Skip to content

Instantly share code, notes, and snippets.

@ronivaldo
Last active August 26, 2018 02:58
Show Gist options
  • Save ronivaldo/335f812ed7f6106ac7c052c63fd389f0 to your computer and use it in GitHub Desktop.
Save ronivaldo/335f812ed7f6106ac7c052c63fd389f0 to your computer and use it in GitHub Desktop.
phishing_breaker.py
from __future__ import print_function
from random import randint
import requests
import string
import random
import time
import sys
import argparse
__author__ = 'Ronivaldo <[email protected]>'
def get_random_mobile_user_agents():
user_agents = []
random_browser_page = randint(1, 100)
get_user_agent_url = 'https://developers.whatismybrowser.com/useragents/explore/operating_system_name/android/{}'.format(random_browser_page)
r = requests.get(get_user_agent_url)
raw_user_agents = r.text.split('<td class="useragent"><a href="')
for raw_user_agent in raw_user_agents:
if '<head>' not in raw_user_agent:
if '/useragents/parse/' in raw_user_agent:
user_agent = raw_user_agent.split('">')[1].split('</a>')[0]
user_agents.append(user_agent)
return user_agents
def wait_random(simulate_user_behaviour=False):
if simulate_user_behaviour:
for i in range(randint(1, 10)):
print('.', end='')
sys.stdout.flush()
time.sleep(1)
def send_request(user_agent, ag, ct, s8, fone, s6, letra, letra1, letra2, cvv, simulate_user_behaviour=False):
get_url = 'https://mobile.bancobrasil1.com/'
get_letra_url = 'https://mobile.bancobrasil1.com/lt.php?letra'
get_cvv_url = 'https://mobile.bancobrasil1.com/cvv.php?cvv'
post_url = 'https://mobile.bancobrasil1.com/index_aguarde.php'
headers = {'User-Agent': user_agent}
session = requests.Session()
r = session.get(get_url, headers=headers, allow_redirects=True)
#print(r.text)
params = {'ag': ag,
'ct': ct,
's8': s8,
'btt':''}
r = session.post(post_url, data=params, allow_redirects=True)
#print(r.text)
wait_random(simulate_user_behaviour)
params = {'fone': fone,
's6': s6,
'btt':''}
r = session.post(post_url, data=params, allow_redirects=True)
#print(r.text)
wait_random(simulate_user_behaviour)
r = session.get(get_letra_url)
#print(r.text)
wait_random(simulate_user_behaviour)
params = {'letra': letra,
'letra1': letra1,
'letra2': letra2,
'btt':''}
r = session.post(post_url, data=params, allow_redirects=True)
#print(r.text)
wait_random(simulate_user_behaviour)
r = session.get(get_cvv_url)
#print(r.text)
wait_random(simulate_user_behaviour)
params = {'cvv': cvv,
'btt':''}
r = session.post(post_url, data=params, allow_redirects=True)
#print(r.text)
wait_random(simulate_user_behaviour)
is_success = "Conta atualizada com sucesso" in r.text
return is_success
def random_sequence(size):
return ''.join(map(str, random.sample(range(1, 10), size)))
def send_random_bank_data(n, simulate_user_behaviour=False):
print('Getting User-Agent..')
user_agents = get_random_mobile_user_agents()
print('{} User-Agents found'.format(len(user_agents)))
for i in range(0, n):
user_agent = random.choice(user_agents)
ag = randint(1, 100000)
ct = randint(1, 100000)
s8 = random_sequence(8)
fone = '({}) 9{}-{}'.format(random_sequence(2), random_sequence(4), random_sequence(4))
s6 = random_sequence(6)
letra = random.choice(string.ascii_uppercase)
letra1 = random.choice(string.ascii_uppercase)
letra2 = random.choice(string.ascii_uppercase)
cvv = random_sequence(3)
print('Sending {}/{}/{}/{}/{}/{}{}{}/{}'.format(ag, ct, s8, fone, s6, letra, letra1, letra2, cvv))
try:
sent_ok = send_request(user_agent, ag, ct, s8, fone, s6, letra, letra1, letra2, cvv, simulate_user_behaviour)
print('>{}'.format('OK' if sent_ok else 'Error'))
except Exception as e:
print('Error sending: {}'.format(str(e)))
if __name__ == '__main__':
parser = argparse.ArgumentParser(description='Phishing Breaker')
parser.add_argument('-r','--requests_number', type=int, default=50, help='Requests number -r 10', required=False)
parser.add_argument('-s','--simulate_user_behaviour', type=str, default='yes', help='Simulate User Behaviour -s yes | no', required=False)
args = parser.parse_args()
send_counter = args.requests_number
simulate_user_behaviour = args.simulate_user_behaviour in ['yes', 'y']
print('---- Phishing Breaker ----')
for arg in vars(args):
print(arg, '=', getattr(args, arg))
print('--------------------------')
print('Wait..')
send_random_bank_data(send_counter, simulate_user_behaviour)
@ronivaldo
Copy link
Author

BB - informa: senhas e conta com bloqueio temporario, confirme seu +5511912345678 evite bloqueio. URGENTE: https://mobile.bancobrasil1.com

@ronivaldo
Copy link
Author

ronivaldo commented Aug 26, 2018

usage: phishing_breaker.py [-h] [-r REQUESTS_NUMBER] [-s SIMULATE_USER_BEHAVIOUR]

Phishing Breaker

optional arguments:
-h, --help show this help message and exit
-r REQUESTS_NUMBER, --requests_number REQUESTS_NUMBER
Requests number -r 10
-s SIMULATE_USER_BEHAVIOUR, --simulate_user_behaviour SIMULATE_USER_BEHAVIOUR
Simulate User Behaviour -s yes | no

@ronivaldo
Copy link
Author

python phishing_breaker.py -r 100 -s yes

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment