arriven / db1000n

MIT License
1.17k stars 200 forks source link

CloudFlare bypass #293

Open bmirnoff opened 2 years ago

bmirnoff commented 2 years ago

I think we need to add Cloudflare bypass https://github.com/MHProDev/MHDDoS/blob/2cd27e8b645d0dbf05048fa0e295844dc65a0671/start.py#L738 Also it might be configurable

arriven commented 2 years ago

yeah, I've been looking into it. it would require either adding python or javascript interpreter to be able to properly run checks, I have some ideas but need some more time to reflect on them. I've been looking at https://pkg.go.dev/github.com/robertkrimen/otto as it's written purely in go and we don't need performance from the javascript module and pure go is easier to maintain (I've seen 4 other js engines for go, all of them had more performance but were just providing bindings for C/C++ code and 3 of them are currently archived)

bmirnoff commented 2 years ago

@Arriven Sound good, otto for me also looks like a promising solution. I also can investigate this direction and share ideas here

arriven commented 2 years ago

@bmirnoff what would probably be most important (especially in terms of using otto) and what I didn't have a chance to check yet is whether the anti-bot check requires an event loop or if it is just a simple evaluation and the timeout can somehow be parsed from the page/code

bmirnoff commented 2 years ago

Just for everybody's information, reference impl for CFB can be https://github.com/Anorov/cloudflare-scrape js challenge is forked via node.js vm. Need to investigate actual process of solving a challenge.

https://github.com/Anorov/cloudflare-scrape/blob/e510962c608382bcef5de75033d60cc98cb9561d/cfscrape/__init__.py#L297

bmirnoff commented 2 years ago

Here is actually how Cloudfare response looks like https://github.com/Arriven/db1000n/pull/324

ghost commented 2 years ago

Please, fix a TYPO in the tittle ClOudFlare

crocangIt commented 2 years ago

Just for everybody's information, reference impl for CFB can be https://github.com/Anorov/cloudflare-scrape js challenge is forked via node.js vm. Need to investigate actual process of solving a challenge.

https://github.com/Anorov/cloudflare-scrape/blob/e510962c608382bcef5de75033d60cc98cb9561d/cfscrape/__init__.py#L297

A bit more related repositories mentioned here (including Anorov) : https://githublab.com/repositories?q=cloudflare-scrape