From fa324a112be92d829ff5fac4b597a109b63a6896 Mon Sep 17 00:00:00 2001 From: akshay kalucha Date: Tue, 29 Sep 2020 00:37:47 +0530 Subject: [PATCH 1/5] Initial draft of script --- Twitter_bomber.py | 88 +++++++++++++++++++++++++++++++++++++++++ test.py | 99 +++++++++++++++++++++++++++++++++++++++++++++++ 2 files changed, 187 insertions(+) create mode 100644 Twitter_bomber.py create mode 100644 test.py diff --git a/Twitter_bomber.py b/Twitter_bomber.py new file mode 100644 index 0000000..29c8457 --- /dev/null +++ b/Twitter_bomber.py @@ -0,0 +1,88 @@ +from selenium import webdriver +import os +from webdriver_manager.chrome import ChromeDriverManager +import argparse +from selenium.webdriver.support.ui import WebDriverWait +from selenium.webdriver.common.by import By +from selenium.webdriver.support import expected_conditions as EC +import time +from selenium.webdriver.chrome.options import Options + + +def banner(): + print(''' + _______ __ __ ____ ____ __ __ ____ + |__ __| \ \ / / | _ \ / __ \ | \/ | | _ \ /\ + | | \ \ /\ / / ___ __ _ _ __ | |_) | | | | | | \ / | | |_) | / \ + | | \ \/ \/ / / __| / _` | | '__| | _ < | | | | | |\/| | | _ < / /\ \ + | | \ /\ / \__ \ | (_| | | | | |_) | | |__| | | | | | | |_) | / ____ \ ☢️ + |_| \/ \/ |___/ \__,_| |_| |____/ \____/ |_| |_| |____/ /_/ \_\ + + By: akshaykalucha3 + Note : I won't be responsible for any damage caused by this script, Use at your own risk + + ''') + +parser = argparse.ArgumentParser(description='Bomb twitter user with spam messages') + +parser.add_argument('--username', type=str, required=True, help="twitter username @\ of user, can be his phone number or email") +parser.add_argument('--password', type=str, required=True, help="twitter password of the user") +args = parser.parse_args() + +chrome_options = webdriver.ChromeOptions() +chrome_options.add_experimental_option("detach", True) +driver = webdriver.Chrome(ChromeDriverManager().install(), options=chrome_options) + + +def bombMsg(n, txt): + for i in range(n): + WebDriverWait(driver, 20).until(EC.element_to_be_clickable((By.CSS_SELECTOR, '#react-root > div > div > div.css-1dbjc4n.r-18u37iz.r-13qz1uu.r-417010 > main > div > div > div > section:nth-child(2) > div.css-1dbjc4n.r-1pz39u2.r-13awgt0 > div > div > div > div > aside > div.css-1dbjc4n.r-obd0qt.r-18u37iz.r-1uu6nss.r-13qz1uu > div.css-1dbjc4n.r-1kihuf0.r-16y2uox.r-1wbh5a2 > div > div > div > div > div.css-901oao.r-jwli3a.r-6koalj.r-16y2uox.r-1qd0xha.r-a023e6.r-16dba41.r-ad9z0x.r-bcqeeo.r-qvutc0 > div > div > div > div.DraftEditor-editorContainer > div > div > div > div'))).send_keys(txt) + SendBtn = driver.find_element_by_xpath('//*[@id="react-root"]/div/div/div[2]/main/div/div/div/section[2]/div[2]/div/div/div/div/aside/div[2]/div[3]') + SendBtn.click() + print("Bombing Complete !!!") + banner() + + +def attack(): + driver.get('https://twitter.com/login') + userId = driver.find_element_by_xpath('//*[@id="react-root"]/div/div/div[2]/main/div/div/div[1]/form/div/div[1]/label/div/div[2]/div/input') + userId.send_keys(args.username) + userPass = driver.find_element_by_xpath('//*[@id="react-root"]/div/div/div[2]/main/div/div/div[1]/form/div/div[2]/label/div/div[2]/div/input') + userPass.send_keys(args.password) + + loginBtn = driver.find_element_by_xpath('//*[@id="react-root"]/div/div/div[2]/main/div/div/div[1]/form/div/div[3]/div') + loginBtn.click() + driver.minimize_window() + + name = input('Enter the twitter name of victim: ') + if len(name) >= 3: + pass + else: + name = input('Enter the name of victim correctly: ') + + ### GET VICTIM PROFILE PAGE ### + driver.get(f'https://twitter.com/{name}') + time.sleep(1) + driver.maximize_window() + + + ## GET MESSAGE INBOX ### + messageLink = driver.find_element_by_xpath('//*[@id="react-root"]/div/div/div[2]/main/div/div/div/div[1]/div/div[2]/div/div/div[1]/div/div[1]/div/div[2]') + messageLink.click() + driver.minimize_window() + + #### SEND MESSAGE IN VICTIMS INBOX ### + + WebDriverWait(driver, 20).until(EC.element_to_be_clickable((By.XPATH, '//*[@id="react-root"]/div/div/div[2]/main/div/div/div/section[2]/div[2]/div/div/div/div/aside/div[2]/div[2]/div/div/div/div/div[1]/div'))).click() + MsgBx = driver.find_element_by_css_selector('#react-root > div > div > div.css-1dbjc4n.r-18u37iz.r-13qz1uu.r-417010 > main > div > div > div > section:nth-child(2) > div.css-1dbjc4n.r-1pz39u2.r-13awgt0 > div > div > div > div > aside > div.css-1dbjc4n.r-obd0qt.r-18u37iz.r-1uu6nss.r-13qz1uu > div.css-1dbjc4n.r-1kihuf0.r-16y2uox.r-1wbh5a2 > div > div > div > div > div.css-901oao.r-jwli3a.r-6koalj.r-16y2uox.r-1qd0xha.r-a023e6.r-16dba41.r-ad9z0x.r-bcqeeo.r-qvutc0 > div > div > div > div.DraftEditor-editorContainer > div > div > div > div') + Ops = int(input("Select what form of messahe you would like to send: \n Enter [1] to send manual message Enter [2] to import a txt file: ")) + if Ops == 1: + Content = input("Enter the message: ") + elif Ops == 2: + fileLoc = input("Enter the file location: ") + instances = int(input("Enter total count: ")) + + bombMsg(instances, Content) + +attack() + diff --git a/test.py b/test.py new file mode 100644 index 0000000..9c485af --- /dev/null +++ b/test.py @@ -0,0 +1,99 @@ + +#!/usr/bin/python3 + +import requests +import argparse +from concurrent.futures import ThreadPoolExecutor +import json +import time +from Provider import Provider + +# args + +parser = argparse.ArgumentParser() +parser.add_argument('target', metavar='TARGET', type=lambda value: (_ for _ in ()).throw(argparse.ArgumentTypeError(f'{value} is an invalid mobile number')) if len(value) != 10 else value, + help='Target mobile number without country code') +parser.add_argument('--sms', '-S', type=int, + help='Number of sms to target (default: 20)', default=20) +parser.add_argument('--country', '-c', type=int, + help='Country code without (+) sign (default: 91)', default=91) +parser.add_argument('--threads', '-T', type=int, + help='Max number of concurrent HTTP(s) requests (default: 20)', default=20) +parser.add_argument('--proxy', '-p', action='store_true', + help='Use proxy for bombing (It is advisable to use this option if you are bombing more than 50 sms)') +parser.add_argument('--verbose', '-v', action='store_true', + help='Verbose') +parser.add_argument('--verify', '-V', action='store_true', + help='To verify all providers are working or not') +args = parser.parse_args() + +# config loading +target = str(args.target) +no_of_threads = args.threads +no_of_sms = args.sms +fails, success = 0, 0 +not args.verbose and not args.verify and print( + f'Target: {target} | Threads: {no_of_threads} | SMS: {no_of_sms}') + +# proxy setup +# https://gimmeproxy.com/api/getProxy?curl=true&protocol=http&supportsHttps=true + + +def