New Updated Tools Priv8 PwnDB Leaked Informations Unliminited Creazy Power Full
2000 result max 45 sec of max_execution_time Only "like results" (for pwndb.py) Reverse password search Check if pwndb server is up ... Searching on "scylla.sh" was remove since website is now dead.. Install: You can use the script itself or the docker version:
for the script you will need:
tor (running) curl bash pup (yay -S pup) then install with:
git clone git@github.com:mmpx12/pwndb.git cd pwndb sudo cp pwndb.sh /usr/bin/pwndb sudo chmod +x /usr/bin/pwndb Termux
apt update && apt install -y tor pup curl
curl -sk "https://raw.githubusercontent.com/mmpx12/pwndb/master/pwndb.sh" > /data/data/com.termux/files/usr/bin/pwndb
chmod +x /data/data/com.termux/files/usr/bin/pwndb
If tor is not running it will start it automaticly and kill it when finish
Run with docker (you should pass --net=host if tor is listening on 127.0.0.1 (by default))
You can build the image with:
docker build . -t pwndb or
docker pull mmpx12/pwndb
docker usage:
docker run --rm --net host -v pwd:/app pwndb -p fuckthepolice
docker run --rm --net host -v pwd:/app pwndb -U user.lst -D domains.lst -j 10 -o result.txt
docker run --rm -v pwd:/app pwndb -U user.lst -D domains.lst -j 10 -o result.txt -x 192.168.75.123:9050
if tor is listening on 0.0.0.0, 172.17.0.1 or whatever, you can do:
docker run --rm -v pwd:/app pwndb --proxy 192.168.75.222:9050 -p fuckthepopo -o pass.lst
Usage:
-u|--user [USER] user to check
-U|--user-list [FILE] file containing users (1 per line)
-e|--exact check exact user
-d|--domain [DOMAIN] domain
-D|--domain-list [FILE] file containing domains (1 per line)
-b|--brute-force [NUMBER] brute force 1 will be A to Z ,
2 will be AA to ZZ
-p|--password [PASSWORD] reverse password search
-P|--password-list [FILE] file containing passwords
-j|--jobs [number] number of background jobs (max 10, 5 by default)
-o|--output [file] output file
-x|--proxy [IP:PORT] proxy and port of TOR
-s|--server-status check if pwndb server is up and exit
whildecard character is %
Since pwndb is regulary down you can check it with:
pwndb -s It will exit in both case (up or down)
users you can use:
"-u|--user" with the user you want to test "-U|--user-list" a file containing all the user you want to test "-e|--exact" check for this users exactly for resultat like "gmail.com" (limit to 2000 results), or query that will take more than 45 seconde (exemple -d "%.gouv.fr)you can use -b 5, it will brute force from "aaaaa" to "zzzzz" .. it will be slow but works (specialy for query like "%.domain" (1 day and 20h for "%.gouv.fr"))
domains you can use:
"-d|--domain" with the domain you want to test "-D|--domain-list" a file containing all the user you want to test Reverse password search you search emails that have specific password with
"-p|--password" with the password you want to check "-P|--password-list" a file containing all the password you want to check Background jobs this will act like false "thread" (background jobs, not real thread).
You can use -j|--jobs for set the number of jobs.
You cant set more than 10 background jobs (with more )
pwndb -u crime -e -d gmail.com -o result.txt pwndb -u fuck pwndb -U user.lst -D domain.lst -x 127.0.0.1:9999 pwndb -b 2 -d gmail.com -o result.txt pwndb -b 4 -j 10 -d "%.gouv.fr" pwndb -p fuckthepolice -j 10 -x 192.168.75.222:9050