Last active
June 20, 2020 11:46
-
-
Save troke12/da2c10760de2f5ce255951f14568e090 to your computer and use it in GitHub Desktop.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| def verifyUser(userID, hashes): | |
| """ | |
| Activate `userID`'s account. | |
| :param userID: user id | |
| :param hashes: Peppy's botnet (client data) structure (new line = "|", already split | |
| ) | |
| [0] osu! version | |
| [1] plain mac addressed, separated by "." | |
| [2] mac addresses hash set | |
| [3] unique ID | |
| [4] disk ID | |
| :return: True if verified successfully, else False (multiaccount) | |
| """ | |
| # Check for valid hash set | |
| for i in hashes[2:5]: | |
| if i == "": | |
| log.warning("Invalid hash set ({}) for user {} while verifying the account".format(str(hashes), userID), "bunk") | |
| return False | |
| # Get username | |
| username = getUsername(userID) | |
| # Make sure there are no other accounts activated with this exact mac/unique id/hwid | |
| if hashes[2] == "b4ec3c4334a0249dae95c284ec5983df" or hashes[4] == "ffae06fb022871fe9beb58b005c5e21d": | |
| # Running under wine, check only by uniqueid | |
| log.info("{user} ({userID}) ha triggerato Sannino:\n**Full data:** {hashes}\n**Usual wine mac address hash:** b4ec3c4334a0249dae95c284ec5983df\n**Usual wine disk id:** ffae06fb022871fe9beb58b005c5e21d".format(user=username, userID=userID, hashes=hashes), "bunker") | |
| log.debug("Veryfing with Linux/Mac hardware") | |
| match = glob.db.fetchAll("SELECT userid FROM hw_user WHERE unique_id = %(uid)s AND userid != %(userid)s AND activated = 1 LIMIT 1", { | |
| "uid": hashes[3], | |
| "userid": userID | |
| }) | |
| return True | |
| else: | |
| # Running under windows, full check | |
| log.debug("Veryfing with Windows hardware") | |
| match = glob.db.fetchAll("SELECT userid FROM hw_user WHERE mac = %(mac)s AND unique_id = %(uid)s AND disk_id = %(diskid)s AND userid != %(userid)s AND activated = 1 LIMIT 1", { | |
| "mac": hashes[2], | |
| "uid": hashes[3], | |
| "diskid": hashes[4], | |
| "userid": userID | |
| }) | |
| if match: | |
| # This is a multiaccount, restrict other account and ban this account | |
| # Get original userID and username (lowest ID) | |
| originalUserID = match[0]["userid"] | |
| originalUsername = getUsername(originalUserID) | |
| # Ban this user and append notes | |
| ban(userID) # this removes the USER_PENDING_VERIFICATION flag too | |
| appendNotes(userID, "{}'s multiaccount ({}), found HWID match while verifying account ({})".format(originalUsername, originalUserID, hashes[2:5])) | |
| appendNotes(originalUserID, "Has created multiaccount {} ({})".format(username, userID)) | |
| # Restrict the original | |
| restrict(originalUserID) | |
| # Disallow login | |
| return False | |
| else: | |
| # No matches found, set USER_PUBLIC and USER_NORMAL flags and reset USER_PENDING_VERIFICATION flag | |
| resetPendingFlag(userID) | |
| #log.info("User **{}** ({}) has verified his account with hash set _{}_".format(username, userID, hashes[2:5]), "cm") | |
| # Allow login | |
| return True |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment