Skip to content
This repository has been archived by the owner on Dec 1, 2024. It is now read-only.

Code isn't coming to my phone after calling "request_sms_code" function #3

Open
igornazarov1991 opened this issue Feb 1, 2020 · 53 comments

Comments

@igornazarov1991
Copy link

I've implemented the "request_sms_code" function (and, of course, all other stuff that is required for it). The problem is that after calling the "v6_auth_agreement_code" function responses look like successful:

{"status_code":0,"status":"success","message":"","data":null}")

but actually a confirmation code isn't coming to a phone number specified. Do you have any ideas why it happens?

Thanks in advance.

@YeahNotSewerSide
Copy link
Owner

YeahNotSewerSide commented Feb 1, 2020

Hi, check how you are passing phone number to "request_sms_code", it must start with the country code, for Russia, for example, you must write number like that: 79202600211.

I`v just checked functions "request_sms_code" and "send_sms_code", everything works fine.

From my expierience with Numbuster's api I can tell that sometimes they just don't send sms, so if you didn`t recieved sms, try again after 1-2 minutes, also try another number, free online numbers...

@YeahNotSewerSide
Copy link
Owner

And yeah... request_sms_code doesn't need nothing else, just write something like that:

api = Numbuster()
api.request_sms_code('79219511844')
code = input('Code: ')
api.send_sms_code('79219511844',code)
print(api.access_token)

@igornazarov1991
Copy link
Author

Thanks for your quick answers! Before I sent phone numbers with "+" prefix, just checked without "+", this didn't help. To be more precise, my tests were done for Ukrainian numbers, I'll try other numbers later.

Just to be sure I'm doing everything correctly: are you also receiving the following responses:

{"status_code":0,"status":"success","message":"","data":null}")

?

@YeahNotSewerSide
Copy link
Owner

YeahNotSewerSide commented Feb 1, 2020

Yep. Everything ok, especialy if you are using functions which implemented in api.

@YeahNotSewerSide
Copy link
Owner

There's realy problem with Urkranian/USA/Greek numbers, properly works only with russian numbers, even with the app running on the emulator.

@igornazarov1991
Copy link
Author

I tried to use different services with Russian numbers for free SMS and still not able to receive a code.

Actually I'm not running your code, the function "request_sms_code" (and all the relevant functions) was implemented in Swift programming language and it is sent from iPhone application. I understand something is wrong in my setup. What is weird is that my calls receive the same successful responses as your Python API. I'm continue working on this issue when have time.

@YeahNotSewerSide
Copy link
Owner

I'v just checked "v6_auth_agreement_code()" and looks like api allways returns {"status_code":0,"status":"success","message":"","data":null}"), even when you send wrong key, so check your implementation of "v6_auth_get()". And if you want, you can send me your implementation of that functions, I will try to help you.

@YeahNotSewerSide
Copy link
Owner

Also check that function "another_profiles_without_code".

@igornazarov1991
Copy link
Author

Oh, I didn't implement "another_profiles_without_code" since thought it is not required. Will add this function. I think another potentially problematic place could be "signatures.get_cnonce()": how much important is to randomize a nonce each time?

Of course I'll show you my code, need some time to prepare it. Again thanks for your help.

@YeahNotSewerSide
Copy link
Owner

YeahNotSewerSide commented Feb 5, 2020

Yeahhh, "#Can be deleted, but meh..." was my little sarcastic joke, sorry :). You can allways use even that cnonce o5oorrrlBlbWKHRVuH7lBQdVCQEVKeXeTkAyA9H6FY8DT904sq , so it's not really necessary to randomise it every time, but Numbuster can start checking cnonce, so better randomise it at least ones, when program starts and use it for every request.
And again, sorry for "#Can be deleted, but meh...". "another_profiles_without_code" is the most important function in "request_sms_code" if you want, you can even delete v6_auth_get and v6_auth_agreement_code and use only "another_profiles_without_code"

@igornazarov1991
Copy link
Author

Ah, you don't need to say "sorry", I had to understand it was a joke :). Actually it doesn't matter, I'm implementing "another_profiles_without_code" now...

@igornazarov1991
Copy link
Author

"another_profiles_without_code" is successful, but sends empty response {}. Is it correctly? Should "another_profiles" be implemented as well?

