moby.rb 1.0.0

checksums.yaml

@@ -0,0 +1,7 @@
+---
+SHA256:
+  metadata.gz: 59fc23e9713b37a55d2e866bc1109b525dd188f04136092b05ae0b8f2a860d10
+  data.tar.gz: 6945ecfdea1a8f3437bae309c1d9b0e20dbe31d3a28006699e145e9dd57abec9
+SHA512:
+  metadata.gz: f909d78a0a23c40143f3ed9d876a80b5fdd1f963670cbaea39d5f5ad42224ee0458adf1a095c9734c65e95e122b6ba9b69ea65fe95e860edf03c12442c2eab65
+  data.tar.gz: 1eb639787025eccdcc74517655651eef1e0ef2d142015abaad3523eab31dcc298f33e1a5bf7afb66735b281856261a49f03f499792eca4f7ad8c93c6f89036e1

data/CHANGES.txt

@@ -0,0 +1,32 @@
+1.0.0 - 2026-01-08
+Ensure that tests are in place and that version handling is working properly.
++ tests
++ moby.gemspec
+~ lib/moby.rb: - Moby::VERSION_STRING
+~ lib/moby.rb: Fix finding username and password fields by name. It was returning the name of the field and not the field object.
++ lib/Moby/VERSION.rb
+~ bin/moby: + --version flag
+~ README.md: Updated installation and usage.
+~ CHANGES.txt: Reorganised in descending order and added dates.
+~ LICENSE.txt: Updated the years to include the year this was started: /2026/2006-2026/
+
+0.9.1 - 2026-01-05
+~ README.md: Fix syntax errors.
+~ lib/Moby.rb: VERSION_STRING: /0.9.0/0.9.1/
+
+0.9.0 - 2024-06-05
+Merged the 2019 0.8.0 version of moby with the 2023 0.8.1 version of whale.
+
+0.8.1 - 2023-12-06
+~ lib/Whale: ~ set_username_field(): Fix when username field number is specified or nothing is specified.
+~ lib/Whale: ~ set_password_field(): Fix when password field number is specified or nothing is specified.
+
+0.8.0 - 2023-11-19
++ README.md
++ CHANGES.txt
++ Gemfile
+~ bin/whale: ~ main(): - args (unnecessary)
+~ bin/whale VERSION_STRING --> lib/Whale::VERSION_STRING
+~ bin/whale: ~ switches(): use Whale::VERSION_STRING
+~ lib/Whale.rb: general tidying
++ lib/File/self.collect.rb

data/Gemfile

@@ -0,0 +1,3 @@
+source 'https://rubygems.org'
+
+gemspec

data/LICENSE.txt

@@ -0,0 +1,21 @@
+MIT License
+
+Copyright (c) 2006-2026 thoran
+
+Permission is hereby granted, free of charge, to any person obtaining a copy
+of this software and associated documentation files (the "Software"), to deal
+in the Software without restriction, including without limitation the rights
+to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+copies of the Software, and to permit persons to whom the Software is
+furnished to do so, subject to the following conditions:
+
+The above copyright notice and this permission notice shall be included in all
+copies or substantial portions of the Software.
+
+THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
+SOFTWARE.

data/README.md

@@ -0,0 +1,172 @@
+# moby
+
+![Version](https://img.shields.io/badge/version-1.0.0-green.svg)
+![Status](https://img.shields.io/badge/status-stable-brightgreen.svg)
+
+## Description
+
+"Sometimes when they go fishing, they get a whale and it sinks their boat."
+
+Moby is a credentials poisoning tool which floods phishing forms with fake credentials. When phishing operations collect data, the overwhelming volume of fake credentials makes the collected data worthless.
+
+Use responsibly. Only target confirmed phishing sites.
+
+## Installation
+
+### Prerequisites
+1. Some version of Ruby.
+2. \*nix, so that it has access to /usr/share/dict/words.
+
+### 1. via RubyGems
+```shell
+$ gem install moby.rb
+```
+
+### 2. via Bundler
+Add to your Gemfile:
+```ruby
+gem 'moby.rb'
+```
+
+Then run:
+```shell
+$ bundle install
+```
+
+### 3. via Homebrew
+```shell
+$ brew tap thoran/tap
+$ brew install thoran/tap/moby
+```
+
+### 4. via git
+```shell
+$ git clone git@github.com:thoran/moby.git
+$ cd moby
+$ bundle install
+$ rake test
+```
+
+## Usage
+
+### From the command line
+
+#### 1. Specify form name and field names
+```shell
+$ moby --url https://phishing.site --form_name form-name --username_field_name login --password_field_name password
+```
+
+#### 2. Specify form name and field names with short switches
+This is the same as above, but using alternate switches:
+
+```shell
+$ moby --url https://phishing.site --f form-name --user_field login --pass_field password
+```
+
+#### 3. Specify form number and field numbers
+This selects the second form on the page (using zero-based indexing) and the first and second fields:
+
+```shell
+$ moby --url https://phishing.site --form_number 1 --username_field_number 0 --password_field_number 1
+```
+#### 4. Specify form number and field numbers with short switches
+This selects the second form on the page (using zero-based indexing) and the first and second fields:
+
+```shell
+$ moby --url https://phishing.site --form_number 1 --user_field_number 0 --pass_field_number 1
+```
+
+#### 5. Specify nothing but the URL
+```shell
+$ moby --url https://phishing.site
+```
+This is equivalent to:
+
+```shell
+$ moby --url https://phishing.site --form_number 0 --username_field_number 0 --password_field_number 1
+```
+
+#### 6. With other options
+```shell
+$ moby --url https://phishing.site --debug --user_agent 'Mozilla/5.0' --username_hostname mydomain.com --username_is_email_address  --verbose
+```
+
+Note that `username_hostname` is useful only if `username_is_email_address` is true.
+
+### From within Ruby
+
+#### 1. Specify form name and field names
+```ruby
+require 'moby'
+
+moby = Moby.new(
+  url: 'https://phishing.site',
+  form_name: 'form-name',
+  username_field_name: 'login',
+  password_field_name: 'password'
+)
+moby.counter_phish
+```
+
+#### 2. Specify form number and field numbers
+This selects the second form on the page (using zero-based indexing) and uses the first and second fields therein:
+
+```ruby
+require 'moby'
+
+moby = Moby.new(
+  url: 'https://phishing.site',
+  form_number: 1,
+  username_field_number: 0,
+  password_field_number: 1,
+)
+moby.counter_phish
+```
+
+#### 3. Specify nothing but the URL
+```ruby
+require 'moby'
+
+moby = Moby.new(
+  url: 'https://phishing.site',
+)
+moby.counter_phish
+```
+This is equivalent to:
+
+```ruby
+require 'moby'
+
+moby = Moby.new(
+  url: 'https://phishing.site',
+  form_number: 0,
+  username_field_number: 0,
+  password_field_number: 1,
+)
+moby.counter_phish
+```
+
+#### 4. With other options
+```ruby
+require 'moby'
+
+moby = Moby.new(
+  url: 'https://phishing.site',
+  debug: true,
+  user_agent: 'Mozilla/5.0',
+  username_hostname: 'mydomain.com', # Only useful if username_is_email_address is true.
+  username_is_email_address: true,
+  verbose: true
+)
+moby.counter_phish
+```
+
+Note that there's no equivalent short names for constructor arguments.
+
+## Contributing
+
+1. Fork it: `https://github.com/thoran/moby/fork`
+2. Create your feature branch: `git checkout -b my-new-feature`
+3. Commit your changes: `git commit -am 'Add some feature'`
+4. Push to the branch: `git push origin my-new-feature`
+5. Create a new pull request

data/Rakefile

@@ -0,0 +1,22 @@
+# Rakefile
+
+require 'rake/testtask'
+
+Rake::TestTask.new(:test) do |t|
+  t.libs << 'lib'
+  t.libs << 'test'
+  t.test_files = FileList['test/**/*_test.rb']
+  t.verbose = true
+  t.warning = false
+end
+
+task default: :test
+
+desc "Run tests"
+task :spec => :test
+
+desc "Show version"
+task :version do
+  require_relative './lib/Moby/VERSION'
+  puts "moby #{Moby::VERSION}"
+end

data/bin/moby

@@ -0,0 +1,67 @@
+#!/usr/bin/env ruby
+# moby
+
+# moby is a credentials poisoning tool which floods phishing forms with fake credentials.
+
+lib_dir = File.expand_path(File.join(File.dirname(__FILE__), '..', 'lib'))
+$LOAD_PATH.unshift(lib_dir) unless $LOAD_PATH.include?(lib_dir)
+
+require 'Moby'
+require 'switches.rb'
+
+def switches
+  Switches.new do |s|
+    s.banner = 'Usage: whale <url> and any of the following options...'
+    s.set(:a, :user_agent){'What webclient I should pretend to be.'}
+    s.set(:debug?){'Show debugging information.'}
+    s.set(:e?, :username_is_email_address?){'Automatically generate a username which is in the form of an email address.'}
+    s.set(:f, :form, :form_name){'If left empty, the first form on the page will be used.'}
+    s.set(:help){'Usage: whale <url> and any of the following options...'}
+    s.set(:n, :form_number){'This will set the number of the form in order of appearance on the page.  Use zero-based indexing.'}
+    s.set(:pass_field, :password_field, :pass_field_name, :password_field_name){'The name of the password field.'}
+    s.set(:pass_field_number, :password_field_number){'The position of the password field in relation to the form it is attached to.  Use zero-based indexing.'}
+    s.set(:url){'The location of the phishing form.'}
+    s.set(:user_field, :username_field, :user_field_name, :username_field_name){'The name of the username field.'}
+    s.set(:user_field_number, :username_field_number){'The position of the username field in relation to the form it is attached to.  Use zero-based indexing.'}
+    s.set(:username_hostname){'The hostname to be used when the username is an email address.'}
+    s.set(:username_prefilled){'No need to supply an email address in the form.'}
+    s.set(:v?, :verbose?){'Outputs each submission as it goes.'}
+    s.perform(:version) do
+     puts "moby #{Moby::VERSION}"
+     exit
+   end
+  end
+end
+
+def main
+  args = switches.to_h
+  debug = args[:debug?]
+  form_name = args[:form_name]
+  form_number = args[:form_number]
+  password_field_name = args[:password_field_name]
+  password_field_number = args[:password_field_number]
+  url = args[:url]
+  user_agent = args[:user_agent]
+  username_field_name = args[:username_field_name]
+  username_field_number = args[:username_field_number]
+  username_hostname = args[:username_hostname]
+  username_is_email_address = args[:username_is_email_address?]
+  verbose = args[:verbose?]
+  moby = Moby.new(
+    debug: debug,
+    form_name: form_name,
+    form_number: form_number,
+    password_field_name: password_field_name,
+    password_field_number: password_field_number,
+    url: url,
+    user_agent: user_agent,
+    username_field_name: username_field_name,
+    username_field_number: username_field_number,
+    username_hostname: username_hostname,
+    username_is_email_address: username_is_email_address,
+    verbose: verbose
+  )
+  moby.counter_phish
+end
+
+main

data/lib/File/self.collect.rb

@@ -0,0 +1,10 @@
+# File/self.collect.rb
+# File.collect
+
+# 20200111
+# 0.2.1
+
+# Changes:
+# 1. + Thoran::File::SelfCollect namespace.
+
+require 'Thoran/File/SelfCollect/self.collect.rb'

data/lib/Moby/Backends/MechanizeBackend.rb

@@ -0,0 +1,157 @@
+# lib/moby/backends/mechanize_backend.rb
+# Moby::Backends::MechanizeBackend
+
+require 'mechanize'
+require 'pp'
+
+class Moby
+  module Backends
+    class MechanizeBackend
+      def counter_phish
+        set_up_agent
+        load_page
+        repeatedly_fill_and_submit_login_form
+      end
+
+      private
+
+      def initialize(config:, random_input_generator:)
+        @config = config
+        @random_input_generator = random_input_generator
+      end
+
+      def agent
+        @agent ||= (
+          puts "Setting up Mechanize agent..." if @config.verbose?
+          agent = Mechanize.new
+          puts "Agent setup complete." if @config.verbose?
+          agent
+        )
+      end
+      alias_method :set_up_agent, :agent
+
+      def page
+        @page ||= (
+          puts "Navigating to #{@config.url}..." if @config.verbose?
+          page = agent.get(@config.url)
+          puts "Page loaded successfully." if @config.verbose?
+          page
+        )
+      end
+      alias_method :load_page, :page
+
+      def form
+        @form ||= (
+          if @config.using_form_name?
+            find_form_by_name
+          else
+            find_form_by_number
+          end
+        )
+      end
+
+      def repeatedly_fill_and_submit_login_form
+        start_time = Time.now
+        puts "moby session begun #{start_time}."
+        submission_count = 0
+        begin
+          if @config.fixed_number_of_submissions?
+            @config.iterations.times do |iteration|
+              fill_and_submit_login_form
+              submission_count += 1
+              puts "Iteration #{submission_count} of #{@config.iterations}." if @config.verbose?
+            end
+            puts "Successfully completed #{@config.iterations} submissions." if @config.verbose?
+          else
+            loop do
+              fill_and_submit_login_form
+              submission_count += 1
+              puts "#{submission_count} #{username}:#{password}" if @config.verbose?
+            end
+          end
+        ensure
+          finish_time = Time.now
+          time_delta_in_minutes = (finish_time - start_time) / 60
+          submissions_per_minute = submission_count / time_delta_in_minutes
+          puts "moby session terminated #{finish_time} with #{submission_count} counter-phishes served in #{time_delta_in_minutes} minutes for an average of #{submissions_per_minute} submissions per minute."
+        end
+      end
+
+      def fill_and_submit_login_form
+        puts "Filling with: #{username}:#{password}" if @config.verbose?
+        agent.user_agent_alias = @config.user_agent
+        username_field.value = username
+        password_field.value = password
+        pp page if @config.debug?
+        result = agent.submit(form)
+        pp result if @config.debug?
+        sleep @config.delay if @config.delay > 0
+      rescue Net::HTTP::Persistent::Error
+        puts "\n\nNet::HTTP::Persistent::Error rescued.\n\n" if @config.verbose?
+      rescue Net::OpenTimeout
+        puts "\n\nNet::OpenTimeout rescued.\n\n" if @config.verbose?
+      end
+
+      def find_form_by_name
+        page.form_with(name: @config.form_name) ||
+          page.form_with(id: @config.form_name) ||
+          raise("Could not find a form with the name or id of #{@config.form_name}.")
+      end
+
+      def find_form_by_number
+        page.forms[@config.form_number] ||
+          raise("Could not find a form at index #{@config.form_number}.")
+      end
+
+      def username
+        @random_input_generator.random_username
+      end
+
+      def password
+        @random_input_generator.random_password
+      end
+
+      def username_field
+        @username_field ||=(
+          if @config.using_username_field_name?
+            find_username_field_by_name
+          else
+            find_username_field_by_number
+          end
+        )
+      end
+
+      def password_field
+        @password_field ||= (
+          if @config.using_password_field_name?
+            find_password_field_by_name
+          else
+            find_password_field_by_number
+          end
+        )
+      end
+
+      def find_username_field_by_name
+        form.field_with(name: @config.username_field_name) ||
+          form.field_with(id: @config.username_field_name) ||
+          raise("Could not find username field: #{@config.username_field_name}")
+      end
+
+      def find_username_field_by_number
+        form.fields[@config.username_field_number] ||
+          raise("Could not find username field at index #{@config.username_field_number}")
+      end
+
+      def find_password_field_by_name
+        form.field_with(name: @config.password_field_name) ||
+          form.field_with(id: @config.password_field_name) ||
+          raise("Could not find password field: #{@config.password_field_name}.")
+      end
+
+      def find_password_field_by_number
+        form.fields[@config.password_field_number] ||
+          raise("Could not find password field at index: #{@config.password_field_number}.")
+      end
+    end
+  end
+end