-
Notifications
You must be signed in to change notification settings - Fork 5
/
force.php
60 lines (51 loc) · 1.72 KB
/
force.php
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
<?php
/**
* Created by PhpStorm.
*
* Date: 10.12.15
* Time: 22:58
*/
ini_set('display_errors', 0);
require_once __DIR__ . '/vendor/autoload.php';
require __DIR__ . '/config.php';
/**
* Password source - https://stricture-group.com/files/adobe-top100.txt
*/
$passwords = [];
$f = fopen(__DIR__ . '/adobe-top100.txt', 'r');
while (($buffer = fgets($f, 1024)) !== false) {
$matches = [];
if (preg_match('/^\d+\.\s+\d+\s+\S+\s+(\w+)$/', $buffer, $matches)) {
$passwords[] = $matches[1];
}
}
fclose($f);
try {
$db = new \PDO('mysql:host=localhost;dbname=' . $config['dbname'], $config['user'], $config['password']);
} catch (\PDOException $e) {
echo "Error: " . $e->getMessage() . PHP_EOL;
exit(1);
}
$encoder = new \Symfony\Component\Security\Core\Encoder\MessageDigestPasswordEncoder(
$config['algorithm'],
$config['encode_hash_as_base64'],
$config['iterations']
);
$userTable = $config['table'];
$upd = $db->prepare("UPDATE `{$userTable}` SET `checked` = 1 WHERE `id` = :id");
$success = $db->prepare("UPDATE `{$userTable}` SET `checked` = 1, `plain_password` = :password WHERE `id` = :id");
do {
$sth = $db->query("SELECT * FROM `{$userTable}` WHERE `checked` = 0 AND `plain_password` IS NULL LIMIT 1", \PDO::FETCH_ASSOC);
$count = $sth->rowCount();
$item = $sth->fetch();
$id = (int)$item['id'];
foreach ($passwords as $password) {
$hash = $encoder->encodePassword($password, $item['salt']);
if ($hash == $item['password']) {
echo sprintf('%s - %s', $item['username'], $password) . PHP_EOL;
$success->execute([':id' => $id, ':password' => $password]);
break;
}
}
$upd->execute([':id' => $id]);
} while ($count == 1);