md5联表爆破代码，主要是存储过程

今天小杰分享md5连表爆破代码，主要是存储过程，不要做坏事啊，性能可能略有问题

1	今天小杰分享md5连表爆破代码，主要是存储过程，不要做坏事啊，性能可能略有问题

方法1

1

方法1

DELIMITER $$
DROP PROCEDURE IF EXISTS `crack`.`think_user_md5` $$
CREATE PROCEDURE `crack`.`think_user_md5`&nbsp;

1

2

3

DELIMITER $$

DROP PROCEDURE IF EXISTS `crack`.`think_user_md5` $$

CREATE PROCEDURE `crack`.`think_user_md5` 

(INOUT p_in int,INOUT p_out int)
BEGIN
 DECLARE no_more_pw INT DEFAULT 0;
 DECLARE md5_code,user_name_code VARCHAR(64);
 DECLARE cur_pw CURSOR FOR SELECT PASSWORD FROM

1

2

3

4

5

(INOUT p_in int,INOUT p_out int)

BEGIN

DECLARE no_more_pw INT DEFAULT 0;

DECLARE md5_code,user_name_code VARCHAR(64);

DECLARE cur_pw CURSOR FOR SELECT PASSWORD FROM

 crack.ecs_admin_user limit 1000;&nbsp;

1	crack.ecs_admin_user limit 1000;

/*First: Delcare a cursor,首先这里对游标进行定义*/
 DECLARE CONTINUE HANDLER FOR NOT FOUND SET no_more_pw = 1;&nbsp;

1 2	/First: Delcare a cursor,首先这里对游标进行定义/ DECLARE CONTINUE HANDLER FOR NOT FOUND SET no_more_pw = 1;

/*when "not found" occur,just continue,这个是个条件处理,针对NOT FOUND的条件*/
WHILE p_in &lt;= p_out DO
     set no_more_pw = 0;
   OPEN cur_pw; /*Second: Open the cursor 接着使用OPEN打开游标*/
   FETCH cur_pw INTO md5_code; /*Third: now you can Fetch the row 把第一行数据写入变量中,游标也随之指向了记录的第一行*/
   REPEAT
        -- select p_in,MD5(p_in),md5_code;
    if STRCMP(MD5(p_in),md5_code) = 0 then
            select group_concat(user_name) into user_name_code from crack.ecs_admin_user where `password` = md5_code GROUP BY PASSWORD;
       select user_name_code,p_in,md5_code;
            set no_more_pw = 1;
       -- set p_in=p_out;
    end if;
    FETCH cur_pw INTO md5_code;
   UNTIL no_more_pw = 1
   END REPEAT;
   CLOSE cur_pw; /*Finally: cursor need be closed 用完后记得用CLOSE把资源释放掉*/
   SET p_in=p_in+1;
END WHILE;
END $$
DELIMITER ;
set @p_in=123455;
set @p_out=198907;
call think_user_md5(@p_in,@p_out);

1

2

3

4

5

6

7

8

9

10

11

12

13

14

15

16

17

18

19

20

21

22

23

24

/*when "not found" occur,just continue,这个是个条件处理,针对NOT FOUND的条件*/

WHILE p_in <= p_out DO

set no_more_pw = 0;

OPEN cur_pw; /*Second: Open the cursor 接着使用OPEN打开游标*/

FETCH cur_pw INTO md5_code; /*Third: now you can Fetch the row 把第一行数据写入变量中,游标也随之指向了记录的第一行*/

REPEAT

-- select p_in,MD5(p_in),md5_code;

if STRCMP(MD5(p_in),md5_code) = 0 then

select group_concat(user_name) into user_name_code from crack.ecs_admin_user where `password` = md5_code GROUP BY PASSWORD;

select user_name_code,p_in,md5_code;

set no_more_pw = 1;

-- set p_in=p_out;

end if;

FETCH cur_pw INTO md5_code;

UNTIL no_more_pw = 1

END REPEAT;

CLOSE cur_pw; /*Finally: cursor need be closed 用完后记得用CLOSE把资源释放掉*/

SET p_in=p_in+1;

END WHILE;

END $$

DELIMITER ;

set @p_in=123455;

set @p_out=198907;

call think_user_md5(@p_in,@p_out);

1

方法2：

1

方法2：

<hr />

<pre class="prettyprint lang-php">show FUNCTION
select count(1) from crack_md5;
select * from crack_md5 limit 100;
select strcmp('1d','1d')
show full processlist;

select * from ecs_admin_user;
select * from crack_md5;
select MD5(1);
drop procedure think_user_md5;
create procedure think_md5(INOUT p_in int,INOUT p_out int,INOUT md5_str varchar(64))
begin
while p_in &lt;= p_out DO
   while select user_name,password from ecs_admin_user DO
   
    if STRCMP(MD5(p_in),user_name) = 0 then
  select p_in,user_name;
  set p_in=p_out;
  end if;
   end while;
set p_in=p_in+1;
end while;
end;
select MD5(19890516);
select MD5(123456);
set @p_in=15000000;
set @p_out=19891111;
set @md5_str='135aba9c78e899c7a4013f013fcd8205';
call think_md5(@p_in,@p_out,@md5_str);

1

2

3

4

5

6

7

8

9

10

11

12

13

14

15

16

17

18

19

20

21

22

23

24

25

26

27

28

29

30

31

<hr />

<pre class="prettyprint lang-php">show FUNCTION

select count(1) from crack_md5;

select * from crack_md5 limit 100;

select strcmp('1d','1d')

show full processlist;

select * from ecs_admin_user;

select * from crack_md5;

select MD5(1);

drop procedure think_user_md5;

create procedure think_md5(INOUT p_in int,INOUT p_out int,INOUT md5_str varchar(64))

begin

while p_in <= p_out DO

while select user_name,password from ecs_admin_user DO

if STRCMP(MD5(p_in),user_name) = 0 then

select p_in,user_name;

set p_in=p_out;

end if;

end while;

set p_in=p_in+1;

end while;

end;

select MD5(19890516);

select MD5(123456);

set @p_in=15000000;

set @p_out=19891111;

set @md5_str='135aba9c78e899c7a4013f013fcd8205';

call think_md5(@p_in,@p_out,@md5_str);

Hi，您需要填写昵称和邮箱！