186 lines
5.2 KiB
JavaScript
186 lines
5.2 KiB
JavaScript
const axios = require("axios");
|
|
const scp = require("set-cookie-parser");
|
|
const fs = require("fs");
|
|
|
|
module.exports = {
|
|
bypass: async function(url, log) {
|
|
if (!log) log = false;
|
|
|
|
let ua = `Mozilla/5.0 (X11; Linux x86_64; rv:100.0) Gecko/20100101 LibreWolf/100.0.1`;
|
|
|
|
let resp = await axios({
|
|
url: url,
|
|
rejectHttpErrors: false,
|
|
validateStatus: function() {return true;},
|
|
headers: {
|
|
"User-Agent": ua,
|
|
"Accept": "text/html",
|
|
"Accept-Language": "en-US,en;q=0.5",
|
|
"Accept-Encoding": "gzip, deflate",
|
|
"Sec-Fetch-Dest": "document",
|
|
"Sec-Fetch-Mode": "navigate",
|
|
"Sec-Fetch-Site": "none"
|
|
}
|
|
});
|
|
|
|
if (resp.headers.server !== "ddos-guard") throw "Site is not DDOS-Guard protected.";
|
|
let ref = `https://${new URL(url).hostname}/`;
|
|
let cookie = scp.parse(resp.headers["set-cookie"]);
|
|
|
|
if (log) console.log(`[ddos-guard-bypass] Checking if passed first check...`);
|
|
resp = await axios({
|
|
url: url,
|
|
rejectHttpErrors: false,
|
|
validateStatus: function() {return true;},
|
|
headers: {
|
|
"User-Agent": ua,
|
|
"Accept": "text/html",
|
|
"Cookie": cookieString(cookie)
|
|
}
|
|
});
|
|
|
|
if (resp.status == 200) {
|
|
if (log) console.log(`[ddos-guard-bypass] Automatically passed challenge 1.`)
|
|
return {
|
|
cookies: {
|
|
object: cookie,
|
|
string: cookieString(cookie)
|
|
},
|
|
headers: {
|
|
"user-agent": ua,
|
|
"referer": ref,
|
|
"cookie": cookieString(cookie)
|
|
}
|
|
};
|
|
} else {
|
|
if (log) console.log(`[ddos-guard-bypass] Did not auto-pass, attempting to manually pass...`)
|
|
let scripts = getScripts(resp.data, new URL(url).hostname);
|
|
if (log) console.log(`[ddos-guard-bypass] Got ${scripts.length} scripts.`);
|
|
|
|
let images = [];
|
|
let host = new URL(url).hostname;
|
|
|
|
for (let a in scripts) {
|
|
let script = scripts[a];
|
|
if (log) console.log(`[ddos-guard-bypass] Fetching script`, script);
|
|
|
|
let cs = new URL(script).hostname;
|
|
if (cs !== "ddos-guard.net") cs = "cross-site"
|
|
else cs = "same-site";
|
|
|
|
if (typeof cs !== "string") cs = "cross-site";
|
|
|
|
resp = await axios({
|
|
url: script,
|
|
headers: {
|
|
"User-Agent": ua,
|
|
"Accept": "*/*",
|
|
"Accept-Language": "en-US,en;q=0.5",
|
|
"Accept-Encoding": "gzip, deflate",
|
|
"Referer": ref,
|
|
"Sec-Fetch-Dest": "script",
|
|
"Sec-Fetch-Mode": "no-cors",
|
|
"Sec-Fetch-Site": cs
|
|
}
|
|
});
|
|
|
|
let img = getImages(resp.data, new URL(url).hostname);
|
|
for (let b in img) {
|
|
images.push(img[b]);
|
|
}
|
|
}
|
|
|
|
for (let a in images) {
|
|
let image = images[a];
|
|
if (log) console.log(`[ddos-guard-bypass] Fetching image`, image);
|
|
|
|
resp = await axios({
|
|
url: image,
|
|
headers: {
|
|
"User-Agent": ua,
|
|
"Accept": "*/*",
|
|
"Accept-Language": "en-US,en;q=0.5",
|
|
"Accept-Encoding": "gzip, deflate",
|
|
"Referer": ref,
|
|
"Cookie": cookieString(cookie),
|
|
"Sec-Fetch-Dest": "image",
|
|
"Sec-Fetch-Mode": "no-cors",
|
|
"Sec-Fetch-Site": "same-origin"
|
|
}
|
|
});
|
|
|
|
cook = scp.parse(resp.headers["set-cookie"]);
|
|
for (let b in cook) {
|
|
cookie.push(cook[b]);
|
|
}
|
|
}
|
|
|
|
let mark = JSON.stringify(JSON.parse(fs.readFileSync(`${__dirname}/fakeMark.json`).toString()));
|
|
if (log) console.log(`[ddos-guard-bypass] Sending fake mark request...`);
|
|
resp = await axios({
|
|
method: "POST",
|
|
url: `https://${host}/.well-known/ddos-guard/mark/`,
|
|
data: mark,
|
|
headers: {
|
|
"User-Agent": ua,
|
|
"Content-Type": "text/plain;charset=UTF-8",
|
|
"Accept": "*/*",
|
|
"Accept-Language": "en-US,en;q=0.5",
|
|
"Accept-Encoding": "gzip, deflate",
|
|
"Referer": ref,
|
|
"Cookie": cookieString(cookie),
|
|
"DNT": "1",
|
|
"Sec-Fetch-Dest": "empty",
|
|
"Sec-Fetch-Mode": "cors",
|
|
"Sec-Fetch-Site": "same-origin"
|
|
}
|
|
});
|
|
|
|
return {
|
|
cookies: {
|
|
object: cookie,
|
|
string: cookieString(cookie)
|
|
},
|
|
headers: {
|
|
"user-agent": ua,
|
|
"referer": ref,
|
|
"cookie": cookieString(cookie)
|
|
}
|
|
};
|
|
}
|
|
}
|
|
}
|
|
|
|
function cookieString(cookie) {
|
|
var s = "";
|
|
for (var c in cookie) {
|
|
s = `${s} ${cookie[c].name}=${cookie[c].value};`;
|
|
}
|
|
var s = s.substring(1);
|
|
return s.substring(0, s.length - 1);
|
|
}
|
|
|
|
function getScripts(body, host) {
|
|
let s = [];
|
|
let sp = body.split(`loadScript("`);
|
|
for (let a in sp) {
|
|
if (a == 0){ continue;}
|
|
let u = sp[a].split(`",`)[0].split(`")`)[0];
|
|
if (u.startsWith(`/`)) u = `https://${host}${u}`;
|
|
if (u.split("?")[0] == "https://ddos-guard.net/.well-known/ddos-guard/check") continue;
|
|
s.push(u);
|
|
}
|
|
return s;
|
|
}
|
|
|
|
function getImages(body, host) {
|
|
let s = [];
|
|
let sp = body.split(`.src = '`);
|
|
for (let a in sp) {
|
|
if (a == 0) {continue;}
|
|
let u = sp[a].split(`';`)[0].split(`';}`)[0];
|
|
if (u.startsWith(`/`)) u = `https://${host}${u}`;
|
|
s.push(u);
|
|
}
|
|
return s;
|
|
} |