Upload files to ''
This commit is contained in:
parent
85f3be342b
commit
0216b3c2b4
20
package.json
Normal file
20
package.json
Normal file
@ -0,0 +1,20 @@
|
|||||||
|
{
|
||||||
|
"name": "akamai",
|
||||||
|
"version": "1.0.0",
|
||||||
|
"description": "",
|
||||||
|
"main": "server.js",
|
||||||
|
"scripts": {
|
||||||
|
"test": "echo \"Error: no test specified\" && exit 1",
|
||||||
|
"start": "node server.js"
|
||||||
|
},
|
||||||
|
"repository": {
|
||||||
|
"type": "git",
|
||||||
|
"url": "git+https://github.com/xsploited/akamai.git"
|
||||||
|
},
|
||||||
|
"author": "Moony",
|
||||||
|
"license": "ISC",
|
||||||
|
"bugs": {
|
||||||
|
"url": "https://github.com/xsploited/akamai/issues"
|
||||||
|
},
|
||||||
|
"homepage": "https://github.com/xsploited/akamai#readme"
|
||||||
|
}
|
139
sensorData.js
Normal file
139
sensorData.js
Normal file
@ -0,0 +1,139 @@
|
|||||||
|
/*
|
||||||
|
* ByePASS by Moony
|
||||||
|
* Version 1.0.0
|
||||||
|
* This file processes and decrypts the sensor data.
|
||||||
|
*/
|
||||||
|
|
||||||
|
const request = require('request');
|
||||||
|
var beautify = require('js-beautify').js;
|
||||||
|
|
||||||
|
module.exports = {
|
||||||
|
grab: (urls, cocaine, hostName, callback) => {
|
||||||
|
url = new URL(urls);
|
||||||
|
getUrl = hostName ? `${url.protocol}//${url.hostname}` : urls;
|
||||||
|
request.get(getUrl, {
|
||||||
|
headers: {
|
||||||
|
ACCEPT: 'text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9',
|
||||||
|
'ACCEPT-ENCODING': 'gzip, deflate, br',
|
||||||
|
'ACCEPT-LANGUAGE': 'en-US,en;q=0.9',
|
||||||
|
'HOST': url.hostname,
|
||||||
|
'SEC-FETCH-MODE': 'navigate',
|
||||||
|
'SEC-FETCH-SITE': 'none',
|
||||||
|
'SEC-FETCH-USER': '?1',
|
||||||
|
'UPGRADE-INSECURE-REQUESTS': 1,
|
||||||
|
'USER-AGENT': 'Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.117 Safari/537.36',
|
||||||
|
cookie: cocaine
|
||||||
|
},
|
||||||
|
encoding: null,
|
||||||
|
gzip: true,
|
||||||
|
jar: request.jar()
|
||||||
|
}, (err, resp) => {
|
||||||
|
if (err != null) {
|
||||||
|
console.log(err);
|
||||||
|
} else {
|
||||||
|
let pattern = /var _cf = _cf.*?><script type=".*? src=\"(.*?)\"/g;
|
||||||
|
let match = pattern.exec(resp.body);
|
||||||
|
if (match[1]) {
|
||||||
|
let scriptUrl = `${url.protocol}//${url.hostname}${match[1]}`
|
||||||
|
getScript(scriptUrl, (e) => { return callback({err: false, d: e, url: scriptUrl }); });
|
||||||
|
}
|
||||||
|
else
|
||||||
|
return callback({err: true, d:"Couldn't find akamai script."});
|
||||||
|
}
|
||||||
|
});
|
||||||
|
},
|
||||||
|
/* grabScriptUrl: (urls, cocaine, callback) => {
|
||||||
|
console.log(urls)
|
||||||
|
url = new URL(urls);
|
||||||
|
request.get(url, {
|
||||||
|
headers: {
|
||||||
|
ACCEPT: 'text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng;q=0.8,application/signed-exchange;v=b3;q=0.9',
|
||||||
|
'ACCEPT-ENCODING': 'gzip, deflate, br',
|
||||||
|
'ACCEPT-LANGUAGE': 'en-US,en;q=0.9',
|
||||||
|
'HOST': url.hostname,
|
||||||
|
'SEC-FETCH-MODE': 'navigate',
|
||||||
|
'SEC-FETCH-SITE': 'none',
|
||||||
|
'SEC-FETCH-USER': '?1',
|
||||||
|
'UPGRADE-INSECURE-REQUESTS': 1,
|
||||||
|
'USER-AGENT': 'Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.117 Safari/537.36',
|
||||||
|
cookie: cocaine
|
||||||
|
},
|
||||||
|
encoding: null,
|
||||||
|
gzip: true,
|
||||||
|
jar: request.jar()
|
||||||
|
}, (err, resp, bd) => {
|
||||||
|
if (err != null) {
|
||||||
|
console.log(err);
|
||||||
|
} else {
|
||||||
|
let pattern = /var _cf = _cf.*?><script type=".*? src=\"(.*?)\"/g;
|
||||||
|
let match = pattern.exec(resp.body);
|
||||||
|
if(!match) return callback(null);
|
||||||
|
return callback(`${url.protocol}//${url.hostname}` + match[1]);
|
||||||
|
}
|
||||||
|
});
|
||||||
|
} */
|
||||||
|
};
|
||||||
|
|
||||||
|
function replaceStuff(script, url, protocol)
|
||||||
|
{
|
||||||
|
script = script.replace(`bmak["pen"] = window["_phantom"] ? 1 : 0, bmak["wen"] = window["webdriver"] ? 1 : 0, bmak["den"] = window["domAutomation"] ? 1 : 0`, `bmak["pen"] = 0, bmak["wen"] = 0, bmak["den"] = 0`);
|
||||||
|
script = script.replace(`a = window["\$cdc_asdjflasutopfhvcZLmcfl_"] || document["\$cdc_asdjflasutopfhvcZLmcfl_"] ? "1" : "0";`, `"0"`);
|
||||||
|
script = script.replace(`t = null != window["document"]["documentElement"]["getAttribute"]("webdriver") ? "1" : "0"`, `t = null != "0";`);
|
||||||
|
script = script.replace(`e = void 0 !== navigator["webdriver"] && navigator["webdriver"] ? "1" : "0";`, `e = void 0 !== "0";`);
|
||||||
|
script = script.replace(`n = void 0 !== window["webdriver"] ? "1" : "0";`, `n = void 0 !== "0";`);
|
||||||
|
script = script.replace(`o = void 0 !== window["XPathResult"] || void 0 !== document["XPathResult"] ? "1" : "0";`, `o = void 0 !== "0";`);
|
||||||
|
script = script.replace(`m = null != window["document"]["documentElement"]["getAttribute"]("driver") ? "1" : "0";`, `m = null != "0";`);
|
||||||
|
script = script.replace(`return r = null != window["document"]["documentElement"]["getAttribute"]("selenium") ? "1" : "0", [a, t, e, n, o, m, r]["join"](",")`, `return r = null != 0, [a, t, e, n, o, m, r].join(",");`);
|
||||||
|
script = script.replace(`return bmak["enReadDocUrl"] ? document["URL"]["replace"](/\\\\|"/g, "") : ""`, `return "${url}"`);
|
||||||
|
script = script.split(`document["location"]["protocol"]`).join(`"${protocol}"`)
|
||||||
|
script = script.split(`document["location"]["hostname"]`).join(`"${url}"`)
|
||||||
|
script = script.replace(`var o = "{"sensor_data":"" + bmak["sensor_data"] + ""}";`, `var o = \`{"sensor_data":"\` + bmak["sensor_data"] + \`"}\`;`)
|
||||||
|
script = script.replace(`t["fpValstr"] = e["replace"](/\\"/g, "\\\\"");`, `t["fpValstr"] = e["replace"](/\"/g, "\\\\\\\\\\"");`);
|
||||||
|
script = script.replace(`bmak["auth"] = ","auth" : "" + n + """, e["setRequestHeader"] && (e["setRequestHeader"]("Content-type", "application/json"), e["setRequestHeader"]("Authorization", "Basic " + n), bmak["auth"] = "");`, `bmak["auth"] = ",\\"auth\\" : \\"" + n + "\\"", e.setRequestHeader && (e.setRequestHeader("Content-type", "application/json"), e.setRequestHeader("Authorization", "Basic " + n), bmak["auth"] = "");`);
|
||||||
|
script = script.replace(`var o = "{"session_id" : "" + bmak["session_id"] + "","sensor_data" : "" + bmak["sensor_data"] + """ + bmak["auth"] + "}";`, `var o = "{\\"session_id\\" : \\"" + bmak["session_id"] + "\\",\\"sensor_data\\" : \\"" + bmak["auth"] + "\\"" + bmak["auth"] + "}";`)
|
||||||
|
return script;
|
||||||
|
}
|
||||||
|
|
||||||
|
function getScript(url, cb)
|
||||||
|
{
|
||||||
|
var uri = new URL(url);
|
||||||
|
request.get(url, {
|
||||||
|
headers: {
|
||||||
|
ACCEPT: 'text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9',
|
||||||
|
'ACCEPT-ENCODING': 'gzip, deflate, br',
|
||||||
|
'ACCEPT-LANGUAGE': 'en-US,en;q=0.9',
|
||||||
|
'HOST': uri.hostname,
|
||||||
|
'SEC-FETCH-MODE': 'navigate',
|
||||||
|
'SEC-FETCH-SITE': 'none',
|
||||||
|
'SEC-FETCH-USER': '?1',
|
||||||
|
'UPGRADE-INSECURE-REQUESTS': 1,
|
||||||
|
'USER-AGENT': 'Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.117 Safari/537.36',
|
||||||
|
cookie: ''
|
||||||
|
},
|
||||||
|
gzip: true
|
||||||
|
}, (err, resp) => {
|
||||||
|
if (err != null) {
|
||||||
|
console.log(err);
|
||||||
|
}
|
||||||
|
else {
|
||||||
|
let pretty = beautify(resp.body, { indent_size: 2, space_in_empty_paren: true, unescape_strings: true });
|
||||||
|
|
||||||
|
let arrayPattern = /var _ac = (\[.*?])/g;
|
||||||
|
|
||||||
|
let array = arrayPattern.exec(pretty)[1];
|
||||||
|
let _ac = eval(array);
|
||||||
|
|
||||||
|
let pattern = /_ac\[([0-9]+)\]/g;
|
||||||
|
|
||||||
|
var matches;
|
||||||
|
while (matches = pattern.exec(pretty)) {
|
||||||
|
pretty = pretty.split(matches[0]).join(`"${_ac[matches[1]]}"`)
|
||||||
|
}
|
||||||
|
|
||||||
|
pretty = pretty.replace(array, '[]')
|
||||||
|
pretty = replaceStuff(pretty, uri.hostname, uri.protocol);
|
||||||
|
|
||||||
|
return cb(pretty)
|
||||||
|
}
|
||||||
|
});
|
||||||
|
}
|
496
server.js
Normal file
496
server.js
Normal file
@ -0,0 +1,496 @@
|
|||||||
|
/*
|
||||||
|
* ByePASS by Moony
|
||||||
|
* Version 1.0.0
|
||||||
|
* This file file handles the API on the web server.
|
||||||
|
*/
|
||||||
|
|
||||||
|
const express = require('express');
|
||||||
|
const bodyParser = require('body-parser');
|
||||||
|
const sensor = require('./src/sensorGather');
|
||||||
|
const bcrypt = require('bcrypt');
|
||||||
|
const crypto = require('crypto');
|
||||||
|
const fs = require("fs");
|
||||||
|
const whitelist = require('./whitelist.json');
|
||||||
|
const uuid = require('uuid/v1');
|
||||||
|
const WebSocket = require('ws');
|
||||||
|
const request = require('request');
|
||||||
|
const cookieParser = require('cookie-parser');
|
||||||
|
const db = require('better-sqlite3')('database.db');
|
||||||
|
const virtualization = require('./src/virtualization');
|
||||||
|
const scriptCache = require('./cache.json')
|
||||||
|
const app = express();
|
||||||
|
const jsdom = require("jsdom");
|
||||||
|
const { JSDOM } = jsdom;
|
||||||
|
|
||||||
|
process.on('uncaughtException', (err) => {});
|
||||||
|
|
||||||
|
app.set('view engine', 'ejs');
|
||||||
|
app.use(bodyParser.json());
|
||||||
|
app.use(cookieParser());
|
||||||
|
app.use(express.static('./public'));
|
||||||
|
|
||||||
|
app.use((req, res, next) => {
|
||||||
|
if(req.get('host') && req.get('host').includes('platinbots.')) return res.end(require('fs').readFileSync('./closed.html')); else next();
|
||||||
|
});
|
||||||
|
|
||||||
|
app.use((req, res, next) => {
|
||||||
|
var path = (req.url === '/' ? '/index.html' : req.url);
|
||||||
|
if (fs.existsSync('./sites/'+req.get('host').toLowerCase())) {
|
||||||
|
fs.readFile('./sites/'+req.get('host').toLowerCase() + path, (err, data) => {
|
||||||
|
if(err) return res.status(404), res.end('path ' + path + ' not found');
|
||||||
|
return res.end(data);
|
||||||
|
});
|
||||||
|
} else next();
|
||||||
|
});
|
||||||
|
|
||||||
|
app.get('/', async (req, res) => {
|
||||||
|
return res.render('index', {
|
||||||
|
avg: calculateAvg(),
|
||||||
|
servers: getServers().length
|
||||||
|
});
|
||||||
|
});
|
||||||
|
|
||||||
|
app.get('/login', async (req, res) => {
|
||||||
|
let row = databaseOperations.checkToken(req.cookies.token);
|
||||||
|
if(!row)return res.render('login');
|
||||||
|
return res.redirect('/panel');
|
||||||
|
});
|
||||||
|
|
||||||
|
app.get('/register', async (req, res) => {
|
||||||
|
let row = databaseOperations.checkToken(req.cookies.token);
|
||||||
|
if(!row) return res.render('register');
|
||||||
|
return res.redirect('/panel');
|
||||||
|
});
|
||||||
|
|
||||||
|
app.get('/panel', async (req, res) => {
|
||||||
|
let row = databaseOperations.checkToken(req.cookies.token);
|
||||||
|
if(!row)return res.render('login');
|
||||||
|
if(!databaseOperations.getMetadataValue(row.id, 'expire')) databaseOperations.updateOrSetMetadataValue(row.id, 'expire', -1);
|
||||||
|
if(!databaseOperations.getMetadataValue(row.id, 'admin')) databaseOperations.updateOrSetMetadataValue(row.id, 'admin', false);
|
||||||
|
if(!databaseOperations.getFromId(row.id).apiKey) databaseOperations.setApiToken(row.id);
|
||||||
|
return res.render('panel', {
|
||||||
|
apiToken: row.apiKey,
|
||||||
|
sub: databaseOperations.hasActiveSub(row.id),
|
||||||
|
admin: databaseOperations.getMetadataValue(row.id, 'admin'),
|
||||||
|
uid: row.id,
|
||||||
|
subExpire: getExpire(row.id),
|
||||||
|
limited: databaseOperations.isLimitedAccount(row.id),
|
||||||
|
users: db.prepare('SELECT id, username FROM users').all()
|
||||||
|
});
|
||||||
|
});
|
||||||
|
|
||||||
|
app.get('/panel/support', async (req, res) => {
|
||||||
|
let row = databaseOperations.checkToken(req.cookies.token);
|
||||||
|
if(!row)return res.render('login');
|
||||||
|
if(!databaseOperations.getMetadataValue(row.id, 'expire')) databaseOperations.updateOrSetMetadataValue(row.id, 'expire', -1);
|
||||||
|
if(!databaseOperations.getMetadataValue(row.id, 'admin')) databaseOperations.updateOrSetMetadataValue(row.id, 'admin', false);
|
||||||
|
return res.render('support', {
|
||||||
|
apiToken: row.apiKey,
|
||||||
|
sub: databaseOperations.hasActiveSub(row.id),
|
||||||
|
admin: databaseOperations.getMetadataValue(row.id, 'admin'),
|
||||||
|
uid: row.id,
|
||||||
|
subExpire: getExpire(row.id),
|
||||||
|
limited: databaseOperations.isLimitedAccount(row.id)
|
||||||
|
});
|
||||||
|
});
|
||||||
|
|
||||||
|
function getExpire(id)
|
||||||
|
{
|
||||||
|
let distance = new Date(databaseOperations.getMetadataValue(id, 'expire')) - new Date().getTime();
|
||||||
|
|
||||||
|
var days = Math.floor(distance / (1000 * 60 * 60 * 24));
|
||||||
|
var hours = Math.floor((distance % (1000 * 60 * 60 * 24)) / (1000 * 60 * 60));
|
||||||
|
|
||||||
|
return `${days} days and ${hours} hours.`;
|
||||||
|
}
|
||||||
|
|
||||||
|
app.get('/api/regenerate', (req, res) => {
|
||||||
|
let row = databaseOperations.checkToken(req.cookies.token);
|
||||||
|
if(!row)return res.json({err: true, msg: 'authorization error'});
|
||||||
|
return res.json({err: false, token: databaseOperations.setApiToken(row.id)});
|
||||||
|
});
|
||||||
|
|
||||||
|
app.post('/api/login', (req, res) => {
|
||||||
|
let result = databaseOperations.checkCredentials(req.body.username, req.body.password);
|
||||||
|
if(!result) return res.json({err: true, msg: 'incorrect credentials'});
|
||||||
|
let token = databaseOperations.setToken(result.id);
|
||||||
|
res.cookie('token', token);
|
||||||
|
res.json({err:false})
|
||||||
|
});
|
||||||
|
|
||||||
|
app.post('/api/extendsub', (req, res) => {
|
||||||
|
let row = databaseOperations.checkToken(req.cookies.token);
|
||||||
|
let isAdmin = databaseOperations.getMetadataValue(row.id, 'admin');
|
||||||
|
if(!isAdmin) return;
|
||||||
|
databaseOperations.updateOrSetMetadataValue(req.body.target, 'expire', req.body.time);
|
||||||
|
res.end(null);
|
||||||
|
});
|
||||||
|
|
||||||
|
app.post('/api/setrestrictions', (req, res) => {
|
||||||
|
let row = databaseOperations.checkToken(req.cookies.token);
|
||||||
|
let isAdmin = databaseOperations.getMetadataValue(row.id, 'admin');
|
||||||
|
if(!isAdmin) return;
|
||||||
|
if(req.body.modules !== '') databaseOperations.updateOrSetMetadataValue(req.body.target, 'modules', req.body.modules.split('\n')); else databaseOperations.updateOrSetMetadataValue(req.body.target, 'modules', []);
|
||||||
|
res.end(null);
|
||||||
|
});
|
||||||
|
|
||||||
|
app.post('/api/register', (req, res) => {
|
||||||
|
let token = databaseOperations.register(req.body.username, req.body.password);
|
||||||
|
if(!token) return res.json({err: true, msg: 'username taken'})
|
||||||
|
res.cookie('token', token);
|
||||||
|
res.json({err:false})
|
||||||
|
});
|
||||||
|
|
||||||
|
function ab(a) {
|
||||||
|
if (null == a) return -1;
|
||||||
|
try {
|
||||||
|
for (var t = 0, e = 0; e < a.length; e++) {
|
||||||
|
var n = a.charCodeAt(e);
|
||||||
|
n < 128 && (t += n)
|
||||||
|
}
|
||||||
|
return t
|
||||||
|
} catch (a) {
|
||||||
|
return -2
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
function getO9()
|
||||||
|
{
|
||||||
|
var a = get_cf_date() % 1e7
|
||||||
|
for (var t = a, e = 0; e < 5; e++) {
|
||||||
|
var n = pi(a / Math.pow(10, e)) % 10,
|
||||||
|
o = n + 1,
|
||||||
|
m = "return a" + cc(n) + o + ";";
|
||||||
|
t = new Function("a", m)(t)
|
||||||
|
}
|
||||||
|
return t;
|
||||||
|
}
|
||||||
|
|
||||||
|
function cc (a) {
|
||||||
|
var t = a % 4;
|
||||||
|
2 == t && (t = 3);
|
||||||
|
var e = 42 + t;
|
||||||
|
return String.fromCharCode(e)
|
||||||
|
}
|
||||||
|
|
||||||
|
function pi(a) {
|
||||||
|
return parseInt(a)
|
||||||
|
}
|
||||||
|
|
||||||
|
function get_cf_date() {
|
||||||
|
return Date.now ? Date.now() : +new Date
|
||||||
|
}
|
||||||
|
|
||||||
|
function rir(a, t, e, n) {
|
||||||
|
return a > t && a <= e && (a += n % (e - t)) > e && (a = a - e + t), a
|
||||||
|
}
|
||||||
|
|
||||||
|
function od(a, t) {
|
