opexxx

fb-hfc.py

Jun 5th, 2014
361
0
Never
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
Python 11.45 KB | None | 0 0
  1. #!/usr/bin/env python
  2. from selenium import webdriver
  3. from selenium.webdriver.common.keys import Keys
  4. from selenium.webdriver.support import expected_conditions as EC
  5. from selenium.webdriver.common.action_chains import ActionChains
  6. from StringIO import StringIO
  7. from colorama import init
  8. from colorama import Fore, Back, Style
  9. from pyvirtualdisplay import Display
  10. import lxml.html
  11. import time
  12. import re
  13. import requests
  14. import argparse
  15. import sys
  16. import os.path
  17.  
  18. init(autoreset=True)
  19.  
  20. print "-----------------------------------------------------------------------------"
  21. print "          Facebook hidden friends crawler POC - by Shay Priel"
  22. print "-----------------------------------------------------------------------------"
  23. print Fore.BLACK + Style.BRIGHT + "                    .@@@@." + Fore.RESET + "                         .:::,           :;::         "
  24. print Fore.BLACK + Style.BRIGHT + "  lCCCf;            .@@@@.                         " + Fore.RESET + ".:::,           ::::         "
  25. print Fore.BLACK + Style.BRIGHT +  " C@@@@@@t lLLL, tLLL,@@@@iCGL:   :fGGGf,  fLLf:CGf" + Fore.RESET + "..:::,.,,,.,::.  ::::         "
  26. print Fore.BLACK + Style.BRIGHT + "i@@@@@@@@,l@@@; G@@@.@@@@@@@@@, ;@@@@@@@: G@@@@@@@C" + Fore.RESET + ".:::,,::::::::..::::,        "
  27. print Fore.BLACK + Style.BRIGHT +  "C@@@C@@@@l;@@@l G@@C.@@@@@@@@@t.@@@@@@@@G.@@@@@@@@@" + Fore.RESET + ".:::,,::::::::,.::::,        "
  28. print Fore.BLACK + Style.BRIGHT +  "@@@@.i@@@l.@@@f @@@L.@@@@ii@@@C;@@@C.G@@@,@@@@;@@@@" + Fore.RESET + ".:::,,:::, ::::.::::,        "
  29. print Fore.BLACK + Style.BRIGHT +  "@@@@ ;@@@l G@@L.@@@t.@@@@.,@@@Ci@@@l L@@@,@@@G G@@@" + Fore.RESET + ".:::,,:::. ,::: ::::         "
  30. print Fore.BLACK + Style.BRIGHT +  "@@@@ ;@@@l L@@C,@@@;.@@@@.,@@@Gi@@@i f@@@,@@@G G@@@" + Fore.RESET + ".:::,,:::  ,::: ::::         "
  31. print Fore.BLACK + Style.BRIGHT +  "@@@@  ,,,. t@@G;@@@..@@@@.,@@@Ci@@@CfG@@@,@@@G G@@@" + Fore.RESET + ".:::,,:::  :::: ::::         "
  32. print Fore.BLACK + Style.BRIGHT +  "@@@@       i@@Gl@@G .@@@@.,@@@Ci@@@@@@@@@,@@@G G@@@" + Fore.RESET + ".:::,,:::  :::: ::::         "
  33. print Fore.BLACK + Style.BRIGHT +  "@@@@   .   :@@@f@@L .@@@@.,@@@Ci@@@@GGGGG,@@@G ....." + Fore.RESET + ":::,,:::  :::: ::::         "
  34. print Fore.BLACK + Style.BRIGHT +  "@@@@ ;@@@t .@@@G@@t .@@@@.,@@@Ci@@@l      @@@G     " + Fore.RESET + ".:::,,:::  :::: ::::         "
  35. print Fore.BLACK + Style.BRIGHT +  "@@@@ ;@@@f  G@@@@@i .@@@@.,@@@Ci@@@l fGGG,@@@G     " + Fore.RESET + ".:::,,:::  :::: ::::         "
  36. print Fore.BLACK + Style.BRIGHT +  "@@@@ ;@@@f  L@@@@@: .@@@@.,@@@Ci@@@l f@@@,@@@G     " + Fore.RESET + ".:::,,:::  :::: ::::         "
  37. print Fore.BLACK + Style.BRIGHT +  "@@@@,i@@@f  l@@@@@. .@@@@,,@@@Ci@@@t C@@@,@@@G     " + Fore.RESET + ".:::,,:::  :::: ::::         "
  38. print Fore.BLACK + Style.BRIGHT +  "G@@@G@@@@l  ;@@@@C  .@@@@LL@@@L:@@@@t@@@@,@@@G     " + Fore.RESET + ".:::,,:::  :::: ::::"+ Fore.RED +"lilll.   "
  39. print Fore.BLACK + Style.BRIGHT +  "i@@@@@@@@.  ,@@@@f  .@@@@@@@@@i C@@@@@@@L.@@@G     " + Fore.RESET + " :::,,:::. :::: ::::"+ Fore.RED +"llttt.   "
  40. print Fore.BLACK + Style.BRIGHT +  "t@@@@@@i  .;@@@@i  .@@@@f@@@C  ,G@@@@@C  @@@G     " + Fore.RESET + ".:::.,:::  ,::: .:::,"+ Fore.RED +"ltttl.    "
  41. print "-----------------------------------------------------------------------------"
  42. print "Examples:"
  43. print "1. Generates related public profiles:"
  44. print "python fb-hfc.py -username <username>  -password '<password>' \n-query '<graph search query>' -output <output.txt>"
  45. print "2. Exctracting hidden friends:"
  46. print "python fb-hfc.py -username <username>  -password '<password>' \n-target <target> -profilesfile <file.txt> -output <output.txt>"
  47. print "-----------------------------------------------------------------------------"
  48.  
  49.  
  50.  
  51.  
  52. parser = argparse.ArgumentParser(usage="-h for full usage")
  53. parser.add_argument('-username', dest="username", help='facebook username to login with (e.g. example@example.com)',required=True)
  54. parser.add_argument('-password', dest="password", help='facebook password to login with (e.g. \'password\')',required=True)
  55.  
  56. parser.add_argument('-query', dest="query", help='graph search query (e.g. "People That Work in Company")',required=False)
  57. parser.add_argument('-output', dest="output", help='File name to save results',required=False)
  58.  
  59. parser.add_argument('-target', dest="target", help='(e.g. "text.example")',required=False)
  60. parser.add_argument('-profilesfile', dest="profilesfile", help='File name that contains list of profiles with public friends',required=False)
  61.  
  62. args = parser.parse_args()
  63.  
  64. if args.query is None and args.target is None:
  65.     parser.error("You must give atleast one method -query or -target")
  66.  
  67. if args.query and args.target:
  68.     parser.error("-query and -target cannot run together")
  69.  
  70. if args.target and args.profilesfile is None:
  71.     parser.error("You must provide -profilesfile")
  72.  
  73. if args.query and args.profilesfile:
  74.     parser.error("-query and -profilesfile cannot run together")
  75.  
  76. if args.query and args.output is None:
  77.     parser.error("You must provide -output")
  78.  
  79. if args.target and args.output is None:
  80.     parser.error("You must provide -output")
  81.  
  82.  
  83. def facebook_login(username,password):
  84.     print ("\n\n\nLogin to Facebook...."),
  85.     sys.stdout.flush()
  86.     url = "http://www.facebook.com"
  87.     driver.get(url)
  88.     elem = driver.find_element_by_id("email")
  89.     elem.send_keys(username)
  90.     elem = driver.find_element_by_id("pass")
  91.     elem.send_keys(password)
  92.     elem.send_keys(Keys.RETURN)
  93.     time.sleep(1)
  94.     html_source = driver.page_source
  95.     if "Please re-enter your password" in html_source or "Incorrect Email" in html_source:
  96.         print Fore.RED + "Incorrect Username or Password"
  97.         driver.close()
  98.         exit()
  99.     else:
  100.         print Fore.GREEN + "Success\n"
  101.     return driver.get_cookies()
  102.  
  103. def request_url(url,get_cookies):
  104.     all_cookies = dict()
  105.     for cookie in get_cookies:
  106.         all_cookies[cookie["name"]]=cookie["value"]
  107.     r = requests.get(url,cookies=all_cookies)
  108.     html = r.content
  109.     return html
  110.  
  111. def graph_search(graph_search_query):
  112.     print ("Searching for: \"" + Fore.YELLOW + graph_search_query + Fore.RESET + "\"..."),
  113.     sys.stdout.flush()
  114.     driver.implicitly_wait(5)
  115.     time.sleep(1)
  116.     elem = driver.find_element_by_xpath("//div[@class='_586i']")
  117.     elem.click()
  118.     elem.send_keys(graph_search_query)
  119.     elem.send_keys(Keys.RETURN)
  120.     print Fore.GREEN + "Done\n"
  121.  
  122. def extract_profiles():
  123.     while True:
  124.         time.sleep(1)
  125.  
  126.         try:
  127.             elem = driver.find_element_by_xpath(".//th[@class='_4311']")
  128.         except:
  129.             print "Invalid graph search query! (hint: first try it on facebook)"
  130.             driver.close()
  131.             exit()
  132.  
  133.         try:
  134.             print "Extracting Profiles...\n"
  135.             driver.execute_script("window.scrollTo(0, document.body.scrollHeight);")
  136.  
  137.             elem = driver.find_element_by_xpath("//div[@class='phm _64f']")
  138.             if "End of results" in elem.text:
  139.                 break
  140.         except:
  141.             pass
  142.  
  143.  
  144.  
  145.     xpath_name_params = ".//a[@class='_7kf _8o _8s lfloat _ohe']/@href"
  146.  
  147.  
  148.     html_source = driver.page_source
  149.  
  150.     html_lxml = lxml.html.parse(StringIO(html_source)) #parse to lxml object
  151.     params_result = html_lxml.xpath(xpath_name_params)
  152.  
  153.     data = list()
  154.  
  155.     for prm in params_result:
  156.  
  157.         if "profile.php" in prm:
  158.             result = re.search('(?<=\profile\.php\?id=)(.*\n?)(?=&ref)', prm)
  159.             data.append(result.group())
  160.         else:
  161.             result = re.search('(?<=\.com\/)(.*\n?)(?=\?)', prm)
  162.             data.append(result.group())
  163.  
  164.     print "Enumerating %s profiles...\n" % len(data)
  165.     return data
  166.  
  167. def extract_mutual_friends(profiles_urls):
  168.     print "Enumerating hidden friends from: " + Fore.YELLOW + target + "\n"
  169.     data = list()
  170.     for profile_url in profiles_urls:
  171.         elem = driver.get(profile_url)
  172.         print "Enumerating mutual friends: %s" % profile_url
  173.  
  174.         while True:
  175.  
  176.             time.sleep(2)
  177.             try:
  178.                 elem = driver.find_element_by_xpath(".//a[@class='pam uiBoxLightblue uiMorePagerPrimary']")
  179.                 elem.click()
  180.             except:
  181.                 break
  182.  
  183.  
  184.         xpath_name_params = ".//div[@class='fsl fwb fcb']/a/@href"
  185.         xpath_name_params2 = ".//div[@class='fsl fwb fcb']/a/text()"
  186.  
  187.         html_source = driver.page_source
  188.  
  189.         html_lxml = lxml.html.parse(StringIO(html_source)) #parse to lxml object
  190.         params_result = html_lxml.xpath(xpath_name_params)
  191.         params_result2 = html_lxml.xpath(xpath_name_params2)
  192.        
  193.         for prm,prm2 in zip(params_result,params_result2):
  194.  
  195.             if "profile.php" in prm:
  196.                 result = re.search('(?<=\profile\.php\?id=)(.*\n?)(?=&fref=pb_other)', prm)
  197.                 if result.group() not in data:
  198.                     data.append(result.group())
  199.                 if prm2 not in data:
  200.                     data.append(prm2)
  201.             else:
  202.                 result = re.search('(?<=\.com\/)(.*\n?)(?=\?)', prm)
  203.                 if result.group() not in data:
  204.                     data.append(result.group())
  205.                 if prm2 not in data:
  206.                     data.append(prm2)
  207.  
  208.     print Fore.GREEN + "\nTotal of %s hidden friends have been found\n" % str(len(data))
  209.     return data
  210.  
  211.  
  212.  
  213. def check_if_public(profiles,cookies):
  214.     print "Searching for public profiles...\n"
  215.     xpath_name_params = ".//a[@id='u_0_1i']/span[@class='_3sz']/text()"
  216.     public_profile = list()
  217.     digits = re.compile('\d')
  218.  
  219.     for profile in profiles:
  220.         if profile.isdigit():
  221.             profile_url = "https://www.facebook.com/profile.php?id=%s&sk=friends" % profile
  222.             print("Checking Profile: %s......" % profile),
  223.             sys.stdout.flush()
  224.         else:
  225.             profile_url = "https://www.facebook.com/%s/friends" % profile
  226.             print("Checking Profile: %s......" % profile),
  227.             sys.stdout.flush()
  228.        
  229.         html = request_url(profile_url,cookies)
  230.  
  231.         if "All Friends" in html:
  232.             public_profile.append(profile)
  233.             print Fore.GREEN + "Public"
  234.         else:
  235.             print Fore.RED + "None Public"
  236.  
  237.     print "\nTotal of %s public profiles have been found\n" % str(len(public_profile))
  238.     return set(public_profile)
  239.  
  240.  
  241. def generate_mutual_link(profilesfile,target):
  242.     mutual_url = list()
  243.     for profile in profilesfile:
  244.         mutual_url.append("https://www.facebook.com/%s/friends?and=%s" % (target,profile))
  245.  
  246.     return mutual_url
  247.  
  248. def open_file(filename):
  249.     results = list()
  250.     with open(filename, 'r') as myFile:
  251.         for line in myFile.readlines():
  252.             results.append(line.strip())
  253.     return results
  254.  
  255.  
  256. def save_file(filename,results):
  257.     if args.profilesfile:
  258.         line_items = 2
  259.         with open(filename, 'w') as myFile:
  260.             for n, user in enumerate(results):
  261.                 if (n+1) % line_items:
  262.                     if user.isdigit():
  263.                         profile_url = "https://www.facebook.com/profile.php?id=%s" % user
  264.                     else:
  265.                         profile_url = "https://www.facebook.com/%s" % user
  266.                     myFile.write("Username: " + user.encode('utf8')+"\n")
  267.                 else:
  268.                     myFile.write("Full Name: " + user.encode('utf8')+"\n"+"Link to Profile: " + profile_url.encode('utf8')+"\n\n")
  269.     else:  
  270.         with open(filename, 'w') as myFile:
  271.             for user in results:
  272.                 myFile.write(user.encode('utf8')+"\n")
  273.     print "Saving results to: %s\n\n" % filename
  274.  
  275.  
  276. target = args.target
  277. username = args.username
  278. password = args.password
  279. filename = args.output
  280. graph_search_query = args.query
  281. profilesfile = args.profilesfile
  282.  
  283. if args.target and args.profilesfile:
  284.     if not os.path.isfile(profilesfile):
  285.         print profilesfile +" file doesn't exist"
  286.         exit()
  287.  
  288.  
  289.  
  290.  
  291. display = Display(visible=0, size=(1600, 900))
  292. display.start()
  293.  
  294. driver = webdriver.Firefox()
  295.  
  296. cookies = dict()
  297. cookies = facebook_login(username,password)
  298.  
  299.  
  300. if args.query:
  301.     graph_search(graph_search_query)
  302.     results = extract_profiles()
  303.     results = check_if_public(results,cookies)
  304.     save_file(filename,results)
  305.     driver.close()
  306.     exit()
  307.  
  308.  
  309. if args.target:
  310.         profiles = open_file(profilesfile)
  311.         results = generate_mutual_link(profiles,target)
  312.         results = extract_mutual_friends(results)
  313.         save_file(filename,results)
  314.         driver.close()
  315.         exit()
Add Comment
Please, Sign In to add comment