吾爱破解 - 52pojie.cn

 找回密码
 注册[Register]

QQ登录

只需一步,快速开始

查看: 11676|回复: 69
收起左侧

[原创工具] Sqlserver 爆破IP扫描

  [复制链接]
豪~豪 发表于 2022-10-14 10:29
本帖最后由 豪~豪 于 2022-10-14 11:02 编辑

Snipaste_2022-10-14_10-25-56.jpg

用来检测,当前服务器的Sqlserver数据库是否被人进行暴力破解,获取暴力破解的IP然后用火绒添加IP黑名单
Sqlserver 爆破IP扫描.zip (967.73 KB, 下载次数: 815)

免费评分

参与人数 5吾爱币 +8 热心值 +5 收起 理由
mafangyu + 1 用心讨论,共获提升!
catoo1 + 1 我很赞同!
myj520 + 1 我很赞同!
lbwnba + 1 + 1 谢谢@Thanks!
风之暇想 + 7 + 1 感谢发布原创作品,吾爱破解论坛因你更精彩!

查看全部评分

发帖前要善用论坛搜索功能,那里可能会有你要找的答案或者已经有人发布过相同内容了,请勿重复发帖。

咬字分开念 发表于 2023-8-30 11:56

直接用这个可以屏蔽90%的攻击,转载自github
保存为BAT文件用管理员权限执行,或者管理员权限打开CMD,把下列代码复制粘贴到窗口也行
以下设置可以杜绝90%的网络攻击
echo 国内ip头
echo 1 14 27 36 39 42 43 45 47 49 54 58 59 60 61 91 101 103 106 110 111 112 113 114   
echo 115 116 117 118 119 120 121 122 123 124 125 139 140 144 150 152 153 157 159 161 162      
echo 163 166 167 168 171 175 180 182 183 192 202 203 210 211 218 219 220 221 222 223
echo (推荐使用)国内有攻击历史的ip记录,来自阿里云和腾讯云服务器的防火墙记录,不定期更新.
netsh advfirewall firewall delete rule name="bipauto"
netsh advfirewall firewall add rule name="bipauto" dir=in action=block remoteip="1.117.84.10/24,113.214.202.66/16,123.54.5.243/16,171.14.232.11/16,1.197.57.102/16,123.55.236.199/16,182.85.163.215/16,182.103.26.225/16,115.229.99.224/16,47.104.222.24/16,122.238.169.5/24,111.76.16.178/16,59.63.149.142/16,106.5.174.237/16,180.166.110.118/16,112.74.183.13/16,223.111.175.28/16,125.137.226.192/16,36.110.94.50/24,118.250.104.210,219.140.94.167,123.234.220.54,185.180.143.93/24,120.79.74.110/24,123.11.145.124/24,101.133.224.200/24,139.224.112.219/24,111.208.112.90/16,223.166.200.237/24,211.206.123.19/16,1.71.138.48/16,117.82.138.248/16,211.143.16.182/16,120.236.76.102/24,36.91.222.100/16,218.108.2.2/16,60.188.42.106/24,111.4.143.190/24,125.74.196.246/24,59.46.11.45/24,114.246.179.221/24,113.24.60.244/24,221.231.5.138/24,58.222.49.68/24,183.63.83.43/24,117.156.220.7/24,114.242.49.4/24,202.189.7.70/24,121.229.62.115/24,120.48.68.102/24,106.12.166.145/24,42.51.38.6/24,121.4.206.69/24,101.89.200.235/24,49.235.243.151/24,223.240.111.62/24,140.246.217.234/24,101.34.120.231/24,106.12.73.144/24,114.132.69.46/24,182.61.1.233/24,121.5.195.247/24,124.220.173.80/24,120.48.115.235/24,150.158.166.147/24,124.222.76.39/24,101.34.245.224/24,43.138.144.184/24,159.75.136.222/24,175.24.112.196/24,110.42.215.105/24,49.234.98.113/24,43.143.221.8/24,150.158.48.16/24,106.52.93.84/24,43.143.93.20/24,49.232.200.45/24,112.35.164.146/24,27.150.25.169/24,117.25.149.164/24,112.33.17.50/24"

