A program that submits a form with randomly generated emails and passwords. Built to DEMONSTRATE how to combat phishing attacks by flooding the database with false credentials, making it more difficult for an attacker to abuse the legitimate credentials submitted by their victims. The delay option paired with a good proxy gives the POSTs the appearance of unique users. Let me just say the randomization of the delay is very much overkill!
Run the following in order to install the required Python modules:
pip3 install --user -r requirements.txt
Change the values on lines 10 through 15, if applicable. For example:
loginURL = "example.com"
useDelay = True
formID = "test"
firstTerm = "email"
secondTerm = "pass"
emailExt = ["example.com"]
Breaking down each term: Set this to the url of the website:
loginURL = ""
Set this to True or False depending on if you want to use the random delay function:
useDelay = True
Set this to the form ID on the webpage:
formID = "test"
Set this to the first term in the form that will be supplied as email addresses:
firstTerm = "email"
And the same for the second term which will supply passwords:
secondTerm = "pass"
Use the following to give all domain names that will be randomly assigned to generated email addresses:
emailExt = ["example.com"]
Run the following to launch the program:
python3 loginLoop.py
or
./loginLoop.py
Since all arguments are supplied within the code, there is no need for command-line arguments
If you would like to contribute, you may make a pull request. It will be helpful if you first open an issue describing the change that you are interested in contributing.
This is strictly for educational purposes and should not be deployed against any forms with which the user does not have permission to test. I disclaim any and all responsibility for the actions of the users of this program.