request(post_data) + + if response == "KeyAuth_Invalid": + print("The application doesn't exist") + os._exit(1) + + response = encryption.decrypt(response, self.secret, init_iv) + json = jsond.loads(response) + + if json["message"] == "invalidver": + if json["download"] != "": + print("New Version Available") + download_link = json["download"] + os.system(f"start {download_link}") + os._exit(1) + else: + print("Invalid Version, Contact owner to add download link to latest app version") + os._exit(1) + + if not json["success"]: + print(json["message"]) + os._exit(1) + + self.sessionid = json["sessionid"] + self.initialized = True + self.__load_app_data(json["appinfo"]) + + def register(self, user, password, license, hwid=None): + self.checkinit() + if hwid is None: + hwid = others.get_hwid() + + init_iv = SHA256.new(str(uuid4())[:8].encode()).hexdigest() + + post_data = { + "type": binascii.hexlify(("register").encode()), + "username": encryption.encrypt(user, self.enckey, init_iv), + "pass": encryption.encrypt(password, self.enckey, init_iv), + "key": encryption.encrypt(license, self.enckey, init_iv), + "hwid": encryption.encrypt(hwid, self.enckey, init_iv), + "sessionid": binascii.hexlify(self.sessionid.encode()), + "name": binascii.hexlify(self.name.encode()), + "ownerid": binascii.hexlify(self.ownerid.encode()), + "init_iv": init_iv + } + + response = self.__do_request(post_data) + response = encryption.decrypt(response, self.enckey, init_iv) + json = jsond.loads(response) + + if json["success"]: + print("successfully registered") + self.__load_user_data(json["info"]) + else: + print(json["message"]) + os._exit(1) + + def upgrade(self, user, license): + self.checkinit() + init_iv = SHA256.new(str(uuid4())[:8].encode()).hexdigest() + + post_data = { + "type": binascii.hexlify(("upgrade").encode()), + "username": encryption.encrypt(user, self.enckey, init_iv), + "key": encryption.encrypt(license, self.enckey, init_iv), + "sessionid": binascii.hexlify(self.sessionid.encode()), + "name": binascii.hexlify(self.name.encode()), + "ownerid": binascii.hexlify(self.ownerid.encode()), + "init_iv": init_iv + } + + response = self.__do_request(post_data) + + response = encryption.decrypt(response, self.enckey, init_iv) + + json = jsond.loads(response) + + if json["success"]: + print("successfully upgraded user") + print("please restart program and login") + time.sleep(2) + os._exit(1) + else: + print(json["message"]) + os._exit(1) + + def login(self, user, password, hwid=None): + self.checkinit() + if hwid is None: + hwid = others.get_hwid() + + init_iv = SHA256.new(str(uuid4())[:8].encode()).hexdigest() + + post_data = { + "type": binascii.hexlify(("login").encode()), + "username": encryption.encrypt(user, self.enckey, init_iv), + "pass": encryption.encrypt(password, self.enckey, init_iv), + "hwid": encryption.encrypt(hwid, self.enckey, init_iv), + "sessionid": binascii.hexlify(self.sessionid.encode()), + "name": binascii.hexlify(self.name.encode()), + "ownerid": binascii.hexlify(self.ownerid.encode()), + "init_iv": init_iv + } + + response = self.__do_request(post_data) + + response = encryption.decrypt(response, self.enckey, init_iv) + + json = jsond.loads(response) + + if json["success"]: + self.__load_user_data(json["info"]) + print("successfully logged in") + example_program() + else: + print(json["message"]) + os._exit(1) + + def license(self, key, hwid=None): + self.checkinit() + if hwid is None: + hwid = others.get_hwid() + + init_iv = SHA256.new(str(uuid4())[:8].encode()).hexdigest() + + post_data = { + "type": binascii.hexlify(("license").encode()), + "key": encryption.encrypt(key, self.enckey, init_iv), + "hwid": encryption.encrypt(hwid, self.enckey, init_iv), + "sessionid": binascii.hexlify(self.sessionid.encode()), + "name": binascii.hexlify(self.name.encode()), + "ownerid": binascii.hexlify(self.ownerid.encode()), + "init_iv": init_iv + } + + response = self.__do_request(post_data) + response = encryption.decrypt(response, self.enckey, init_iv) + + json = jsond.loads(response) + + if json["success"]: + self.