Overview
Miku Miku Beam supports multiple proxy protocols for routing attack traffic. Proxies are loaded from a text file and randomly distributed across worker threads.Supported Protocols
HTTP/HTTPS
Layer 7 proxies using HTTP CONNECT tunneling
SOCKS4
Layer 4 proxies for TCP connections
SOCKS5
Layer 4 proxies with authentication support
Proxy File Format
Proxies are loaded from a text file (default:data/proxies.txt). Each line represents one proxy.
Format Syntax
Examples
Comments and Empty Lines
Lines starting with
# are treated as comments and ignored during parsing.Proxy Parsing
Location:internal/proxy/loader.go
Loading Process
- Open file and scan line-by-line
- Skip empty lines and comments
- Parse protocol (defaults to
httpif not specified) - Extract authentication credentials if present
- Split host and port
- Create
Proxystruct
Proxy Structure
Default Values
| Component | Default Value |
|---|---|
| Protocol | http |
| Port | 8080 |
| Username | “ (empty) |
| Password | “ (empty) |
Protocol-Specific Behavior
HTTP/HTTPS Proxies
Implementation: Uses Go’snet/http proxy support with CONNECT tunneling.
SOCKS4/SOCKS5 Proxies
Implementation: Usesh12.io/socks library for SOCKS protocol handling.
| Feature | SOCKS4 | SOCKS5 |
|---|---|---|
| Authentication | ❌ | ✅ |
| UDP Support | ❌ | ✅ |
| IPv6 Support | ❌ | ✅ |
| DNS Resolution | Client-side | Proxy-side (optional) |
SOCKS proxies provide lower-level control and are required for Layer 4 attacks (TCP Flood, Slowloris, Minecraft Ping).
Method-Based Filtering
Proxies are automatically filtered based on attack method compatibility.Filter Rules
Location:internal/proxy/loader.go:72
Why Layer 4 Attacks Require SOCKS
HTTP/HTTPS proxies work at Layer 7 and only support HTTP protocol. Methods that need raw TCP control (Slowloris, TCP Flood, Minecraft Ping) require SOCKS proxies for direct TCP socket access.Proxy Distribution
Location:internal/engine/engine.go:179
Random Selection
For each packet dispatch, a random proxy is selected:Load Distribution
With multiple threads and high packet rates, proxies receive roughly equal distribution:Random selection prevents predictable patterns but doesn’t guarantee perfect balance. With enough packets, distribution approaches uniform.
HTTP Client Configuration
Location:internal/netutil/httpdial.go
Client Settings
- Timeout: 5-6 seconds (method-dependent)
- Max Redirects: 3
- TLS Verification: Disabled (
InsecureSkipVerify: true) - Keep-Alive: Enabled via
Connection: keep-aliveheader
TLS Configuration
TCP Connection Handling
Location:internal/netutil/tcpdial.go
Connection Flow
HTTP CONNECT Tunneling
For HTTP/HTTPS proxies with TCP targets: 1. Connect to proxy:TLS Wrapping
User Agent Rotation
While not strictly proxy-related, user agents are distributed similarly.Loading User Agents
Location:internal/proxy/loader.go:54
data/uas.txt):
Random Selection
Configuration Reference
config.toml
Path Resolution
- Absolute paths: Used as-is
- Relative paths: Resolved from
baseDir(or current working directory)
- Config:
proxies_file = "data/proxies.txt" - Base dir:
/home/user/mikumikubeam - Resolved:
/home/user/mikumikubeam/data/proxies.txt
Best Practices
Proxy Selection
Match Proxy Type to Attack Method
- Use SOCKS proxies for Layer 4 attacks
- HTTP/HTTPS proxies work for HTTP Flood and Bypass
- Mix both types for maximum flexibility
Performance
Optimize Proxy Count
- More proxies = better distribution
- Dead proxies waste threads (timeouts reduce throughput)
- Test proxies before using in attacks
Security
Protect Credentials
- Store proxy files outside version control
- Use restrictive file permissions (chmod 600)
- Avoid plain-text credentials when possible
Testing
Validate Proxy List
- Test connectivity before attacks
- Check protocol compatibility with attack method
- Monitor for proxy failures during attacks
Troubleshooting
No Proxies Loaded
Symptom: Attack runs but uses direct connection Causes:- File path incorrect
- All lines commented or empty
- File doesn’t exist (silently ignored)
Zero Usable Proxies
Symptom: Attack starts but no traffic generated Causes:- Proxy protocol incompatible with attack method
- All proxies filtered out
Slow Attack Rate
Symptom: Packets/second lower than expected Causes:- Proxy timeouts (dead proxies)
- High latency proxies
- Authentication failures
Authentication Failures
Symptom: Connections fail with 407 Proxy Authentication Required Causes:- Incorrect username/password
- Special characters not URL-encoded