get_proxy(): + args.verbose and print('Gethering proxy...') + curl = requests.get( + 'https://gimmeproxy.com/api/getProxy?curl=true&protocol=http&supportsHttps=true').text + if 'limit' in curl: + print('Proxy limitation error. Try without `-p` or `--proxy` argument') + exit() + args.verbose and print(f'Using Proxy: {curl}') + return {"http": curl, "https": curl} + + +proxies = get_proxy() if args.proxy else False +# proxies = {"http": "http://127.0.0.1:8080", "https": "http://127.0.0.1:8080"} + +# bomber function + + +def bomber(p): + global fails, success, no_of_sms + if not args.verify and p is None or success > no_of_sms: + return + elif not p.done: + try: + p.start() + if p.status(): + success += 1 + else: + fails += 1 + except: + fails += 1 + args.verbose or args.verify and print( + '{:12}: error'.format(p.config['name'])) + not args.verbose and not args.verify and print( + f'Bombing : {success+fails}/{no_of_sms} | Success: {success} | Failed: {fails}', end='\r') + + +# threadsssss +start = time.time() +if args.verify: + providers = json.load(open('config.json', 'r'))['providers'] + pall = [p for x in providers.values() for p in x] + with ThreadPoolExecutor(max_workers=len(pall)) as executor: + for config in pall: + executor.submit(bomber, Provider(target, proxy=proxies, + verbose=True, cc=str(args.country), config=config)) + print(f'Total {len(pall)} providers available') +else: + with ThreadPoolExecutor(max_workers=no_of_threads) as executor: + for i in range(no_of_sms): + p = Provider(target, proxy=proxies, + verbose=args.verbose, cc=str(args.country)) + executor.submit(bomber, p) +end = time.time() + + +# finalize +print(f'\nSuccess: {success} | Failed: {fails}') +print(f'Took {end-start:.2f}s to complete') \ No newline at end of file From c742bbc20c2912a7d723195420f5d4631c29526c Mon Sep 17 00:00:00 2001 From: akshay kalucha Date: Tue, 29 Sep 2020 23:24:22 +0530 Subject: [PATCH 2/5] update commit --- Twitter_bomber.py | 2 +- debug.log | 4 ++ test.py | 103 ++++------------------------------------------ 3 files changed, 14 insertions(+), 95 deletions(-) create mode 100644 debug.log diff --git a/Twitter_bomber.py b/Twitter_bomber.py index 29c8457..4ebbd3d 100644 --- a/Twitter_bomber.py +++ b/Twitter_bomber.py @@ -6,6 +6,7 @@ from selenium.webdriver.support.ui import WebDriverWait from selenium.webdriver.common.by import By from selenium.webdriver.support import expected_conditions as EC import time +import sys from selenium.webdriver.chrome.options import Options @@ -69,7 +70,6 @@ def attack(): ## GET MESSAGE INBOX ### messageLink = driver.find_element_by_xpath('//*[@id="react-root"]/div/div/div[2]/main/div/div/div/div[1]/div/div[2]/div/div/div[1]/div/div[1]/div/div[2]') messageLink.click() - driver.minimize_window() #### SEND MESSAGE IN VICTIMS INBOX ### diff --git a/debug.log b/debug.log new file mode 100644 index 0000000..26901fa --- /dev/null +++ b/debug.log @@ -0,0 +1,4 @@ +[0929/005058.248:ERROR:process_reader_win.cc(123)] NtOpenThread: {Access Denied} A process has requested access to an object, but has not been granted those access rights. (0xc0000022) +[0929/005058.253:ERROR:process_reader_win.cc(123)] NtOpenThread: {Access Denied} A process has requested access to an object, but has not been granted those access rights. (0xc0000022) +[0929/005058.595:ERROR:exception_snapshot_win.cc(99)] thread ID 17208 not found in process +[0929/005058.596:ERROR:exception_snapshot_win.cc(99)] thread ID 22040 not found in process diff --git a/test.py b/test.py index 9c485af..aeeed4d 100644 --- a/test.py +++ b/test.py @@ -1,99 +1,14 @@ - -#!/usr/bin/python3 - -import requests -import argparse -from concurrent.futures import ThreadPoolExecutor -import json +import sys import time -from Provider import Provider -# args +print("Loading:") -parser = argparse.ArgumentParser() -parser.add_argument('target', metavar='TARGET', type=lambda value: (_ for _ in ()).throw(argparse.ArgumentTypeError(f'{value} is an invalid mobile number')) if len(value) != 10 else value, - help='Target mobile number without country code') -parser.add_argument('--sms', '-S', type=int, - help='Number of sms to target (default: 20)', default=20) -parser.add_argument('--country', '-c', type=int, - help='Country code without (+) sign (default: 91)', default=91) -parser.add_argument('--threads', '-T', type=int, - help='Max number of concurrent HTTP(s) requests (default: 20)', default=20) -parser.add_argument('--proxy', '-p', action='store_true', - help='Use proxy for bombing (It is advisable to use this option if you are bombing more than 50 sms)') -parser.add_argument('--verbose', '-v', action='store_true', - help='Verbose') -parser.add_argument('--verify', '-V', action='store_true', - help='To verify all providers are working or not') -args = parser.parse_args() +#animation = ["10%", "20%", "30%", "40%", "50%", "60%", "70%", "80%", "90%", "100%"] +animation = ["[■□□□□□□□□□]","[■■□□□□□□□□]", "[■■■□□□□□□□]", "[■■■■□□□□□□]", "[■■■■■□□□□□]", "[■■■■■■□□□□]", "[■■■■■■■□□□]", "[■■■■■■■■□□]", "[■■■■■■■■■□]", "[■■■■■■■■■■]"] -# config loading -target = str(args.target) -no_of_threads = args.threads -no_of_sms = args.sms -fails, success = 0, 0 -not args.verbose and not args.verify and print( - f'Target: {target} | Threads: {no_of_threads} | SMS: {no_of_sms}') +for i in range(len(animation)): + time.sleep(0.2) + sys.stdout.write("\r" + animation[i % len(animation)]) + sys.stdout.flush() -# proxy setup -# https://gimmeproxy.com/api/getProxy?curl=true&protocol=http&supportsHttps=true - - -def get_proxy(): - args.verbose and print('Gethering proxy...') - curl = requests.get( - 'https://gimmeproxy.com/api/getProxy?curl=true&protocol=http&supportsHttps=true').text - if 'limit' in curl: - print('Proxy limitation error. Try without `-p` or `--proxy` argument') - exit() - args.verbose and print(f'Using Proxy: {curl}') - return {"http": curl, "https": curl} - - -proxies = get_proxy() if args.proxy else False -# proxies = {"http": "http://127.0.0.1:8080", "https": "http://127.0.0.1:8080"} - -# bomber function - - -def bomber(p): - global fails, success, no_of_sms - if not args.verify and p is None or success > no_of_sms: - return - elif not p.done: - try: - p.start() - if p.status(): - success += 1 - else: - fails += 1 - except: - fails += 1 - args.verbose or args.verify and print( - '{:12}: error'.format(p.config['name'])) - not args.verbose and not args.verify and print( - f'Bombing : {success+fails}/{no_of_sms} | Success: {success} | Failed: {fails}', end='\r') - - -# threadsssss -start = time.time() -if args.verify: - providers = json.load(open('config.json', 'r'))['providers'] - pall = [p for x in providers.values() for p in x] - with ThreadPoolExecutor(max_workers=len(pall)) as executor: - for config in pall: - executor.submit(bomber, Provider(target, proxy=proxies, - verbose=True, cc=str(args.country), config=config)) - print(f'Total {len(pall)} providers available') -else: - with ThreadPoolExecutor(max_workers=no_of_threads) as executor: - for i in range(no_of_sms): - p = Provider(target, proxy=proxies, - verbose=args.verbose, cc=str(args.country)) - executor.submit(bomber, p) -end = time.time() - - -# finalize -print(f'\nSuccess: {success} | Failed: {fails}') -print(f'Took {end-start:.2f}s to complete') \ No newline at end of file +print("\n") \ No newline at end of file From b51835c12893d314568c888a08a8ca2b38f35f4b Mon Sep 17 00:00:00 2001 From: akshay kalucha Date: Wed, 30 Sep 2020 11:58:41 +0530 Subject: [PATCH 3/5] steps commit --- Twitter_bomber.py | 13 +++++++++++-- debug.log | 4 ---- 2 files changed, 11 insertions(+), 6 deletions(-) delete mode 100644 debug.log diff --git a/Twitter_bomber.py b/Twitter_bomber.py index 4ebbd3d..f0cb5a8 100644 --- a/Twitter_bomber.py +++ b/Twitter_bomber.py @@ -26,8 +26,17 @@ def banner(): parser = argparse.ArgumentParser(description='Bomb twitter user with spam messages') -parser.add_argument('--username', type=str, required=True, help="twitter username @\ of user, can be his phone number or email") -parser.add_argument('--password', type=str, required=True, help="twitter password of the user") +""" 4 Step: + + 1) run command python Twitter_bomber.py -u *your_twitter_username* -p *your_twitter_password* + 2) enter correct username of person you want to spam, make sure his twitter messages are open + 3) press 1 if you want to manually type the message you eant to send; or 2 if you want to export a file and extract message from there + 4) enter message count + +""" + +parser.add_argument('-u', '--username', type=str, required=True, help="twitter username @\ of user, can be his phone number or email") +parser.add_argument('-p', '--password', type=str, required=True, help="twitter password of the user") args = parser.parse_args() chrome_options = webdriver.ChromeOptions() diff --git a/debug.log b/debug.log deleted file mode 100644 index 26901fa..0000000 --- a/debug.log +++ /dev/null @@ -1,4 +0,0 @@ -[0929/005058.248:ERROR:process_reader_win.cc(123)] NtOpenThread: {Access Denied} A process has requested access to an object, but has not been granted those access rights. (0xc0000022) -[0929/005058.253:ERROR:process_reader_win.cc(123)] NtOpenThread: {Access Denied} A process has requested access to an object, but has not been granted those access rights. (0xc0000022) -[0929/005058.595:ERROR:exception_snapshot_win.cc(99)] thread ID 17208 not found in process -[0929/005058.596:ERROR:exception_snapshot_win.cc(99)] thread ID 22040 not found in process From cdd8f8ef87a94cd6a3f2436ccd3110e5dd588010 Mon Sep 17 00:00:00 2001 From: akshay kalucha Date: Thu, 1 Oct 2020 17:34:53 +0530 Subject: [PATCH 4/5] Twitter bomber fixes --- Twitter_bomber.py | 14 ++++++++++---- 1 file changed, 10 insertions(+), 4 deletions(-) diff --git a/Twitter_bomber.py b/Twitter_bomber.py index f0cb5a8..8fd84b3 100644 --- a/Twitter_bomber.py +++ b/Twitter_bomber.py @@ -27,9 +27,12 @@ def banner(): parser = argparse.ArgumentParser(description='Bomb twitter user with spam messages') """ 4 Step: - + cautain: be sure your connection is fast and take no more