Shulou(Shulou.com)06/01 Report--

This article mainly introduces the method of obtaining phpMyAdmin information in batches, which is very detailed and has certain reference value. Friends who are interested must finish reading it!

By antian365 simeon

In the previous topic, it was introduced that phpMyAdmin violently cracked the password of Mysql Root account. the premise of blasting is to know which websites or url exist phpMyAdmin, in other words, how to obtain these URL, there is too much interference from using search engines such as Google and Baidu to search for the keyword "phpMyAdmin". According to the author's research, Zoomeye.org and shodan.io search engines are more effective for batch keyword retrieval, after loopholes appear. Through these two search engines can be batch penetration, the following describes how to apply.

Shodan search engine uses

1.1 use shodan to search for keywords

Use shodan.io to search is very simple, users can register for free, after registration can be used to log on to the website, enter keywords in its input box for retrieval, as shown in figure 1, enter "phpMyAdmin", and then click the search icon, the system will automatically search. You can also search directly using the link address:

Https://www.shodan.io/search?query=phpMyAdmin

Figure 1 using shodan search engine to search for keywords

1.2 Multi-keyword search

If you do not log in in the shodan search engine, you can only view the simplest results. In the search results interface, you can view a country, Services, and so on. By default, shodan search engines are displayed in terms of "TOP COUNTRIES", "TOP SERVICES", "TOP ORGANIZATIONS", "TOP OPERATING SYSTEMS" and "TOP PRODUCTS". Free users can only search the first five pages of results. As shown in figure 2, you can add a country to the search keyword or click on the map on the left. For example, the following keywords: phpMyAdmin country: "CN" product: "Apache httpd" means the search keyword "phpMyAdmin", the country is China, and the product type is "Apache httpd".

Figure 2 search with keywords

1.3 View search results

In the search results record, you can see that each record contains "phpMyAdmin", and then there is a Details below. Clicking this link will display details about the opening of the IP port, as shown in figure 3, and the possible geographic information of the IP will be displayed as a map by default in this information.

Figure 3. View the details of the search IP.

1.4 Test and collect URL addresses

If you are only looking at the details of the keywords, you can click the keyword link address in the search results. It is recommended to use a new window to open the link address, as shown in figure 4. After the search results "http://123.56.190.193/" is opened, it will be the login interface of phpMyAdmin. If it can be opened correctly and realistic, copy the URL to the txt file for collection." As shown in figure 5, organize the same type of url into a txt file for later use.

Figure 4 tests whether the URL address can be opened correctly

Figure 5 sorting out the URL address

1.5 search restrictions

When you use shodan to search for 5 pages, you will be prompted to buy, otherwise you will not be able to use it. At this time, you can search with different keywords, such as selecting different products, different countries, etc., as shown in figure 6. There are no restrictions after buying members.

Figure 6 search restrictions

1.6 skills

Adding ".zip", "index of", "wwwroot.rar", ".tar.gz" to the search keywords may obtain the source code and directory disclosure vulnerabilities, obtain the root account and password through the source code, and directly export a sentence through the query to get webshell.

Using the zoomeye search keyword is similar to shadon, for example, use the link below to directly search Beijing, China, and the keyword is phpmyadmin. The effect is shown in figure 7. There is no limit on the number of entries after zoomeye registration.

Https://www.zoomeye.org/search?q=phpMyAdmin country%3AChina country:China city:Beijin

Figure 7 search using zoomeye

The above is all the contents of this article entitled "how to get phpMyAdmin Information in bulk". Thank you for reading! Hope to share the content to help you, more related knowledge, welcome to follow the industry information channel!

Welcome to subscribe "Shulou Technology Information " to get latest news, interesting things and hot topics in the IT industry, and controls the hottest and latest Internet news, technology news and IT industry trends.