Setting a new password for 2FA

[88ee55]

No set password for 2FA

r = self.tgclient(account.UpdatePasswordSettingsRequest(password_hash, password_new))
  File "/usr/lib64/python3.5/site-packages/telethon/telegram_client.py", line 243, in invoke
    retries=kwargs.get('retries', 5)
  File "/usr/lib64/python3.5/site-packages/telethon/telegram_bare_client.py", line 338, in invoke
    raise request.rpc_error
telethon.errors.rpc_errors.RPCError: INPUT_FETCH_ERROR (code 400)

       r = self(account.GetPasswordRequest())
        r = r.new_salt
        password = ''
        password_hash = get_password_hash(password, r)
        pw_new = 'secret'
        password_new_hash = get_password_hash(pw_new, r)
        password_new = PasswordInputSettings(new_salt=r, new_password_hash=password_new_hash)
        r = self(account.UpdatePasswordSettingsRequest(password_hash, password_new)) 

More information

centos 7 x64
python 3.5.2
telethon 0.13.4

[Lonami]

INPUT_FETCH_ERROR, that's new. Checking https://rpc.pwrtelegram.xyz/?description_for=INPUT_FETCH_ERROR out, we see:

{"ok":true,"result":"An error occurred while deserializing TL parameters"}

So… something went wrong there. I've never tried those requests myself so no idea.

[Lonami]

I found this after a while looking.

[88ee55]

i added 'hint'
password_new = PasswordInputSettings(new_salt=r, new_password_hash=password_new_hash' hint='hint')
and changed 'current_password_hash'
r = self.tgclient(account.UpdatePasswordSettingsRequest(current_password_hash=bytes(0), new_settings=password_new)

r = self.tgclient(account.GetPasswordRequest())
salt = r.new_salt
pw = 'secret'
pw_byte = pw.encode("UTF-8")
pw_salt = salt + pw_byte + salt
pw_hash = sha256(pw_salt).digest()
password_new = PasswordInputSettings(new_salt=salt, new_password_hash=password_new_hash, hint='hint')
r = self.tgclient(account.UpdatePasswordSettingsRequest(current_password_hash=bytes(0), new_settings=password_new)

get error NEW_SALT_INVALID

  File "/usr/lib64/python3.5/site-packages/telethon/telegram_client.py", line 263, in invoke
    retries=kwargs.get('retries', 5)
  File "/usr/lib64/python3.5/site-packages/telethon/telegram_bare_client.py", line 340, in invoke
    raise request.rpc_error
telethon.errors.rpc_errors.RPCError: NEW_SALT_INVALID (code 400)

[Lonami]

Did you try using salt = r.current_salt instead? Then, new_salt=r.new_salt, just a guess.

[88ee55]

account.GetPasswordRequest()
return
NoPassword: {email_unconfirmed_pattern: '', new_salt: b'\xfd:\x03\x06Ij\xeeV'}

[Lonami]

Hm… Besides, I noticed the salt is 8 bytes long, and you're using bytes(0).

[Lonami]

Also check this code:

if (!silent) {
    passwordEntered = currentPassword != null || response instanceof TLRPC.TL_account_noPassword;
}
currentPassword = (TLRPC.account_Password) response;
waitingForEmail = currentPassword.email_unconfirmed_pattern.length() > 0;
byte[] salt = new byte[currentPassword.new_salt.length + 8];
Utilities.random.nextBytes(salt);
System.arraycopy(currentPassword.new_salt, 0, salt, 0, currentPassword.new_salt.length);
currentPassword.new_salt = salt;

[88ee55]

EXCELLENT!

r = self.tgclient(account.GetPasswordRequest())
salt_new = r.new_salt
salt_random = os.urandom(8)
salt = salt_new + salt_random
pw = 'secret'
pw_byte = pw.encode("UTF-8")
pw_salt = salt + pw_byte + salt
pw_hash = sha256(pw_salt).digest()
password_new = PasswordInputSettings(new_salt=salt, new_password_hash=pw_hash, hint='hint')
r = self.tgclient(account.UpdatePasswordSettingsRequest(current_password_hash=salt, new_settings=password_new)

[Lonami]

It works?

[88ee55]

yes

[Lonami]

Awesome, would you like to write a wiki page for that yourself? Make a pull request with example code? Otherwise, I can do that for you, just saying this so that you can become a contributor. Glad you solved it.

[88ee55]

better you write a wiki
my English is poor (

[Lonami]

Okay then I will do it)