Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- #####
- Andromeda Command Enumeration script
- @tehsyntx
- thembits.blogspot.com
- #####
- #!/usr/bin/env python
- import urllib2
- import base64
- import struct
- import sys
- import re
- def rc4_crypt( data , key ):
- #http://www.emoticode.net/python/python-implementation-of-rc4-algorithm.html
- S = range(256)
- j = 0
- out = []
- for i in range(256):
- j = (j + S[i] + ord( key[i % len(key)] )) % 256
- S[i] , S[j] = S[j] , S[i]
- i = j = 0
- for char in data:
- i = ( i + 1 ) % 256
- j = ( j + S[i] ) % 256
- S[i] , S[j] = S[j] , S[i]
- out.append(chr(ord(char) ^ S[(S[i] + S[j]) % 256]))
- return ''.join(out)
- if __name__ == '__main__':
- if len(sys.argv) < 3:
- print 'usage: ./andromeda.py <rc4 key> <url to gate>'
- print 'author: @tehsyntx'
- sys.exit()
- data = 'id:11111|bid:11111|os:FF|a:11111|rg:1111'
- key = sys.argv[1]
- if 'http://' in sys.argv[2]:
- url = sys.argv[2]
- else:
- url = 'http://' + sys.argv[2]
- pdata = base64.b64encode(rc4_crypt(data, key))
- try:
- response = urllib2.urlopen(url, pdata).read()
- except Exception, e:
- if '404' in str(e):
- print 'HTTP 404, this usually means that you\'ve got the wrong key'
- else:
- print 'Something went wrong, corrent key? Mistyped gate?'
- sys.exit()
- data = rc4_crypt(response[4:], struct.pack("<L", 11111))
- print 'Raw response:\n %s\n' % data
- if 'kl(' in data:
- procs = base64.b64decode(data[data.find('kl(') + 3:-2]).split('\0')
- print 'Keylog processes:'
- for proc in procs:
- if len(proc) > 0:
- print ' %s' % proc
- if 'gn(' in data:
- cmdlist = base64.b64decode(data[3:data.find(')')]).split('\0')
- else:
- sys.exit()
- print 'Commands:'
- for i in range(len(cmdlist)):
- if len(cmdlist[i]) > 0:
- if '\x01' in cmdlist[i][0]:
- print ' Download&Exec: %s' % cmdlist[i+3]
- if '\x02' in cmdlist[i][0]:
- print ' Install plugin: %s' % cmdlist[i+3]
- if '\x03' in cmdlist[i][0]:
- print ' Update bot: %s' % cmdlist[i+3]
- if '\x04' in cmdlist[i][0]:
- print ' Delete all plugins'
- if '\x05' in cmdlist[i][0]:
- print ' Uninstall bot'
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement