Random IP

[maboroshi]

Hi I am new to this site it looked interesting to me just thought I would post a question regarding a program I am writing

How I would like this program to function:

I would like this app to be able to randomly select from a series of IP Addresses then attempt to make a connection to one then disconnect and attempt to make a connection to another one

But I want it to use random time outs so as not to be detected while probing I have written the code so it will randomly select from a list of ips and make a connection.

I can figure the random timeouts out part I am sure

but I am having troubles looping through connections it connects once then fails to connect again to another ip

My Code is as Follows

Anyhelp would be appreciated

Code: Select all

import socket, random

PORT = 80
sock = socket.socket(socket.AF_INET, socket.SOCK_STREAM)


# Test Sites
num = ("www.hotscripts.com", "www.ninjutsu.com", "www.canada.ca", "www.intel.com", "www.mytelus.com",
      "www.bravo.com", "www.winjutsu.com", "www.microsoft.com", "www.mukashikaigan.com", "www.engrooved.ca"
      )



# loop through 
for address in range(10):
    rand = random.choice(num)
    sock.connect((rand, PORT))
    print "connected to", rand
    sock.close()

The coding language is Python

Please let me know if this is not the right web site to post this kind of question

[CyberPulse]

This is the right place to come to...as long as your code is not being used for illegal purposes . Can you tell me, is the first site it connects to www.hotscripts.com ? Looking at your code it seems like it should work.

[maboroshi]

Hi thanks for the reply no it is not being used for illegal purposes just education

What the code should do is randomly select from those urls so hotscripts might be first ninjutsu.com might be first etc etc

What the problem is it makes its first connection then fails after that. I then get a bad file descriptor error

raise error(EBADF, 'Bad file descriptor')
error: (9, 'Bad file descriptor')

I am unsure what could be causing this error any ideas are appreciated

Thanks once again

[CyberPulse]

Alright, it seems like the coding for random is correct if you are not just getting hotscripts.com . It has been a while since I've programmed in Python, but what I think is happening (based on the error) is that since you are closing the socket it is going dead meaning that you can't make another connect with it. What you probably need to do is figure out a way to connect after closing the old socket but before the next iteration (Oh, now I'm confused ). Let me know what you try and if this is the problem.

[maboroshi]

Hey CyberPulse

Thanks for the help
I tested on IPs that would not allow a connection to be made while running it does loop through it but it cancels itself out when a connection is made

Is it possible to allow for multiple connections I suppose threading would be the answer

any ideas would be appreciated

Cheers

Maboroshi

Here is the code now

Code: Select all

import socket, random

PORT = 80
sock = socket.socket(socket.AF_INET, socket.SOCK_STREAM)


# Test Sites
def myip():
    num = ["29.208.55.1", "29.208.55.2", "29.208.55.3", "29.208.55.4", "29.208.55.5",
    "29.208.55.6", "29.208.55.51", "29.208.55.19", "29.208.55.31", "29.208.55.124"]
    ip = random.choice(num)
    return ip

# loop through
for i in range(10):
    try:
        sock.connect((myip(), PORT))
        print "connected to", myip()
    except:
        print "Failed ", myip()

[Xantoram]

By chance, using this code.. how would one go about it? I mean do you need a certain host or something?

( Oh and the names Xantoram i tried getting an intro in the newbies sect, alas it said failed and i do apologize beforehand for making this the first visible post )

Laters

[CyberPulse]

Maboroshi, the only thing I can come up with is just like you said...threading. I've been looking in my books to see if there is any other way, so far nothing. I'll let you know if I find something.

Xantoram, I'm not quite sure if I understand what you are asking. If you rephrase it I might be able to answer your question.

[Xantoram]

basically to use this code(the one we are talking about) do you need an ftp site or something to host it? and if so do you need anything else to enable it?

[maboroshi]

Hey Thanks for all your help cyberpulse

The code didn't quite turn out the way expected but nonetheless it should be alright to use

Xantoram

All that you need for this code is a python interpreter and some knowledge of python

Cyberpulse a question

I was wondering a Trojan on someones computer is just a server if I know what commands to send to that server could I not run it from any client You seem to have knowledge in this area Any thoughts on this would be great

[bad_brain]

Um,let me check if I got you right:
Do you mean something like an automatic RPC when the service is available on the adress?

[CyberPulse]

Sorry it has taken me so long to reply, I've had to work on my company's website. Anyways, to answer your question, from my experiences you should be able to run it if you connect to the server and have access rights to run the program. I used to run programs off of a Windows 2000 server through a Cisco router on a client machine, but that was during my CCNA studies at school so I didn't really have any experience with trojans on it. RPC (Remote Procedure Calls) should work better but I don't have much knowledge about them other than the calling procedure doesn't have to be located in the same place as the called. Any help you can provide Bad_Brain would be appreciated.

[bad_brain]

Uh-oh....been a while since I´ve had to do with RPCs in context to Java and XML, and I have not much experience with RPCL, but I´ll try to give as much info as I can...

Here´s how a RPC works:

1. Selection of the networkprotocol (server sided)
2. Register RPC interface (server sided)
3. Registering the application endpoints in the endpoint map (server sided) //port 135 on Windows
4. Announcing RPC interfaces in the namespace (server sided)
5. Listening for RPCs (server sided)

6. Searching compatible server which provides the service (client sided)
7. Call of the procedure (client sided)
8. Establish connection to server (client sided)
9. Converting the entry arguments in network data (client sided)
10.Transmitting arguments to server (client sided)

11.Gets the RPC (server sided)
12.Transforming the arguments into local data presentation (server sided)
13.Determination and call of the wanted procedure (server sided)
14.Running the called procedure
15.Converting the outgoing arguments and the returning value into network data (server sided)
16.Transmitting the results to client (server sided)

17.Receives results (client sided)
18.Transforming the arguments into local data presentation (client sided)
19.Results and controls are given back to the code which caused the RPC (client sided).

K, the trick is to get the data of the endpoint map of the target,
in Linux: rpcinfo -p xxx.xxx.xxx.xxx
in Windows use EPDump, I´ve added it to the networking stuff dl-section.

Hope I could help a bit....


P.S. here´s the RFC for RPCs: http://www.faqs.org/rfcs/rfc1831.html