search

Karmel0x / cloudflare-js-bypass

Simple C++ bypass for Cloudflare's anti-bot / anti-ddos page (JavaScript challenge solver).
MIT License
5 stars 2 forks source link

Buffer too small #1

Closed Mecanik closed 6 years ago

Mecanik commented 6 years ago

I have done a test just now, and the buffer size 11 is too small for "bufferk". I changed it to:

char bufferk[21] = "";

And it seems to work. I think they increased the size...

Karmel0x commented 6 years ago

It's working for you, or just not crashing ? It seems that cloudflare has changed js script generating method a little bit. They increased the length(?) and added slashes(?) to the challenge. Do you have any protected website ? I've found only with some custom style. PPL have stopped using this anti-ddos method for websites, it's rare for now.

Mecanik commented 6 years ago

Nop, it doesn’t work. I tried to fix it but I failed. I really wanted ( and need ) to use your script because it la very lightweight.

Many are still using it, for example http://www.topservers200.com/in.php?id=6491

They definitely increased the length and did something else as well, as I said I couldn’t make your script work.

Karmel0x commented 6 years ago

Issue solved.

Mecanik commented 6 years ago

Thank you for this, I will test shortly. I like how you solve the challenge, however I don’t understand it 100%, just 60% something like that.

Mecanik commented 6 years ago

It works like a charm, I shall make a donation for your work soon. Would it be possible to give some comments on the code ? Just so I can understand and if they change their method again, I can adapt it quickly...

Karmel0x commented 6 years ago

Just Star the repo There are nothing to comment ;-; It's simple, just look at site html source 1) Get input values from html 2) Get var values from js a) get first var value cause its different than next ones b) combine them 3) Calculate them LIKE JAVASCRIPT WOULD DO IT a) count them cause in JS (1+1+[])+(1+0+[]) is 21 not 3 = replace some characters to single character so we can easly do it b) calculate single brackets /+ + and vars *= -= += /= 4) Cut the float value to 10 digits 5) Add domain name length 6) Send values as GET request

var s,t,o,p,b,r,e,a,k,i,n,g,f, VQDBJcj={"Nw":+((!+[]+!![]+!![]+!![]+!![]+!![]+!![]+!![]+!![]+[])+(!+[]+!![])+(+[])+(!+[]+!![]+!![]+!![])+(+!![])+(!+[]+!![]+!![]+!![]+!![]+!![]+!![]+!![]+!![])+(!+[]+!![]+!![]+!![]+!![]+!![]+!![]+!![])+(!+[]+!![])+(!+[]+!![]+!![]))/+((!+[]+!![]+!![]+!![]+!![]+!![]+!![]+!![]+[])+(!+[]+!![]+!![]+!![]+!![])+(!+[]+!![]+!![]+!![])+(+!![])+(!+[]+!![]+!![])+(!+[]+!![]+!![]+!![]+!![]+!![])+(+[])+(!+[]+!![])+(!+[]+!![]+!![]+!![]+!![]+!![]))};
;VQDBJcj.Nw-=+((!+[]+!![]+!![]+!![]+!![]+!![]+!![]+!![]+[])+(!+[]+!![]+!![])+(!+[]+!![]+!![]+!![]+!![]+!![]+!![]))/+((!+[]+!![]+!![]+!![]+!![]+!![]+!![]+!![]+!![]+[])+(!+[]+!![]+!![]+!![]+!![]+!![]+!![]));VQDBJcj.Nw*=+((!+[]+!![]+!![]+!![]+!![]+!![]+!![]+!![]+[])+(+!![])+(!+[]+!![]+!![]))/+((!+[]+!![]+!![]+!![]+!![]+!![]+!![]+!![]+!![]+[])+(!+[]+!![]+!![]+!![]+!![]+!![])+(!+[]+!![])+(!+[]+!![]+!![]+!![]+!![]+!![]));
a.value = +VQDBJcj.Nw.toFixed(10) + t.length; '; 121'
  <form id="challenge-form" action="/cdn-cgi/l/chk_jschl" method="get">
    <input type="hidden" name="jschl_vc" value="787b2445a6dab609bb241fefd13c3c2c"/>
    <input type="hidden" name="pass" value="1528107990.903-radPpCaytn"/>
    <input type="hidden" id="jschl-answer" name="jschl_answer"/>
  </form>