Hello aspiring hackers, It's been a while since I wrote a tutorial, so I figured I might just share one of the tools that I have created to help the community grow.
Let's say, that we have done all the recon(both passive and active) and we have scanned the web server for any vulnerabilities, and unfortunately we haven't got any server-side vulnerabilities but just a few client-side vulnerabilites and we all know how that isn't much help sometimes. So you scan for open ports and find that we have a 3306 port open(default port for mysql server). That's really good, if we can get access to it, cos we can upload shells and add more users to the database and other cool stuff. So let's begin...
So python, has a module that we gonna use for the tool. You will just have to install the module for your OS. And for the socks module as well, I'm sorry i don't have a link, but if you google it, you should find it easily. And that's what we will be using for anonymity.(We will be bruteforcing through the TOR network, so it will be slow). But you can just comment that line of code out if you want better speed or something...
Since we gonna be bruteforcing, it is obvious that speeds is very important, so I included threading, so that we can be bruteforcing about 10 passwords at once. That will be really loud, but I think it's worth it. And also, we on TOR, so I guess we kinda safe.
So our mysql_brute function is where the magic happens, so what happens is, when we try to connect to the target server with the username and password and it fails, then we know that's not it. (I know right, that simple), but if we are successful, they our code variable changes and we know we got a hit.
And for the threader, it just gets the value of the password from the queue to try and passes it to the function.
Thanks for taking the time to read this. Well, if you have any questions, just ask and I will get to you as soon as i can. Happy hacking.
God bless you.