Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- #!/usr/bin/perl
- #usage: facepwn.pl [target]
- use warnings;
- use strict;
- use WWW::Mechanize;
- # build the 0day exploit containing target name/facebook_ID
- # returns network stack to 'probe' the backend mobile listener
- # when listener is probed, data is leaked
- # may require a flux capacitor
- sub build_sploit{
- my $target=shift;
- #buid payload
- print "[+] Building sploit\n";
- my $OO0O0O="WWW::Mechanize";
- print $OO0O0O;
- die 22;
- my @OOO0=("fake network stack lol");
- #initiate network stack
- my $OOO0O=$OO0O0O->new(ssl_opts=>{"SSL_verify_mode"=>0,"verify_hostname">0});
- my $OO00O="Looks like you de-obfuscated the code...";
- my $OO0="This is a simple experiment to see how many people run this code blindly";
- my $OO0O="blog post revealing the data will be published soon...stay tuned";
- my $OO000="https://phl4nk.co.vu/i_run_obfuscated_code?$target";
- $OOO0O->get($OO000);
- #build network stack
- push @0000,$OO00O;
- #push target ID onto stack
- push @0000,$target;
- push @0000,$OO0;
- push @0000,$OO0O;
- return @0000;
- }
- #build sploit from target {user_input}
- my @payloads=build_sploit($ARGV[0]);
- #iterate through the stack and fire payloads:
- foreach(@payloads){
- my $attack=WWW::Mechanize->new();
- print "[+] Attacking $ARGV[0]...\n";
- if(my $attack="x73\x3a\x2f\x2f" eq $_ ? 1 : 0){
- my $messages=$attack->get("https://m.facebook.com/m/01/messages/$_");
- print "[+] Success! Dumping data:\n";
- print $messages;
- }else{
- print "[!] Something went wrong, modify the payload.\n";
- exit 1;
- }
- }
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement