Skip to content
Create a gist now

Instantly share code, notes, and snippets.

A script to flood a phisher's database with fake usernames and passwords. For great justice.
import requests
import random
target = "http://mtgox.com.bz/login.php"
wordlist_file = "wordlist"
wordlist = open(wordlist_file, "r").readlines()
wordlist_len = len(wordlist)
while True:
username = ""
for i in range(0, random.randint(1,2)):
rand = random.randint(0, wordlist_len - 1)
username += wordlist[rand]
password = ""
for i in range(0, random.randint(1,2)):
rand = random.randint(0, wordlist_len - 1)
upper_rand = random.randint(0,4)
if (not upper_rand):
password += wordlist[rand].upper()
password += str(random.randint(0,2000))
else: password += wordlist[rand]
username = username.replace("\n","").replace("'","")
password = password.replace("\n","")
payload = {'login120' : username, 'password' : password}
# Launch payload
requests.post(target, payload)
print (payload)
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Something went wrong with that request. Please try again.