search

carcabot / tiktok-signature

Generate tiktok signature token using node
755 stars 286 forks source link

Replace Tac Token #3

Closed Lem0nTree closed 4 years ago

Lem0nTree commented 4 years ago

Hello, it's great to have other developers working on the api for tiktok :)

I generated a signature but it's invalid, in the read.me file it's suggest to replace the tac token in the signature.js file, but i didn't find the right way.

Can you explain this step with more details ? Thank you and happy holidays

carcabot commented 4 years ago

Hi,

Just browse to trending page and search for <script>tac=' you have to copy this token over this one.

But, I'm not sure if this is your problem. Make sure that you generate signature for the right link

Greetings.

Lem0nTree commented 4 years ago

Hi, thank you for the quick reply :) I noticed that if i create the signature for the comment service url, it works signature generator node signature.js 'https://www.tiktok.com/share/item/comment/list?id=6763586087693618434&count=48&cursor=0' testing

import requests

signature = "VIm6dAAgEBardkWLNbAE1FSJDWAAAlc"
referer = "https://www.tiktok.com/@179ling/video/6763586087693618434" 

url = "https://www.tiktok.com/share/item/comment/list?id=6763586087693618434&count=48&cursor=0" + \
    "&_signature=" + signature # same service url
request = requests.get(url, headers={"method": "GET",
                                "accept-encoding": "gzip, deflate, br",
                                "Referer": referer,
                                "user-agent": "Mozilla/5.0 (iPhone; CPU iPhone OS 11_0 like Mac OS X) AppleWebKit/604.1.38 (KHTML, like Gecko) Version/11.0 Mobile/15A372 Safari/604.1"})

data = request.json()

print(data)

But if i create signature for other services like the explore feed, it doesn't work :s signature generation node signature.js 'https://www.tiktok.com/share/item/explore/list' testing

import requests

signature = "VIm6dAAgEBardkWLNbD051SJDWAAAlc"
referer = "https://www.tiktok.com/@179ling/video/6763586087693618434" 

url = "https://www.tiktok.com/share/item/explore/list" + \
    "&_signature=" + signature # same service url
request = requests.get(url, headers={"method": "GET",
                                "accept-encoding": "gzip, deflate, br",
                                "Referer": referer,
                                "user-agent": "Mozilla/5.0 (iPhone; CPU iPhone OS 11_0 like Mac OS X) AppleWebKit/604.1.38 (KHTML, like Gecko) Version/11.0 Mobile/15A372 Safari/604.1"})

data = request.json()

print(data)

error

 File ".\test.py", line 13, in <module>
    data = request.json()
  File "C:\Users\loren\AppData\Local\Programs\Python\Python37\lib\site-packages\requests\models.py", line 897, in json
    return complexjson.loads(self.text, **kwargs)
  File "C:\Users\loren\AppData\Local\Programs\Python\Python37\lib\json\__init__.py", line 348, in loads
    return _default_decoder.decode(s)
  File "C:\Users\loren\AppData\Local\Programs\Python\Python37\lib\json\decoder.py", line 337, in decode
    obj, end = self.raw_decode(s, idx=_w(s, 0).end())
  File "C:\Users\loren\AppData\Local\Programs\Python\Python37\lib\json\decoder.py", line 355, in raw_decode
    raise JSONDecodeError("Expecting value", s, err.value) from None
json.decoder.JSONDecodeError: Expecting value: line 1 column 1 (char 0)
carcabot commented 4 years ago

I'm not sure if that service url that you've tried require signature. I have opened it without one and got status=0 which means that It doesn't require one.

tindt94 commented 4 years ago

@carcabot I have the same issue too even I try to replace tac with the newest one from the trending page.

Can you help us to check it again? Many thanks.

raeyulca commented 4 years ago

Hello. The issue that you are having is that the code will not execute properly in any sort of "automated" browser. I haven't been able to pinpoint exactly what the issue is because deobfuscating code isn't my forte, however I've tested and found that running the code both via selenium and via this solution will produce incorrect results. If I had to guess, the obfuscated code is examining window flags/names and returning an answer that the tiktok servers can verify as "wrong".

raeyulca commented 4 years ago

Hello again. I have been able to fix the issue. Selenium et. al. set this.navigator.webdriver to true. Setting it back to return undefined will allow the signature to work again. It caused only a one character difference, but that was enough for the server to reject signatures.

zmeeust commented 4 years ago

@raeyulca Hello. You did something else besides hiding webdriver? I changed it to "undefined" but signature is wrong. Maybe TikTok check something else?

rinxor commented 4 years ago

The obfuscated code in the tac checks many vars. Some of the vars it checks are process,webdriver_evaluate,__selenium_evaluate,webdriver_script_function,webdriver_script_func,webdriver_script_fn,fxdriver_evaluate,__driver_unwrapped,webdriver_unwrapped,driver_evaluate,__selenium_unwrapped,fxdriver_unwrapped,_selenium,callSelenium,_Selenium_IDE_Recorder. I would not load a new tac since the one included in the js file works and a new tac value could add even more checks.

Your signature may be failing because you are running it in an environment other than node or you are not passing some required value such as the referrer. Compare your request to the one in trending.py

carcabot commented 4 years ago

You don't have to do any other changes to the library to work. tac token is not necessary to be updated for every request.

You should pay more attention to trending.py file, all headers must be there, the signature is based on url arguments, you should include use quotation mark when generating signature

node signature.js "https://www.tiktok.com/share/item/list?argument1=test&argument2=test"

The library is still working.