From Sandbox: New seed of Padcrypt
suqitian opened this issue · comments
- MD5:
1e69889644fd30e906c1f5c923599bef - Domains from Sandbox, 73 in total.
[datetime: 2017-05-17 02:18:58]
ceaonmlmcdefkbmd.com
beoamaebcldfkcdn.net
neadamaflkckddan.com
bbnkdfekaocadlkc.online
momdflefflamkadn.tk
caacemceebmfmofb.online
eckcafccffnoddco.com
dlffbnobdkkdcdmf.com
cnbmbdfllanfaecb.com
obbcoomndnccmela.org
alblmfdamndebckk.com
dkeackfnkakbdcke.ga
aaelmaomkffbaaoc.website
eaebeafdodobmnff.tk
ffcldmfkankdlefn.de
fadmaoclbldofddd.net
accbkadamdcnffnb.com
cdofacfaobbaadck.de
bdfafmbmfokkmcen.org
dkfnbefckcdllabk.online
dedeonalolcmccdn.net
dcbadcfkcobfdbom.com
afmdkbnalffbldab.co.uk
dfmdmekmdnbdbebk.tk
cldnmebabkcdldlb.ga
laacbdabfonledab.org
bfffcndcmdldndkb.info
ebnnbelccdcdlben.info
odkfnfabbacdfcke.com
mofkafmnmmcalndn.de
fdoedfldfbolblbf.website
fbflbfffceadocac.org
defaffaooabbadbf.cc
abfddfbmkmfaffec.co.uk
flcadcnoamldofef.de
eafbfndbcffdocka.online
nbbbcaabackbafbb.co.uk
bfcaclomdaodabml.ga
becbdfabdbbfaldd.co.uk
faoaeeacfommdeab.website
adknbalfedfabdab.co.uk
ipinfo.io A 52.74.166.76 A 52.221.28.84 52.221.28.84
dallfmfdnmkcmkda.co.uk
abldkfanoobebbaf.com
cbbaaekbdckmabbd.de
cbffmmdkblodeeck.com
fffcbdbacfodedbf.tk
eclcedafkfddnkec.tk
lbaafbblfadddedm.org
cbfbfcdafdomaann.com
aeocfacnadfcccda.de
benffabcfbmddoac.co
mlackfemdlndfcfo.de
ffakcdacdaoolbab.co.uk
kldnlafolkdbeebk.info
bcdcacnnboabdlll.de
fanfbndcaaccncce.net
nkfbcdmndkaendff.com
lbdodamcdbaabldc.com
alecadbefcddoacf.org
cdkfafmaldlboald.info
lcnlbadmfbeeokob.info
mdleakbnnbellnaa.net
baccebofcoomcabf.com
donelffkbfankmfd.net
aamccaaffkclafca.net
bkdbcbfffkedamba.com
ddacdoanccefmabm.co
aadmebacfeaancfe.website
dnlfcdlacdbbabcd.cc
cdaaacdnafnbcaod.co
kbnbffkakbkdcbdm.net
aoaedbkoabalbcfa.info
- Code diff
$ diff dga_new.py dga.py
30,36d29
< },
< "11.37.0.0" : {
< 'nr_domains': 24*3,
< 'tlds': ['com', 'co.uk', 'de', 'org', 'net', 'tk', 'info', 'online',
< 'ga', 'co', 'cc', 'website'],
< 'digit_mapping': "abcdnfolmk",
< 'separator': '|'
47,50d39
<
< if config_nr == "11.37.0.0":
< seed_str += "38"
<
64c53
< choices=["2.2.86.1", "2.2.97.0", "11.37.0.0"], default="2.2.86.1")
---
> choices=["2.2.86.1", "2.2.97.0"], default="2.2.86.1")
dga_new.py is here, which base on the version implemented by baderj.
- Test
$ python dga_new.py -v 11.37.0.0 -d 2017-05-17 | less
donelffkbfankmfd.net
lbaafbblfadddedm.org
dcbadcfkcobfdbom.com
cldnmebabkcdldlb.ga
momdflefflamkadn.tk
aamccaaffkclafca.net
laacbdabfonledab.org
mofkafmnmmcalndn.de
dkeackfnkakbdcke.ga
benffabcfbmddoac.co
cbbaaekbdckmabbd.de
fanfbndcaaccncce.net
cdkfafmaldlboald.info
bkdbcbfffkedamba.com
abfddfbmkmfaffec.co.uk
eafbfndbcffdocka.online
lcnlbadmfbeeokob.info
dallfmfdnmkcmkda.co.uk
neadamaflkckddan.com
dedeonalolcmccdn.net
mlackfemdlndfcfo.de
abldkfanoobebbaf.com
ebnnbelccdcdlben.info
kbnbffkakbkdcbdm.net
nkfbcdmndkaendff.com
eckcafccffnoddco.com
dnlfcdlacdbbabcd.cc
ddacdoanccefmabm.co
alblmfdamndebckk.com
fffcbdbacfodedbf.tk
defaffaooabbadbf.cc
accbkadamdcnffnb.com
cnbmbdfllanfaecb.com
nbbbcaabackbafbb.co.uk
adknbalfedfabdab.co.uk
caacemceebmfmofb.online
faoaeeacfommdeab.website
cbfbfcdafdomaann.com
eaebeafdodobmnff.tk
obbcoomndnccmela.org
cdaaacdnafnbcaod.co
bfffcndcmdldndkb.info
beoamaebcldfkcdn.net
flcadcnoamldofef.de
mdleakbnnbellnaa.net
...