Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- #!/usr/bin/python
- #-*- coding: utf-8 -*-
- # Andromeda bot panel monitoring
- # By aaSSfxxx :þ
- import sys
- import base64
- import httplib
- import struct
- # RC4 routines
- def initialize(keye):
- """Produce a 256-entry list based on `key` (a sequence of numbers)
- as the first step in RC4.
- Note: indices in key greater than 255 will be ignored.
- """
- key = [ord(i) for i in keye]
- k = range(256)
- j = 0
- for i in range(256):
- j = (j + k[i] + key[i % len(key)]) % 256
- k[i], k[j] = k[j], k[i]
- return k
- def gen_random_bytes(k):
- """Yield a pseudo-random stream of bytes based on 256-byte array `k`."""
- i = 0
- j = 0
- while True:
- i = (i + 1) % 256
- j = (j + k[i]) % 256
- k[i], k[j] = k[j], k[i]
- yield k[(k[i] + k[j]) % 256]
- def run_rc4(k, text):
- cipher_chars = []
- random_byte_gen = gen_random_bytes(k)
- for char in text:
- byte = ord(char)
- cipher_byte = byte ^ random_byte_gen.next()
- cipher_chars.append(chr(cipher_byte))
- return ''.join(cipher_chars)
- # Routine who gives action name with action link
- def get_command(id):
- try:
- return {
- 1: "Download EXE",
- 2: "Install plugin",
- 3: "Update bot",
- 4: "Install DLL",
- 5: "Delete DLLs",
- 6: "Delete plugins",
- 9: "Kill bot"}[id]
- except Exception:
- return "Do nothing"
- # Main program
- if len(sys.argv) != 4:
- print "Andromeda bot panel watcher"
- print " Usage: %s <panel host> <path> <rc4key>" % sys.argv[0]
- sys.exit(0)
- connstr = "id:1337|bid:666|bv:518|sv:1281|pa:1|la:42|ar:1"
- retstr = base64.b64encode(run_rc4(initialize(sys.argv[3]), connstr))
- h1 = httplib.HTTPConnection(sys.argv[1])
- h1.request("POST", sys.argv[2], retstr, {"User-Agent": "Mozilla/4.0", "Content-type": "application/x-www-form-urlencoded"})
- result = h1.getresponse().read()
- data = run_rc4(initialize(struct.pack("L", 1337)), result[4:])
- data = data[4:]
- command_id = ord(data[0])
- offset_null = data[5:].find("\x00")
- while offset_null != -1:
- offset_null = data[5:].find("\x00")
- if offset_null == -1:
- url = data[5:]
- else:
- url = data[5:offset_null+5]
- print "Command: " + get_command(command_id) + " - URL: " + url
- data = data[offset_null+6:]
- command_id = ord(data[0])
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement