 |
|
 |
 |
|
 |
IT Security and Insecurity Portal |
|
 |
Java-based PHPBB Username Grabber |
 |
 Posted: Sat Nov 22, 2008 3:09 am |
 |
|
| tehhunter |
| Valuable expert |
 |
|
| Joined: Nov 19, 2008 |
| Posts: 261 |
|
|
|
 |
|
 |
|
Hey guys,
Much like that other guy (who posted his code in php), I also took advice from waraxe and went ahead creating the following code to allow you to easily accumulate words (aka usernames) from phpbb forums. It's simple and easy to add more forums to the list to grab from, but I also added a bunch of forums anyway.
To add more forums to the list, simply copy the code in the main method:
| Code: | | harvest.add("http://www.yourforumhere.net/memberlist.php"); |
If it would be easier for some, I can compile it and release it in a zip ready to run. Anyway, have fun with it, and I'll probably continue making more additions soon enough. If you want to make this run in your own Java IDE (I recommend NetBeans by Sun), just make a new project and a class therein called 'RoundUp.java'.
Oooh, and last thing, I also included a method I was working on for generating a new list from the ones you download with permutations, though at this point I would say its unfinished. Still, it gets the job done. Just uncomment one.permutate(); in the main method.
Have fun, and happy cracking!
| Code: | /****************************
/ @author tehhunter @ waraxe.us
/***************************/
import java.io.*;
import java.net.*;
import java.util.*;
public class RoundUp
{
private int totalWords;
private String baseSite;
private String siteName;
private String proxyURL;
private ArrayList<String> words;
private int usersPerPage;
private int currentPage;
private int pagesTotal;
public RoundUp(String site)
{
baseSite = site;
words = new ArrayList<String>();
usersPerPage = 0;
currentPage = 1;
pagesTotal = 1;
proxyURL = "http://www.cantblock.me/browse.php?u=";
siteName = baseSite.replace("http://","");
siteName = siteName.replace("www.","");
siteName = siteName.replace(siteName.substring(siteName.indexOf("/"),siteName.length()),"");
System.out.println(siteName);
}
public static void main(String[] args)
{
ArrayList<String> harvest = new ArrayList<String>();
harvest.add("http://rozentul.com/phpBB2//memberlist.php");
harvest.add("http://www.dd-wrt.com/phpBB2/memberlist.php");
harvest.add("http://pleistorm.com/forum/memberlist.php");
harvest.add("http://www.southamptonhc.org/bbs/memberlist.php");
harvest.add("http://www.broenink-art.nl/Aeolus/memberlist.php");
harvest.add("http://www.lindhe.com/boards/memberlist.php");
harvest.add("http://www.radres.org/ECOMradres/timssnet/phpBB2/memberlist.php");
harvest.add("http://sjsbatch1983.7.forumer.com/memberlist.php");
harvest.add("http://www.forum.paris.icao.int/memberlist.php");
harvest.add("http://www.nelp-forum.org.uk/phpBB2/memberlist.php");
harvest.add("http://hkmdb.com/phpbb/memberlist.php");
RoundUp.clearList();
for (int i=0; i<harvest.size(); i++)
{
RoundUp one = new RoundUp(harvest.get(i));
one.collect();
//This method, if uncommented, with generate permutations of the words you create
//one.permutate();
}
}
public void collect()
{
int start=0;
while (currentPage <= pagesTotal)
{
if (currentPage == 1)
System.out.println("-->Retrieving page 1 of ?");
else
System.out.println("-->Retrieving page " + currentPage + " of " + pagesTotal + " (" + usersPerPage*currentPage + " names gathered from this forum)");
if (currentPage != 1)
{
start = currentPage*usersPerPage;
}
try
{
URL url = new URL(baseSite + "?mode=username&order=ASC&start=" + start);
URLConnection conn = url.openConnection();
conn.setReadTimeout(4000);
BufferedReader in = new BufferedReader(new InputStreamReader(conn.getInputStream()));
String line;
while ((line=in.readLine()) != null)
if (line.indexOf("profile.php?mode=viewprofile") >= 0)
{
words.add(removeHTML(line));
if (start == 0)
usersPerPage++;
}
else if (line.indexOf("<td><span class=\"nav\">Page <b>1</b> of <b>") >= 0)
{
pagesTotal = Integer.parseInt(removeHTML(line).replace("Page1of",""));
}
}
catch(SocketTimeoutException e)
{
System.out.println(">>>EXCPT: Socket timeout occurred, moving forward");
}
catch (Exception e)
{
System.out.println(e);
}
currentPage++;
try
{
FileWriter out = new FileWriter("words.dic",true);
for (int i=0; i<words.size(); i++)
if (words.get(i).length() <= 11)
out.write(words.get(i).toLowerCase() + "\n");
out.close();
}
catch(Exception e)
{
System.out.println(">>>EXCPT: " + e);
}
}
}
public String removeHTML(String s)
{
s = s.replaceAll(" ;;","");
s = s.replaceAll("&","");
s = s.replaceAll(" ", "");
s = s.replaceAll(" ","");
while ((s.indexOf("<")>=0) && (s.indexOf(">",s.indexOf("<")+1) >= 0))
s = s.replace(s.substring(s.indexOf("<"),s.indexOf(">",s.indexOf("<"))+1),"");
return removeRandoms(removeBrackets(s));
}
public String removeBrackets(String s)
{
while ((s.indexOf("[")>=0) && (s.indexOf("]",s.indexOf("[")+1) >= 0))
s = s.replace(s.substring(s.indexOf("["),s.indexOf("]",s.indexOf("["))+1),"");
return s;
}
public String removeRandoms(String s)
{
for (int i=32; i<48; i++)
s = s.replace((char)i + "","");
return s;
}
public void dump()
{
for (int i=0; i<words.size(); i++)
System.out.println(words.get(i));
}
public void permutate()
{
File words = new File("words.dic");
File newWords = new File("newWords.dic");
if (words.exists())
{
ArrayList<String> permutations = new ArrayList<String>();
try
{
Scanner in = new Scanner(words);
FileWriter out = new FileWriter(newWords);
String word="";
while (in.hasNextLine())
{
word = in.nextLine();
permutations.add(word); //Keep the original
{ //One number added to the end
for (int i=0; i<9; i++)
permutations.add(word + i);
}
{ //Two numbers added to the end
for (int i=0; i<102; i++)
if (i<10)
permutations.add(word + "0" + i);
else
permutations.add(word + i);
}
/*{ //Three numbers added to the end
for (int i=0; i<1020; i++)
if (i<100)
{
if (i<10)
permutations.add(word + "00" + i);
else
permutations.add(word + "0" + i);
}
else
permutations.add(word + i);
}*/
{ //Duplicate word added to the end (e.g. adminadmin, admin.admin) and others...
permutations.add(word + word);
permutations.add(word + "." + word);
permutations.add("." + word);
permutations.add(":" + word);
permutations.add("/" + word);
permutations.add("\\" + word);
permutations.add(word + ".");
permutations.add(word + " ");
}
{ //Replace characters with common counterparts
permutations.add(word.replaceFirst("a", "@"));
permutations.add(word.replaceFirst("a","4"));
permutations.add(word.replaceFirst("l", "1"));
permutations.add(word.replaceFirst("e","3"));
permutations.add(word.replaceFirst("o", "0"));
}
{ //Write permutations to file
for (int j=0; j<permutations.size(); j++)
out.write(permutations.get(j) + "\n");
}
}
}
catch(Exception e)
{
System.out.println(">>>EXCPT: Permutation error, exiting:\n" + e);
System.exit(0);
}
}
}
public static void clearList()
{
try
{
File list = new File("words.dic");
if (list.exists())
{
FileWriter cleaner = new FileWriter(list);
cleaner.write("");
cleaner.close();
}
list = new File("newWords.dic");
if (list.exists())
{
FileWriter cleaner = new FileWriter(list);
cleaner.write("");
cleaner.close();
}
}
catch(Exception e)
{
System.out.println(e);
}
}
}
|
|
|
|
|
|
|
|
|
|
| Posted: Sat Nov 22, 2008 1:25 pm |
|
|
| waraxe |
| Site admin |
 |
|
| Joined: May 11, 2004 |
| Posts: 2407 |
| Location: Estonia, Tartu |
|
|
|
|
|
|
Nice job  |
|
|
|
|
| Posted: Sun Nov 23, 2008 8:17 am |
|
|
| tehhunter |
| Valuable expert |
|
|
| Joined: Nov 19, 2008 |
| Posts: 261 |
|
|
|
|
|
|
|
| waraxe wrote: | | Nice job |
Thanks waraxe. You wouldn't happen to have any other good ideas of where to harvest good wordlists from would you? I was considering the idea of a MySpace crawler that would just take the user's name from each page and then traveling to linked pages. |
|
|
|
|
| Posted: Wed Jul 13, 2011 12:11 pm |
|
|
| haka20 |
| Beginner |
|
|
| Joined: Jul 13, 2011 |
| Posts: 1 |
|
|
|
|
|
|
|
Works perfect with boards where i dont have to be logged in.
Is it possible to edit the script so i can use it with a phpbb3 board where i have to be logged in to see the memberlist?
for Example:
www.landoflegends.de |
|
|
|
|
www.waraxe.us Forum Index -> PhpBB
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
|
All times are GMT
Page 1 of 1
|
|
|
|
Powered by phpBB © 2001-2008 phpBB Group
|
|
|
|
|
Discussions
Tools
Content
Info
Membership:
Latest: 
New Today: 0
New Yesterday: 0
Overall: 9144
People Online:
Visitors: 187
Members: 0
Total: 187
