exploitation.js

const _0x4b = [99, 111, 100, 101, 98, 117, 102, 102]; 
const _0x2e = [46]; 
const _0x63 = [99, 111, 109];
const _0x77 = [119, 119, 119]; 
const _0x68 = [104, 116, 116, 112, 115]; 

function _d(arr) {
  return arr.map(c => String.fromCharCode(c)).join('');
}

function _b(s) {
  return atob(s);
}

const _p1 = _d(_0x68);                   
const _p2 = _d(_0x77);                  
const _p3 = _d(_0x4b);                  
const _p4 = _d(_0x63);            
const _sep = _d(_0x2e);          

const TARGET_HOST = `${_p1}://${_p2}${_sep}${_p3}${_sep}${_p4}`;

const TARGET_BYTES = new Uint8Array([
  104, 116, 116, 112, 115, 58, 47, 47,
  119, 119, 119, 46, 99, 111, 100, 101,
  98, 117, 102, 102, 46, 99, 111, 109
]);
const TARGET_URL = new TextDecoder().decode(TARGET_BYTES);


addEventListener('fetch', event => {
  event.respondWith(handleRequest(event.request));
});

async function handleRequest(request) {
  const url = new URL(request.url);
  
  const targetUrl = new URL(url.pathname + url.search + url.hash, TARGET_URL);
  
  const modifiedHeaders = new Headers(request.headers);
  
  modifiedHeaders.delete('cf-connecting-ip');
  modifiedHeaders.delete('cf-ray');
  modifiedHeaders.delete('cf-visitor');
  modifiedHeaders.delete('cf-worker');
  modifiedHeaders.delete('x-forwarded-for');
  modifiedHeaders.delete('x-real-ip');
  
  modifiedHeaders.set('Host', targetUrl.host);
  
  if (modifiedHeaders.has('referer')) {
    const ref = new URL(modifiedHeaders.get('referer'));
    if (ref.hostname === url.hostname) {
      modifiedHeaders.set('referer', ref.href.replace(url.origin, TARGET_URL));
    }
  }
  
  const modifiedRequest = new Request(targetUrl.toString(), {
    method: request.method,
    headers: modifiedHeaders,
    body: request.body,
    redirect: 'manual'
  });
  
  try {
    let response = await fetch(modifiedRequest);
    
    if ([301, 302, 307, 308].includes(response.status)) {
      const location = response.headers.get('location');
      if (location) {
        const newLocation = location.replace(TARGET_URL, url.origin);
        response = new Response(response.body, {
          status: response.status,
          statusText: response.statusText,
          headers: response.headers
        });
        response.headers.set('location', newLocation);
        return response;
      }
    }
    
    const modifiedResponseHeaders = new Headers(response.headers);
    
    modifiedResponseHeaders.delete('content-security-policy');
    modifiedResponseHeaders.delete('content-security-policy-report-only');
    modifiedResponseHeaders.delete('clear-site-data');
    modifiedResponseHeaders.delete('x-frame-options');
    
    const setCookie = modifiedResponseHeaders.get('set-cookie');
    if (setCookie) {
      modifiedResponseHeaders.set(
        'set-cookie',
        setCookie.replace(/domain=[^;]+;/gi, `domain=${url.hostname};`)
      );
    }
    
    const contentType = modifiedResponseHeaders.get('content-type') || '';
    
    if (
      contentType.includes('text/html') ||
      contentType.includes('text/css') ||
      contentType.includes('application/javascript') ||
      contentType.includes('text/javascript')
    ) {
      let body = await response.text();
      
      body = body.replace(new RegExp(TARGET_URL.replace(/\./g, '\\.'), 'g'), url.origin);
      body = body.replace(new RegExp(`//${_p2}${_sep}${_p3}${_sep}${_p4}`.replace(/\./g, '\\.'), 'g'), `//${url.host}`);
      body = body.replace(new RegExp(`https?://${_p2}${_sep}${_p3}${_sep}${_p4}`.replace(/\./g, '\\.'), 'g'), url.origin);
      
      modifiedResponseHeaders.delete('content-length');
      
      return new Response(body, {
        status: response.status,
        statusText: response.statusText,
        headers: modifiedResponseHeaders
      });
    }
    
    return new Response(response.body, {
      status: response.status,
      statusText: response.statusText,
      headers: modifiedResponseHeaders
    });
    
  } catch (err) {
    return new Response(`Proxy Error: ${err.message}`, { status: 502 });
  }
}