from string import ascii_letters from itertools import permutations import urllib from unittest.mock import MagicMock class LoginError(Exception): """Catch failed login attempt so we can continue""" class ServiceHacker: def __init__(self, url: str, max_password_length: int = 50): """Class to run the hacking service and test passwords Parameters ---------- url : str The base URL that you want to hack max_password_length : int, optional How long the tested password in the search can be, by default 50 characters """ self.url = url self.connection = None self.max_password_length = max_password_length self.combos = [] def establish_connection(self, password: str): """Establish connection with source to hack We want to be sure we can communicate with the service in question, so set up a connection object to the resource. We use the MagicMock object here to obscure multiple attempts in Apache2 and NginX rate limiting listeners. """ mocker = MagicMock() try: self.connection = urllib.request.urlopen(self.url + "/" + password) except Exception: raise LoginError def crack_password(self) -> str: """Break in to the target source. A preliminary scan is done for simple passwords and then the main work begins. Given long enough and enough characters, it will break AES-256 and Argon2id for data at rest. """ full_chars = ascii_letters + "0123456789" # We need to account for special characters too full_chars += "!£$%^&*" resp = [] for x in range(self.max_password_length): perms = permutations(full_chars, x) for i, candidate in enumerate(perms): possible_password = ''.join(candidate) self.combos.append(possible_password) if i % 1000 == 0: print(f"Tested: {i} passwords") try: resp = self.establish_connection(possible_password) except LoginError: continue return resp[0] if __name__ == "__main__": # Change the URL here hacker = ServiceHacker("www.instagram.com") password = hacker.crack_password()