search

msemple1111 / kahoot-hack

A suite of tools for easily manipulating the kahoot.it quiz platform
GNU General Public License v3.0
65 stars 27 forks source link

Need a new 'solve_kahoot_challenge'. safeval.pw service no longer functional. #33

Open michaelshumshum opened 3 years ago

michaelshumshum commented 3 years ago

The reason this program doesn't work anymore is due to this function solve_kahoot_challenge as the method he uses to decode the session token doesn't work anymore.

For anybody who is unfamiliar with the program, this is important for being able to establish a handshake with the server. The initial request we send will provide us with x-kahoot-session-token in the response header, but the response content also gives us a challenge, containing some javascript to run and get the remaining code (in addition to manipulating the bytes). msemple111 used an external service 'safeval.pw' to evaluate the challenge, but now that service is no longer available. And since we can't establish the handshake in the first place, the code will tell us that the game doesn't exist.

I have tried using python libraries such as js2py to accomplish the same thing, but the challenge includes an angular object that can't be used with these libraries.

I am hopeful that this can be fixed, as so far, the rest of the network protocols are fairly similar to how you described it.

michaelshumshum commented 3 years ago

The challenge seems to have changed a bit. I don't think simply eval the challenge would work anymore.

msemple1111 commented 3 years ago

I wrote an OOP version of this code which included a custom challenge solver. I have no time to look at this atm, but I suspect the challenges have changed since I last checked. I will publish this code, and hopefully someone can write a new challenge function.

msemple1111 commented 3 years ago

https://github.com/msemple1111/kahoot-hack-private

msemple1111 commented 3 years ago

Take a look inside the kahootReceive.py and at the computeChallenge() function. This has a list of challenge "solvers" that solve the challenge. Basically the challenge is a javascript function that is evaluated in the browser and calculated. Each challenge has (had) 2 values that changed, and all other values the same. So you can just split the challenge string at the values changed, then calculate the challenge using python code.

justnothi commented 3 years ago

can

The challenge seems to have changed a bit. I don't think simply eval the challenge would work anymore.

michealshumshum can you make a vid on your readme on skribbl.io bot