#!/usr/bin/env python3

import requests
import string
import sys
from bs4 import BeautifulSoup
import urllib3
urllib3.disable_warnings(urllib3.exceptions.InsecureRequestWarning)

def calc_cs(key) -> int:      
    gs = key.split('-')[:-1]                                    
    return sum([sum(bytearray(g.encode())) for g in gs])


g1 = "KEY12"
g2 = "0H0H0"
g4 = "GAMD2"

g3s = {}
for c1 in string.ascii_uppercase:
    for c2 in string.ascii_uppercase:
        for d in string.digits:
            g3 = f'XP{c1}{c2}{d}'
            magic_num = sum(bytearray(g3.encode()))
            g3s[magic_num] = g3


s = requests.session()
s.proxies.update({'https':'http://127.0.0.1:8080'})
url = 'https://earlyaccess.htb'

# Get CSRF for login
resp = s.get(f'{url}/login', verify=False)
soup = BeautifulSoup(resp.text, 'html.parser')
csrf = soup.find_all('meta', {"name":"csrf-token"})[0]['content']

# Login
resp = s.post(f'{url}/login', verify=False,
        data={"_token": csrf, "email": "0xdf@earlyaccess.htb", "password": "0xdf0xdf"})

# Get CSRF for key POST
resp = s.get(f'{url}/key', verify=False)
soup = BeautifulSoup(resp.text, 'html.parser')
csrf = soup.find_all('meta', {"name":"csrf-token"})[0]['content']

# Try keys until success
for mn in g3s:
    key = f'{g1}-{g2}-{g3s[mn]}-{g4}-'
    cs = calc_cs(key)
    key = f'{key}{cs}'
    resp = s.post(f'{url}/key/add', verify=False,
            data={"_token": csrf, "key": key})
    if not "Game-key is invalid!" in resp.text:
        print(f"[+] Success with magic number {mn}")
        break