Repository: kazutoiris/ali_ecc
Branch: main
Commit: 8a813402ded7
Files: 5
Total size: 9.2 KB
Directory structure:
gitextract_dcene0tx/
├── LICENSE
├── README.md
├── ali.py
├── ali_renew_test.py
└── requirements.txt
================================================
FILE CONTENTS
================================================
================================================
FILE: LICENSE
================================================
Copyright (c) <year> <copyright holders>
Anti 996 License Version 1.0 (Draft)
Permission is hereby granted to any individual or legal entity obtaining a copy
of this licensed work (including the source code, documentation and/or related
items, hereinafter collectively referred to as the "licensed work"), free of
charge, to deal with the licensed work for any purpose, including without
limitation, the rights to use, reproduce, modify, prepare derivative works of,
publish, distribute and sublicense the licensed work, subject to the following
conditions:
1. The individual or the legal entity must conspicuously display, without
modification, this License on each redistributed or derivative copy of the
Licensed Work.
2. The individual or the legal entity must strictly comply with all applicable
laws, regulations, rules and standards of the jurisdiction relating to
labor and employment where the individual is physically located or where
the individual was born or naturalized; or where the legal entity is
registered or is operating (whichever is stricter). In case that the
jurisdiction has no such laws, regulations, rules and standards or its
laws, regulations, rules and standards are unenforceable, the individual
or the legal entity are required to comply with Core International Labor
Standards.
3. The individual or the legal entity shall not induce or force its
employee(s), whether full-time or part-time, or its independent
contractor(s), in any methods, to agree in oral or written form,
to directly or indirectly restrict, weaken or relinquish his or
her rights or remedies under such laws, regulations, rules and
standards relating to labor and employment as mentioned above,
no matter whether such written or oral agreement are enforceable
under the laws of the said jurisdiction, nor shall such individual
or the legal entity limit, in any methods, the rights of its employee(s)
or independent contractor(s) from reporting or complaining to the copyright
holder or relevant authorities monitoring the compliance of the license
about its violation(s) of the said license.
THE LICENSED WORK IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS
FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE COPYRIGHT
HOLDER BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION
OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN ANY WAY CONNECTION
WITH THE LICENSED WORK OR THE USE OR OTHER DEALINGS IN THE LICENSED WORK.
================================================
FILE: README.md
================================================
# AliyunDrive ECC Signature
> Welcome star, issue and pull requests.
## What can it do
1. Generate random `ECC` key-pair to create a new session.
2. Get the file’s download url without `invalid X-Device-Id`.
## How to use
1. Set the `deviceId` in line 7.
2. Set the `userId` in line 8.
3. Set the `authorization` in line 34.
4. (Optional) Set the private key in line 11,12. (Only if you want to use custom key-pair.)
## Some details
1. `deviceId` could be found in `DevTools` -> `Application` -> `Local Storage` -> `cna`.
2. `userId` could be found in `DevTools` -> `Application` -> `Local Storage` -> `token` -> `user_id`.
3. `authorization` could be found in `Network`, choose any request, `Request Headers` -> `authorization`.
4. `private key` could be found in `DevTools` -> `Application` -> `IndexedDB` -> `ALIYUN_DRIVE_CLIENT_SIGNATURE` -> `signature` -> `privateKey`.
`private key` will be generated automatically, so there’s no need to specificate.
## Last
There’re some problems need to be solved.
* [x] How to generate a `deviceId`?
Just a UUIDv4 string, So you can generate a deviceId randomly.
* [ ] How to generate `authorization` from cookie or local storage?
* [ ] How often is `nonce` updated? (Could be frozen?)
## Test
You can use `ali_renew_test.py` to test `nonce` update.
If `nonce` is 0, it will create a session automatically.
If `nonce` is larger than 0, it will renew the session.
**Notice:** If it fails, try to increase the interval.
Now it could pass almost 1000 rounds :thumbsup:
## LICENSE
Anti-996-License.
================================================
FILE: ali.py
================================================
import hashlib
import ecdsa
import requests
import random
appId = "5dde4e1bdf9e4966b387ba58f4b3fdc3"
deviceId = "e5173011-XXXX-XXXX-XXXX-XXXXf04f3c62"
userId = "XXXXf36e37XXXX79bdXXXXdeb6203f67"
nonce = 0
# private_key = [175, 87, 171, 214, 222, 196, 127, 36, 25, 50, 237, 179, 71, 81, 49, 196,
# 250, 103, 115, 203, 138, 179, 192, 182, 43, 175, 233, 72, 200, 14, 64, 254]
# private_key = int.from_bytes(private_key, byteorder='big')
private_key = random.randint(1, 2**256-1)
ecc_pri = ecdsa.SigningKey.from_secret_exponent(
private_key, curve=ecdsa.SECP256k1)
ecc_pub = ecc_pri.get_verifying_key()
public_key = "04"+ecc_pub.to_string().hex()
def r(appId: str, deviceId: str, userId: str, nonce: int) -> str:
return f"{appId}:{deviceId}:{userId}:{nonce}"
def sign(appId, deviceId, userId, nonce) -> str:
sign_dat = ecc_pri.sign(r(appId, deviceId, userId, nonce).encode('utf-8'), entropy=None,
hashfunc=hashlib.sha256)
return sign_dat.hex()+"01"
signature = sign(appId, deviceId, userId, nonce)
headers = {
"authorization": "Bearer BEARERBEARER",
"origin": "https://www.aliyundrive.com",
"referer": "https://www.aliyundrive.com/",
"user-agent": "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.0.0 Safari/537.36 Edg/110.0.1587.41",
"x-canary": "client=web,app=adrive,version=v3.17.0",
"x-device-id": deviceId,
"x-signature": signature,
}
req = requests.post(
"https://api.aliyundrive.com/users/v1/users/device/create_session",
json={
"deviceName": "Edge浏览器",
"modelName": "Windows网页版",
"pubKey": public_key,
},
headers=headers)
print(req.json())
# {'result': True, 'success': True, 'code': None, 'message': None}
req = requests.post("https://api.aliyundrive.com/v2/file/get_download_url",
json={"expire_sec": 14400, "drive_id": "341789",
"file_id": "63dd352b22e34327c0f84277b389eb381XXXXXXX"},
headers=headers)
print(req.json())
# {'domain_id': 'bj29', 'drive_id': '341789', 'file_id': '63dd352b22e34327c0f84277b389eb381XXXXXXX', 'revision_id': '63dd352ba95fd7...
================================================
FILE: ali_renew_test.py
================================================
import hashlib
import ecdsa
import requests
import random
import time
appId = "5dde4e1bdf9e4966b387ba58f4b3fdc3"
deviceId = "e5173011-XXXX-XXXX-XXXX-XXXXf04f3c62"
userId = "XXXXf36e37XXXX79bdXXXXdeb6203f67"
# nonce = 0
# private_key = [175, 87, 171, 214, 222, 196, 127, 36, 25, 50, 237, 179, 71, 81, 49, 196,
# 250, 103, 115, 203, 138, 179, 192, 182, 43, 175, 233, 72, 200, 14, 64, 254]
# private_key = int.from_bytes(private_key, byteorder='big')
private_key = random.randint(1, 2**256-1)
ecc_pri = ecdsa.SigningKey.from_secret_exponent(
private_key, curve=ecdsa.SECP256k1)
ecc_pub = ecc_pri.get_verifying_key()
public_key = "04"+ecc_pub.to_string().hex()
def r(appId: str, deviceId: str, userId: str, nonce: int) -> str:
return f"{appId}:{deviceId}:{userId}:{nonce}"
def sign(appId, deviceId, userId, nonce) -> str:
sign_dat = ecc_pri.sign(r(appId, deviceId, userId, nonce).encode('utf-8'), entropy=None,
hashfunc=hashlib.sha256)
return sign_dat.hex()+"01"
for nonce in range(1000):
print(f"Testing nonce = {nonce}", end=' ')
signature = sign(appId, deviceId, userId, nonce)
headers = {
"authorization": "Bearer BEARERBEARER",
"origin": "https://www.aliyundrive.com",
"referer": "https://www.aliyundrive.com/",
"user-agent": "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.0.0 Safari/537.36 Edg/110.0.1587.41",
"x-canary": "client=web,app=adrive,version=v3.17.0",
"x-device-id": deviceId,
"x-signature": signature,
}
if nonce == 0:
req = requests.post(
"https://api.aliyundrive.com/users/v1/users/device/create_session",
json={
"deviceName": "Edge浏览器",
"modelName": "Windows网页版",
"pubKey": public_key,
},
headers=headers)
# print(req.json())
# {'result': True, 'success': True, 'code': None, 'message': None}
assert req.json()['result']
else:
req = requests.post(
"https://api.aliyundrive.com/users/v1/users/device/renew_session",
json={},
headers=headers)
# print(req.json())
# {'result': True, 'success': True, 'code': None, 'message': None}
assert req.json()['result']
req = requests.post("https://api.aliyundrive.com/v2/file/get_download_url",
json={"expire_sec": 14400, "drive_id": "341789",
"file_id": "63dd352b22e34327c0f84277b389eb381XXXXXXX"},
headers=headers)
# print(req.json())
# {'domain_id': 'bj29', 'drive_id': '341789', 'file_id': '63dd352b22e34327c0f84277b389eb381XXXXXXX', 'revision_id': '63dd352ba95fd7...
assert 'url' in req.json()
print("Passed!")
time.sleep(0.5) # 0.5s is the minimum interval between requests
================================================
FILE: requirements.txt
================================================
ecdsa
requests
gitextract_dcene0tx/ ├── LICENSE ├── README.md ├── ali.py ├── ali_renew_test.py └── requirements.txt
SYMBOL INDEX (4 symbols across 2 files) FILE: ali.py function r (line 21) | def r(appId: str, deviceId: str, userId: str, nonce: int) -> str: function sign (line 25) | def sign(appId, deviceId, userId, nonce) -> str: FILE: ali_renew_test.py function r (line 22) | def r(appId: str, deviceId: str, userId: str, nonce: int) -> str: function sign (line 26) | def sign(appId, deviceId, userId, nonce) -> str:
Condensed preview — 5 files, each showing path, character count, and a content snippet. Download the .json file or copy for the full structured content (10K chars).
[
{
"path": "LICENSE",
"chars": 2660,
"preview": "Copyright (c) <year> <copyright holders>\n\nAnti 996 License Version 1.0 (Draft)\n\nPermission is hereby granted to any indi"
},
{
"path": "README.md",
"chars": 1566,
"preview": "# AliyunDrive ECC Signature\n\n> Welcome star, issue and pull requests.\n\n## What can it do\n\n1. Generate random `ECC` key-p"
},
{
"path": "ali.py",
"chars": 2214,
"preview": "import hashlib\nimport ecdsa\nimport requests\nimport random\n\nappId = \"5dde4e1bdf9e4966b387ba58f4b3fdc3\"\ndeviceId = \"e51730"
},
{
"path": "ali_renew_test.py",
"chars": 2932,
"preview": "import hashlib\nimport ecdsa\nimport requests\nimport random\nimport time\n\nappId = \"5dde4e1bdf9e4966b387ba58f4b3fdc3\"\ndevice"
},
{
"path": "requirements.txt",
"chars": 15,
"preview": "ecdsa\nrequests\n"
}
]
About this extraction
This page contains the full source code of the kazutoiris/ali_ecc GitHub repository, extracted and formatted as plain text for AI agents and large language models (LLMs). The extraction includes 5 files (9.2 KB), approximately 2.8k tokens, and a symbol index with 4 extracted functions, classes, methods, constants, and types. Use this with OpenClaw, Claude, ChatGPT, Cursor, Windsurf, or any other AI tool that accepts text input. You can copy the full output to your clipboard or download it as a .txt file.
Extracted by GitExtract — free GitHub repo to text converter for AI. Built by Nikandr Surkov.