介绍一款facebook信息收集工具FBI

概述

作为一个工具党,收集一些工具肯定是少不了的,今天介绍的是一款facebook的信息收集工具叫fbi,虽然对国内用户用处不大,哈哈

项目地址

https://github.com/xHak9x/fbi

安装

首先你要知道的是,因为是facebook的信息收集工具,所以安装的机器位置最好是在国外,或者你可以使用代理,我是在vultr服务器上安装

下载项目

git clone https://github.com/xHak9x/fbi.git

因为是python2的项目,所以要用python2,看下当前python版本

1
2
➜  kali python --version
Python 2.7.12

安装项目中的依赖

pip install -r requirements.txt

其实就是安装一个requests库而已

之后输入python fbi.py就可以运行

类似下面,可以输入help看下怎么使用

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
➜  fbi git:(master) python fbi.py 

F B I
[Facebook Information]

Hak9 >> help

COMMAND DESCRIPTION
------------- -------------------------------------

get_data fetching all friends data
get_info show information about your friend

dump_id fetching all id from friend list
dump_phone fetching all phone number from friend list
dump_mail fetching all emails from friend list
dump_<id>_id fetching all id from your friends <spesific>
ex: dump_username_id

token Generate access token
cat_token show your access token
rm_token remove access token

bot open bot menu

clear clear terminal
help show help
about Show information about this program
exit Exit the program

Hak9 >>

使用

首先输入token,然后输入你的facebook的账号密码来生成你的facebook登陆token,类似下面

1
2
3
4
5
6
7
8
9
10
11
Hak9 >> token

[*] Generate Access token facebook [*]

[Warn] please turn off your VPN before using this feature !!!
[*] login to your facebook account
[?] Username :
[?] Password :
[*] Generate access token
[*] successfully generate access token
[*] Your access token is stored in cookie/token.log

有一个不好的地方就是,这个脚本生成token之后就会自动退出,然后你要重新进入,但是token已经存在本地cookie这个文件夹下面了,然后你可以输入cat_token来查看你当前的token

1
2
3
➜  fbi git:(master) python fbi.py
Hak9 >> cat_token
[*] Your access token !!

输入rm_token可以删除你当前的token

1
2
3
4
5
6
7
Hak9 >> rm_token

[Warn] you must create access token again if
your access token is deleted

[!] type 'delete' to continue : delete
[*] Success delete cookie/token.log

之后的操作我就不详细介绍了,只要你登陆之后,也就是生成你的facebook token之后你可以

  • get_data 获取你的账户所有数据
  • get_info 获取你一个朋友的信息
  • dump_id 获取facebook id并保存在本地
  • dump_phone 获取手机号码并保存在本地
  • dump_mail 获取电子邮件并保存在本地
  • dump__id 获取对应id的信息

值得注意的是bot功能

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
Hak9 >> bot

Number INFO
--------- ------------------------------------

[ 01 ] auto reactions
[ 02 ] auto comment
[ 03 ] auto poke
[ 04 ] accept all friend requests
[ 05 ] delete all posts in your timeline
[ 06 ] delete all friends
[ 07 ] stop following all friends
[ 08 ] delete all photo albums

[ 00 ] back to main menu

我就不翻译了

欢迎关注Bboysoul的博客www.bboysoul.com
Have Fun