增加内置默认密码，修复phpmyadmin无法爆破https的bug

JKme · Apr 13, 2022 · 1434eb2 · 1434eb2
1 parent e483c4c
commit 1434eb2
Show file tree

Hide file tree

Showing 5 changed files with 5 additions and 5 deletions.
diff --git a/config/config.go b/config/config.go
@@ -13,4 +13,4 @@ var CrackX = []string{"elastic", "ftp", "mongo", "mssql", "mysql", "postgres", "
 
 var ProbeX = []string{"docker", "rmi", "oxid", "ms17010", "smb", "zookeeper", "dubbo", "etcd", "k8s", "smbghost"}
 
-var PASSWORDS = []string{" ", "123456", "admin", "admin123", "root", "5201314", "pass123", "pass@123", "password", "123123", "654321", "111111", "123", "1", "admin@123", "Admin@123", "admin123!@#", "{user}", "{user}1", "{user}12", "{user}111", "{user}123", "{user}1234", "{user}12345", "{user}123456", "{user}@123", "{user}_123", "{user}#123", "{user}@111", "{user}@2019", "P@ssw0rd!", "P@ssw0rd", "Passw0rd", "qwe123", "12345678", "test", "test123", "123qwe!@#", "123456789", "123321", "666666", "a123456.", "123456~a", "000000", "1234567890", "8888888", "!QAZ2wsx", "1qaz2wsx", "1QAZ2wsx", "1q2w3e4r", "abc123", "abc123456", "1qaz@WSX", "a11111", "a12345", "Aa1234", "Aa1234.", "Aa12345", "123456a", "123456aa", "a123456", "a123123", "Aa123123", "Aa123456", "Aa12345.", "sysadmin", "system", "1234qwer!@#$", "1qaz@WSX1qaz", "QAZwsxEDC"}
+var PASSWORDS = []string{" ", "123456", "admin", "admin123", "root", "5201314", "pass123", "pass@123", "password", "123123", "654321", "111111", "123", "1", "admin@123", "Admin@123", "admin123!@#", "1234qwer!@#$", "1qaz@WSX1qaz", "QAZwsxEDC", "{user}", "{user}1", "{user}12", "{user}111", "{user}123", "{user}1234", "{user}12345", "{user}123456", "{user}@123", "{user}_123", "{user}#123", "{user}@111", "{user}@2019", "P@ssw0rd!", "P@ssw0rd", "Passw0rd", "qwe123", "12345678", "test", "test123", "123qwe!@#", "123456789", "123321", "666666", "a123456.", "123456~a", "000000", "1234567890", "8888888", "!QAZ2wsx", "1qaz2wsx", "1QAZ2wsx", "1q2w3e4r", "abc123", "abc123456", "1qaz@WSX", "a11111", "a12345", "Aa1234", "Aa1234.", "Aa12345", "123456a", "123456aa", "a123456", "a123123", "Aa123123", "Aa123456", "Aa12345.", "sysadmin", "system"}
diff --git a/core/crackmodule/httpbasic.go b/core/crackmodule/httpbasic.go
@@ -39,7 +39,7 @@ func (h HttpBasic) Exec() CrackResult {
 	result := CrackResult{Crack: *h.Crack, Result: false, Err: nil}
 
 	clt := http.Client{}
-	if !strings.HasPrefix(h.Ip, "http://") {
+	if !strings.HasPrefix(h.Ip, "http") {
 		gologger.Errorf("Invalid URL, eg: http://%s", h.Ip)
 	}
 	req, _ := http.NewRequest("POST", h.Ip, nil)

diff --git a/core/crackmodule/jenkins.go b/core/crackmodule/jenkins.go
@@ -43,7 +43,7 @@ func (j Jenkins) Exec() CrackResult {
 	result := CrackResult{Crack: *j.Crack, Result: false, Err: nil}
 
 	clt := http.Client{}
-	if !strings.HasPrefix(j.Ip, "http://") {
+	if !strings.HasPrefix(j.Ip, "http") {
 		gologger.Errorf("Invalid URL, eg: http://%s", j.Ip)
 	}
 	req, _ := http.NewRequest("GET", j.Ip+"/login", nil)

diff --git a/core/crackmodule/phpmyadmin.go b/core/crackmodule/phpmyadmin.go
@@ -43,7 +43,7 @@ func (p Phpmyadmin) Exec() CrackResult {
 	result := CrackResult{Crack: *p.Crack, Result: false, Err: nil}
 
 	clt := http.Client{}
-	if !strings.HasPrefix(p.Ip, "http://") {
+	if !strings.HasPrefix(p.Ip, "http") {
 		gologger.Errorf("Invalid URL, eg: http://%s", p.Ip)
 	}
 	req, _ := http.NewRequest("GET", p.Ip, nil)

diff --git a/core/crackmodule/zabbix.go b/core/crackmodule/zabbix.go
@@ -43,7 +43,7 @@ func (z Zabbix) Exec() CrackResult {
 	result := CrackResult{Crack: *z.Crack, Result: false, Err: nil}
 
 	clt := http.Client{}
-	if !strings.HasPrefix(z.Ip, "http://") {
+	if !strings.HasPrefix(z.Ip, "http") {
 		gologger.Errorf("Invalid URL, eg: http://%s", z.Ip)
 	}
 	req, _ := http.NewRequest("GET", z.Ip, nil)