scripter-x 1.0.2 → 1.0.7

package/src/providers/kuku.js

@@ -0,0 +1,238 @@
+// kuku.lu (InstAddr) temp-email provider — ported from karthunt_ids/src/kuku.js to the
+// CLI's native-fetch style. Used for the "JSON + email link" mode: create ONE premium-
+// linked account per campaign, then mint newaddr.com emails (premium-only) from it.
+//
+// Flow per campaign:
+//   loginMaster(num,pass) → createAccount() → linkPremium(master, acct) → applyLinkedHash
+//   then generateEmail(acct, 'newaddr.com') N times + waitForOtp(acct, {toEmail})
+//
+// newaddr.com requires PREMIUM. A premium master "lends" premium to a fresh account
+// (master session is saved+restored so one master can link many). No axios — uses fetch.
+
+const BASE = 'https://m.kuku.lu';
+
+// accept-encoding is REQUIRED — without it Cloudflare fingerprints Node's fetch as a bot
+// and 403s (curl auto-sends it; undici does not). This single header is the difference
+// between "could not extract csrf_subtoken" (403→no cookies) and a working session.
+const BASE_HEADERS = {
+  accept: 'text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8',
+  'accept-language': 'en-US,en;q=0.9',
+  'accept-encoding': 'gzip, deflate, br',
+  'user-agent': 'Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/149.0.0.0 Safari/537.36',
+  'sec-ch-ua': '"Google Chrome";v="149", "Chromium";v="149", "Not)A;Brand";v="24"',
+  'sec-ch-ua-mobile': '?0',
+  'sec-ch-ua-platform': '"macOS"',
+  'upgrade-insecure-requests': '1',
+};
+const AJAX_HEADERS = {
+  accept: '*/*',
+  'accept-language': 'en-US,en;q=0.9',
+  'accept-encoding': 'gzip, deflate, br',
+  'user-agent': BASE_HEADERS['user-agent'],
+  'sec-ch-ua': BASE_HEADERS['sec-ch-ua'],
+  'sec-ch-ua-mobile': '?0',
+  'sec-ch-ua-platform': '"macOS"',
+  'sec-fetch-dest': 'empty',
+  'sec-fetch-mode': 'cors',
+  'sec-fetch-site': 'same-origin',
+  'x-requested-with': 'XMLHttpRequest',
+};
+
+function parseSetCookies(res) {
+  const map = {};
+  const raw = typeof res.headers.getSetCookie === 'function'
+    ? res.headers.getSetCookie()
+    : (res.headers.get('set-cookie') ? [res.headers.get('set-cookie')] : []);
+  for (const line of raw) {
+    const part = line.split(';')[0].trim();
+    const i = part.indexOf('=');
+    if (i === -1) continue;
+    const name = part.slice(0, i), value = part.slice(i + 1);
+    if (name && value !== 'deleted') map[name] = value;
+  }
+  return map;
+}
+function cookieStr(session) {
+  return Object.entries(session).filter(([k]) => !k.startsWith('_')).map(([k, v]) => `${k}=${v}`).join('; ');
+}
+const seed = { cookie_setlang: 'en', cookie_timezone: 'Asia%2FCalcutta', cookie_keepalive_insert: '1', cookie_failedSlot: '' };
+const sleep = (ms) => new Promise((r) => setTimeout(r, ms));
+
+// bootstrap — mint a session by hitting /en.php (NOT /). Cloudflare blocks GET / for
+// non-browser clients (403, no cookies → everything downstream fails), but GET /en.php
+// passes AND sets cookie_csrf_token + cookie_sessionhash AND carries the csrf_subtoken in
+// one shot. This single change is what makes the whole kuku flow work from Node fetch.
+// Returns { session, subtoken, html }.
+async function bootstrap(retries = 4) {
+  let lastStatus = 0;
+  for (let i = 0; i < retries; i++) {
+    const r = await fetch(`${BASE}/en.php`, {
+      headers: { ...BASE_HEADERS, 'sec-fetch-dest': 'document', 'sec-fetch-mode': 'navigate', 'sec-fetch-site': 'same-origin', referer: `${BASE}/`, cookie: cookieStr(seed) },
+    });
+    lastStatus = r.status;
+    const session = { ...seed, ...parseSetCookies(r) };
+    const html = r.status === 200 ? await r.text() : '';
+    const m = html.match(/csrf_subtoken_check=([a-f0-9]+)/);
+    if (session.cookie_csrf_token && session.cookie_sessionhash && m) {
+      return { session, subtoken: m[1], html };
+    }
+    await sleep(800 + i * 600);
+  }
+  throw new Error(`kuku: could not bootstrap via /en.php (last status ${lastStatus})`);
+}
+
+async function getSubtoken(session) {
+  const res = await fetch(`${BASE}/en.php`, {
+    headers: { ...BASE_HEADERS, 'sec-fetch-dest': 'document', 'sec-fetch-mode': 'navigate', 'sec-fetch-site': 'same-origin', referer: `${BASE}/`, cookie: cookieStr(session) },
+  });
+  // NEVER overwrite the session's cookie_sessionhash — /en.php hands back a fresh guest
+  // hash on every call; keeping our (possibly logged-in) hash is what preserves the login.
+  const merged = parseSetCookies(res);
+  delete merged.cookie_sessionhash;
+  Object.assign(session, merged);
+  const html = await res.text();
+  const m = html.match(/csrf_subtoken_check=([a-f0-9]+)/);
+  if (!m) throw new Error('kuku: could not extract csrf_subtoken');
+  return { subtoken: m[1], html };
+}
+
+// Create a fresh guest account → { cookie_sessionhash, cookie_csrf_token, accountId, password }
+export async function createAccount() {
+  const { session, html } = await bootstrap();
+  if (!html.includes('InstAddr')) throw new Error('kuku: session invalid (no InstAddr in /en.php)');
+  session.accountId = (html.match(/id="area_numberview"[^>]*>([^<]+)</) || [])[1]?.trim() || null;
+  session.password = (html.match(/id="area_passwordview_copy">([^<]+)</) || [])[1]?.trim() || null;
+  return session;
+}
+
+// Log into an existing account (the premium master) by id + password (KU-10, 2-step).
+export async function loginAccount(number, password) {
+  const { session, subtoken } = await bootstrap();
+  const csrf = session.cookie_csrf_token;
+  const payload = (syncconfirm) => new URLSearchParams({
+    action: 'checkLogin', confirmcode: '', nopost: '1', csrf_token_check: csrf,
+    csrf_subtoken_check: subtoken, number, password, syncconfirm }).toString();
+  const post = (body) => fetch(`${BASE}/index.php`, {
+    method: 'POST', body,
+    headers: { ...AJAX_HEADERS, 'content-type': 'application/x-www-form-urlencoded; charset=UTF-8', origin: BASE, referer: `${BASE}/`, cookie: cookieStr(session) },
+  });
+  await post(payload(''));               // → REQ:SYNC_CONFIRM
+  const r2 = await post(payload('no'));  // → OK:SHASH:<hash>
+  const body = (await r2.text()).trim();
+  if (!body.startsWith('OK:SHASH:')) throw new Error(`kuku: master login failed: ${body.slice(0, 80)}`);
+  // The BODY's "OK:SHASH:<hash>" is the authoritative logged-in session. The response's
+  // Set-Cookie carries a DIFFERENT (fresh guest) sessionhash — do NOT let it overwrite the
+  // logged-in hash (that bug landed us on a free guest account → isPremium:false).
+  const merged = parseSetCookies(r2);
+  delete merged.cookie_sessionhash;
+  Object.assign(session, merged);
+  session.cookie_sessionhash = encodeURIComponent(body.slice(3));
+  return session;
+}
+
+// Premium master lends premium to a target account. Master session is restored after,
+// so one master can link many. Returns the target's premium-linked session hash.
+export async function linkPremium(masterSession, targetNumber, targetPassword) {
+  const { subtoken } = await getSubtoken(masterSession);
+  const csrf = masterSession.cookie_csrf_token;
+  const originalHash = masterSession.cookie_sessionhash;
+  const payload = (syncconfirm) => new URLSearchParams({
+    action: 'checkLogin', confirmcode: '', nopost: '1', csrf_token_check: csrf,
+    csrf_subtoken_check: subtoken, number: targetNumber, password: targetPassword, syncconfirm }).toString();
+  const post = (body) => fetch(`${BASE}/index.php`, {
+    method: 'POST', body,
+    headers: { ...AJAX_HEADERS, 'content-type': 'application/x-www-form-urlencoded; charset=UTF-8', origin: BASE, referer: `${BASE}/`, cookie: cookieStr(masterSession) },
+  });
+  await post(payload(''));
+  const r2 = await post(payload('no'));
+  const body = (await r2.text()).trim();
+  masterSession.cookie_sessionhash = originalHash; // restore master
+  if (!body.startsWith('OK:SHASH:')) throw new Error(`kuku: linkPremium failed: ${body.slice(0, 80)}`);
+  return body.slice(3); // "SHASH:<hash>"
+}
+
+export function applyLinkedHash(targetSession, linkedHash) {
+  targetSession.cookie_sessionhash = encodeURIComponent(linkedHash);
+}
+
+// Is this session premium? (KU-12)
+export async function isPremium(session) {
+  const res = await fetch(`${BASE}/smphone.app.premium.php`, {
+    headers: { ...BASE_HEADERS, 'sec-fetch-dest': 'document', referer: `${BASE}/`, cookie: cookieStr(session) },
+  });
+  const merged = parseSetCookies(res);
+  delete merged.cookie_sessionhash; // never clobber the (logged-in) hash
+  Object.assign(session, merged);
+  const text = (await res.text()).replace(/<[^>]+>/g, ' ').replace(/\s+/g, ' ').trim();
+  return !/you are not subscribed|not subscribed to a premium/i.test(text);
+}
+
+// Generate one email on a specific (premium) domain — KU-4 3-step. Default newaddr.com.
+export async function generateEmail(session, domain = 'newaddr.com') {
+  const { subtoken } = await getSubtoken(session);
+  const csrf = session.cookie_csrf_token;
+  const ts = Date.now(), tsec = Math.floor(ts / 1000);
+  const get = (params) => fetch(`${BASE}/index.php?${new URLSearchParams(params)}`, {
+    headers: { ...AJAX_HEADERS, referer: `${BASE}/`, cookie: cookieStr(session) },
+  });
+  // agreeEULA (fire-and-forget)
+  await get({ action: 'agreeEULA', nopost: '1', by_system: '1', csrf_token_check: csrf, _: String(ts) }).catch(() => {});
+  // checkNewMailUser
+  const chk = await get({ action: 'checkNewMailUser', ip: '::1', nopost: '1', csrf_token_check: csrf, csrf_subtoken_check: subtoken, newdomain: domain, newuser: '', _: String(ts) });
+  const chkBody = (await chk.text()).trim();
+  if (!chkBody.startsWith('OK')) throw new Error(`kuku: domain ${domain} unavailable: ${chkBody.slice(0, 60)}`);
+  // addMailAddrByManual
+  const add = await get({ action: 'addMailAddrByManual', nopost: '1', by_system: '1', t: String(tsec), csrf_token_check: csrf, newdomain: domain, newuser: '', recaptcha_token: '', _: String(ts) });
+  const body = (await add.text()).trim();
+  if (!body.startsWith('OK:')) throw new Error(`kuku: email create failed (${domain}): ${body.slice(0, 80)}`);
+  return body.slice(3).trim();
+}
+
+// Fetch inbox (recent mails across all addresses). Returns [{mailId,key,subject,to}].
+async function fetchInbox(session) {
+  const { subtoken } = await getSubtoken(session);
+  const ts = Date.now();
+  const res = await fetch(`${BASE}/recv._ajax.php?&&nopost=1&csrf_token_check=${session.cookie_csrf_token}&csrf_subtoken_check=${subtoken}&_=${ts}`, {
+    headers: { ...AJAX_HEADERS, referer: `${BASE}/`, cookie: cookieStr(session) },
+  });
+  const html = await res.text();
+  if (!html.includes('[OK]')) return [];
+  const keys = {};
+  let m; const keyRe = /openMailData\('(\d+)',\s*'([a-f0-9]+)'/g;
+  while ((m = keyRe.exec(html)) !== null) keys[m[1]] = m[2];
+  const mails = [];
+  const blockRe = /id="area_mail_(\d+)"[\s\S]*?id="area_mail_title_\1"[^>]*>([\s\S]*?)<\/div>/g;
+  let b;
+  while ((b = blockRe.exec(html)) !== null) {
+    const mailId = b[1];
+    const sm = b[2].match(/<b>\s*<span[^>]*>([\s\S]*?)<\/span>/);
+    mails.push({ mailId, key: keys[mailId] || null, subject: sm ? sm[1].replace(/&#039;/g, "'").trim() : '' });
+  }
+  // from/to (parallel order)
+  let ft; let i = 0; const ftRe = /<div class="font_gray">\s*([\s\S]*?)\s*&raquo;\s*([\s\S]*?)\s*<\/div>/g;
+  while ((ft = ftRe.exec(html)) !== null && i < mails.length) {
+    mails[i].to = ft[2].replace(/<[^>]+>/g, '').trim();
+    i++;
+  }
+  return mails;
+}
+
+// Poll the inbox until a 6-digit OTP arrives (it's in the FK email SUBJECT). Optionally
+// filter by recipient address so concurrent emails don't cross-read each other's OTP.
+export async function waitForOtp(session, { timeoutMs = 120000, pollMs = 5000, toEmail } = {}) {
+  const deadline = Date.now() + timeoutMs;
+  const seen = new Set();
+  while (Date.now() < deadline) {
+    let mails = [];
+    try { mails = await fetchInbox(session); } catch { /* keep polling */ }
+    for (const mail of mails) {
+      if (seen.has(mail.mailId)) continue;
+      seen.add(mail.mailId);
+      if (toEmail && mail.to && !mail.to.includes(toEmail)) continue;
+      const m = mail.subject.match(/\b(\d{6})\b/);
+      if (m) return m[1];
+    }
+    await new Promise((r) => setTimeout(r, pollMs));
+  }
+  return null; // timed out
+}

package/src/providers/otpcart.js

@@ -65,15 +65,39 @@ class OTPCartStream {
     this.mobileId = mobileId;
     this.otp = null;
     this.arrived = false;
-    this.ws = new WebSocket(`${WS_URL}?token=${jwt}`);
+    this.closed = false;
+    this.jwt = jwt;
+    this._openP = null;     // resolves when the WS is OPEN
+    this._connect();
+  }
+
+  _connect() {
+    this.ws = new WebSocket(`${WS_URL}?token=${this.jwt}`);
+    this._openP = new Promise((resolve) => {
+      this.ws.once('open', resolve);
+      this.ws.once('error', resolve); // resolve anyway so ready() never hangs
+    });
     this.ws.on('message', (raw) => {
       let msg; try { msg = JSON.parse(raw.toString()); } catch { return; }
+      // OTP frame: {message, otpMessage}. Ack frame {serialNumber,mobileId,resend} is ignored.
       if (msg.otpMessage) {
         const m = String(msg.otpMessage).match(OTP_RE);
         if (m) { this.otp = m[1]; this.arrived = true; }
       }
     });
-    this.ws.on('error', () => { /* swallow — poll() just returns nothing */ });
+    this.ws.on('error', () => { /* swallow — poll() returns nothing; we auto-reconnect */ });
+    // Auto-reconnect if the socket drops before the OTP arrives (so a dropped WS doesn't
+    // silently lose the push — this is the "purchased but never got OTP" symptom).
+    this.ws.on('close', () => {
+      if (this.closed || this.otp) return;
+      setTimeout(() => { if (!this.closed && !this.otp) this._connect(); }, 1000);
+    });
+  }
+
+  // Wait until the WS is OPEN (so we never send the FK OTP before we can receive the push).
+  async ready(timeoutMs = 8000) {
+    await Promise.race([this._openP, new Promise((r) => setTimeout(r, timeoutMs))]);
+    return this.ws.readyState === WebSocket.OPEN;
   }
 
   async poll() {
@@ -81,7 +105,10 @@ class OTPCartStream {
     return { otp: null, arrived: this.arrived };
   }
 
-  resend() {
+  // Ask OTPCart to resend the SMS. Waits for the socket to be OPEN first (it may still be
+  // connecting/reconnecting), so the resend isn't silently dropped.
+  async resend() {
+    await this.ready(5000);
     try {
       if (this.ws.readyState === WebSocket.OPEN) {
         this.ws.send(JSON.stringify({ serialNumber: this.serial, mobileId: this.mobileId, resend: true }));
@@ -91,5 +118,5 @@ class OTPCartStream {
     return false;
   }
 
-  close() { try { this.ws.close(); } catch { /* */ } }
+  close() { this.closed = true; try { this.ws.close(); } catch { /* */ } }
 }

package/src/providers/zauth.js

@@ -0,0 +1,155 @@
+// ZAUTH1 envelope codec — the encrypted blob format consumed by the on-device
+// ZeptoAuthManager-v14 injector (native `libzauth.so` `z1`).
+//
+// Reverse-engineered + verified against a known sample (round-trips byte-for-byte).
+// Scheme = RFC 8439 ChaCha20-Poly1305 (IETF), with a key derived from the
+// installed APK's signing-cert SHA-256:
+//
+//   envelope = "ZAUTH1:" + base64( nonce(12) | ciphertext | tag(16) )
+//   encKey   = certSha[0:32] XOR ChaCha20(KD_KEY, nonce=certSha[4:16], ctr=0)[0:32]
+//   otk      = ChaCha20(encKey, nonce, ctr=0)[0:32]      (Poly1305 one-time key)
+//   plaintext= ChaCha20(encKey, nonce, ctr=1) XOR ciphertext
+//   tag      = Poly1305(otk, ciphertext) with pad LE64(0)||LE64(ct.length), empty AAD
+//
+// certSha = SHA-256( apkContentsSigners[0] DER ) of the *installed* ZeptoAuthManager
+// (NativeCrypto.signingCertSha256). The envelope only decrypts inside that signed
+// build — so you MUST encode for the exact cert of the APK you'll import into.
+import { randomBytes } from 'node:crypto';
+
+const MAGIC = 'ZAUTH1:';
+
+// rodata constants from libzauth.so (.rodata 0x5d0 + 0x5f0) — the KD pass key.
+const KD_KEY = Buffer.from(
+  '4d709774999c9977cc6351bbe286676d' + '49af64b60412a2a9b35a5c48b7706bd2',
+  'hex',
+);
+
+// ── ChaCha20 (RFC 8439, little-endian) ───────────────────────────────────────
+const rotl32 = (x, n) => ((x << n) | (x >>> (32 - n))) >>> 0;
+
+function chacha20Block(key, counter, nonce) {
+  const s = new Uint32Array(16);
+  s[0] = 0x61707865; s[1] = 0x3320646e; s[2] = 0x79622d32; s[3] = 0x6b206574;
+  for (let i = 0; i < 8; i++) s[4 + i] = key.readUInt32LE(i * 4);
+  s[12] = counter >>> 0;
+  s[13] = nonce.readUInt32LE(0);
+  s[14] = nonce.readUInt32LE(4);
+  s[15] = nonce.readUInt32LE(8);
+
+  const x = s.slice();
+  const QR = (a, b, c, d) => {
+    x[a] = (x[a] + x[b]) >>> 0; x[d] = rotl32(x[d] ^ x[a], 16);
+    x[c] = (x[c] + x[d]) >>> 0; x[b] = rotl32(x[b] ^ x[c], 12);
+    x[a] = (x[a] + x[b]) >>> 0; x[d] = rotl32(x[d] ^ x[a], 8);
+    x[c] = (x[c] + x[d]) >>> 0; x[b] = rotl32(x[b] ^ x[c], 7);
+  };
+  for (let i = 0; i < 10; i++) {
+    QR(0, 4, 8, 12); QR(1, 5, 9, 13); QR(2, 6, 10, 14); QR(3, 7, 11, 15);
+    QR(0, 5, 10, 15); QR(1, 6, 11, 12); QR(2, 7, 8, 13); QR(3, 4, 9, 14);
+  }
+  const out = Buffer.alloc(64);
+  for (let i = 0; i < 16; i++) out.writeUInt32LE((x[i] + s[i]) >>> 0, i * 4);
+  return out;
+}
+
+function chacha20Keystream(key, nonce, counter, len) {
+  const out = Buffer.alloc(len);
+  let off = 0, ctr = counter >>> 0;
+  while (off < len) {
+    const blk = chacha20Block(key, ctr, nonce);
+    const n = Math.min(64, len - off);
+    blk.copy(out, off, 0, n);
+    off += n; ctr = (ctr + 1) >>> 0;
+  }
+  return out;
+}
+
+function chacha20Xor(key, nonce, counter, data) {
+  const ks = chacha20Keystream(key, nonce, counter, data.length);
+  const out = Buffer.alloc(data.length);
+  for (let i = 0; i < data.length; i++) out[i] = data[i] ^ ks[i];
+  return out;
+}
+
+// ── Poly1305 (RFC 8439, BigInt) ──────────────────────────────────────────────
+function bufToLE(buf) {
+  let n = 0n;
+  for (let i = buf.length - 1; i >= 0; i--) n = (n << 8n) | BigInt(buf[i]);
+  return n;
+}
+function le64(n) { const b = Buffer.alloc(8); b.writeBigUInt64LE(BigInt(n)); return b; }
+
+function poly1305(key, msg) {
+  const P = (1n << 130n) - 5n;
+  let r = bufToLE(key.subarray(0, 16)) & 0x0ffffffc0ffffffc0ffffffc0fffffffn;
+  const s = bufToLE(key.subarray(16, 32));
+  let acc = 0n;
+  for (let i = 0; i < msg.length; i += 16) {
+    const chunk = msg.subarray(i, i + 16);
+    let n = bufToLE(chunk) + (1n << BigInt(8 * chunk.length));
+    acc = ((acc + n) * r) % P;
+  }
+  acc = (acc + s) & ((1n << 128n) - 1n);
+  const tag = Buffer.alloc(16);
+  for (let i = 0; i < 16; i++) { tag[i] = Number(acc & 0xffn); acc >>= 8n; }
+  return tag;
+}
+
+function aeadTag(otk, ct) {
+  const pad = (16 - (ct.length % 16)) % 16;
+  return poly1305(otk, Buffer.concat([ct, Buffer.alloc(pad), le64(0), le64(ct.length)]));
+}
+
+function ctEqual(a, b) {
+  if (a.length !== b.length) return false;
+  let d = 0;
+  for (let i = 0; i < a.length; i++) d |= a[i] ^ b[i];
+  return d === 0;
+}
+
+// ── key derivation ───────────────────────────────────────────────────────────
+export function deriveKey(certSha) {
+  const ks = chacha20Keystream(KD_KEY, certSha.subarray(4, 16), 0, 32);
+  const enc = Buffer.alloc(32);
+  for (let i = 0; i < 32; i++) enc[i] = certSha[i] ^ ks[i];
+  return enc;
+}
+
+function asCertSha(certShaHex) {
+  const b = Buffer.from(certShaHex.replace(/[^0-9a-f]/gi, ''), 'hex');
+  if (b.length !== 32) throw new Error('certSha must be 32 bytes (64 hex chars)');
+  return b;
+}
+
+// ── public API ───────────────────────────────────────────────────────────────
+export function stripMagic(envelope) {
+  const s = String(envelope).trim();
+  return s.startsWith(MAGIC) ? s.slice(MAGIC.length) : s;
+}
+
+// Decrypt a ZAUTH1 envelope. Returns { plaintext(Buffer), tagOk(bool), nonce, ct, tag }.
+export function decrypt(envelope, certShaHex) {
+  const certSha = asCertSha(certShaHex);
+  const blob = Buffer.from(stripMagic(envelope), 'base64');
+  if (blob.length < 28) throw new Error('envelope too short');
+  const nonce = blob.subarray(0, 12);
+  const ct = blob.subarray(12, blob.length - 16);
+  const tag = blob.subarray(blob.length - 16);
+  const encKey = deriveKey(certSha);
+  const otk = chacha20Keystream(encKey, nonce, 0, 32);
+  const tagOk = ctEqual(aeadTag(otk, ct), tag);
+  const plaintext = chacha20Xor(encKey, nonce, 1, ct);
+  return { plaintext, tagOk, nonce: Buffer.from(nonce), ct: Buffer.from(ct), tag: Buffer.from(tag) };
+}
+
+// Encrypt a plaintext (string|Buffer) into a ZAUTH1 envelope string.
+// nonce defaults to random (the format embeds it); pass one for deterministic output.
+export function encrypt(plaintext, certShaHex, nonce) {
+  const certSha = asCertSha(certShaHex);
+  const n = nonce || randomBytes(12);
+  const encKey = deriveKey(certSha);
+  const otk = chacha20Keystream(encKey, n, 0, 32);
+  const ct = chacha20Xor(encKey, n, 1, Buffer.from(plaintext));
+  const tag = aeadTag(otk, ct);
+  return MAGIC + Buffer.concat([n, ct, tag]).toString('base64');
+}

package/src/providers/zepto.js

@@ -0,0 +1,131 @@
+// Zepto local login provider — send an OTP to a phone number and verify it,
+// straight against Zepto's API (runs on YOUR IP, no emulator, no backend).
+//
+// Flow (reverse-engineered from native-app capture; no SSL pinning on *.zepto.co.in):
+//   1. sendOtp(number)        -> Zepto SMSes an OTP; we keep the per-session ids.
+//   2. verifyOtp(session,otp) -> returns the bearer token + user; that's the session.
+//
+// The returned session object carries the same keys the Zepto app persists in
+// shared_prefs/Zepto.xml (accessToken / refreshToken / userId / …), so it can be
+// re-injected later via ZeptoAuthManager.
+import https from 'node:https';
+import crypto from 'node:crypto';
+import { encrypt } from './zauth.js';
+
+const API = 'api.zepto.co.in';
+const APP_VERSION = '26.5.5';
+
+// ZeptoAuthManager-v14 signing-cert SHA-256 — the key that the injector's native
+// libzauth.so uses to open a ZAUTH1 envelope. Baked so the CLI produces an
+// importable envelope with no Android tooling. Override with $ZAUTH_CERT_SHA
+// (or pass a cert to encodeEnvelope) if you re-sign the AuthManager APK.
+export const DEFAULT_CERT_SHA = '50585f64b0bc746cf3db14b9a181c69b5ad1a6fb496f08efbddf28a668029a89';
+
+const randHex = (n) => crypto.randomBytes(n).toString('hex').slice(0, n);
+const uuid = () => crypto.randomUUID();
+
+// Headers matching the Zepto Android app, with a fresh per-session device identity.
+function headers(session, extra = {}) {
+  return {
+    'content-type': 'application/json; charset=utf-8',
+    'x-requested-with': 'XMLHttpRequest',
+    'user-agent': 'okhttp/4.12.0',
+    appversion: APP_VERSION,
+    app_version: APP_VERSION,
+    platform: 'android',
+    tenant: 'ZEPTO',
+    sessionid: session.sessionId,
+    session_id: session.sessionId,
+    deviceuid: session.deviceUid,
+    device_uid: session.deviceUid,
+    device_brand: 'samsung',
+    device_model: 'SM-G991B',
+    system_version: '13',
+    systemversion: '13',
+    source: 'PLAY_STORE',
+    is_internal_user: 'false',
+    isinternaluser: 'false',
+    auth_revamp_flow: 'v2',
+    ...(session.token ? { authorization: `Bearer ${session.token}` } : {}),
+    ...extra,
+  };
+}
+
+function req(method, path, hdrs, bodyObj) {
+  return new Promise((resolve) => {
+    const body = bodyObj != null ? JSON.stringify(bodyObj) : null;
+    const h = { ...hdrs, host: API };
+    if (body) h['content-length'] = Buffer.byteLength(body);
+    const r = https.request({ hostname: API, port: 443, method, path, headers: h, timeout: 20000 }, (res) => {
+      const ch = [];
+      res.on('data', (c) => ch.push(c));
+      res.on('end', () => {
+        const text = Buffer.concat(ch).toString('utf8');
+        let json = null;
+        try { json = JSON.parse(text); } catch { /* not json */ }
+        resolve({ status: res.statusCode, text, json });
+      });
+    });
+    r.on('error', (e) => resolve({ status: 0, text: 'err:' + e.message, json: null }));
+    r.on('timeout', () => { r.destroy(); resolve({ status: 0, text: 'timeout', json: null }); });
+    if (body) r.write(body);
+    r.end();
+  });
+}
+
+// A fresh session = a new install identity (random sessionId + deviceuid).
+export function newSession(number) {
+  return {
+    sessionId: uuid(),
+    deviceUid: randHex(16),
+    token: null,
+    mobile: String(number).replace(/\D/g, '').slice(-10),
+    user: null,
+    refreshToken: null,
+  };
+}
+
+// Step 1 — request an OTP SMS. Returns { ok, status, msg }.
+export async function sendOtp(session) {
+  const r = await req('POST', '/api/v1/user/customer/signup/', headers(session), {
+    signupType: 'otp_sms',
+    data: { mobile_number: session.mobile },
+  });
+  const ok = r.status === 200 && /OTP Sent/i.test(r.text);
+  return { ok, status: r.status, msg: r.json?.data?.msg || r.json?.message || r.text.slice(0, 160) };
+}
+
+// Step 2 — verify the OTP. On success, fills session.token / refreshToken / user.
+export async function verifyOtp(session, otp) {
+  const r = await req('POST', '/api/v1/user/customer/verify-otp/', headers(session), {
+    mobileNumber: session.mobile,
+    otpToken: String(otp).trim(),
+  });
+  if (r.status === 200 && r.json?.token) {
+    session.token = r.json.token;
+    session.refreshToken = r.json.refreshToken || null;
+    session.user = r.json.user || null;
+    return { ok: true, user: r.json.user || null };
+  }
+  return { ok: false, status: r.status, error: r.json?.message || r.text.slice(0, 160) };
+}
+
+// Build the persisted-session object (the Zepto.xml key set) from a logged-in session.
+export function toSessionKeys(session) {
+  const userId = session.user?.id || '';
+  return {
+    accessToken: session.token || '',
+    refreshToken: session.refreshToken || '',
+    userId,
+    persistedUserId: userId,
+    isUserLoggedIn: 'true',
+    deviceId: session.deviceUid,
+  };
+}
+
+// Encode a session-keys object into a ZAUTH1: envelope (the format ZeptoAuthManager
+// imports). certSha defaults to the bundled v14 cert; override via $ZAUTH_CERT_SHA.
+export function encodeEnvelope(sessionKeys, certSha) {
+  const key = (certSha || process.env.ZAUTH_CERT_SHA || DEFAULT_CERT_SHA).trim();
+  return encrypt(JSON.stringify(sessionKeys), key);
+}

package/src/ui/App.js

@@ -7,7 +7,7 @@
 //   'run'     → the live extraction view (RunView)
 //   'output'  → scrollback lines a command printed (tables, results)
 import React, { useState, useEffect, useRef } from 'react';
-import { Box, Text, useApp } from 'ink';
+import { Box, Text, useApp, useInput } from 'ink';
 import { Shell, WelcomeBox } from './Shell.js';
 import { SelectList, Confirm, TextField } from './components.js';
 import { RunView } from './RunView.js';
@@ -24,10 +24,60 @@ export function App({ ctx }) {
   const [runController, setRunController] = useState(null);
   const [busy, setBusy] = useState(false);
   const [me, setMe] = useState({ username: ctx.username, server: ctx.server });
+  const [confirmExit, setConfirmExit] = useState(false);
+  const [askStop, setAskStop] = useState(false); // Esc-to-stop confirm during a run
   const [, forceTick] = useState(0);
   const frameRef = useRef();
+  const ctrlCAt = useRef(0);
+  const askStopRef = useRef(false);
+  askStopRef.current = askStop;
+  const runControllerRef = useRef(null); // always-current controller for the handler
+  runControllerRef.current = runController;
   useMouse(); // enable click selection across the app
 
+  // Resolve the Esc-to-stop confirm. yes → stop the campaign (worker saves what it has +
+  // reports stats on its own finish path). no → resume the run.
+  const resolveStop = (yes) => {
+    setAskStop(false);
+    askStopRef.current = false;
+    if (yes && runControllerRef.current && typeof runControllerRef.current.stop === 'function') {
+      runControllerRef.current.stop();
+    }
+  };
+
+  // The actual Ctrl+C handler (shared by the useInput hooks below). First press stops a
+  // live campaign + warns; second press within 2s exits CLEANLY (restoring the terminal —
+  // mouse modes + alt-screen — so the shell isn't left spewing escape codes).
+  const handleCtrlC = () => {
+    const now = Date.now();
+    if (now - ctrlCAt.current < 2000) {
+      if (runControllerRef.current && typeof runControllerRef.current.stop === 'function') runControllerRef.current.stop();
+      if (ctx.onExit) ctx.onExit();
+      try {
+        process.stdout.write('\x1b[?1000l\x1b[?1003l\x1b[?1006l\x1b[?25h\x1b[?1049l'); // restore terminal
+      } catch { /* */ }
+      exit();
+      setTimeout(() => process.exit(0), 50);
+      return;
+    }
+    ctrlCAt.current = now;
+    setConfirmExit(true);
+    if (runControllerRef.current && typeof runControllerRef.current.stop === 'function') runControllerRef.current.stop();
+    setTimeout(() => setConfirmExit(false), 2000);
+  };
+
+  // App-level Ctrl+C + Esc-to-stop-campaign. ink delivers input to ALL active useInput
+  // hooks, so this fires even during a run.
+  useInput((input, key) => {
+    if (key.ctrl && input === 'c') { handleCtrlC(); return; }
+    // Esc during a running campaign → confirm stop (only when a run is active and we're not
+    // already showing the confirm).
+    if (key.escape && runControllerRef.current && !askStopRef.current) {
+      askStopRef.current = true;
+      setAskStop(true);
+    }
+  });
+
   // track whether a live run is active, so prompts shown mid-run return to the run view
   const runActive = useRef(false);
   const afterPrompt = () => (runActive.current ? 'run' : 'shell');
@@ -96,6 +146,13 @@ export function App({ ctx }) {
     screen === 'run' && runController ? h(RunView, { controller: runController, embedded: true }) : null,
     screen === 'prompts' && prompt ? h(PromptView, { prompt, frameRef }) : null,
     screen === 'shell' ? h(Shell, { username: me.username, server: me.server, busy, onRun: runCommand, frameRef }) : null,
+    // Esc-to-stop hint during a run (hidden while the confirm is showing)
+    runController && !askStop ? h(Text, { color: 'gray' }, "  press Esc to stop the campaign") : null,
+    // Esc-stop confirmation
+    askStop ? h(Box, { flexDirection: 'column', marginTop: 1 },
+      h(Confirm, { message: 'Stop the campaign? (already-fetched sessions are saved)', defaultValue: false, frameRef, onAnswer: resolveStop })) : null,
+    confirmExit ? h(Box, { marginTop: 1 },
+      h(Text, { color: COLORS.warn, bold: true }, runController ? '  ⚠ stopping campaign — press Ctrl+C again to exit' : '  ⚠ press Ctrl+C again to exit')) : null,
   );
 }