Skip to content

Commit

Permalink
增加内置默认密码,修复phpmyadmin无法爆破https的bug
Browse files Browse the repository at this point in the history
  • Loading branch information
JKme committed Apr 13, 2022
1 parent f8a6b18 commit e067a49
Show file tree
Hide file tree
Showing 5 changed files with 5 additions and 5 deletions.
2 changes: 1 addition & 1 deletion config/config.go
Original file line number Diff line number Diff line change
Expand Up @@ -13,4 +13,4 @@ var CrackX = []string{"elastic", "ftp", "mongo", "mssql", "mysql", "postgres", "

var ProbeX = []string{"docker", "rmi", "oxid", "ms17010", "smb", "zookeeper", "dubbo", "etcd", "k8s", "smbghost"}

var PASSWORDS = []string{" ", "123456", "admin", "admin123", "root", "5201314", "pass123", "pass@123", "password", "123123", "654321", "111111", "123", "1", "admin@123", "Admin@123", "admin123!@#", "{user}", "{user}1", "{user}12", "{user}111", "{user}123", "{user}1234", "{user}12345", "{user}123456", "{user}@123", "{user}_123", "{user}#123", "{user}@111", "{user}@2019", "P@ssw0rd!", "P@ssw0rd", "Passw0rd", "qwe123", "12345678", "test", "test123", "123qwe!@#", "123456789", "123321", "666666", "a123456.", "123456~a", "000000", "1234567890", "8888888", "!QAZ2wsx", "1qaz2wsx", "1QAZ2wsx", "1q2w3e4r", "abc123", "abc123456", "1qaz@WSX", "a11111", "a12345", "Aa1234", "Aa1234.", "Aa12345", "123456a", "123456aa", "a123456", "a123123", "Aa123123", "Aa123456", "Aa12345.", "sysadmin", "system", "1234qwer!@#$", "1qaz@WSX1qaz", "QAZwsxEDC"}
var PASSWORDS = []string{" ", "123456", "admin", "admin123", "root", "5201314", "pass123", "pass@123", "password", "123123", "654321", "111111", "123", "1", "admin@123", "Admin@123", "admin123!@#", "1234qwer!@#$", "1qaz@WSX1qaz", "QAZwsxEDC", "{user}", "{user}1", "{user}12", "{user}111", "{user}123", "{user}1234", "{user}12345", "{user}123456", "{user}@123", "{user}_123", "{user}#123", "{user}@111", "{user}@2019", "P@ssw0rd!", "P@ssw0rd", "Passw0rd", "qwe123", "12345678", "test", "test123", "123qwe!@#", "123456789", "123321", "666666", "a123456.", "123456~a", "000000", "1234567890", "8888888", "!QAZ2wsx", "1qaz2wsx", "1QAZ2wsx", "1q2w3e4r", "abc123", "abc123456", "1qaz@WSX", "a11111", "a12345", "Aa1234", "Aa1234.", "Aa12345", "123456a", "123456aa", "a123456", "a123123", "Aa123123", "Aa123456", "Aa12345.", "sysadmin", "system"}
2 changes: 1 addition & 1 deletion core/crackmodule/httpbasic.go
Original file line number Diff line number Diff line change
Expand Up @@ -39,7 +39,7 @@ func (h HttpBasic) Exec() CrackResult {
result := CrackResult{Crack: *h.Crack, Result: false, Err: nil}

clt := http.Client{}
if !strings.HasPrefix(h.Ip, "http://") {
if !strings.HasPrefix(h.Ip, "http") {
gologger.Errorf("Invalid URL, eg: http://%s", h.Ip)
}
req, _ := http.NewRequest("POST", h.Ip, nil)
Expand Down
2 changes: 1 addition & 1 deletion core/crackmodule/jenkins.go
Original file line number Diff line number Diff line change
Expand Up @@ -43,7 +43,7 @@ func (j Jenkins) Exec() CrackResult {
result := CrackResult{Crack: *j.Crack, Result: false, Err: nil}

clt := http.Client{}
if !strings.HasPrefix(j.Ip, "http://") {
if !strings.HasPrefix(j.Ip, "http") {
gologger.Errorf("Invalid URL, eg: http://%s", j.Ip)
}
req, _ := http.NewRequest("GET", j.Ip+"/login", nil)
Expand Down
2 changes: 1 addition & 1 deletion core/crackmodule/phpmyadmin.go
Original file line number Diff line number Diff line change
Expand Up @@ -43,7 +43,7 @@ func (p Phpmyadmin) Exec() CrackResult {
result := CrackResult{Crack: *p.Crack, Result: false, Err: nil}

clt := http.Client{}
if !strings.HasPrefix(p.Ip, "http://") {
if !strings.HasPrefix(p.Ip, "http") {
gologger.Errorf("Invalid URL, eg: http://%s", p.Ip)
}
req, _ := http.NewRequest("GET", p.Ip, nil)
Expand Down
2 changes: 1 addition & 1 deletion core/crackmodule/zabbix.go
Original file line number Diff line number Diff line change
Expand Up @@ -43,7 +43,7 @@ func (z Zabbix) Exec() CrackResult {
result := CrackResult{Crack: *z.Crack, Result: false, Err: nil}

clt := http.Client{}
if !strings.HasPrefix(z.Ip, "http://") {
if !strings.HasPrefix(z.Ip, "http") {
gologger.Errorf("Invalid URL, eg: http://%s", z.Ip)
}
req, _ := http.NewRequest("GET", z.Ip, nil)
Expand Down

0 comments on commit e067a49

Please sign in to comment.