This repository was archived by the owner on Feb 15, 2024. It is now read-only.
This repository was archived by the owner on Feb 15, 2024. It is now read-only.
parse_token returns wrong ajax token #85
Description
may be related to #75 (comment)
(i dont think ajax tokens are sensitive info but will censor them anyway)
I noticed in the dev console that the ajax token used by aternos did not match the one given by the library
LGuu**************** < used by aternos website
TBsn**************** < used by the library
I deobfuscated the js function by hand to try and understand how it works
(() => /*window["AJAX_TOKEN"]="TBsn****************"}*/{window[["XAJA","OT_","K","NE"].map(s => s.split('').reverse().join('')).join('')]=!(window[["Map"].reverse().join('')]["prototype"]&&window[["cod","emu","tn"].map(s => s.split('').reverse().join('')).join('')]&&window[["nemucod","t"].map(s => s.split('').reverse().join('')).join('')][("getEleme" + "ntB" + "yId")]&&window[["oemiTtes","tu"].map(s => s.split('').reverse().join('')).join('')])?"TBsn****************":"LGuu****************";})();
// -->
(() => {
window['AJAX_TOKEN'] = !(window["Map"]["prototype"] && window["document"]
&& window["document"]["getElementById"]
&& window["setTimeout"]) ? "TBsn****************" : "LGuu****************";
})();
// -->
(() => {
window['AJAX_TOKEN'] = !true ? "TBsn****************" : "LGuu****************";
})();And yeah it just sets the AJAX_TOKEN to LGuu**************** its all determined by the !
i tested and the to_ecma5 dosent seem to be the thing causing the error.
If a had to guess its probably the ctx.execute('window.document = { };') and the others that are causing the problem.