2023-05-02 12:39:11 +00:00
|
|
|
import getpass
|
|
|
|
import json
|
|
|
|
|
2023-05-03 00:53:18 +00:00
|
|
|
import ids
|
2023-05-09 19:36:33 +00:00
|
|
|
from base64 import b64encode, b64decode
|
|
|
|
import apns
|
|
|
|
from ids import signing
|
|
|
|
|
2023-05-03 00:53:18 +00:00
|
|
|
|
2023-05-02 12:39:11 +00:00
|
|
|
# Open config
|
|
|
|
try:
|
|
|
|
with open("config.json", "r") as f:
|
2023-05-02 17:40:06 +00:00
|
|
|
CONFIG = json.load(f)
|
2023-05-02 12:39:11 +00:00
|
|
|
except FileNotFoundError:
|
2023-05-02 17:40:06 +00:00
|
|
|
CONFIG = {}
|
2023-05-02 12:39:11 +00:00
|
|
|
|
2023-05-03 00:53:18 +00:00
|
|
|
|
2023-05-02 18:10:13 +00:00
|
|
|
def input_multiline(prompt):
|
|
|
|
print(prompt)
|
|
|
|
lines = []
|
|
|
|
while True:
|
|
|
|
line = input()
|
|
|
|
if line == "":
|
|
|
|
break
|
|
|
|
lines.append(line)
|
|
|
|
return "\n".join(lines)
|
|
|
|
|
2023-05-03 00:53:18 +00:00
|
|
|
|
2023-05-02 17:40:06 +00:00
|
|
|
def refresh_token():
|
|
|
|
# If no username is set, prompt for it
|
|
|
|
if "username" not in CONFIG:
|
|
|
|
CONFIG["username"] = input("Enter iCloud username: ")
|
|
|
|
# If no password is set, prompt for it
|
|
|
|
if "password" not in CONFIG:
|
|
|
|
CONFIG["password"] = getpass.getpass("Enter iCloud password: ")
|
|
|
|
# If grandslam authentication is not set, prompt for it
|
|
|
|
if "use_gsa" not in CONFIG:
|
|
|
|
CONFIG["use_gsa"] = input("Use grandslam authentication? [y/N] ").lower() == "y"
|
2023-05-02 12:39:11 +00:00
|
|
|
|
2023-05-02 17:40:06 +00:00
|
|
|
def factor_gen():
|
|
|
|
return input("Enter iCloud 2FA code: ")
|
2023-05-02 12:39:11 +00:00
|
|
|
|
2023-05-02 17:40:06 +00:00
|
|
|
CONFIG["user_id"], CONFIG["token"] = ids._get_auth_token(
|
2023-05-09 16:21:56 +00:00
|
|
|
CONFIG["username"], CONFIG["password"], factor_gen=factor_gen
|
2023-05-02 17:40:06 +00:00
|
|
|
)
|
2023-05-02 12:39:11 +00:00
|
|
|
|
2023-05-03 00:53:18 +00:00
|
|
|
|
2023-05-02 17:40:06 +00:00
|
|
|
def refresh_cert():
|
|
|
|
CONFIG["key"], CONFIG["auth_cert"] = ids._get_auth_cert(
|
|
|
|
CONFIG["user_id"], CONFIG["token"]
|
|
|
|
)
|
2023-05-02 12:39:11 +00:00
|
|
|
|
2023-05-03 00:53:18 +00:00
|
|
|
|
|
|
|
def create_connection():
|
2023-05-02 17:40:06 +00:00
|
|
|
conn = apns.APNSConnection()
|
|
|
|
token = conn.connect()
|
2023-05-03 00:53:18 +00:00
|
|
|
# conn.filter(['com.apple.madrid'])
|
|
|
|
CONFIG["push"] = {
|
|
|
|
"token": b64encode(token).decode(),
|
|
|
|
"cert": conn.cert,
|
|
|
|
"key": conn.private_key,
|
2023-05-02 17:40:06 +00:00
|
|
|
}
|
|
|
|
return conn
|
2023-05-02 12:39:11 +00:00
|
|
|
|
2023-05-03 00:53:18 +00:00
|
|
|
|
2023-05-02 17:40:06 +00:00
|
|
|
def restore_connection():
|
2023-05-03 00:53:18 +00:00
|
|
|
conn = apns.APNSConnection(CONFIG["push"]["key"], CONFIG["push"]["cert"])
|
|
|
|
conn.connect(True, b64decode(CONFIG["push"]["token"]))
|
|
|
|
# conn.filter(['com.apple.madrid', 'com.apple.private.alloy.facetime.multi'])
|
2023-05-02 17:40:06 +00:00
|
|
|
return conn
|
2023-05-02 12:39:11 +00:00
|
|
|
|
2023-05-03 00:53:18 +00:00
|
|
|
|
2023-05-02 20:36:50 +00:00
|
|
|
def refresh_ids_cert():
|
2023-05-02 17:40:06 +00:00
|
|
|
info = {
|
|
|
|
"uri": "mailto:" + CONFIG["username"],
|
2023-05-03 00:53:18 +00:00
|
|
|
"user_id": CONFIG["user_id"],
|
2023-05-02 17:40:06 +00:00
|
|
|
}
|
2023-05-02 12:39:11 +00:00
|
|
|
|
2023-05-09 17:34:26 +00:00
|
|
|
print(
|
|
|
|
ids._get_handles(
|
|
|
|
CONFIG["push"]["token"],
|
|
|
|
CONFIG["user_id"],
|
|
|
|
ids.KeyPair(CONFIG["key"], CONFIG["auth_cert"]),
|
|
|
|
ids.KeyPair(CONFIG["push"]["key"], CONFIG["push"]["cert"]),
|
|
|
|
)
|
|
|
|
)
|
2023-05-09 16:21:56 +00:00
|
|
|
|
2023-05-02 17:40:06 +00:00
|
|
|
resp = None
|
|
|
|
try:
|
|
|
|
if "validation_data" in CONFIG:
|
|
|
|
resp = ids._register_request(
|
2023-05-03 00:53:18 +00:00
|
|
|
CONFIG["push"]["token"],
|
2023-05-02 17:40:06 +00:00
|
|
|
info,
|
2023-05-09 17:34:26 +00:00
|
|
|
ids.KeyPair(CONFIG["key"], CONFIG["auth_cert"]),
|
|
|
|
ids.KeyPair(CONFIG["push"]["key"], CONFIG["push"]["cert"]),
|
2023-05-02 17:40:06 +00:00
|
|
|
CONFIG["validation_data"],
|
|
|
|
)
|
|
|
|
except Exception as e:
|
|
|
|
print(e)
|
|
|
|
resp = None
|
2023-05-02 12:39:11 +00:00
|
|
|
|
2023-05-02 17:40:06 +00:00
|
|
|
if resp is None:
|
|
|
|
print(
|
|
|
|
"Note: Validation data can be obtained from @JJTech, or intercepted using a HTTP proxy."
|
|
|
|
)
|
|
|
|
validation_data = (
|
|
|
|
input_multiline("Enter validation data: ")
|
|
|
|
.replace("\n", "")
|
|
|
|
.replace(" ", "")
|
|
|
|
)
|
2023-05-02 12:39:11 +00:00
|
|
|
resp = ids._register_request(
|
2023-05-03 00:53:18 +00:00
|
|
|
CONFIG["push"]["token"],
|
2023-05-02 12:39:11 +00:00
|
|
|
info,
|
2023-05-09 17:34:26 +00:00
|
|
|
ids.KeyPair(CONFIG["key"], CONFIG["auth_cert"]),
|
|
|
|
ids.KeyPair(CONFIG["push"]["key"], CONFIG["push"]["cert"]),
|
2023-05-02 17:40:06 +00:00
|
|
|
validation_data,
|
2023-05-02 12:39:11 +00:00
|
|
|
)
|
2023-05-02 17:40:06 +00:00
|
|
|
CONFIG["validation_data"] = validation_data
|
2023-05-02 12:39:11 +00:00
|
|
|
|
2023-05-09 16:21:56 +00:00
|
|
|
print(resp)
|
2023-05-09 19:36:33 +00:00
|
|
|
ids_cert = signing.armour_cert(resp["services"][0]["users"][0]["cert"])
|
2023-05-02 12:39:11 +00:00
|
|
|
|
2023-05-02 20:36:50 +00:00
|
|
|
CONFIG["ids_cert"] = ids_cert
|
2023-05-02 17:40:06 +00:00
|
|
|
|
|
|
|
|
2023-05-03 00:53:18 +00:00
|
|
|
if not "push" in CONFIG:
|
2023-05-02 20:36:50 +00:00
|
|
|
print("No existing APNs credentials, creating new ones...")
|
2023-05-03 00:53:18 +00:00
|
|
|
# print("No push conn")
|
2023-05-02 18:10:13 +00:00
|
|
|
conn = create_connection()
|
|
|
|
else:
|
2023-05-02 20:36:50 +00:00
|
|
|
print("Restoring APNs credentials...")
|
2023-05-02 18:10:13 +00:00
|
|
|
conn = restore_connection()
|
2023-05-02 20:36:50 +00:00
|
|
|
print("Connected to APNs!")
|
2023-05-02 18:10:13 +00:00
|
|
|
|
2023-05-03 00:53:18 +00:00
|
|
|
if not "ids_cert" in CONFIG:
|
2023-05-02 20:36:50 +00:00
|
|
|
print("No existing IDS certificate, creating new one...")
|
2023-05-03 00:53:18 +00:00
|
|
|
if not "key" in CONFIG:
|
2023-05-02 20:36:50 +00:00
|
|
|
print("No existing authentication certificate, creating new one...")
|
2023-05-03 00:53:18 +00:00
|
|
|
if not "token" in CONFIG:
|
2023-05-02 20:36:50 +00:00
|
|
|
print("No existing authentication token, creating new one...")
|
2023-05-02 17:40:06 +00:00
|
|
|
refresh_token()
|
2023-05-02 20:36:50 +00:00
|
|
|
print("Got authentication token!")
|
2023-05-02 17:40:06 +00:00
|
|
|
refresh_cert()
|
2023-05-02 20:36:50 +00:00
|
|
|
print("Got authentication certificate!")
|
|
|
|
refresh_ids_cert()
|
|
|
|
print("Got IDS certificate!")
|
|
|
|
|
2023-05-03 00:53:18 +00:00
|
|
|
ids_keypair = ids.KeyPair(CONFIG["key"], CONFIG["ids_cert"])
|
|
|
|
|
2023-05-02 22:11:14 +00:00
|
|
|
|
2023-05-03 00:53:18 +00:00
|
|
|
def lookup(topic: str, users: list[str]):
|
2023-05-02 22:11:14 +00:00
|
|
|
print(f"Looking up users {users} for topic {topic}...")
|
2023-05-03 00:53:18 +00:00
|
|
|
resp = ids.lookup(conn, CONFIG["username"], ids_keypair, topic, users)
|
2023-05-02 22:11:14 +00:00
|
|
|
|
2023-05-03 00:53:18 +00:00
|
|
|
# print(resp)
|
|
|
|
# r = list(resp['results'].values())[0]
|
|
|
|
for k, v in resp["results"].items():
|
2023-05-02 22:11:14 +00:00
|
|
|
print(f"Result for user {k} topic {topic}:")
|
2023-05-03 00:53:18 +00:00
|
|
|
i = v["identities"]
|
2023-05-02 22:11:14 +00:00
|
|
|
print(f"IDENTITIES: {len(i)}")
|
|
|
|
for iden in i:
|
|
|
|
print("IDENTITY", end=" ")
|
|
|
|
print(f"Push Token: {b64encode(iden['push-token']).decode()}", end=" ")
|
2023-05-03 00:53:18 +00:00
|
|
|
if "client-data" in iden:
|
2023-05-02 22:11:14 +00:00
|
|
|
print(f"Client Data: {len(iden['client-data'])}")
|
2023-05-03 00:53:18 +00:00
|
|
|
|
2023-05-02 22:11:14 +00:00
|
|
|
else:
|
|
|
|
print("No client data")
|
|
|
|
|
2023-05-03 00:53:18 +00:00
|
|
|
|
2023-05-02 22:11:14 +00:00
|
|
|
# Hack to make sure that the requests and responses match up
|
|
|
|
# This filter MUST contain all the topics you are looking up
|
2023-05-03 00:53:18 +00:00
|
|
|
# conn.filter(['com.apple.madrid', 'com.apple.private.alloy.facetime.multi', 'com.apple.private.alloy.multiplex1', 'com.apple.private.alloy.screensharing'])
|
|
|
|
# import time
|
|
|
|
# print("...waiting for queued messages... (this is a hack)")
|
|
|
|
# time.sleep(5) # Let the server send us any messages it was holding
|
|
|
|
# conn.sink() # Dump the messages
|
2023-05-02 22:11:14 +00:00
|
|
|
|
2023-05-03 00:51:51 +00:00
|
|
|
lookup("com.apple.madrid", ["mailto:jjtech@jjtech.dev"])
|
|
|
|
lookup("com.apple.private.alloy.facetime.multi", ["mailto:jjtech@jjtech.dev"])
|
2023-05-02 22:11:14 +00:00
|
|
|
|
2023-05-03 00:51:51 +00:00
|
|
|
lookup("com.apple.private.alloy.facetime.multi", ["mailto:user_test2@icloud.com"])
|
|
|
|
lookup("com.apple.madrid", ["mailto:user_test2@icloud.com"])
|
2023-05-02 12:39:11 +00:00
|
|
|
|
2023-05-03 00:51:51 +00:00
|
|
|
lookup("com.apple.private.alloy.multiplex1", ["mailto:user_test2@icloud.com"])
|
2023-05-02 22:36:13 +00:00
|
|
|
|
2023-05-03 00:51:02 +00:00
|
|
|
lookup("com.apple.private.alloy.screensharing", ["mailto:user_test2@icloud.com"])
|
|
|
|
|
2023-05-03 00:53:18 +00:00
|
|
|
# time.sleep(4)
|
2023-05-02 12:39:11 +00:00
|
|
|
# Save config
|
|
|
|
with open("config.json", "w") as f:
|
2023-05-03 00:53:18 +00:00
|
|
|
json.dump(CONFIG, f, indent=4)
|