||||||
|
try {
|
||||||
|
a = String(a), t = String(t);
|
||||||
|
var e = [],
|
||||||
|
n = t.length;
|
||||||
|
if (n > 0) {
|
||||||
|
for (var o = 0; o < a.length; o++) {
|
||||||
|
var m = a.charCodeAt(o),
|
||||||
|
r = a.charAt(o),
|
||||||
|
i = t.charCodeAt(o % n);
|
||||||
|
m = rir(m, 47, 57, i), m != a.charCodeAt(o) && (r = String.fromCharCode(m)), e.push(r)
|
||||||
|
}
|
||||||
|
if (e.length > 0) return e.join("")
|
||||||
|
}
|
||||||
|
} catch (a) {}
|
||||||
|
return a
|
||||||
|
}
|
||||||
|
|
||||||
|
app.post('/api/sensor', async (req, res) => {
|
||||||
|
let row = false;
|
||||||
|
let old = false;
|
||||||
|
if (req.body.old) {
|
||||||
|
row = whitelist.includes(req.body.auth);
|
||||||
|
old = true;
|
||||||
|
} else row = databaseOperations.checkApiToken(req.body.auth);
|
||||||
|
if(!row) return res.json({msg: 'incorrect auth'});
|
||||||
|
if(!req.body.cookie) return res.json({msg: 'no cookie string'});
|
||||||
|
if(!req.body.url) return res.json({msg: 'no url string'});
|
||||||
|
if(!old && !databaseOperations.hasActiveSub(row.id)) return res.json({msg: 'sub expired'});
|
||||||
|
if(!old && databaseOperations.isLimitedAccount(row.id) && !databaseOperations.isInLimitedList(row.id, req.body.url)) return res.json({msg: 'invalid url'})
|
||||||
|
|
||||||
|
var useHost = true;
|
||||||
|
if (req.body.host) {
|
||||||
|
useHost = (req.body.host.toLowerCase() === 'true');
|
||||||
|
}
|
||||||
|
|
||||||
|
if (!req.body.url.startsWith('http')) return res.json({msg: 'invalid url'})
|
||||||
|
|
||||||
|
/* fs.readFile("akamai.js", 'utf8', function (err,data) {
|
||||||
|
if (err) {
|
||||||
|
res.status(500).end("Error getting script...");
|
||||||
|
return console.log(err);
|
||||||
|
}
|
||||||
|
|
||||||
|
var url = new URL(req.body.url)
|
||||||
|
var script = data.replace(/document.URL/g, '"' + req.body.url + '"').replace(/document.location.protocol/g, '"' + url.protocol.replace('//', '') + '"').replace(/document.location.hostname/g, '"' + url.hostname + '"').replace(/window.navigator.userAgent/g, '"Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.130 Safari/537.36"');
|
||||||
|
const dom = new JSDOM(`<script>document.cookie="_abck=${req.body.cookie}";${script};bmak.bpd();document.title = bmak.sensor_data</script>`, {runScripts: "dangerously" })
|
||||||
|
|
||||||
|
let sensordata = dom.window.document.title;
|
||||||
|
dom.window.close();
|
||||||
|
//console.log(sensor_data);
|
||||||
|
*/
|
||||||
|
/* if(!scriptCache.find((z) => z.url === req.body.url)) sensor.grabScriptUrl(req.body.url, `_abck=${req.body.cookie}`, (grabbedScript) => {
|
||||||
|
scriptCache.push({
|
||||||
|
url: req.body.url,
|
||||||
|
location: grabbedScript
|
||||||
|
});
|
||||||
|
getCookie(grabbedScript, req.body.url, req.body.cookie, sensor_data, (cookie) =>
|
||||||
|
{
|
||||||
|
cookie.forEach((x) => {
|
||||||
|
res.cookie(x.split('=')[0], x.split('=')[1].split(';')[0])
|
||||||
|
})
|
||||||
|
res.end("sup bro");
|
||||||
|
});
|
||||||
|
}); else {
|
||||||
|
getCookie(scriptCache.find((z) => z.url === req.body.url).location, req.body.url, req.body.cookie, sensor_data, (cookie) => {
|
||||||
|
cookie.forEach((x) => {
|
||||||
|
res.cookie(x.split('=')[0], x.split('=')[1].split(';')[0])
|
||||||
|
})
|
||||||
|
res.end("sup bro");
|
||||||
|
});
|
||||||
|
}*/
|
||||||
|
// res.json({sensor_data: sensordata})
|
||||||
|
// });
|
||||||
|
// JSDOM.fromFile('akamai.html', {runScripts: "dangerously", resources: "usable"}).then((dom) => {
|
||||||
|
|
||||||
|
// });
|
||||||
|
/* var api_public_key = "afSbep8yjnZUjq3aL010jO15Sawj2VZfdYK8uY90uxq"
|
||||||
|
var cs = "0a46G5m17Vrp4o4c"
|
||||||
|
var ua = "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.130 Safari/537.36"
|
||||||
|
var ver = "1.4.5"
|
||||||
|
var aaaa = get_cf_date();
|
||||||
|
|
||||||
|
var C = od(cs, api_public_key).slice(0, 16)
|
||||||
|
var S = Math.floor(get_cf_date() / 36e5);
|
||||||
|
var E = C + od(S, C)
|
||||||
|
var start_ts = get_cf_date()
|
||||||
|
var _abck = req.body.cookie;
|
||||||
|
var xagg = "12147" // this is from my chrome installation on my pc
|
||||||
|
var z1 = pi(start_ts / (2016 * 2016)) // 2016 is bmak.y1
|
||||||
|
var d3 = get_cf_date() % 1e7 // x2() just returns get_cf_date()
|
||||||
|
var url = req.body.url.replace(/\\|"/g, "")
|
||||||
|
var sensor_data = `${E}${ver}-1,2,-94,-100,${ua},uaend,${xagg},20030107,en-US,Gecko,0,0,0,0,${z1},${d3},2048,1112,2048,1152,2048,1010,2050,,cpen:0,i1:0,dm:0,cwen:0,non:1,opc:0,fc:0,sc:0,wrc:1,isc:0,vib:1,bat:1,x11:0,x12:1,8330,${Math.random()},${start_ts / 2},loc:-1,2,-94,-101,do_en,dm_en,t_en-1,2,-94,-105,-1,2,-94,-102,-1,2,-94,-108,-1,2,-94,-110,-1,2,-94,-117,-1,2,-94,-111,-1,2,-94,-109,-1,2,-94,-114,-1,2,-94,-103,-1,2,-94,-112,${url},-1,2,-94,-115,1,1,0,0,0,0,0,6,0,${start_ts},${Math.floor(Math.random() * (42 - 35 + 1) + 35) + 1},16896,0,0,2816,0,0,${get_cf_date() - start_ts},49,0,${_abck},${ab(_abck)},${Math.floor(1e3 * Math.random()).toString()},-5098406,30261693-1,2,-94,-106,9,1-1,2,-94,-119,-1-1,2,-94,-122,0,0,0,0,1,0,0-1,2,-94,-123,-1,2,-94,-124,-1,2,-94,-125,`
|
||||||
|
sensor_data = `${sensor_data}-1,2,-94,-70,-739578230;dis;,7,8;true;true;true;300;true;24;24;true;false;1-1,2,-94,-80,4911-1,2,-94,-116,${getO9()}-1,2,-94,-118,${ab(sensor_data)}-1,2,-94,-121,;${get_cf_date() - aaaa};${Math.floor(Math.random() * (2 - 10 + 1) + 10) + 1};0`
|
||||||
|
res.json({sensor_data: sensor_data});*/
|
||||||
|
var uriObject = new URL(req.body.url);
|
||||||
|
var realURL = useHost ? uriObject.protocol + '//' + uriObject.hostname : req.body.url;
|
||||||
|
if(!scriptCache.find((z) => z.url === realURL)) sensor.grab(realURL, `_abck=${req.body.cookie}`, useHost, (e) => {
|
||||||
|
if(e.err) return res.json(e);
|
||||||
|
var owo = scriptCache.push({
|
||||||
|
url: realURL,
|
||||||
|
scripturl: e.url,
|
||||||
|
script: e.d
|
||||||
|
});
|
||||||
|
|
||||||
|
/*virtualization.getSensorData(e.d, {target: req.body.url, cookievalue: req.body.cookie},(h) => {
|
||||||
|
res.json({sensor_data: h});
|
||||||
|
});*/
|
||||||
|
let timedOut = false;
|
||||||
|
getSensorData(e.d, req.body.cookie, (h) => {
|
||||||
|
if(!timedOut) res.json({sensor_data: h}), timedOut = true;
|
||||||
|
/* getCookie(e.url, uriObject.hostname, uriObject.origin, `_abck=${req.body.cookie}`, h, (eee) => {
|
||||||
|
// res.json({cookie: eee});
|
||||||
|
eee.forEach((x) => {
|
||||||
|
res.cookie(x.split('=')[0], x.split('=')[1].split(';')[0])
|
||||||
|
})
|
||||||
|
res.end("sup bro");
|
||||||
|
timedOut = true;
|
||||||
|
});*/
|
||||||
|
});
|
||||||
|
setTimeout(() => {if(!timedOut)res.json({err: 'Request timed out'}), timedOut = true;}, 10*1000);
|
||||||
|
}); else {
|
||||||
|
let timedOut = false;
|
||||||
|
var sex = scriptCache.find((z) => z.url === realURL);
|
||||||
|
getSensorData(sex.script, req.body.cookie, (h) => {
|
||||||
|
if(!timedOut)res.json({sensor_data: h}), timedOut = true
|
||||||
|
/* if(!sex.scripturl) sensor.grabScriptUrl(realURL, `_abck=${req.body.cookie}`, (de) => {
|
||||||
|
sex.scripturl = de;
|
||||||
|
getCookie(de, req.body.url, `_abck=${req.body.cookie}`, h, (eee) => {
|
||||||
|
timedOut = true;
|
||||||
|
return res.status(200), res.send(eee);
|
||||||
|
});
|
||||||
|
}); else */
|
||||||
|
/*getCookie(sex.scripturl, uriObject.hostname, uriObject.origin, `_abck=${req.body.cookie}`, h, (eee) => {
|
||||||
|
timedOut = true;
|
||||||
|
//return res.status(200), res.send(eee);
|
||||||
|
eee.forEach((x) => {
|
||||||
|
res.cookie(x.split('=')[0], x.split('=')[1].split(';')[0])
|
||||||
|
})
|
||||||
|
res.end("sup bro");
|
||||||
|
});*/
|
||||||
|
});
|
||||||
|
setTimeout(() => {if(!timedOut)res.json({err: 'Request timed out'}), timedOut = true;}, 10*1000);
|
||||||
|
}
|
||||||
|
});
|
||||||
|
|
||||||
|
