├── README.md ├── http └── README.md └── signing ├── README.md └── gorgon.py /README.md: -------------------------------------------------------------------------------- 1 | available: 2 | 3 | siging 4 | intercepting (easy method) 5 | -------------------------------------------------------------------------------- /http/README.md: -------------------------------------------------------------------------------- 1 | # Intercepting TikTok http traffic 2 | By &! Tekky#1337 (beginner version) 3 | 4 | ## Requirements 5 | - Http Toolkit: https://httptoolkit.tech/ 6 | 7 | ![image](https://user-images.githubusercontent.com/98614666/180626524-2f17e750-b0fa-412b-b889-443df8accf73.png) 8 | 9 | - Nox Player: https://www.bignox.com/ 10 | 11 | ![image](https://user-images.githubusercontent.com/98614666/180626552-84bd24eb-6eef-44ca-bee1-893cffb35aae.png) 12 | 13 | - TikTok [TikTok v19.3.3](https://androidapksfree.com/tik-tok/com-zhiliaoapp-musically/download-old/tiktok-19-3-3-apk/) or version < 20 14 | 15 | ![image](https://user-images.githubusercontent.com/98614666/180626608-8e4c177e-4227-43aa-ac87-0832b7138181.png) 16 | 17 | ## Setup 18 | 19 | - open nox player and slide TikTok in, then let it install 20 | - now open the app and login (we don't want out device to be flagedd by xlog) 21 | - open Http Toolkit and click on "Android device via ADB 22 | 23 | ![image](https://user-images.githubusercontent.com/98614666/180626688-a9dad3c0-23c4-44d0-a1c4-53c215766634.png) 24 | 25 | - after a while, Toolkit will autoinstall in nox player and open up 26 | 27 | ![image](https://user-images.githubusercontent.com/98614666/180626718-05896b42-d105-4fa1-9653-6bbb91582f0f.png) 28 | 29 | - now got to the "View" Tab 30 | 31 | ![image](https://user-images.githubusercontent.com/98614666/180626755-80ad5dcb-6fd1-44ae-976f-ed3413e24e57.png) 32 | 33 | - success !! you now will now see all requests made 34 | 35 | ![image](https://user-images.githubusercontent.com/98614666/180626776-3db44280-5523-4c92-98ff-0899d4255a2e.png) 36 | -------------------------------------------------------------------------------- /signing/README.md: -------------------------------------------------------------------------------- 1 | gorgon string -> 04047dcd40000790ed08d0d90bf03d02707a0d90ed0fd06103f0601403507d0b60300c0 2 | 3 | ``` 4 | 0404 7dcd40000 790ed08d0d90bf03d02707a0d90ed0fd06103f0601403507d0b60300c0 5 | 6 | version key of string key (there are 31) encrypted string containing url params, cookies and data 7 | 8 | 9 | 1 > base string 10 | 11 | a. -> md5 url params (xx=123&xy=123) + md5 data (us=123) + md5 cookie = (xx=ededed; dd=eded) + hex timestamp 12 | b. -> hex list from a. 13 | 14 | 2 > base string encryption key encrypted with key from list (hex list) 15 | 16 | 3 > encrypt base string with encryption key 17 | 18 | 4 > version + hash encryption key key + encrypted hex string 19 | 20 | ``` 21 | 22 | encrypt key (key is hex list) 23 | 24 | ```py 25 | Z = 256 26 | Y = encryption hex list from defined list (31 possibilities) 27 | 28 | def __encryption_key(self, Z: int, HX: list): 29 | tmp = A = B = C = D = None 30 | hexs = [] 31 | 32 | for i in range(Z): 33 | hexs.append(i) 34 | 35 | for i in range(Z): 36 | if i == 0: 37 | A = 0 38 | elif tmp is not None: 39 | A = tmp 40 | else: 41 | A = hexs[i - 1] 42 | B = HX[i % 8] 43 | if (A == 85) & (i != 1) & (tmp != 85): 44 | A = 0 45 | C = self.__hex_max(A + i + B) 46 | tmp = C if C < i else None 47 | D = hexs[C] 48 | hexs[i] = D 49 | return hexs 50 | ``` 51 | 52 | encrypt with key 53 | ```py 54 | 55 | 56 | def __xor_hash_list(self, HL, HK): 57 | tmp_add = [] 58 | tmp_hex = [] + HK 59 | A = B = C = D = E = F = G = None 60 | rang = self.__calc_ranges(self.LEN) 61 | for i in rang: 62 | A = HL[i] 63 | B = 0 if len(tmp_add) == 0 else tmp_add[-1] 64 | C = self.__hex_max(HK[i + 1] + int(B)) 65 | tmp_add.append(C) 66 | D = tmp_hex[C] 67 | tmp_hex[i + 1] = D 68 | E = self.__hex_max(D + D) 69 | F = tmp_hex[E] 70 | G = A ^ F 71 | HL[i] = G 72 | 73 | return HL 74 | 75 | ``` 76 | -------------------------------------------------------------------------------- /signing/gorgon.py: -------------------------------------------------------------------------------- 1 | import time 2 | import random 3 | import hashlib 4 | 5 | 6 | class Gorgon: 7 | def __init__(self, params: str) -> None: 8 | self.params = params 9 | self.DGTS = {c: i for i, c in enumerate("0123456789abcdefghijklmnopqrstuvwxyz")} 10 | self.HASHES = ['c8dc0001', 'c8ec0001', 'd0e40001', 'd8f43c00', 'd8e44000', 'd5e30001', 'a0d24000', '96cb4000', 'a7d34000', '9ce44000', 'd8d84000', 'cde24000', 'b0d64000', 'b4d94000', 'd5f04000', 'd8d24000', 'c0eb4000', 'c1ea4000', 'baea4000', '88ab4000', 'a6674000', '0fa74000', 'b68b4000', '54c24000', 'aab74000', '7dcd4000', 'af8a4000', '0ce54000', '1aa34000', '23694000', '18a74000'] 11 | self.HEX_STRS = [[30, 0, 224, 220, 147, 69, 1, 200], [30, 0, 224, 236, 147, 69, 1, 200], [30, 0, 224, 228, 147, 69, 1, 208], [30, 60, 224, 244, 147, 69, 0, 216], [30, 64, 224, 228, 147, 69, 0, 216], [30, 0, 224, 227, 147, 69, 1, 213], [30, 64, 224, 210, 147, 69, 0, 160], [30, 64, 224, 203, 147, 69, 0, 150], [30, 64, 224, 211, 147, 69, 0, 167], [30, 64, 224, 228, 147, 69, 0, 156], [30, 64, 224, 216, 147, 69, 0, 216], [30, 64, 224, 226, 147, 69, 0, 205], [30, 64, 224, 214, 147, 69, 0, 176], [30, 64, 224, 217, 147, 69, 0, 180], [30, 64, 224, 240, 147, 69, 0, 213], [30, 64, 224, 210, 147, 69, 0, 216], [30, 64, 224, 235, 147, 69, 0, 192], [30, 64, 224, 234, 147, 69, 0, 193], [30, 64, 224, 234, 147, 69, 0, 186], [30, 64, 224, 171, 147, 69, 0, 136], [30, 64, 224, 103, 147, 69, 0, 166], [30, 64, 224, 167, 147, 69, 0, 15], [30, 64, 224, 139, 147, 69, 0, 182], [30, 64, 224, 194, 147, 69, 0, 84], [30, 64, 224, 183, 147, 69, 0, 170], [30, 64, 224, 205, 147, 69, 0, 125], [30, 64, 224, 138, 147, 69, 0, 175], [30, 64, 224, 229, 147, 69, 0, 12], [30, 64, 224, 163, 147, 69, 0, 26], [30, 64, 224, 105, 147, 69, 0, 35], [30, 64, 224, 167, 147, 69, 0, 24]] 12 | self.LEN = 20 13 | 14 | def calculate(self, khronos: int or None = None): 15 | 16 | UT = khronos if khronos is not None else int(time.time()) 17 | FC = random.randint(0, len(self.HASHES)) 18 | HS = self.HEX_STRS[FC] 19 | HX = self.HASHES[FC] 20 | HL = self.__hash_list(UT) 21 | HK = self.__encryption_key(256, HS) 22 | HL = self.__xor_hash_list(HL, HK) 23 | HD = self.__handle_xor(HL) 24 | RS = "".join([self.__hex_str(HS) for HS in HD]) 25 | 26 | return { 27 | "X-Gorgon": f"0404{HX}{RS}", 28 | "X-Khronos": str(UT), 29 | } 30 | 31 | def __hex_str(self, X: int) -> str: 32 | Y = self.__to_hex(X) 33 | return Y if len(Y) > 2 else "0" + Y 34 | 35 | def __xor_hash_list(self, HL, HK): 36 | tmp_add = [] 37 | tmp_hex = [] + HK 38 | A = B = C = D = E = F = G = None 39 | rang = self.__calc_ranges(self.LEN) 40 | for i in rang: 41 | A = HL[i] 42 | B = 0 if len(tmp_add) == 0 else tmp_add[-1] 43 | C = self.__hex_max(HK[i + 1] + int(B)) 44 | tmp_add.append(C) 45 | D = tmp_hex[C] 46 | tmp_hex[i + 1] = D 47 | E = self.__hex_max(D + D) 48 | F = tmp_hex[E] 49 | G = A ^ F 50 | HL[i] = G 51 | 52 | return HL 53 | 54 | def __hash_list(self, UT: int) -> str: 55 | HT = self.__to_hex(UT) 56 | MP = str(hashlib.md5(self.params.encode("utf-8")).hexdigest()) 57 | RG = self.__calc_ranges(start=4) 58 | 59 | PHL = [self.__from_hex(MP[i * 2 : 2 * i + 2]) for i in RG] 60 | EHL = [0 for i in range(len(RG) * 3)] 61 | UHL = [self.__from_hex(HT[i * 2 : 2 * i + 2]) for i in RG] 62 | 63 | return PHL + EHL + UHL 64 | 65 | def __from_hex(self, hex: hex) -> int: 66 | return self.__convert_base(hex, int(16)) 67 | 68 | def __convert_base(self, hex: str, base: int) -> int: 69 | return sum( 70 | self.DGTS[digit] * (base**i) 71 | for i, digit in enumerate(reversed(hex.lower())) 72 | ) 73 | 74 | def __to_hex(self, num: int) -> hex: 75 | return format(int(num), "x") 76 | 77 | def __calc_ranges(self, start: int = 0, stop: None = None, step: int = 1) -> list: 78 | if stop is None: 79 | stop = start 80 | start = 0 81 | 82 | if ((step > 0) & (start >= stop)) or (step < 0) & (start <= stop): 83 | return [] 84 | 85 | return [x for x in range(start, stop, step)] 86 | 87 | def __handle_xor(self, hash_list: list): 88 | 89 | HL = hash_list 90 | RG = self.__calc_ranges(self.LEN) 91 | 92 | for i in RG: 93 | A = HL[i] 94 | B = self.__reverse(A) 95 | C = int(HL[(i + 1) % self.LEN]) 96 | D = B ^ C 97 | E = self.__hex_rbit(D) 98 | F = E ^ self.LEN 99 | G = ~F 100 | while G < 0: 101 | G += 4294967296 102 | 103 | a = self.__to_hex(G) 104 | offset = len(a) - 2 105 | 106 | H = self.__from_hex(self.__to_hex(G)[offset:]) 107 | HL[i] = H 108 | 109 | return HL 110 | 111 | def __reverse(self, num): 112 | T = self.__to_hex(num) 113 | if len(T) < 2: 114 | T = "0" + T 115 | 116 | return self.__from_hex(T[1:10] + T[0:1]) 117 | 118 | def __hex_rbit(self, X: int): 119 | BN = format(X, "b") 120 | 121 | while len(BN) < 8: 122 | BN = "0" + BN 123 | RS = "".join([BN[7 - i] for i in range(8)]) 124 | 125 | return int(RS, 2) 126 | 127 | def __encryption_key(self, Z: int, HX: list): 128 | tmp = A = B = C = D = None 129 | hexs = [] 130 | 131 | for i in range(Z): 132 | hexs.append(i) 133 | 134 | for i in range(Z): 135 | if i == 0: 136 | A = 0 137 | elif tmp is not None: 138 | A = tmp 139 | else: 140 | A = hexs[i - 1] 141 | B = HX[i % 8] 142 | if (A == 85) & (i != 1) & (tmp != 85): 143 | A = 0 144 | C = self.__hex_max(A + i + B) 145 | tmp = C if C < i else None 146 | D = hexs[C] 147 | hexs[i] = D 148 | return hexs 149 | 150 | def __hex_max(self, val, max=256): 151 | while val >= 256: 152 | val = val - 256 153 | return val 154 | 155 | 156 | if __name__ == "__main__": 157 | sig = Gorgon("x=123&y=332").calculate(1662759087) 158 | print(sig) 159 | --------------------------------------------------------------------------------