Ecosyste.ms: Awesome
An open API service indexing awesome lists of open source software.
https://github.com/prakhardoneria/magic-studio-reverse-engineered-api
This Python script demonstrates how to send a POST request to the MagicStudio AI Art Generator API to generate an image based on a specified prompt. The script uses the requests library to interact with the API and the PIL library to handle the image.
https://github.com/prakhardoneria/magic-studio-reverse-engineered-api
pillow python python3 requests reverse-engineering text-to-image
Last synced: 21 days ago
JSON representation
This Python script demonstrates how to send a POST request to the MagicStudio AI Art Generator API to generate an image based on a specified prompt. The script uses the requests library to interact with the API and the PIL library to handle the image.
- Host: GitHub
- URL: https://github.com/prakhardoneria/magic-studio-reverse-engineered-api
- Owner: PrakharDoneria
- Created: 2024-05-17T09:38:16.000Z (8 months ago)
- Default Branch: main
- Last Pushed: 2024-08-18T04:01:38.000Z (5 months ago)
- Last Synced: 2024-12-19T21:53:03.074Z (22 days ago)
- Topics: pillow, python, python3, requests, reverse-engineering, text-to-image
- Language: Python
- Homepage: https://magic-studio-sepia.vercel.app
- Size: 909 KB
- Stars: 1
- Watchers: 1
- Forks: 1
- Open Issues: 0
-
Metadata Files:
- Readme: README.md
Awesome Lists containing this project
README
# Magic Studio Reverse Engineered API
## Overview
This Python script demonstrates how to send a POST request to the MagicStudio AI Art Generator API to generate an image based on a specified prompt. The script uses the `requests` library to interact with the API and the `PIL` library to handle the image.
## Prerequisites
- Python 3.x
- `requests` library
- `Pillow` library
You can install the required libraries using pip:
```sh
pip install requests pillow
```
## Reverse Engineering Insights
### What We Did
- **Analyzed Browser Requests**: We inspected the requests sent by the browser to the API endpoint using developer tools in a web browser.
- **Reproduced Headers and Payload**: We copied the headers and data payload from the browser's network requests to our script to mimic the browser's behavior.
- **Sent Requests Programmatically**: We used the `requests` library to send HTTP requests with the same headers and payload to the API.
### Server Fix Suggestions
To prevent reverse engineering and unauthorized use, the server can implement several measures:
1. **API Key Authentication**: Require an API key for all requests. Validate the key and limit its usage based on user or IP address.
2. **Rate Limiting**: Implement rate limiting to prevent abuse by limiting the number of requests per user/IP per minute/hour.
3. **HMAC Signatures**: Use HMAC (Hash-based Message Authentication Code) to sign requests. The server verifies the signature to ensure the request's authenticity.
4. **IP Whitelisting**: Allow requests only from a list of trusted IP addresses.
5. **CAPTCHA**: Integrate CAPTCHA in the request process to prevent automated scripts from accessing the API.
6. **Dynamic Request Parameters**: Include dynamic parameters such as nonces or tokens that change with each request and are validated server-side.
By implementing these measures, the server can better protect the API from unauthorized access and ensure that only legitimate users are able to generate images.