+
### 2. Generate Custom Mock Rules
-You will need to generate mock rules to be used in **HTTP Toolkit** for intercepting and modifying network traffic.
+Create mock rules to be used with **HTTP Toolkit** for intercepting and modifying network traffic.
Run the following command:
```bash
@@ -55,20 +57,32 @@ python rules.py --rules template.json --output my_rules.json
After generating the rules, import the resulting file into HTTP Toolkit.
-### 3. Bypass License Authentication
+### 3. Run the Mock Server
-After generating the ticket, enable the **Bypass Auth Ticket** rule in HTTP Toolkit. Then, launch the DVDFab software through an intercepted terminal and log in with your credentials.
+> [!WARNING]
+> This step is required for applications that process DRM content but optional for others.
-Once logged in, close the software, enable the **Bypass Auth Ticket** rule, and relaunch the software.
+Before launching any DVDFab product with the mock rules, ensure the server is running.
+
+To run the server:
+```bash
+python server.py --export
+```
+
+### 4. Bypass License Authentication
+
+After generating custom mock rules, import them into **HTTP Toolkit**. Launch the DVDFab software through an intercepted terminal and log in with your credentials. After logging in, close the software and enable the **Bypass Auth Ticket** rule to activate the software.
-### 4. Advanced License Management
+### 5. Advanced License Management
+
+> [!NOTE]
+> By default, the generated ticket corresponds to a Fab365 ticket. However, this module allows users to generate other ticket formats based on their preferences.
This tool provides multiple ways to manage tickets, including logging in, using an existing token, or extracting information from old tickets.
-
-
+
#### Command Options for Ticket Management
@@ -78,55 +92,44 @@ usage: ticket.py [-h] [--type {SUBSCRIBER,LIFETIME,FREE,NO_LOGIN}]
{login,token,ticket,info} ...
```
-**Positional Arguments:**
+**Positional Arguments**:
+
- `login` β Log in using account credentials.
- `token` β Use an existing user token.
- `ticket` β Use a pre-existing ticket string.
- `info` β Extract ticket information from a serialized ticket string.
-**Optional Arguments:**
-- `--type` β Ticket type, options: `SUBSCRIBER`, `LIFETIME`, `FREE`, `NO_LOGIN`.
+**Optional Arguments**:
+
+- `--type` β Ticket type options: `SUBSCRIBER`, `LIFETIME`, `FREE`, `NO_LOGIN`.
- `--version` β Specify software version (default: 6200).
-- `--expire` β Number of days until the ticket expires (default: 365 days).
+- `--expire` β Specify the number of days until the ticket expires (default: 365 days).
#### Example Ticket Generation
-1. **Log in and Generate Ticket:**
+1. **Log in and Generate a Ticket**:
+
```bash
python ticket.py login myemail@example.com mypassword --client WINDOWS
```
-2. **Use an Existing Token:**
+2. **Use an Existing Token**:
+
```bash
python ticket.py token "your-32-char-token"
```
-3. **Extract Information from a Ticket:**
+3. **Extract Information from a Ticket**:
+
```bash
python ticket.py info "serialized-ticket-string"
```
-## Advanced Features
-
-### IP/MAC-Based DRM Restriction Circumvention
-
-> [!WARNING]
-> Avoid using the same account across multiple regions or devices simultaneously, as it could lead to account suspension or banning.
-
-Some DRM-protected services may block access based on the IP or MAC address of the user. To avoid this, the tool includes a **mocking server** that can spoof the device identity and circumvent such restrictions.
-
-To run the server:
-```bash
-python server.py --email "user@example.com"
-```
-
-At the same time, enable the mock rules in HTTP Toolkit that are associated with DRM services.
-
## Common Issues
-- **Invalid Token Error:** Ensure that your token is exactly 32 characters long. If it's shorter or longer, regenerate it or verify the token source.
-- **Expired License:** If you encounter an expired license error, check the expiration date of your ticket using the `info` command and extend it by generating a new ticket.
-- **DRM Block:** If the software blocks your IP/MAC address, ensure you're using the correct DRM circumvention server configuration.
+- **Invalid Token Error**: Ensure that your token is exactly 32 characters long. If it's shorter or longer, regenerate it or verify the token source.
+- **Expired License**: If you encounter an expired license error, check the expiration date of your ticket using the `info` command and generate a new ticket if necessary.
+- **DRM Block**: If the software blocks your IP/MAC address, verify that youβre using the correct DRM circumvention server configuration.
## License
@@ -134,4 +137,4 @@ This project is licensed under the MIT License. See the [LICENSE](LICENSE) file
## Disclaimer
-This tool is provided for **educational purposes only**. Unauthorized use of software tools to bypass security mechanisms, including licensing, may violate laws and terms of service. Always ensure compliance with software terms of use before attempting any modifications.
+This tool is provided for **educational purposes only**. Unauthorized use of software tools to bypass security mechanisms, including licensing, may violate laws and terms of service. Always ensure compliance with software terms of use before attempting any modifications.
\ No newline at end of file
diff --git a/docs/images/mock_rules.png b/docs/images/mock_rules.png
index fd67d79..b40f948 100644
Binary files a/docs/images/mock_rules.png and b/docs/images/mock_rules.png differ
diff --git a/docs/images/ticket_info.png b/docs/images/ticket_info.png
new file mode 100644
index 0000000..afe309d
Binary files /dev/null and b/docs/images/ticket_info.png differ
diff --git a/src/requirements.txt b/src/requirements.txt
index 89b6747..cd15f90 100644
--- a/src/requirements.txt
+++ b/src/requirements.txt
@@ -1,3 +1,5 @@
pathlib~=1.0.1
requests~=2.31.0
-requests-toolbelt~=1.0.0
\ No newline at end of file
+requests-toolbelt~=1.0.0
+xmltodict~=0.13.0
+flask~=3.0.3
\ No newline at end of file
diff --git a/src/server.py b/src/server.py
index fe3de3b..2f18c36 100644
--- a/src/server.py
+++ b/src/server.py
@@ -3,25 +3,29 @@ import json
import re
import secrets
import string
+
from enum import Enum
import requests
+import xmltodict
+
from flask import Flask, Response, jsonify, request
from pathlib import Path
from requests_toolbelt import MultipartEncoder
+# Path to export data
EXPORTS = Path(__file__).parent / 'exports.json'
def parse_boundary(data: str) -> dict:
"""
- Parse the multipart form data to extract fields.
+ Parse multipart form data to extract fields.
Parameters:
- - data (str): The raw multipart form data as a string.
+ - data (str): Raw multipart form data as a string.
Returns:
- - dict: A dictionary with form field names as keys and field values as values.
+ - dict: A dictionary with form field names as keys and values as values.
"""
fields = {}
# Split parts using the boundary (separator) and process each part
@@ -38,11 +42,28 @@ def parse_boundary(data: str) -> dict:
class ServiceType(Enum):
- STREAM = 'Stream' # StreamFab, PlayerFab
+ STREAM = 'Stream' # StreamFab
MUSIC = 'Music' # MusicFab
class Session:
+ """
+ Session class to manage and generate random user-related data (email, MAC, etc.).
+
+ Attributes:
+ - DOMAINS (list): Predefined list of popular email domains.
+ - CHARACTERS (str): Character set used for generating random local email parts.
+ - type (ServiceType): The type of service (Stream or Music).
+ - max (int): Maximum number of session usages before resetting.
+ - export (bool): Flag to determine if data should be exported.
+ - running (dict): Stores information about the current active session.
+
+ Methods:
+ - email (property): Generates or returns the current session email.
+ - mac (property): Generates or returns the current session MAC address.
+ - patch(data: dict): Patches the incoming data with session-specific fields.
+ """
+
DOMAINS = ['hotmail.com', 'gmail.com', 'yahoo.com', 'outlook.com', 'protonmail.com', 'yandex.com']
CHARACTERS = string.ascii_lowercase + string.digits + '.-'
@@ -56,6 +77,12 @@ class Session:
@property
def email(self) -> str:
+ """
+ Generate a random email address if not already set.
+
+ Returns:
+ - str: Randomly generated or pre-set email address.
+ """
length = secrets.choice(range(5, 15))
return self._email or '{local}@{domain}'.format(
local=''.join(secrets.choice(self.CHARACTERS) for _ in range(length)),
@@ -64,10 +91,19 @@ class Session:
@email.setter
def email(self, value: str) -> None:
+ """
+ Set the email manually if provided.
+ """
self._email = value
@property
def mac(self) -> str:
+ """
+ Generate a random MAC address if not already set.
+
+ Returns:
+ - str: Randomly generated or pre-set MAC address.
+ """
return self._mac or ':'.join([
'-'.join(f'{b:02x}' for b in secrets.token_bytes(6)),
'-'.join(f'{b:02x}' for b in secrets.token_bytes(6))
@@ -75,10 +111,25 @@ class Session:
@mac.setter
def mac(self, value: str) -> None:
+ """
+ Set the MAC address manually if provided.
+ """
self._mac = value
def patch(self, data: dict) -> dict:
- kid = data['KD']
+ """
+ Patch the data dictionary with dynamic fields (email, mac, etc.).
+
+ Parameters:
+ - data (dict): Incoming data dictionary to be patched.
+
+ Returns:
+ - dict: Modified data dictionary with session-specific fields.
+ """
+ # Use kid or current running session's kid
+ kid = data.get('KD', self.running.get('kid'))
+
+ # Initialize new session if no session exists or conditions change
if not self.running or self.running.get('kid') != kid or self.running.get('count') >= self.max:
self.running = {
'kid': kid,
@@ -87,50 +138,76 @@ class Session:
'count': 0
}
+ # Update necessary fields
for key, value in data.items():
- if key in ('MD'):
+ if key in ('MD', 'EM'):
data[key] = self.running['mac']
- elif key in ('EM'):
- data[key] = self.running['email']
+ elif key in ('PW', 'TK'):
+ data[key] = '' # Empty password/token
elif key in ('RT'):
data[key] = 'trial'
+ elif key in ('DS', 'IS', 'BI'):
+ # Random token for certain fields
+ data[key] = secrets.token_hex(16)
elif key in ('PS'):
data[key] = self.type.value
- elif key in ('PW', 'TK'):
- data[key] = secrets.token_hex(16)
+
+ # Generate an invalid KID
+ data['KD'] = secrets.token_hex(16)
elif key == 'DT' and self.export:
+ # Export data if 'DT' key and export is enabled
exports = json.loads(EXPORTS.read_bytes()) if EXPORTS.is_file() else {}
- exports[data['PD']] = value
+ exports.setdefault(data['TB'], {}).setdefault(data['PD'], value)
EXPORTS.write_text(json.dumps(exports, indent=2))
self.running['count'] += 1
return data
+# Initialize session and Flask app
session = Session()
app = Flask(__name__)
-app.config.update(ALLOWED_HOSTS=['127.0.0.1', 'localhost'])
@app.route('/', defaults={'path': ''})
-@app.route('/\n This response came from HTTP Toolkit, which is currently intercepting this connection.\n
\n\n All requests made by this browser will be recorded by HTTP Toolkit.\n Take a look at the 'View' tab there now to see the request & response\n that brought you this page, or start browsing elsewhere to collect more data.\n
\n\n This response came from HTTP Toolkit, which is currently intercepting this connection.\n
\n\n All requests made by this browser will be recorded by HTTP Toolkit.\n Take a look at the 'View' tab there now to see the request & response\n that brought you this page, or start browsing elsewhere to collect more data.\n
\n