wh1t3h47 · January 12, 2025 02:13
diff --git a/sample_bruteforce.js b/sample_bruteforce.js
 (async () => {
 	const doBruteforce = async (x, y) => {
 		console.log(x,y)
 		try {
 			const r = await fetch("http://localhost/example", {
 				"credentials": "include",
 				"headers": {
 					"User-Agent": "Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/115.0",
 					"Accept": "text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8",
 					"Accept-Language": "en-US,en;q=0.5",
 					"Content-Type": "application/x-www-form-urlencoded",
 					"Upgrade-Insecure-Requests": "1",
 					"Sec-Fetch-Dest": "document",
 					"Sec-Fetch-Mode": "navigate",
 					"Sec-Fetch-Site": "same-origin",
 					"Sec-Fetch-User": "?1",
 					"Pragma": "no-cache",
 					"Cache-Control": "no-cache"
 				},
 				"body": `example=${x}&example2=${y}`,
 				"method": "POST",
 				"mode": "cors"
 			});
 			const t = await r.text();
 			if (t.indexOf?.("O texto que vc quer") != -1) {
 				console.log(`CONTAINS HAYSTACK ${x} ${y}`);
 			}
 		} catch (_) {
 		}
 	};

 	const BATCH_SIZE = 20;
 	const DELAY = 1000;
 	const combinations = Array.from({ length: 13 }, (_, i) => Array.from({ length: 13 }, (_, j) => [i, j])).flat();
 	const promises = [];
 	for (let [x, y] of combinations) {
 		if (promises.length < BATCH_SIZE) {
 			promises.push(doBruteforce(x, y));
 			continue;
 		} // else


 		await Promise.all(promises.splice(0, promises.length));
 		await new Promise(resolve => setTimeout(resolve, DELAY));
 	}
 })();
	(async () => {
	const doBruteforce = async (x, y) => {
	console.log(x,y)
	try {
	const r = await fetch("http://localhost/example", {
	"credentials": "include",
	"headers": {
	"User-Agent": "Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/115.0",
	"Accept": "text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8",
	"Accept-Language": "en-US,en;q=0.5",
	"Content-Type": "application/x-www-form-urlencoded",
	"Upgrade-Insecure-Requests": "1",
	"Sec-Fetch-Dest": "document",
	"Sec-Fetch-Mode": "navigate",
	"Sec-Fetch-Site": "same-origin",
	"Sec-Fetch-User": "?1",
	"Pragma": "no-cache",
	"Cache-Control": "no-cache"
	},
	"body": `example=${x}&example2=${y}`,
	"method": "POST",
	"mode": "cors"
	});
	const t = await r.text();
	if (t.indexOf?.("O texto que vc quer") != -1) {
	console.log(`CONTAINS HAYSTACK ${x} ${y}`);
	}
	} catch (_) {
	}
	};

	const BATCH_SIZE = 20;
	const DELAY = 1000;
	const combinations = Array.from({ length: 13 }, (_, i) => Array.from({ length: 13 }, (_, j) => [i, j])).flat();
	const promises = [];
	for (let [x, y] of combinations) {
	if (promises.length < BATCH_SIZE) {
	promises.push(doBruteforce(x, y));
	continue;
	} // else


	await Promise.all(promises.splice(0, promises.length));
	await new Promise(resolve => setTimeout(resolve, DELAY));
	}
	})();