alice1017/phpmyadmin_attack.py

## phpmyadmin_attack.py
#!/usr/bin/env python
#coding: utf-8

import urllib2
import sys

access_url = [
	"/index.php",
	"/admin/pma/index.php",
	"/admin/phpmyadmin/index.php",
	"/db/index.php",
	"/dbadmin/index.php",
	"/myadmin/index.php",
	"/mysql/index.php",
	"/mysqladmin/index.php",
	"/typo3/phpmyadmin/index.php",
	"/phpadmin/index.php",
	"/phpMyAdmin/index.php",
	"/phpmyadmin1/index.php",
	"/phpmyadmin2/index.php",
	"/web/phpMyAdmin/index.php",
	"/xampp/phpmyadmin/index.php",
	"/web/index.php",
	"/php-my-admin/index.php",
	"/websql/index.php",
	"/phpmyadmin/index.php",
	"/phpMyAdmin/index.php",
	"/phpMyAdmin-2/index.php",
	"/php-my-admin/index.php",
	"/phpMyAdmin-2.2.3/index.php",
	"/phpMyAdmin-2.2.6/index.php",
	"/phpMyAdmin-2.5.1/index.php",
	"/phpMyAdmin-2.5.4/index.php",
	"/phpMyAdmin-2.5.5-rc1/index.php",
	"/phpMyAdmin-2.5.5-rc2/index.php",
	"/phpMyAdmin-2.5.5/index.php",
	"/phpMyAdmin-2.5.5-pl1/index.php",
	"/phpMyAdmin-2.5.6-rc1/index.php",
	"/phpMyAdmin-2.5.6-rc2/index.php",
	"/phpMyAdmin-2.5.6/index.php",
	"/phpMyAdmin-2.5.7/index.php",
	"/phpMyAdmin-2.5.7-pl1/index.php",
]

def attack(dest):
	for url in access_url:
		attack_path = "http://"+dest+url
		user_agent = ""
		req = urllib2.Request(attack_path)
		req.add_header("User-Agent", user_agent)
		opener = urllib2.build_opener()
		try:
			response = opener.open(req)
		except:
			continue

		if response.code == 200:
			print url

if __name__ == "__main__":
	dest = sys.argv[1]
	attack(dest)
	#!/usr/bin/env python
	#coding: utf-8

	import urllib2
	import sys

	access_url = [
	"/index.php",
	"/admin/pma/index.php",
	"/admin/phpmyadmin/index.php",
	"/db/index.php",
	"/dbadmin/index.php",
	"/myadmin/index.php",
	"/mysql/index.php",
	"/mysqladmin/index.php",
	"/typo3/phpmyadmin/index.php",
	"/phpadmin/index.php",
	"/phpMyAdmin/index.php",
	"/phpmyadmin1/index.php",
	"/phpmyadmin2/index.php",
	"/web/phpMyAdmin/index.php",
	"/xampp/phpmyadmin/index.php",
	"/web/index.php",
	"/php-my-admin/index.php",
	"/websql/index.php",
	"/phpmyadmin/index.php",
	"/phpMyAdmin/index.php",
	"/phpMyAdmin-2/index.php",
	"/php-my-admin/index.php",
	"/phpMyAdmin-2.2.3/index.php",
	"/phpMyAdmin-2.2.6/index.php",
	"/phpMyAdmin-2.5.1/index.php",
	"/phpMyAdmin-2.5.4/index.php",
	"/phpMyAdmin-2.5.5-rc1/index.php",
	"/phpMyAdmin-2.5.5-rc2/index.php",
	"/phpMyAdmin-2.5.5/index.php",
	"/phpMyAdmin-2.5.5-pl1/index.php",
	"/phpMyAdmin-2.5.6-rc1/index.php",
	"/phpMyAdmin-2.5.6-rc2/index.php",
	"/phpMyAdmin-2.5.6/index.php",
	"/phpMyAdmin-2.5.7/index.php",
	"/phpMyAdmin-2.5.7-pl1/index.php",
	]

	def attack(dest):
	for url in access_url:
	attack_path = "http://"+dest+url
	user_agent = ""
	req = urllib2.Request(attack_path)
	req.add_header("User-Agent", user_agent)
	opener = urllib2.build_opener()
	try:
	response = opener.open(req)
	except:
	continue

	if response.code == 200:
	print url

	if __name__ == "__main__":
	dest = sys.argv[1]
	attack(dest)