-
-
Notifications
You must be signed in to change notification settings - Fork 31
/
counter_phisher.py
180 lines (144 loc) · 7.68 KB
/
counter_phisher.py
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
import datetime
import json
import random
import string
import concurrent.futures
import uuid
import requests
from requests.exceptions import SSLError
class CredentialGenerator:
def __init__(self):
self.chars = string.ascii_letters + string.digits
self.firstname_male = json.loads(open('assets/firstname_male.json').read())
self.firstname_female = json.loads(open('assets/firstname_female.json').read())
self.surname = json.loads(open('assets/surnames.json').read())
self.emails = json.loads(open('assets/emails.json').read())
self.common_passwords = json.loads(open('assets/common_passwords.json').read())
self.extensions = json.loads(open('assets/extensions.json').read())
self.dictionary = json.loads(open('assets/dictionary.json').read())
def generate_random_firstname_male(self):
first_name = random.choice(self.firstname_male)
if random.random() < 0.2:
if random.random() < 0.5:
first_name += '-' + random.choice(self.firstname_male)
else:
first_name += ' ' + random.choice(self.firstname_male)
return first_name
def generate_random_firstname_female(self):
first_name = random.choice(self.firstname_female)
if random.random() < 0.2:
if random.random() < 0.5:
first_name += '-' + random.choice(self.firstname_female)
else:
first_name += ' ' + random.choice(self.firstname_female)
return first_name
def generate_random_firstname(self):
if random.random() < 0.5:
return self.generate_random_firstname_male()
else:
return self.generate_random_firstname_female()
def generate_random_surname(self):
return random.choice(self.surname)
def generate_random_fullname(self):
first_name = self.generate_random_firstname()
last_name = self.generate_random_surname()
return first_name + ' ' + last_name
def generate_random_word(self):
return random.choice(self.dictionary)
def generate_random_password(self):
event = random.randint(0, 12)
if event == 0:
return ''.join(random.choice(self.chars) for _ in range(random.randint(7, 15)))
elif event in [1, 2]:
return random.choice(self.dictionary) + random.choice(self.dictionary) + random.choice(string.digits)
elif event in [3, 4]:
return random.choice(self.dictionary) + random.choice(string.digits)
elif event in [5, 6]:
random.choice(string.digits) + random.choice(self.dictionary) + random.choice(self.generate_random_firstname().lower()).replace(' ', '')
else:
return random.choice(self.common_passwords)
def generate_random_email(self):
first_name = self.generate_random_firstname()
last_name = self.generate_random_surname()
email = random.choice(self.emails)
extension = random.choice(self.extensions)
event = random.randint(0, 12)
if event == [0, 3]:
return first_name.lower().replace(' ', '_') + '-' + last_name + '@' + email + '.' + extension
elif event in [4, 7]:
return first_name.lower().replace(' ', '_') + '_' + last_name.lower().replace(' ', '') + '@' + email + '.' + extension
elif event in [8, 11]:
return first_name.lower().replace(' ', '') + self.generate_random_number(length=2) + '@' + email + '.' + extension
else:
return first_name.lower().replace(' ', '') + '@' + email + '.' + extension
def generate_random_digit(self):
return str(random.randint(0, 9))
def generate_random_number(self, length=6):
return ''.join(random.choices(string.digits, k=length))
def generate_random_boolean(self):
return str(random.choice([True, False]))
def generate_random_word(self):
return random.choice(self.dictionary)
def generate_random_letter(self):
return random.choice(string.ascii_letters)
def generate_random_string(self, length=6):
return ''.join(random.choices(string.ascii_letters, k=length))
def generate_random_date(self):
return f'{random.randint(1, 31)}/{random.randint(1, 12)}/{random.randint(1900, datetime.date.today().year)}'
def generate_random_ip(self):
return f'{random.randint(1, 255)}.{random.randint(1, 255)}.{random.randint(1, 255)}.{random.randint(1, 255)}'
def generate_random_url(self):
return f'https://wwww.{self.generate_random_word()}.{random.choice(self.extensions)}'
def generate_random_uuid(self):
return str(uuid.uuid4())
class CredentialTester:
def __init__(self, target_url, login_form_data):
self.url = target_url
self.form_data = login_form_data
def try_credentials(self):
try:
parsed_form_data = {
key: (
credential_generator.generate_random_email() if '@RANDOM_EMAIL' in value else
credential_generator.generate_random_password() if '@RANDOM_PASSWORD' in value else
credential_generator.generate_random_digit() if '@RANDOM_DIGIT' in value else
credential_generator.generate_random_number() if '@RANDOM_NUMBER' in value else
credential_generator.generate_random_boolean() if '@RANDOM_BOOLEAN' in value else
credential_generator.generate_random_fullname() if '@RANDOM_NAME' in value else
credential_generator.generate_random_firstname() if '@RANDOM_FIRSTNAME' in value else
credential_generator.generate_random_firstname_male() if '@RANDOM_FIRSTNAME_MALE' in value else
credential_generator.generate_random_firstname_female() if '@RANDOM_FIRSTNAME_FEMALE' in value else
credential_generator.generate_random_surname() if '@RANDOM_SURNAME' in value else
credential_generator.generate_random_word() if '@RANDOM_WORD' in value else
credential_generator.generate_random_letter() if '@RANDOM_LETTER' in value else
credential_generator.generate_random_string() if '@RANDOM_STRING' in value else
credential_generator.generate_random_date() if '@RANDOM_DATE' in value else
credential_generator.generate_random_ip() if '@RANDOM_IP' in value else
credential_generator.generate_random_url() if '@RANDOM_URL' in value else
credential_generator.generate_random_uuid() if '@RANDOM_UUID' in value else
int(value) if isinstance(value, str) and value.isdigit() else
float(value) if isinstance(value, str) and value.replace('.', '', 1).isdigit() else
value
)
for key, value in self.form_data.items()
}
r = requests.post(self.url, allow_redirects=False, data=parsed_form_data)
print(f'{r.status_code} {r.reason} - {parsed_form_data}')
except SSLError:
print('Error: URL can no longer be reached..')
except Exception as e:
print('Error: {0}'.format(e))
def run(credential_test):
while True:
credential_test.try_credentials()
if __name__ == '__main__':
url = input('Form URL: ')
form_data_file = 'form_data.json'
threads = int(input('Threads: '))
with open(form_data_file, 'r') as f:
form_data = json.load(f)
credential_generator = CredentialGenerator()
credential_tester = CredentialTester(url, form_data)
pool = concurrent.futures.ThreadPoolExecutor(max_workers=threads)
for _ in range(threads):
pool.submit(run,credential_tester)