Last active
November 7, 2023 14:32
-
-
Save kwilliams1987/9a52e65304eeeb3e75972c666a26b954 to your computer and use it in GitHub Desktop.
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| // When pointed at the target of a cloned Battle.net login page it will spam it with fake | |
| // requests to fill up a phishing site's backend with junk data. | |
| // DO NOT USE ON REAL BATTLE.NET LOGIN PAGES - I am not responsible for any reprocussions | |
| // or losses resulting from the use of this script. | |
| // Script will stop after iterations are exhausted or server returns 404 or 500, whatever | |
| // comes first. | |
| using System.Net; | |
| using System.Net.Http; | |
| using System.Security.Cryptography; | |
| const string target = "<enter login form action URL here>"; | |
| const int iterations = 10_000; | |
| var destroyed = new [] { HttpStatusCode.NotFound, HttpStatusCode.InternalServerError }; | |
| using var random = RandomNumberGenerator.Create(); | |
| static string randomString(int min, int max) | |
| { | |
| const string characters = "01234567890ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz"; | |
| return string.Join("", Enumerable.Range(1, RandomNumberGenerator.GetInt32(min, max)) | |
| .Select(_ => characters[RandomNumberGenerator.GetInt32(characters.Length -1)])); | |
| } | |
| using var client = new HttpClient(); | |
| foreach(var _ in Enumerable.Range(0, iterations)) | |
| { | |
| var email = $"{randomString(10, 50)}@{randomString(10, 50)}.com".ToLowerInvariant(); | |
| var password= randomString(10, 100); | |
| var data = new FormUrlEncodedContent(new [] { | |
| new KeyValuePair<string, string>("accountName", email), | |
| new KeyValuePair<string, string>("password", password), | |
| new KeyValuePair<string, string>("srpEnabled", "true"), | |
| new KeyValuePair<string, string>("upgradeVerifier", ""), | |
| new KeyValuePair<string, string>("useSrp", "false"), | |
| new KeyValuePair<string, string>("publicA", ""), | |
| new KeyValuePair<string, string>("clientEvidenceM1", ""), | |
| new KeyValuePair<string, string>("persistLogin", "on"), | |
| }); | |
| try | |
| { | |
| var result = await client.PostAsync(target, data); | |
| if (result.IsSuccessStatusCode) | |
| { | |
| Console.WriteLine($"π: {email} {password}"); | |
| } | |
| else if (destroyed.Contains(result.StatusCode)) | |
| { | |
| Console.WriteLine($"π€: {result.StatusCode}"); | |
| return; | |
| } | |
| else | |
| { | |
| Console.WriteLine($"π€: {result.StatusCode} ({email} {password})"); | |
| } | |
| } | |
| catch | |
| { | |
| Console.WriteLine($"π: {email} {password}"); | |
| } | |
| } |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment