DragonHunter Posted April 1, 2010 Posted April 1, 2010 Hey guys This is a new program i've made and it's working pretty good This is a bruteforce program and it's illegal! so use it at your own risk! I've made this program today in some hours and its working now without bugs (i hope so) Bruteforcing a mysql database can take a long time because its trying alot of passwords + combinations It's trying upper/lower characters and numeric in different combinations, This will make the bruteforce a success Just fillin the ip you want to bruteforce and then the username.... mostly its root This should work at every server that has the port open 3306 (mysql port) Video preview: http://www.youtube.com/watch?v=EQvkqNbLGR4 This is the hidden content, please Sign In or Sign Up
mareks Posted April 2, 2010 Posted April 2, 2010 for me Trying password is realy slow o.O not like you. have you maked it little bit faster or need realy fast cpu? so it worked like on you?
DragonHunter Posted April 2, 2010 Author Posted April 2, 2010 New version of Mysql Bruty: http://www.multiupload.com/GGKTLVQBGT
IPXS Posted April 2, 2010 Posted April 2, 2010 Now 95% server use not root username :D But thx for share. How mutch maximum lenght? Maybe you can add this: Minimal lenght: 1 Maximal lenght: 20 Allowed Charact Yes/No Digits: (0/9) Yes/No Uppercase letters (A/Z) Yes/No Lowercase letters (a/z) Yes/No Special symbol (@!?^?^,etc) Yes/No Custom symbol
GregHouseM.D. Posted April 2, 2010 Posted April 2, 2010 Great job Dragon, but for me application needs some improvement. For example if i know that password is more than 5 letters length, i dont need to try passwords like a,aa,aaa,aaaa, b,bb,bbb,bbbb etc. So if will be option to select number of minimum pass letters it will be great :)
DragonHunter Posted April 2, 2010 Author Posted April 2, 2010 Ok thanks for the idea's I will add them today ;)
Maprex Posted April 2, 2010 Posted April 2, 2010 New version of Mysql Bruty: http://www.multiupload.com/GGKTLVQBGT maybe you must hide and this one
Dreigons Posted April 2, 2010 Posted April 2, 2010 Fix for Linux: iptables -A INPUT -i eth0 -p tcp --dport 3306 -m state --state NEW -m recent --set --name MYSQL iptables -A INPUT -i eth0 -p tcp --dport 3306 -m state --state NEW -m recent --update --seconds 60 --hitcount 8 --rttl --name MYSQL -j DROP Or just don't create user with '@', just create for host, which your know, others forbid...
MaestroLuke Posted April 2, 2010 Posted April 2, 2010 possible to make a textfield for another port ?nice one
DragonHunter Posted April 2, 2010 Author Posted April 2, 2010 file is infected use it on your own risk wtf ?... ur funny
˚کe®κ Posted April 2, 2010 Posted April 2, 2010 http://www.virustotal.com/analisis/1957f021413349f51012490aafcd53d6f72a2bf58ef7672b648d0db634ca22ac-1270211276
Recommended Posts