__load_user_data(json["info"]) + print("successfully logged into license") + else: + print(json["message"]) + os._exit(1) + + def var(self, name): + self.checkinit() + init_iv = SHA256.new(str(uuid4())[:8].encode()).hexdigest() + + post_data = { + "type": binascii.hexlify(("var").encode()), + "varid": encryption.encrypt(name, self.enckey, init_iv), + "sessionid": binascii.hexlify(self.sessionid.encode()), + "name": binascii.hexlify(self.name.encode()), + "ownerid": binascii.hexlify(self.ownerid.encode()), + "init_iv": init_iv + } + + response = self.__do_request(post_data) + + response = encryption.decrypt(response, self.enckey, init_iv) + + json = jsond.loads(response) + + if json["success"]: + return json["message"] + else: + print(json["message"]) + time.sleep(5) + os._exit(1) + + def getvar(self, var_name): + self.checkinit() + init_iv = SHA256.new(str(uuid4())[:8].encode()).hexdigest() + + post_data = { + "type": binascii.hexlify(("getvar").encode()), + "var": encryption.encrypt(var_name, self.enckey, init_iv), + "sessionid": binascii.hexlify(self.sessionid.encode()), + "name": binascii.hexlify(self.name.encode()), + "ownerid": binascii.hexlify(self.ownerid.encode()), + "init_iv": init_iv + } + response = self.__do_request(post_data) + response = encryption.decrypt(response, self.enckey, init_iv) + json = jsond.loads(response) + + if json["success"]: + return json["response"] + else: + print(json["message"]) + time.sleep(5) + os._exit(1) + + def setvar(self, var_name, var_data): + self.checkinit() + init_iv = SHA256.new(str(uuid4())[:8].encode()).hexdigest() + post_data = { + "type": binascii.hexlify(("setvar").encode()), + "var": encryption.encrypt(var_name, self.enckey, init_iv), + "data": encryption.encrypt(var_data, self.enckey, init_iv), + "sessionid": binascii.hexlify(self.sessionid.encode()), + "name": binascii.hexlify(self.name.encode()), + "ownerid": binascii.hexlify(self.ownerid.encode()), + "init_iv": init_iv + } + response = self.__do_request(post_data) + response = encryption.decrypt(response, self.enckey, init_iv) + json = jsond.loads(response) + + if json["success"]: + return True + else: + print(json["message"]) + time.sleep(5) + os._exit(1) + + def ban(self): + self.checkinit() + init_iv = SHA256.new(str(uuid4())[:8].encode()).hexdigest() + post_data = { + "type": binascii.hexlify(("ban").encode()), + "sessionid": binascii.hexlify(self.sessionid.encode()), + "name": binascii.hexlify(self.name.encode()), + "ownerid": binascii.hexlify(self.ownerid.encode()), + "init_iv": init_iv + } + response = self.__do_request(post_data) + response = encryption.decrypt(response, self.enckey, init_iv) + json = jsond.loads(response) + + if json["success"]: + return True + else: + print(json["message"]) + time.sleep(5) + os._exit(1) + + def file(self, fileid): + self.checkinit() + init_iv = SHA256.new(str(uuid4())[:8].encode()).hexdigest() + + post_data = { + "type": binascii.hexlify(("file").encode()), + "fileid": encryption.encrypt(fileid, self.enckey, init_iv), + "sessionid": binascii.hexlify(self.sessionid.encode()), + "name": binascii.hexlify(self.name.encode()), + "ownerid": binascii.hexlify(self.ownerid.encode()), + "init_iv": init_iv + } + + response = self.__do_request(post_data) + + response = encryption.decrypt(response, self.enckey, init_iv) + + json = jsond.loads(response) + + if not json["success"]: + print(json["message"]) + time.sleep(5) + os._exit(1) + return binascii.unhexlify(json["contents"]) + + def webhook(self, webid, param, body = "", conttype = ""): + self.checkinit() + init_iv = SHA256.new(str(uuid4())[:8].encode()).hexdigest() + + post_data = { + "type": binascii.hexlify(("webhook").encode()), + "webid": encryption.encrypt(webid, self.enckey, init_iv), + "params": encryption.encrypt(param, self.enckey, init_iv), + "body": encryption.encrypt(body, self.enckey, init_iv), + "conttype": encryption.encrypt(conttype, self.enckey, init_iv), + "sessionid": binascii.hexlify(self.sessionid.encode()), + "name": binascii.hexlify(self.name.encode()), + "ownerid": binascii.hexlify(self.ownerid.encode()), + "init_iv": init_iv + } + + response = self.