Written in Python 2.7



import urllib2, urllib, cookielib
import StringIO, gzip


class NeoAccount:

d = '[Only registered and activated users can see links]'
headers = [('User-Agent', 'Mozilla/5.0 (Windows NT 6.1; WOW64; rv:15.0) Gecko/20100101 Firefox/15.0.1'),
('Accept', 'text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8'),
('Accept-Language', 'en-us,en;q=0.5'),
('Accept-Encoding', 'gzip, deflate')]

def __init__(self, user, pw, proxy = None):
self.user = user
self.pw = pw
self.proxy = proxy
self.referer = ''

cj = cookielib.LWPCookieJar()
cookie_handler = urllib2.[Only registered and activated users can see links](cj)

if proxy != None:
proxy_handler = urllib2.ProxyHandler({'http': '[Only registered and activated users can see links]' + proxy + '/'})
self.opener = urllib2.build_opener(proxy_handler, cookie_handler)
else:
self.opener = urllib2.build_opener(cookie_handler)

def __str__(self):
return '%s:%s' % (self.user, self.pw)

def get(self, url, referer = '', readable = True):
if url[0] == '/':
url = self.d + url
if referer == '':
referer = self.referer
self.opener.addheaders = [('Referer', referer)] + self.headers
res = self.opener.open(url)
self.referer = res.geturl()
if readable:
return self.readable(res)
else:
return res

def post(self, url, data, referer = '', readable = True):
if url[0] == '/':
url = self.d + url
if referer == '':
referer = self.referer
self.opener.addheaders = [('Content-Type', 'application/x-[Only registered and activated users can see links]'),
('Referer', referer)] + self.headers
res = self.opener.open(url, urllib.urlencode(data))
self.referer = res.geturl()
if readable:
return self.readable(res)
else:
return res

def amf(self, packet, gateway = '[Only registered and activated users can see links]', referer = ''):
if referer == '':
referer = self.referer
self.opener.addheaders = [('Content-Type', 'application/x-amf'),
('Referer', referer)] + self.headers
res = self.opener.open(gateway, packet)
return res.read()

def login(self):
res = self.get('/index.phtml')
res = self.post('/login.phtml', {'username': self.user,
'password': self.pw,
'destination': "/index.phtml"}, readable = False)
if 'badpassword' in res.geturl():
return False, 'Bad password'
elif 'hello' in res.geturl():
return False, 'Birthday locked'
elif 'login' in res.geturl():
return False, 'Frozen'
elif 'index' in res.geturl():
return True, 'Logged in'

def readable(self, data):
if 'gzip' in str(data.info()):
return gzip.GzipFile(fileobj=StringIO.StringIO(data.read( ))).read()
else:
return data.read()




>>> acc = NeoAccount('username', 'password')
>>> acc .login()
(True, 'Logged in')
>>> html = acc.get('/objects.phtml?type=inventory')


In post, data should be a dictionary. In amf, packet is a string representing the packet.

This was my first time writing anything to actually navigate neopets so let me know if I missed a crucial feature or if I could add anything to make it more secure/easier to use. I was just writing something to make use of rare's pin crack idea but it seems the idea is patched up. I figured I might as well share some of the code so that the time doesn't go to waste :)'

I have no idea what I'm looking at. Is this anything a normal non-coder like me can use?

Not really. Hopefully it will inspire some coders to make new programs though!

EDIT: Updated AMF to allow custom gateways since some places have their own. Check the headers of the packet you are spoofing to see what you should use.

Not really. Hopefully it will inspire some coders to make new programs though!
Thanks! I'm pretty sure I'll be able to use bits of this in the near future. I haven't 100% committed to python yet, but the way things are headed I think I will be.

Thanks! I'm pretty sure I'll be able to use bits of this in the near future. I haven't 100% committed to python yet, but the way things are headed I think I will be.

It's a great language to get into things with. Use python 2 by the way not python 3. Let me know if you want help understanding why I did anything the way I did in this once you get started!

Thanks for the rep by the way.

Miguel

Yep. Pretty easy in python.

edit: 99% sure cookies will work with multiple logins. I'll try it out sometime soon and get back to you.
edit 2: Checked it out and I actually set a shared cookiejar so the cookie ended up getting replaced by the new login when you tried running two accounts in the same program. I made a few quick changes and gave each instance their own cookiejar so it now works with multiple accounts.

elif 'hello' in res.geturl():
return False, 'Birthday locked'

This is the bane of my existence.
Is there no way to input a user's birthday and use that to login if an account is birthday locked?

elif 'hello' in res.geturl():
return False, 'Birthday locked'

This is the bane of my existence.
Is there no way to input a user's birthday and use that to login if an account is birthday locked?

Of course, instead of returning a false value, just add a request to login again but with the birthday included in the POST data. If you dunno this try using WireShark or Fiddler, something that shows the variables with their values sent via browser.

Of course, instead of returning a false value, just add a request to login again but with the birthday included in the POST data. If you dunno this try using WireShark or Fiddler, something that shows the variables with their values sent via browser.

It's time to learn how to use WireShark! Do you know the variables and values yourself?

It's time to learn how to use WireShark! Do you know the variables and values yourself?

Nah, that's like asking me if I know the URL to auction an item from my inventory for example. :P

Nah, that's like asking me if I know the URL to auction an item from my inventory for example. :P

Oh, my bad :P I figured it was something you've dealt with before.

Oh, my bad :P I figured it was something you've dealt with before.

From the HTML source you can tell the keys you are looking for are 'dob_m', 'dob_d' and 'dob_y'. You should be able to login to a birthday locked account using this:


self.post('/login.phtml', {'username': 'user',
'password': 'pass',
'destination': "/index.phtml",
'dob_m': '01',
'dob_y': '1990',
'dob_d': '02'}, readable = False)

In the example above the username is user, the password is pass and the birthday is January 2nd, 1990.


<div class="clear"></div><div class="dob-form"><strong>Your Birthday:</strong> <select id='dob_m' name='dob_m'>
<option value=''>(month)</option>
<option value='01'>January</option>
<option value='02'>February</option>
<option value='03'>March</option>
<option value='04'>April</option>
<option value='05'>May</option>
<option value='06'>June</option>
<option value='07'>July</option>
<option value='08'>August</option>
<option value='09'>September</option>
<option value='10'>October</option>
<option value='11'>November</option>
<option value='12'>December</option>
</select>
<select id='dob_d' name='dob_d'>
<option value=''>(day)</option>
<option value='01'>1</option>
<option value='02'>2</option>
<option value='03'>3</option>
<option value='04'>4</option>
<option value='05'>5</option>
<option value='06'>6</option>
<option value='07'>7</option>
<option value='08'>8</option>
<option value='09'>9</option>
<option value='10'>10</option>
<option value='11'>11</option>
<option value='12'>12</option>
<option value='13'>13</option>
<option value='14'>14</option>
<option value='15'>15</option>
<option value='16'>16</option>
<option value='17'>17</option>
<option value='18'>18</option>
<option value='19'>19</option>
<option value='20'>20</option>
<option value='21'>21</option>
<option value='22'>22</option>
<option value='23'>23</option>
<option value='24'>24</option>
<option value='25'>25</option>
<option value='26'>26</option>
<option value='27'>27</option>
<option value='28'>28</option>
<option value='29'>29</option>
<option value='30'>30</option>
<option value='31'>31</option>
</select>
<select id='dob_y' name='dob_y'><option value=''>(year)</option><option value='2013'>2013</option>
<option value='2012'>2012</option>
<option value='2011'>2011</option>
<option value='2010'>2010</option>
<option value='2009'>2009</option>
<option value='2008'>2008</option>
<option value='2007'>2007</option>
<option value='2006'>2006</option>
<option value='2005'>2005</option>
<option value='2004'>2004</option>
<option value='2003'>2003</option>
<option value='2002'>2002</option>
<option value='2001'>2001</option>
<option value='2000'>2000</option>
<option value='1999'>1999</option>
<option value='1998'>1998</option>
<option value='1997'>1997</option>
<option value='1996'>1996</option>
<option value='1995'>1995</option>
<option value='1994'>1994</option>
<option value='1993'>1993</option>
<option value='1992'>1992</option>
<option value='1991'>1991</option>
<option value='1990'>1990</option>
<option value='1989'>1989</option>
<option value='1988'>1988</option>
<option value='1987'>1987</option>
<option value='1986'>1986</option>
<option value='1985'>1985</option>
<option value='1984'>1984</option>
<option value='1983'>1983</option>
<option value='1982'>1982</option>
<option value='1981'>1981</option>
<option value='1980'>1980</option>
<option value='1979'>1979</option>
<option value='1978'>1978</option>
<option value='1977'>1977</option>
<option value='1976'>1976</option>
<option value='1975'>1975</option>
<option value='1974'>1974</option>
<option value='1973'>1973</option>
<option value='1972'>1972</option>
<option value='1971'>1971</option>
<option value='1970'>1970</option>
<option value='1969'>1969</option>
<option value='1968'>1968</option>
<option value='1967'>1967</option>
<option value='1966'>1966</option>
<option value='1965'>1965</option>
<option value='1964'>1964</option>
<option value='1963'>1963</option>
<option value='1962'>1962</option>
<option value='1961'>1961</option>
<option value='1960'>1960</option>
<option value='1959'>1959</option>
<option value='1958'>1958</option>
<option value='1957'>1957</option>
<option value='1956'>1956</option>
<option value='1955'>1955</option>
<option value='1954'>1954</option>
<option value='1953'>1953</option>
<option value='1952'>1952</option>
<option value='1951'>1951</option>
<option value='1950'>1950</option>
<option value='1949'>1949</option>
<option value='1948'>1948</option>
<option value='1947'>1947</option>
<option value='1946'>1946</option>
<option value='1945'>1945</option>
<option value='1944'>1944</option>
<option value='1943'>1943</option>
<option value='1942'>1942</option>
<option value='1941'>1941</option>
<option value='1940'>1940</option>
<option value='1939'>1939</option>
<option value='1938'>1938</option>
<option value='1937'>1937</option>
<option value='1936'>1936</option>
<option value='1935'>1935</option>
<option value='1934'>1934</option>
<option value='1933'>1933</option>
<option value='1932'>1932</option>
<option value='1931'>1931</option>
<option value='1930'>1930</option>
<option value='1929'>1929</option>
<option value='1928'>1928</option>
<option value='1927'>1927</option>
<option value='1926'>1926</option>
<option value='1925'>1925</option>
<option value='1924'>1924</option>
<option value='1923'>1923</option>
<option value='1922'>1922</option>
<option value='1921'>1921</option>
<option value='1920'>1920</option>
<option value='1919'>1919</option>
<option value='1918'>1918</option>
<option value='1917'>1917</option>
<option value='1916'>1916</option>
<option value='1915'>1915</option>
<option value='1914'>1914</option>
<option value='1913'>1913</option>
<option value='1912'>1912</option>
<option value='1911'>1911</option>
<option value='1910'>1910</option>
<option value='1909'>1909</option>
<option value='1908'>1908</option>
<option value='1907'>1907</option>
<option value='1906'>1906</option>
<option value='1905'>1905</option>
<option value='1904'>1904</option>
<option value='1903'>1903</option>
<option value='1902'>1902</option>
<option value='1901'>1901</option>
<option value='1900'>1900</option>
</select>
</div>

I really recommend just using Fiddler or Charles and look at the raw requests and responses and learning how they work, they're actually not that hard. Once you understand it gets much easier.

I really recommend just using Fiddler or Charles and look at the raw requests and responses and learning how they work, they're actually not that hard. Once you understand it gets much easier.

Live HTTP Headers add-on for FF can help you a great deal as well.

Live HTTP Headers add-on for FF can help you a great deal as well.

Yup, though if you get into something really complex you may want to view all the data and possibly even the hex values to properly emulate it.

Maybe not so much for neopets, but I've had some cases in which I've had to take extreme measures.

This python script that was written in 2012 and it used Firefox 15.0.1 as the user-agent when nowadays we are at v40.
I wonder how safe it is since the majority of neopets scripts (or at least the ones I've seen) seem to still use this script untouched, wouldn't it be easy for TNT to be extra careful when people keep using this two years old version of Firefox? I think it may aid them into discovering who's cheating.
Anyway, is there some obscure reason for this choice that I'm unaware of, or it's just as I said that it was the last version at the moment the script was written and nobody cared to update it?

This python script that was written in 2012 and it used Firefox 15.0.1 as the user-agent when nowadays we are at v40.
I wonder how safe it is since the majority of neopets scripts (or at least the ones I've seen) seem to still use this script untouched, wouldn't it be easy for TNT to be extra careful when people keep using this two years old version of Firefox? I think it may aid them into discovering who's cheating.
Anyway, is there some obscure reason for this choice that I'm unaware of, or it's just as I said that it was the last version at the moment the script was written and nobody cared to update it?

Most of the time it's as easy as updating the user agent in the code. :) but yeah you should always have updated user agents being sent from botting.


Sent from my iPhone using Tapatalk