forked from D4Vinci/Cr3dOv3r
-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathCr3d0v3r.py
executable file
·164 lines (147 loc) · 6.37 KB
/
Cr3d0v3r.py
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
#Written by: Karim shoair - D4Vinci ( Cr3dOv3r )
#!/usr/bin/env python3
# -*- coding: utf-8 -*-
import os,argparse,time,random,requests
import mechanicalsoup as ms
from getpass import getpass
from websites import *
import ispwned,updater
#Colors
global G, Y, B, R, W , M , C , end ,Bold
if os.name=="nt":
try:
import win_unicode_console , colorama
win_unicode_console.enable()
colorama.init()
#green - yellow - blue - red - white - magenta - cyan - reset
G,Y,B,R,W,M,C,end= '\033[92m','\033[93m','\033[94m','\033[91m','\033[0m','\x1b[35m','\x1b[36m','\x1b[39m'
Bold = "\033[1m"
except:
G = Y = B = R = W = G = Y = B = R = Bold = ''
else:
#import colorama
#colorama.init()
#green - yellow - blue - red - white - magenta - cyan - reset
G,Y,B,R,W,M,C,end= '\033[92m','\033[93m','\033[94m','\033[91m','\033[0m','\x1b[35m','\x1b[36m','\x1b[39m'
Bold = "\033[1m"
parser = argparse.ArgumentParser(prog='Cr3d0v3r.py')
parser.add_argument("email", help="Email/username to check")
args = parser.parse_args()
email = args.email
version = updater.check()
if "but" in version:
version = version.split("but")[0]+R+"but"+version.split("but")[1]
#with mechanicalsoup
def login( name ,dic ,email ,pwd ):
url ,form,e_form ,p_form = dic["url"] ,dic["form"],dic["e_form"] ,dic["p_form"]
browser = ms.StatefulBrowser(user_agent=random.choice(["Mozilla/5.0 (Macintosh; Intel Mac OS X 10_9_0) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/32.0.1664.3 Safari/537.36",
"Opera/9.80 (Macintosh; Intel Mac OS X; U; en) Presto/2.6.30 Version/10.61",
"Lynx/2.8.5rel.1 libwww-FM/2.14 SSL-MM/1.4.1 GNUTLS/0.8.12",
"Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:14.0) Gecko/20100101 Firefox/14.0.1",
"Mozilla/5.0 (X11; Linux) KHTML/4.9.1 (like Gecko) Konqueror/4.9"])
)
try:
browser.open(url)
except:
return "{2} -[{1}{3} {0} {4}{2}] Couldn't even open the page! Do you have internet !?{4}".format(name,R,W,Bold,end)
try:
browser.select_form(form)
browser[e_form] = email
browser[p_form] = pwd
browser.submit_selected()
except ms.utils.LinkNotFoundError:
return "{2} -[{1}{3} {0} {4}{2}] Something wrong with the website maybe it's blocked!{4}".format(name,R,W,Bold,end)
#Now let's check if it was success by trying to use the same form again and if I could use it then the login not success
try:
browser.select_form(form)
browser.close()
return "{2} -[{1}{3} {0} {4}{2}] Login unsuccessful!{4}".format(name,R,W,Bold,end)
except ms.utils.LinkNotFoundError:
browser.close()
return "{2} -[{1}{3} {0} {4}{2}] Login successful !{4}".format(name,G,W,Bold,end)
#websites that use two forms to login
def custom_login( name ,dic ,email ,pwd ):
url ,form1,form2,e_form ,p_form = dic["url"] ,dic["form1"],dic["form2"],dic["e_form"] ,dic["p_form"]
browser = ms.StatefulBrowser(user_agent=random.choice(["Mozilla/5.0 (Macintosh; Intel Mac OS X 10_9_0) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/32.0.1664.3 Safari/537.36",
"Opera/9.80 (Macintosh; Intel Mac OS X; U; en) Presto/2.6.30 Version/10.61",
"Lynx/2.8.5rel.1 libwww-FM/2.14 SSL-MM/1.4.1 GNUTLS/0.8.12",
"Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:14.0) Gecko/20100101 Firefox/14.0.1",
"Mozilla/5.0 (X11; Linux) KHTML/4.9.1 (like Gecko) Konqueror/4.9"]))
try:
browser.open(url)
except:
return "{2} -[{1}{3} {0} {4}{2}] Couldn't even open the page! Do you have internet !?{4}".format(name,R,W,Bold,end)
try:
browser.select_form(form1)
browser[e_form] = email
except ms.utils.LinkNotFoundError:
return "{2} -[{1}{3} {0} {4}{2}] Something wrong with the website maybe it's blocked!{4}".format(name,R,W,Bold,end)
try:
browser.submit_selected()
browser.select_form(form2)
browser[p_form] = pwd
browser.submit_selected()
except ms.utils.LinkNotFoundError:
browser.close()
return "{2} -[{1}{3} {0} {4}{2}] Email not registered!{4}".format(name,R,W,Bold,end)
#Now let's check if it was success by trying to use the same form again and if I could use it then the login not success
try:
browser.select_form(form2)
browser.close()
return "{2} -[{1}{3} {0} {4}{2}] Login unsuccessful!{4}".format(name,R,W,Bold,end)
except:
browser.close()
return "{2} -[{1}{3} {0} {4}{2}] Login successful !{4}".format(name,G,W,Bold,end)
#That's a lot of exceptions :"D
#Login to websites with post requests
def req_login( name ,dic ,email ,pwd ):
url ,verfiy,e_form ,p_form = dic["url"] ,dic["verfiy"],dic["e_form"] ,dic["p_form"]
data = {e_form:email,p_form:pwd}
req = requests.post(url,data=data).text
#Now let's check if it was success by trying to find the verfiy words and if I could find them then login not successful
for word in verfiy:
if word in req:
return "{2} -[{1}{3} {0} {4}{2}] Login unsuccessful!{4}".format(name,R,W,Bold,end)
return "{2} -[{1}{3} {0} {4}{2}] Login successful !{4}".format(name,G,W,Bold,end)
web1 = list(websites.keys())
web1.sort()
web2 = list(custom_websites.keys())
web2.sort()
web3 = list(req_websites.keys())
web3.sort()
all_websites = web1+web2+web3
def random_banner():
banners = open(os.path.join("Data","banners.txt")).read().split("$$$$$AnyShIt$$$$$$")
banner = random.choice(banners)
banner_to_print = G
banner_to_print += banner.format(Name=B+"Cr3d0v3r By "+Bold+"@D4Vinci -"+M+" V"+version+G,
Description=C+"Know the dangers of email credentials reuse attacks."+G,
Loaded=B+"Loaded "+Y+str(len(all_websites))+B+" website."+G)
banner_to_print += end
print(banner_to_print)
def main():
random_banner()
print("\n"+W+"["+G+"+"+W+"]"+B+" Checking email in public leaks...")
if ispwned.check(email):
to_print = ispwned.parse_data(email)
colors = {"(C)":C,"(W)":W,"(B)":B,"(Y)":Y,"(G)":G,"(R)":R,"(M)":M,"(end)":end}
for color in list(colors.keys()):
to_print = to_print.replace(color,colors[color])
print(to_print)
else:
print(C+"[!] "+R+"Email not found in any public leaks!\n")
pwd = getpass(C+"Please enter the password"+W+"=> ")
print("\n"+W+"["+G+"+"+W+"]"+B+" Testing websites with one form (" + str(len(web1)) + ")!")
for wd in web1:
dic = websites[wd]
print( login( wd ,dic ,email ,pwd ) )
print("\n"+W+"["+G+"+"+W+"]"+B+" Testing websites with two forms (" + str(len(web2)) + ")!")
for wd in web2:
dic = custom_websites[wd]
print( custom_login( wd ,dic ,email ,pwd ) )
print("\n"+W+"["+G+"+"+W+"]"+B+" Testing websites with post requests (" + str(len(web3)) + ")!")
for wd in web3:
dic = req_websites[wd]
print( req_login( wd ,dic ,email ,pwd ) )
if __name__ == '__main__':
main()