Disclaimer: While these scripts mimic the behaviour of the official app(s) and only interact in with the API in a read-only manner, they may still violate the Warframe or Digital Extremes EULA/TOS and any usage of them is at your own risk.
This repo contains some scripts and tool written while reverse-engineering the Warframe Mobile API. This currently is limited to authentication and the IRC-based chat.
Most of the work was done with Ghidra for reversing the native code and jadx to look at the Java bindings. Beyond that it's mostly been Frida to hook into both native and Java code. See the scripts/
folder for more information.
Included are the following things right now:
api/
login.py
- little helper to illustrate how to login into your account and fetch basic infosign_request.py
- Python implementation for web request signingREADME
contains some more information about the API
irc/
hexchat/
hexchat_disablelogin.patch
- Disables automatic login in HexChat (required to use plugin)hexchat_plugin.py
- HexChat script to handle Warframe server login (requires manually filling in some info)
irc_password.py
- Python implementaion of the IRC password derivation algorithm`README
contains additional information about the Warframe IRC and custom authentication system
scripts/
decrypt_resources.py
- decrypt JavaScript of the app's embedded web UIfrida_utilities.py
- Frida script with large amount of hooks for obtaining keys, disable SSL verification, etc.README
contains additional information on how the frida script works and how to intercept the app's traffic for inspection
twitch/
arsenal.py
- Script to fetch loadout information for users that have enabled loadout sharing for the arsenal extension