1120362990/vulnerability-list
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

test hydra

Browse Source
This commit is contained in:
rpkr
2019-03-14 20:42:50 +08:00
parent 80f80fcf3f
commit f87e0b743b
35 changed files with 10235 additions and 6 deletions
Download Patch File Download Diff File Expand all files Collapse all files

56
bf_dicts/CISCO-equitment-passwd.txt Normal file
View File

@@ -0,0 +1,56 @@
admin
cisco
netadmin
private
1234
root
super
abc123
router
public
pento
password
123456
sysadm
default
iloveyou
qq123456
taobao
wang1234
switch
backdoor
recovery
secure
anicust
d.e.b.u.g
ADTRAN
installer
surt
NetICs
adminttd
D-Link
tech
private
synnet
adtran
hello
security
guest
smile
support
PASSWORD
changeme2
ascend
netopia
echo
pass
corecess
Manager
secret
BRIDGE
atc123
Password
superuser
123456
emradmin
12345678

67
bf_dicts/DB2-passwd.txt Normal file
View File

@@ -0,0 +1,67 @@
123
123123
123456
12345678
!@#
!@#$%^
!@#$%^&*
111111
666666
abc
test
888888
fgh@#$
123321
|+_)(
Admin123
88888888
66666666
test123
master
admin
root
11111111
000000
8888
6666
123!@#
00000000
1234567
aaaaaa
654321
999999
222222
password
abcdefg
woaini
iloveyou
exit
99999999
333333
444444
555555
6543210
111222
asdfghjkl
abc123
666888
zzzzzz
abcd1234
1234
12345
abcd
abcde
abcdef
abcdefg
abcdefgh
abcdefghi
Admin123
123qwe
qazwsx
qweasd
asdfjkl;
`1234567890-=
1234567890-=
!@#$%^&*()_+
~!@#$%^&*()_+

5
bf_dicts/DB2-user.txt Normal file
View File

@@ -0,0 +1,5 @@
db2inst1
db2admin
Administrator
db2fenc1
dasusr1

79
bf_dicts/FTP-passwd.txt Normal file
View File

@@ -0,0 +1,79 @@
pssword
123
123123
123456
12345678
test
xiaoming
!@#
!@#$%^
!@#$%^&*
111111
666666
abc
888888
qq123456
qwe!@#
taobao
wang1234
qwe!@#123
123321
|+_)(
Admin123
88888888
66666666
111111
guest
test123
master
admin
root
11111111
000000
8888
6666
123!@#
00000000
1234567
aaaaaa
654321
999999
222222
password
abcdefg
woaini
iloveyou
exit
99999999
333333
444444
555555
999999
000000
00000000
6543210
111222
asdfghjkl
abc123
666888
zzzzzz
abcd1234
Guest123
1234
12345
ab
abcd
abcde
abcdef
abcdefg
abcdefgh
abcdefghi
Admin123
123qwe
qazwsx
qweasd
asdfjkl;
`1234567890-=
1234567890-=
!@#$%^&*()_+
~!@#$%^&*()_+

7
bf_dicts/FTP-user.txt Normal file
View File

@@ -0,0 +1,7 @@
desc
ftp
root
anonymous
guest
Administrator
user

75
bf_dicts/MONGODB-passwd.txt Normal file
View File

@@ -0,0 +1,75 @@
123
123123
123456
12345678
!@#
!@#$%^
!@#$%^&*
111111
666666
abc
test
888888
123321
|+_)(
changeMe
Admin123
testpass
88888888
66666666
111111
guest
test123
master
admin
root
11111111
000000
8888
6666
123!@#
00000000
1234567
aaaaaa
654321
999999
222222
password
abcdefg
woaini
iloveyou
exit
99999999
333333
444444
555555
999999
000000
00000000
6543210
111222
asdfghjkl
abc123
666888
zzzzzz
abcd1234
Guest123
1234
12345
ab
abcd
abcde
abcdef
abcdefg
abcdefgh
abcdefghi
Admin123
123qwe
qazwsx
qweasd
asdfjkl;
`1234567890-=
1234567890-=
!@#$%^&*()_+
~!@#$%^&*()_+

10
bf_dicts/MONGODB-user.txt Normal file
View File

@@ -0,0 +1,10 @@
admin
root
user
test
accountAdmin01
testuser
accountUser
reportsUser
appAdmin
mongouser

9
bf_dicts/Main_bf.py Normal file
View File

@@ -0,0 +1,9 @@
# -*- coding: utf-8 -*-
import bf_dicts.bf
def exec(service,ip,port):
bf_dicts.bf.attack(service,ip,port)
if __name__ == "__main__":
exec()

54
bf_dicts/Microsoft_SQL_Server-passwd.txt Normal file
View File

@@ -0,0 +1,54 @@
password
0
1
2
3
4
5
6
7
8
9
123
456
1234
123456
123456
1212
12345678
23456789
246
249
369
777
888
7878
8787
8888
518
911
1022
92072
111111
121212
123123
123456
Sa
sA
SA
a12345
a1b2c3
a1b2c3d4
fgh@#$
qwe!@#
aaa
aaaaaa
abby
abc
abc123
ABC123
abcd
abcd1234
abcde
Abcdef
abcdef

10
bf_dicts/Microsoft_SQL_Server-user.txt Normal file
View File

@@ -0,0 +1,10 @@
sa
probe
repl_publisher
repl_subscriber
distributor_admin
admin
Administrator
guest
test
root

74
bf_dicts/MySQL-passwd.txt Normal file
View File

@@ -0,0 +1,74 @@
123
123123
123456
12345678
!@#
!@#$%^
!@#$%^&*
111111
666666
abc
test
888888
fgh@#$
qwe!@#
123321
|+_)(
Admin123
88888888
66666666
111111
guest
test123
master
admin
root
11111111
000000
8888
6666
123!@#
00000000
1234567
aaaaaa
654321
999999
222222
password
abcdefg
woaini
iloveyou
exit
99999999
333333
444444
555555
999999
000000
00000000
6543210
111222
asdfghjkl
abc123
666888
zzzzzz
abcd1234
Guest123
1234
12345
ab
abcd
abcde
abcdef
abcdefg
abcdefgh
abcdefghi
Admin123
123qwe
qazwsx
qweasd
asdfjkl;
`1234567890-=
1234567890-=
!@#$%^&*()_+
~!@#$%^&*()_+

5
bf_dicts/MySQL-user.txt Normal file
View File

@@ -0,0 +1,5 @@
root
mysql
test
user
guest

21
bf_dicts/ORACLE-passwd.txt Normal file
View File

@@ -0,0 +1,21 @@
SYSTEM
system
123456
abc123
xiaoming
12345678
iloveyou
admin
qq123456
taobao
root
wang1234
MANAGER
CHANGE_ON_INSTALL
internal
123456
8888
888888
1234
fgh@#$
qwe!@#

28
bf_dicts/ORACLE-user.txt Normal file
View File

@@ -0,0 +1,28 @@
SYSTEM
SYS
DBSNMP
SCOTT
OUTLN
MDSYS
ORDSYS
WKSYS
OLAPDBA
CTXSYS
OLAPSYS
ORDPLUGINS
QS_CBADM
demo
ORACLE
missys
RMAN
QS_OS
QS_ES
SH
PM
OE
HR
QS_WS
QS
QS_ADM
QS_CS
QS_CB

77
bf_dicts/POP3-passwd.txt Normal file
View File

@@ -0,0 +1,77 @@
123
123123
123456
12345678
test
xiaoming
!@#
!@#$%^
!@#$%^&*
111111
666666
abc
888888
qq123456
taobao
wang1234
123321
|+_)(
Admin123
88888888
66666666
111111
guest
test123
master
admin
root
11111111
000000
8888
6666
123!@#
00000000
1234567
aaaaaa
654321
999999
222222
password
abcdefg
woaini
iloveyou
exit
99999999
333333
444444
555555
999999
000000
00000000
6543210
111222
asdfghjkl
abc123
666888
zzzzzz
abcd1234
Guest123
1234
12345
ab
abcd
abcde
abcdef
abcdefg
abcdefgh
abcdefghi
Admin123
123qwe
qazwsx
qweasd
asdfjkl;
`1234567890-=
1234567890-=
!@#$%^&*()_+
~!@#$%^&*()_+
fgh@#$

3
bf_dicts/POP3-user.txt Normal file
View File

@@ -0,0 +1,3 @@
desc
test@example.com
root@example.com

79
bf_dicts/RDP-passwd.txt Normal file
View File

@@ -0,0 +1,79 @@
123
123123
123456
12345678
!@#
!@#$%^
!@#$%^&*
111111
666666
abc
test
888888
qwe!@#
xiaoming
qq123456
taobao
wang1234
[level=3]
123321
|+_)(
Admin123
88888888
66666666
111111
guest
test123
master
admin
root
11111111
000000
8888
6666
123!@#
00000000
1234567
aaaaaa
654321
999999
222222
password
abcdefg
woaini
iloveyou
exit
99999999
333333
444444
555555
999999
000000
00000000
6543210
111222
asdfghjkl
abc123
666888
zzzzzz
abcd1234
Guest123
1234
12345
ab
abcd
abcde
abcdef
abcdefg
abcdefgh
abcdefghi
Admin123
123qwe
qazwsx
qweasd
asdfjkl;
`1234567890-=
1234567890-=
!@#$%^&*()_+
~!@#$%^&*()_+

3
bf_dicts/RDP-user.txt Normal file
View File

@@ -0,0 +1,3 @@
Administrator
Guest
test

78
bf_dicts/SMB-passwd.txt Normal file
View File

@@ -0,0 +1,78 @@
123
123123
123456
12345678
!@#
!@#$%^
!@#$%^&*
111111
666666
abc
test
888888
qwe!@#
xiaoming
qq123456
taobao
wang1234
123321
|+_)(
Admin123
88888888
66666666
111111
[level=4]
guest
test123
master
admin
root
11111111
000000
8888
6666
123!@#
00000000
1234567
aaaaaa
654321
999999
222222
password
abcdefg
woaini
iloveyou
exit
99999999
333333
444444
555555
999999
000000
00000000
6543210
111222
asdfghjkl
abc123
666888
zzzzzz
abcd1234
Guest123
1234
12345
ab
abcd
abcde
abcdef
abcdefg
abcdefgh
abcdefghi
Admin123
123qwe
qazwsx
qweasd
asdfjkl;
`1234567890-=
1234567890-=
!@#$%^&*()_+
~!@#$%^&*()_+

3
bf_dicts/SMB-user.txt Normal file
View File

@@ -0,0 +1,3 @@
Administrator
Guest
test

54
bf_dicts/SNMPpasswd.txt Normal file
View File

@@ -0,0 +1,54 @@
admin
cisco
netadmin
private
1234
root
super
router
public
pento
password
123456
sysadm
default
switch
backdoor
recovery
secure
anicust
d.e.b.u.g
ADTRAN
installer
surt
NetICs
adminttd
D-Link
tech
private
synnet
adtran
hello
security
guest
smile
support
PASSWORD
changeme2
ascend
netopia
echo
pass
corecess
Manager
secret
BRIDGE
atc123
Password
superuser
123456
emradmin
12345678
123qwe
qwe123
fgh@#$

79
bf_dicts/SSH-passwd.txt Normal file
View File

@@ -0,0 +1,79 @@
nsfocus123
123
123123
123456
12345678
!@#
!@#$%^
!@#$%^&*
111111
666666
abc
test
888888
xiaoming
qwe!@#
123321
|+_)(
qwe!@#123
Admin123
88888888
66666666
111111
guest
test123
master
admin
root
11111111
000000
8888
6666
123!@#
00000000
1234567
aaaaaa
654321
999999
222222
password
abcdefg
woaini
iloveyou
qq123456
taobao
wang1234
exit
99999999
333333
444444
555555
999999
000000
00000000
6543210
111222
asdfghjkl
abc123
666888
zzzzzz
abcd1234
Guest123
1234
12345
ab
abcd
abcde
abcdef
abcdefg
abcdefgh
abcdefghi
Admin123
123qwe
qazwsx
qweasd
asdfjkl;
`1234567890-=
1234567890-=
!@#$%^&*()_+
~!@#$%^&*()_+

6
bf_dicts/SSH-user.txt Normal file
View File

@@ -0,0 +1,6 @@
root
mysql
oracle
test
user
guest

17
bf_dicts/SYBASE-passwd.txt Normal file
View File

@@ -0,0 +1,17 @@
abc123
xiaoming
iloveyou
admin
SQL
dbopswd
rdrpswd
pkipasswd
sybase
fgh@#$
123qwe
123456
12345678
123
qq123456
taobao
wang1234

15
bf_dicts/SYBASE-user.txt Normal file
View File

@@ -0,0 +1,15 @@
admin
Mon_user
Dba
entldbdbo
entldbreader
jagadmin
PlAdmin
pkiuser
PortalAdmin
pso
dbo
probe
sybmail
test
sa

116
bf_dicts/TELNET-passwd.txt Normal file
View File

@@ -0,0 +1,116 @@
123
test
admin
cisco
netadmin
private
1234
root
super
router
public
pento
password
123456
sysadm
default
qwe!@#
switch
backdoor
recovery
secure
anicust
d.e.b.u.g
ADTRAN
installer
surt
NetICs
adminttd
D-Link
tech
private
synnet
adtran
hello
security
guest
smile
support
PASSWORD
changeme2
ascend
netopia
echo
pass
corecess
Manager
secret
BRIDGE
atc123
Password
superuser
123456
emradmin
12345678
123321
|+_)(
Admin123
88888888
66666666
111111
guest
test123
master
admin
root
11111111
000000
8888
6666
123!@#
00000000
1234567
aaaaaa
654321
999999
222222
password
abcdefg
woaini
iloveyou
exit
99999999
333333
444444
555555
999999
000000
00000000
6543210
111222
asdfghjkl
abc123
666888
zzzzzz
abcd1234
Guest123
1234
12345
ab
abcd
abcde
abcdef
abcdefg
abcdefgh
abcdefghi
Admin123
123qwe
qazwsx
qweasd
asdfjkl;
`1234567890-=
1234567890-=
!@#$%^&*()_+
~!@#$%^&*()_+
qwe!@#123

5
bf_dicts/TELNET-user.txt Normal file
View File

@@ -0,0 +1,5 @@
administrator
root
admin
test
guest

9
bf_dicts/TOMCAT-passwd.txt Normal file
View File

@@ -0,0 +1,9 @@
admin
tomcat
123
123456
root
fgh@#$
qwe!@#
admin123
admin123456

5
bf_dicts/TOMCAT-user.txt Normal file
View File

@@ -0,0 +1,5 @@
admin
tomcat
both
role1
root

1
bf_dicts/__init__.py Normal file
View File

@@ -0,0 +1 @@
# -*- coding: utf-8 -*-

23
bf_dicts/bf.py Normal file
View File

@@ -0,0 +1,23 @@
# -*- coding: utf-8 -*-
import docker
import os
'''
hydra
'''
def attack(service,ip,port):
if service == 'ftp':
os.chdir('bf_dicts')
os.system(f'hydra -L FTP-user.txt -P FTP-passwd.txt -V -s {port} {ip} {service}')
else:
print('Service for -'+service+'- not support!')
print(service,ip,port)
if __name__ == "__main__":
attack()

9141
bf_dicts/通用-常见口令列表.txt Normal file
View File

File diff suppressed because it is too large Load Diff

15
bf_dicts/通用-常见用户名列表.txt Normal file
View File

@@ -0,0 +1,15 @@
Administrator
root
test
system
admin
administrator
guest
ftp
user
guest
sa
manager
lp
sys
adm

6
iis/Main_iis.py
View File

@@ -5,13 +5,9 @@ import os
def exec(URL):
print('[+]开始检测-IIS短文件名漏洞。[+]')
#切换工作路径
os.chdir(os.path.realpath(__file__)[:38])
os.chdir('iis')
os.system("py -2 iis_shortname_Scan.py "+URL)
print('[+]检测完成-IIS短文件名漏洞。[+]')
if __name__ == "__main__":
exec()

6
moon.py
View File

@@ -15,6 +15,7 @@ import spring_vuln.Main_spring
import jboss.Main_jboss
import kindeditor.Main_kindeditor
import durpal.Main_durpal
import bf_dicts.Main_bf
if __name__ == "__main__":
@@ -70,7 +71,6 @@ modulip ipq
durpal.Main_durpal.exec(sys.argv[3])
else:
print('''
漏洞检测:
@@ -80,6 +80,10 @@ IP归属查询
userage: python -u ip www.xxxxx.com/xx.xx.xx.xx
modulip ipq
''')
elif sys.argv[1] == '-p':
print('[+]检测地址:'+sys.argv[2]+sys.argv[3]+sys.argv[4])
bf_dicts.Main_bf.exec(sys.argv[2],sys.argv[3],sys.argv[4])
else:
print('''
漏洞检测: