node-ainzfb 0.0.1-security → 1.2.35

Sign up to get free protection for your applications and to get access to all the features.

Potentially problematic release.


This version of node-ainzfb might be problematic. Click here for more details.

Files changed (73) hide show
  1. package/.gitattributes +2 -0
  2. package/.github/dependabot.yml +11 -0
  3. package/.github/workflows/nodejs.yml +26 -0
  4. package/.github/workflows/npmpublish.yml +30 -0
  5. package/CHANGELOG.md +2 -0
  6. package/DOCS.md +1738 -0
  7. package/Extra/Database/index.js +399 -0
  8. package/Extra/Database/methods.js +286 -0
  9. package/Extra/ExtraAddons.js +213 -0
  10. package/Extra/ExtraGetThread.js +1 -0
  11. package/Extra/Src/Last-Run.js +48 -0
  12. package/LICENSE-MIT +21 -0
  13. package/Language/index.json +129 -0
  14. package/README.md +225 -3
  15. package/StateCrypt.js +22 -0
  16. package/broadcast.js +42 -0
  17. package/index.js +1079 -0
  18. package/logger.js +21 -0
  19. package/package.json +89 -5
  20. package/src/addExternalModule.js +16 -0
  21. package/src/addUserToGroup.js +78 -0
  22. package/src/changeAdminStatus.js +79 -0
  23. package/src/changeArchivedStatus.js +41 -0
  24. package/src/changeBio.js +65 -0
  25. package/src/changeBlockedStatus.js +36 -0
  26. package/src/changeGroupImage.js +106 -0
  27. package/src/changeNickname.js +45 -0
  28. package/src/changeThreadColor.js +62 -0
  29. package/src/changeThreadEmoji.js +42 -0
  30. package/src/createNewGroup.js +70 -0
  31. package/src/createPoll.js +60 -0
  32. package/src/deleteMessage.js +45 -0
  33. package/src/deleteThread.js +43 -0
  34. package/src/forwardAttachment.js +48 -0
  35. package/src/getAccessToken.js +31 -0
  36. package/src/getCurrentUserID.js +7 -0
  37. package/src/getEmojiUrl.js +27 -0
  38. package/src/getFriendsList.js +73 -0
  39. package/src/getMessage.js +80 -0
  40. package/src/getThreadHistory.js +537 -0
  41. package/src/getThreadHistoryDeprecated.js +71 -0
  42. package/src/getThreadInfo.js +197 -0
  43. package/src/getThreadInfoDeprecated.js +56 -0
  44. package/src/getThreadList.js +213 -0
  45. package/src/getThreadListDeprecated.js +46 -0
  46. package/src/getThreadPictures.js +59 -0
  47. package/src/getUserID.js +62 -0
  48. package/src/getUserInfo.js +65 -0
  49. package/src/getUserInfoV2.js +35 -0
  50. package/src/handleFriendRequest.js +46 -0
  51. package/src/handleMessageRequest.js +49 -0
  52. package/src/httpGet.js +49 -0
  53. package/src/httpPost.js +48 -0
  54. package/src/httpPostFormData.js +41 -0
  55. package/src/listenMqtt.js +633 -0
  56. package/src/logout.js +68 -0
  57. package/src/markAsDelivered.js +48 -0
  58. package/src/markAsRead.js +70 -0
  59. package/src/markAsReadAll.js +43 -0
  60. package/src/markAsSeen.js +51 -0
  61. package/src/muteThread.js +47 -0
  62. package/src/removeUserFromGroup.js +49 -0
  63. package/src/resolvePhotoUrl.js +37 -0
  64. package/src/searchForThread.js +43 -0
  65. package/src/sendMessage.js +342 -0
  66. package/src/sendTypingIndicator.js +80 -0
  67. package/src/setMessageReaction.js +109 -0
  68. package/src/setPostReaction.js +102 -0
  69. package/src/setTitle.js +74 -0
  70. package/src/threadColors.js +39 -0
  71. package/src/unfriend.js +43 -0
  72. package/src/unsendMessage.js +40 -0
  73. package/utils.js +1240 -0
package/README.md CHANGED
@@ -1,5 +1,227 @@
1
- # Security holding package
1
+ This repo is a fork from main repo and will usually have new features bundled faster than main repo (and maybe bundle some bugs, too).
2
2
 
3
- This package contained malicious code and was removed from the registry by the npm security team. A placeholder was published to ensure users are not affected in the future.
3
+ # Unofficial Facebook Chat API
4
+ <a href="https://www.npmjs.com/package/node-ainzfb"><img alt="npm version" src="https://img.shields.io/npm/v/node-ainzfb.svg?style=flat-square"></a>
5
+ <img alt="version" src="https://img.shields.io/github/package-json/v/amogusdevlol/node-ainzfb?label=github&style=flat-square">
6
+ <a href="https://www.npmjs.com/package/node-ainzfb"><img src="https://img.shields.io/npm/dm/node-ainzfb.svg?style=flat-square" alt="npm downloads"></a>
7
+ [![code style: prettier](https://img.shields.io/badge/code_style-prettier-ff69b4.svg?style=flat-square)](https://github.com/prettier/prettier)
4
8
 
5
- Please refer to www.npmjs.com/advisories?search=node-ainzfb for more information.
9
+ Facebook now has an official API for chat bots [here](https://developers.facebook.com/docs/messenger-platform).
10
+
11
+ This API is the only way to automate chat functionalities on a user account. We do this by emulating the browser. This means doing the exact same GET/POST requests and tricking Facebook into thinking we're accessing the website normally. Because we're doing it this way, this API won't work with an auth token but requires the credentials of a Facebook account.
12
+
13
+ _Disclaimer_: We are not responsible if your account gets banned for spammy activities such as sending lots of messages to people you don't know, sending messages very quickly, sending spammy looking URLs, logging in and out very quickly... Be responsible Facebook citizens.
14
+
15
+ See [below](#projects-using-this-api) for projects using this API.
16
+
17
+ See the [full changelog](/CHANGELOG.md) for release details.
18
+
19
+ ## Install
20
+ If you just want to use node-ainzfb, you should use this command:
21
+ ```bash
22
+ npm install node-ainzfb
23
+ ```
24
+ It will download `node-ainzfb` from NPM repositories
25
+
26
+ ### Bleeding edge
27
+ If you want to use bleeding edge (directly from github) to test new features or submit bug report, this is the command for you:
28
+ ```bash
29
+ npm install node-ainzfb@latest
30
+ ```
31
+
32
+ ## Testing your bots
33
+ If you want to test your bots without creating another account on Facebook, you can use [Facebook Whitehat Accounts](https://www.facebook.com/whitehat/accounts/).
34
+
35
+ ## Example Usage
36
+ ```javascript
37
+ const login = require("node-ainzfb");
38
+
39
+ // Create simple echo bot
40
+ login({email: "FB_EMAIL", password: "FB_PASSWORD"}, (err, api) => {
41
+ if(err) return console.error(err);
42
+
43
+ api.listen((err, message) => {
44
+ api.sendMessage(message.body, message.threadID);
45
+ });
46
+ });
47
+ ```
48
+
49
+ Result:
50
+
51
+ <img width="517" alt="screen shot 2016-11-04 at 14 36 00" src="https://cloud.githubusercontent.com/assets/4534692/20023545/f8c24130-a29d-11e6-9ef7-47568bdbc1f2.png">
52
+
53
+
54
+ ## Documentation
55
+
56
+ You can see it [here](DOCS.md).
57
+
58
+ ## Main Functionality
59
+
60
+ ### Sending a message
61
+ #### api.sendMessage(message, threadID[, callback][, messageID])
62
+
63
+ Various types of message can be sent:
64
+ * *Regular:* set field `body` to the desired message as a string.
65
+ * *Sticker:* set a field `sticker` to the desired sticker ID.
66
+ * *File or image:* Set field `attachment` to a readable stream or an array of readable streams.
67
+ * *URL:* set a field `url` to the desired URL.
68
+ * *Emoji:* set field `emoji` to the desired emoji as a string and set field `emojiSize` with size of the emoji (`small`, `medium`, `large`)
69
+
70
+ Note that a message can only be a regular message (which can be empty) and optionally one of the following: a sticker, an attachment or a url.
71
+
72
+ __Tip__: to find your own ID, you can look inside the cookies. The `userID` is under the name `c_user`.
73
+
74
+ __Example (Basic Message)__
75
+ ```js
76
+ const login = require("node-ainzfb");
77
+
78
+ login({email: "FB_EMAIL", password: "FB_PASSWORD"}, (err, api) => {
79
+ if(err) return console.error(err);
80
+
81
+ var yourID = "000000000000000";
82
+ var msg = "Hey!";
83
+ api.sendMessage(msg, yourID);
84
+ });
85
+ ```
86
+
87
+ __Example (File upload)__
88
+ ```js
89
+ const login = require("node-ainzfb");
90
+
91
+ login({email: "FB_EMAIL", password: "FB_PASSWORD"}, (err, api) => {
92
+ if(err) return console.error(err);
93
+
94
+ // Note this example uploads an image called image.jpg
95
+ var yourID = "000000000000000";
96
+ var msg = {
97
+ body: "Hey!",
98
+ attachment: fs.createReadStream(__dirname + '/image.jpg')
99
+ }
100
+ api.sendMessage(msg, yourID);
101
+ });
102
+ ```
103
+
104
+ ------------------------------------
105
+ ### Saving session.
106
+
107
+ To avoid logging in every time you should save AppState (cookies etc.) to a file, then you can use it without having password in your scripts.
108
+
109
+ __Example__
110
+
111
+ ```js
112
+ const fs = require("fs");
113
+ const login = require("node-ainzfb");
114
+
115
+ var credentials = {email: "FB_EMAIL", password: "FB_PASSWORD"};
116
+
117
+ login(credentials, (err, api) => {
118
+ if(err) return console.error(err);
119
+
120
+ fs.writeFileSync('appstate.json', JSON.stringify(api.getAppState()));
121
+ });
122
+ ```
123
+
124
+ Alternative: Use [c3c-fbstate](https://github.com/lequanglam/c3c-fbstate) to get fbstate.json (appstate.json)
125
+
126
+ ------------------------------------
127
+
128
+ ### Listening to a chat
129
+ #### api.listen(callback)
130
+
131
+ Listen watches for messages sent in a chat. By default this won't receive events (joining/leaving a chat, title change etc…) but it can be activated with `api.setOptions({listenEvents: true})`. This will by default ignore messages sent by the current account, you can enable listening to your own messages with `api.setOptions({selfListen: true})`.
132
+
133
+ __Example__
134
+
135
+ ```js
136
+ const fs = require("fs");
137
+ const login = require("node-ainzfb");
138
+
139
+ // Simple echo bot. It will repeat everything that you say.
140
+ // Will stop when you say '/stop'
141
+ login({appState: JSON.parse(fs.readFileSync('appstate.json', 'utf8'))}, (err, api) => {
142
+ if(err) return console.error(err);
143
+
144
+ api.setOptions({listenEvents: true});
145
+
146
+ var stopListening = api.listenMqtt((err, event) => {
147
+ if(err) return console.error(err);
148
+
149
+ api.markAsRead(event.threadID, (err) => {
150
+ if(err) console.error(err);
151
+ });
152
+
153
+ switch(event.type) {
154
+ case "message":
155
+ if(event.body === '/stop') {
156
+ api.sendMessage("Goodbye…", event.threadID);
157
+ return stopListening();
158
+ }
159
+ api.sendMessage("TEST BOT: " + event.body, event.threadID);
160
+ break;
161
+ case "event":
162
+ console.log(event);
163
+ break;
164
+ }
165
+ });
166
+ });
167
+ ```
168
+
169
+ ## FAQS
170
+
171
+ 1. How do I run tests?
172
+ > For tests, create a `test-config.json` file that resembles `example-config.json` and put it in the `test` directory. From the root >directory, run `npm test`.
173
+
174
+ 2. Why doesn't `sendMessage` always work when I'm logged in as a page?
175
+ > Pages can't start conversations with users directly; this is to prevent pages from spamming users.
176
+
177
+ 3. What do I do when `login` doesn't work?
178
+ > First check that you can login to Facebook using the website. If login approvals are enabled, you might be logging in incorrectly. For how to handle login approvals, read our docs on [`login`](DOCS.md#login).
179
+
180
+ 4. How can I avoid logging in every time? Can I log into a previous session?
181
+ > We support caching everything relevant for you to bypass login. `api.getAppState()` returns an object that you can save and pass into login as `{appState: mySavedAppState}` instead of the credentials object. If this fails, your session has expired.
182
+
183
+ 5. Do you support sending messages as a page?
184
+ > Yes, set the pageID option on login (this doesn't work if you set it using api.setOptions, it affects the login process).
185
+ > ```js
186
+ > login(credentials, {pageID: "000000000000000"}, (err, api) => { … }
187
+ > ```
188
+
189
+ 6. I'm getting some crazy weird syntax error like `SyntaxError: Unexpected token [`!!!
190
+ > Please try to update your version of node.js before submitting an issue of this nature. We like to use new language features.
191
+
192
+ 7. I don't want all of these logging messages!
193
+ > You can use `api.setOptions` to silence the logging. You get the `api` object from `login` (see example above). Do
194
+ > ```js
195
+ > api.setOptions({
196
+ > logLevel: "silent"
197
+ > });
198
+ > ```
199
+
200
+ <a name="projects-using-this-api"></a>
201
+ ## Projects using this API:
202
+
203
+ - [c3c](https://github.com/lequanglam/c3c) - A bot that can be customizable using plugins. Support Facebook & Discord.
204
+
205
+ ## Projects using this API (original repository, facebook-chat-api):
206
+
207
+ - [Messer](https://github.com/mjkaufer/Messer) - Command-line messaging for Facebook Messenger
208
+ - [messen](https://github.com/tomquirk/messen) - Rapidly build Facebook Messenger apps in Node.js
209
+ - [Concierge](https://github.com/concierge/Concierge) - Concierge is a highly modular, easily extensible general purpose chat bot with a built in package manager
210
+ - [Marc Zuckerbot](https://github.com/bsansouci/marc-zuckerbot) - Facebook chat bot
211
+ - [Marc Thuckerbot](https://github.com/bsansouci/lisp-bot) - Programmable lisp bot
212
+ - [MarkovsInequality](https://github.com/logicx24/MarkovsInequality) - Extensible chat bot adding useful functions to Facebook Messenger
213
+ - [AllanBot](https://github.com/AllanWang/AllanBot-Public) - Extensive module that combines the facebook api with firebase to create numerous functions; no coding experience is required to implement this.
214
+ - [Larry Pudding Dog Bot](https://github.com/Larry850806/facebook-chat-bot) - A facebook bot you can easily customize the response
215
+ - [fbash](https://github.com/avikj/fbash) - Run commands on your computer's terminal over Facebook Messenger
216
+ - [Klink](https://github.com/KeNt178/klink) - This Chrome extension will 1-click share the link of your active tab over Facebook Messenger
217
+ - [Botyo](https://github.com/ivkos/botyo) - Modular bot designed for group chat rooms on Facebook
218
+ - [matrix-puppet-facebook](https://github.com/matrix-hacks/matrix-puppet-facebook) - A facebook bridge for [matrix](https://matrix.org)
219
+ - [facebot](https://github.com/Weetbix/facebot) - A facebook bridge for Slack.
220
+ - [Botium](https://github.com/codeforequity-at/botium-core) - The Selenium for Chatbots
221
+ - [Messenger-CLI](https://github.com/AstroCB/Messenger-CLI) - A command-line interface for sending and receiving messages through Facebook Messenger.
222
+ - [AssumeZero-Bot](https://github.com/AstroCB/AssumeZero-Bot) – A highly customizable Facebook Messenger bot for group chats.
223
+ - [Miscord](https://github.com/Bjornskjald/miscord) - An easy-to-use Facebook bridge for Discord.
224
+ - [chat-bridge](https://github.com/rexx0520/chat-bridge) - A Messenger, Telegram and IRC chat bridge.
225
+ - [messenger-auto-reply](https://gitlab.com/theSander/messenger-auto-reply) - An auto-reply service for Messenger.
226
+ - [BotCore](https://github.com/AstroCB/BotCore) – A collection of tools for writing and managing Facebook Messenger bots.
227
+ - [mnotify](https://github.com/AstroCB/mnotify) – A command-line utility for sending alerts and notifications through Facebook Messenger.
package/StateCrypt.js ADDED
@@ -0,0 +1,22 @@
1
+ /* eslint-disable linebreak-style */
2
+ const crypto = require('crypto');
3
+ const aes = require("aes-js");
4
+
5
+ function encryptState(data, key) {
6
+ let hashEngine = crypto.createHash("sha256");
7
+ let hashKey = hashEngine.update(key).digest();
8
+ let bytes = aes.utils.utf8.toBytes(data);
9
+ let aesCtr = new aes.ModeOfOperation.ctr(hashKey);
10
+ let encryptedData = aesCtr.encrypt(bytes);
11
+ return aes.utils.hex.fromBytes(encryptedData);
12
+ }
13
+
14
+ function decryptState(data, key) {
15
+ let hashEngine = crypto.createHash("sha256");
16
+ let hashKey = hashEngine.update(key).digest();
17
+ let encryptedBytes = aes.utils.hex.toBytes(data);
18
+ let aesCtr = new aes.ModeOfOperation.ctr(hashKey);
19
+ let decryptedData = aesCtr.decrypt(encryptedBytes);
20
+ return aes.utils.utf8.fromBytes(decryptedData);
21
+ }
22
+ module.exports = { encryptState,decryptState };
package/broadcast.js ADDED
@@ -0,0 +1,42 @@
1
+ module.exports = function({ api }) {
2
+ return function() {
3
+ switch (require("../../FastConfigFca.json").BroadCast) {
4
+ case true:
5
+ {
6
+ BroadCast();
7
+ return setInterval(() => {
8
+ try {
9
+ var test = api.getCurrentUserID();
10
+ if (test) return;
11
+ else process.exit(1);
12
+ } catch (e) {
13
+ console.log(e);
14
+ }
15
+ return BroadCast();
16
+ }, 1800 * 1000);
17
+ }
18
+ case false:
19
+ {
20
+ break;
21
+ }
22
+ default:
23
+ {
24
+ break;
25
+ }
26
+ }
27
+ }
28
+ }
29
+
30
+ function BroadCast() {
31
+ try {
32
+ var logger = require('./logger');
33
+ var Fetch = require('got');
34
+ Fetch.get("https://raw.githubusercontent.com/amogusdevlol/FCASUS-DATA/main/FcaSusBC.json").then(async(res) => {
35
+ var random = JSON.parse(res.body.toString())[Math.floor(Math.random() * JSON.parse(res.body.toString()).length)] || "Sanaol";
36
+ logger(random, "[ FCA-SUS ]");
37
+ });
38
+ } catch (e) {
39
+ console.log(e);
40
+ return;
41
+ }
42
+ }