__do_request(post_data) + + response = encryption.decrypt(response, self.enckey, init_iv) + json = jsond.loads(response) + + if json["success"]: + return json["message"] + else: + print(json["message"]) + time.sleep(5) + os._exit(1) + + def check(self): + self.checkinit() + init_iv = SHA256.new(str(uuid4())[:8].encode()).hexdigest() + post_data = { + "type": binascii.hexlify(("check").encode()), + "sessionid": binascii.hexlify(self.sessionid.encode()), + "name": binascii.hexlify(self.name.encode()), + "ownerid": binascii.hexlify(self.ownerid.encode()), + "init_iv": init_iv + } + response = self.__do_request(post_data) + + response = encryption.decrypt(response, self.enckey, init_iv) + json = jsond.loads(response) + if json["success"]: + return True + else: + return False + + def checkblacklist(self): + self.checkinit() + hwid = others.get_hwid() + init_iv = SHA256.new(str(uuid4())[:8].encode()).hexdigest() + post_data = { + "type": binascii.hexlify(("checkblacklist").encode()), + "hwid": encryption.encrypt(hwid, self.enckey, init_iv), + "sessionid": binascii.hexlify(self.sessionid.encode()), + "name": binascii.hexlify(self.name.encode()), + "ownerid": binascii.hexlify(self.ownerid.encode()), + "init_iv": init_iv + } + response = self.__do_request(post_data) + + response = encryption.decrypt(response, self.enckey, init_iv) + json = jsond.loads(response) + if json["success"]: + return True + else: + return False + + def log(self, message): + self.checkinit() + init_iv = SHA256.new(str(uuid4())[:8].encode()).hexdigest() + + post_data = { + "type": binascii.hexlify(("log").encode()), + "pcuser": encryption.encrypt(os.getenv('username'), self.enckey, init_iv), + "message": encryption.encrypt(message, self.enckey, init_iv), + "sessionid": binascii.hexlify(self.sessionid.encode()), + "name": binascii.hexlify(self.name.encode()), + "ownerid": binascii.hexlify(self.ownerid.encode()), + "init_iv": init_iv + } + + self.__do_request(post_data) + + def fetchOnline(self): + self.checkinit() + init_iv = SHA256.new(str(uuid4())[:8].encode()).hexdigest() + + post_data = { + "type": binascii.hexlify(("fetchOnline").encode()), + "sessionid": binascii.hexlify(self.sessionid.encode()), + "name": binascii.hexlify(self.name.encode()), + "ownerid": binascii.hexlify(self.ownerid.encode()), + "init_iv": init_iv + } + + response = self.__do_request(post_data) + response = encryption.decrypt(response, self.enckey, init_iv) + + json = jsond.loads(response) + + if json["success"]: + if len(json["users"]) == 0: + return None # THIS IS ISSUE ON KEYAUTH SERVER SIDE 6.8.2022, so it will return none if it is not an array. + else: + return json["users"] + else: + return None + + def chatGet(self, channel): + self.checkinit() + init_iv = SHA256.new(str(uuid4())[:8].encode()).hexdigest() + + post_data = { + "type": binascii.hexlify(("chatget").encode()), + "channel": encryption.encrypt(channel, self.enckey, init_iv), + "sessionid": binascii.hexlify(self.sessionid.encode()), + "name": binascii.hexlify(self.name.encode()), + "ownerid": binascii.hexlify(self.ownerid.encode()), + "init_iv": init_iv + } + + response = self.__do_request(post_data) + response = encryption.decrypt(response, self.enckey, init_iv) + + json = jsond.loads(response) + + if json["success"]: + return json["messages"] + else: + return None + + def chatSend(self, message, channel): + self.checkinit() + init_iv = SHA256.new(str(uuid4())[:8].encode()).hexdigest() + + post_data = { + "type": binascii.hexlify(("chatsend").encode()), + "message": encryption.encrypt(message, self.enckey, init_iv), + "channel": encryption.encrypt(channel, self.enckey, init_iv), + "sessionid": binascii.hexlify(self.sessionid.encode()), + "name": binascii.hexlify(self.name.encode()), + "ownerid": binascii.hexlify(self.ownerid.encode()), + "init_iv": init_iv + } + + response = self.__do_request(post_data) + response = encryption.decrypt(response, self.enckey, init_iv) + + json = jsond.loads(response) + + if json["success"]: + return True + else: + return False + + def checkinit(self): + if not self.initialized: + print("Initialize first, in order to use the functions") + time.sleep(2) + os._exit(1) + + def __do_request(self, post_data): + try: + rq_out = s.post( + "https://keyauth.win/api/1.0/", data=post_data, timeout=30 + ) + return rq_out.text + except requests.exceptions.Timeout: + print("Request timed out") + + class application_data_class: + numUsers = numKeys = app_ver = customer_panel = onlineUsers = "" + # region user_data + + class user_data_class: + username = ip = hwid = expires = createdate = lastlogin = subscription = subscriptions = "" + + user_data = user_data_class() + app_data = application_data_class() + + def __load_app_data(self, data): + self.app_data.numUsers = data["numUsers"] + self.app_data.numKeys = data["numKeys"] + self.app_data.app_ver = data["version"] + self.app_data.customer_panel = data["customerPanelLink"] + self.app_data.onlineUsers = data["numOnlineUsers"] + + def __load_user_data(self, data): + self.user_data.username = data["username"] + self.user_data.ip = data["ip"] + self.user_data.hwid = data["hwid"] + self.user_data.expires = data["subscriptions"][0]["expiry"] + self.user_data.createdate = data["createdate"] + self.user_data.lastlogin = data["lastlogin"] + self.user_data.subscription = data["subscriptions"][0]["subscription"] + self.user_data.subscriptions = data["subscriptions"] + + +class others: + @staticmethod + def get_hwid(): + if platform.system() == "Linux": + with open("/etc/machine-id") as f: + hwid = f.read() + return hwid + elif platform.system() == 'Windows': + winuser = os.getlogin() + sid = win32security.LookupAccountName(None, winuser)[0] + hwid = win32security.ConvertSidToStringSid(sid) + return hwid + elif platform.system() == 'Darwin': + output = subprocess.Popen("ioreg -l | grep IOPlatformSerialNumber", stdout=subprocess.PIPE, shell=True).communicate()[0] + serial = output.decode().split('=', 1)[1].replace(' ', '') + hwid = serial[1:-2] + return hwid + + + +class encryption: + @staticmethod + def encrypt_string(plain_text, key, iv): + plain_text = pad(plain_text, 16) + + aes_instance = AES.new(key, AES.MODE_CBC, iv) + + raw_out = aes_instance.encrypt(plain_text) + + return binascii.hexlify(raw_out) + + @staticmethod + def decrypt_string(cipher_text, key, iv): + cipher_text = binascii.unhexlify(cipher_text) + + aes_instance = AES.new(key, AES.MODE_CBC, iv) + + cipher_text = aes_instance.decrypt(cipher_text) + + return unpad(cipher_text, 16) + + @staticmethod + def encrypt(message, enc_key, iv): + try: + _key = SHA256.new(enc_key.encode()).hexdigest()[:32] + + _iv = SHA256.new(iv.encode()).hexdigest()[:16] + + return encryption.encrypt_string(message.encode(), _key.encode(), _iv.encode()).decode() + except: + print("Invalid Application Information. Long text is secret short text is ownerid. Name is supposed to be app name not username") + os._exit(1) + + @staticmethod + def decrypt(message, enc_key, iv): + try: + _key = SHA256.new(enc_key.encode()).hexdigest()[:32] + + _iv = SHA256.new(iv.encode()).hexdigest()[:16] + + return encryption.decrypt_string(message.encode(), _key.encode(), _iv.encode()).decode() + except: + print("Invalid Application Information. Long text is secret short text is ownerid. Name is supposed to be app name not username") + os._exit(1) + + +# import json as jsond +# ^^ only for auto login/json writing/reading + +# watch setup video if you need help https://www.youtube.com/watch?v=L2eAQOmuUiA + +if sys.version_info.minor < 10: # Python version check (Bypass Patch) + print("[Security] - Python 3.10 or higher is recommended. The bypass will not work on 3.10+") + print("You are using Python {}.{}".format(sys.version_info.major, sys.version_info.minor)) + +if platform.system() == 'Windows': + os.system('cls & title Python Example') # clear console, change title +elif platform.system() == 'Linux': + os.system('clear') # clear console + sys.stdout.write("\x1b]0;Python Example\x07") # change title +elif platform.system() == 'Darwin': + os.system("clear && printf '\e[3J'") # clear console + os.system('''echo - n - e "\033]0;Python Example\007"''') # change title + +print("Initializing") + + +def getchecksum(): + md5_hash = hashlib.md5() + file = open(''.join(sys.argv), "rb") + md5_hash.update(file.read()) + digest = md5_hash.hexdigest() + return digest + + +keyauthapp = api( + name = "", #App name (Manage Applications --> Application name) + ownerid = "", #Owner ID (Account-Settings --> OwnerID) + secret = "", #App secret(Manage Applications --> App credentials code) + version = "1.0", + hash_to_check = getchecksum() +) + +print(f""" +App data: +Number of users: {keyauthapp.app_data.numUsers} +Number of online users: {keyauthapp.app_data.onlineUsers} +Number of keys: {keyauthapp.app_data.numKeys} +Application Version: {keyauthapp.app_data.app_ver} +Customer panel link: {keyauthapp.app_data.customer_panel} +""") +print(f"Current Session Validation Status: {keyauthapp.check()}") +print(f"Blacklisted? : {keyauthapp.checkblacklist()}") # check if blacklisted, you can edit this and make it exit the program if blacklisted + + +def answer(): + try: + print(""" +1.Login +2.Register +3.Upgrade +4.License Key Only + """) + ans = input("Select Option: ") + if ans == "1": + user = input('Provide username: ') + password = input('Provide password: ') + keyauthapp.login(user, password) + elif ans == "2": + user = input('Provide username: ') + password = input('Provide password: ') + license = input('Provide License: ') + keyauthapp.register(user, password, license) + elif ans == "3": + user = input('Provide username: ') + license = input('Provide License: ') + keyauthapp.upgrade(user, license) + elif ans == "4": + key = input('Enter your license: ') + keyauthapp.license(key) + else: + print("\nNot Valid Option") + time.sleep(1) + os.system('cls') + answer() + except KeyboardInterrupt: + os._exit(1) + + +answer() + +# region Extra Functions + +# * Download Files form the server to your computer using the download function in the api class +# bytes = keyauthapp.file("FILEID") +# f = open("example.exe", "wb") +# f.write(bytes) +# f.close() + + +# * Set up user variable +# keyauthapp.setvar("varName", "varValue") + +# * Get user variable and print it +# data = keyauthapp.getvar("varName") +# print(data) + +# * Get normal variable and print it +# data = keyauthapp.var("varName") +# print(data) + +# * Log message to the server and then to your webhook what is set on app settings +# keyauthapp.log("Message") + +# * Get if the user pc have been blacklisted +# print(f"Blacklisted? : {keyauthapp.checkblacklist()}") + +# * See if the current session is validated +# print(f"Session Validated?: {keyauthapp.check()}") + + +# * example to send normal request with no POST data +# data = keyauthapp.webhook("WebhookID", "?type=resetuser&user=username") + +# * example to send form data +# data = keyauthapp.webhook("WebhookID", "", "type=init&name=test&ownerid=j9Gj0FTemM", "application/x-www-form-urlencoded") + +# * example to send JSON +# data = keyauthapp.webhook("WebhookID", "", "{\"content\": \"webhook message here\",\"embeds\": null}", "application/json") + +# * Get chat messages +# messages = keyauthapp.chatGet("CHANNEL") + +# Messages = "" +# for i in range(len(messages)): +# Messages += datetime.utcfromtimestamp(int(messages[i]["timestamp"])).strftime('%Y-%m-%d %H:%M:%S') + " - " + messages[i]["author"] + ": " + messages[i]["message"] + "\n" + +# print("\n\n" + Messages) + +# * Send chat message +# keyauthapp.chatSend("MESSAGE", "CHANNEL") + +# * Add Application Information to Title +# os.system(f"cls & title KeyAuth Python Example - Total Users: {keyauthapp.app_data.numUsers} - Online Users: {keyauthapp.app_data.onlineUsers} - Total Keys: {keyauthapp.app_data.numKeys}") + +# * Auto-Login Example (THIS IS JUST AN EXAMPLE --> YOU WILL HAVE TO EDIT THE CODE PROBABLY) +# 1. Checking and Reading JSON + +#### Note: Remove the ''' on line 151 and 226 + +'''try: + if os.path.isfile('auth.json'): #Checking if the auth file exist + if