MikiSoft
05-18-2015, 08:26 PM
Don't know how else to start, so I'll start with FAQ about this tool:
What is UniBot?
- UniBot is a unique program that is used for quick and easy creation of HTTP bots, without knowledge of any programming language and without any torment from designing GUI. It can be found here: http://mikisoft.me/programs/unibot (Virus scan (https://www.virustotal.com/en/file/514a175f936c822ebd9e335e85030ac0618efb15fddf5d0c53 f6a9768631f069/analysis/1431379002); more analysis here (http://anubis.iseclab.org/?action=result&task_id=19ae0e85f8f78d07489646ae1f38178c6) and here (https://malwr.com/analysis/ZTkwNjdlMTliZGQzNGZlNDgwM2U1Nzg2OThiMmMyMmE))
For what is it actually used?
- You can create whatever thing comes to your mind, but most of it are some simple bots on which you will substantially lose time creating them in some IDE.
Does that mean I can create any type of bot?
- Yes, if you are skilled enough. You can create for example bots for voting or commenting, or you can make some bot that will rip out specific content from pages on some site, etc.
I have opened the program and nothing seems to be clear to me. Care to explain?
- That's why I decided to make this tutorial because interface of the program looks complicated, but once you begin to understand everything that I have presented in the following, it should be much clearer (at least I hope so).
So, let's start...
--- User interface ---
As you have seen if you've already downloaded and run the program, the interface may seem a little hard to understand, but don't be afraid. The following picture should cover most of the things that you'll need to know:
http://i.imgur.com/CGmOKGX.png
index - each index contains of one HTTP request (GET or POST) or/and logical statement(s) (If-Then) or/and public/output string(s)
strings - that is data which is gathered before or after the execution of the request, depending on where the string is actually used (on this topic I'll write most because it's very important to know)
If clauses - a place to test strings if they meet certain conditions, and on that basis to decide what next to do (ie. which is next index or to stop the execution of the process)
results - a place where the string results are shown (if that is enabled in their options)
--- Indexes ---
Like I said, indexes must contain at least one request or logical statement for solving, or public/output string. We'll focus on the first.
As you know, the definition of each HTTP bot is to assemble and send a specific HTTP requests, in order to achieve a specific goal. So in this program there are indexes, that present a separate templates of certain requests by which program is headed. As can be seen, each index can have a name for easier orientation.
To complete the formation of a HTTP request, there are two important items: POST data and additional headers, which are starting to appear mostly from the second request by gathering the results of the strings. Don't be confused because I only mention HTTP requests - HTTPS is supported, too.
--- Strings ---
This is the key point of the program, so you should pay special attention in order to learn to make bots after finishing this.
We'll begin with the facts:
- strings usually occur after execution of the first request
- each string should contain at least one command
- command that determines what will be the result must be valid and in accordance with the request that was previously sent
- most of the strings are essential for the continuation of the process
- they're executed depending on where they are used - before or after sending request
- their usage is %name% (where "name" is a name of the string)
- if it isn't public/output, the string will not be executed if there is no place in the index where it is used
If you understand this then we go into analysis of a string that contains one command:
'Hey!'+rpl('Hello, world!','world','Miki') Now let's analyze its parts:
'Hey!' - everything that is under a single apostrophe represents a constant, and this constant is located at the beginning of the string so that will be the first thing printed into it
+ - character for merging a command with a constant, or with an another command
rpl('Hello, world!','world','Miki') - it can be assumed that this is the command for replacing specific text, so in this case in the text "Hello, world!" it replaces "world" with "Miki"
The overall result would be:
Hey!Hello, Miki! These are actually some of the most basic things you need to know if you want to go into the world of programming, but I wouldn't call this real programming because you must know a lot more than working with strings. Anyway, moving on...
If you haven't heard of regular expressions (http://regular-expressions.info), then you should first look at them because they are very important for the formation of the string result. I will not talk about that, because you have a lot of examples and explanations all over the Internet.
The basic command for executing them (which looks like previous) is as follows:
rg(source,regex,replacement) Example:
rg('Hey!Hello, Miki!',', (.*?)!','$1') Result:
Miki
Independent commands:
These are commands that are processed even if they're located in the constants ie. under apostrophes.
First and most important command is: [src]
In its place there will be a complete page source (after completing request of course), with response headers at the beginning.
Second important command is: [nl]
Considering that the commands and the constants are written only in one line, I had to find a way to print the constants in multiple lines, so in place of this command a new line separator will be printed.
Third: [rnd]
In its place will be put random generated characters (upper and/or lower case letters, numbers and symbols), or a number from a given range.
To determine the range of characters that will be included, between the last letter and ] you have to add some of these letters:
U - since the default setting is to include only lowercase letters, this command specifies that only uppercase letters are considered
M - mixed-case: mixed uppercase and lowercase letters
L - includes only letters
D - includes only numbers
S - includes only symbols
The last three letters that define a range of characters can be combined, so we have the following example to generate random email addresses:
'[rndLD]@gmail.com' Result would be:
[email protected] As you can see, there is a default number of characters to be printed, and it's 15. To change this, again at the end we add number of characters that we want to be printed:
'[rndLD8]@gmail.com' Result:
[email protected]
As I mentioned above, there is another thing about this command - and that is to generate a random number from the specified range. Its usage is very simple:
'[rnd5-10]' Obviously, this will generate some number between 5 and 10.
Fourth:
In the place of this command will be the user input, which usage is equivalent to the command above (except the U and M letters that are unnecessary in this case), so I will not say anything more about this.
String options:
After defining the string, the button next to it ("...") will be enabled which represent the options for that string. Click on it to get the following little window, where we choose which options will be used:
http://i.imgur.com/wQuf3Ao.png
Crucial - it is important for the continuation of the process
Public - it is available in the other indexes for modification and usage
Array - after processing the string, if more than one result occurs (when using regex or input), this option applies the template to each of them separately (by making sub-threads), but if the option is disabled then only the first result is used
Output - this is the option that will show the string results in the main window
[i]--- If clauses ---
The next are If clauses, which of course are not required if there is a HTTP request in a given index. If both are included, then the request will be executed first with all the strings that are with it, and then the If clauses with its strings. (After that the public and output strings that haven't been put in the HTTP request nor the If clauses will be executed.)
It is a simple principle of making them, so everyone could understand it without explanation (even better if he knows the mathematical logic, ie. the basics of programming). What I will mention is the operation depending on the results of an entire If clause, which will of course be one of the two possible outcomes - in the case where the If clause is true and the case where it is false. For the both cases, the options are the same.
We see on the right side option "Change proxy" - if the seconds to wait are not defined, it changes current to the next proxy address before proceeding to the next index ("Go to") or finishing process ("Finish"). If there is no available proxy address and the seconds are defined, then the process will not be stopped because seconds to wait will be chosen as alternative.
And that's it.
--- Additional stuff ---
Manipulation with indexes:
You don't have to manually modify configuration file to remove or to insert indexes, instead of that do this:
1. For insertinng an index, press Alt+I. If the index is last, it will be duplicated.
2. For removing an index, press Alt+R.
Proxy and thread settings:
http://i.imgur.com/OjdTRfi.png
Same proxy for each thread - every thread will act independently with a proxy list
Other dependent string commands:
enc(text) - uses URL encode on given text
dec(text) – uses URL decode on given text
u(text) - converts the text to uppercase
l(text) - converts the text to lowercase
b64(text) - encrypts the text with Base64
md5(text) - encrypts the text with MD5
<file> - loads the given file as text (by positioning to the folder where is the program itself)
Other independent string commands:
[oind] – previous array index (ie. last number from origin)
[aind] – current array index
[dt] - current date & time
[thr] - current thread
multipart/form-data POST requests with files:
POST /?action=analyze HTTP/1.1
Host: samplesite.org
Content-Type: multipart/form-data; boundary=-----------------------------280841152422961
Content-Length: 6818
-----------------------------280841152422961
Content-Disposition: form-data; name="DataType"
file
-----------------------------280841152422961
Content-Disposition: form-data; name="ImageFile"; filename="picture.jpg"
Content-Type: image/jpeg
ÿØÿà(...) For the request above, we type this into the Post field:
['DataType':'file';'ImageFile':<picture.jpg>]
String builder:
http://i.imgur.com/S3XxGTD.png
In the field for entering string commands, (if it's not blank then before everything) type [build] and hit Enter.
--- The finish ---
That's all? Well, it's not! I didn't talk about some less important things which will only additionally "overload" this tutorial, so you have to explore it by yourself if you are really interested. Maybe you'll find something unexpected... :)
What is UniBot?
- UniBot is a unique program that is used for quick and easy creation of HTTP bots, without knowledge of any programming language and without any torment from designing GUI. It can be found here: http://mikisoft.me/programs/unibot (Virus scan (https://www.virustotal.com/en/file/514a175f936c822ebd9e335e85030ac0618efb15fddf5d0c53 f6a9768631f069/analysis/1431379002); more analysis here (http://anubis.iseclab.org/?action=result&task_id=19ae0e85f8f78d07489646ae1f38178c6) and here (https://malwr.com/analysis/ZTkwNjdlMTliZGQzNGZlNDgwM2U1Nzg2OThiMmMyMmE))
For what is it actually used?
- You can create whatever thing comes to your mind, but most of it are some simple bots on which you will substantially lose time creating them in some IDE.
Does that mean I can create any type of bot?
- Yes, if you are skilled enough. You can create for example bots for voting or commenting, or you can make some bot that will rip out specific content from pages on some site, etc.
I have opened the program and nothing seems to be clear to me. Care to explain?
- That's why I decided to make this tutorial because interface of the program looks complicated, but once you begin to understand everything that I have presented in the following, it should be much clearer (at least I hope so).
So, let's start...
--- User interface ---
As you have seen if you've already downloaded and run the program, the interface may seem a little hard to understand, but don't be afraid. The following picture should cover most of the things that you'll need to know:
http://i.imgur.com/CGmOKGX.png
index - each index contains of one HTTP request (GET or POST) or/and logical statement(s) (If-Then) or/and public/output string(s)
strings - that is data which is gathered before or after the execution of the request, depending on where the string is actually used (on this topic I'll write most because it's very important to know)
If clauses - a place to test strings if they meet certain conditions, and on that basis to decide what next to do (ie. which is next index or to stop the execution of the process)
results - a place where the string results are shown (if that is enabled in their options)
--- Indexes ---
Like I said, indexes must contain at least one request or logical statement for solving, or public/output string. We'll focus on the first.
As you know, the definition of each HTTP bot is to assemble and send a specific HTTP requests, in order to achieve a specific goal. So in this program there are indexes, that present a separate templates of certain requests by which program is headed. As can be seen, each index can have a name for easier orientation.
To complete the formation of a HTTP request, there are two important items: POST data and additional headers, which are starting to appear mostly from the second request by gathering the results of the strings. Don't be confused because I only mention HTTP requests - HTTPS is supported, too.
--- Strings ---
This is the key point of the program, so you should pay special attention in order to learn to make bots after finishing this.
We'll begin with the facts:
- strings usually occur after execution of the first request
- each string should contain at least one command
- command that determines what will be the result must be valid and in accordance with the request that was previously sent
- most of the strings are essential for the continuation of the process
- they're executed depending on where they are used - before or after sending request
- their usage is %name% (where "name" is a name of the string)
- if it isn't public/output, the string will not be executed if there is no place in the index where it is used
If you understand this then we go into analysis of a string that contains one command:
'Hey!'+rpl('Hello, world!','world','Miki') Now let's analyze its parts:
'Hey!' - everything that is under a single apostrophe represents a constant, and this constant is located at the beginning of the string so that will be the first thing printed into it
+ - character for merging a command with a constant, or with an another command
rpl('Hello, world!','world','Miki') - it can be assumed that this is the command for replacing specific text, so in this case in the text "Hello, world!" it replaces "world" with "Miki"
The overall result would be:
Hey!Hello, Miki! These are actually some of the most basic things you need to know if you want to go into the world of programming, but I wouldn't call this real programming because you must know a lot more than working with strings. Anyway, moving on...
If you haven't heard of regular expressions (http://regular-expressions.info), then you should first look at them because they are very important for the formation of the string result. I will not talk about that, because you have a lot of examples and explanations all over the Internet.
The basic command for executing them (which looks like previous) is as follows:
rg(source,regex,replacement) Example:
rg('Hey!Hello, Miki!',', (.*?)!','$1') Result:
Miki
Independent commands:
These are commands that are processed even if they're located in the constants ie. under apostrophes.
First and most important command is: [src]
In its place there will be a complete page source (after completing request of course), with response headers at the beginning.
Second important command is: [nl]
Considering that the commands and the constants are written only in one line, I had to find a way to print the constants in multiple lines, so in place of this command a new line separator will be printed.
Third: [rnd]
In its place will be put random generated characters (upper and/or lower case letters, numbers and symbols), or a number from a given range.
To determine the range of characters that will be included, between the last letter and ] you have to add some of these letters:
U - since the default setting is to include only lowercase letters, this command specifies that only uppercase letters are considered
M - mixed-case: mixed uppercase and lowercase letters
L - includes only letters
D - includes only numbers
S - includes only symbols
The last three letters that define a range of characters can be combined, so we have the following example to generate random email addresses:
'[rndLD]@gmail.com' Result would be:
[email protected] As you can see, there is a default number of characters to be printed, and it's 15. To change this, again at the end we add number of characters that we want to be printed:
'[rndLD8]@gmail.com' Result:
[email protected]
As I mentioned above, there is another thing about this command - and that is to generate a random number from the specified range. Its usage is very simple:
'[rnd5-10]' Obviously, this will generate some number between 5 and 10.
Fourth:
In the place of this command will be the user input, which usage is equivalent to the command above (except the U and M letters that are unnecessary in this case), so I will not say anything more about this.
String options:
After defining the string, the button next to it ("...") will be enabled which represent the options for that string. Click on it to get the following little window, where we choose which options will be used:
http://i.imgur.com/wQuf3Ao.png
Crucial - it is important for the continuation of the process
Public - it is available in the other indexes for modification and usage
Array - after processing the string, if more than one result occurs (when using regex or input), this option applies the template to each of them separately (by making sub-threads), but if the option is disabled then only the first result is used
Output - this is the option that will show the string results in the main window
[i]--- If clauses ---
The next are If clauses, which of course are not required if there is a HTTP request in a given index. If both are included, then the request will be executed first with all the strings that are with it, and then the If clauses with its strings. (After that the public and output strings that haven't been put in the HTTP request nor the If clauses will be executed.)
It is a simple principle of making them, so everyone could understand it without explanation (even better if he knows the mathematical logic, ie. the basics of programming). What I will mention is the operation depending on the results of an entire If clause, which will of course be one of the two possible outcomes - in the case where the If clause is true and the case where it is false. For the both cases, the options are the same.
We see on the right side option "Change proxy" - if the seconds to wait are not defined, it changes current to the next proxy address before proceeding to the next index ("Go to") or finishing process ("Finish"). If there is no available proxy address and the seconds are defined, then the process will not be stopped because seconds to wait will be chosen as alternative.
And that's it.
--- Additional stuff ---
Manipulation with indexes:
You don't have to manually modify configuration file to remove or to insert indexes, instead of that do this:
1. For insertinng an index, press Alt+I. If the index is last, it will be duplicated.
2. For removing an index, press Alt+R.
Proxy and thread settings:
http://i.imgur.com/OjdTRfi.png
Same proxy for each thread - every thread will act independently with a proxy list
Other dependent string commands:
enc(text) - uses URL encode on given text
dec(text) – uses URL decode on given text
u(text) - converts the text to uppercase
l(text) - converts the text to lowercase
b64(text) - encrypts the text with Base64
md5(text) - encrypts the text with MD5
<file> - loads the given file as text (by positioning to the folder where is the program itself)
Other independent string commands:
[oind] – previous array index (ie. last number from origin)
[aind] – current array index
[dt] - current date & time
[thr] - current thread
multipart/form-data POST requests with files:
POST /?action=analyze HTTP/1.1
Host: samplesite.org
Content-Type: multipart/form-data; boundary=-----------------------------280841152422961
Content-Length: 6818
-----------------------------280841152422961
Content-Disposition: form-data; name="DataType"
file
-----------------------------280841152422961
Content-Disposition: form-data; name="ImageFile"; filename="picture.jpg"
Content-Type: image/jpeg
ÿØÿà(...) For the request above, we type this into the Post field:
['DataType':'file';'ImageFile':<picture.jpg>]
String builder:
http://i.imgur.com/S3XxGTD.png
In the field for entering string commands, (if it's not blank then before everything) type [build] and hit Enter.
--- The finish ---
That's all? Well, it's not! I didn't talk about some less important things which will only additionally "overload" this tutorial, so you have to explore it by yourself if you are really interested. Maybe you'll find something unexpected... :)