API tools faq
paste
Advertisement
mattybeds2015

Untitled

mattybeds2015
Jan 29th, 2015
239
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
Python 2.60 KB | None | 0 0
raw download clone embed print report
  1. #!/usr/bin/env python2
  2.  
  3. #Intruder Fuzzer Module version 1 - Red Dragon Productions
  4.  
  5. from scapy.all import *
  6. import sys
  7. import telnetlib
  8. import string
  9. import threading
  10.  
  11. target        = sys.argv[1]
  12. port          = sys.argv[2]
  13. logfile       = sys.argv[3]
  14.  
  15. #Setup banner
  16. def usage():
  17.   print("Intruder v1.1")
  18.   print("")
  19.   print("Usage:")
  20.   print(" ")
  21.   print(" >> python2 intruder.py (host) (port) (logfile)")
  22.   print(" ")
  23.  
  24. #Define the response analysis
  25. def response_analyse(resp,fuzz):
  26.  
  27.   if "41" in resp:
  28.     ee = hexdump(resp)
  29.     with open(logfile, "a") as myfile:
  30.       myfile.write("Port "+str(port)+" "+"String: "+str(fuzz)+"\n"+str(ee)+"\n")
  31.     print("Potential vuln")
  32.     print(fuzz)
  33.     hexdump(resp)
  34.  
  35.   if "PATH=" in resp:
  36.     ee = hexdump(resp)
  37.     with open(logfile, "a") as myfile:
  38.       myfile.write("Port "+str(port)+" "+"String: "+str(fuzz)+"\n"+str(ee)+"\n")
  39.     print("Potential vuln")
  40.     print(fuzz)
  41.     hexdump(resp)
  42.  
  43.   if "segmentation" in resp:
  44.     ee = hexdump(resp)
  45.     with open(logfile, "a") as myfile:
  46.       myfile.write("Port "+str(port)+" "+"String: "+str(fuzz)+"\n"+str(ee)+"\n")
  47.     print("Potential vuln")
  48.     print(fuzz)
  49.     hexdump(resp)
  50.  
  51. #Define the engine
  52. def engine(target,port,command):
  53.  
  54.   for i in range(1,1000):
  55.           for g in range(1,10):  
  56.             gen = ex+" "
  57.             fuzz = str(c[:])+' '+gen*g+'\n'
  58.             tn = telnetlib.Telnet(target,port)
  59.             #tn.read_until("\r\n")      # --uncomment for FTP or any command that sends string when you connect
  60.             print("Sending "+fuzz)
  61.             tn.write(fuzz)
  62.             d = tn.read_until("\r\n")
  63.             print(d)
  64.             response_analyse(d,fuzz)
  65.        
  66. if "21" == port:
  67.  
  68.   command = ["USER ","PASS ", "CDUP ","SMNT ","STOU ","XSEN ","XSEM ,","XRSQ ","XRMD ","XRCP ","XPWD ",
  69.   "XMKD ","XCUP ","LANG ","FEAT ","EPSV ","ADAT ","STRU ","STAT ","SIZE ","SITE ","RNTO ","RNFR ","RMD ",
  70.   "RETR ","REST ","PROT ","PBSZ ","OPTS ","NLST ","MLST ","MLSD ","MIC ","LPRT ", "EPRT ","CCC ","RMD ",
  71.   "MKD ","PWD ","SYST ","REIN ","PORT ","PASV ","TYPE","MODE ","RETR", "STOR ","APPE ","ALLO ","REST ","RNFR ",
  72.   "MDTM ","LPSV ","ENC ","CONF ","CDUP "]
  73.   engine(target,port,command)
  74.  
  75. elif "110" == port:
  76.   command = ["POP3: ","USER ","PASS ","QUIT ","STAT ","RETR ","DELE ","NOOP ","LAST ","RSET ","TOP ","RPOP "]
  77.   engine(target,port,command)
  78.  
  79. elif "80" == port:
  80.   command = ["HTTP: ","GET /","HEAD /","PUT /","TRACE /","DELETE /","LINK /","UNLINK /", "CONNECT","request-header "]
  81.   engine(target,port,command)
  82.  
  83. else:
  84.   command = [""]
  85.   engine(target,port,command)
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
Public Pastes
Advertisement
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!