PhisherFucker

1. #!/usr/bin/python3
2. # Phishing attack script
3. # https://greysec.net/
4. import requests, json, random, threading
5.  
6. url = 'http://044ac74.wcomhost.com/newdemary/customer_center/customer-IDPP00C113/myaccount/signin/'
7. sent_logins = 0
8.  
9. email_domains = [
10.         'gmail.com',
11.         'yahoo.com',
12.         'hotmail.com',
13.         'outlook.com',
14.         ]
15.  
16. seperator_list = [
17.         '',
18.         '_',
19.         '.'
20.         ]
21.  
22. # Load namelist
23. with open('names.json', 'r') as namefile:
24.     namelist = json.load(namefile)
25.     namefile.close()
26.  
27. # Load password list
28. with open('passwords.json','r') as passfile:
29.     passlist = json.load(passfile)
30.     passfile.close()
31.  
32.  
33. def send_request():
34.     while True:
35.         # Generate an email address
36.         global sent_logins
37.    
38.         num = random.randint(1,9999)
39.         name = random.choice(namelist)
40.         seperator = random.choice(seperator_list)
41.         domain = random.choice(email_domains)
42.  
43.         email = f'{name}{seperator}{num}@{domain}'
44.  
45.     # Get a password
46.         password = random.choice(passlist)
47.         response = requests.post(url, data={'login_email':email, 'login_password':password})
48.         sent_logins += 1
49.         print(f'[info] Sent login {email}:{password}')
50.         print(f'[info] Sent logins: {sent_logins}')
51.         if response.status_code != 200:
52.             print('[alert] Got status code {} from website'.format(response.status_code))
53.  
54.  
55. threadlist = []
56.  
57. for thread in range(4):
58.     thread = threading.Thread(target=send_request)
59.     threadlist.append(thread)
60.     thread.start()