├── README.md ├── cloudflare.py └── bulk_cf_account.py /README.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/leadscloud/cloudflare/HEAD/README.md -------------------------------------------------------------------------------- /cloudflare.py: -------------------------------------------------------------------------------- 1 | import requests 2 | import json 3 | import datetime 4 | 5 | ''' 6 | https://api.cloudflare.com/# 7 | ''' 8 | 9 | 10 | class CloudFlare(object): 11 | def __init__(self, email, token): 12 | self.EMAIL = email 13 | self.TOKEN = token 14 | self.headers = {"X-Auth-Email": email, "X-Auth-Key": token, "Content-Type": "application/json"} 15 | self.s = requests.session() 16 | 17 | class APIError(Exception): 18 | def __init__(self, value): 19 | self.value = value 20 | def __str__(self): 21 | return self.value 22 | 23 | def api_call(self, method, endpoint, params=None): 24 | url = 'https://api.cloudflare.com/client/v4/' + endpoint 25 | method = method.lower() 26 | requests_method = getattr(self.s, method) 27 | response = requests_method(url, headers=self.headers, data=json.dumps(params) if params else None) 28 | data = response.text 29 | try: 30 | data = json.loads(data) 31 | except ValueError: 32 | raise self.APIError('JSON parse failed.') 33 | if data['result'] == 'error': 34 | raise self.APIError(data['msg']) 35 | return data 36 | 37 | def get(self, zone_id='', endpoint='', params=None): 38 | return self.api_call('GET', 'zones/' + zone_id + '/' + endpoint, params) 39 | 40 | def post(self, zone_id='', endpoint='', params=None): 41 | return self.api_call('POST', 'zones/' + zone_id + '/' + endpoint, params) 42 | 43 | def put(self, zone_id='', endpoint='', params=None): 44 | return self.api_call('PUT', 'zones/' + zone_id + '/' + endpoint, params) 45 | 46 | def delete(self, zone_id='', endpoint='', params=None): 47 | return self.api_call('DELETE', 'zones/' + zone_id + '/' + endpoint, params) 48 | 49 | def create_zones(self, z): 50 | data = { 51 | "name": z, 52 | "jump_start": False 53 | } 54 | return self.post(params=data) 55 | 56 | def delete_zones(self, zone_id): 57 | return self.delete(zone_id=zone_id) 58 | 59 | def list_zones(self): 60 | return self.get() 61 | 62 | def get_zone_by_name(self, z): 63 | data = self.list_zones() 64 | for item in data['result']: 65 | if z.strip() == item['name']: 66 | return item 67 | 68 | def get_zone_id(self, name): 69 | zone = self.get_zone_by_name(name) 70 | return zone['id'] 71 | 72 | def rec_new(self, zone, _type, name, content, proxied=True, ttl=120): 73 | zone_id = self.get_zone_id(zone) 74 | data = { 75 | "type": _type, 76 | "name": name, 77 | "content": content, 78 | "proxiable": True, 79 | "proxied": proxied, 80 | "ttl": ttl 81 | } 82 | return self.post(zone_id, 'dns_records', data) 83 | 84 | def get_dns(self, z, name): 85 | # zone_id = self.get_zone_id(z) 86 | recs = self.rec_list(z) 87 | for dns in recs['result']: 88 | if dns['name'] == name if name == z else name + "." + z: 89 | return dns 90 | 91 | def rec_list(self, z): 92 | _id = self.get_zone_id(z) 93 | return self.get(_id, 'dns_records') 94 | 95 | def rec_detail(self, z, name): 96 | dns = self.get_dns(z, name) 97 | return self.get(dns['zone_id'], 'dns_records/' + dns['id']) 98 | 99 | def rec_delete(self, z): 100 | _id = self.get_zone_id(z) 101 | return self.delete(_id, 'dns_records/' + _id) 102 | 103 | def rec_edit(self, z, _type, name, content, proxied=True, ttl=120): 104 | dns = self.get_dns(z, name) 105 | data = { 106 | "id": dns['id'], 107 | "type": _type, 108 | "name": name, 109 | "content": content, 110 | "proxiable": True, 111 | "proxied": proxied, 112 | "ttl": ttl, 113 | "locked": False, 114 | "zone_id": dns['zone_id'], 115 | "zone_name": z 116 | } 117 | return self.put(dns['zone_id'], 'dns_records/' + dns['id'], data) 118 | 119 | 120 | if __name__ == '__main__': 121 | domain = 'roadheadersforsale.com' 122 | ip = '45.55.11.23' 123 | cfapi = CloudFlare('brickell7342@lanthy.com', '71a97bbd95e40128e0fc139ccb') 124 | result = cfapi.create_zones(domain) 125 | result = cfapi.list_zones() 126 | # print(result) 127 | # result = cfapi.delete_zones('67426de7c48a62608479390faa') 128 | # print(result) 129 | result = cfapi.rec_new(domain, 'A', '@', ip) 130 | result = cfapi.rec_new(domain, 'A', 'www', ip) 131 | # result = cfapi.rec_edit('roadheadersforsale.org', 'A', 'en', '45.55.11.23') 132 | # result = cfapi.rec_list('grindingmill.org') 133 | print(result) 134 | -------------------------------------------------------------------------------- /bulk_cf_account.py: -------------------------------------------------------------------------------- 1 | #!/usr/bin/env python3 2 | # -*- coding: utf-8 -*- 3 | import requests 4 | import json 5 | import re 6 | import random 7 | import string 8 | import time 9 | 10 | TIMEOUT = 30 11 | DOMAINS = ['sparkeducationgroup.in', 'asbl-cab.org', 'callcentercollege.in', 'sjmhospital.in', 'morningwalkerindia.co.in', 'progresshighschool.co.in', 'taw.org.in', 'hotelturmot.com', 'garant-moebel-group.asia', 'southdelhidentist.co.in', 'wiremach.in', 'geoplanet.co.in', 'aitc.org.in', 'habitatcorporate.in', 'visionaviationacademy.in'] 12 | SAVE_FILE = 'cf_accounts_by_lanthy_at_20171207.txt' 13 | HTTP_PROXY="http://192.168.10.220:1080" 14 | 15 | def create_cf_account(email, password): 16 | create_url = 'https://www.cloudflare.com/api/v4/user/create' 17 | 18 | headers = { 19 | "Content-Type": "application/json", 20 | "x-requested-with": "XMLHttpRequest", 21 | # "x-newrelic-id:": "XAUOVFRRGwcJVlRQBAA=", 22 | "referer": "https://www.cloudflare.com/a/sign-up", 23 | # ":scheme": "https", 24 | # ":path": "/api/v4/user/create", 25 | # ":method": "POST", 26 | # ":authority": "www.cloudflare.com", 27 | "accept": "application/json, text/javascript, */*; q=0.01", 28 | "user-agent": "Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/49.0.2623.112 Safari/537.36", 29 | } 30 | s = requests.session() 31 | # s.proxies = { 32 | # 'http': 'http://127.0.0.1:8118' 33 | # } 34 | # print("requests") 35 | # r = s.get('http://www.google.com', timeout=TIMEOUT, proxies={'http': HTTP_PROXY}) 36 | # print(r.headers) 37 | r = s.get('https://www.cloudflare.com/a/sign-up', timeout=TIMEOUT, proxies={'https': HTTP_PROXY}) 38 | # print(r.text) 39 | 40 | security_token = re.search('security_token":"(.+?)"', r.text).group(1) 41 | 42 | params = { 43 | "email": email, 44 | "first_name": "", 45 | "last_name": "", 46 | "telephone": "", 47 | "country": "", 48 | "zipcode": "", 49 | "two_factor_authentication_enabled": False, 50 | "created_on": None, 51 | "modified_on": None, 52 | "betas": [], 53 | "ui_preferences": {}, 54 | "enterprise_zone_quota": { 55 | "maximum": 0, 56 | "current": 0, 57 | "available": 0 58 | }, 59 | "email_confirm": email, 60 | "password": password, 61 | "password_confirm": password, 62 | "security_token": security_token, 63 | "referral_code": "" 64 | } 65 | 66 | ''' 67 | {"result":{"id":"e6ecf1375bc9f2cbda47d337032","email":"hatu2@gmail.com","username":"125b9319c8c5e99bfbe4e8142c0","first_name":null,"last_name":null,"telephone":null,"country":null,"zipcode":null,"two_factor_authentication_enabled":false,"two_factor_authentication_locked":false,"created_on":"2016-04-13T04:23:36.810824Z","modified_on":"2016-04-13T04:23:36.810824Z","organizations":null,"has_pro_zones":false,"has_business_zones":false,"has_enterprise_zones":false},"success":true,"errors":[],"messages":[]} 68 | ''' 69 | r = s.post(create_url, headers=headers, data=json.dumps(params), timeout=TIMEOUT, proxies={'https': HTTP_PROXY}) 70 | result = r.json() 71 | try: 72 | api_key = get_api_key(s) 73 | except Exception as e: 74 | api_key = None 75 | 76 | try: 77 | name_servers = get_name_servers_by_api(email, api_key)["result"]["name_servers"] 78 | except: 79 | name_servers = ["", ""] 80 | result['api_key'] = api_key 81 | result['name_servers'] = name_servers 82 | 83 | return result 84 | 85 | 86 | def get_api_key(s): 87 | r = s.get('https://www.cloudflare.com/a/account/my-account', timeout=TIMEOUT, proxies={'https': HTTP_PROXY}) 88 | atok = re.search('"atok":"(.+?)"', r.text).group(1) 89 | # print(atok) 90 | # to get api key 91 | api_headers = { 92 | "Content-Type": "application/json", 93 | "x-requested-with": "XMLHttpRequest", 94 | # "x-newrelic-id:": "XAUOVFRRGwcJVlRQBAA=", 95 | "referer": "https://www.cloudflare.com/a/account/my-account", 96 | # ":scheme": "https", 97 | # ":path": "/api/v4/user/api_key", 98 | # ":method": "GET", 99 | # ":authority": "www.cloudflare.com", 100 | "accept": "application/json, text/javascript, */*; q=0.01", 101 | "user-agent": "Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/49.0.2623.112 Safari/537.36", 102 | "x-atok": atok 103 | } 104 | api = s.get('https://www.cloudflare.com/api/v4/user/api_key', headers=api_headers, timeout=TIMEOUT, proxies={'https': HTTP_PROXY}) 105 | # try: 106 | # names_servers = get_name_servers(s, atok) 107 | # except Exception as e: 108 | # names_servers = ["", ""] 109 | if api.json()["success"] is True: 110 | return api.json()["result"]["api_key"] 111 | return False 112 | 113 | def get_name_servers(s, atok): 114 | headers = { 115 | "Content-Type": "application/json", 116 | "x-requested-with": "XMLHttpRequest", 117 | "x-newrelic-id:": "XAUOVFRRGwcJVlRQBAA=", 118 | "referer": "https://www.cloudflare.com/a/setup/sbmchina.com/scan", 119 | ":scheme": "https", 120 | ":path": "/api/v4/zones", 121 | ":method": "POST", 122 | ":authority": "www.cloudflare.com", 123 | "accept": "application/json, text/javascript, */*; q=0.01", 124 | "user-agent": "Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/49.0.2623.112 Safari/537.36", 125 | "x-atok": atok 126 | } 127 | params = { 128 | "name": "example.com", 129 | "jump_start": False, 130 | "status": "initializing", 131 | "type": "full", 132 | "paused": False, 133 | "meta": {}, 134 | "betas": [], 135 | "owner": {}, 136 | "development_mode": False, 137 | # "created_on": "2016-04-13T06:34:45.156Z", 138 | # "modified_on": None 139 | } 140 | r = s.post('https://www.cloudflare.com/api/v4/zones', headers=headers, data=json.dumps(params), timeout=TIMEOUT, proxies={'https': HTTP_PROXY}) 141 | return r.json()["result"]["name_servers"] 142 | 143 | 144 | def get_name_servers_by_api(email, api_key): 145 | headers = { 146 | "X-Auth-Email": email, 147 | "X-Auth-Key": api_key, 148 | "Content-Type": "application/json" 149 | } 150 | params = { 151 | "name": '{}'.format(random.choice(DOMAINS)), 152 | "jump_start": False 153 | } 154 | r = requests.post('https://api.cloudflare.com/client/v4/zones', headers=headers, data=json.dumps(params), timeout=TIMEOUT, proxies={'https': HTTP_PROXY}) 155 | # print(r.text) 156 | return r.json() 157 | 158 | def generate_email(length): 159 | import names 160 | def get_random_domain(domains): 161 | return random.choice(domains) 162 | 163 | def get_random_name(length): 164 | first_name = names.get_first_name().lower() 165 | last_name = names.get_last_name().lower() 166 | full_name = "_".join(names.get_full_name().split(" ")).lower() 167 | return random.choice([first_name, last_name, full_name]) + ''.join(str(random.randint(1, 10)) for i in range(length)) 168 | 169 | domains = ["hotmail.com", "gmail.com", "aol.com", "mail.com", "mail.kz", "yahoo.com", "lanthy.com"] 170 | return get_random_name(length) + '@' + get_random_domain(domains) 171 | 172 | 173 | def generate_password(length): 174 | chars = 'abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789' 175 | return ''.join(random.choice(chars) for _ in range(length)) 176 | 177 | 178 | def login(email, password): 179 | headers = { 180 | "Content-Type": "application/x-www-form-urlencoded", 181 | "referer": "https://www.cloudflare.com/a/login", 182 | ":scheme": "https", 183 | ":path": "/a/login", 184 | ":method": "POST", 185 | ":authority": "www.cloudflare.com", 186 | "accept": "text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,*/*;q=0.8", 187 | "user-agent": "Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/49.0.2623.112 Safari/537.36", 188 | } 189 | login_url = 'https://www.cloudflare.com/a/login' 190 | s = requests.session() 191 | r = s.get(login_url, proxies={'https': HTTP_PROXY}) 192 | security_token = re.search('security_token":"(.+?)"', r.text).group(1) 193 | 194 | params = { 195 | "email": email, 196 | "password": password, 197 | "security_token": security_token, 198 | } 199 | r = s.post(login_url, headers=headers, data=params, allow_redirects=False, proxies={'http': HTTP_PROXY}) 200 | if 'location' in r.headers: 201 | api_key = get_api_key(s) 202 | name_servers = get_name_servers_by_api(email, api_key) 203 | 204 | owner_id = name_servers["result"]["owner"]["id"] 205 | name_servers = "\t".join(name_servers["result"]["name_servers"]) 206 | print("{0}\t{1}\t{2}\t{3}\t{4}".format(email, password, name_servers, api_key, owner_id)) 207 | 208 | 209 | while True: 210 | email = generate_email(4) 211 | password = generate_password(8) 212 | try: 213 | result = create_cf_account(email, password) 214 | if result["success"] is True: 215 | item_msg = "{0}\t{1}\t{2}\t{3}\t{4}\t{5}\t{6}".format( 216 | email, 217 | password, 218 | "\t".join(result["name_servers"]), 219 | result["api_key"], 220 | result["result"]["id"], 221 | result["result"]["username"], 222 | result["result"]["created_on"]) 223 | print(item_msg) 224 | with open(SAVE_FILE, 'a') as myFile: 225 | myFile.write(item_msg + '\n') 226 | elif result["errors"][0]["code"] == 1111: 227 | print(result) 228 | # time.sleep(10) 229 | time.sleep(60 * 15) 230 | except Exception as e: 231 | print("Error: {0}".format(e)) 232 | time.sleep(30) --------------------------------------------------------------------------------