Last active
March 21, 2021 13:56
-
-
Save evilsocket/f19d763d61100f25736812066fe7a68d to your computer and use it in GitHub Desktop.
registers random users to a spam&scam network that's targeting EU
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
package main | |
import ( | |
"encoding/json" | |
"fmt" | |
"io/ioutil" | |
"math/rand" | |
"net/http" | |
"net/url" | |
"strings" | |
"sync/atomic" | |
"time" | |
"github.com/evilsocket/islazy/async" | |
) | |
var seededRand *rand.Rand = rand.New(rand.NewSource(time.Now().UnixNano())) | |
func StringWithCharset(length int, charset string) string { | |
b := make([]byte, length) | |
for i := range b { | |
b[i] = charset[seededRand.Intn(len(charset))] | |
} | |
return string(b) | |
} | |
func String(length int) string { | |
return StringWithCharset(length, "abcdefghijklmnopqrstuvwxyzx") | |
} | |
func Number(length int) string { | |
return StringWithCharset(length, "0123456789") | |
} | |
func main() { | |
var ok, errors uint64 | |
q := async.NewQueue(-1, func(arg async.Job) { | |
client := &http.Client{} | |
data := url.Values{ | |
"product": {"yuanopen"}, | |
"broker": {"firstbit"}, | |
"tracking[offer_id]": {"310"}, | |
"tracking[aff_id]": {"2074"}, | |
"tracking[url_id]": {""}, | |
"tracking[aff_sub1]": {"2f3eaa55a8dbdb"}, | |
"tracking[aff_sub2]": {""}, | |
"tracking[aff_sub3]": {""}, | |
"tracking[aff_sub4]": {""}, | |
"tracking[aff_sub5]": {""}, | |
"tracking[source]": {""}, | |
"tracking[transaction_id]": {"1026b1434df1ef8d7a38d0951fabe9"}, | |
"tracking[campaign_id]": {"1012"}, | |
"tracking[subcampaign_id]": {"310_2074_1026b1434df1ef8d7a38d0951fabe9"}, | |
"customer[first_name]": {String(4)}, | |
"customer[last_name]": {String(8)}, | |
"customer[email]": {String(10) + "@gmail.com"}, | |
"customer[password]": {String(15)}, | |
"customer[area_code]": {"+39"}, | |
"customer[phone]": {"39287" + Number(5)}, | |
"customer[iso]": {"IT"}, | |
"customer[country]": {"Italy"}, | |
"customer[lottoGame]": {"undefined"}, | |
"customer[lottoNumbers]": {""}, | |
"nekot": {""}, | |
"hid": {"BO110315cd4fdf8"}, | |
} | |
req, err := http.NewRequest("POST", "https://splitter.trafficon.co/api/v1/registration", strings.NewReader(data.Encode())) | |
if err != nil { | |
atomic.AddUint64(&errors, 1) | |
return | |
// panic(err) | |
} | |
req.Header.Add("User-Agent", "Mozilla/5.0 (Macintosh; Intel Mac OS X 11_1_0) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.90 Safari/537.36") | |
req.Header.Add("authority", "splitter.trafficon.co") | |
req.Header.Add("sec-ch-ua", "\"Google Chrome\";v=\"89\", \"Chromium\";v=\"89\", \";Not A Brand\";v=\"99\"") | |
req.Header.Add("accept", "*/*") | |
req.Header.Add("dnt", "1") | |
req.Header.Add("sec-ch-ua-mobile", "?0") | |
req.Header.Add("origin", "https://yuan-pay-app.com") | |
req.Header.Add("sec-fetch-site", "cross-site") | |
req.Header.Add("sec-fetch-mode", "cors") | |
req.Header.Add("sec-fetch-dest", "empty") | |
req.Header.Add("referer", "https://yuan-pay-app.com/") | |
req.Header.Add("accept-language", "it-IT,it;q=0.9,en-US;q=0.8,en;q=0.7") | |
req.Header.Set("Content-Type", "application/x-www-form-urlencoded; charset=UTF-8") | |
resp, err := client.Do(req) | |
if err != nil { | |
atomic.AddUint64(&errors, 1) | |
return | |
} | |
defer resp.Body.Close() | |
raw, err := ioutil.ReadAll(resp.Body) | |
if err != nil { | |
atomic.AddUint64(&errors, 1) | |
return | |
} | |
var obj map[string]interface{} | |
if err = json.Unmarshal(raw, &obj); err != nil { | |
atomic.AddUint64(&errors, 1) | |
return | |
} | |
if _, found := obj["customer_id"]; found { | |
//fmt.Printf("created customer %v\n", cid) | |
atomic.AddUint64(&ok, 1) | |
} else if m, found := obj["error"]; found { | |
mes := m.(map[string]interface{})["message"].(string) | |
if strings.Contains(mes, "response not defined") == false { | |
fmt.Printf("%#v\n", obj) | |
} | |
atomic.AddUint64(&errors, 1) | |
} else { | |
fmt.Printf("%#v\n", obj) | |
atomic.AddUint64(&errors, 1) | |
} | |
}) | |
go func() { | |
for { | |
fmt.Printf("ok:%d errors:%d\n", ok, errors) | |
time.Sleep(1 * time.Second) | |
} | |
}() | |
for { | |
q.Add(async.Job(nil)) | |
time.Sleep(50 * time.Millisecond) | |
} | |
q.WaitDone() | |
} |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment