scaev/find_api_valid_lot.py

#!/usr/bin/env python3
"""Find API endpoint using a valid lot from database"""
import asyncio
import sqlite3
from playwright.async_api import async_playwright

# Get a valid lot URL
conn = sqlite3.connect('/mnt/okcomputer/output/cache.db')
cursor = conn.execute("SELECT url FROM lots WHERE url LIKE '%/l/%' LIMIT 5")
lot_urls = [row[0] for row in cursor.fetchall()]
conn.close()

async def main():
    async with async_playwright() as p:
        browser = await p.chromium.launch(headless=True)
        page = await browser.new_page()

        api_calls = []

        async def log_response(response):
            url = response.url
            # Look for API calls
            if ('api' in url.lower() or 'graphql' in url.lower() or
                '/v2/' in url or '/v3/' in url or '/v4/' in url or
                'query' in url.lower() or 'mutation' in url.lower()):
                try:
                    body = await response.text()
                    api_calls.append({
                        'url': url,
                        'status': response.status,
                        'body': body
                    })
                    print(f"\nAPI: {url}")
                except:
                    pass

        page.on('response', log_response)

        for lot_url in lot_urls[:2]:
            print(f"\n{'='*60}")
            print(f"Loading: {lot_url}")
            print(f"{'='*60}")

            try:
                await page.goto(lot_url, wait_until='networkidle', timeout=30000)
                await asyncio.sleep(2)

                # Check if page has bid info
                content = await page.content()
                if 'currentBid' in content or 'Current bid' in content or 'Huidig bod' in content:
                    print("[+] Page contains bid information")
                    break
            except Exception as e:
                print(f"[!] Error: {e}")
                continue

        print(f"\n\n{'='*60}")
        print(f"CAPTURED {len(api_calls)} API CALLS")
        print(f"{'='*60}")

        for call in api_calls:
            print(f"\n{call['url']}")
            print(f"Status: {call['status']}")
            if 'json' in call['body'][:100].lower() or call['body'].startswith('{'):
                print(f"Body (first 500 chars): {call['body'][:500]}")

        await browser.close()

if __name__ == "__main__":
    asyncio.run(main())