than 4-5sec to enter username of the victim as chrome driver is stateless + and opening a new url after a interval of seconds may log you out of your twitter account. + 1) run command python Twitter_bomber.py -u *your_twitter_username* -p *your_twitter_password* - 2) enter correct username of person you want to spam, make sure his twitter messages are open + 2) enter correct username of person you want to spam, make sure his twitter messages are open, after message screen is opened, + minimize window 7 follow #3 3) press 1 if you want to manually type the message you eant to send; or 2 if you want to export a file and extract message from there 4) enter message count @@ -59,17 +62,19 @@ def attack(): userId.send_keys(args.username) userPass = driver.find_element_by_xpath('//*[@id="react-root"]/div/div/div[2]/main/div/div/div[1]/form/div/div[2]/label/div/div[2]/div/input') userPass.send_keys(args.password) - loginBtn = driver.find_element_by_xpath('//*[@id="react-root"]/div/div/div[2]/main/div/div/div[1]/form/div/div[3]/div') loginBtn.click() driver.minimize_window() + name = input('Enter the twitter name of victim: ') if len(name) >= 3: pass else: name = input('Enter the name of victim correctly: ') + + ### GET VICTIM PROFILE PAGE ### driver.get(f'https://twitter.com/{name}') time.sleep(1) @@ -80,8 +85,9 @@ def attack(): messageLink = driver.find_element_by_xpath('//*[@id="react-root"]/div/div/div[2]/main/div/div/div/div[1]/div/div[2]/div/div/div[1]/div/div[1]/div/div[2]') messageLink.click() - #### SEND MESSAGE IN VICTIMS INBOX ### + + #### SEND MESSAGE IN VICTIMS INBOX ### WebDriverWait(driver, 20).until(EC.element_to_be_clickable((By.XPATH, '//*[@id="react-root"]/div/div/div[2]/main/div/div/div/section[2]/div[2]/div/div/div/div/aside/div[2]/div[2]/div/div/div/div/div[1]/div'))).click() MsgBx = driver.find_element_by_css_selector('#react-root > div > div > div.css-1dbjc4n.r-18u37iz.r-13qz1uu.r-417010 > main > div > div > div > section:nth-child(2) > div.css-1dbjc4n.r-1pz39u2.r-13awgt0 > div > div > div > div > aside > div.css-1dbjc4n.r-obd0qt.r-18u37iz.r-1uu6nss.r-13qz1uu > div.css-1dbjc4n.r-1kihuf0.r-16y2uox.r-1wbh5a2 > div > div > div > div > div.css-901oao.r-jwli3a.r-6koalj.r-16y2uox.r-1qd0xha.r-a023e6.r-16dba41.r-ad9z0x.r-bcqeeo.r-qvutc0 > div > div > div > div.DraftEditor-editorContainer > div > div > div > div') Ops = int(input("Select what form of messahe you would like to send: \n Enter [1] to send manual message Enter [2] to import a txt file: ")) From a5529cac84b3713ff3cb36daa7abeff48b3ed188 Mon Sep 17 00:00:00 2001 From: akshay kalucha Date: Thu, 1 Oct 2020 17:36:54 +0530 Subject: [PATCH 5/5] test.py deleted --- test.py | 14 -------------- 1 file changed, 14 deletions(-) delete mode 100644 test.py diff --git a/test.py b/test.py deleted file mode 100644 index aeeed4d..0000000 --- a/test.py +++ /dev/null @@ -1,14 +0,0 @@ -import sys -import time - -print("Loading:") - -#animation = ["10%", "20%", "30%", "40%", "50%", "60%", "70%", "80%", "90%", "100%"] -animation = ["[■□□□□□□□□□]","[■■□□□□□□□□]", "[■■■□□□□□□□]", "[■■■■□□□□□□]", "[■■■■■□□□□□]", "[■■■■■■□□□□]", "[■■■■■■■□□□]", "[■■■■■■■■□□]", "[■■■■■■■■■□]", "[■■■■■■■■■■]"] - -for i in range(len(animation)): - time.sleep(0.2) - sys.stdout.write("\r" + animation[i % len(animation)]) - sys.stdout.flush() - -print("\n") \ No newline at end of file