Skip to content

Latest commit

 

History

History
109 lines (54 loc) · 5.8 KB

README.md

File metadata and controls

109 lines (54 loc) · 5.8 KB

Akamai Bot Manager Wiki

A great wiki to share and learn about Akamai Bot Manager for Devs. Feel free to talk here : Discussions channel

Structure

image

Cookie generation

We can see through this gist that most of the cookies generated by Akamai use math but are also based on a lot of device information (battery, screen size, etc.). All this information is provided by the browser. image

It also check that the navigator is not powered by a webdriver like selenium. image

Source: Akamai deobfuscated JavaScript by AnderRV

Usage/Examples

import requests as s


headers = {"put some headers"}


# Initial requests to get appropriate cookie on the main page

request_get = s.get("https://google.com/" headers=headers)


# Final requests with the cookies


requests_post = s.post("https://google.com/login" headers=headers, cookie=request_get.cookie)

# Note that cookies may also be in the headers.
# Note also that cookie may contains date or time and can be rejected if the time doesn't match.

Cookie Wiki

Name Value Required Description
s_vi ? Yes Akamai cookie, used to identify unique visitors, with an ID and timestamp
s_fid xxxxxxxxxxxxxxxx-xxxxxxxxxxxxxxxx Yes This cookie name is associated with the analytics service provided by Adobe's Site Catalyst
product suite, containing a randomly generated, unique id.
_abck too long to paste + can contains sensitive data Yes This cookie is used to know information about the computer and prove it is a real browser.
s_sq uri_format Yes This cookie is necessary to track the URL of the page the user was on during requests.
bm_sv [\s\S] Yes Cookie used by Akamai Bot Manager to differentiate between human-generated and bot-generated
web requests.
ak_bmsc ? No Cookie used to optimize performance and improve user experience on Akamai websites. Not required
for login but recommended not to delete.
aic_authui_{customer_id} aic_authui_{customer_id} Yes Unique identifier for the authentication session, where {customer_id} is replaced with the
aic_authui_e0a70b4f-1eef-4856-bcdb-f050fee66aae specific customer ID. Either this or the corresponding {customer_id} cookie is required for
login; deleting both will result in login failure.
{customer_id} e0a70b4f-1eef-4856-bcdb-f050fee66aae Yes Unique identifier for the authentication session, typically used with aic_authui_{customer_id}
to validate login sessions.

Error Code Wiki

403 : Forbidden -> Cookie / Headers doesn't match or doesn't work. 428 : Same Requests repeated -> Crypto Challenge Timeout : Incorrect Cookie or not cookie at all.

Documentation

Cookie Manager Documentation by Akamai

Javascript Generator Cookie Process by AnderRV

Related

Here are some related projects:

Outdated Cookie Generator in Golang

Outdated Cookie Generator in TypeScript

Disclaimer: Educational Information and Non-responsibility Notice

Please note that I am not responsible for the accuracy or reliability of the information provided about Akamai Technologies or any other topic discussed here. It's always recommended to verify information from reliable sources for any critical decisions or actions. Additionally, I am not liable for any illegal activities conducted based on the information provided here; this content is purely educational and should not be construed as legal advice or encouragement to engage in illegal activities.

Authors