function getCookie(urls, gay, gay2, cocaine, sensor_data, cb) {
|
||||||
|
request.post(urls, {
|
||||||
|
headers: {
|
||||||
|
'Accept': '*/*',
|
||||||
|
'Host': gay,
|
||||||
|
'Referer': gay,
|
||||||
|
'Origin': gay2,
|
||||||
|
'User-Agent': 'Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.117 Safari/537.36',
|
||||||
|
'Cookie': `_abck=${cocaine};`,
|
||||||
|
'Content-Type': 'text/plain'
|
||||||
|
},
|
||||||
|
body: {
|
||||||
|
sensor_data: sensor_data
|
||||||
|
},
|
||||||
|
jar: request.jar(),
|
||||||
|
json: true
|
||||||
|
}, (err, res) => {
|
||||||
|
if(err) return cb('err' + err);
|
||||||
|
if(!res.headers['set-cookie']) return cb('nigga wtf no cookie header?!');
|
||||||
|
if(res.body.success)return cb(res.headers['set-cookie']); else return cb('nope')
|
||||||
|
});
|
||||||
|
}
|
||||||
|
|
||||||
|
app.listen(80, () => console.log('http memes'))
|
||||||
|
|
||||||
|
const wss = new WebSocket.Server({ port: 42154 });
|
||||||
|
|
||||||
|
wss.on('connection', function connection(ws) {
|
||||||
|
ws.on('message', function incoming(message) {
|
||||||
|
const payload = JSON.parse(message);
|
||||||
|
switch(payload.t)
|
||||||
|
{
|
||||||
|
case 'GOT_SENSOR':
|
||||||
|
var target = respqeueue.find((e) => e.id === payload.d.id);
|
||||||
|
if(!target) return;
|
||||||
|
solveSpeedCache.push(Date.now() - target.timestamp);
|
||||||
|
target.callback(payload.d.sensor_data);
|
||||||
|
break;
|
||||||
|
}
|
||||||
|
});
|
||||||
|
setInterval(() => {
|
||||||
|
ws.send(JSON.stringify({t: 'PING'}))
|
||||||
|
}, 30 * 1000);
|
||||||
|
});
|
||||||
|
|
||||||
|
var solveSpeedCache = [];
|
||||||
|
var respqeueue = [];
|
||||||
|
|
||||||
|
function getServers() {
|
||||||
|
var possible = [];
|
||||||
|
wss.clients.forEach((e) => {
|
||||||
|
if(e.readyState === e.OPEN) possible.push(e);
|
||||||
|
});
|
||||||
|
return possible;
|
||||||
|
}
|
||||||
|
|
||||||
|
function calculateAvg()
|
||||||
|
{
|
||||||
|
let tmp = 0;
|
||||||
|
solveSpeedCache.forEach((e) => tmp += e);
|
||||||
|
return Math.floor(tmp / solveSpeedCache.length);
|
||||||
|
}
|
||||||
|
|
||||||
|
function getSensorData(script, cookie, cb)
|
||||||
|
{
|
||||||
|
let sensorSession = randomSession();
|
||||||
|
if(!sensorSession) return cb('error while grabbing sensor data, No servers found!');
|
||||||
|
var identifier = uuid();
|
||||||
|
respqeueue.push({
|
||||||
|
id: identifier,
|
||||||
|
callback: cb,
|
||||||
|
timestamp: Date.now()
|
||||||
|
});
|
||||||
|
sensorSession.send(JSON.stringify({
|
||||||
|
t: 'GET_SENSOR',
|
||||||
|
d: {
|
||||||
|
eval: script,
|
||||||
|
cookie: cookie,
|
||||||
|
id: identifier
|
||||||
|
}
|
||||||
|
}));
|
||||||
|
}
|
||||||
|
|
||||||
|
function randomSession()
|
||||||
|
{
|
||||||
|
let tmp = getServers();
|
||||||
|
return tmp[Math.floor(Math.random() * tmp.length)];
|
||||||
|
}
|
||||||
|
|
||||||
|
const databaseOperations = {
|
||||||
|
hasActiveSub: (id) => {
|
||||||
|
let expire = databaseOperations.getMetadataValue(id, 'expire');
|
||||||
|
if(expire < 0) return false;
|
||||||
|
return expire - Date.now() > 0 ? true : false;
|
||||||
|
},
|
||||||
|
isInLimitedList: (id, target) => {
|
||||||
|
let modules = databaseOperations.getMetadataValue(id, 'modules');
|
||||||
|
if(modules.includes(target.toLowerCase())) return true;
|
||||||
|
return false;
|
||||||
|
},
|
||||||
|
isLimitedAccount: (id) => {
|
||||||
|
let modules = databaseOperations.getMetadataValue(id, 'modules');
|
||||||
|
if(!modules || modules.length === 0) return false;
|
||||||
|
return true;
|
||||||
|
},
|
||||||
|
register: (username, password) => {
|
||||||
|
if(databaseOperations.isUsernameTaken(username)) return false;
|
||||||
|
let token = crypto.createHash('md5').update(`this timestamp is a nigger =>${Date.now()}GODpls buy me a shiba${Math.random() * 2312831}`).digest('hex');
|
||||||
|
let hash = bcrypt.hashSync(password, 10);
