Hello sir

[andress134]

Hello @hydrog-enoxide , about this script, a sugestion is using onother library not cloudscraper Can you upgrade it using other lib? https://github.com/ultrafunkamsterdam/undetected-chromedriver based browser, bypass all iuam pages

https://github.com/h0nde/py-hcaptcha - with this can bypass hcaptcha, v2 challenge

It is posible using one of this lib on that script?

[hydrogenoxide-user]

Sorry, you have to know that cloudflaer is not the only CDN in the world, and there are other impenetrable verification codes in other places. I will study how to use simulated browsers to penetrate most jump verifications, so stay tuned!

[hydrogenoxide-user]

OK, I will start making it in the near future

[andress134]

OK, I will start making it in the near future

would be a great idea, especially considering that the cloudscraper library is patched, it can't bypass any type of firewall

[hydrogenoxide-user]

At present, these simulated browser libraries are not suitable for large-scale requests, and the concurrency rate is low. Do you have any suggestions?

[hydrogenoxide-user]

I have encountered a problem. These libraries are not created for attack. They are inefficient. Do you have any good ideas?

[andress134]

I have encountered a problem. These libraries are not created for attack. They are inefficient. Do you have any good ideas?

Hmm, yeah you can't use selenium/puppeteer for ddos, just to bypass the page and get the cookies etc, cloudflare use bot detector for detect ddos attacks. So with this the browser should only be used to enter that page, get cookies, then send requests

1. create a browser session, get page content, get cookies
2. 2. submit the cookies with rayid data etc
3. sending requests
4. but for this im not sure if work fine if u use proxies, because if proxy are bad, will receive a captcha to solve

for nodejs here are many alternatives, do u know nodejs? you can use any js lib to get the data, cookies, like bypass.js start bypass.js geting data info from target and return it on py script and create the ddos

cloudflare has a few bugs, from what I've seen it accepts randomly created data So I was thinking of creating functions to extract the cookie from the header, submit that cookie and a function to generate rayid, etc, uri, __cf_chl_jschl_tk__ create fake data for jschl-vc, pass and jschl_answer. and submit all I tested it like 6 month ago with js and has working, im not sure if still work now

2 years ago I made a script in js with a friend The script did the following You gave it a target, for example https://target-cloudflare.com and it detected the real ip, and replaced the target link with the real ip link, and sent requests to the real ip https: // ip / rate for bypass is 50/50

https://github.com/MrH0wl/Cloudmare if u use this link to get IP real so start ddos script put target, proxy list, threads etc start script, the script sleep 60 seconds (ex, on this time script send the target on Cloudmare, try to foun real IP, if detect the real ip, ddos script replace the https://cf-target.com with http://ip/ and start sending requests this is good ideea, will be work on 30-50% of target

sorry my english are not so good.

[hydrogenoxide-user]

Sir, my goal is not cloudflaer, but all jump CDN. Besides, my mother tongue is Chinese

[hydrogenoxide-user]

My idea is, because I am in China, our defense vendors often use jump verification to defend layer7 ddos. If there is a script that can simulate the js of the browser, it can easily bypass them. I have already started making it.

[andress134]

My idea is, because I am in China, our defense vendors often use jump verification to defend layer7 ddos. If there is a script that can simulate the js of the browser, it can easily bypass them. I have already started making it.

Right, can be use puppeteer or selenium to generate a real browser session, and return the js info on the python script

About method based https://github.com/MrH0wl/Cloudmare to find real ip and hit it, is very good ideea alot websites from china use cdn like cloudflare (cloudflare selling services to china, here are same js, just different lang)

But maybe best option is using selenium, or any browser emulator just to get the js data

[hydrogenoxide-user]

I've been looking for a suitable library that can achieve these but has high concurrency all night. Can you recommend one? My level is not high. Please give me more advice

[andress134]

I've been looking for a suitable library that can achieve these but has high concurrency all night. Can you recommend one? My level is not high. Please give me more advice

my level of python is not high I could give more advice for nodejs in my opinion if u want to made a good bypass for all cdn is to use selenium for python or chromedriver https://github.com/ultrafunkamsterdam/undetected-chromedriver https://github.com/mherrmann/selenium-python-helium https://github.com/clemfromspace/scrapy-puppeteer https://github.com/pyppeteer/pyppeteer one of this lib are best option also for cdn + hcaptcha

https://github.com/MatheusVp2/hCaptcha-Solver-MR - that library bypass cf cdn + hcaptcha work good

so You can't do ddos using the browser session directly, because it will spam the server

The first time you have to bypass using the browser. to obtain cookies, and to bypass bot detector (firewall) after bypassing the web page, submit the data obtained and send the requests to create flood

[hydrogenoxide-user]

Your thinking is very good! I started to do it at once.

[andress134]

Your thinking is very good! I started to do it at once.

Hi, I'm just curious Did you manage to do something with the libraries I recommended?

[hydrogenoxide-user]

As you can see, when each agent visits successfully, the other party's defense is in vain. At this time, you just need to bring cookies and keep visiting.

[andress134]

As you can see, when each agent visits successfully, the other party's defense is in vain. At this time, you just need to bring cookies and keep visiting.

if you use one of my browser-based recommendations You will have to work with 2 sessions

1. starting the browser, obtaining data, cookies, domain, expires, etc., sorting cookies etc, and submitting the cookie in session 2 that will send the requests most firewalls today use rules to detect ddos attacks which means that it would be good to create a function for the ratelimit

That is, for example cloudflare, if it notices that an IP is spamming by sending requests, it will ban it. This problem would be solved by using the ratelimit function you have 500 proxies, the ratelimit should be eg random -10-15 ' each proxy to send 10-15 requests (IT'S JUST EXAMPLE)

//edit: I would recommend using both http and http2 and for higher power, use sockets

[hydrogenoxide-user]

进度很缓慢啊，再等等罢

[andress134]

oh, i understand

[andress134]

@hydrog-enoxide do u have discord?

[andress134]

I found a way. Try make a bypass using app.scrapingant.com api, im tested and look working

import http.client

conn = http.client.HTTPSConnection("api.scrapingant.com")

headers = {
    'x-api-key': "api-key"
}

conn.request("GET", "/v1/general?url=target", headers=headers)

res = conn.getresponse()
data = res.read()
print(data.decode("utf-8"))

with that u can get cookies, and bypass uam pages let me know if u test it

[hydrogenoxide-user]

You are mistaken, I am not studying CF at present.

[andress134]

You are mistaken, I am not studying CF at present.

with scrapingant you can scrape all websites, not only cf