A Cloudflare IUAM session grabber
Project description
CFSession
A python script utilizing undetected-chromedriver to collect session cookies in a cloudflare IUAM protected site
How it works
It relies on a modified selenium (undetected-chromedriver) to cloak on sites that block selenium based sessions. When a program is able to pass through the IUAM or Captcha verification, it immediately saves the session token to access the site using requests library.
The library wraps around requests library.
Tested request types:
- GET
- POST
Untested request types: but functionally implemented:
- PUT
- PATCH
- DELETE
- OPTIONS
Usage:
Normal Usage:
import CFSession
if __name__ == "__main__":
session = CFSession.cfSession()
res = session.get("https://nowsecure.nl") #A Cloudflare protected site
print(res.content)
#Context Manager
with CFSession.cfSession() as session:
res = session.get("https://nowsecure.nl")
print(res.content)
enable headless mode:
session = CFSession.cfSession(headless_mode=True)
How to choose chrome version:
CFSession has *args
and **kwargs
which simply passes it to uc.Chrome()
from CFSession import cfSession
if __name__ == "__main__":
session = cfSession(version_main=95) #pick chrome version 95
You can also use more options from uc.Chrome()
and pass it from there
How to modify chrome options:
CFSession has CFSession.Required_defaults()
This is a class which you can use to modify options
and DesiredCapabilities
, the default options are pre-configured to work with bypass capabilities and other features we incorporated so we do not recommend modifying them. (Unless you know what you are doing)
from CFSession import Required_defaults, cf
from undetected_chromedriver import uc
from selenium.webdriver.common.desired_capabilities import DesiredCapabilities
defaults = Required_defaults()
defaults.options = uc.ChromeOptions()
defaults.dcp = DesiredCapabilities().CHROME
SBP = cf.SiteBrowserProcess(ignore_defaults=True,defaults=defaults) # Generate cf.SiteBrowserProcess
CFSession does not fully support modifying Required_defaults()
, but there are multiple ways to hack this limitation.
1.) Using cfSession
from CFSession import Required_defaults, cf, cfSession
from undetected_chromedriver import uc
from selenium.webdriver.common.desired_capabilities import DesiredCapabilities
#cfSession uses _class_initialize to generate its own SiteBrowserProcess
def function_hack(*args,**kwargs):
#Do ur stuff with the options and or DesiredCapabilities here.
defaults = Required_defaults()
defaults.options = uc.ChromeOptions()
defaults.dcp = DesiredCapabilities().CHROME
SBP = cf.SiteBrowserProcess(*args,**kwargs,ignore_defaults=True,defaults=defaults) # Generate cf.SiteBrowserProcess
return SBP
cfSession._class_initialize = function_hack
cfSession.get(...)
2.) Using cfSimulacrum
from CFSession import Required_defaults, cf, cfSimulacrum, cfDirectory
from undetected_chromedriver import uc
from selenium.webdriver.common.desired_capabilities import DesiredCapabilities
url = "https://nowsecure.nl"
#Do ur stuff with the options and or DesiredCapabilities here.
defaults = Required_defaults()
defaults.options = uc.ChromeOptions()
defaults.dcp = DesiredCapabilities().CHROME
cfsim = cfSimulacrum()
cfsim.bypass_mode = True #cfSimulacrum has bypass_mode disabled by default, set it on
cfsim.copen(url, defaults=defaults)
cfsim.find() #Run bypass
response = cfsim.get(url)
Installation:
python3 -m pip install CFSession
or
pip3 install CFSession
Question:
Why not just scrape fully on selenium? There are some use cases that where some applications rely on a requests
library to scrape on websites, while selenium is sensible option to prevent javascript challenges. This library will try and bypass javascript challenges by using session cookies so you can access the site just as how you would with requests
.
Is this just a requests wrapper? No, it is simply an extension of requests
library where it tries to simplify the process of bypassing cloudflare IUAM.
You can directly access the requests.Session
object in the cfSession.session
attribute
from CFSession import cfSession
cfs = cfSession()
cfs.session #<--- A requests.Session object
Disclaimer:
This library was created with the sole purpose of educational purposes only, any rules/laws/ToS broken should only be held at the sole responsibility of the user.
Project details
Release history Release notifications | RSS feed
Download files
Download the file for your platform. If you're not sure which to choose, learn more about installing packages.
Source Distribution
Built Distribution
Hashes for CFSession-1.3.0a0-py3-none-any.whl
Algorithm | Hash digest | |
---|---|---|
SHA256 | 65f214c7da05df1e21d90fa6b0df2a136e6486b8023563377ffe7b585961f58c |
|
MD5 | d0494e1fcd66ce5c10e18a95000144c4 |
|
BLAKE2b-256 | 7177d5d81f7bcd3d4c697c5451efe28ffe95f34e94acb6a52696205d7b7bf251 |