Mysql Bruty [BRUTEFORCE]

[DragonHunter]

Hey guys

 

This is a new program i've made and it's working pretty good

 

This is a bruteforce program and it's illegal! so use it at your own risk!

 

I've made this program today in some hours and its working now without bugs (i hope so)

 

Bruteforcing a mysql database can take a long time because its trying alot of passwords + combinations

It's trying upper/lower characters and numeric in different combinations, This will make the bruteforce a success

 

Just fillin the ip you want to bruteforce and then the username.... mostly its root

 

This should work at every server that has the port open 3306 (mysql port)

 

Video preview:

http://www.youtube.com/watch?v=EQvkqNbLGR4

This is the hidden content, please

• Sign In
• or
• Sign Up

[Lucky Dice]

amazing work DragonHunter !

Keep Sharing ;)

[mareks]

for me Trying password is realy slow o.O not like you. have you maked it little bit faster or need realy fast cpu? so it worked like on you?

[DragonHunter]

New version of Mysql Bruty:

http://www.multiupload.com/GGKTLVQBGT

 

[IPXS]

Now 95% server use not root username :D But thx for share. How mutch maximum lenght?

 

Maybe you can add this:

 

Minimal lenght: 1

Maximal lenght: 20

 

Allowed Charact

 

Yes/No Digits: (0/9)

 

Yes/No Uppercase letters (A/Z)

 

Yes/No Lowercase letters (a/z)

 

Yes/No Special symbol (@!?^?^,etc)

 

Yes/No Custom symbol

[xDunno]

wow very nice share thx for it oO

[GregHouseM.D.]

Great job Dragon, but for me application needs some improvement. For example if i know that password is more than 5 letters length, i dont need to try passwords like a,aa,aaa,aaaa, b,bb,bbb,bbbb etc. So if will be option to select number of minimum pass letters it will be great :)

[DragonHunter]

Ok thanks for the idea's I will add them today ;)

[yhn]

awsome share, DH. keep the good work.

[Maprex]

New version of Mysql Bruty:

http://www.multiupload.com/GGKTLVQBGT

 

maybe you must hide and this one

[Dreigons]

Fix for Linux:

 

iptables -A INPUT -i eth0 -p tcp --dport 3306 -m state --state NEW -m recent --set --name MYSQL

iptables -A INPUT -i eth0 -p tcp --dport 3306 -m state --state NEW -m recent --update --seconds 60 --hitcount 8 --rttl --name MYSQL -j DROP

 

Or just don't create user with '@', just create for host, which your know, others forbid...

[˚کe®κ]

file is infected use it on your own risk

[MaestroLuke]

possible to make a textfield for another port ?nice one

[DragonHunter]

file is infected use it on your own risk

wtf ?... ur funny

[˚کe®κ]

http://www.virustotal.com/analisis/1957f021413349f51012490aafcd53d6f72a2bf58ef7672b648d0db634ca22ac-1270211276