assetnote · UmbraDeorum · Feb 21, 2025 · Feb 21, 2025 · Feb 21, 2025
diff --git a/batch.py b/batch.py
@@ -3,8 +3,12 @@
 import argparse
 import sys
 import urllib3
+import time
+import random
 urllib3.disable_warnings(urllib3.exceptions.InsecureRequestWarning)
 
+pymojis = ["🐬", "🌞", "🔥", "🎀", "⚜️", "🩻", "✅"]
+
 parser = argparse.ArgumentParser()
 parser.add_argument("-e", "--endpoint", help="GraphQL Endpoint (i.e. https://example.com/graphql).")
 parser.add_argument("-v", "--variable", help="Variable input to GraphQL (i.e. '{\"loginInput\":{\"email\":\"admin@example.com\",\"password\":\"#VARIABLE#\",\"rememberMe\":false}}').")
@@ -22,11 +26,12 @@
   sys.exit()
 
 # parse headers
-header_dict = {}
+header_dict = {"User-Agent": "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:136.0) Gecko/20100101 Firefox/136.0"}
 if args.header:
   for header in args.header:
-    point_index = header.find(":")
-    header_dict[header[:point_index].strip()] = header[point_index+1:].strip()
+    for i in range(len(header)):
+      header_i = header[i].split(":")
+      header_dict[header_i[0].strip()] = header_i[1].strip()
 
 # initialise proxy dict
 proxies = {'http':args.proxy, 'https': args.proxy}
@@ -222,8 +227,10 @@
 with open(args.query, "r") as gql_query:
   gql_str = gql_query.read()
 
+print()
 with open(args.wordlist, "r") as wordlist:
   wordlist_list = wordlist.readlines()
+  start = time.time()
   for i in range(0, len(wordlist_list), int(args.size)):
     gql_list_dict = []
     for word in wordlist_list[i:i+int(args.size)]:
@@ -233,9 +240,18 @@
       else:
         generated_variables = args.variable.replace("#VARIABLE#", word.strip())
         gql_list_dict.append({"query": gql_str, "variables": json.loads(generated_variables)})
-    attempt_str = "GraphQL Batch Attempt: {}".format(",".join([word.strip() for word in wordlist_list[i:i+int(args.size)]]))
-    print(attempt_str)
+    beep = time.time()
+    dt = beep-start
+    eta = 0 if i==0 else (1.0-(i*1.0/len(wordlist_list)))*dt/(i*1.0/len(wordlist_list))
+    if (r.json()[0].get("data")):
+      print("\rProgress: \033[96m{:.2f}%\033[00m  ".format(i*100.0/len(wordlist_list)) +
+            "ETA: \033[93m{:.0f} mins.\033[00m    ".format(eta/60) + 
+            pymojis[random.randrange(0, len(pymojis))] +
+            f"  Success: \033[92m{r.json()[0].get('data')}\033[00m\r", end='', flush=True)
+    else:
+      print("\rProgress: \033[96m{:.2f}%\033[00m  ".format(i*100.0/len(wordlist_list)) +
+            "ETA: \033[93m{:.0f} mins.\033[00m    \r".format(eta/60), end='', flush=True)
     r = requests.post(args.endpoint, headers=header_dict, json=gql_list_dict, proxies=proxies, verify=False)
-    if args.output:
+    if args.output and (r.json()[0].get("data")):
       with open(args.output, "a") as output_file:
-        output_file.write("{}: {}\n".format(attempt_str, r.json()))
+        output_file.write("{}\n".format(r.json()[0].get("data")))
diff --git a/query.txt b/query.txt
@@ -0,0 +1 @@
+query { #VARIABLE# }