From e4bfe11e9bac082a1dd5f00d0550a3407216f697 Mon Sep 17 00:00:00 2001 From: Fluffinko Date: Thu, 2 Apr 2015 14:59:57 +0200 Subject: [PATCH 01/13] Update fbstalker1.py --- fbstalker1.py | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/fbstalker1.py b/fbstalker1.py index 27422cf..d65876b 100644 --- a/fbstalker1.py +++ b/fbstalker1.py @@ -15,10 +15,10 @@ from tzlocal import get_localzone import requests from termcolor import colored, cprint -from pygraphml.GraphMLParser import * -from pygraphml.Graph import * -from pygraphml.Node import * -from pygraphml.Edge import * +from pygraphml import * +from pygraphml.graph import * +from pygraphml.node import * +from pygraphml.edge import * from selenium import webdriver from selenium.webdriver.common.desired_capabilities import DesiredCapabilities From dbaf2fd1a6732f4893104c344e2a88b65e559638 Mon Sep 17 00:00:00 2001 From: Fluffinko Date: Thu, 2 Apr 2015 15:14:11 +0200 Subject: [PATCH 02/13] Update fbstalker1.py --- fbstalker1.py | 2 ++ 1 file changed, 2 insertions(+) diff --git a/fbstalker1.py b/fbstalker1.py index d65876b..0b1d6d4 100644 --- a/fbstalker1.py +++ b/fbstalker1.py @@ -37,6 +37,8 @@ facebook_username = "" facebook_password = "" +# get access_token at https://developers.facebook.com/tools/access_token/ +facebook_access_token = "" global uid uid = "" From 9ba722cd7336a7b271b45c30bfb87b9b3228ab2d Mon Sep 17 00:00:00 2001 From: Fluffinko Date: Fri, 3 Apr 2015 12:28:02 +0200 Subject: [PATCH 03/13] Update README --- README | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/README b/README index da60f0b..783c658 100644 --- a/README +++ b/README @@ -19,7 +19,7 @@ https://www.youtube.com/watch?v=qUqT9Ct2kg0&feature=youtu.be Instructions for FBstalker Install Google Chrome and ChromeDriver on Kali Linux If you are using 32 bit Kali Linux (run uname -r to find out) -wget http://95.31.35.30/chrome/pool/main/g/google-chrome-stable/google-chrome-stable_27.0.1453.93-r200836_i386.deb +wget https://dl.google.com/linux/direct/google-chrome-stable_current_i386.deb wget https://chromedriver.googlecode.com/files/chromedriver_linux32_23.0.1240.0.zip unzip chromedriver_linux32_23.0.1240.0.zip @@ -27,7 +27,7 @@ cp chromedriver /usr/bin/chromedriver chmod 777 /usr/bin/chromedriver If you are using 64 bit Kali Linux (run uname -r to find out) -wget http://95.31.35.30/chrome/pool/main/g/google-chrome-stable/google-chrome-stable_27.0.1453.93-r200836_amd64.deb +wget https://dl.google.com/linux/direct/google-chrome-stable_current_amd64.deb wget https://chromedriver.googlecode.com/files/chromedriver_linux64_23.0.1240.0.zip unzip chromedriver_linux64_23.0.1240.0.zip From cb82aa43e6c0db063103c461e5a1fba57c7a841f Mon Sep 17 00:00:00 2001 From: Fluffinko Date: Fri, 3 Apr 2015 12:30:42 +0200 Subject: [PATCH 04/13] Update README --- README | 14 +++++++------- 1 file changed, 7 insertions(+), 7 deletions(-) diff --git a/README b/README index 783c658..99d8a4a 100644 --- a/README +++ b/README @@ -3,9 +3,6 @@ Python Scripts fbStalker - OSINT tool for Facebook - Based on Facebook Graph and other stuff geoStalker - OSINT tool for Geolocation related sources - Flickr, Instagram, Twitter, Wigle. The userIDs found is used to find social media accounts across other networks like Facebook, Youtube, Instagram, Google+, Linkedin and Google Search -All updates/changes to the code will be posted via twitter account @osintstalker. -Please follow this account for updates and improvements to the code. - ------------------------------------------------------------------------------------------ Presentation Slides of our talk at HackInTheBox Kuala Lumpur 2013. http://conference.hitb.org/hitbsecconf2013kul/materials/D2T3%20-%20Keith%20Lee%20and%20Jonathan%20Werrett%20-%20Facebook%20OSINT.pdf @@ -18,19 +15,22 @@ https://www.youtube.com/watch?v=qUqT9Ct2kg0&feature=youtu.be ------------------------------------------------------------------------------------------ Instructions for FBstalker Install Google Chrome and ChromeDriver on Kali Linux + If you are using 32 bit Kali Linux (run uname -r to find out) wget https://dl.google.com/linux/direct/google-chrome-stable_current_i386.deb +dpkg -i google-chrome-stable_current_i386.deb -wget https://chromedriver.googlecode.com/files/chromedriver_linux32_23.0.1240.0.zip -unzip chromedriver_linux32_23.0.1240.0.zip +wget http://chromedriver.storage.googleapis.com/2.14/chromedriver_linux32.zip +unzip chromedriver_linux32.zip cp chromedriver /usr/bin/chromedriver chmod 777 /usr/bin/chromedriver If you are using 64 bit Kali Linux (run uname -r to find out) wget https://dl.google.com/linux/direct/google-chrome-stable_current_amd64.deb +dpkg -i google-chrome-stable_current_amd64.deb -wget https://chromedriver.googlecode.com/files/chromedriver_linux64_23.0.1240.0.zip -unzip chromedriver_linux64_23.0.1240.0.zip +wget http://chromedriver.storage.googleapis.com/2.14/chromedriver_linux64.zip +unzip chromedriver_linux64.zip cp chromedriver /usr/bin/chromedriver chmod 777 /usr/bin/chromedriver From a11b364bdd6470ad4a0ba264f80a00a7823ad6a7 Mon Sep 17 00:00:00 2001 From: Fluffinko Date: Fri, 3 Apr 2015 12:38:33 +0200 Subject: [PATCH 05/13] Update README --- README | 29 +++++++---------------------- 1 file changed, 7 insertions(+), 22 deletions(-) diff --git a/README b/README index 99d8a4a..4e72af6 100644 --- a/README +++ b/README @@ -1,5 +1,3 @@ -Python Scripts - fbStalker - OSINT tool for Facebook - Based on Facebook Graph and other stuff geoStalker - OSINT tool for Geolocation related sources - Flickr, Instagram, Twitter, Wigle. The userIDs found is used to find social media accounts across other networks like Facebook, Youtube, Instagram, Google+, Linkedin and Google Search @@ -7,16 +5,15 @@ geoStalker - OSINT tool for Geolocation related sources - Flickr, Instagram, Twi Presentation Slides of our talk at HackInTheBox Kuala Lumpur 2013. http://conference.hitb.org/hitbsecconf2013kul/materials/D2T3%20-%20Keith%20Lee%20and%20Jonathan%20Werrett%20-%20Facebook%20OSINT.pdf ------------------------------------------------------------------------------------------ - Videos Geostalker running in Kali Linux https://www.youtube.com/watch?v=qUqT9Ct2kg0&feature=youtu.be - ------------------------------------------------------------------------------------------ -Instructions for FBstalker -Install Google Chrome and ChromeDriver on Kali Linux +Instalation instructions for FBstalker +------------------------------------------------------------------------------------------ +Install Google Chrome and ChromeDriver on Ubuntu 14.04 -If you are using 32 bit Kali Linux (run uname -r to find out) +If you are using 32 bit wget https://dl.google.com/linux/direct/google-chrome-stable_current_i386.deb dpkg -i google-chrome-stable_current_i386.deb @@ -25,7 +22,7 @@ unzip chromedriver_linux32.zip cp chromedriver /usr/bin/chromedriver chmod 777 /usr/bin/chromedriver -If you are using 64 bit Kali Linux (run uname -r to find out) +If you are using 64 bit wget https://dl.google.com/linux/direct/google-chrome-stable_current_amd64.deb dpkg -i google-chrome-stable_current_amd64.deb @@ -35,21 +32,9 @@ cp chromedriver /usr/bin/chromedriver chmod 777 /usr/bin/chromedriver sudo apt-get install python-setuptools -wget https://pypi.python.org/packages/source/p/pip/pip-1.4.1.tar.gz -tar xvfz pip-1.4.1.tar.gz -cd pip-1.4.1 -sudo python2.7 setup.py install - -pip install pytz -pip install tzlocal -pip install termcolor -pip install selenium -pip install requests --upgrade -pip install beautifulsoup4 +sudo apt-get install python-pip +sudo pip install pygraphml pytz tzlocal termcolor selenium requests --upgrade beautifulsoup4 -git clone https://github.com/hadim/pygraphml.git -cd pygraphml -python2.7 setup.py install Edit fbstalker.py and update facebook_username (same as email address) and facebook_password. From 02640513e7957201d580ffb2f5caeadccf472074 Mon Sep 17 00:00:00 2001 From: Fluffinko Date: Fri, 3 Apr 2015 12:39:42 +0200 Subject: [PATCH 06/13] Update README --- README | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/README b/README index 4e72af6..e34b548 100644 --- a/README +++ b/README @@ -35,8 +35,11 @@ sudo apt-get install python-setuptools sudo apt-get install python-pip sudo pip install pygraphml pytz tzlocal termcolor selenium requests --upgrade beautifulsoup4 +wget https://github.com/Fluffinko/osintstalker/raw/master/fbstalker1.py -Edit fbstalker.py and update facebook_username (same as email address) and facebook_password. +vi fbstalker1.py + +Edit fbstalker.py and update facebook_username (same as email address) and facebook_password and API key Run python fbstalker.py -user [facebook target username] From 6217b7dbad6dfb053dcdcd1e0e679727f6ad7602 Mon Sep 17 00:00:00 2001 From: Fluffinko Date: Fri, 3 Apr 2015 13:19:03 +0200 Subject: [PATCH 07/13] Update README --- README | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/README b/README index e34b548..7ce18f6 100644 --- a/README +++ b/README @@ -33,7 +33,8 @@ chmod 777 /usr/bin/chromedriver sudo apt-get install python-setuptools sudo apt-get install python-pip -sudo pip install pygraphml pytz tzlocal termcolor selenium requests --upgrade beautifulsoup4 +sudo pip install pygraphml pytz tzlocal termcolor selenium requests==2.5.3 beautifulsoup4 + wget https://github.com/Fluffinko/osintstalker/raw/master/fbstalker1.py From fc0a7325408934ace9f829a4a7e53ed12d6d2154 Mon Sep 17 00:00:00 2001 From: Fluffinko Date: Fri, 3 Apr 2015 13:44:29 +0200 Subject: [PATCH 08/13] Update fbstalker1.py --- fbstalker1.py | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/fbstalker1.py b/fbstalker1.py index 0b1d6d4..0d786cf 100644 --- a/fbstalker1.py +++ b/fbstalker1.py @@ -1560,7 +1560,7 @@ def parseVideosBy(html): r = re.compile('href="(.*?)&') m = r.search(str(x)) if m: - filename = str(m.group(1)).replace("https://www.facebook.com/photo.php?v=","v_") + filename = str(m.group(1)).replace("https://www.facebook.com/video.php?v=","v_") filename = filename+".html" url = m.group(1) if not os.path.lexists(filename): From 2ebdb1d0e93ee41a4d9e59491d70bb6d2c103d30 Mon Sep 17 00:00:00 2001 From: Fluffinko Date: Fri, 3 Apr 2015 13:47:11 +0200 Subject: [PATCH 09/13] Update fbstalker1.py --- fbstalker1.py | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/fbstalker1.py b/fbstalker1.py index 0d786cf..3c21b9a 100644 --- a/fbstalker1.py +++ b/fbstalker1.py @@ -523,7 +523,7 @@ def parseTimeline(html,username): if len(tlDateTimeLoc[1].text)>0: print "[*] Location of Post: "+unicode(tlDateTimeLoc[1].text) if len(tlDateTimeLoc[2].text)>0: - print "[*] Device: "+str(tlDateTimeLoc[2].text) + print "[*] Device: "+unicode(tlDateTimeLoc[2].text) except IndexError: continue From 131d74e64f7b1ae9b2bdc61bb2ea3fa450c7369c Mon Sep 17 00:00:00 2001 From: Fluffinko Date: Fri, 3 Apr 2015 14:03:00 +0200 Subject: [PATCH 10/13] Update fbstalker1.py --- fbstalker1.py | 10 ++++++---- 1 file changed, 6 insertions(+), 4 deletions(-) diff --git a/fbstalker1.py b/fbstalker1.py index 3c21b9a..8af6227 100644 --- a/fbstalker1.py +++ b/fbstalker1.py @@ -2006,16 +2006,18 @@ def showhelp(): print " MMMMMMMMMIMMMMMMMMMMMMMMMMMM8IMMMMMMMMMM" print """ + ##################################################### - # fbStalker.py # - # [Trustwave Spiderlabs] # + # fbStalker.py # + # [by Trustwave Spiderlabs] # + # [modified by Fluffinko ] # ##################################################### Usage: python fbStalker.py [OPTIONS] [OPTIONS] - -user [Facebook Username] - -report [Filename] + -user [Facebook Username] [Filename of report] + example: fbStalker.py -user test reportname """ if __name__ == '__main__': From e4c085bfca88a6286242884162140d96a6a96a2f Mon Sep 17 00:00:00 2001 From: Fluffinko Date: Fri, 3 Apr 2015 14:03:34 +0200 Subject: [PATCH 11/13] Update fbstalker1.py --- fbstalker1.py | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/fbstalker1.py b/fbstalker1.py index 8af6227..f296199 100644 --- a/fbstalker1.py +++ b/fbstalker1.py @@ -2017,7 +2017,7 @@ def showhelp(): [OPTIONS] -user [Facebook Username] [Filename of report] - example: fbStalker.py -user test reportname + exaplme: fbStalker.py -user test reportname """ if __name__ == '__main__': From 8d6cfcd831ef97229d7ea572495bc01f0bd55b03 Mon Sep 17 00:00:00 2001 From: Fluffinko Date: Fri, 3 Apr 2015 14:15:01 +0200 Subject: [PATCH 12/13] Update fbstalker1.py --- fbstalker1.py | 82 +++++++++++++++++++++++++++++---------------------- 1 file changed, 47 insertions(+), 35 deletions(-) diff --git a/fbstalker1.py b/fbstalker1.py index f296199..c6ec4af 100644 --- a/fbstalker1.py +++ b/fbstalker1.py @@ -1978,46 +1978,58 @@ def options(arguments): def showhelp(): - print "" - print " MMMMMM$ZMMMMMDIMMMMMMMMNIMMMMMMIDMMMMMMM" - print " MMMMMMNINMMMMDINMMMMMMMZIMMMMMZIMMMMMMMM" - print " MMMMMMMIIMMMMMI$MMMMMMMIIMMMM8I$MMMMMMMM" - print " MMMMMMMMIINMMMIIMMMMMMNIIMMMOIIMMMMMMMMM" - print " MMMMMMMMOIIIMM$I$MMMMNII8MNIIINMMMMMMMMM" - print " MMMMMMMMMZIIIZMIIIMMMIIIM7IIIDMMMMMMMMMM" - print " MMMMMMMMMMDIIIIIIIZMIIIIIII$MMMMMMMMMMMM" - print " MMMMMMMMMMMM8IIIIIIZIIIIIIMMMMMMMMMMMMMM" - print " MMMMMMMMMMMNIIIIIIIIIIIIIIIMMMMMMMMMMMMM" - print " MMMMMMMMM$IIIIIIIIIIIIIIIIIII8MMMMMMMMMM" - print " MMMMMMMMIIIIIZIIIIZMIIIIIDIIIIIMMMMMMMMM" - print " MMMMMMOIIIDMDIIIIZMMMIIIIIMMOIIINMMMMMMM" - print " MMMMMNIIIMMMIIII8MMMMM$IIIZMMDIIIMMMMMMM" - print " MMMMIIIZMMM8IIIZMMMMMMMIIIIMMMM7IIZMMMMM" - print " MMM$IIMMMMOIIIIMMMMMMMMMIIIIMMMM8IIDMMMM" - print " MMDIZMMMMMIIIIMMMMMMMMMMNIII7MMMMNIIMMMM" - print " MMIOMMMMMNIII8MMMMMMMMMMM7IIIMMMMMM77MMM" - print " MO$MMMMMM7IIIMMMMMMMMMMMMMIII8MMMMMMIMMM" - print " MIMMMMMMMIIIDMMMMMMMMMMMMM$II7MMMMMMM7MM" - print " MMMMMMMMMIIIMMMMMMMMMMMMMMMIIIMMMMMMMDMM" - print " MMMMMMMMMII$MMMMMMMMMMMMMMMIIIMMMMMMMMMM" - print " MMMMMMMMNIINMMMMMMMMMMMMMMMOIIMMMMMMMMMM" - print " MMMMMMMMNIOMMMMMMMMMMMMMMMMM7IMMMMMMMMMM" - print " MMMMMMMMNINMMMMMMMMMMMMMMMMMZIMMMMMMMMMM" - print " MMMMMMMMMIMMMMMMMMMMMMMMMMMM8IMMMMMMMMMM" - print """ - + , , + $, $, , + "ss.$ss. .s' + , .ss$$$$$$$$$$s, + $. s$$$$$$$$$$$$$$`$$Ss + "$$$$$$$$$$$$$$$$$$o$$$ , + s$$$$$$$$$$$$$$$$$$$$$$$$s, ,s + s$$$$$$$$$"$$$$$$""'"$$$$$$"$$$$$, + s$$$$$$$$$$s""$$$$ssssss"$$$$$$$$" + s$$$$$$$$$$' `"'"ss"$"$s"" + s$$$$$$$$$$, `"'"'"$ .s$$s + s$$$$$$$$$$$$s,... `s$$' ` + `ssss$$$$$$$$$$$$$$$$$$$$####s. .$$"$. , s- + `""'"$$$$$$$$$$$$$$$$$$$$#####$$$$$$" $.$' + "$$$$$$$$$$$$$$$$$$$$$####s"" .$$$| + "$$$$$$$$$$$$$$$$$$$$$$$$##s .$$" $ + $$""$$$$$$$$$$$$$$$$$$$$$$$$$$$$$" ` + $$" "$"$$$$$$$$$$$$$$$$$$$$S"'""' + , ," ' $$$$$$$$$$$$$$$$####s + $. .s$$$$$$$$$$$$$$$$$####" + , "$s. ..ssS$$$$$$$$$$$$$$$$$$$####" + $ .$$$S$$$$$$$$$$$$$$$$$$$$$$$$#####" + Ss ..sS$$$$$$$$$$$$$$$$$$$$$$$$$$$######"" + "$$sS$$$$$$$$$$$$$$$$$$$$$$$$$$$########" + , s$$$$$$$$$$$$$$$$$$$$$$$$#########""' + $ s$$$$$$$$$$$$$$$$$$$$$#######""' s' , + $$..$$$$$$$$$$$$$$$$$$######"' ....,$$.... ,$ + "$$$$$$$$$$$$$$$######"' , .sS$$$$$$$$$$$$$$$$s$$ + $$$$$$$$$$$$#####" $, .s$$$$$$$$$$$$$$$$$$$$$$$$s. + ) $$$$$$$$$$$#####' `$$$$$$$$$###########$$$$$$$$$$$. + (( $$$$$$$$$$$##### $$$$$$$$###" "####$$$$$$$$$$ + ) \ $$$$$$$$$$$$####. $$$$$$###" "###$$$$$$$$$ s' + ( ) $$$$$$$$$$$$$####. $$$$$###" ####$$$$$$$$s$$' + ) ( ( $$"$$$$$$$$$$$#####.$$$$$###' -Fluffinko .###$$$$$$$$$$" + ( ) ) _,$" $$$$$$$$$$$$######.$$##' .###$$$$$$$$$$ + ) ( ( \. "$$$$$$$$$$$$$#######,,,. ..####$$$$$$$$$$$" +( )$ ) ) ,$$$$$$$$$$$$$$$$$$####################$$$$$$$$$$$" +( ($$ ( \ _sS" `"$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$S$$, + ) )$$$s ) ) . . `$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$"' `$$ + ( $$$Ss/ .$, .$,,s$$$$$$##S$$$$$$$$$$$$$$$$$$$$$$$$S"" ' + \)_$$$$$$$$$$$$$$$$$$$$$$$##" $$ `$$. `$$. + `"S$$$$$$$$$$$$$$$$$#" $ `$ `$ + `"'""'"'""'""'' ' ' ' + """ + print """ ##################################################### # fbStalker.py # # [by Trustwave Spiderlabs] # - # [modified by Fluffinko ] # + # [ updated by Fluffinko ] # ##################################################### - Usage: python fbStalker.py [OPTIONS] - - [OPTIONS] - - -user [Facebook Username] [Filename of report] - exaplme: fbStalker.py -user test reportname + Usage: python fbStalker.py -user [Facebook Username] [Filename of report] """ if __name__ == '__main__': From db0ac364fd11e9051f829e374913e0d5e15ec9f1 Mon Sep 17 00:00:00 2001 From: Fluffinko Date: Fri, 3 Apr 2015 14:39:18 +0200 Subject: [PATCH 13/13] Update fbstalker1.py --- fbstalker1.py | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/fbstalker1.py b/fbstalker1.py index c6ec4af..d9f2c42 100644 --- a/fbstalker1.py +++ b/fbstalker1.py @@ -5,10 +5,12 @@ import zipfile import sys import re +import time import datetime import operator import sqlite3 import os +import locale from datetime import datetime from datetime import date import pytz @@ -24,9 +26,7 @@ from selenium.webdriver.common.desired_capabilities import DesiredCapabilities from selenium.webdriver.support.ui import WebDriverWait from selenium.common.exceptions import TimeoutException -import time,re,sys from selenium.webdriver.common.keys import Keys -import datetime from bs4 import BeautifulSoup from StringIO import StringIO