Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- *# Copyright (c) 2009 Paul Gebheim...
- import sys
- import socket
- import array
- from optparse import OptionParser
- from Cryptodome.Cipher import Blowfish
- from Cryptodome.Hash import MD5
- TELNET_PORT = 23
- # The version of Blowfish supplied for the telenetenable.c implementation
- # assumes Big-Endian data, but the code does nothing to convert the
- # little-endian stuff it's getting on intel to Big-Endian
- #
- # So, since Crypto.Cipher.Blowfish seems to assume native endianness, we need
- # to byteswap our buffer before and after encrypting it
- #
- # This helper does the byteswapping on the string buffer
- def ByteSwap(data):
- a = array.array('i')
- if(a.itemsize < 4):
- a = array.array('L')
- if(a.itemsize != 4):
- print("Need a type that is 4 bytes on your platform so we can fix the data!")
- exit(1)
- a.fromstring(data)
- a.byteswap()
- return a.tostring()
- def GeneratePayload(mac, username, password=""):
- # Pad the input correctly
- assert(len(mac) < 0x10)
- just_mac = mac.ljust(0x10, "\x00")
- assert(len(username) <= 0x10)
- just_username = username.ljust(0x10, "\x00")
- assert(len(password) <= 0x10)
- just_password = password.ljust(0x10, "\x00")
- cleartext = (just_mac + just_username + just_password).ljust(0x70, '\x00')
- md5_key = MD5.new(cleartext).digest()
- payload = ByteSwap((md5_key + cleartext).ljust(0x80, "\x00"))
- secret_key = "AMBIT_TELNET_ENABLE+" + password
- return ByteSwap(Blowfish.new(secret_key, 1).encrypt(payload))
- def SendPayload(ip, payload):
- for res in socket.getaddrinfo(ip, TELNET_PORT, socket.AF_INET, socket.SOCK_STREAM, socket.IPPROTO_IP):
- af, socktype, proto, canonname, sa = res
- try:
- s = socket.socket(af, socktype, proto)
- except socket.error as msg:
- s = None
- continue
- try:
- s.connect(sa)
- except socket.error as msg:
- s.close()
- s= None
- continue
- break
- if s is None:
- print ("Could not connect to '%s:%d'") % (ip, TELNET_PORT)
- else:
- s.send(payload)
- s.close()
- print ("Sent telnet enable payload to '%s:%d'") % (ip, TELNET_PORT)
- def main():
- args = sys.argv[1:]
- if len(args) < 3 or len(args) > 4:
- print ("usage: python telnetenable.py <ip> <mac> <username> [<password>]")
- ip = args[0]
- mac = args[1]
- username = args[2]
- password = ""
- if len(args) == 4:
- password = args[3]
- payload = GeneratePayload(mac, username, password)
- SendPayload(ip, payload)
- main()*
- md5_key = MD5.new(cleartext).digest()
- is where I get the error:
- Traceback (most recent call last):
- File "telnetenable.py", line 113, in <module>
- main()
- File "telnetenable.py", line 110, in main
- payload = GeneratePayload(mac, username, password)
- File "telnetenable.py", line 64, in GeneratePayload
- md5_key = MD5.new(cleartext).digest()
- File "C:\Users\farme\AppData\Local\Programs\Python\Python36\lib\site-packages\Cryptodome\Hash\MD5.py", line 47, in __init__
- self._h = _hash_new(*args)
- TypeError: Unicode-objects must be encoded before hashing
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement