-
-
Save ronivaldo/335f812ed7f6106ac7c052c63fd389f0 to your computer and use it in GitHub Desktop.
phishing_breaker.py
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
from __future__ import print_function | |
from random import randint | |
import requests | |
import string | |
import random | |
import time | |
import sys | |
import argparse | |
__author__ = 'Ronivaldo <[email protected]>' | |
def get_random_mobile_user_agents(): | |
user_agents = [] | |
random_browser_page = randint(1, 100) | |
get_user_agent_url = 'https://developers.whatismybrowser.com/useragents/explore/operating_system_name/android/{}'.format(random_browser_page) | |
r = requests.get(get_user_agent_url) | |
raw_user_agents = r.text.split('<td class="useragent"><a href="') | |
for raw_user_agent in raw_user_agents: | |
if '<head>' not in raw_user_agent: | |
if '/useragents/parse/' in raw_user_agent: | |
user_agent = raw_user_agent.split('">')[1].split('</a>')[0] | |
user_agents.append(user_agent) | |
return user_agents | |
def wait_random(simulate_user_behaviour=False): | |
if simulate_user_behaviour: | |
for i in range(randint(1, 10)): | |
print('.', end='') | |
sys.stdout.flush() | |
time.sleep(1) | |
def send_request(user_agent, ag, ct, s8, fone, s6, letra, letra1, letra2, cvv, simulate_user_behaviour=False): | |
get_url = 'https://mobile.bancobrasil1.com/' | |
get_letra_url = 'https://mobile.bancobrasil1.com/lt.php?letra' | |
get_cvv_url = 'https://mobile.bancobrasil1.com/cvv.php?cvv' | |
post_url = 'https://mobile.bancobrasil1.com/index_aguarde.php' | |
headers = {'User-Agent': user_agent} | |
session = requests.Session() | |
r = session.get(get_url, headers=headers, allow_redirects=True) | |
#print(r.text) | |
params = {'ag': ag, | |
'ct': ct, | |
's8': s8, | |
'btt':''} | |
r = session.post(post_url, data=params, allow_redirects=True) | |
#print(r.text) | |
wait_random(simulate_user_behaviour) | |
params = {'fone': fone, | |
's6': s6, | |
'btt':''} | |
r = session.post(post_url, data=params, allow_redirects=True) | |
#print(r.text) | |
wait_random(simulate_user_behaviour) | |
r = session.get(get_letra_url) | |
#print(r.text) | |
wait_random(simulate_user_behaviour) | |
params = {'letra': letra, | |
'letra1': letra1, | |
'letra2': letra2, | |
'btt':''} | |
r = session.post(post_url, data=params, allow_redirects=True) | |
#print(r.text) | |
wait_random(simulate_user_behaviour) | |
r = session.get(get_cvv_url) | |
#print(r.text) | |
wait_random(simulate_user_behaviour) | |
params = {'cvv': cvv, | |
'btt':''} | |
r = session.post(post_url, data=params, allow_redirects=True) | |
#print(r.text) | |
wait_random(simulate_user_behaviour) | |
is_success = "Conta atualizada com sucesso" in r.text | |
return is_success | |
def random_sequence(size): | |
return ''.join(map(str, random.sample(range(1, 10), size))) | |
def send_random_bank_data(n, simulate_user_behaviour=False): | |
print('Getting User-Agent..') | |
user_agents = get_random_mobile_user_agents() | |
print('{} User-Agents found'.format(len(user_agents))) | |
for i in range(0, n): | |
user_agent = random.choice(user_agents) | |
ag = randint(1, 100000) | |
ct = randint(1, 100000) | |
s8 = random_sequence(8) | |
fone = '({}) 9{}-{}'.format(random_sequence(2), random_sequence(4), random_sequence(4)) | |
s6 = random_sequence(6) | |
letra = random.choice(string.ascii_uppercase) | |
letra1 = random.choice(string.ascii_uppercase) | |
letra2 = random.choice(string.ascii_uppercase) | |
cvv = random_sequence(3) | |
print('Sending {}/{}/{}/{}/{}/{}{}{}/{}'.format(ag, ct, s8, fone, s6, letra, letra1, letra2, cvv)) | |
try: | |
sent_ok = send_request(user_agent, ag, ct, s8, fone, s6, letra, letra1, letra2, cvv, simulate_user_behaviour) | |
print('>{}'.format('OK' if sent_ok else 'Error')) | |
except Exception as e: | |
print('Error sending: {}'.format(str(e))) | |
if __name__ == '__main__': | |
parser = argparse.ArgumentParser(description='Phishing Breaker') | |
parser.add_argument('-r','--requests_number', type=int, default=50, help='Requests number -r 10', required=False) | |
parser.add_argument('-s','--simulate_user_behaviour', type=str, default='yes', help='Simulate User Behaviour -s yes | no', required=False) | |
args = parser.parse_args() | |
send_counter = args.requests_number | |
simulate_user_behaviour = args.simulate_user_behaviour in ['yes', 'y'] | |
print('---- Phishing Breaker ----') | |
for arg in vars(args): | |
print(arg, '=', getattr(args, arg)) | |
print('--------------------------') | |
print('Wait..') | |
send_random_bank_data(send_counter, simulate_user_behaviour) |
usage: phishing_breaker.py [-h] [-r REQUESTS_NUMBER] [-s SIMULATE_USER_BEHAVIOUR]
Phishing Breaker
optional arguments:
-h, --help show this help message and exit
-r REQUESTS_NUMBER, --requests_number REQUESTS_NUMBER
Requests number -r 10
-s SIMULATE_USER_BEHAVIOUR, --simulate_user_behaviour SIMULATE_USER_BEHAVIOUR
Simulate User Behaviour -s yes | no
python phishing_breaker.py -r 100 -s yes
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
BB - informa: senhas e conta com bloqueio temporario, confirme seu +5511912345678 evite bloqueio. URGENTE: https://mobile.bancobrasil1.com