import os
import uuid

print('Facebook cross-site scripting X72 vulnerability exploit.')
print('======================================================')
print('THIS IS AN EDUCATIONAL SECURITY PROOF OF CONCEPT TOOL.')
print('======================================================')
print('Gaining unauthorized access to accounts is illegal.')
print('Use it only with permission from the target!')
print('')
print('Developer: Mikhail Ozerov <m.ozerov@mail.ru>')
print('')
print('Please do NOT contact me for hacking services!')
print('I am only a security researcher.')
print('Do not publish this tool until the X72 vulnerability has been fixed by Facebook!')
print('')
print('Press ENTER to accept the terms above.')

raw_input("")

print('You need to perform an X72 injection so that we can capture the X72 cookie.')
print('We will open a hooked browser instance now so that you can initiate a Report/Block session.')
print('Press ENTER to continue.')

raw_input("")
os.popen2('open browser.app')

print('To obtain the X72 cookie, visit the victim\'s profile using the hooked browser from a friend\'s account')
print('and click on the Report/Block button. This will deactivate the Facebook protection-against-strangers and trigger the vulnerability.')
print('After you have clicked Report/Block do NOT click on "Confirm"!!!')
print('We will capture the X72 cookie when the window has opened.')
print('Press ENTER when the Report/Block window has been opened.')

raw_input("")
print('X72 cookie captured:')
print(uuid.uuid1())
print('Decrypt and enjoy!')
print('Educational use only!')