@YeahNotSewerSide
Copy link
Owner

That's correct, api just sends back empty response. "another_profiles_without_code" is the only one function that requests sms from server, so nope, you don't need to implement "another_profiles"

@igornazarov1991
Copy link
Author

So, If I understand correctly, "another_profiles_without_code" is the only method which is required to receive SMS, right? This function is very simple and actually it is a POST HTTP request to URL "https://api.numbuster.com/api/old4a27f7a4025447ee5560a49bc5bcde34/profiles/without-code" with body {"phone" : "xxxxxxxxxx"}.

@YeahNotSewerSide
Copy link
Owner

Correct. Don't forget about headers: 'User-Agent'='okhttp/3.9.1'
and 'Content-Type'='application/x-www-form-urlencoded' ,just in case...

@igornazarov1991
Copy link
Author

Decided to send this API request using Postman - the same result: response is empty, but there is no code. It makes me crazy.

@igornazarov1991
Copy link
Author

Is it ok that a part of URL "https://api.numbuster.com/api/old4a27f7a4025447ee5560a49bc5bcde34/profiles/without-code" is a hardcoded string "old4a27f7a4025447ee5560a49bc5bcde34"?

@YeahNotSewerSide
Copy link
Owner

Yeah, that's real url for request, I don't know what '4a27f7a4025447ee5560a49bc5bcde34' exactly means(probably md5 hash, because that's obviously bytes), but it doesn't matter.

@YeahNotSewerSide
Copy link
Owner

So yeah, answer for your question. Yes, that's hardcoded string in Numbuster's app.

@igornazarov1991
Copy link
Author

Can I send you an import from Postman for review?

@YeahNotSewerSide
Copy link
Owner

Yep.

@YeahNotSewerSide
Copy link
Owner

Or you can just post code to pastebin.

@igornazarov1991
Copy link
Author

@YeahNotSewerSide
Copy link
Owner

@igornazarov1991
Copy link
Author

I don't know why "=" is in the end of the url, this is another example of url for "v6_auth_agreement_code":

https://api.numbuster.com/api/v6/auth/agreement_code?&timestamp=1580920550&signature=d0796f9d0efe736e97079a21596df0b487bd4edd3f7f24279dd8cb49370b5538&cnonce=o5oorrrlBlbWKHRVuH7lBQdVCQEVKeXeTkAyA9H6FY8DT904sq

And yes, the "another_profiles_without_code" works and receives an empty response.

@YeahNotSewerSide
Copy link
Owner

So, all functions wrote correctly. Did you recieve sms code after calling "another_profiles_without_code"?

@igornazarov1991
Copy link
Author

No, and this is a problem.

@igornazarov1991
Copy link
Author

Are you able to send only "another_profiles_without_code" and receive an SMS?

@YeahNotSewerSide
Copy link
Owner

Yes, I checked recently. But there's realy big problem with Numbuter's server, it just doesn't send sms sometimes(I even tried to request sms from emulator, real phones, it doesn't help so much), try that numbers https://onlinesim.ru/en .

@YeahNotSewerSide
Copy link
Owner

I`v just checked, and Numbuster is updated there's one more function for registration, so I will reverse new version and update api.

@YeahNotSewerSide
Copy link
Owner

That's the reason, why server doesn't send sms code sometimes.

@igornazarov1991
Copy link
Author

Thanks! Waiting for updates.

@igornazarov1991
Copy link
Author

I saw you released a new version 2.2. The main update is "actual_cnonce" function. As we discussed before, the only function which is required to receive SMS is "another_profiles_without_code". If I understand correctly, this function hasn't been changed. So I am not sure how this update can fix the issue, probably I'm missing something?

@YeahNotSewerSide
Copy link
Owner

No, I just updated getting cnonce. BTW about new version of numbuster, now they check suspicios your request or not, and Numbuster's server always sends me "suspicios request". I even tried to register new account on my own phone number, with app running on my phone, that didn't solved the problem, I think there's huge bug on the Numbuster's server. If that's not a problem for you, can you please try to register new account in Numbuster(with phone or other devices)? That will really help me a lot.

@igornazarov1991
Copy link
Author

Do you mean registering a new account using their application (for instance, iOS Numbuster app)? If yes, my answer is yes, I can do this.

@YeahNotSewerSide
Copy link
Owner

YeahNotSewerSide commented Feb 6, 2020

Wow, that really helped me, because I was using only android devices and android app, after sending request with platform 'iOS', Numbuster sent back sms to phone. So it seems like there's problem only with Android.

(for instance, iOS Numbuster app)

@igornazarov1991
Copy link
Author

Hm, but again, "another_profiles_without_code" doesn't require to specify platform at all. Are you calling "v6_auth_get" and "v6_auth_agreement_code" as well?

@YeahNotSewerSide
Copy link
Owner

Only "v6_auth_get" requires it.

@YeahNotSewerSide
Copy link
Owner

And there's one more api function v6/auth/precheck, it's called after "v6_auth_get"

@igornazarov1991
Copy link
Author

Do you have this function only locally? It isn't pushed to the repo yet, right?

@YeahNotSewerSide
Copy link
Owner

I have just pushed it, so you can find "v6_auth_precheck" in file NumbusterAPI.py and in signatures.py -"signature_v6_auth_precheck".

@igornazarov1991
Copy link
Author

Thanks!

@igornazarov1991
Copy link
Author

Unfortunately, "v6_auth_precheck" sends me {"status_code":10023,"status":"suspicious_request","message":"Suspicious request","data":null}". Do you have the same issue now?

@YeahNotSewerSide
Copy link
Owner

Yes, I've been receiving the same data every time, but, after "v6_auth_precheck", I just called another_profiles_without_code and everything worked, I can't still understand what Numbuster classify as suspicious request, because I receive the same error on all my Android devices, so I think that's just a bug. So just call v6_auth_precheck, and it doesn't matter,now, what server sends back.

@cgrozev
Copy link

cgrozev commented Feb 22, 2020

Hi. I am constantly getting the "suspicious request" message while trying to get a confirmation sms. I tried my Austrian number, as well as virtual Russian numbers, with the same result Have you managed to somehow figure out what causes the rejection?

@YeahNotSewerSide
Copy link
Owner

Hi, unfortunately no.

@arturnex
Copy link

arturnex commented Apr 8, 2020

hi, the code needs to be updated. Authorization does not work.
if you have time, can you update it?

@kuzNRoman
Copy link

Hello! I think that your code need some changes now. It doesn't work now. It's obvious, of course, because you haven't updated it.
Is it possible for you - to make some changes? I can help you or we can find another solution to this problem?
Thank you

@iGusev
Copy link

iGusev commented Aug 16, 2021

Hello! I think that your code need some changes now. It doesn't work now. It's obvious, of course, because you haven't updated it.
Is it possible for you - to make some changes? I can help you or we can find another solution to this problem?
Thank you

@kuzNRoman Tell me what you would like to change

If you need access to api for business, please contact us corp@numbuster.com

@YeahNotSewerSide
Copy link
Owner

Hello! I think that your code need some changes now. It doesn't work now. It's obvious, of course, because you haven't updated it.
Is it possible for you - to make some changes? I can help you or we can find another solution to this problem?
Thank you

Hello, sorry but I don't have plans on updating api in nearest future.

@YeahNotSewerSide
Copy link
Owner

YeahNotSewerSide commented Aug 23, 2021

hi, the code needs to be updated. Authorization does not work.
if you have time, can you update it?

not soon, but I will take a look later, so do not expect any changes in nearest future.

@dedfft
Copy link

dedfft commented Jun 16, 2022

Could you please tell, where did you find 0woz2wTimes9izs0vFQjLmwqqSzAPNFtmWNcbOL6xJva5Molyb sol inapp? Can't find that string or how app makes hash in old version. But in new version, i can be found by string

@YeahNotSewerSide
Copy link
Owner

Could you please tell, where did you find 0woz2wTimes9izs0vFQjLmwqqSzAPNFtmWNcbOL6xJva5Molyb sol inapp? Can't find that string or how app makes hash in old version. But in new version, i can be found by string

I found it, when I was tracing calls to the cryptography library.

Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Labels
None yet
Projects
None yet
Development

No branches or pull requests

7 participants