// ==UserScript== // @name [Demo]曾照彩云归 // @name:en demo@caiyunFakeupload // @description A useless Demo for study purposes (scriptcat only),simple and stupid. // @author ae86_qiu // @namespace [Demo]caiyunFakeupload@bbs.tampermonkey.net.cn // @version 001.2022.0830.1 // @match https://yun.139.com/w/#/index // @match https://yun.139.com/w//index // @icon https://www.google.com/s2/favicons?sz=64&domain=yun.139.com // @grant GM_xmlhttpRequest // @grant GM_cookie // @connect yun.139.com // @require https://z.chaoxing.com/js/jquery-3.5.0.min.js // ==/UserScript== // 【Demo演示,请勿日常使用】 'use strict'; var $ = $ || window.$ var DebugMODE = false // whether to console.log all xhrs //The GM_caiyun constructor function GM_caiyunStruct(){ GM_caiyunInit(this, arguments) // init caiyun } const DEFAULT_ROOT_ID = '00019700101000000001' // THis is the initializer function function GM_caiyunInit(config,arguments){// config means 'this' of GM_caiyunStruct config.userInfo = JSON.parse(localStorage.getItem('userInfo')) // login info config.account = atob(config.userInfo.encryptAccount) // phone number config.phoneNumber = atob(config.userInfo.encryptAccount) // phone number config.userId = config.userInfo.userId config.token = config.userInfo.token // seems useless config.RootparentCatalogID = DEFAULT_ROOT_ID // root Folder config.myCollectionParentCatalogID = config.userInfo.userId + DEFAULT_ROOT_ID // 'MyAppCollection' 1011ZTlv31Qh00019700101000000071 userId + DEFAULT_ROOT_ID } GM_caiyunStruct.prototype = {// #GM_caiyunStruct.prototype region start /** * this obfuscated getNewSign function comes from official app.9dd75283.js * @param {undefined} e * @param {body} t * @param {timestamp} a * @param {randStr16} n * @returns */ getNewSign: function(e, t, a, n) { var r = "", i = ""; if (t) { var s = Object.assign({}, t); i = JSON.stringify(s), i = i.replace(/\s*/g, ""), i = encodeURIComponent(i); var c = i.split(""), u = c.sort(); i = u.join("") } // the declaration of md5 function is at the bottom of this page var A = md5(this.btoa(this.utob(i))) // var A = md5(btoa(utob(i))), // utils.GetMD5Encode(ts+":"+randStr) var l = md5(a + ":" + n) // l = md5(a + ":" + n); return md5(A + l).toUpperCase() }, getRandomSring: function(t) {// the employees of China Mobile misspelled the word 'string' for (var e = "ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789", a = "", n = 0; n < t; n++) { var o = Math.floor(Math.random() * e.length); a += e.substring(o, o + 1) } return a }, getRandomString16: function(){// length = 16, random string return this.getRandomSring(16) }, Lt: function() {// 20220830122815 https://yun.139.com/w/static/js/app.9dd75283.js #L10769 var t = new Date , e = t.getFullYear() , a = t.getMonth() + 1 < 10 ? "0".concat(t.getMonth() + 1) : t.getMonth() + 1 , n = t.getDate() < 10 ? "0".concat(t.getDate()) : t.getDate() , o = t.getHours() < 10 ? "0".concat(t.getHours()) : t.getHours() , i = t.getMinutes() < 10 ? "0".concat(t.getMinutes()) : t.getMinutes() , s = t.getSeconds() < 10 ? "0".concat(t.getSeconds()) : t.getSeconds(); return "".concat(e).concat(a).concat(n).concat(o).concat(i).concat(s) }, moment: function(a, expr = 'yyyy-MM-dd hh:mm:ss') {// '2022-08-30 09:29:29' let y = a.getFullYear(), M = a.getMonth() + 1, d = a.getDate(), D = a.getDay(), h = a.getHours(), m = a.getMinutes(), s = a.getSeconds(), w = a.getDay() const zeroize = v => `${v > 9 ? '' : '0'}${v}` return expr.replace(/(?:s{1,2}|w{1,2}|m{1,2}|h{1,2}|d{1,2}|M{1,4}|y{1,4})/g, function (str) { switch (str) { case 's': return s; case 'ss': return zeroize(s); case 'm': return m; case 'mm': return zeroize(m); case 'h': return h; case 'hh': return zeroize(h); case 'd': return d; case 'w': return w; case 'ww': return w == 0 ? 7 : w; case 'dd': return zeroize(d); case 'M': return M; case 'MM': return zeroize(M); case 'MMMM': return ['十二', '一', '二', '三', '四', '五', '六', '七', '八', '九', '十', '十一'][m] + '月'; case 'yy': return String(y).substr(2); case 'yyyy': return y; default: return str.substr(1, str.length - 2); } }) }, btoa: function(v){ // base64 encode return btoa(v) // return Buffer.from(v).toString('base64') }, utob: function(str) { const u = String.fromCharCode return str.replace(/[\uD800-\uDBFF][\uDC00-\uDFFFF]|[^\x00-\x7F]/g, (t) => { if (t.length < 2) { var e = t.charCodeAt(0); return e < 128 ? t : e < 2048 ? u(192 | e >>> 6) + u(128 | 63 & e) : u(224 | e >>> 12 & 15) + u(128 | e >>> 6 & 63) + u(128 | 63 & e) } e = 65536 + 1024 * (t.charCodeAt(0) - 55296) + (t.charCodeAt(1) - 56320); return u(240 | e >>> 18 & 7) + u(128 | e >>> 12 & 63) + u(128 | e >>> 6 & 63) + u(128 | 63 & e) }) }, createHeaders: function(body) { // let timestamp = Date.now() // let key = getRandomSring(16) timestamp = this.moment(new Date()) // let timestamp = moment(new Date()) let key = this.getRandomString16() // let key = getRandomSring(16) // let sign = getNewSign(undefined, body, timestamp, key) let sign = this.getNewSign(undefined, body, timestamp, key) let headers = { 'x-huawei-channelSrc': '10000034', 'x-inner-ntwk': '2', 'mcloud-channel': '1000101', 'mcloud-client': '10701', 'mcloud-sign': timestamp + "," + key + "," + sign, // 'mcloud-skey': null, 'content-type': "application/json;charset=UTF-8", 'caller': 'web', 'CMS-DEVICE': 'default', 'x-DeviceInfo': '||9|85.0.4183.83|chrome|85.0.4183.83|||windows 10||zh-CN|||', 'x-SvcType': '1', 'referer': 'https://yun.139.com/w/', } // usage: // headers: { // ...caiyun.createHeaders(params), // 'Cookie':caiyun.cookie // }, return headers }, userInfo,// login info account,// phone number phoneNumber,// phone number userId,// userId token,// token from localStorage userInfo cookie, requestCookie:async function (){ return new Promise((resolve,reject) => { GM_cookie('list',{ domain: window.location.host },(list) => { let t = '' for(let c of list){ t += c.name t += '=' t += c.value } resolve(t) // cookie }); }) }, fetchCookie: async function(){ let r = await this.requestCookie() this.cookie = r // set caiyun.cookie // setTimeout(() => {}, 1000) }, RootparentCatalogID, }; // #GM_caiyunStruct.prototype region end // create default instance of GM_caiyun var caiyun = new GM_caiyunStruct(); (function () { 'use strict' function PostData(dict) { var k, tmp, v; tmp = []; for (k in dict) { v = dict[k]; tmp.push(k + "=" + v); } return tmp.join('&'); } const byteSize = str => new Blob([str]).size // https://dev.to/rajnishkatharotiya/get-byte-size-of-the-string-in-javascript-20jm function delay(ms) { if (ms == 0) { ms = 1000 * (Math.floor(Math.random() * (11 - 4)) + 4); } return new Promise(resolve => setTimeout(resolve, ms)) } function shitcode_getRsaPublicKey(){ async function requestRsaPublicKeyValue(){ const r = new Promise((resolve,reject) => { GM_xmlhttpRequest({ method: 'POST', url: 'https://yun.139.com/caiyun/openapi/authentication/key/getRsaPublicKey', data: PostData({ clientCode:'10701', type:1 }), onload: function (r) { if(Math.floor(r.status / 100) === 2){ resolve({ state: true, error: '', text:r.response }); }else{ resolve({ state: false, error: `response.status:${r.status}`, text: '' }); } } }) }); return r; } async function requestRsaPublicKeyValueByAjax(){ const r = await $.ajax({ url: 'https://yun.139.com/caiyun/openapi/authentication/key/getRsaPublicKey', dataType: 'json', data:PostData({ clientCode:'10701', type:1 }) }); return r } async function fetchRsaPublicKeyValue(){ let r = await requestRsaPublicKeyValue() let pubkeydata = JSON.parse(r.text).data return pubkeydata // 'MIGfMA....DAQAB' } function getRsaPublicKey(){// 20220830 caiyun publicKey // @require http://www-cs-students.stanford.edu/~tjw/jsbn/rsa.js let punlicKeyValue = 'MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCGS22ZQd0Gmbpi29j2o3SqC8Kexd/53uQw3JI0J1fsRFzAKYh05XJB9OtB/eKb7UKHg6kI1wcdQCouSOZyA+cgp+zY5SAP6wYZaVKhIv0mK1vK9TLnLnYc1sIMOwjP2FX1pSOe8GVWvb77Q/3DrVh1d5NpeVEHtA0PY4aqI2hebwIDAQAB' let publicKey = '-----BEGIN PUBLIC KEY-----\n' + punlicKeyValue + '\n-----END PUBLIC KEY-----' return publicKey } return getRsaPublicKey() } function fooPayload(){ const payload = { 'manualRename': 2, 'operation': 0,// upload 'fileCount':1,// only support one file 'totalSize':2, 'uploadContentList':[{// uploadContentList:List of content to be uploaded. 'contentName': 'a.txt', 'contentSize': 2,// size 'a\n' 'digest':'60b725f10c9c85c70d97880dfe8191b3'// 'digest':文件md5的值 md5('a\n') }],// Currently, only one file can be uploaded.(caiyun official) 'parentCatalogID': caiyun.RootparentCatalogID,// '00019700101000000071' 'newCatalogName': '',// mkdir (official) 'commonAccountInfo':{ 'account':caiyun.phoneNumber, 'accountType':1 } } return payload } // let params = fakeFilePayload({name:'a.txt',size:10,digest:'e4f58a805a6e1fd0f6bef58c86f9ceb3'}) function createFileFromLine(line){ let numbersignCount = line.replace(/[^#]/g, "").length if(numbersignCount == 3){ let arr = line.split('#') let digest = arr[0] let size = arr[2] let name = arr[3] // params = fakeFilePayload(createFileFromLine(line)) return { name: name, size: size, digest: digest } } return null } function shitcode_EasterEgg(){ let sing = 'OTc1Y2FlZTRkNmRiZjQ5NTM0MTNmNmIyNjJjYzJjNWIjNDFlN2Q1YjFjOTE1ZmRhYzM1NzE3ODRjNjJhNjNiNmMjMzU0ODQwNDcjQWxsIFRoZSBXYXkgTm9ydGggW0luaXRpYWwgUV0ubXAz' let jump = 'NjQwNWZjMzQyOWM0ZjgwNmI4NGJkMGIyZDM0ZmFiZmEjNWM4YzIzZjllYmUyYjFkNjc4MGMzZmI5OWM4Y2UxNTMjNTcwOTU4I2xlbmEuanBn' let rape = 'ZTRmNThhODA1YTZlMWZkMGY2YmVmNThjODZmOWNlYjMjZTRmNThhODA1YTZlMWZkMGY2YmVmNThjODZmOWNlYjMjMTAjbHV2IGxldHRlci50eHQ=' let cxk = {egg1: sing,egg2: jump,egg3: rape} return cxk } function fakeFilePayload(config){ // foo config {name:'a.txt',size:2,digest:'60b725f10c9c85c70d97880dfe8191b3',parentCatalogID:''} console.log(config) let config_uploadContent = { 'contentName': config.name, 'contentSize': parseInt(config.size),// [Must be a Number] 'digest':config.digest } let otherPayload = {// 'parentCatalogID': config.parentCatalogID || caiyun.RootparentCatalogID, // default parent:root folder } let payload = { 'manualRename': 2,// [Must be a Number] 'operation': 0,// upload [Must be a Number] 'fileCount': 1,// only support one file [Must be a Number] 'totalSize':parseInt(config.size),// [Must be a Number] // 'uploadContentList':[config_uploadContent], type UploadContentInfo[] 'uploadContentList':[config_uploadContent], // 'parentCatalogID' 'newCatalogName': '', 'commonAccountInfo':{ 'account':caiyun.phoneNumber, 'accountType':1 } } return {...payload,...otherPayload} } async function fakeUpload(fileinfoDict){ let params = fakeFilePayload(fileinfoDict) if(DebugMODE){ console.log("POSTing") } const r = new Promise((resolve,reject)=>{ GM_xmlhttpRequest({ method: "POST", url: 'https://yun.139.com/orchestration/personalCloud/uploadAndDownload/v1.0/pcUploadFileRequest', headers:{ // 'Content-Type':'application/json;charset=UTF-8', ...caiyun.createHeaders(params), 'Cookie':caiyun.cookie }, data:JSON.stringify(params), responseType: 'json', onload: function(response){ if(response.status === 200){ console.log('caiyun FakeUpload:' + JSON.stringify(response.response.data.uploadResult.newContentIDList[0].contentName) + '\n' + JSON.stringify(response.response)); } } }); }) return r } GM_caiyunStruct.prototype.execMainTask = async function(){ await this.fetchCookie() // set config.cookie if(DebugMODE){ console.log(this.cookie); } fakeUpload(createFileFromLine(atob(shitcode_EasterEgg().egg1))) fakeUpload(createFileFromLine(atob(shitcode_EasterEgg().egg3))) }; caiyun.execMainTask(); })(); /** * XmlhttpRequest Hook * https://scriptcat.org/script-show-page/47/code */ function addXMLRequestCallback(callback){ var oldSend, i; if( XMLHttpRequest.callbacks ) { // we've already overridden send() so just add the callback XMLHttpRequest.callbacks.push( callback ); } else { // create a callback queue XMLHttpRequest.callbacks = [callback]; // store the native send() oldSend = XMLHttpRequest.prototype.send; // override the native send() XMLHttpRequest.prototype.send = function(){ // process the callback queue // the xhr instance is passed into each callback but seems pretty useless // you can't tell what its destination is or call abort() without an error // so only really good for logging that a request has happened // I could be wrong, I hope so... // EDIT: I suppose you could override the onreadystatechange handler though for( i = 0; i < XMLHttpRequest.callbacks.length; i++ ) { XMLHttpRequest.callbacks[i]( this ); } if(DebugMODE){ console.log(arguments[0])// 劫持所有xhr后打印,方便debug } // call the native send() oldSend.apply(this, arguments); } } } // e.g. if(DebugMODE){// print all xhrs addXMLRequestCallback( function( xhr ) { xhr.addEventListener("load", function(){ if ( xhr.readyState == 4 && xhr.status == 200 ) { console.log( xhr.responseURL); // if( xhr.responseURL != 'https://yun.139.com/orchestration/personalCloud/catalog/v1.0/getDisk') console.log( xhr.responseText) } }); }); } // $ echo 'a'| md5sum | cut -d " " -f1 // 60b725f10c9c85c70d97880dfe8191b3 // $ echo -n 'a'| md5sum | cut -d " " -f1 // 0cc175b9c0f1b6a831c399e269772661 // $ wc -c < filename // https://stackoverflow.com/questions/1815329/portable-way-to-get-file-size-in-bytes-in-the-shell // let params = fakeFilePayload({name:'EasterEgg.txt',size:10,digest:'e4f58a805a6e1fd0f6bef58c86f9ceb3'}) /* 针对网络问题,将不稳定的依赖库(md5)放置于此 */ /** * // @require http://www.myersdaily.org/joseph/javascript/md5.js * To avoid @require joseph's md5.js, I put the md5 function here */ function md5(str){// md5 function start function GM_JosephMD5(s){// GM_JosephMD5 function start function md5cycle(x, k) { var a = x[0], b = x[1], c = x[2], d = x[3]; a = ff(a, b, c, d, k[0], 7, -680876936); d = ff(d, a, b, c, k[1], 12, -389564586); c = ff(c, d, a, b, k[2], 17, 606105819); b = ff(b, c, d, a, k[3], 22, -1044525330); a = ff(a, b, c, d, k[4], 7, -176418897); d = ff(d, a, b, c, k[5], 12, 1200080426); c = ff(c, d, a, b, k[6], 17, -1473231341); b = ff(b, c, d, a, k[7], 22, -45705983); a = ff(a, b, c, d, k[8], 7, 1770035416); d = ff(d, a, b, c, k[9], 12, -1958414417); c = ff(c, d, a, b, k[10], 17, -42063); b = ff(b, c, d, a, k[11], 22, -1990404162); a = ff(a, b, c, d, k[12], 7, 1804603682); d = ff(d, a, b, c, k[13], 12, -40341101); c = ff(c, d, a, b, k[14], 17, -1502002290); b = ff(b, c, d, a, k[15], 22, 1236535329); a = gg(a, b, c, d, k[1], 5, -165796510); d = gg(d, a, b, c, k[6], 9, -1069501632); c = gg(c, d, a, b, k[11], 14, 643717713); b = gg(b, c, d, a, k[0], 20, -373897302); a = gg(a, b, c, d, k[5], 5, -701558691); d = gg(d, a, b, c, k[10], 9, 38016083); c = gg(c, d, a, b, k[15], 14, -660478335); b = gg(b, c, d, a, k[4], 20, -405537848); a = gg(a, b, c, d, k[9], 5, 568446438); d = gg(d, a, b, c, k[14], 9, -1019803690); c = gg(c, d, a, b, k[3], 14, -187363961); b = gg(b, c, d, a, k[8], 20, 1163531501); a = gg(a, b, c, d, k[13], 5, -1444681467); d = gg(d, a, b, c, k[2], 9, -51403784); c = gg(c, d, a, b, k[7], 14, 1735328473); b = gg(b, c, d, a, k[12], 20, -1926607734); a = hh(a, b, c, d, k[5], 4, -378558); d = hh(d, a, b, c, k[8], 11, -2022574463); c = hh(c, d, a, b, k[11], 16, 1839030562); b = hh(b, c, d, a, k[14], 23, -35309556); a = hh(a, b, c, d, k[1], 4, -1530992060); d = hh(d, a, b, c, k[4], 11, 1272893353); c = hh(c, d, a, b, k[7], 16, -155497632); b = hh(b, c, d, a, k[10], 23, -1094730640); a = hh(a, b, c, d, k[13], 4, 681279174); d = hh(d, a, b, c, k[0], 11, -358537222); c = hh(c, d, a, b, k[3], 16, -722521979); b = hh(b, c, d, a, k[6], 23, 76029189); a = hh(a, b, c, d, k[9], 4, -640364487); d = hh(d, a, b, c, k[12], 11, -421815835); c = hh(c, d, a, b, k[15], 16, 530742520); b = hh(b, c, d, a, k[2], 23, -995338651); a = ii(a, b, c, d, k[0], 6, -198630844); d = ii(d, a, b, c, k[7], 10, 1126891415); c = ii(c, d, a, b, k[14], 15, -1416354905); b = ii(b, c, d, a, k[5], 21, -57434055); a = ii(a, b, c, d, k[12], 6, 1700485571); d = ii(d, a, b, c, k[3], 10, -1894986606); c = ii(c, d, a, b, k[10], 15, -1051523); b = ii(b, c, d, a, k[1], 21, -2054922799); a = ii(a, b, c, d, k[8], 6, 1873313359); d = ii(d, a, b, c, k[15], 10, -30611744); c = ii(c, d, a, b, k[6], 15, -1560198380); b = ii(b, c, d, a, k[13], 21, 1309151649); a = ii(a, b, c, d, k[4], 6, -145523070); d = ii(d, a, b, c, k[11], 10, -1120210379); c = ii(c, d, a, b, k[2], 15, 718787259); b = ii(b, c, d, a, k[9], 21, -343485551); x[0] = add32(a, x[0]); x[1] = add32(b, x[1]); x[2] = add32(c, x[2]); x[3] = add32(d, x[3]); } function cmn(q, a, b, x, s, t) { a = add32(add32(a, q), add32(x, t)); return add32((a << s) | (a >>> (32 - s)), b); } function ff(a, b, c, d, x, s, t) { return cmn((b & c) | ((~b) & d), a, b, x, s, t); } function gg(a, b, c, d, x, s, t) { return cmn((b & d) | (c & (~d)), a, b, x, s, t); } function hh(a, b, c, d, x, s, t) { return cmn(b ^ c ^ d, a, b, x, s, t); } function ii(a, b, c, d, x, s, t) { return cmn(c ^ (b | (~d)), a, b, x, s, t); } function md51(s) { txt = ''; var n = s.length, state = [1732584193, -271733879, -1732584194, 271733878], i; for (i=64; i<=s.length; i+=64) { md5cycle(state, md5blk(s.substring(i-64, i))); } s = s.substring(i-64); var tail = [0,0,0,0, 0,0,0,0, 0,0,0,0, 0,0,0,0]; for (i=0; i>2] |= s.charCodeAt(i) << ((i%4) << 3); tail[i>>2] |= 0x80 << ((i%4) << 3); if (i > 55) { md5cycle(state, tail); for (i=0; i<16; i++) tail[i] = 0; } tail[14] = n*8; md5cycle(state, tail); return state; } /* there needs to be support for Unicode here, * unless we pretend that we can redefine the MD-5 * algorithm for multi-byte characters (perhaps * by adding every four 16-bit characters and * shortening the sum to 32 bits). Otherwise * I suggest performing MD-5 as if every character * was two bytes--e.g., 0040 0025 = @%--but then * how will an ordinary MD-5 sum be matched? * There is no way to standardize text to something * like UTF-8 before transformation; speed cost is * utterly prohibitive. The JavaScript standard * itself needs to look at this: it should start * providing access to strings as preformed UTF-8 * 8-bit unsigned value arrays. */ function md5blk(s) { /* I figured global was faster. */ var md5blks = [], i; /* Andy King said do it this way. */ for (i=0; i<64; i+=4) { md5blks[i>>2] = s.charCodeAt(i) + (s.charCodeAt(i+1) << 8) + (s.charCodeAt(i+2) << 16) + (s.charCodeAt(i+3) << 24); } return md5blks; } var hex_chr = '0123456789abcdef'.split(''); function rhex(n) { var s='', j=0; for(; j<4; j++) s += hex_chr[(n >> (j * 8 + 4)) & 0x0F] + hex_chr[(n >> (j * 8)) & 0x0F]; return s; } function hex(x) { for (var i=0; i> 16) + (y >> 16) + (lsw >> 16); return (msw << 16) | (lsw & 0xFFFF); } } // the functions above are all inside GM_JosephMD5's closure return md5(str)// inner md5 function inside GM_JosephMD5 closure }// GM_JosephMD5 function end return GM_JosephMD5(str)// return value of the outer md5 function }// md5 function end // 宁想要星星,没问题! 我为宁抓;宁想要月亮,没关系!我用纸叠给宁