echo (推荐使用)下面是境外ip加强版屏蔽排除cloudflare
echo 2-13 15-26 28-35 37-38 40-41 44 46 48 50-53 55-57 62-90 92-100 102
echo 104-105 107-109 126-138 141-143 145-149 151 154-157 158 160 164-165 169-170 172-175
echo 176-179 181 184-191 193-201204-209 212-217 224-255
netsh advfirewall firewall delete rule name="bipautob"
netsh advfirewall firewall add rule name="bipautob" dir=in action=block remoteip="2.0.0.0-8.134.0.0,8.135.0.0-8.219.0.0,8.220.0.0-10.0.0.0,10.169.0.0-14.0.0.0,15.0.0.0-27.0.0.0,28.0.0.0-36.0.0.0,37.0.0.0-39.0.0.0,40.0.0.0-42.0.0.0,43.249.233.136/16,44.0.0.0/8,45.93.201.74/16,45.143.201.62/16,46.0.0.0/8,48.0.0.0/8,50.0.0.0-54.0.0.0,55.0.0.0-58.0.0.0,62.0.0.0-91.0.0.0,92.0.0.0-101.0.0.0,102.0.0.0/8,103.40.101.12/16,103.72.144.42/16,103.146.42.200/16,103.171.1.13/16,103.180.148.167/16,103.203.57.22/16,104.0.0.0-104.16.0.0,104.23.255.255-104.24.0.0,104.27.255.255-106.0.0.0,107.0.0.0-108.162.192.0,108.162.255.255-110.0.0.0,110.171.165.57/16,113.190.245.2/16,121.185.127.84/16,125.135.94.67/16,126.0.0.0-131.0.72.0,131.0.75.255-139.0.0.0,141.0.0.0-141.101.64.0,141.101.127.255-144.0.0.0,145.0.0.0-150.0.0.0,151.0.0.0/8,152.89.196.122/16,153.127.69.78/16,154.0.0.0-157.0.0.0,158.0.0.0/8,160.0.0.0/8,161.35.205.162/16,164.0.0.0-166.0.0.0,167.94.138.62/16,169.0.0.0-171.0.0.0,172.0.0.0-172.18.0.0,172.19.0.0-172.64.0.0,172.71.255.255-173.245.48.0,173.245.63.255-175.0.0.0,176.0.0.0-180.0.0.0,181.0.0.0/8,184.0.0.0-188.114.96.1,188.114.111.255-190.93.240.0,190.93.255.255-192.167.255.255,192.241.212.15/16,193.0.0.0-198.41.128.1,198.42.0.0-202.0.0.0,202.239.224.29/16,204.0.0.0-210.0.0.0,212.0.0.0-218.0.0.0,224.0.0.0-254.255.0.0"
echo done



## 如果需要指定端口,请参考下面酌情修改
netsh advfirewall firewall add rule name="bipautoc" dir=in localport=3389,3433,1433-1434 protocol=TCP action=block remoteip=""
ldwz 发表于 2022-10-14 10:33
以前很多。现在基本没有 SA是空的了吧。除非是内网、
 楼主| 豪~豪 发表于 2022-10-14 10:38
ldwz 发表于 2022-10-14 10:33
以前很多。现在基本没有 SA是空的了吧。除非是内网、

我现在的服务器就被人暴力破解数据库密码
紫轩冰凌 发表于 2022-10-14 10:59
ldwz 发表于 2022-10-14 10:33
以前很多。现在基本没有 SA是空的了吧。除非是内网、

也不排除有憨货 懒
错的是世界 发表于 2022-10-14 11:06
数据库只要往外开放了,就会有人来爆,不偷懒,不使用默认用户名,安全度还是比较高的
pan3363 发表于 2022-10-14 11:12
就会有人来爆
flyingdancex 发表于 2022-10-14 12:16
暴破得有好的字典吧
Futurewing 发表于 2022-10-14 12:29
收藏先,单位数据库曾经被搞过
allenzhu 发表于 2022-10-14 13:22
支持所以的SqlServer版本吗?还是只支持个别版本的扫描
marco007 发表于 2022-10-14 14:14
非常nice 支持楼主一下
您需要登录后才可以回帖 登录 | 注册[Register]

本版积分规则

返回列表

RSS订阅|小黑屋|处罚记录|联系我们|吾爱破解 - LCG - LSG ( 京ICP备16042023号 | 京公网安备 11010502030087号 )

GMT+8, 2024-12-24 04:03

Powered by Discuz!

Copyright © 2001-2020, Tencent Cloud.

快速回复 返回顶部 返回列表