diff --git a/README b/README index da60f0b..7ce18f6 100644 --- a/README +++ b/README @@ -1,57 +1,46 @@ -Python Scripts - fbStalker - OSINT tool for Facebook - Based on Facebook Graph and other stuff geoStalker - OSINT tool for Geolocation related sources - Flickr, Instagram, Twitter, Wigle. The userIDs found is used to find social media accounts across other networks like Facebook, Youtube, Instagram, Google+, Linkedin and Google Search -All updates/changes to the code will be posted via twitter account @osintstalker. -Please follow this account for updates and improvements to the code. - ------------------------------------------------------------------------------------------ Presentation Slides of our talk at HackInTheBox Kuala Lumpur 2013. http://conference.hitb.org/hitbsecconf2013kul/materials/D2T3%20-%20Keith%20Lee%20and%20Jonathan%20Werrett%20-%20Facebook%20OSINT.pdf ------------------------------------------------------------------------------------------ - Videos Geostalker running in Kali Linux https://www.youtube.com/watch?v=qUqT9Ct2kg0&feature=youtu.be - ------------------------------------------------------------------------------------------ -Instructions for FBstalker -Install Google Chrome and ChromeDriver on Kali Linux -If you are using 32 bit Kali Linux (run uname -r to find out) -wget http://95.31.35.30/chrome/pool/main/g/google-chrome-stable/google-chrome-stable_27.0.1453.93-r200836_i386.deb +Instalation instructions for FBstalker +------------------------------------------------------------------------------------------ +Install Google Chrome and ChromeDriver on Ubuntu 14.04 -wget https://chromedriver.googlecode.com/files/chromedriver_linux32_23.0.1240.0.zip -unzip chromedriver_linux32_23.0.1240.0.zip +If you are using 32 bit +wget https://dl.google.com/linux/direct/google-chrome-stable_current_i386.deb +dpkg -i google-chrome-stable_current_i386.deb + +wget http://chromedriver.storage.googleapis.com/2.14/chromedriver_linux32.zip +unzip chromedriver_linux32.zip cp chromedriver /usr/bin/chromedriver chmod 777 /usr/bin/chromedriver -If you are using 64 bit Kali Linux (run uname -r to find out) -wget http://95.31.35.30/chrome/pool/main/g/google-chrome-stable/google-chrome-stable_27.0.1453.93-r200836_amd64.deb +If you are using 64 bit +wget https://dl.google.com/linux/direct/google-chrome-stable_current_amd64.deb +dpkg -i google-chrome-stable_current_amd64.deb -wget https://chromedriver.googlecode.com/files/chromedriver_linux64_23.0.1240.0.zip -unzip chromedriver_linux64_23.0.1240.0.zip +wget http://chromedriver.storage.googleapis.com/2.14/chromedriver_linux64.zip +unzip chromedriver_linux64.zip cp chromedriver /usr/bin/chromedriver chmod 777 /usr/bin/chromedriver sudo apt-get install python-setuptools -wget https://pypi.python.org/packages/source/p/pip/pip-1.4.1.tar.gz -tar xvfz pip-1.4.1.tar.gz -cd pip-1.4.1 -sudo python2.7 setup.py install +sudo apt-get install python-pip +sudo pip install pygraphml pytz tzlocal termcolor selenium requests==2.5.3 beautifulsoup4 -pip install pytz -pip install tzlocal -pip install termcolor -pip install selenium -pip install requests --upgrade -pip install beautifulsoup4 -git clone https://github.com/hadim/pygraphml.git -cd pygraphml -python2.7 setup.py install +wget https://github.com/Fluffinko/osintstalker/raw/master/fbstalker1.py + +vi fbstalker1.py -Edit fbstalker.py and update facebook_username (same as email address) and facebook_password. +Edit fbstalker.py and update facebook_username (same as email address) and facebook_password and API key Run python fbstalker.py -user [facebook target username] diff --git a/fbstalker1.py b/fbstalker1.py index 27422cf..d9f2c42 100644 --- a/fbstalker1.py +++ b/fbstalker1.py @@ -5,28 +5,28 @@ import zipfile import sys import re +import time import datetime import operator import sqlite3 import os +import locale from datetime import datetime from datetime import date import pytz from tzlocal import get_localzone import requests from termcolor import colored, cprint -from pygraphml.GraphMLParser import * -from pygraphml.Graph import * -from pygraphml.Node import * -from pygraphml.Edge import * +from pygraphml import * +from pygraphml.graph import * +from pygraphml.node import * +from pygraphml.edge import * from selenium import webdriver from selenium.webdriver.common.desired_capabilities import DesiredCapabilities from selenium.webdriver.support.ui import WebDriverWait from selenium.common.exceptions import TimeoutException -import time,re,sys from selenium.webdriver.common.keys import Keys -import datetime from bs4 import BeautifulSoup from StringIO import StringIO @@ -37,6 +37,8 @@ facebook_username = "" facebook_password = "" +# get access_token at https://developers.facebook.com/tools/access_token/ +facebook_access_token = "" global uid uid = "" @@ -521,7 +523,7 @@ def parseTimeline(html,username): if len(tlDateTimeLoc[1].text)>0: print "[*] Location of Post: "+unicode(tlDateTimeLoc[1].text) if len(tlDateTimeLoc[2].text)>0: - print "[*] Device: "+str(tlDateTimeLoc[2].text) + print "[*] Device: "+unicode(tlDateTimeLoc[2].text) except IndexError: continue @@ -1558,7 +1560,7 @@ def parseVideosBy(html): r = re.compile('href="(.*?)&') m = r.search(str(x)) if m: - filename = str(m.group(1)).replace("https://www.facebook.com/photo.php?v=","v_") + filename = str(m.group(1)).replace("https://www.facebook.com/video.php?v=","v_") filename = filename+".html" url = m.group(1) if not os.path.lexists(filename): @@ -1976,44 +1978,58 @@ def options(arguments): def showhelp(): - print "" - print " MMMMMM$ZMMMMMDIMMMMMMMMNIMMMMMMIDMMMMMMM" - print " MMMMMMNINMMMMDINMMMMMMMZIMMMMMZIMMMMMMMM" - print " MMMMMMMIIMMMMMI$MMMMMMMIIMMMM8I$MMMMMMMM" - print " MMMMMMMMIINMMMIIMMMMMMNIIMMMOIIMMMMMMMMM" - print " MMMMMMMMOIIIMM$I$MMMMNII8MNIIINMMMMMMMMM" - print " MMMMMMMMMZIIIZMIIIMMMIIIM7IIIDMMMMMMMMMM" - print " MMMMMMMMMMDIIIIIIIZMIIIIIII$MMMMMMMMMMMM" - print " MMMMMMMMMMMM8IIIIIIZIIIIIIMMMMMMMMMMMMMM" - print " MMMMMMMMMMMNIIIIIIIIIIIIIIIMMMMMMMMMMMMM" - print " MMMMMMMMM$IIIIIIIIIIIIIIIIIII8MMMMMMMMMM" - print " MMMMMMMMIIIIIZIIIIZMIIIIIDIIIIIMMMMMMMMM" - print " MMMMMMOIIIDMDIIIIZMMMIIIIIMMOIIINMMMMMMM" - print " MMMMMNIIIMMMIIII8MMMMM$IIIZMMDIIIMMMMMMM" - print " MMMMIIIZMMM8IIIZMMMMMMMIIIIMMMM7IIZMMMMM" - print " MMM$IIMMMMOIIIIMMMMMMMMMIIIIMMMM8IIDMMMM" - print " MMDIZMMMMMIIIIMMMMMMMMMMNIII7MMMMNIIMMMM" - print " MMIOMMMMMNIII8MMMMMMMMMMM7IIIMMMMMM77MMM" - print " MO$MMMMMM7IIIMMMMMMMMMMMMMIII8MMMMMMIMMM" - print " MIMMMMMMMIIIDMMMMMMMMMMMMM$II7MMMMMMM7MM" - print " MMMMMMMMMIIIMMMMMMMMMMMMMMMIIIMMMMMMMDMM" - print " MMMMMMMMMII$MMMMMMMMMMMMMMMIIIMMMMMMMMMM" - print " MMMMMMMMNIINMMMMMMMMMMMMMMMOIIMMMMMMMMMM" - print " MMMMMMMMNIOMMMMMMMMMMMMMMMMM7IMMMMMMMMMM" - print " MMMMMMMMNINMMMMMMMMMMMMMMMMMZIMMMMMMMMMM" - print " MMMMMMMMMIMMMMMMMMMMMMMMMMMM8IMMMMMMMMMM" - + print """ + , , + $, $, , + "ss.$ss. .s' + , .ss$$$$$$$$$$s, + $. s$$$$$$$$$$$$$$`$$Ss + "$$$$$$$$$$$$$$$$$$o$$$ , + s$$$$$$$$$$$$$$$$$$$$$$$$s, ,s + s$$$$$$$$$"$$$$$$""'"$$$$$$"$$$$$, + s$$$$$$$$$$s""$$$$ssssss"$$$$$$$$" + s$$$$$$$$$$' `"'"ss"$"$s"" + s$$$$$$$$$$, `"'"'"$ .s$$s + s$$$$$$$$$$$$s,... `s$$' ` + `ssss$$$$$$$$$$$$$$$$$$$$####s. .$$"$. , s- + `""'"$$$$$$$$$$$$$$$$$$$$#####$$$$$$" $.$' + "$$$$$$$$$$$$$$$$$$$$$####s"" .$$$| + "$$$$$$$$$$$$$$$$$$$$$$$$##s .$$" $ + $$""$$$$$$$$$$$$$$$$$$$$$$$$$$$$$" ` + $$" "$"$$$$$$$$$$$$$$$$$$$$S"'""' + , ," ' $$$$$$$$$$$$$$$$####s + $. .s$$$$$$$$$$$$$$$$$####" + , "$s. ..ssS$$$$$$$$$$$$$$$$$$$####" + $ .$$$S$$$$$$$$$$$$$$$$$$$$$$$$#####" + Ss ..sS$$$$$$$$$$$$$$$$$$$$$$$$$$$######"" + "$$sS$$$$$$$$$$$$$$$$$$$$$$$$$$$########" + , s$$$$$$$$$$$$$$$$$$$$$$$$#########""' + $ s$$$$$$$$$$$$$$$$$$$$$#######""' s' , + $$..$$$$$$$$$$$$$$$$$$######"' ....,$$.... ,$ + "$$$$$$$$$$$$$$$######"' , .sS$$$$$$$$$$$$$$$$s$$ + $$$$$$$$$$$$#####" $, .s$$$$$$$$$$$$$$$$$$$$$$$$s. + ) $$$$$$$$$$$#####' `$$$$$$$$$###########$$$$$$$$$$$. + (( $$$$$$$$$$$##### $$$$$$$$###" "####$$$$$$$$$$ + ) \ $$$$$$$$$$$$####. $$$$$$###" "###$$$$$$$$$ s' + ( ) $$$$$$$$$$$$$####. $$$$$###" ####$$$$$$$$s$$' + ) ( ( $$"$$$$$$$$$$$#####.$$$$$###' -Fluffinko .###$$$$$$$$$$" + ( ) ) _,$" $$$$$$$$$$$$######.$$##' .###$$$$$$$$$$ + ) ( ( \. "$$$$$$$$$$$$$#######,,,. ..####$$$$$$$$$$$" +( )$ ) ) ,$$$$$$$$$$$$$$$$$$####################$$$$$$$$$$$" +( ($$ ( \ _sS" `"$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$S$$, + ) )$$$s ) ) . . `$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$"' `$$ + ( $$$Ss/ .$, .$,,s$$$$$$##S$$$$$$$$$$$$$$$$$$$$$$$$S"" ' + \)_$$$$$$$$$$$$$$$$$$$$$$$##" $$ `$$. `$$. + `"S$$$$$$$$$$$$$$$$$#" $ `$ `$ + `"'""'"'""'""'' ' ' ' + """ print """ ##################################################### - # fbStalker.py # - # [Trustwave Spiderlabs] # + # fbStalker.py # + # [by Trustwave Spiderlabs] # + # [ updated by Fluffinko ] # ##################################################### - Usage: python fbStalker.py [OPTIONS] - - [OPTIONS] - - -user [Facebook Username] - -report [Filename] + Usage: python fbStalker.py -user [Facebook Username] [Filename of report] """ if __name__ == '__main__':