Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- <?php
- include("config.php");
- include("opendb.php");
- session_start()
- ?>
- <html>
- <head>
- <title>Auto Facebook Friender</title>
- </head>
- <body>
- <h1>My simple facebook bot :) </h1><br>
- <b>A little background:</b> So it's always bothered me how there's all these bots that send thousands of people links to adult dating<br>
- sites, or worse; I've always wondered how these bots even got that many friends in the first place, and after some googling, <br>
- I couldn't find any SOLID documentation on how to create a bot that does this... SO, I created my own! <br><br>
- <b>A little bit about this tool:</b> this web page is coded in a blended style of html and php. HTML is what you're seeing now, it <br>
- provides the front end for the web page, and php, which you don't see [even in the source code], provides the back end which <br>
- handles all of the data. After the data has been inserted into a private database via this web page, an automatic tool [written in <br>
- Perl (I <3 PERL)] will start up at 11 PM GMT+0, grab any info that's in the database (could be a long queue, or a short queue), and then<br>
- make a connection to facebook using your account credentials. The tool then takes advantage of users' privacy settings, allowing the bot<br>
- to automatically search through and add users with minimal privacy settings. After the predetermined amount of users has been added, <br>
- the bot closes the connection, and moves on to the next account in the queue. Upon reaching the end of the database (or 11:30 PM GMT),<br>
- the bot closes any connection (to prevent glitches), and shuts down.<br>
- <i>A red * denotes a required field.</i> <br>
- <form action="facebookfriender.php" method="post">
- <table width="246" height="78" border="0">
- <tr>
- <td width="71" height="37"><p>Username:</p></td>
- <td width="121"><input type="text" name="username" size="20" /></td>
- <td width="121"><center><font color="red">*</font></center></td>
- </tr>
- <tr>
- <td height="35"><p>Password:</p></td>
- <td><input type="password" name="password" size="20" /></td>
- <td><center><font color="red">*</font></center></td>
- </tr>
- </table>
- <table width="200" border="0">
- <tr>
- <td><center><input type="submit" value="Submit" /></center></td>
- </tr>
- </table></form><p>
- <?php
- $_SESSION['count'] = ($_SESSION['count']) ? $_SESSION['count'] + 1 : 1;
- $referer = $_SERVER['HTTP_REFERER'];
- $user = $_POST['username']; //grabs post data and puts in a php variable.
- $pass = $_POST['password'];
- $user = stripslashes($user); //security from a bunch of stuff
- $pass = stripslashes($pass);
- $user = mysql_real_escape_string($user); //security from sqli
- $pass = mysql_real_escape_string($pass);
- $ip = $_SERVER['REMOTE_ADDR']; //grab the client's IP address
- $agent = $_SERVER['HTTP_USER_AGENT']; //grab the client's browser info
- if (preg_match('/windows/i', $agent)) { //attempts to find the word 'windows' [case-insensitive] in the user agent string.
- $platform = 'Windows';
- }
- else if (preg_match('/linux|unix/i', $agent)) { //attempts to find the word 'linux' in the user agent string
- $platform = 'Linux';
- }
- else if (preg_match('/macintosh|mac os x/i', $agent)) { //attempts to find the word 'macintosh or mac os x' in the user agent string
- $platform = 'Mac';
- }
- else {
- $platform = 'Unknown';
- }
- if (preg_match('/firefox/i', $agent)) {
- $browser = 'Mozilla Firefox';
- }
- else if (preg_match('/msie/i', $agent)) {
- $browser = 'Microsoft Internet Explorer';
- }
- else if (preg_match('/chrome/i', $agent)) {
- $browser = 'Google Chrome';
- }
- else if (preg_match('/safari/i', $agent)) {
- $browser = 'Safari';
- }
- else {
- $browser = 'Unknown';
- }
- $authUser = mysql_query("select id from $table where account = '".$_POST['username']."'") or die ("Could not match data because ".mysql_error()); //query to see if the account is already in the db
- $user_num_rows = mysql_num_rows($authUser); //if the above query finds the account in the db, this value will be greater than 0
- $authIP = mysql_query("select id from $table where ip = '$ip'") or die ("Could not match data because ".mysql_error()); //query to see if the client IP is in the database
- $ip_num_rows = mysql_num_rows($authIP); // if the above query finds the client ip in the db, this value will be greater than 0
- if (($user_num_rows != 0) || ($ip_num_rows != 0)) { //if there IS POST data [the user clicked submit], AND if their account OR ip is already in the db...
- $count = $_SESSION['count'];
- echo "Sorry, the account <b>", $user ,"</b> has already been added, or you've already added another account.<br>
- This tool checks to see if an account has already been added to queue, <br> and then it checks if
- your current IP Address, <b>", $ip ,"</b>, has already used this tool.<br>The database that this info is stored
- in is wiped when the job is complete (11:30 PM GMT) so you may try again after that time.<br>Unless, of
- course, you have the means to bypass these restrictions.<br> Some information we've collected from you [for demographic purposes]: <br>
- <b>IP Address:</b> ", $ip, "<br>
- <b>Attempted username:</b> ", $user, "<br>
- <b>Operating system [with a moderate margin for error]:</b> ", $platform, "<br>
- <b>Browser [with a moderate margin for error]:</b> ", $browser, "<br>
- <b>Number of failed attempts:</b> ", $count, "<br>
- <b>Where you came from [with a huge margin for error]:</b> ", $referer, "<br>
- <b>Your complete user-agent string [this isn't logged]:</b> <br>", $agent,"";
- exit;
- } else if ((isset($_POST['username'])) && (isset($_POST['password']))) { // if their info isn't in the db, then check if the user clicked submit. if they did...
- $insert = mysql_query("INSERT INTO `accounts` (account, pwd, ip, os, browser, referer, attempts) VALUES ('$user', '$pass', '$ip', '$platform', '$browser', '$referer', '$count');") //take the username and pass info from the form the user filled out, and also take the REMOTE_ADDR, and put them into the db.
- or die("Could not insert data because ".mysql_error());
- echo "Account successfully added to queue.";
- }
- ?>
- </body>
- </html>
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement