ariankordi · November 19, 2018 23:15
diff --git a/arman.py b/arman.py
 #!/bin/python3
 # requirements: hyper selectolax


 from sys import exit

 from ssl import CERT_NONE

 try:
 	import hyper
 except ModuleNotFoundError:
 	exit('you need to install `hyper`: https://hyper.readthedocs.io/en/latest/quickstart.html#installing-hyper')

 try:
 	from selectolax.parser import HTMLParser
 except ModuleNotFoundError:
 	exit('you need to install `selectolax`: https://github.com/rushter/selectolax#Installation')

 # a target indigo instance can also go here
 connection = hyper.HTTPConnection('indigo.cafe:443')

 #hyper.tls._context = hyper.tls.init_context()
 #hyper.tls._context.check_hostname = False
 #hyper.tls._context.verify_mode = CERT_NONE
 #connection = hyper.HTTPConnection('192.168.1.127:92', secure=True)

 # declare file name status thing so that we can print status messages fancily
 STATUS_PREFIX = '[' + __file__ + '] '

 # we are connected
 print(STATUS_PREFIX + 'connected to ingido serv')

 # declare headers, we're going to pass these to every request with `headers=headers`
 headers = {
 	# put your login cookie thing here
 	'Cookie': 'gosessionid=(removed);indigo-auth=(removed);_gorilla_csrf=MTU0MjQ5MTY1NXxJaTh3ZGpSbVJERjVTazFLTkVoUGREZFpZa2hWYjJwNVRqVnFRVU53ZWswNFFuSkJSMmhvWW1kUVRITTlJZ289fCEgaCd7HaU3YAbQ3WOkh_hqsSRZAzeE-ybUe2Bcmfc3',
 }

 # get csrf token/check if banned by requesting /reset
 # this endpoint is chosen since it's fast, contains csrf token and works when logged in
 connection.request('GET', '/reset', headers=headers)
 response = connection.get_response()

 # we have /reset response
 print(STATUS_PREFIX + 'got /reset body')

 # response html, we'll use it no matter if there's an error or not
 body = response.read().decode()

 if response.status != 200:
 	# output html returned AND exit if there's error
 	print(body)
 	exit('\nresponse code ' + str(response.status) + ' while getting /reset!! (above is response text)')

 # now see if csrfmiddlewaretoken from the user sidebar exists
 # if this doesn't exist (user sidebar doesn't exist) then assume we are logged out or banned
 query = HTMLParser(body).css_first('li > form > [name=csrfmiddlewaretoken]')
 if query is None:
 	# exit
 	print(body)
 	exit('\ncouldn\'t find csrfmiddlewaretoken while getting /reset!! (above is response text)')

 # now actually use the token
 csrfmiddlewaretoken = query.attributes['value']

 # we have csrfmiddlewaretoken!
 print(STATUS_PREFIX + 'we now have csrfmiddlewaretoken from /reset')

 # now create the post, make a request body
 req_body = bytes(
 # here is the post body right here
 'body=time to watch gay porn and sex porn&'
 # meta stuff including csrfmiddlewaretoken (url encode it)
 + 'feeling_id=0&csrfmiddlewaretoken=' + csrfmiddlewaretoken.replace('+', '%2b') + '&'
 # community id
 #+ 'community=2'
 + 'community=1'
 , 'utf-8')

 # copy of the headers with content type
 headers_plus_content_type = headers.copy()
 headers_plus_content_type['Content-Type'] = 'application/x-www-form-urlencoded'

 # ingido doesn't care about uri community id
 connection.request('POST', '/communities/0/posts', headers=headers_plus_content_type, body=req_body)
 response = connection.get_response()

 body = response.read().decode()

 # check response code
 if response.status != 200:
 	# print body returned
 	print(body)
 	exit('\nresponse code ' + str(response.status) + ' while posting to /communities/0/posts!! (above is response text)')

 # successfully posted the post
 print(STATUS_PREFIX + 'posted to /communities/0/posts')
	#!/bin/python3
	# requirements: hyper selectolax


	from sys import exit

	from ssl import CERT_NONE

	try:
	import hyper
	except ModuleNotFoundError:
	exit('you need to install `hyper`: https://hyper.readthedocs.io/en/latest/quickstart.html#installing-hyper')

	try:
	from selectolax.parser import HTMLParser
	except ModuleNotFoundError:
	exit('you need to install `selectolax`: https://github.com/rushter/selectolax#Installation')

	# a target indigo instance can also go here
	connection = hyper.HTTPConnection('indigo.cafe:443')

	#hyper.tls._context = hyper.tls.init_context()
	#hyper.tls._context.check_hostname = False
	#hyper.tls._context.verify_mode = CERT_NONE
	#connection = hyper.HTTPConnection('192.168.1.127:92', secure=True)

	# declare file name status thing so that we can print status messages fancily
	STATUS_PREFIX = '[' + __file__ + '] '

	# we are connected
	print(STATUS_PREFIX + 'connected to ingido serv')

	# declare headers, we're going to pass these to every request with `headers=headers`
	headers = {
	# put your login cookie thing here
	'Cookie': 'gosessionid=(removed);indigo-auth=(removed);_gorilla_csrf=MTU0MjQ5MTY1NXxJaTh3ZGpSbVJERjVTazFLTkVoUGREZFpZa2hWYjJwNVRqVnFRVU53ZWswNFFuSkJSMmhvWW1kUVRITTlJZ289fCEgaCd7HaU3YAbQ3WOkh_hqsSRZAzeE-ybUe2Bcmfc3',
	}

	# get csrf token/check if banned by requesting /reset
	# this endpoint is chosen since it's fast, contains csrf token and works when logged in
	connection.request('GET', '/reset', headers=headers)
	response = connection.get_response()

	# we have /reset response
	print(STATUS_PREFIX + 'got /reset body')

	# response html, we'll use it no matter if there's an error or not
	body = response.read().decode()

	if response.status != 200:
	# output html returned AND exit if there's error
	print(body)
	exit('\nresponse code ' + str(response.status) + ' while getting /reset!! (above is response text)')

	# now see if csrfmiddlewaretoken from the user sidebar exists
	# if this doesn't exist (user sidebar doesn't exist) then assume we are logged out or banned
	query = HTMLParser(body).css_first('li > form > [name=csrfmiddlewaretoken]')
	if query is None:
	# exit
	print(body)
	exit('\ncouldn\'t find csrfmiddlewaretoken while getting /reset!! (above is response text)')

	# now actually use the token
	csrfmiddlewaretoken = query.attributes['value']

	# we have csrfmiddlewaretoken!
	print(STATUS_PREFIX + 'we now have csrfmiddlewaretoken from /reset')

	# now create the post, make a request body
	req_body = bytes(
	# here is the post body right here
	'body=time to watch gay porn and sex porn&'
	# meta stuff including csrfmiddlewaretoken (url encode it)
	+ 'feeling_id=0&csrfmiddlewaretoken=' + csrfmiddlewaretoken.replace('+', '%2b') + '&'
	# community id
	#+ 'community=2'
	+ 'community=1'
	, 'utf-8')

	# copy of the headers with content type
	headers_plus_content_type = headers.copy()
	headers_plus_content_type['Content-Type'] = 'application/x-www-form-urlencoded'

	# ingido doesn't care about uri community id
	connection.request('POST', '/communities/0/posts', headers=headers_plus_content_type, body=req_body)
	response = connection.get_response()

	body = response.read().decode()

	# check response code
	if response.status != 200:
	# print body returned
	print(body)
	exit('\nresponse code ' + str(response.status) + ' while posting to /communities/0/posts!! (above is response text)')

	# successfully posted the post
	print(STATUS_PREFIX + 'posted to /communities/0/posts')