From hsrvpn-gettokens, 3 Weeks ago, written in Python.
Embed
  1. #!/usr/bin/python
  2.  
  3. from xml.etree import ElementTree
  4.  
  5. import requests
  6. import keyring
  7.  
  8. user = 'fbruhin'
  9. secret = keyring.get_password('hsrvpn-gettokens', user)
  10. debug = False
  11.  
  12. # Yes, they really throw XML in as form-encoded because it just happens to have a = in it...
  13. data = {"<?xml version": "'1.0' ?><SASRequest><Version>3.1</Version><Action>SecurityStrings</Action><Id>{}</Id></SASRequest>".format(secret)}
  14. user_agent = 'Mozilla/5.0 (Linux; Android 8.1.0; TA-1004 Build/OPR1.170623.026; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/68.0.3440.91 Mobile Safari/537.36'
  15. headers = {
  16.     'User-Agent': user_agent,
  17.     'Origin': 'file://',  # yes, really
  18.     # let's invent our own header which is an user agent because we put bullshit in the user agent data
  19.     'X-Requested-With': 'com.authcontrolmobile',
  20. }
  21. proxies = {'https': 'http://localhost:8080'} if debug else {}
  22. verify = not debug
  23.  
  24. response = requests.post('https://sidv3611virt.hsr.ch/proxy/AgentXML', data=data, headers=headers, proxies=proxies, verify=verify)
  25. response.raise_for_status()
  26.  
  27. print(response.text)
  28.  
  29. tree = ElementTree.fromstring(response.text)
  30. assert tree.find('Version').text == '3.6'
  31. assert tree.find('Result').text == 'PASS'
  32.  
  33. codes = tree.find('SecurityStrings').text.strip(';').split(';')
  34.  
  35. output = ' '.join('{}{:02}'.format(idx, code) for code, idx in enumerate(codes))
  36. print(output)
  37. keyring.set_password('hsrvpn-secrets', user, output)
  38.  

Replies to Untitled rss

Title Name Language When
hsrvpn-gettokens florian python 3 Weeks ago.