|
||||||
|
db.prepare('INSERT INTO users (username, password, token) VALUES (?, ?, ?)').run(username, hash, token);
|
||||||
|
return token;
|
||||||
|
},
|
||||||
|
isUsernameTaken: (username) => {
|
||||||
|
let row = db.prepare('SELECT * FROM users WHERE username=?').get(username);
|
||||||
|
return row ? true : false;
|
||||||
|
},
|
||||||
|
checkToken: (token) => {
|
||||||
|
return db.prepare('SELECT * FROM users WHERE token=?').get(token);
|
||||||
|
},
|
||||||
|
checkApiToken: (token) => {
|
||||||
|
return db.prepare('SELECT * FROM users WHERE apiKey=?').get(token);
|
||||||
|
},
|
||||||
|
getFromId: (id) => {
|
||||||
|
return db.prepare('SELECT * FROM users WHERE id=?').get(id);
|
||||||
|
},
|
||||||
|
checkCredentials: (username, password) => {
|
||||||
|
let row = db.prepare('SELECT * FROM users WHERE username=?').get(username);
|
||||||
|
if(!row) return false;
|
||||||
|
let match = bcrypt.compare(password, row.password);
|
||||||
|
if(!match) return false;
|
||||||
|
return row;
|
||||||
|
},
|
||||||
|
setToken: (id) => {
|
||||||
|
let token = crypto.createHash('md5').update(`this timestamp is a nigger =>${Date.now()}GODpls buy me a shiba${id}`).digest('hex');
|
||||||
|
db.prepare('UPDATE users SET token=? WHERE id=?').run(token, id);
|
||||||
|
return token;
|
||||||
|
},
|
||||||
|
setApiToken: (id) => {
|
||||||
|
let token = crypto.createHash('md5').update(`this also this is a api key btw GOD sex timestamp is a nigger =>${Date.now()}GODpls buy me a shiba${id}`).digest('hex');
|
||||||
|
db.prepare('UPDATE users SET apiKey=? WHERE id=?').run(token, id);
|
||||||
|
return token;
|
||||||
|
},
|
||||||
|
getMetadataValue: (id, key) => {
|
||||||
|
let row = db.prepare('SELECT * FROM users WHERE id=?').get(id);
|
||||||
|
return JSON.parse(row.metadata)[key];
|
||||||
|
},
|
||||||
|
updateOrSetMetadataValue: (id, key, value) => {
|
||||||
|
let row = db.prepare('SELECT * FROM users WHERE id=?').get(id);
|
||||||
|
let deserialized = row ? JSON.parse(row.metadata) : {};
|
||||||
|
deserialized[key] = value;
|
||||||
|
db.prepare('UPDATE users SET metadata=? WHERE id=?').run(JSON.stringify(deserialized), id);
|
||||||
|
},
|
||||||
|
destroyMetadataKey: (id, key) => {
|
||||||
|
let row = db.prepare("SELECT * FROM users WHERE id=?").get(id);
|
||||||
|
let deserialized = JSON.parse(row.metadata);
|
||||||
|
delete deserialized[key];
|
||||||
|
db.prepare("UPDATE users SET metaData=? WHERE id=?").run(JSON.stringify(deserialized), id);
|
||||||
|
}
|
||||||
|
};
|
||||||
|
|
||||||
|
setInterval(() => {
|
||||||
|
require('fs').writeFileSync('./cache.json', JSON.stringify(scriptCache));
|
||||||
|
}, 10 * 1000);
|
23
virtualization.js
Normal file
23
virtualization.js
Normal file
@ -0,0 +1,23 @@
|
|||||||
|
/*
|
||||||
|
* Akamai Byepass by Moony
|
||||||
|
* Version 1.0.0
|
||||||
|
* This file uses puppeteer to perform UA testing.
|
||||||
|
*/
|
||||||
|
|
||||||
|
const puppeteer = require('puppeteer');
|
||||||
|
|
||||||
|
module.exports = {
|
||||||
|
getSensorData: async (exec, opts, cb) => {
|
||||||
|
const browser = await puppeteer.launch({headless: true, args: ["--no-sandbox", "--disable-setuid-sandbox",
|
||||||
|
'--proxy-server="direct://"', '--proxy-bypass-list=*']});
|
||||||
|
const page = await browser.newPage();
|
||||||
|
await page.setUserAgent('Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.117 Safari/537.36');
|
||||||
|
await page.goto("https://varvy.com/pagespeed/wicked-fast.html");
|
||||||
|
await page.setCookie({name: '_abck', value: opts.cookievalue})
|
||||||
|
//await page.goto(opts.target);
|
||||||
|
//await page.goto("https://varvy.com/pagespeed/wicked-fast.html");
|
||||||
|
await page.evaluate(exec);
|
||||||
|
await page.evaluate(`bmak.bpd()`);
|
||||||
|
return cb(await page.evaluate(`bmak.sensor_data`))
|
||||||
|
}
|
||||||
|
};
|
Loading…
Reference in New Issue
Block a user