protected async Task <PhishingToken> ValidateAsync(LoginDetails loginDetails) { AddLoginHeaders(); HttpClient.AddRequestHeader(NonStandardHttpHeaders.NucleusId, LoginResponse.Persona.NucUserId); HttpClient.AddRequestHeader(NonStandardHttpHeaders.SessionId, LoginResponse.AuthData.Sid); var validateResponseMessage = await HttpClient.GetAsync(String.Format(Resources.ValidateQuestion, DateTime.Now.ToUnixTime())); validateResponseMessage = await HttpClient.PostAsync(String.Format(Resources.ValidateAnswer, Hasher.Hash(loginDetails.SecretAnswer)), new FormUrlEncodedContent( new[] { new KeyValuePair <string, string>("answer", Hasher.Hash(loginDetails.SecretAnswer)) })); var phishingToken = await DeserializeAsync <PhishingToken>(validateResponseMessage); var validateResponseMessageContent = await validateResponseMessage.Content.ReadAsStringAsync(); if (phishingToken.Code != "200" || phishingToken.Token == null) { throw new Exception($"Unable to get Phishing Token {LoginDetails?.AppVersion}."); } return(phishingToken); }
protected async Task <PhishingToken> ValidateAsync(LoginDetails loginDetails, string _phishingTokenString) { // new in FUT20 // phishing token comes from /ut/auth, so i change a little bit to receive as a parameter and create an object to return PhishingToken _phishingToken = new PhishingToken(); _phishingToken.Code = "200"; _phishingToken.String = "OK"; _phishingToken.Token = _phishingTokenString; return(_phishingToken); AddLoginHeaders(); HttpClient.AddRequestHeader(NonStandardHttpHeaders.NucleusId, LoginResponse.Persona.NucUserId); HttpClient.AddRequestHeader(NonStandardHttpHeaders.SessionId, LoginResponse.AuthData.Sid); var validateResponseMessage = await HttpClient.GetAsync(String.Format(Resources.ValidateQuestion, DateTime.Now.ToUnixTime())); validateResponseMessage = await HttpClient.PostAsync(String.Format(Resources.ValidateAnswer, Hasher.Hash(loginDetails.SecretAnswer)), new FormUrlEncodedContent( new[] { new KeyValuePair <string, string>("answer", Hasher.Hash(loginDetails.SecretAnswer)) })); var phishingToken = await DeserializeAsync <PhishingToken>(validateResponseMessage); var validateResponseMessageContent = await validateResponseMessage.Content.ReadAsStringAsync(); if (phishingToken.Code != "200" || phishingToken.Token == null) { throw new Exception($"Unable to get Phishing Token {LoginDetails?.AppVersion}."); } return(phishingToken); }
private async Task <PidsMeResponse> GetEaswAsync(string auth) { HttpClient.AddRequestHeader("Authorization", "Bearer " + auth); var loginPage = await HttpClient.GetAsync("https://gateway.ea.com/proxy/identity/pids/me").ConfigureAwait(false); HttpClient.RemoveRequestHeader("Authorization"); return(await Deserialize <PidsMeResponse>(loginPage).ConfigureAwait(false)); }
private async Task <UserAccounts> GetMobileUserAccountsAsync(Platform platform) { AddMobileLoginHeaders(); HttpClient.AddRequestHeader(NonStandardHttpHeaders.NucleusId, _nucUserId); HttpClient.AddRequestHeader(NonStandardHttpHeaders.SessionId, string.Empty); var accountInfoResponseMessage = await HttpClient.GetAsync(string.Format(Resources.AccountInfo, DateTime.Now.ToUnixTime())); return(await DeserializeAsync <UserAccounts>(accountInfoResponseMessage)); }
private async Task <Shards> GetMobileShardsAsync() { AddMobileLoginHeaders(); HttpClient.AddRequestHeader(NonStandardHttpHeaders.NucleusId, _nucUserId); HttpClient.AddRequestHeader(NonStandardHttpHeaders.SessionId, string.Empty); var shardsResponseMessage = await HttpClient.GetAsync(string.Format(Resources.Shards, DateTime.Now.ToUnixTime())); return(await DeserializeAsync <Shards>(shardsResponseMessage)); }
private async Task <User> GetMobileNucleusIdAsync() { AddMobileLoginHeaders(); HttpClient.AddRequestHeader(NonStandardHttpHeaders.NucleusId, _nucUserId); HttpClient.AddRequestHeader(NonStandardHttpHeaders.PowSessionId, _powSessionId); var nucleusResponseMessage = await HttpClient.GetAsync(string.Format(Resources.NucleusId, _nucUserId, DateTime.Now.ToUnixTime())); return(await DeserializeAsync <User>(nucleusResponseMessage)); }
private async Task <UserAccounts> GetUserAccountsAsync(Platform platform) { HttpClient.RemoveRequestHeader(NonStandardHttpHeaders.Route); var route = $"https://utas.{(platform == Platform.Xbox360 || platform == Platform.XboxOne ? "s3" : "s2")}.fut.ea.com:443"; HttpClient.AddRequestHeader(NonStandardHttpHeaders.Route, route); var accountInfoResponseMessage = await HttpClient.GetAsync(string.Format(Resources.AccountInfo, DateTime.Now.ToUnixTime())); return(await DeserializeAsync <UserAccounts>(accountInfoResponseMessage)); }
private async Task <UserAccounts> GetUserAccountsAsync(Platform platform) { HttpClient.RemoveRequestHeader(NonStandardHttpHeaders.Route); var route = string.Format("https://utas.{0}fut.ea.com:443", platform == Platform.Xbox360 ? string.Empty : "s2."); HttpClient.AddRequestHeader(NonStandardHttpHeaders.Route, route); var accountInfoResponseMessage = await HttpClient.GetAsync(string.Format(Resources.AccountInfo, CreateTimestamp())); return(await Deserialize <UserAccounts>(accountInfoResponseMessage)); }
private async Task <Auth> AuthAsync(string authCode, string personaId, string sku) { AddMobileLoginHeaders(); HttpClient.AddRequestHeader(NonStandardHttpHeaders.SessionId, string.Empty); HttpClient.AddRequestHeader(NonStandardHttpHeaders.PowSessionId, string.Empty); var content = $@"{{ ""isReadOnly"":false,""sku"":""FUT16AND"",""clientVersion"":18,""locale"":""en-GB"",""method"":""authcode"",""priorityLevel"":4,""identification"":{{""authCode"":""{authCode}"",""redirectUrl"":""nucleus:rest""}},""nucleusPersonaId"":""{personaId}"",""gameSku"":""{sku}"" }}"; var authMessage = await HttpClient.PostAsync(string.Format(Resources.Auth, DateTime.Now.ToUnixTime()), new StringContent(content)); var authResponse = await DeserializeAsync <Auth>(authMessage); return(authResponse); }
private async Task <string> ValidateAsync(LoginDetails loginDetails, string sessionId) { HttpClient.AddRequestHeader(NonStandardHttpHeaders.SessionId, sessionId); var validateResponseMessage = await HttpClient.PostAsync(Resources.Validate, new FormUrlEncodedContent( new[] { new KeyValuePair <string, string>("answer", Hasher.Hash(loginDetails.SecretAnswer)) })); var validateResponse = await DeserializeAsync <ValidateResponse>(validateResponseMessage); return(validateResponse.Token); }
private async Task <Shards> GetShardsAsync(string nucleusId) { HttpClient.AddRequestHeader(NonStandardHttpHeaders.NucleusId, nucleusId); HttpClient.AddRequestHeader(NonStandardHttpHeaders.EmbedError, "true"); HttpClient.AddRequestHeader(NonStandardHttpHeaders.Route, "https://utas.fut.ea.com"); HttpClient.AddRequestHeader(NonStandardHttpHeaders.RequestedWith, "XMLHttpRequest"); AddAcceptHeader("application/json, text/javascript"); AddAcceptLanguageHeader(); AddReferrerHeader(Resources.BaseShowoff); var shardsResponseMessage = await HttpClient.GetAsync(string.Format(Resources.Shards, DateTime.Now.ToUnixTime())); return(await DeserializeAsync <Shards>(shardsResponseMessage)); }
private async Task <Tuple <bool, UserAccountsResponse> > GetUserAccountsAsync(string route) { HttpClient.AddRequestHeader(NonStandardHttpHeaders.Route, route); var loginPage = await HttpClient.GetAsync(route + "/ut/game/fifa18/user/accountinfo?filterConsoleLogin=true&sku=" + FUTAccount.FUTPlatform.SKU + "&returningUserGameYear=2017&_=" + Helper.CreateTimestamp()).ConfigureAwait(false); HttpClient.RemoveRequestHeader(NonStandardHttpHeaders.Route); var response = await Deserialize <UserAccountsResponse>(loginPage).ConfigureAwait(false); if (response.HasError) { return(new Tuple <bool, UserAccountsResponse>(false, null)); } return(new Tuple <bool, UserAccountsResponse>(true, response)); }
protected async Task <Shards> GetShardsAsync() { AddLoginHeaders(); HttpClient.AddRequestHeader(NonStandardHttpHeaders.NucleusId, LoginResponse.Persona.NucUserId); HttpClient.AddRequestHeader(NonStandardHttpHeaders.PowSessionId, LoginResponse.POWSessionId); var shardsResponseMessage = await HttpClient.GetAsync(string.Format(Resources.Shards, DateTime.Now.ToUnixTime())); var shardsResponseContent = await shardsResponseMessage.Content.ReadAsStringAsync(); var shards = await DeserializeAsync <Shards>(shardsResponseMessage); if (shards?.ShardInfo == null || shards.ShardInfo.Count <= 0) { throw new Exception($"Unable to get Shards {LoginDetails?.AppVersion}."); } return(shards); }
protected async Task <UserAccounts> GetUserAccountsAsync(LoginDetails LoginDetails) { AddLoginHeaders(); HttpClient.AddRequestHeader(NonStandardHttpHeaders.NucleusId, LoginResponse.Persona.NucUserId); HttpClient.AddRequestHeader(NonStandardHttpHeaders.SessionId, string.Empty); var accountInfoResponseMessage = await HttpClient.GetAsync(string.Format(Resources.AccountInfo, DateTime.Now.ToUnixTime())); var accountInfoResponseMessageContent = await accountInfoResponseMessage.Content.ReadAsStringAsync(); var userAccounts = await DeserializeAsync <UserAccounts>(accountInfoResponseMessage); if (userAccounts?.UserAccountInfo?.Personas == null || userAccounts.UserAccountInfo.Personas.Count() <= 0) { throw new Exception($"Unable to get Personas {LoginDetails?.AppVersion}."); } return(userAccounts); }
protected async Task <Auth> AuthAsync() { string httpContent; var authResponseMessage = new HttpResponseMessage(); AddLoginHeaders(); HttpClient.AddRequestHeader(NonStandardHttpHeaders.SessionId, string.Empty); HttpClient.AddRequestHeader(NonStandardHttpHeaders.PowSessionId, string.Empty); HttpClient.AddRequestHeader(NonStandardHttpHeaders.Origin, @"file://"); httpContent = $@"{{""isReadOnly"":false,""sku"":""{Resources.Sku}"",""clientVersion"":{Resources.ClientVersion},""locale"":""en-US"",""method"":""authcode"",""priorityLevel"":4,""identification"":{{""authCode"":""{LoginResponse.AuthCode.Code}"",""redirectUrl"":""nucleus:rest""}},""nucleusPersonaId"":""{LoginResponse.Persona.NucPersId}"",""gameSku"":""{GetGameSku(LoginDetails.Platform)}""}}"; authResponseMessage = await HttpClient.PostAsync(string.Format(String.Format(Resources.Auth, DateTime.Now.ToUnixTime()), DateTime.Now.ToUnixTime()), new StringContent(httpContent)); var authResponse = await DeserializeAsync <Auth>(authResponseMessage); var authResponseContent = await authResponseMessage.Content.ReadAsStringAsync(); if (authResponse.Sid == null) { throw new Exception($"Unable to get Session Id {LoginDetails?.AppVersion}."); } return(authResponse); }
private async Task <UserAccountsResponse> BruteforcePlatformAsync() { var ps4 = await GetUserAccountsAsync(Constants.RoutePS4); if (ps4.Item1) { FUTAccount.FUTPlatform.GameSKU = Constants.GameSKUPS4; FUTAccount.FUTPlatform.Route = Constants.RoutePS4; FUTAccount.FUTPlatform.PersonaPlatform = Constants.PersonaPlatformPS4; HttpClient.AddRequestHeader(NonStandardHttpHeaders.Route, Constants.RoutePS4); return(ps4.Item2); } var xb1 = await GetUserAccountsAsync(Constants.RouteXB1); if (xb1.Item1) { FUTAccount.FUTPlatform.GameSKU = Constants.GameSKUXB1; FUTAccount.FUTPlatform.Route = Constants.RouteXB1; FUTAccount.FUTPlatform.PersonaPlatform = Constants.PersonaPlatformXB1; HttpClient.AddRequestHeader(NonStandardHttpHeaders.Route, Constants.RouteXB1); return(xb1.Item2); } return(null); }
/// <summary> /// store an extra header for the request /// </summary> /// <param name="name"></param> /// <param name="value"></param> internal void AddOutgoingHeader(string name, string value) { _httpClient.AddRequestHeader(name, value); }
protected void AddMethodOverrideHeader(HttpMethod httpMethod) { HttpClient.AddRequestHeader(NonStandardHttpHeaders.MethodOverride, httpMethod.Method); }
public async Task <LoginResponse> PerformRequestAsync() { try { var resp = new LoginResponse(); if (_mailClient == null && String.IsNullOrEmpty(FUTAccount.BackupCode1) && String.IsNullOrEmpty(FUTAccount.BackupCode2) && String.IsNullOrEmpty(FUTAccount.BackupCode3) && String.IsNullOrEmpty(FUTAccount.GoogleAuthCode)) { resp.Code = FUTErrorCode.UnknownEMailProvider; resp.Message = "Unknown EMailprovider"; return(resp); } HttpClient.RemoveRequestHeader(NonStandardHttpHeaders.PhishingToken); HttpClient.RemoveRequestHeader(NonStandardHttpHeaders.SessionId); UpdateStatistic("Loading Cookies and Enviromentvariables..."); HttpClient.SetCookieContainer(CookieManager.GetCookieContainer(FUTAccount, false)); UpdateStatistic("Grabbing Loginpage..."); var loggedIn = await GetLoginPageAsync().ConfigureAwait(false); var loggedInString = await loggedIn.Content.ReadAsStringAsync().ConfigureAwait(false); if (!loggedIn.RequestMessage.RequestUri.AbsoluteUri.Contains("companion/auth.html")) { await Task.Delay(2000).ConfigureAwait(false); UpdateStatistic("Loging in to Origin..."); loggedIn = await LoginAsync(loggedIn.RequestMessage.RequestUri.AbsoluteUri).ConfigureAwait(false); loggedInString = await loggedIn.Content.ReadAsStringAsync().ConfigureAwait(false); } var codeSentTimestamp = DateTime.Now.Subtract(new TimeSpan(0, 2, 0)); if (loggedInString.Contains("var redirectUri = 'https://signin.ea.com:443/p/web2/login?execution=")) { var redirect = Regex.Match(loggedInString, "'(.*?)';").Groups[1].Value; var red2 = Regex.Match(loggedInString, "redirectUri \\+ \"(.*?)\";").Groups[1].Value; loggedIn = await HttpClient.GetAsync(redirect + red2).ConfigureAwait(false); loggedInString = await loggedIn.Content.ReadAsStringAsync().ConfigureAwait(false); } if (loggedInString.Contains("general-error") && !loggedInString.Contains("panel-profile-upgrade")) { resp.Code = Models.FUTErrorCode.WrongLoginData; return(resp); } if (loggedInString.Contains("panel-forewordMessage") && loggedInString.Contains("btn-continue")) { UpdateStatistic("Accepting TFACreation..."); loggedIn = await AcceptTwoFactorAsync(loggedIn.RequestMessage.RequestUri.AbsoluteUri); loggedInString = await loggedIn.Content.ReadAsStringAsync().ConfigureAwait(false); } if (loggedInString.Contains("btnTFACreate") && loggedInString.Contains("tfa_type") && loggedInString.Contains("EMAIL")) { UpdateStatistic("Create EMail TFA..."); loggedIn = await CreateEMailTwoFactorAsync(loggedIn.RequestMessage.RequestUri.AbsoluteUri); loggedInString = await loggedIn.Content.ReadAsStringAsync().ConfigureAwait(false); } if (loggedInString.Contains("tfa-login-link") && loggedInString.Contains("btnSendCode")) { if (!String.IsNullOrEmpty(FUTAccount.GoogleAuthCode)) { loggedIn = await SelectGoogleAuthenticatorAsync(loggedIn.RequestMessage.RequestUri.AbsoluteUri).ConfigureAwait(false); loggedInString = await loggedIn.Content.ReadAsStringAsync().ConfigureAwait(false); } else { loggedIn = await SelectEMailTwoFactorAsync(loggedIn.RequestMessage.RequestUri.AbsoluteUri).ConfigureAwait(false); loggedInString = await loggedIn.Content.ReadAsStringAsync().ConfigureAwait(false); } } var twoFactorCode = ""; if (loggedInString.Contains("oneTimeCode")) { if (!String.IsNullOrEmpty(FUTAccount.BackupCode1)) { twoFactorCode = FUTAccount.BackupCode1; FUTAccount.BackupCode1 = ""; FUTAccount.SaveChanges(); } else if (!String.IsNullOrEmpty(FUTAccount.BackupCode2)) { twoFactorCode = FUTAccount.BackupCode2; FUTAccount.BackupCode2 = ""; FUTAccount.SaveChanges(); } else if (!String.IsNullOrEmpty(FUTAccount.BackupCode2)) { twoFactorCode = FUTAccount.BackupCode2; FUTAccount.BackupCode3 = ""; FUTAccount.SaveChanges(); } else if (!string.IsNullOrEmpty(FUTAccount.GoogleAuthCode)) { twoFactorCode = QuickEAAuthenticator.GenerateAuthCode(FUTAccount.GoogleAuthCode); } else { var resendUri = loggedIn.RequestMessage.RequestUri.AbsoluteUri + "&_eventId=resend"; var resendUri2 = "https://signin.ea.com" + loggedInString.GetRegexBetween(" < a id=\"resend_code_link\" href=\"", "\""); UpdateStatistic("Waiting for TwoFactor Code..."); twoFactorCode = await WaitForTwoFactorCode(codeSentTimestamp, resendUri).ConfigureAwait(false); } if (twoFactorCode == "WrongUserPassword") { resp.Code = Models.FUTErrorCode.WrongEMailPassword; return(resp); } if (twoFactorCode == "GMXBlocked") { resp.Code = Models.FUTErrorCode.GMXBlocked; return(resp); } if (twoFactorCode.StartsWith("EXC")) { resp.Code = Models.FUTErrorCode.TwoFactorFailed; resp.Message = twoFactorCode.Remove(0, 3); return(resp); } if (twoFactorCode == "000000" || twoFactorCode == "") { resp.Code = Models.FUTErrorCode.TwoFactorFailed; resp.Message = "Couldn't get twoFactorCode"; return(resp); } await Task.Delay(2000).ConfigureAwait(false); loggedIn = await FillInTwoFactorAsync(loggedIn.RequestMessage.RequestUri.AbsoluteUri, twoFactorCode).ConfigureAwait(false); loggedInString = await loggedIn.Content.ReadAsStringAsync().ConfigureAwait(false); } if (loggedInString.Contains("Eingegebener Code nicht korrekt")) { resp.Code = FUTErrorCode.WrongEMailCode; resp.Message = "Wrong email code!"; return(resp); } if (!loggedIn.RequestMessage.RequestUri.AbsoluteUri.Contains("auth.html")) { resp.Code = Models.FUTErrorCode.NoRedirectToWebApp; resp.Message = "No redirect to mobile-app"; return(resp); } UpdateStatistic("Grabbing EASW ID..."); var authCode = loggedIn.RequestMessage.RequestUri.Query.Remove(0, 6); var tmpBearer = await GetBearerAuthCodeAsync(authCode); var bearer = Regex.Match(tmpBearer, "\"access_token\" : \"(.*?)\",").Groups[1].Value; var easw = await GetEaswAsync(bearer); var easwID = easw.pid.pidId.ToString(); if (string.IsNullOrEmpty(easwID)) { CookieManager.DeleteCookieContainer(FUTAccount, false); resp.Code = Models.FUTErrorCode.NoEaswID; resp.Message = "No easwID"; return(resp); } resp.NucleusID = easwID; HttpClient.AddRequestHeader(NonStandardHttpHeaders.NucleusId, easwID); HttpClient.AddRequestHeader(NonStandardHttpHeaders.EmbedError, "true"); UpdateStatistic("Grabbing Shards..."); var shards = await IsServerOnline(); if (!shards) { resp.Code = Models.FUTErrorCode.ServerMaintenance;; resp.Message = "Server offline"; return(resp); } HttpClient.AddRequestHeader(NonStandardHttpHeaders.SessionId, ""); UpdateStatistic("Grabbing UserAccounts..."); var userAccounts = await BruteforcePlatformAsync().ConfigureAwait(false); if (userAccounts == null || userAccounts.userAccountInfo == null || userAccounts.userAccountInfo.personas == null || userAccounts.userAccountInfo.personas.FirstOrDefault() == null) { resp.Code = Models.FUTErrorCode.NoUserAccounts; resp.Message = "No userAccounts"; return(resp); } var nucleusName = userAccounts.userAccountInfo.personas.FirstOrDefault().personaName; var personaID = userAccounts.userAccountInfo.personas.FirstOrDefault().personaId.ToString(); resp.NucleusName = nucleusName; resp.PersonaID = personaID; authCode = await GetAuthCodeAsync(bearer); authCode = Regex.Match(authCode, "{\"code\":\"(.*?)\"}").Groups[1].Value; if (string.IsNullOrEmpty(authCode)) { resp.Code = Models.FUTErrorCode.NoSessionID; resp.Message = "No authCode"; return(resp); } UpdateStatistic("Authing on Utas..."); var authed = await AuthAsync(authCode, personaID).ConfigureAwait(false); if (authed == null || string.IsNullOrEmpty(authed.sid)) { resp.Code = Models.FUTErrorCode.NoSessionID; resp.Message = "No sid"; return(resp); } resp.SessionID = authed.sid; HttpClient.AddRequestHeader(NonStandardHttpHeaders.SessionId, authed.sid); await Task.Delay(3000).ConfigureAwait(false); UpdateStatistic("Grabbing SecurityQuestion..."); var question = await QuestionAsync().ConfigureAwait(false); if (question.Code == FUTErrorCode.CaptchaTriggered || question.Code == FUTErrorCode.CaptchaTriggered2) { var futproxy = FUTAccount.GetFUTProxy(); var solver = new CaptchaSolver(futproxy); var result = await solver.DoAntiCaptcha(); if (result.errorId == 0) { await SolveCaptchaAsync(result.solution.token); question = await QuestionAsync().ConfigureAwait(false); } else { resp.Code = Models.FUTErrorCode.CaptchaException; resp.Message = "Captcha failed! " + result.errorDescription; return(resp); } } if (!string.IsNullOrEmpty(question.token)) { HttpClient.AddRequestHeader(NonStandardHttpHeaders.PhishingToken, question.token); resp.PhishingToken = question.token; HttpClient.RemoveRequestHeader(NonStandardHttpHeaders.NucleusId); HttpClient.RemoveRequestHeader(NonStandardHttpHeaders.Route); CollectAllCookies(); return(resp); } UpdateStatistic("Validating SecurityQuestion..."); var validate = await ValidateAsync().ConfigureAwait(false); if (string.IsNullOrEmpty(validate?.token)) { if (validate.code == "461") { resp.Code = Models.FUTErrorCode.WrongSecurityAnswer; resp.Message = "Wrong SecurityAnswer"; return(resp); } resp.Code = Models.FUTErrorCode.NoPhishingToken; resp.Message = "No phishingtoken"; return(resp); } //await QuestionAsync().ConfigureAwait(false); UpdateStatistic("Login success..."); HttpClient.AddRequestHeader(NonStandardHttpHeaders.PhishingToken, validate.token); resp.PhishingToken = validate.token; HttpClient.RemoveRequestHeader(NonStandardHttpHeaders.Route); CollectAllCookies(); return(resp); } catch (Exception e) { var resp = new LoginResponse(); resp.Message = e.ToString(); resp.Code = FUTErrorCode.BadRequest; return(resp); } }