Подписывайтесь на наш Telegram и не пропускайте важные новости! Перейти
Что нового?

Прочее Спуфер который был использован для кряка PulseVisuals.

NettyCrasher
Начинающий
NettyCrasher
Начинающий
Статус
Оффлайн
Регистрация
16 Сен 2025
Сообщения
38
Реакции
0
Выберите загрузчик игры
  1. Fabric
Старый спуфер. Можете взять под базу

Много гпт кода

Код:
Expand Collapse Copy 
package main

import (
    "bufio"
    "bytes"
    "crypto/rand"
    "crypto/rsa"
    "crypto/tls"
    "crypto/x509"
    "crypto/x509/pkix"
    "encoding/json"
    "encoding/pem"
    "fmt"
    "io"
    "math/big"
    "net"
    "net/http"
    "os"
    "os/exec"
    "path/filepath"
    "strings"
    "sync"
    "syscall"
    "time"
    "unsafe"
)

const (
    listenHost  = "127.0.0.1"
    listenPort  = "8080"
    rc4KeyStr   = "5e8v5cTyLMPf77C7"
    spoofName   = "1"
    spoofUserID = 1337
    spoofHWID   = "1"
)

var listenFallbackPorts = []string{
    listenPort,
    "18080",
    "28080",
    "38080",
}

var pulseHosts = []string{
    "backend.pulsevisuals.pro",
    "backend2.pulsevisuals.pro",
    "backend3.pulsevisuals.pro",
    "backend4.pulsevisuals.pro",
    "freak.pulsevisuals.pro",
    "freak2.pulsevisuals.pro",
    "freak3.pulsevisuals.pro",
}

var (
    exeDir    string
    caCert    *x509.Certificate
    caKey     *rsa.PrivateKey
    certCache sync.Map
)

var upstreamTransport = &http.Transport{
    TLSClientConfig: &tls.Config{InsecureSkipVerify: true},
}

func init() {
    exe, _ := os.Executable()
    exeDir = filepath.Dir(exe)
}

func rc4Crypt(data []byte, key string) []byte {
    k := []byte(key)
    s := make([]byte, 256)
    for i := range s {
        s[i] = byte(i)
    }
    j := byte(0)
    for i := 0; i < 256; i++ {
        j = j + s[i] + k[i%len(k)]
        s[i], s[j] = s[j], s[i]
    }
    out := make([]byte, len(data))
    ii, jj := byte(0), byte(0)
    for pos, b := range data {
        ii++
        jj = jj + s[ii]
        s[ii], s[jj] = s[jj], s[ii]
        out[pos] = b ^ s[s[ii]+s[jj]]
    }
    return out
}

func isPulseHost(urlStr string) bool {
    for _, h := range pulseHosts {
        if strings.Contains(urlStr, h) {
            return true
        }
    }
    return false
}

func isSSERequest(url string, method string) bool {
    return strings.Contains(url, "realtime") && method == "GET"
}

func newUUID() string {
    b := make([]byte, 16)
    rand.Read(b)
    b[6] = (b[6] & 0x0f) | 0x40
    b[8] = (b[8] & 0x3f) | 0x80
    return fmt.Sprintf("%08x-%04x-%04x-%04x-%012x", b[:4], b[4:6], b[6:8], b[8:10], b[10:])
}

func encryptPulse(data map[string]interface{}) []byte {
    b, _ := json.Marshal(data)
    return rc4Crypt(b, rc4KeyStr)
}

func makeRawResponse(code int, body []byte) *http.Response {
    r := &http.Response{
        Status:        fmt.Sprintf("%d %s", code, http.StatusText(code)),
        StatusCode:    code,
        Proto:         "HTTP/1.1",
        ProtoMajor:    1,
        ProtoMinor:    1,
        Header:        make(http.Header),
        Body:          io.NopCloser(bytes.NewReader(body)),
        ContentLength: int64(len(body)),
    }
    r.Header.Set("Content-Type", "application/octet-stream")
    r.Header.Set("Content-Length", fmt.Sprintf("%d", len(body)))
    return r
}

func loadOrGenCA() error {
    crtPath := filepath.Join(exeDir, "ca.crt")
    keyPath := filepath.Join(exeDir, "ca.key")

    crtPEM, err1 := os.ReadFile(crtPath)
    keyPEM, err2 := os.ReadFile(keyPath)
    if err1 == nil && err2 == nil {
        block, _ := pem.Decode(crtPEM)
        cert, e1 := x509.ParseCertificate(block.Bytes)
        block2, _ := pem.Decode(keyPEM)
        key, e2 := x509.ParsePKCS1PrivateKey(block2.Bytes)
        if e1 == nil && e2 == nil {
            caCert = cert
            caKey = key
            fmt.Println("[for yougame] ca loaded:", crtPath)
            return nil
        }
    }

    fmt.Println("[for yougame] generating certificate...")
    key, err := rsa.GenerateKey(rand.Reader, 2048)
    if err != nil {
        return err
    }
    serial, _ := rand.Int(rand.Reader, new(big.Int).Lsh(big.NewInt(1), 128))
    tmpl := &x509.Certificate{
        SerialNumber:          serial,
        Subject:               pkix.Name{CommonName: "PulseCrack CA", Organization: []string{"PulseCrack"}},
        NotBefore:             time.Now().Add(-24 * time.Hour),
        NotAfter:              time.Now().Add(10 * 365 * 24 * time.Hour),
        IsCA:                  true,
        KeyUsage:              x509.KeyUsageCertSign | x509.KeyUsageCRLSign,
        BasicConstraintsValid: true,
    }
    der, err := x509.CreateCertificate(rand.Reader, tmpl, tmpl, &key.PublicKey, key)
    if err != nil {
        return err
    }
    cert, _ := x509.ParseCertificate(der)
    caCert = cert
    caKey = key

    os.WriteFile(crtPath, pem.EncodeToMemory(&pem.Block{Type: "CERTIFICATE", Bytes: der}), 0644)
    os.WriteFile(keyPath, pem.EncodeToMemory(&pem.Block{Type: "RSA PRIVATE KEY", Bytes: x509.MarshalPKCS1PrivateKey(key)}), 0600)
    fmt.Println("[for yougame] ca saved. ca.crt will be imported when you run launcher.exe")
    return nil
}

func getCertForHost(host string) (*tls.Certificate, error) {
    host = strings.TrimSpace(host)
    if host == "" {
        return nil, fmt.Errorf("empty host")
    }
    if v, ok := certCache.Load(host); ok {
        return v.(*tls.Certificate), nil
    }
    key, err := rsa.GenerateKey(rand.Reader, 2048)
    if err != nil {
        return nil, err
    }
    serial, _ := rand.Int(rand.Reader, new(big.Int).Lsh(big.NewInt(1), 128))
    tmpl := &x509.Certificate{
        SerialNumber: serial,
        Subject:      pkix.Name{CommonName: host},
        NotBefore:    time.Now().Add(-24 * time.Hour),
        NotAfter:     time.Now().Add(365 * 24 * time.Hour),
        KeyUsage:     x509.KeyUsageDigitalSignature,
        ExtKeyUsage:  []x509.ExtKeyUsage{x509.ExtKeyUsageServerAuth},
    }
    if ip := net.ParseIP(host); ip != nil {
        tmpl.IPAddresses = []net.IP{ip}
    } else {
        tmpl.DNSNames = []string{host}
    }
    der, err := x509.CreateCertificate(rand.Reader, tmpl, caCert, &key.PublicKey, caKey)
    if err != nil {
        return nil, err
    }
    tlsCert := &tls.Certificate{Certificate: [][]byte{der}, PrivateKey: key}
    certCache.Store(host, tlsCert)
    return tlsCert, nil
}

func normalizeConnectTarget(rawHost string) (addr string, hostname string, err error) {
    host := strings.TrimSpace(rawHost)
    if host == "" {
        return "", "", fmt.Errorf("empty CONNECT host")
    }

    switch strings.Count(host, ":") {
    case 0:
        return net.JoinHostPort(host, "443"), host, nil
    case 1:
        h, p, splitErr := net.SplitHostPort(host)
        if splitErr != nil {
            return "", "", fmt.Errorf("invalid CONNECT host %q: %w", rawHost, splitErr)
        }
        if h == "" {
            return "", "", fmt.Errorf("invalid CONNECT host %q", rawHost)
        }
        if p == "" {
            p = "443"
        }
        return net.JoinHostPort(h, p), h, nil
    default:
        // Bare IPv6 literals can be sent without [] and without explicit port.
        if strings.HasPrefix(host, "[") {
            h, p, splitErr := net.SplitHostPort(host)
            if splitErr == nil {
                if p == "" {
                    p = "443"
                }
                return net.JoinHostPort(h, p), h, nil
            }
            if strings.HasSuffix(host, "]") {
                trimmed := strings.TrimSuffix(strings.TrimPrefix(host, "["), "]")
                if trimmed != "" {
                    return net.JoinHostPort(trimmed, "443"), trimmed, nil
                }
            }
            return "", "", fmt.Errorf("invalid CONNECT host %q: %w", rawHost, splitErr)
        }
        return net.JoinHostPort(host, "443"), host, nil
    }
}

func startDirectTLS() {
    tlsCfg := &tls.Config{
        GetCertificate: func(hello *tls.ClientHelloInfo) (*tls.Certificate, error) {
            fmt.Println("[for yougame] TLS hello from:", hello.ServerName)
            return getCertForHost(hello.ServerName)
        },
    }
    ln, err := tls.Listen("tcp", ":443", tlsCfg)
    if err != nil {
        fmt.Println("[for yougame] failed to listen on :443:", err)
        return
    }
    fmt.Println("[for yougame] direct TLS listener on :443")
    for {
        conn, err := ln.Accept()
        if err != nil {
            continue
        }
        fmt.Println("[for yougame] incoming connection")
        go handleDirectConn(conn.(*tls.Conn))
    }
}

func handleDirectConn(conn *tls.Conn) {
    defer conn.Close()
    if err := conn.Handshake(); err != nil {
        return
    }
    br := bufio.NewReader(conn)
    for {
        req, err := http.ReadRequest(br)
        if err != nil {
            break
        }
        req.URL.Scheme = "https"
        req.URL.Host = conn.ConnectionState().ServerName

        fmt.Printf("[for yougame] %s %s\n", req.Method, req.URL.String())

        if isSSERequest(req.URL.String(), req.Method) {
            serveSSETunnel(conn)
            return
        }

        if fake := interceptRequest(req); fake != nil {
            var buf bytes.Buffer
            io.Copy(&buf, fake.Body)
            writeHTTPResponse(conn, fake.StatusCode, fake.Header, buf.Bytes())
            continue
        }

        writeHTTPResponse(conn, 200, make(http.Header), encryptPulse(map[string]interface{}{"success": true}))
    }
}

func startDirectTCP() {
    ln, err := net.Listen("tcp", ":443")
    if err != nil {
        fmt.Println("[for yougame] failed to listen on :443:", err)
        return
    }
    for {
        conn, err := ln.Accept()
        if err != nil {
            continue
        }
        go handleRawConn(conn)
    }
}

func handleRawConn(conn net.Conn) {
    defer conn.Close()

    peek := make([]byte, 1)
    conn.SetReadDeadline(time.Now().Add(3 * time.Second))
    _, err := io.ReadFull(conn, peek)
    conn.SetReadDeadline(time.Time{})
    if err != nil {
        return
    }

    if peek[0] == 0x16 {
        pc := io.MultiReader(bytes.NewReader(peek), conn)
        tlsConn := tls.Server(&connWithReader{Conn: conn, r: pc}, &tls.Config{
            GetCertificate: func(hello *tls.ClientHelloInfo) (*tls.Certificate, error) {
                fmt.Println("[for yougame] sni:", hello.ServerName)
                return getCertForHost(hello.ServerName)
            },
        })
        if err := tlsConn.Handshake(); err != nil {
            fmt.Println("[for yougame] handshake failed:", err)
            return
        }
        defer tlsConn.Close()
        br := bufio.NewReader(tlsConn)
        for {
            req, err := http.ReadRequest(br)
            if err != nil {
                break
            }
            req.URL.Scheme = "https"
            req.URL.Host = tlsConn.ConnectionState().ServerName
            fmt.Printf("[for yougame] %s %s\n", req.Method, req.URL.String())
            if isSSERequest(req.URL.String(), req.Method) {
                serveSSETunnel(tlsConn)
                return
            }
            if fake := interceptRequest(req); fake != nil {
                var buf bytes.Buffer
                io.Copy(&buf, fake.Body)
                writeHTTPResponse(tlsConn, fake.StatusCode, fake.Header, buf.Bytes())
            } else {
                body := encryptPulse(map[string]interface{}{"success": true, "authorized": true, "user_id": spoofUserID})
                hdr := make(http.Header)
                hdr.Set("Content-Type", "application/octet-stream")
                writeHTTPResponse(tlsConn, 200, hdr, body)
            }
        }
    } else {
        conn.SetReadDeadline(time.Now().Add(2 * time.Second))
        conn.SetReadDeadline(time.Time{})
        body := encryptPulse(map[string]interface{}{"success": true, "authorized": true, "user_id": spoofUserID})
        conn.Write(body)
    }
}

type connWithReader struct {
    net.Conn
    r io.Reader
}

func (c *connWithReader) Read(b []byte) (int, error) {
    return c.r.Read(b)
}

func interceptRequest(req *http.Request) *http.Response {
    url := req.URL.String()
    if isPulseHost(url) {
        fmt.Printf("[for yougame] %s %s\n", req.Method, url)
    }
    if !isPulseHost(url) {
        return nil
    }
    if strings.Contains(url, "authorize-token") {
        body := encryptPulse(map[string]interface{}{
            "user_id":    spoofUserID,
            "name":       spoofName,
            "session_id": newUUID(),
        })
        fmt.Printf("[for yougame] authorize-token => user_id=%d name=%q\n", spoofUserID, spoofName)
        return makeRawResponse(200, body)
    }
    if strings.Contains(url, "check-version") {
        body := encryptPulse(map[string]interface{}{
            "valid": true, "outdated": false,
            "needsUpdate": false, "update_available": false,
        })
        fmt.Println("[for yougame] check-version → OK")
        return makeRawResponse(200, body)
    }
    if strings.Contains(url, "/api/v1/config") {
        body := encryptPulse(map[string]interface{}{
            "success": true,
            "configs": []interface{}{},
        })
        return makeRawResponse(200, body)
    }
    if strings.Contains(url, "realtime/check-player") || strings.Contains(url, "realtime/server-update") {
        body := encryptPulse(map[string]interface{}{"success": true})
        return makeRawResponse(200, body)
    }
    for _, h := range []string{"freak.pulsevisuals.pro", "freak2.pulsevisuals.pro", "freak3.pulsevisuals.pro"} {
        if strings.Contains(url, h) {
            fmt.Printf("[for yougame] freak catch-all: %s %s\n", req.Method, url)
            body := encryptPulse(map[string]interface{}{
                "success":    true,
                "authorized": true,
                "user_id":    spoofUserID,
            })
            return makeRawResponse(200, body)
        }
    }
    return nil
}

func serveSSETunnel(conn io.Writer) {
    header := "HTTP/1.1 200 OK\r\n" +
        "Content-Type: text/event-stream\r\n" +
        "Cache-Control: no-cache\r\n" +
        "X-Accel-Buffering: no\r\n" +
        "\r\n"
    if _, err := io.WriteString(conn, header); err != nil {
        return
    }
    io.WriteString(conn, "data: {\"authorized\":true,\"user_id\":1337}\n\n")
    ticker := time.NewTicker(20 * time.Second)
    defer ticker.Stop()
    for range ticker.C {
        if _, err := io.WriteString(conn, ": heartbeat\n\n"); err != nil {
            return
        }
    }
}

func spoofHWIDInReq(req *http.Request) {
    if !isPulseHost(req.URL.String()) || req.Body == nil {
        return
    }
    ct := strings.ToLower(req.Header.Get("Content-Type"))
    if ct != "" && !strings.Contains(ct, "application/octet-stream") {
        return
    }
    raw, err := io.ReadAll(req.Body)
    req.Body.Close()
    if err != nil || len(raw) == 0 {
        req.Body = io.NopCloser(bytes.NewReader(raw))
        return
    }
    dec := rc4Crypt(raw, rc4KeyStr)
    var data map[string]interface{}
    if err := json.Unmarshal(dec, &data); err != nil {
        req.Body = io.NopCloser(bytes.NewReader(raw))
        return
    }
    if _, ok := data["hwid"]; !ok {
        req.Body = io.NopCloser(bytes.NewReader(raw))
        return
    }
    data["hwid"] = spoofHWID
    newJSON, _ := json.Marshal(data)
    newBody := rc4Crypt(newJSON, rc4KeyStr)
    req.Body = io.NopCloser(bytes.NewReader(newBody))
    req.ContentLength = int64(len(newBody))
    fmt.Println("[for yougame] hwid ->", spoofHWID)
}

func patchResponse(req *http.Request, resp *http.Response) {
    url := req.URL.String()
    if !isPulseHost(url) || resp == nil {
        return
    }
    if !strings.Contains(url, "authorize-token") && !strings.Contains(url, "check-version") {
        return
    }
    raw, err := io.ReadAll(resp.Body)
    resp.Body.Close()
    if err != nil || len(raw) == 0 {
        resp.Body = io.NopCloser(bytes.NewReader(raw))
        return
    }
    dec := rc4Crypt(raw, rc4KeyStr)
    var data map[string]interface{}
    if err := json.Unmarshal(dec, &data); err != nil {
        resp.Body = io.NopCloser(bytes.NewReader(raw))
        return
    }
    if strings.Contains(url, "authorize-token") {
        data["user_id"] = spoofUserID
        data["name"] = spoofName
        data["session_id"] = newUUID()
        resp.StatusCode = 200
    } else {
        for k := range data {
            kl := strings.ToLower(k)
            if _, isBool := data[k].(bool); isBool {
                if strings.Contains(kl, "valid") || strings.Contains(kl, "outdated") || strings.Contains(kl, "update") {
                    data[k] = strings.Contains(kl, "valid") && !strings.Contains(kl, "invalid")
                }
            }
        }
    }
    newBody := encryptPulse(data)
    resp.Body = io.NopCloser(bytes.NewReader(newBody))
    resp.ContentLength = int64(len(newBody))
    resp.Header.Set("Content-Length", fmt.Sprintf("%d", len(newBody)))
}

func cacheInitResponse(req *http.Request, resp *http.Response) {
    if !isPulseHost(req.URL.String()) || !strings.Contains(req.URL.String(), "protection/initialize") {
        return
    }
    raw, err := io.ReadAll(resp.Body)
    resp.Body.Close()
    if err != nil || len(raw) == 0 {
        resp.Body = io.NopCloser(bytes.NewReader(raw))
        return
    }
    dir := filepath.Join(exeDir, "init_cache")
    os.MkdirAll(dir, 0755)
    os.WriteFile(filepath.Join(dir, "initialize_response.bin"), raw, 0644)
    resp.Body = io.NopCloser(bytes.NewReader(raw))
}

func copyHeaders(dst, src http.Header) {
    for k, vals := range src {
        for _, v := range vals {
            dst.Add(k, v)
        }
    }
}

func shouldSkipResponseHeader(name string) bool {
    switch strings.ToLower(name) {
    case "connection", "proxy-connection", "keep-alive", "proxy-authenticate", "proxy-authorization",
        "te", "trailer", "transfer-encoding", "upgrade", "content-length":
        return true
    default:
        return false
    }
}

func writeHTTPResponse(conn interface{ Write([]byte) (int, error) }, code int, header http.Header, body []byte) {
    fmt.Fprintf(conn, "HTTP/1.1 %d %s\r\n", code, http.StatusText(code))
    for k, vals := range header {
        if shouldSkipResponseHeader(k) {
            continue
        }
        for _, v := range vals {
            fmt.Fprintf(conn, "%s: %s\r\n", k, v)
        }
    }
    fmt.Fprintf(conn, "Content-Length: %d\r\nConnection: close\r\n\r\n", len(body))
    conn.Write(body)
}

type proxy struct{}

func (p *proxy) ServeHTTP(w http.ResponseWriter, r *http.Request) {
    if r.Method == http.MethodConnect {
        p.handleConnect(w, r)
    } else {
        p.handlePlain(w, r)
    }
}

func (p *proxy) handlePlain(w http.ResponseWriter, r *http.Request) {
    r.RequestURI = ""
    if fake := interceptRequest(r); fake != nil {
        copyHeaders(w.Header(), fake.Header)
        w.WriteHeader(fake.StatusCode)
        io.Copy(w, fake.Body)
        return
    }
    spoofHWIDInReq(r)
    resp, err := upstreamTransport.RoundTrip(r)
    if err != nil {
        http.Error(w, "upstream: "+err.Error(), 502)
        return
    }
    defer resp.Body.Close()
    cacheInitResponse(r, resp)
    patchResponse(r, resp)
    copyHeaders(w.Header(), resp.Header)
    w.WriteHeader(resp.StatusCode)
    io.Copy(w, resp.Body)
}

func (p *proxy) handleConnect(w http.ResponseWriter, r *http.Request) {
    host, hostname, err := normalizeConnectTarget(r.Host)
    if err != nil {
        http.Error(w, "bad CONNECT host: "+err.Error(), http.StatusBadRequest)
        return
    }

    cert, err := getCertForHost(hostname)
    if err != nil {
        http.Error(w, "cert: "+err.Error(), http.StatusBadGateway)
        return
    }

    hj, ok := w.(http.Hijacker)
    if !ok {
        http.Error(w, "hijack not supported", 500)
        return
    }
    clientConn, rw, err := hj.Hijack()
    if err != nil {
        return
    }
    defer clientConn.Close()

    if _, err := rw.WriteString("HTTP/1.1 200 Connection Established\r\nProxy-Agent: pulseCrack\r\n\r\n"); err != nil {
        return
    }
    if err := rw.Flush(); err != nil {
        return
    }

    var tlsConnBase net.Conn = clientConn
    if rw.Reader.Buffered() > 0 {
        buf, _ := rw.Reader.Peek(rw.Reader.Buffered())
        tlsConnBase = &connWithReader{
            Conn: clientConn,
            r:    io.MultiReader(bytes.NewReader(buf), clientConn),
        }
    }

    tlsClient := tls.Server(tlsConnBase, &tls.Config{Certificates: []tls.Certificate{*cert}})
    if err := tlsClient.Handshake(); err != nil {
        return
    }
    defer tlsClient.Close()

    br := bufio.NewReader(tlsClient)
    for {
        req, err := http.ReadRequest(br)
        if err != nil {
            return
        }
        req.URL.Scheme = "https"
        req.URL.Host = host

        if isSSERequest(req.URL.String(), req.Method) {
            serveSSETunnel(tlsClient)
            return
        }

        var bodyBuf bytes.Buffer
        code := 200
        hdr := make(http.Header)

        if fake := interceptRequest(req); fake != nil {
            code = fake.StatusCode
            copyHeaders(hdr, fake.Header)
            io.Copy(&bodyBuf, fake.Body)
            fake.Body.Close()
        } else {
            spoofHWIDInReq(req)
            req.RequestURI = ""
            upstream, err := upstreamTransport.RoundTrip(req)
            if err != nil {
                errBody := []byte("upstream: " + err.Error())
                hdr.Set("Content-Type", "text/plain; charset=utf-8")
                writeHTTPResponse(tlsClient, http.StatusBadGateway, hdr, errBody)
                return
            }
            cacheInitResponse(req, upstream)
            patchResponse(req, upstream)
            code = upstream.StatusCode
            copyHeaders(hdr, upstream.Header)
            io.Copy(&bodyBuf, upstream.Body)
            upstream.Body.Close()
        }

        writeHTTPResponse(tlsClient, code, hdr, bodyBuf.Bytes())
    }
}

func ensureHosts() {
    hostsPath := `C:\Windows\System32\drivers\etc\hosts`
    entries := []string{
        "freak.pulsevisuals.pro",
        "freak2.pulsevisuals.pro",
        "freak3.pulsevisuals.pro",
    }

    data, _ := os.ReadFile(hostsPath)
    content := string(data)
    changed := false

    for _, host := range entries {
        line := "127.0.0.1 " + host
        if !strings.Contains(content, host) {
            content += "\n" + line
            changed = true
        } else {
        }
    }

    if !changed {
        return
    }

    tmp := os.TempDir() + `\hosts.tmp`
    os.WriteFile(tmp, []byte(content), 0644)

    script := fmt.Sprintf(`Copy-Item -Path '%s' -Destination '%s' -Force`, tmp, hostsPath)
    out, err := exec.Command("powershell", "-NoProfile", "-Command", script).CombinedOutput()
    if err != nil {
        fmt.Println("[for yougame] hosts write failed:", string(out))
        return
    }
    os.Remove(tmp)
    exec.Command("ipconfig", "/flushdns").Run()
    fmt.Println("[for yougame] hosts updated, dns flushed")
}

func printCentered(text string) {
    width := getConsoleWidth()
    if width <= 0 {
        width = 120
    }

    padding := (width - len(text)) / 2
    if padding < 0 {
        padding = 0
    }

    fmt.Printf("%s%s\n", strings.Repeat(" ", padding), text)
}

func getConsoleWidth() int {
    const stdOutputHandle uintptr = ^uintptr(10) // (DWORD)-11

    kernel32 := syscall.NewLazyDLL("kernel32.dll")
    getStdHandle := kernel32.NewProc("GetStdHandle")
    getConsoleScreenBufferInfo := kernel32.NewProc("GetConsoleScreenBufferInfo")

    var info struct {
        Size              struct{ X, Y int16 }
        CursorPosition    struct{ X, Y int16 }
        Attributes        uint16
        Window            struct{ Left, Top, Right, Bottom int16 }
        MaximumWindowSize struct{ X, Y int16 }
    }

    handle, _, _ := getStdHandle.Call(stdOutputHandle)
    if handle == 0 {
        return 0
    }

    ret, _, _ := getConsoleScreenBufferInfo.Call(
        handle,
        uintptr(unsafe.Pointer(&info)),
    )
    if ret == 0 {
        return 0
    }

    return int(info.Window.Right - info.Window.Left + 1)
}

func printCredits() {
    fmt.Println()
    printCentered("cracked by")
    printCentered("zeru")
    printCentered("Eketarina.dll")
    printCentered("Ratnikov")
    printCentered("t.me/skatcompany")
    fmt.Println()
    printCentered("Flerni sorry <3")
    fmt.Println("\n")
}

func listenProxy() (net.Listener, string, error) {
    for _, p := range listenFallbackPorts {
        addr := net.JoinHostPort(listenHost, p)
        ln, err := net.Listen("tcp", addr)
        if err == nil {
            return ln, p, nil
        }
    }
    return nil, "", fmt.Errorf("all proxy ports are busy")
}

func main() {
    printCredits()
    go startDirectTCP()
    ensureHosts()
    if err := loadOrGenCA(); err != nil {
        fmt.Println("[for yougame] init error:", err)
        os.Exit(1)
    }
    ln, _, err := listenProxy()
    if err != nil {
        fmt.Println("[for yougame] fatal:", err)
        os.Exit(1)
    }
    srv := &http.Server{
        Handler: &proxy{},
    }
    if err := srv.Serve(ln); err != nil {
        fmt.Println("[for yougame] fatal:", err)
        os.Exit(1)
    }
}

go.mod:


Код:
Expand Collapse Copy 
module spoofer

go 1.21
 
NettyCrasher написал(а):
Старый спуфер. Можете взять под базу

Много гпт кода

Код:
Expand Collapse Copy 
package main

import (
    "bufio"
    "bytes"
    "crypto/rand"
    "crypto/rsa"
    "crypto/tls"
    "crypto/x509"
    "crypto/x509/pkix"
    "encoding/json"
    "encoding/pem"
    "fmt"
    "io"
    "math/big"
    "net"
    "net/http"
    "os"
    "os/exec"
    "path/filepath"
    "strings"
    "sync"
    "syscall"
    "time"
    "unsafe"
)

const (
    listenHost  = "127.0.0.1"
    listenPort  = "8080"
    rc4KeyStr   = "5e8v5cTyLMPf77C7"
    spoofName   = "1"
    spoofUserID = 1337
    spoofHWID   = "1"
)

var listenFallbackPorts = []string{
    listenPort,
    "18080",
    "28080",
    "38080",
}

var pulseHosts = []string{
    "backend.pulsevisuals.pro",
    "backend2.pulsevisuals.pro",
    "backend3.pulsevisuals.pro",
    "backend4.pulsevisuals.pro",
    "freak.pulsevisuals.pro",
    "freak2.pulsevisuals.pro",
    "freak3.pulsevisuals.pro",
}

var (
    exeDir    string
    caCert    *x509.Certificate
    caKey     *rsa.PrivateKey
    certCache sync.Map
)

var upstreamTransport = &http.Transport{
    TLSClientConfig: &tls.Config{InsecureSkipVerify: true},
}

func init() {
    exe, _ := os.Executable()
    exeDir = filepath.Dir(exe)
}

func rc4Crypt(data []byte, key string) []byte {
    k := []byte(key)
    s := make([]byte, 256)
    for i := range s {
        s[i] = byte(i)
    }
    j := byte(0)
    for i := 0; i < 256; i++ {
        j = j + s[i] + k[i%len(k)]
        s[i], s[j] = s[j], s[i]
    }
    out := make([]byte, len(data))
    ii, jj := byte(0), byte(0)
    for pos, b := range data {
        ii++
        jj = jj + s[ii]
        s[ii], s[jj] = s[jj], s[ii]
        out[pos] = b ^ s[s[ii]+s[jj]]
    }
    return out
}

func isPulseHost(urlStr string) bool {
    for _, h := range pulseHosts {
        if strings.Contains(urlStr, h) {
            return true
        }
    }
    return false
}

func isSSERequest(url string, method string) bool {
    return strings.Contains(url, "realtime") && method == "GET"
}

func newUUID() string {
    b := make([]byte, 16)
    rand.Read(b)
    b[6] = (b[6] & 0x0f) | 0x40
    b[8] = (b[8] & 0x3f) | 0x80
    return fmt.Sprintf("%08x-%04x-%04x-%04x-%012x", b[:4], b[4:6], b[6:8], b[8:10], b[10:])
}

func encryptPulse(data map[string]interface{}) []byte {
    b, _ := json.Marshal(data)
    return rc4Crypt(b, rc4KeyStr)
}

func makeRawResponse(code int, body []byte) *http.Response {
    r := &http.Response{
        Status:        fmt.Sprintf("%d %s", code, http.StatusText(code)),
        StatusCode:    code,
        Proto:         "HTTP/1.1",
        ProtoMajor:    1,
        ProtoMinor:    1,
        Header:        make(http.Header),
        Body:          io.NopCloser(bytes.NewReader(body)),
        ContentLength: int64(len(body)),
    }
    r.Header.Set("Content-Type", "application/octet-stream")
    r.Header.Set("Content-Length", fmt.Sprintf("%d", len(body)))
    return r
}

func loadOrGenCA() error {
    crtPath := filepath.Join(exeDir, "ca.crt")
    keyPath := filepath.Join(exeDir, "ca.key")

    crtPEM, err1 := os.ReadFile(crtPath)
    keyPEM, err2 := os.ReadFile(keyPath)
    if err1 == nil && err2 == nil {
        block, _ := pem.Decode(crtPEM)
        cert, e1 := x509.ParseCertificate(block.Bytes)
        block2, _ := pem.Decode(keyPEM)
        key, e2 := x509.ParsePKCS1PrivateKey(block2.Bytes)
        if e1 == nil && e2 == nil {
            caCert = cert
            caKey = key
            fmt.Println("[for yougame] ca loaded:", crtPath)
            return nil
        }
    }

    fmt.Println("[for yougame] generating certificate...")
    key, err := rsa.GenerateKey(rand.Reader, 2048)
    if err != nil {
        return err
    }
    serial, _ := rand.Int(rand.Reader, new(big.Int).Lsh(big.NewInt(1), 128))
    tmpl := &x509.Certificate{
        SerialNumber:          serial,
        Subject:               pkix.Name{CommonName: "PulseCrack CA", Organization: []string{"PulseCrack"}},
        NotBefore:             time.Now().Add(-24 * time.Hour),
        NotAfter:              time.Now().Add(10 * 365 * 24 * time.Hour),
        IsCA:                  true,
        KeyUsage:              x509.KeyUsageCertSign | x509.KeyUsageCRLSign,
        BasicConstraintsValid: true,
    }
    der, err := x509.CreateCertificate(rand.Reader, tmpl, tmpl, &key.PublicKey, key)
    if err != nil {
        return err
    }
    cert, _ := x509.ParseCertificate(der)
    caCert = cert
    caKey = key

    os.WriteFile(crtPath, pem.EncodeToMemory(&pem.Block{Type: "CERTIFICATE", Bytes: der}), 0644)
    os.WriteFile(keyPath, pem.EncodeToMemory(&pem.Block{Type: "RSA PRIVATE KEY", Bytes: x509.MarshalPKCS1PrivateKey(key)}), 0600)
    fmt.Println("[for yougame] ca saved. ca.crt will be imported when you run launcher.exe")
    return nil
}

func getCertForHost(host string) (*tls.Certificate, error) {
    host = strings.TrimSpace(host)
    if host == "" {
        return nil, fmt.Errorf("empty host")
    }
    if v, ok := certCache.Load(host); ok {
        return v.(*tls.Certificate), nil
    }
    key, err := rsa.GenerateKey(rand.Reader, 2048)
    if err != nil {
        return nil, err
    }
    serial, _ := rand.Int(rand.Reader, new(big.Int).Lsh(big.NewInt(1), 128))
    tmpl := &x509.Certificate{
        SerialNumber: serial,
        Subject:      pkix.Name{CommonName: host},
        NotBefore:    time.Now().Add(-24 * time.Hour),
        NotAfter:     time.Now().Add(365 * 24 * time.Hour),
        KeyUsage:     x509.KeyUsageDigitalSignature,
        ExtKeyUsage:  []x509.ExtKeyUsage{x509.ExtKeyUsageServerAuth},
    }
    if ip := net.ParseIP(host); ip != nil {
        tmpl.IPAddresses = []net.IP{ip}
    } else {
        tmpl.DNSNames = []string{host}
    }
    der, err := x509.CreateCertificate(rand.Reader, tmpl, caCert, &key.PublicKey, caKey)
    if err != nil {
        return nil, err
    }
    tlsCert := &tls.Certificate{Certificate: [][]byte{der}, PrivateKey: key}
    certCache.Store(host, tlsCert)
    return tlsCert, nil
}

func normalizeConnectTarget(rawHost string) (addr string, hostname string, err error) {
    host := strings.TrimSpace(rawHost)
    if host == "" {
        return "", "", fmt.Errorf("empty CONNECT host")
    }

    switch strings.Count(host, ":") {
    case 0:
        return net.JoinHostPort(host, "443"), host, nil
    case 1:
        h, p, splitErr := net.SplitHostPort(host)
        if splitErr != nil {
            return "", "", fmt.Errorf("invalid CONNECT host %q: %w", rawHost, splitErr)
        }
        if h == "" {
            return "", "", fmt.Errorf("invalid CONNECT host %q", rawHost)
        }
        if p == "" {
            p = "443"
        }
        return net.JoinHostPort(h, p), h, nil
    default:
        // Bare IPv6 literals can be sent without [] and without explicit port.
        if strings.HasPrefix(host, "[") {
            h, p, splitErr := net.SplitHostPort(host)
            if splitErr == nil {
                if p == "" {
                    p = "443"
                }
                return net.JoinHostPort(h, p), h, nil
            }
            if strings.HasSuffix(host, "]") {
                trimmed := strings.TrimSuffix(strings.TrimPrefix(host, "["), "]")
                if trimmed != "" {
                    return net.JoinHostPort(trimmed, "443"), trimmed, nil
                }
            }
            return "", "", fmt.Errorf("invalid CONNECT host %q: %w", rawHost, splitErr)
        }
        return net.JoinHostPort(host, "443"), host, nil
    }
}

func startDirectTLS() {
    tlsCfg := &tls.Config{
        GetCertificate: func(hello *tls.ClientHelloInfo) (*tls.Certificate, error) {
            fmt.Println("[for yougame] TLS hello from:", hello.ServerName)
            return getCertForHost(hello.ServerName)
        },
    }
    ln, err := tls.Listen("tcp", ":443", tlsCfg)
    if err != nil {
        fmt.Println("[for yougame] failed to listen on :443:", err)
        return
    }
    fmt.Println("[for yougame] direct TLS listener on :443")
    for {
        conn, err := ln.Accept()
        if err != nil {
            continue
        }
        fmt.Println("[for yougame] incoming connection")
        go handleDirectConn(conn.(*tls.Conn))
    }
}

func handleDirectConn(conn *tls.Conn) {
    defer conn.Close()
    if err := conn.Handshake(); err != nil {
        return
    }
    br := bufio.NewReader(conn)
    for {
        req, err := http.ReadRequest(br)
        if err != nil {
            break
        }
        req.URL.Scheme = "https"
        req.URL.Host = conn.ConnectionState().ServerName

        fmt.Printf("[for yougame] %s %s\n", req.Method, req.URL.String())

        if isSSERequest(req.URL.String(), req.Method) {
            serveSSETunnel(conn)
            return
        }

        if fake := interceptRequest(req); fake != nil {
            var buf bytes.Buffer
            io.Copy(&buf, fake.Body)
            writeHTTPResponse(conn, fake.StatusCode, fake.Header, buf.Bytes())
            continue
        }

        writeHTTPResponse(conn, 200, make(http.Header), encryptPulse(map[string]interface{}{"success": true}))
    }
}

func startDirectTCP() {
    ln, err := net.Listen("tcp", ":443")
    if err != nil {
        fmt.Println("[for yougame] failed to listen on :443:", err)
        return
    }
    for {
        conn, err := ln.Accept()
        if err != nil {
            continue
        }
        go handleRawConn(conn)
    }
}

func handleRawConn(conn net.Conn) {
    defer conn.Close()

    peek := make([]byte, 1)
    conn.SetReadDeadline(time.Now().Add(3 * time.Second))
    _, err := io.ReadFull(conn, peek)
    conn.SetReadDeadline(time.Time{})
    if err != nil {
        return
    }

    if peek[0] == 0x16 {
        pc := io.MultiReader(bytes.NewReader(peek), conn)
        tlsConn := tls.Server(&connWithReader{Conn: conn, r: pc}, &tls.Config{
            GetCertificate: func(hello *tls.ClientHelloInfo) (*tls.Certificate, error) {
                fmt.Println("[for yougame] sni:", hello.ServerName)
                return getCertForHost(hello.ServerName)
            },
        })
        if err := tlsConn.Handshake(); err != nil {
            fmt.Println("[for yougame] handshake failed:", err)
            return
        }
        defer tlsConn.Close()
        br := bufio.NewReader(tlsConn)
        for {
            req, err := http.ReadRequest(br)
            if err != nil {
                break
            }
            req.URL.Scheme = "https"
            req.URL.Host = tlsConn.ConnectionState().ServerName
            fmt.Printf("[for yougame] %s %s\n", req.Method, req.URL.String())
            if isSSERequest(req.URL.String(), req.Method) {
                serveSSETunnel(tlsConn)
                return
            }
            if fake := interceptRequest(req); fake != nil {
                var buf bytes.Buffer
                io.Copy(&buf, fake.Body)
                writeHTTPResponse(tlsConn, fake.StatusCode, fake.Header, buf.Bytes())
            } else {
                body := encryptPulse(map[string]interface{}{"success": true, "authorized": true, "user_id": spoofUserID})
                hdr := make(http.Header)
                hdr.Set("Content-Type", "application/octet-stream")
                writeHTTPResponse(tlsConn, 200, hdr, body)
            }
        }
    } else {
        conn.SetReadDeadline(time.Now().Add(2 * time.Second))
        conn.SetReadDeadline(time.Time{})
        body := encryptPulse(map[string]interface{}{"success": true, "authorized": true, "user_id": spoofUserID})
        conn.Write(body)
    }
}

type connWithReader struct {
    net.Conn
    r io.Reader
}

func (c *connWithReader) Read(b []byte) (int, error) {
    return c.r.Read(b)
}

func interceptRequest(req *http.Request) *http.Response {
    url := req.URL.String()
    if isPulseHost(url) {
        fmt.Printf("[for yougame] %s %s\n", req.Method, url)
    }
    if !isPulseHost(url) {
        return nil
    }
    if strings.Contains(url, "authorize-token") {
        body := encryptPulse(map[string]interface{}{
            "user_id":    spoofUserID,
            "name":       spoofName,
            "session_id": newUUID(),
        })
        fmt.Printf("[for yougame] authorize-token => user_id=%d name=%q\n", spoofUserID, spoofName)
        return makeRawResponse(200, body)
    }
    if strings.Contains(url, "check-version") {
        body := encryptPulse(map[string]interface{}{
            "valid": true, "outdated": false,
            "needsUpdate": false, "update_available": false,
        })
        fmt.Println("[for yougame] check-version → OK")
        return makeRawResponse(200, body)
    }
    if strings.Contains(url, "/api/v1/config") {
        body := encryptPulse(map[string]interface{}{
            "success": true,
            "configs": []interface{}{},
        })
        return makeRawResponse(200, body)
    }
    if strings.Contains(url, "realtime/check-player") || strings.Contains(url, "realtime/server-update") {
        body := encryptPulse(map[string]interface{}{"success": true})
        return makeRawResponse(200, body)
    }
    for _, h := range []string{"freak.pulsevisuals.pro", "freak2.pulsevisuals.pro", "freak3.pulsevisuals.pro"} {
        if strings.Contains(url, h) {
            fmt.Printf("[for yougame] freak catch-all: %s %s\n", req.Method, url)
            body := encryptPulse(map[string]interface{}{
                "success":    true,
                "authorized": true,
                "user_id":    spoofUserID,
            })
            return makeRawResponse(200, body)
        }
    }
    return nil
}

