[RichT]

phishBruter
version 1.0
by RichT
- Contact: (MSN) [Only registered and activated users can see links. ]

Description :
Something I started working on outside of university time. The program works fine (or did when I finished working on it), but then I got bored with it. I'll probably carry on working on it eventually, there's a few things I want to implement.

The program takes a list of URLs you specify and, with a list of dictionary file.extensions, bruteforces a WoW phishing page site until a log is found. This program works with a batch of files, and can export a list of legit log files (hopefully filled with juicy WoW logins) to a text file.

Usage:
Populate the phishing page URL lists, and populate the dictionary list with what file.extension to attempt. The program will decide if the page is a valid

log file or not. Much easier than manually checking a bunch of shit.

!!!!
!! NOTE: THE URLS GIVEN WITH THE PROGRAM NO LONGER WORK! YOU WILL NEED TO SEARCH FOR NEW PHISHING PAGES YOURSELF!
!!!!

Version 1.0:
- Basic Functionality
- Recognises pages that exist but redirect to custom 404 pages

To Do:
- Optimization
- Threading
- Auto Update (if I decide to continue working on it)
- Automatically prune accounts into a list (usernameassword)
- Automatically check for valid accounts

Quote:

File Info

Report generated: 1.12.2008 at 3.32.15 (GMT 1)
Packer detected: Nothing found *
Self-Extract Archive: Nothing found
Binder Detector: Nothing found
Detection rate: 0 on 24

Detections

a-squared - Nothing found!
Avira AntiVir - Nothing found!
Avast - Nothing found!
AVG - Nothing found!
BitDefender - Nothing found!
ClamAV - Nothing found!
Comodo - Nothing found!
Dr.Web - Nothing found!
Ewido - Nothing found!
F-PROT 6 - Nothing found!
G DATA - Nothing found!
IkarusT3 - Nothing found!
Kaspersky - Nothing found!
McAfee - Nothing found!
MHR (Malware Hash Registry) - Nothing found!
NOD32 v3 - Nothing found!
Norman - Nothing found!
Panda - Nothing found!
Quick Heal - Nothing found!
Solo Antivirus - Nothing found!
Sophos - Nothing found!
TrendMicro - Nothing found!
VBA32 - Nothing found!
Virus Buster - Nothing found!

Scan report generated by
[Only registered and activated users can see links. ]

If you feel wary about downloading a program from someone with 5 posts and 1 rep, then don't download it. Simple.

(Could not upload to forum, got an error)

Download: [Only registered and activated users can see links. ]
Please leave comments!

[Broken Shadows]

Don't ask for rep >.>

[RichT]

Quote:

Originally Posted by Broken Shadows

Don't ask for rep >.>

Seems that in this community rep is required for people to take people seriously. I don't care about rep as a boost to my ego or to make me look better, but slightly better reputation would cause more people to trust the things I post and would allow my work to get out to a larger spam of people.

[Broken Shadows]

Quote:

Originally Posted by RichT

Seems that in this community rep is required for people to take people seriously. I don't care about rep as a boost to my ego or to make me look better, but slightly better reputation would cause more people to trust the things I post and would allow my work to get out to a larger spam of people.

That's fine and dandy, but.. remove "+REP if you like" from your post.
EDIT: Thread proporly reported.

[[Thefuzz]]

rep cookie from me

[RichT]

Quote:

Originally Posted by Broken Shadows

That's fine and dandy, but.. remove "+REP if you like" from your post.
EDIT: Thread proporly reported.

Removed. Also ammended the main post to say what it actually does.

Cheers

[x13]

Edit: working as intended and clean.

VM'd and sandbox'd.

[hounderd]

Quote:

Originally Posted by Broken Shadows

That's fine and dandy, but.. remove "+REP if you like" from your post.
EDIT: Thread proporly reported.

stop being such a faggot.

anyways, didnt download or try your program, but looks pretty decent. +rep from me.

[jess~]

Nice program

[Anthraxx]

seems nice, goin to try it nao !
+3 rep

[RichT]

Thanks to everyone who's replied.

After a bit more boredom, the next update will add the log parsing. Usernames and passwords will be extracted from the logs found automatically, along with any additional information that's relevant. Functionality to check if the accounts exist or not will hopefully also be added, but maybe not in the next update.

If anyone has any other suggestions I'd be happy to hear them.

Cheers

[r3deemer]

One of those in the URL.txt is my phisher....

Anyway gonna give it a try. will comment soon....

EDIT: Works great. No probs but you may want to include a fair lot more pages to the list... for example userLogs.html

[Gash]

it stucks at "initializing"

edit: WORKS <3<3

[Gash]

if the program found logs, what must i do? The program shows the link with the extension to me, but no account data ^^

[RichT]

Quote:

Originally Posted by Gash

if the program found logs, what must i do? The program shows the link with the extension to me, but no account data ^^

Once the list on the right is populated and the bruting has totally finished, click Export and the list will be saved to a text file in the program's directory. Then just visit those links in your browser and you'll have the logs. Parsing of account data will be in a later version.

Quote:

One of those in the URL.txt is my phisher....

Anyway gonna give it a try. will comment soon....

EDIT: Works great. No probs but you may want to include a fair lot more pages to the list... for example userLogs.html

Sorry! I had a huge list of old phishing pages before I released, but as they were old I deleted most and left a random few.



Thanks to everyone for the replies.