1

I am sending a request with the python requests module. I am sending a password to a google account and I am trying to test if the password is correct. What Im trying to do is send a request to a google account (specifically the password) and see if it is incorrect or correct. Something like this

import requests

url = "https://accounts.google.com/_/signin/challenge?hl=en&TL=AM3QAYYAJTV2Rk9VLpHkVyzIm_dvd2rfL_iesxv3mdEp8ROzj4dS7-stAZLHA5jH&_reqid=147299&rt=j"

data = {
    "ifkv": "AU9NCcyDvQcP7mxMnmcRIr8sQgZ1sjYwtVz619gM17KuLjEb-PXDkhudvXPh-0lHSUaeFZFYOaaLDg",
    "continue": "https://www.google.com/?hl=en-US&authuser=2",
    "hl": "en",
    "f.req": '["AEThLlzBETPgqvfWZqupcOZCCZjboZRguZI4FLwrnyOXtjR7Vxl3zsK0_xoeP3sZCJjbXUirN4jesiR-aCZGK2ibIP_LWcU_NDyt5cPpiBg6KdWRew2A3tl1xPcam-imC5DsVInnD54kZ6lY6bK02M-LGo0YD8s-AbmqDg78GU8yt661DYQkH90Yp4Q2dEp91QaxUH0NEkr1y1zTYbN_oQzpmqkeGoinQt-QhRcXQEJxjQdb4ft-m2g3xCFs1VERtMt98hpKQiR00ytBfVhjIKmzQiTbDLSzfhY6sNrYdqZtuxixnKtXLb3nYvoYY9NhkY0SRp8XVKF6rInCtfCrzZd9wlMgY1Yn8Uek25_wNLotTM4blffQXBM3H8xMj1uI7u6H-4Lxu7siT-w73ixUR9nAOaV9NX2V-dEvTgrG1CvkAeQqfwP9-1pV70SO4YVnG5u2SkVF9MhMOkuPx9IMP364ll1JKwwp4zMI2wPRVTc4EFYYZrx4tPxIIHMoVo8i5DJEfBCTWdkNfrZc3K2VFNjbJSfusGLoUdaCKNQRPqWRrhDgcv3ns0oLTsf7uotu4AFEUZW9IUbdpHEtCrfBp3HcmV3W64xapHRPjARS9LUY8oyW21za47eJPHhEgA1A_xSbEYJVuZlSh9qkUkpV_O098iMjTJui2_TqNP73ULM-vABvJVqNeqm62UbBnlmXfA-YE4iVikXtHUS8hUltFFERtIQFEGPvcoQanMp2Tmlens305395y6OkFkh_P7KvN1S479IJtHtyWBCjj2tuvmyRMkgdZ_41GNv75axp6Z5qfoB3wHYGJMwigAb2X_1EyGAvR_x5um6rKixEk0gxbfuJKxmb_M5F5QbV9mqIMCh28c1Li4MGrr5QNn2vkki0pz9lpgfstO_JMomyxNmpyCvyQiybGyL8jkah5Szoh506v03IOpIY0w4-gNwaI7jM8YjTzFzxDbOq7EHiIyf-FZhp8KObDeaFDQkHH01f3eScNaF6nwMCgxi-zGuc_m560Hd-KtibOr8b",null,1,null,[1,null,null,null,["asd",null,true]]]',
    "bgRequest": '["identifier","<_jJqMn8CAAa4w6ckuMON8dS2w0UDZI70ACkAIwj8Rm9120_FMecmAHE2_001Jum-u__T3RiKDE3L2Pjm9w84SdDDH80AAACcnQAAACanAQdWBVmTK72KnxQhEoGc_N8OmhUFlhlVwQf4HFpkeSBYHkaiRODvtroOa2vZZfGGqLEQs4CYM54Fw3B1QLO-4Warabpq6THEf-9HEl2qFrUnSYa_nh9sgySEuMrTqtF16Ob5_aPoE-adHJUj-30S6h6Gh1Qpq3cIqqNbniegIw_m8W93sBMw2sp6ln2sOSilYjNGVZPaSMYaRMkGswZHCEEsaiu4ySp9J5dfuWILJoxo1qXTQNpxTZo0koU340HsbPFIS7p7A6sUrKBEBlNDeIEi-kLCpSd3uHIPdNaX_dgXkyUKErYHUBW3rbUUsXjQxfqjXN6Wabe22InUvTGM74mwRGS9wattdDKSKTBxwZxzJ9NwqQz4yCrXN_fZZoCuxy7EWOR425ZXWKqKUFDTkWf2WPbTcCrMBxc5lqXA1hTrJ8IRH3OY6t-dKR82V6XYkJqXqI7cUO8c1aOT9ZnbNnziQbFU_yUVQuORbWyB8B50usaETdjL0cSnTLrDS9hOHU63zKwv5gnefo9_06NiLMcsOKg_vDQeCAqaMFIZ8WlmHC5UdMAsoHoY2pN6ddvkWqnkiJEaAMZ_XPtdnt3zip0toIX9cXKEWK3Ul_U7nrL-Ajc-01aL-4LFjGMoVtRKFPnSMtAp0MC1MzuBjSkUYMhxVlIJCBguHjXRvQC0L3QVCL0a2mwOI-JxnXD9_uFFm0PhLfdIAFi5Qh7HHMF7DVmD_wnD9pqhbku5fHiBHEOgZ-qgaVnp68l4q4oRuD8qCcGyrRhmKNcA-X6pQ8vGr8U0spexUKaXE2oX1VYHN2HO7zSgK12zIuIOKqY8oB_HHm16U4fkP96eIiiJgo6eMTqOwKTwUaeLeJGtOtXzCTr6_gf1RYgcQJVfNrUsq9GDksf6BBNjax0W8e8m01GLIp5_JUAn2wJsOVrAv2xWwCf8QePFltNb8WTwUfyDevIYmvaNqLwE7pNme8YG8lR7VFMHMcZcMjodreOm0pmXRUFoqtd-AHBXDQKgCV4VTQh1JpaukWbiezJtKS-NpvdKt9kF5V1qpMkdPV7hXHrmeN7mqsGabKqmY46p3pm08iGyFLIgi5B7xKwXmf6-t12DAx2py307tuwWmuMj2LnQL6lwd-hRIE26LoGtVFdixrVUxDD0-b-8aoDH2-AnJnBSXEqIgZ_QtGMthv4R5njD2Pb0j3HqvGFTxvHUwkooOxF-_hurfE8MWN7g565ZzToAU-YWFU6XNoo6PBNqRdNQ8jQWmDtrnqjP2pQ2qQhxU4o46_cKCW4QxftrcTEFcqYtWpoMu7uoYZ_pF0c-WijiGIGp0dxHULc5LRPGVFg3tq2SuoWX-ZKJuntM2OYq2OehrxMSy8Jnbl8XnmHWjg3Gof0NmvyJzc5KH5pgTXfCeYVx9MHBfAmDt_vpqY3VUyFulwHylYScS1nyvkfdUA5MJjDdOovWqzXJszO1yCpj6zqBXMyQTGGjFYrXjivoXF4FXuGtdL392X5XUXQynTRW272EdYv_5hqQX0ZWP22SBfHvlsbtdNij9NW_PUjVpGjI4V_UZYHXtnvjRo2C5vyUH-cIZ1lSwyFTdYpm3hWAu6bkDQFdtystdd8e4Bv3U5iuRpBaisoCjg1zUhBs3by9G5guhxPhvMiDLceUOejLYqI-jbHdvYua9mjhbloppFYBIGLJSQzrCiQbxoUyOn7I7VT2g1TXtU9ocaQ2GIhlPnrgrJoNZCqTAFfYQ_bItFI48aNqP4TxZUZbdI2_nPPf-l8e2-psoLOcWSzVfaMx3m5YNR-g34wXHTMWMZvw4_fq4OmWcEwiMf-4pczD9WZR"]',
    'bghash': "ROtW1CCVGOr0w7MvmUBsLpVxox5AtfSjmXP93SJ5VZ4",
    "azt": "AFoagUVFIqGyE2IWUipeF8VEovA7Ief2qA:1640898496602",
    "cookiesDisabled": "false",
    "deviceinfo": '[null,null,null,[],null,"US",null,null,null,"GlifWebSignIn",null,[null,null,[],null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,[5,"77185425430.apps.googleusercontent.com",["https://www.google.com/accounts/OAuthLogin"],null,null,"625361be-f220-4aa2-9e73-423c4bffb681",null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,5,null,null,[],null,null,null,null,[]],null,null,null,null,null,null,[],null,null,null,null,[]],null,null,null,null,1,null,false,1,""]',
    "gmscoreversion": "undefined",
    "checkConnection": "youtube:189:0",
    "checkedDomains": "youtube",
    "pstMsg": '1'
}

response = requests.post(url, data=data)

print(response.text.encode())

and it should return something like this

password is incorrect

I and look at the "f.req" at the very end of that line. it says the password (I think) which is "asd" next to some nulls. The asd is the incorrect password. What im trying to do is test if that password is incorrect, and if it is, it will return like incorrect password, and if it is correct, it will return correct password. Can someone please help me because I dont know how to test if it is incorrect or correct.

coder lol
  • 49
  • 6
  • have you checked what is the returned content? maybe you can use `BeautifulSoup` to see if the password was correct, but it kinda seems a bit suspicious that you want to do that and Google (and other large companies) don't like that some send their requests like this, you should use their API – Matiiss Dec 30 '21 at 22:20
  • @Matiiss Im just doing it for educational purposes, and where can I find the response content? – coder lol Dec 30 '21 at 22:28
  • Whether or not it's for "educational purposes" doesn't matter. It's breaking a service's terms of use, so it may or may not be possible to get around their efforts to prevent people from doing exactly that. – MattDMo Dec 30 '21 at 22:34
  • maybe you could use a Web- Driver https://stackoverflow.com/questions/21186327/fill-username-and-password-using-selenium-in-python – DanielGzgzz May 21 '22 at 01:26

0 Answers0