jsond.load(open("auth.json"))["authusername"] == "": #Checks if the authusername is empty or not + print(""" +1. Login +2. Register + """) + ans=input("Select Option: ") #Skipping auto-login bc auth file is empty + if ans=="1": + user = input('Provide username: ') + password = input('Provide password: ') + keyauthapp.login(user,password) + authfile = jsond.load(open("auth.json")) + authfile["authusername"] = user + authfile["authpassword"] = password + jsond.dump(authfile, open('auth.json', 'w'), sort_keys=False, indent=4) + elif ans=="2": + user = input('Provide username: ') + password = input('Provide password: ') + license = input('Provide License: ') + keyauthapp.register(user,password,license) + authfile = jsond.load(open("auth.json")) + authfile["authusername"] = user + authfile["authpassword"] = password + jsond.dump(authfile, open('auth.json', 'w'), sort_keys=False, indent=4) + else: + print("\nNot Valid Option") + os._exit(1) + else: + try: #2. Auto login + with open('auth.json', 'r') as f: + authfile = jsond.load(f) + authuser = authfile.get('authusername') + authpass = authfile.get('authpassword') + keyauthapp.login(authuser,authpass) + except Exception as e: #Error stuff + print(e) + else: #Creating auth file bc its missing + try: + f = open("auth.json", "a") #Writing content + f.write("""{ + "authusername": "", + "authpassword": "" +}""") + f.close() + print (""" +1. Login +2. Register + """)#Again skipping auto-login bc the file is empty/missing + ans=input("Select Option: ") + if ans=="1": + user = input('Provide username: ') + password = input('Provide password: ') + keyauthapp.login(user,password) + authfile = jsond.load(open("auth.json")) + authfile["authusername"] = user + authfile["authpassword"] = password + jsond.dump(authfile, open('auth.json', 'w'), sort_keys=False, indent=4) + elif ans=="2": + user = input('Provide username: ') + password = input('Provide password: ') + license = input('Provide License: ') + keyauthapp.register(user,password,license) + authfile = jsond.load(open("auth.json")) + authfile["authusername"] = user + authfile["authpassword"] = password + jsond.dump(authfile, open('auth.json', 'w'), sort_keys=False, indent=4) + else: + print("\nNot Valid Option") + os._exit(1) + except Exception as e: #Error stuff + print(e) + os._exit(1) +except Exception as e: #Error stuff + print(e) + os._exit(1)''' + +# endregion + + +print("\nUser data: ") +print("Username: " + keyauthapp.user_data.username) +print("IP address: " + keyauthapp.user_data.ip) +print("Hardware-Id: " + keyauthapp.user_data.hwid) +# print("Subcription: " + keyauthapp.user_data.subscription) ## Print Subscription "ONE" name + +subs = keyauthapp.user_data.subscriptions # Get all Subscription names, expiry, and timeleft +for i in range(len(subs)): + sub = subs[i]["subscription"] # Subscription from every Sub + expiry = datetime.utcfromtimestamp(int(subs[i]["expiry"])).strftime( + '%Y-%m-%d %H:%M:%S') # Expiry date from every Sub + timeleft = subs[i]["timeleft"] # Timeleft from every Sub + + print(f"[{i + 1} / {len(subs)}] | Subscription: {sub} - Expiry: {expiry} - Timeleft: {timeleft}") + +onlineUsers = keyauthapp.fetchOnline() +OU = "" # KEEP THIS EMPTY FOR NOW, THIS WILL BE USED TO CREATE ONLINE USER STRING. +if onlineUsers is None: + OU = "No online users" +else: + for i in range(len(onlineUsers)): + OU += onlineUsers[i]["credential"] + " " + +print("\n" + OU + "\n") + +print("Created at: " + datetime.utcfromtimestamp(int(keyauthapp.user_data.createdate)).strftime('%Y-%m-%d %H:%M:%S')) +print("Last login at: " + datetime.utcfromtimestamp(int(keyauthapp.user_data.lastlogin)).strftime('%Y-%m-%d %H:%M:%S')) +print("Expires at: " + datetime.utcfromtimestamp(int(keyauthapp.user_data.expires)).strftime('%Y-%m-%d %H:%M:%S')) +print(f"Current Session Validation Status: {keyauthapp.check()}") diff --git a/requirements.txt b/requirements.txt index f3a56f4..b57953d 100644 --- a/requirements.txt +++ b/requirements.txt @@ -1,3 +1,5 @@ requests -requests_toolbelt -pycryptodome +pywin32 +discord-interactions +qrcode +pillow