func serveSSETunnel(conn io.Writer) {
    header := "HTTP/1.1 200 OK\r\n" +
        "Content-Type: text/event-stream\r\n" +
        "Cache-Control: no-cache\r\n" +
        "X-Accel-Buffering: no\r\n" +
        "\r\n"
    if _, err := io.WriteString(conn, header); err != nil {
        return
    }
    io.WriteString(conn, "data: {\"authorized\":true,\"user_id\":1337}\n\n")
    ticker := time.NewTicker(20 * time.Second)
    defer ticker.Stop()
    for range ticker.C {
        if _, err := io.WriteString(conn, ": heartbeat\n\n"); err != nil {
            return
        }
    }
}

func spoofHWIDInReq(req *http.Request) {
    if !isPulseHost(req.URL.String()) || req.Body == nil {
        return
    }
    ct := strings.ToLower(req.Header.Get("Content-Type"))
    if ct != "" && !strings.Contains(ct, "application/octet-stream") {
        return
    }
    raw, err := io.ReadAll(req.Body)
    req.Body.Close()
    if err != nil || len(raw) == 0 {
        req.Body = io.NopCloser(bytes.NewReader(raw))
        return
    }
    dec := rc4Crypt(raw, rc4KeyStr)
    var data map[string]interface{}
    if err := json.Unmarshal(dec, &data); err != nil {
        req.Body = io.NopCloser(bytes.NewReader(raw))
        return
    }
    if _, ok := data["hwid"]; !ok {
        req.Body = io.NopCloser(bytes.NewReader(raw))
        return
    }
    data["hwid"] = spoofHWID
    newJSON, _ := json.Marshal(data)
    newBody := rc4Crypt(newJSON, rc4KeyStr)
    req.Body = io.NopCloser(bytes.NewReader(newBody))
    req.ContentLength = int64(len(newBody))
    fmt.Println("[for yougame] hwid ->", spoofHWID)
}

func patchResponse(req *http.Request, resp *http.Response) {
    url := req.URL.String()
    if !isPulseHost(url) || resp == nil {
        return
    }
    if !strings.Contains(url, "authorize-token") && !strings.Contains(url, "check-version") {
        return
    }
    raw, err := io.ReadAll(resp.Body)
    resp.Body.Close()
    if err != nil || len(raw) == 0 {
        resp.Body = io.NopCloser(bytes.NewReader(raw))
        return
    }
    dec := rc4Crypt(raw, rc4KeyStr)
    var data map[string]interface{}
    if err := json.Unmarshal(dec, &data); err != nil {
        resp.Body = io.NopCloser(bytes.NewReader(raw))
        return
    }
    if strings.Contains(url, "authorize-token") {
        data["user_id"] = spoofUserID
        data["name"] = spoofName
        data["session_id"] = newUUID()
        resp.StatusCode = 200
    } else {
        for k := range data {
            kl := strings.ToLower(k)
            if _, isBool := data[k].(bool); isBool {
                if strings.Contains(kl, "valid") || strings.Contains(kl, "outdated") || strings.Contains(kl, "update") {
                    data[k] = strings.Contains(kl, "valid") && !strings.Contains(kl, "invalid")
                }
            }
        }
    }
    newBody := encryptPulse(data)
    resp.Body = io.NopCloser(bytes.NewReader(newBody))
    resp.ContentLength = int64(len(newBody))
    resp.Header.Set("Content-Length", fmt.Sprintf("%d", len(newBody)))
}

func cacheInitResponse(req *http.Request, resp *http.Response) {
    if !isPulseHost(req.URL.String()) || !strings.Contains(req.URL.String(), "protection/initialize") {
        return
    }
    raw, err := io.ReadAll(resp.Body)
    resp.Body.Close()
    if err != nil || len(raw) == 0 {
        resp.Body = io.NopCloser(bytes.NewReader(raw))
        return
    }
    dir := filepath.Join(exeDir, "init_cache")
    os.MkdirAll(dir, 0755)
    os.WriteFile(filepath.Join(dir, "initialize_response.bin"), raw, 0644)
    resp.Body = io.NopCloser(bytes.NewReader(raw))
}

func copyHeaders(dst, src http.Header) {
    for k, vals := range src {
        for _, v := range vals {
            dst.Add(k, v)
        }
    }
}

func shouldSkipResponseHeader(name string) bool {
    switch strings.ToLower(name) {
    case "connection", "proxy-connection", "keep-alive", "proxy-authenticate", "proxy-authorization",
        "te", "trailer", "transfer-encoding", "upgrade", "content-length":
        return true
    default:
        return false
    }
}

func writeHTTPResponse(conn interface{ Write([]byte) (int, error) }, code int, header http.Header, body []byte) {
    fmt.Fprintf(conn, "HTTP/1.1 %d %s\r\n", code, http.StatusText(code))
    for k, vals := range header {
        if shouldSkipResponseHeader(k) {
            continue
        }
        for _, v := range vals {
            fmt.Fprintf(conn, "%s: %s\r\n", k, v)
        }
    }
    fmt.Fprintf(conn, "Content-Length: %d\r\nConnection: close\r\n\r\n", len(body))
    conn.Write(body)
}

type proxy struct{}

func (p *proxy) ServeHTTP(w http.ResponseWriter, r *http.Request) {
    if r.Method == http.MethodConnect {
        p.handleConnect(w, r)
    } else {
        p.handlePlain(w, r)
    }
}

func (p *proxy) handlePlain(w http.ResponseWriter, r *http.Request) {
    r.RequestURI = ""
    if fake := interceptRequest(r); fake != nil {
        copyHeaders(w.Header(), fake.Header)
        w.WriteHeader(fake.StatusCode)
        io.Copy(w, fake.Body)
        return
    }
    spoofHWIDInReq(r)
    resp, err := upstreamTransport.RoundTrip(r)
    if err != nil {
        http.Error(w, "upstream: "+err.Error(), 502)
        return
    }
    defer resp.Body.Close()
    cacheInitResponse(r, resp)
    patchResponse(r, resp)
    copyHeaders(w.Header(), resp.Header)
    w.WriteHeader(resp.StatusCode)
    io.Copy(w, resp.Body)
}

func (p *proxy) handleConnect(w http.ResponseWriter, r *http.Request) {
    host, hostname, err := normalizeConnectTarget(r.Host)
    if err != nil {
        http.Error(w, "bad CONNECT host: "+err.Error(), http.StatusBadRequest)
        return
    }

    cert, err := getCertForHost(hostname)
    if err != nil {
        http.Error(w, "cert: "+err.Error(), http.StatusBadGateway)
        return
    }

    hj, ok := w.(http.Hijacker)
    if !ok {
        http.Error(w, "hijack not supported", 500)
        return
    }
    clientConn, rw, err := hj.Hijack()
    if err != nil {
        return
    }
    defer clientConn.Close()

    if _, err := rw.WriteString("HTTP/1.1 200 Connection Established\r\nProxy-Agent: pulseCrack\r\n\r\n"); err != nil {
        return
    }
    if err := rw.Flush(); err != nil {
        return
    }

    var tlsConnBase net.Conn = clientConn
    if rw.Reader.Buffered() > 0 {
        buf, _ := rw.Reader.Peek(rw.Reader.Buffered())
        tlsConnBase = &connWithReader{
            Conn: clientConn,
            r:    io.MultiReader(bytes.NewReader(buf), clientConn),
        }
    }

    tlsClient := tls.Server(tlsConnBase, &tls.Config{Certificates: []tls.Certificate{*cert}})
    if err := tlsClient.Handshake(); err != nil {
        return
    }
    defer tlsClient.Close()

    br := bufio.NewReader(tlsClient)
    for {
        req, err := http.ReadRequest(br)
        if err != nil {
            return
        }
        req.URL.Scheme = "https"
        req.URL.Host = host

        if isSSERequest(req.URL.String(), req.Method) {
            serveSSETunnel(tlsClient)
            return
        }

        var bodyBuf bytes.Buffer
        code := 200
        hdr := make(http.Header)

        if fake := interceptRequest(req); fake != nil {
            code = fake.StatusCode
            copyHeaders(hdr, fake.Header)
            io.Copy(&bodyBuf, fake.Body)
            fake.Body.Close()
        } else {
            spoofHWIDInReq(req)
            req.RequestURI = ""
            upstream, err := upstreamTransport.RoundTrip(req)
            if err != nil {
                errBody := []byte("upstream: " + err.Error())
                hdr.Set("Content-Type", "text/plain; charset=utf-8")
                writeHTTPResponse(tlsClient, http.StatusBadGateway, hdr, errBody)
                return
            }
            cacheInitResponse(req, upstream)
            patchResponse(req, upstream)
            code = upstream.StatusCode
            copyHeaders(hdr, upstream.Header)
            io.Copy(&bodyBuf, upstream.Body)
            upstream.Body.Close()
        }

        writeHTTPResponse(tlsClient, code, hdr, bodyBuf.Bytes())
    }
}

func ensureHosts() {
    hostsPath := `C:\Windows\System32\drivers\etc\hosts`
    entries := []string{
        "freak.pulsevisuals.pro",
        "freak2.pulsevisuals.pro",
        "freak3.pulsevisuals.pro",
    }

    data, _ := os.ReadFile(hostsPath)
    content := string(data)
    changed := false

    for _, host := range entries {
        line := "127.0.0.1 " + host
        if !strings.Contains(content, host) {
            content += "\n" + line
            changed = true
        } else {
        }
    }

    if !changed {
        return
    }

    tmp := os.TempDir() + `\hosts.tmp`
    os.WriteFile(tmp, []byte(content), 0644)

    script := fmt.Sprintf(`Copy-Item -Path '%s' -Destination '%s' -Force`, tmp, hostsPath)
    out, err := exec.Command("powershell", "-NoProfile", "-Command", script).CombinedOutput()
    if err != nil {
        fmt.Println("[for yougame] hosts write failed:", string(out))
        return
    }
    os.Remove(tmp)
    exec.Command("ipconfig", "/flushdns").Run()
    fmt.Println("[for yougame] hosts updated, dns flushed")
}

func printCentered(text string) {
    width := getConsoleWidth()
    if width <= 0 {
        width = 120
    }

    padding := (width - len(text)) / 2
    if padding < 0 {
        padding = 0
    }

    fmt.Printf("%s%s\n", strings.Repeat(" ", padding), text)
}

func getConsoleWidth() int {
    const stdOutputHandle uintptr = ^uintptr(10) // (DWORD)-11

    kernel32 := syscall.NewLazyDLL("kernel32.dll")
    getStdHandle := kernel32.NewProc("GetStdHandle")
    getConsoleScreenBufferInfo := kernel32.NewProc("GetConsoleScreenBufferInfo")

    var info struct {
        Size              struct{ X, Y int16 }
        CursorPosition    struct{ X, Y int16 }
        Attributes        uint16
        Window            struct{ Left, Top, Right, Bottom int16 }
        MaximumWindowSize struct{ X, Y int16 }
    }

    handle, _, _ := getStdHandle.Call(stdOutputHandle)
    if handle == 0 {
        return 0
    }

    ret, _, _ := getConsoleScreenBufferInfo.Call(
        handle,
        uintptr(unsafe.Pointer(&info)),
    )
    if ret == 0 {
        return 0
    }

    return int(info.Window.Right - info.Window.Left + 1)
}

func printCredits() {
    fmt.Println()
    printCentered("cracked by")
    printCentered("zeru")
    printCentered("Eketarina.dll")
    printCentered("Ratnikov")
    printCentered("t.me/skatcompany")
    fmt.Println()
    printCentered("Flerni sorry <3")
    fmt.Println("\n")
}

func listenProxy() (net.Listener, string, error) {
    for _, p := range listenFallbackPorts {
        addr := net.JoinHostPort(listenHost, p)
        ln, err := net.Listen("tcp", addr)
        if err == nil {
            return ln, p, nil
        }
    }
    return nil, "", fmt.Errorf("all proxy ports are busy")
}

func main() {
    printCredits()
    go startDirectTCP()
    ensureHosts()
    if err := loadOrGenCA(); err != nil {
        fmt.Println("[for yougame] init error:", err)
        os.Exit(1)
    }
    ln, _, err := listenProxy()
    if err != nil {
        fmt.Println("[for yougame] fatal:", err)
        os.Exit(1)
    }
    srv := &http.Server{
        Handler: &proxy{},
    }
    if err := srv.Serve(ln); err != nil {
        fmt.Println("[for yougame] fatal:", err)
        os.Exit(1)
    }
}

go.mod:


Код:
Expand Collapse Copy 
module spoofer

go 1.21
Нажмите для раскрытия...
:summyrose:
 
NettyCrasher написал(а):
Старый спуфер. Можете взять под базу

Много гпт кода

Код:
Expand Collapse Copy 
package main

import (
    "bufio"
    "bytes"
    "crypto/rand"
    "crypto/rsa"
    "crypto/tls"
    "crypto/x509"
    "crypto/x509/pkix"
    "encoding/json"
    "encoding/pem"
    "fmt"
    "io"
    "math/big"
    "net"
    "net/http"
    "os"
    "os/exec"
    "path/filepath"
    "strings"
    "sync"
    "syscall"
    "time"
    "unsafe"
)

const (
    listenHost  = "127.0.0.1"
    listenPort  = "8080"
    rc4KeyStr   = "5e8v5cTyLMPf77C7"
    spoofName   = "1"
    spoofUserID = 1337
    spoofHWID   = "1"
)

var listenFallbackPorts = []string{
    listenPort,
    "18080",
    "28080",
    "38080",
}

var pulseHosts = []string{
    "backend.pulsevisuals.pro",
    "backend2.pulsevisuals.pro",
    "backend3.pulsevisuals.pro",
    "backend4.pulsevisuals.pro",
    "freak.pulsevisuals.pro",
    "freak2.pulsevisuals.pro",
    "freak3.pulsevisuals.pro",
}

var (
    exeDir    string
    caCert    *x509.Certificate
    caKey     *rsa.PrivateKey
    certCache sync.Map
)

var upstreamTransport = &http.Transport{
    TLSClientConfig: &tls.Config{InsecureSkipVerify: true},
}

func init() {
    exe, _ := os.Executable()
    exeDir = filepath.Dir(exe)
}

func rc4Crypt(data []byte, key string) []byte {
    k := []byte(key)
    s := make([]byte, 256)
    for i := range s {
        s[i] = byte(i)
    }
    j := byte(0)
    for i := 0; i < 256; i++ {
        j = j + s[i] + k[i%len(k)]
        s[i], s[j] = s[j], s[i]
    }
    out := make([]byte, len(data))
    ii, jj := byte(0), byte(0)
    for pos, b := range data {
        ii++
        jj = jj + s[ii]
        s[ii], s[jj] = s[jj], s[ii]
        out[pos] = b ^ s[s[ii]+s[jj]]
    }
    return out
}

func isPulseHost(urlStr string) bool {
    for _, h := range pulseHosts {
        if strings.Contains(urlStr, h) {
            return true
        }
    }
    return false
}

func isSSERequest(url string, method string) bool {
    return strings.Contains(url, "realtime") && method == "GET"
}

func newUUID() string {
    b := make([]byte, 16)
    rand.Read(b)
    b[6] = (b[6] & 0x0f) | 0x40
    b[8] = (b[8] & 0x3f) | 0x80
    return fmt.Sprintf("%08x-%04x-%04x-%04x-%012x", b[:4], b[4:6], b[6:8], b[8:10], b[10:])
}

func encryptPulse(data map[string]interface{}) []byte {
    b, _ := json.Marshal(data)
    return rc4Crypt(b, rc4KeyStr)
}

func makeRawResponse(code int, body []byte) *http.Response {
    r := &http.Response{
        Status:        fmt.Sprintf("%d %s", code, http.StatusText(code)),
        StatusCode:    code,
        Proto:         "HTTP/1.1",
        ProtoMajor:    1,
        ProtoMinor:    1,
        Header:        make(http.Header),
        Body:          io.NopCloser(bytes.NewReader(body)),
        ContentLength: int64(len(body)),
    }
    r.Header.Set("Content-Type", "application/octet-stream")
    r.Header.Set("Content-Length", fmt.Sprintf("%d", len(body)))
    return r
}

func loadOrGenCA() error {
    crtPath := filepath.Join(exeDir, "ca.crt")
    keyPath := filepath.Join(exeDir, "ca.key")

    crtPEM, err1 := os.ReadFile(crtPath)
    keyPEM, err2 := os.ReadFile(keyPath)
    if err1 == nil && err2 == nil {
        block, _ := pem.Decode(crtPEM)
        cert, e1 := x509.ParseCertificate(block.Bytes)
        block2, _ := pem.Decode(keyPEM)
        key, e2 := x509.ParsePKCS1PrivateKey(block2.Bytes)
        if e1 == nil && e2 == nil {
            caCert = cert
            caKey = key
            fmt.Println("[for yougame] ca loaded:", crtPath)
            return nil
        }
    }

    fmt.Println("[for yougame] generating certificate...")
    key, err := rsa.GenerateKey(rand.Reader, 2048)
    if err != nil {
        return err
    }
    serial, _ := rand.Int(rand.Reader, new(big.Int).Lsh(big.NewInt(1), 128))
    tmpl := &x509.Certificate{
        SerialNumber:          serial,
        Subject:               pkix.Name{CommonName: "PulseCrack CA", Organization: []string{"PulseCrack"}},
        NotBefore:             time.Now().Add(-24 * time.Hour),
        NotAfter:              time.Now().Add(10 * 365 * 24 * time.Hour),
        IsCA:                  true,
        KeyUsage:              x509.KeyUsageCertSign | x509.KeyUsageCRLSign,
        BasicConstraintsValid: true,
    }
    der, err := x509.CreateCertificate(rand.Reader, tmpl, tmpl, &key.PublicKey, key)
    if err != nil {
        return err
    }
    cert, _ := x509.ParseCertificate(der)
    caCert = cert
    caKey = key

    os.WriteFile(crtPath, pem.EncodeToMemory(&pem.Block{Type: "CERTIFICATE", Bytes: der}), 0644)
    os.WriteFile(keyPath, pem.EncodeToMemory(&pem.Block{Type: "RSA PRIVATE KEY", Bytes: x509.MarshalPKCS1PrivateKey(key)}), 0600)
    fmt.Println("[for yougame] ca saved. ca.crt will be imported when you run launcher.exe")
    return nil
}

func getCertForHost(host string) (*tls.Certificate, error) {
    host = strings.TrimSpace(host)
    if host == "" {
        return nil, fmt.Errorf("empty host")
    }
    if v, ok := certCache.Load(host); ok {
        return v.(*tls.Certificate), nil
    }
    key, err := rsa.GenerateKey(rand.Reader, 2048)
    if err != nil {
        return nil, err
    }
    serial, _ := rand.Int(rand.Reader, new(big.Int).Lsh(big.NewInt(1), 128))
    tmpl := &x509.Certificate{
        SerialNumber: serial,
        Subject:      pkix.Name{CommonName: host},
        NotBefore:    time.Now().Add(-24 * time.Hour),
        NotAfter:     time.Now().Add(365 * 24 * time.Hour),
        KeyUsage:     x509.KeyUsageDigitalSignature,
        ExtKeyUsage:  []x509.ExtKeyUsage{x509.ExtKeyUsageServerAuth},
    }
    if ip := net.ParseIP(host); ip != nil {
        tmpl.IPAddresses = []net.IP{ip}
    } else {
        tmpl.DNSNames = []string{host}
    }
    der, err := x509.CreateCertificate(rand.Reader, tmpl, caCert, &key.PublicKey, caKey)
    if err != nil {
        return nil, err
    }
    tlsCert := &tls.Certificate{Certificate: [][]byte{der}, PrivateKey: key}
    certCache.Store(host, tlsCert)
    return tlsCert, nil
}

func normalizeConnectTarget(rawHost string) (addr string, hostname string, err error) {
    host := strings.TrimSpace(rawHost)
    if host == "" {
        return "", "", fmt.Errorf("empty CONNECT host")
    }

    switch strings.Count(host, ":") {
    case 0:
        return net.JoinHostPort(host, "443"), host, nil
    case 1:
        h, p, splitErr := net.SplitHostPort(host)
        if splitErr != nil {
            return "", "", fmt.Errorf("invalid CONNECT host %q: %w", rawHost, splitErr)
        }
        if h == "" {
            return "", "", fmt.Errorf("invalid CONNECT host %q", rawHost)
        }
        if p == "" {
            p = "443"
        }
        return net.JoinHostPort(h, p), h, nil
    default:
        // Bare IPv6 literals can be sent without [] and without explicit port.
        if strings.HasPrefix(host, "[") {
            h, p, splitErr := net.SplitHostPort(host)
            if splitErr == nil {
                if p == "" {
                    p = "443"
                }
                return net.JoinHostPort(h, p), h, nil
            }
            if strings.HasSuffix(host, "]") {
                trimmed := strings.TrimSuffix(strings.TrimPrefix(host, "["), "]")
                if trimmed != "" {
                    return net.JoinHostPort(trimmed, "443"), trimmed, nil
                }
            }
            return "", "", fmt.Errorf("invalid CONNECT host %q: %w", rawHost, splitErr)
        }
        return net.JoinHostPort(host, "443"), host, nil
    }
}

func startDirectTLS() {
    tlsCfg := &tls.Config{
        GetCertificate: func(hello *tls.ClientHelloInfo) (*tls.Certificate, error) {
            fmt.Println("[for yougame] TLS hello from:", hello.ServerName)
            return getCertForHost(hello.ServerName)
        },
    }
    ln, err := tls.Listen("tcp", ":443", tlsCfg)
    if err != nil {
        fmt.Println("[for yougame] failed to listen on :443:", err)
        return
    }
    fmt.Println("[for yougame] direct TLS listener on :443")
    for {
        conn, err := ln.Accept()
        if err != nil {
            continue
        }
        fmt.Println("[for yougame] incoming connection")
        go handleDirectConn(conn.(*tls.Conn))
    }
}

func handleDirectConn(conn *tls.Conn) {
    defer conn.Close()
    if err := conn.Handshake(); err != nil {
        return
    }
    br := bufio.NewReader(conn)
    for {
        req, err := http.ReadRequest(br)
        if err != nil {
            break
        }
        req.URL.Scheme = "https"
        req.URL.Host = conn.ConnectionState().ServerName

        fmt.Printf("[for yougame] %s %s\n", req.Method, req.URL.String())

        if isSSERequest(req.URL.String(), req.Method) {
            serveSSETunnel(conn)
            return
        }

        if fake := interceptRequest(req); fake != nil {
            var buf bytes.Buffer
            io.Copy(&buf, fake.Body)
            writeHTTPResponse(conn, fake.StatusCode, fake.Header, buf.Bytes())
            continue
        }

        writeHTTPResponse(conn, 200, make(http.Header), encryptPulse(map[string]interface{}{"success": true}))
    }
}

func startDirectTCP() {
    ln, err := net.Listen("tcp", ":443")
    if err != nil {
        fmt.Println("[for yougame] failed to listen on :443:", err)
        return
    }
    for {
        conn, err := ln.Accept()
        if err != nil {
            continue
        }
        go handleRawConn(conn)
    }
}

func handleRawConn(conn net.Conn) {
    defer conn.Close()

    peek := make([]byte, 1)
    conn.SetReadDeadline(time.Now().Add(3 * time.Second))
    _, err := io.ReadFull(conn, peek)
    conn.SetReadDeadline(time.Time{})
    if err != nil {
        return
    }

    if peek[0] == 0x16 {
        pc := io.MultiReader(bytes.NewReader(peek), conn)
        tlsConn := tls.Server(&connWithReader{Conn: conn, r: pc}, &tls.Config{
            GetCertificate: func(hello *tls.ClientHelloInfo) (*tls.Certificate, error) {
                fmt.Println("[for yougame] sni:", hello.ServerName)
                return getCertForHost(hello.ServerName)
            },
        })
        if err := tlsConn.Handshake(); err != nil {
            fmt.Println("[for yougame] handshake failed:", err)
            return
        }
        defer tlsConn.Close()
        br := bufio.NewReader(tlsConn)
        for {
            req, err := http.ReadRequest(br)
            if err != nil {
                break
            }
            req.URL.Scheme = "https"
            req.URL.Host = tlsConn.ConnectionState().ServerName
            fmt.Printf("[for yougame] %s %s\n", req.Method, req.URL.String())
            if isSSERequest(req.URL.String(), req.Method) {
                serveSSETunnel(tlsConn)
                return
            }
            if fake := interceptRequest(req); fake != nil {
                var buf bytes.Buffer
                io.Copy(&buf, fake.Body)
                writeHTTPResponse(tlsConn, fake.StatusCode, fake.Header, buf.Bytes())
            } else {
                body := encryptPulse(map[string]interface{}{"success": true, "authorized": true, "user_id": spoofUserID})
                hdr := make(http.Header)
                hdr.Set("Content-Type", "application/octet-stream")
                writeHTTPResponse(tlsConn, 200, hdr, body)
            }
        }
    } else {
        conn.SetReadDeadline(time.Now().Add(2 * time.Second))
        conn.SetReadDeadline(time.Time{})
        body := encryptPulse(map[string]interface{}{"success": true, "authorized": true, "user_id": spoofUserID})
        conn.Write(body)
    }
}

type connWithReader struct {
    net.Conn
    r io.Reader
}

func (c *connWithReader) Read(b []byte) (int, error) {
    return c.r.Read(b)
}

func interceptRequest(req *http.Request) *http.Response {
    url := req.URL.String()
    if isPulseHost(url) {
        fmt.Printf("[for yougame] %s %s\n", req.Method, url)
    }
    if !isPulseHost(url) {
        return nil
    }
    if strings.Contains(url, "authorize-token") {
        body := encryptPulse(map[string]interface{}{
            "user_id":    spoofUserID,
            "name":       spoofName,
            "session_id": newUUID(),
        })
        fmt.Printf("[for yougame] authorize-token => user_id=%d name=%q\n", spoofUserID, spoofName)
        return makeRawResponse(200, body)
    }
    if strings.Contains(url, "check-version") {
        body := encryptPulse(map[string]interface{}{
            "valid": true, "outdated": false,
            "needsUpdate": false, "update_available": false,
        })
        fmt.Println("[for yougame] check-version → OK")
        return makeRawResponse(200, body)
    }
    if strings.Contains(url, "/api/v1/config") {
        body := encryptPulse(map[string]interface{}{
            "success": true,
            "configs": []interface{}{},
        })
        return makeRawResponse(200, body)
    }
    if strings.Contains(url, "realtime/check-player") || strings.Contains(url, "realtime/server-update") {
        body := encryptPulse(map[string]interface{}{"success": true})
        return makeRawResponse(200, body)
    }
    for _, h := range []string{"freak.pulsevisuals.pro", "freak2.pulsevisuals.pro", "freak3.pulsevisuals.pro"} {
        if strings.Contains(url, h) {
            fmt.Printf("[for yougame] freak catch-all: %s %s\n", req.Method, url)
            body := encryptPulse(map[string]interface{}{
                "success":    true,
                "authorized": true,
                "user_id":    spoofUserID,
            })
            return makeRawResponse(200, body)
        }
    }
    return nil
}

func serveSSETunnel(conn io.Writer) {
    header := "HTTP/1.1 200 OK\r\n" +
        "Content-Type: text/event-stream\r\n" +
        "Cache-Control: no-cache\r\n" +
        "X-Accel-Buffering: no\r\n" +
        "\r\n"
    if _, err := io.WriteString(conn, header); err != nil {
        return
    }
    io.WriteString(conn, "data: {\"authorized\":true,\"user_id\":1337}\n\n")
    ticker := time.NewTicker(20 * time.Second)
    defer ticker.Stop()
    for range ticker.C {
        if _, err := io.WriteString(conn, ": heartbeat\n\n"); err != nil {
            return
        }
    }
}

func spoofHWIDInReq(req *http.Request) {
    if !isPulseHost(req.URL.String()) || req.Body == nil {
        return
    }
    ct := strings.ToLower(req.Header.Get("Content-Type"))
    if ct != "" && !strings.Contains(ct, "application/octet-stream") {
        return
    }
    raw, err := io.ReadAll(req.Body)
    req.Body.Close()
    if err != nil || len(raw) == 0 {
        req.Body = io.NopCloser(bytes.NewReader(raw))
        return
    }
    dec := rc4Crypt(raw, rc4KeyStr)
    var data map[string]interface{}
    if err := json.Unmarshal(dec, &data); err != nil {
        req.Body = io.NopCloser(bytes.NewReader(raw))
        return
    }
    if _, ok := data["hwid"]; !ok {
        req.Body = io.NopCloser(bytes.NewReader(raw))
        return
    }
    data["hwid"] = spoofHWID
    newJSON, _ := json.Marshal(data)
    newBody := rc4Crypt(newJSON, rc4KeyStr)
    req.Body = io.NopCloser(bytes.NewReader(newBody))
    req.ContentLength = int64(len(newBody))
    fmt.Println("[for yougame] hwid ->", spoofHWID)
}

func patchResponse(req *http.Request, resp *http.Response) {
    url := req.URL.String()
    if !isPulseHost(url) || resp == nil {
        return
    }
    if !strings.Contains(url, "authorize-token") && !strings.Contains(url, "check-version") {
        return
    }
    raw, err := io.ReadAll(resp.Body)
    resp.Body.Close()
    if err != nil || len(raw) == 0 {
        resp.Body = io.NopCloser(bytes.NewReader(raw))
        return
    }
    dec := rc4Crypt(raw, rc4KeyStr)
    var data map[string]interface{}
    if err := json.Unmarshal(dec, &data); err != nil {
        resp.Body = io.NopCloser(bytes.NewReader(raw))
        return
    }
    if strings.Contains(url, "authorize-token") {
        data["user_id"] = spoofUserID
        data["name"] = spoofName
        data["session_id"] = newUUID()
        resp.StatusCode = 200
    } else {
        for k := range data {
            kl := strings.ToLower(k)
            if _, isBool := data[k].(bool); isBool {
                if strings.Contains(kl, "valid") || strings.Contains(kl, "outdated") || strings.Contains(kl, "update") {
                    data[k] = strings.Contains(kl, "valid") && !strings.Contains(kl, "invalid")
                }
            }
        }
    }
    newBody := encryptPulse(data)
    resp.Body = io.NopCloser(bytes.NewReader(newBody))
    resp.ContentLength = int64(len(newBody))
    resp.Header.Set("Content-Length", fmt.Sprintf("%d", len(newBody)))
}

func cacheInitResponse(req *http.Request, resp *http.Response) {
    if !isPulseHost(req.URL.String()) || !strings.Contains(req.URL.String(), "protection/initialize") {
        return
    }
    raw, err := io.ReadAll(resp.Body)
    resp.Body.Close()
    if err != nil || len(raw) == 0 {
        resp.Body = io.NopCloser(bytes.NewReader(raw))
        return
    }
    dir := filepath.Join(exeDir, "init_cache")
    os.MkdirAll(dir, 0755)
    os.WriteFile(filepath.Join(dir, "initialize_response.bin"), raw, 0644)
    resp.Body = io.NopCloser(bytes.NewReader(raw))
}

func copyHeaders(dst, src http.Header) {
    for k, vals := range src {
        for _, v := range vals {
            dst.Add(k, v)
        }
    }
}

func shouldSkipResponseHeader(name string) bool {
    switch strings.ToLower(name) {
    case "connection", "proxy-connection", "keep-alive", "proxy-authenticate", "proxy-authorization",
        "te", "trailer", "transfer-encoding", "upgrade", "content-length":
        return true
    default:
        return false
    }
}

func writeHTTPResponse(conn interface{ Write([]byte) (int, error) }, code int, header http.Header, body []byte) {
    fmt.Fprintf(conn, "HTTP/1.1 %d %s\r\n", code, http.StatusText(code))
    for k, vals := range header {
        if shouldSkipResponseHeader(k) {
            continue
        }
        for _, v := range vals {
            fmt.Fprintf(conn, "%s: %s\r\n", k, v)
        }
    }
    fmt.Fprintf(conn, "Content-Length: %d\r\nConnection: close\r\n\r\n", len(body))
    conn.Write(body)
}

type proxy struct{}

func (p *proxy) ServeHTTP(w http.ResponseWriter, r *http.Request) {
    if r.Method == http.MethodConnect {
        p.handleConnect(w, r)
    } else {
        p.handlePlain(w, r)
    }
}

func (p *proxy) handlePlain(w http.ResponseWriter, r *http.Request) {
    r.RequestURI = ""
    if fake := interceptRequest(r); fake != nil {
        copyHeaders(w.Header(), fake.Header)
        w.WriteHeader(fake.StatusCode)
        io.Copy(w, fake.Body)
        return
    }
    spoofHWIDInReq(r)
    resp, err := upstreamTransport.RoundTrip(r)
    if err != nil {
        http.Error(w, "upstream: "+err.Error(), 502)
        return
    }
    defer resp.Body.Close()
    cacheInitResponse(r, resp)
    patchResponse(r, resp)
    copyHeaders(w.Header(), resp.Header)
    w.WriteHeader(resp.StatusCode)
    io.Copy(w, resp.Body)
}

func (p *proxy) handleConnect(w http.ResponseWriter, r *http.Request) {
    host, hostname, err := normalizeConnectTarget(r.Host)
    if err != nil {
        http.Error(w, "bad CONNECT host: "+err.Error(), http.StatusBadRequest)
        return
    }

    cert, err := getCertForHost(hostname)
    if err != nil {
        http.Error(w, "cert: "+err.Error(), http.StatusBadGateway)
        return
    }

    hj, ok := w.(http.Hijacker)
    if !ok {
        http.Error(w, "hijack not supported", 500)
        return
    }
    clientConn, rw, err := hj.Hijack()
    if err != nil {
        return
    }
    defer clientConn.Close()

    if _, err := rw.WriteString("HTTP/1.1 200 Connection Established\r\nProxy-Agent: pulseCrack\r\n\r\n"); err != nil {
        return
    }
    if err := rw.Flush(); err != nil {
        return
    }

    var tlsConnBase net.Conn = clientConn
    if rw.Reader.Buffered() > 0 {
        buf, _ := rw.Reader.Peek(rw.Reader.Buffered())
        tlsConnBase = &connWithReader{
            Conn: clientConn,
            r:    io.MultiReader(bytes.NewReader(buf), clientConn),
        }
    }

    tlsClient := tls.Server(tlsConnBase, &tls.Config{Certificates: []tls.Certificate{*cert}})
    if err := tlsClient.Handshake(); err != nil {
        return
    }
    defer tlsClient.Close()

    br := bufio.NewReader(tlsClient)
    for {
        req, err := http.ReadRequest(br)
        if err != nil {
            return
        }
        req.URL.Scheme = "https"
        req.URL.Host = host

        if isSSERequest(req.URL.String(), req.Method) {
            serveSSETunnel(tlsClient)
            return
        }

        var bodyBuf bytes.Buffer
        code := 200
        hdr := make(http.Header)

        if fake := interceptRequest(req); fake != nil {
            code = fake.StatusCode
            copyHeaders(hdr, fake.Header)
            io.Copy(&bodyBuf, fake.Body)
            fake.Body.Close()
        } else {
            spoofHWIDInReq(req)
            req.RequestURI = ""
            upstream, err := upstreamTransport.RoundTrip(req)
            if err != nil {
                errBody := []byte("upstream: " + err.Error())
                hdr.Set("Content-Type", "text/plain; charset=utf-8")
                writeHTTPResponse(tlsClient, http.StatusBadGateway, hdr, errBody)
                return
            }
            cacheInitResponse(req, upstream)
            patchResponse(req, upstream)
            code = upstream.StatusCode
            copyHeaders(hdr, upstream.Header)
            io.Copy(&bodyBuf, upstream.Body)
            upstream.Body.Close()
        }

        writeHTTPResponse(tlsClient, code, hdr, bodyBuf.Bytes())
    }
}

func ensureHosts() {
    hostsPath := `C:\Windows\System32\drivers\etc\hosts`
    entries := []string{
        "freak.pulsevisuals.pro",
        "freak2.pulsevisuals.pro",
        "freak3.pulsevisuals.pro",
    }

    data, _ := os.ReadFile(hostsPath)
    content := string(data)
    changed := false

    for _, host := range entries {
        line := "127.0.0.1 " + host
        if !strings.Contains(content, host) {
            content += "\n" + line
            changed = true
        } else {
        }
    }

    if !changed {
        return
    }

    tmp := os.TempDir() + `\hosts.tmp`
    os.WriteFile(tmp, []byte(content), 0644)

    script := fmt.Sprintf(`Copy-Item -Path '%s' -Destination '%s' -Force`, tmp, hostsPath)
    out, err := exec.Command("powershell", "-NoProfile", "-Command", script).CombinedOutput()
    if err != nil {
        fmt.Println("[for yougame] hosts write failed:", string(out))
        return
    }
    os.Remove(tmp)
    exec.Command("ipconfig", "/flushdns").Run()
    fmt.Println("[for yougame] hosts updated, dns flushed")
}

func printCentered(text string) {
    width := getConsoleWidth()
    if width <= 0 {
        width = 120
    }

    padding := (width - len(text)) / 2
    if padding < 0 {
        padding = 0
    }

    fmt.Printf("%s%s\n", strings.Repeat(" ", padding), text)
}

func getConsoleWidth() int {
    const stdOutputHandle uintptr = ^uintptr(10) // (DWORD)-11

    kernel32 := syscall.NewLazyDLL("kernel32.dll")
    getStdHandle := kernel32.NewProc("GetStdHandle")
    getConsoleScreenBufferInfo := kernel32.NewProc("GetConsoleScreenBufferInfo")

    var info struct {
        Size              struct{ X, Y int16 }
        CursorPosition    struct{ X, Y int16 }
        Attributes        uint16
        Window            struct{ Left, Top, Right, Bottom int16 }
        MaximumWindowSize struct{ X, Y int16 }
    }

    handle, _, _ := getStdHandle.Call(stdOutputHandle)
    if handle == 0 {
        return 0
    }

    ret, _, _ := getConsoleScreenBufferInfo.Call(
        handle,
        uintptr(unsafe.Pointer(&info)),
    )
    if ret == 0 {
        return 0
    }

    return int(info.Window.Right - info.Window.Left + 1)
}

func printCredits() {
    fmt.Println()
    printCentered("cracked by")
    printCentered("zeru")
    printCentered("Eketarina.dll")
    printCentered("Ratnikov")
    printCentered("t.me/skatcompany")
    fmt.Println()
    printCentered("Flerni sorry <3")
    fmt.Println("\n")
}

func listenProxy() (net.Listener, string, error) {
    for _, p := range listenFallbackPorts {
        addr := net.JoinHostPort(listenHost, p)
        ln, err := net.Listen("tcp", addr)
        if err == nil {
            return ln, p, nil
        }
    }
    return nil, "", fmt.Errorf("all proxy ports are busy")
}

func main() {
    printCredits()
    go startDirectTCP()
    ensureHosts()
    if err := loadOrGenCA(); err != nil {
        fmt.Println("[for yougame] init error:", err)
        os.Exit(1)
    }
    ln, _, err := listenProxy()
    if err != nil {
        fmt.Println("[for yougame] fatal:", err)
        os.Exit(1)
    }
    srv := &http.Server{
        Handler: &proxy{},
    }
    if err := srv.Serve(ln); err != nil {
        fmt.Println("[for yougame] fatal:", err)
        os.Exit(1)
    }
}

go.mod:


Код:
Expand Collapse Copy 
module spoofer

go 1.21
Нажмите для раскрытия...
ЕБАТЬ ЛЕВ
 

Похожие темы

des1ght_1
Часть функционала IRC | Vesence or exp 3.1 ready
2 3
Ответы
40
Просмотры
3K
Crashdami
Crashdami
lvrulelvrule
Исходник Parser Funtime Mineflayer 1.20.1 JS
Ответы
7
Просмотры
892
lvrulelvrule
lvrulelvrule
ZloyVanek
Часть функционала IRC | evaware v3
2
Ответы
20
Просмотры
1K
Angelwingsov
Angelwingsov
S
Гайд Пишем простую админ-панель для вашего чита на Go #1 | Архитектура, БД, Авторизация
Ответы
4
Просмотры
1K
shineus
S
lvrulelvrule
Прочее Minebot | Бот шахтер | Не супер умный | mineflayer
2
Ответы
22
Просмотры
3K
maskgan
maskgan
Немного о главном
Полезные мелочи
О нас

Проект предоставляет различный материал, относящийся к сфере киберспорта, программирования, ПО для игр, а также позволяет его участникам общаться на многие другие темы. Почта для жалоб: admin@yougame.biz

Поделиться страницей
Назад
Сверху Снизу