Google INURL - Brasil

domingo, 20 de fevereiro de 2011

Dork hacking para busca de c99

Para os espertinho que adoram um c99 safe off aé vai uma pequena lista de dork.

safe-mode: off (not secure) drwxrwxrwx c99shell
inurl:c99.php
inurl:c99.php uid=0(root)
root c99.php
"Captain Crunch Security Team" inurl:c99
download c99.php
download c99.php
download c99.php
inurl:c99.php
inurl:c99.php
allinurl: c99.php
inurl:c99.php
allinurl: c99.php
inurl:"/c99.php"
allinurl: c99.php
inurl:c99.php
inurl:"c99.php" c99shell
   inurl:c99.php uid=0(root)
   c99shell powered by admin
   c99shell powered by admin
inurl:"/c99.php"
inurl:c99.php
inurl:c99.php
inurl:c99.php
c99 shell v.1.0 (roots)
inurl:c99.php
allintitle: "c99shell"
inurl:"c99.php
inurl:"c99.php
allinurl: "c99.php"
inurl:c99.php
intitle:C99Shell v. 1.0 pre-release +uname
intitle:C99Shell v. 1.0 pre-release +uname
allinurl: "c99.php"
inurl:c99.php
inurl:"c99.php"
inurl:"c99.php"
inurl:c99.php
inurl:c99.php
inurl:c99.php
inurl:c99.php
inurl:"c99.php" c99shell
inurl:c99.php
inurl:"c99.php"
allinurl:c99.php
inurl:"/c99.php
inurl:c99.php?
inurl:/c99.php+uname
allinurl:"c99.php"
allinurl:c99.php
inurl:"c99.php"
inurl:"c99.php"
allinurl:c99.php
allinurl:c99.php?
allinurl:c99.php?
allinurl:c99.php?
"inurl:c99..php"
allinurl:c99.php
   c99shell [file on secure ok ]?
inurl:c99.php
inurl:c99.php
inurl:c99.php
inurl:c99.php
inurl:c99.php
inurl:c99.php
inurl:c99.php
inurl:c99.php
   powered by Captain Crunch Security Team
allinurl:c99.php
"c99.php" filetype:php
allinurl:c99.php
inurl:c99.php
allinurl:.c99.php
"inurl:c99.php"
c99. PHP-code Feedback Self remove
allinurl:c99.php
download c99.php
allinurl:c99.php
inurl:c99.php
allinurl: "c99.php"
allinurl:c99.php
allinurl:c99.php
c99shell
inurl:c99.php
inurl:c99.php
intitle:C99Shell v. 1.0 pre-release +uname
allinurl:"c99.php"
inurl:c99.php
inurl:c99.php
inurl:c99.php
inurl:c99.php
safe-mode: off (not secure) drwxrwxrwx c99shell
inurl:/c99.php
inurl:"c99.php"
inurl:c99.php
inurl:c99.php
c99.php download
   inurl:c99.php
inurl:"c99.php"
inurl:/c99.php
inurl:"c99.php?"
inurl:c99.php
inurl:c99.php
files/c99.php
c99shell filetype:php -echo
c99shell powered by admin
inurl:c99.php
inurl:c99.php
inurl:"c99.php"
inurl:c99.php uid=0(root)
allinurl:c99.php
inurl:"c99.php"
inurl:"c99.php"
inurl:"/c99.php" intitle:"C99shell"
inurl:"/c99.php" intitle:"C99shell"
inurl:"/c99.php" intitle:"C99shell"
C99Shell v. 1.0 pre-release build #5
inurl:c99.php
inurl:c99.php
--[ c99shell v. 1.0 pre-release build #16
c99shell linux infong
c99shell linux infong
C99Shell v. 1.0 pre-release build
!C99Shell v. 1.0 beta!
Encoder Tools Proc. FTP brute Sec. SQL PHP-code Update Feedback Self remove Logout
!c99shell v. 1+Safe-mode: OFF (not secure)
"C99Shell v. 1.0 pre-release build "
intitle:c99shell +filetype:php
inurl:c99.php
intitle:C99Shell v. 1.0 pre-release +uname
"Encoder Tools Proc. FTP brute Sec. SQL PHP-code Update Feedback Self remove Logout
Encoder Tools Proc. FTP brute Sec. SQL PHP-code Update Feedback Self remove Logout
intitle:!C99Shell v. 1.0 pre-release build #16! root
!C99Shell v. 1.0 pre-release build #5!
inurl:"c99.php"
C99Shell v. 1.0 pre-release build #16!
c99shell v. 1.0 pre-release build #16
intitle:c99shell intext:uname
allintext:C99Shell v. 1.0 pre-release build #12
c99shell v. 1.0 pre-release build #16
--[ c99shell v. 1.0 pre-release build #15 | Powered by ]--
allinurl: "c99.php"
allinurl: "c99.php"
Encoder Tools Proc. FTP brute Sec. SQL PHP-code Update Feedback Self remove Logout
"c99shell v 1.0"
ftp apache inurl:c99.php
c99shell+v.+1.0 16
C99Shell v. 1.0 pre-release build #16 download
intitle:c99shell "Software: Apache"
allinurl: c99.php
allintext: Encoder Tools Proc. FTP brute Sec. SQL PHP-code Update Feedback Self remove

Logout
powered by Captain Crunch Security Team
powered by Captain Crunch Security Team
!C99Shell v. 1.0 pre-release build #5!
c99shell v. 1.0 release security
c99shell v. 1.0 pre-release build
inurl:c99.php
c99shell [file on secure ok ]?
C99Shell v. 1.3
Encoder Tools Proc. FTP brute Sec. SQL PHP-code Update Feedback Self remove Logout
inurl:c99.php uid=0(root)
   powered by Captain Crunch Security Team
C99Shell v. 1.0 pre-release build #16
c99shell[on file]ok
c99shell[file on ]ok
Encoder Tools Proc. FTP brute Sec. SQL PHP-code Update Feedback Self remove Logout
inurl:c99.php
"C99Shell v. 1.0 pre"
=C99Shell v. 1.0 pre-release
Encoder Tools Proc. FTP brute Sec. SQL PHP-code Update Feedback Self remove Logout
c99shell v. pre-release build
inurl:c99.php c99 shell
inurl:c99.php c99 shell
powered by Captain Crunch Security Team
inurl:c99.php
inurl:c99.php
!C99Shell v. 1.0 pre-release build #5!
intitle:"c99shell" filetype:php root
intitle:"c99shell" Linux infong 2.4
C99Shell v. 1.0 beta !
C99Shell v. 1.0 pre-release build #
inurl:"c99.php"
allintext:C99Shell v. 1.0 pre-release build #12
"C99Shell v. 1.0 pre"
powered by Captain Crunch Security Team
Encoder Tools Proc. FTP brute Sec. SQL PHP-code Update Feedback Self remove Logout
inurl:/c99.php?
allinurl:c99.php
intitle:C99Shell pre-release
inurl:"c99.php"
powered by Captain Crunch Security Team
inurl:c99.php
C99Shell v. 1.0 pre-release build #16!
allinurl:c99.php
C99Shell v. 1.0 pre-release build #16 administrator
intitle:c99shell filetype:php
powered by Captain Crunch Security Team
powered by Captain Crunch Security Team
C99Shell v. 1.0 pre-release build #12
c99shell v.1.0
allinurl:c99.php
"c99shell v. 1.0 pre-release build"
inurl:"c99.php" filetype:php
"c99shell v. 1.0 "
ok c99.php
Encoder Tools Proc. FTP brute Sec. SQL PHP-code Update Feedback Self remove Logout
   c99shell v. 1.0 pre-release build #16 |
!C99Shell v. 1.0 pre-release build #5!
!C99Shell v. 1.0 pre-release build #5!
allinurl:/c99.php
powered by Captain Crunch Security Team
inurl:c99.php
Encoder Tools Proc. FTP brute Sec. SQL PHP-code Update Feedback Self remove Logout
inurl:c99.php
powered by Captain Crunch Security Team
inurl:c99.php
C99Shell v. 1.0 pre-release
inurl:c99.php
inurl:c99.php ext:php
inurl:"c99.php"
allinurl:"c99.php"
Encoder Tools Proc. FTP brute Sec. SQL PHP-code Update Feedback Self remove Logout
powered by Captain Crunch Security Team
Encoder Tools Proc. FTP brute Sec. SQL PHP-code Update Feedback Self remove Logout
Encoder Tools Proc. FTP brute Sec. SQL PHP-code Update Feedback Self remove Logout"
C99Shell v. 1.0 pre-release build #16 software apache
   Encoder Tools Proc. FTP brute Sec. SQL PHP-code Update Feedback Self remove Logout
"c99shell v 1.0"
inurl:"c99.php"
allintitle: C99shell filetype:php
C99Shell v. 1.0 pre-release build #16!
"c99shell v. 1.0 pre-release"
c99shell v. 1.0 pre-release build #5
allinurl:"c99.php" filetype:php
Encoder Tools Proc. FTP brute Sec. SQL PHP-code Update Feedback Self remove Logout
Encoder Tools Proc. FTP brute Sec. SQL PHP-code Update Feedback Self remove Logout
!C99Shell v. 1.0 pre-release build #16!
inurl:c99.php
intitle:C99Shell v. 1.0 pre-release +uname
inurl:c99.php
c99shell v. 1.0
allinurl: c99.php
   --[ c99shell v. 1.0 pre-release build #16 powered by Captain Crunch Security Team | ]--
inurl:"/c99.php"
c99shell +uname
c99shell php + uname
c99shell php + uname
--[ c99shell v. 1.0 pre-release build #16 powered by Captain Crunch Security Team | ]--
allinurl:c99.php
!C99Shell v. 1.0 pre-release build #5!
C99Shell v.1.0 pre-release
Encoder Tools Proc. FTP brute Sec. SQL PHP-code Update Feedback Self remove Logout
inurl:c99.php
intitle:c99shell filetype:php
"Encoder Tools Proc. FTP brute"
"c99" filetype:php intext:"Safe-Mode: OFF"
c99shell v. 1.0 pre
inurl:c99.php
intitle:c99shell uname -bbpress
intitle:"index.of" c99.php
inurl:admin/files/
intitle:"index of /" "c99.php"
intitle:"index of" intext:c99.php
intitle:index.of c99.php
intitle:"index of" + c99.php
intitle:index/of file c99.php
intitle:index/of file c99.php
index of /admin/files/
intitle:"Index of/"+c99.php
c99.php "intitle:Index of "
c99.php "intitle:Index of "
c99.php "intitle:Index of "
intitle:index.of c99.php
img/c99.php
intitle:index.of c99.php
   img.c99.php
intitle:"Index of/"+c99.php
"index of /" c99.php
c99.php
intitle:"Index of" c99.php
"index of" c99.php
"Index of/"+c99.php

SCRIPT PHP Security-Shell RFI Scanner v1.0

Segurança Shell RFI Scanner v1.0 é um scan de rfi pra você scanner de plantão.

* Copyright (C) 2007 por pentest
* Http://security-sh3ll.com
* Este programa é software livre, pode redistribuí-lo e / ou modificá-
* Sob os termos da GNU General Public License conforme publicada pela
** Mas SEM NENHUMA GARANTIA, sem mesmo a garantia implícita de *COMERCIALIZAÇÃO ou ADEQUAÇÃO PARA UM DETERMINADO PROPÓSITO. Veja o * Licença Pública Geral GNU para obter mais detalhes.

/***************************************************************************
*   PHP Security-Shell RFI Scanner v1.0                                   *
*                                                                         *
*   Copyright (C) 2007 by pentest                                         *
*                                                                         *
*   http://security-sh3ll.com                                             *
*                                                                         *
*   This program is free software; you can redistribute it and/or modify *
*   it under the terms of the GNU General Public License as published by *
*   the Free Software Foundation; either version 2 of the License, or     *
*   (at your option) any later version.                                   *
*                                                                         *
*   This program is distributed in the hope that it will be useful,       *
*   but WITHOUT ANY WARRANTY; without even the implied warranty of        *
*   MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the         *
*   GNU General Public License for more details.                          *
*                                                                         *
***************************************************************************/

    $escan_inc_regex   = array( '/include(_once)?.\$/ix', '/require(_once)?.\$/ix' );
    /* Regex to extract the names of variables */
    $escan_var_regex   = array( '/\Ainclude(_once)?./is', '/\Arequire(_once)?./is' );
    /* Array of file extensions to scan */
    $escan_valid_ext   = array( 'php' );
    /* Maximum size of a file to scan, scans all if 0 */
    $escan_max_size    = 0;
    /* Counter crawled directory */
    $escan_dir_count   = 0;
    /* Perpetual scanned files */
    $escan_file_count = 0;
    /* Perpetual potential rfi found */
    $escan_match_count = 0;
    /*Perpetual crawled total bytes */
    $escan_byte_count = 0;

    escan_banner();

    if( $argc < 2 ){
        escan_usage($argv[0]);
    }
    else{

        $stime = escan_get_mtime();

        escan_recurse_dir( realpath($argv[1]).DIRECTORY_SEPARATOR );

        $etime = escan_get_mtime();

        print "\n@ Scan report : \n\n" .
              "\t$escan_dir_count directory .\n".
              "\t$escan_file_count file .\n".
              "\t" . escan_format_size($escan_byte_count) . " .\n".
              "\t$escan_match_count Potential RFI .\n".
              "\t".($etime-$stime) . " Second Processing .\n\n";
    }

    /* A string formats in a magnitude expressed in bytes */
    function escan_format_size($bytes)
    {
        if( $bytes < 1024       ) return "$bytes bytes";
        if( $bytes < 1048576    ) return ($bytes / 1024) . " Kb";
        if( $bytes < 1073741824 ) return ($bytes / 1048576) . " Mb";

        return ($bytes / 1073741824) . " Gb";
    }

    /* Returns the timestamp in seconds */
    function escan_get_mtime()
    {
        list($usec, $sec) = explode(" ",microtime());
        return ((float)$usec + (float)$sec);
    }

    /* Extracts line of code inclusion */
    function escan_scan_line($content,$offset)
    {
        list( $line, $dummy ) = explode( ";" , substr($content,$offset,strlen($content)) );

        return $line.";";
    }

    /* Extract the variable name from line of code inclusion */
    function escan_parse_var( $line, $regex_id )
    {
        global $escan_var_regex;

        $vars       = preg_split($escan_var_regex[$regex_id],$line);
        $varname    = $vars[1];
        $delimiters = " .);";

        for( $i = 0; $i < strlen($varname); $i++ ){
            for( $j = 0; $j < strlen($delimiters); $j++ ){
                if($varname[$i] == $delimiters[$j]){
                    return substr( $varname, 0, $i );
                }
            }
        }

        return $varname;
    }

    /* Check if the variable $var is defined in $content before position $offset*/
    function escan_check_definitions($content,$offset,$var)
    {
        if( strpos( $var, "->" ) ){
            return 1;
        }

        $chunk = substr($content,0,$offset);
        $regex = "/".preg_quote($var,"/")."\s*=/ix";
        preg_match( $regex, $chunk,$matches );

        return count($matches);
    }

    /* $file the file to check for potential rfi */
    function escan_parse_file($file)
    {
        global $escan_inc_regex;
        global $escan_max_size;
        global $escan_file_count;
        global $escan_match_count;
        global $escan_byte_count;

        $fsize = filesize($file);

        if( $escan_max_size && $fsize > $escan_max_size ) return;

        $escan_file_count++;
        $escan_byte_count += $fsize;

        $content = @file_get_contents($file);

        for( $i = 0; $i < count($escan_inc_regex); $i++ ){
            if( preg_match_all( $escan_inc_regex[$i], $content, $matches, PREG_OFFSET_CAPTURE ) ){

                $nmatch = count($matches[0]);

                for( $j = 0; $j < $nmatch; $j++ ){
                    $offset = $matches[0][$j][1];
                    $line   = escan_scan_line($content,$offset);
                    $var    = escan_parse_var($line,$i);

                    if( escan_check_definitions($content,$offset,$var) == 0 )
                    {
                        $escan_match_count++;
                        print "@ $file - \n\t- '$var' The position $offset .\n";
                    }
                }
            }
        }
    }

    /* Returns the file extension $fname */
    function escan_get_file_ext($fname)
    {
        if( strchr($fname,'.') ){
            return substr($fname,strrpos($fname,'.')+1);
        }
        else{
            return "";
        }
    }

    /* Check if file $fname is a valid extension */
    function escan_isvalid_ext($fname)
    {
        global $escan_valid_ext;

        for( $i = 0; $i < count($escan_valid_ext); $i++ ){
            if(strstr(escan_get_file_ext($fname),$escan_valid_ext[$i])){
                return true;
            }
        }

        return false;
    }

    /* That function scans directories recursively */
    function escan_recurse_dir($dir)
    {
        global $escan_dir_count;

        $escan_dir_count++;

        if( $cdir = @dir($dir) ){
            while( $entry = $cdir->read() ){
                if( $entry != '.' && $entry != '..' ){
                    if( is_dir($dir.$entry) ){
                        escan_recurse_dir($dir.$entry.DIRECTORY_SEPARATOR);
                    }
                    else{
                        if( escan_isvalid_ext($dir.$entry) ){
                            escan_parse_file($dir.$entry);
                        }
                    }
                }
            }

            $cdir->close();
        }
    }

    function escan_banner()
    {
        print "*-----------------------------------------------------*\n" .
              "*   PHP Security-Shell RFI Scanner v1.0 by pentest   *\n" .
              "*                                                     *\n" .
              "*             http://security-sh3ll.com               *\n" .
              "*-----------------------------------------------------*\n\n";
    }

    function escan_usage($pname)
    {
        print "Use : php $pname \n";
    } ?>

Scanner SQLI online feito pelo grupo HCV

Scanner SQLI online feito pelo grupo kinginfet

Scanner SQLI online feito pelo grupo HCV, alem de scan ele ja testa as vull utilizando tecnicas sql injection espero que que gostem vou colocar um scan online com strins especiais para ele, bom scan.

Shell script da ITSECTEAM muito bom esse grupo.

Shell script da ITSECTEAM muito esse grupo.

Esta shell foi desenvolvida por membros ITSecTeam e não e bloqueiada por AV's quando aberta, boa estrutura, essa equipe de TI sempre desenvolvendo coisas novas:

executar comandos do sistema
executar comando de desvio
bypass diretório
conectar-se a bases de dados comuns, como MsSQL, MSSQL, PostgreSQL, Oracle e DB2
editar os arquivos e diretórios e novas características da versão:

Adicionando informaton servidor, versão do php e modo seguro para o topo da página shell para facilidade de uso.
Sistema de unidades de anúncio.
Adicionando ícones de arquivos e pastas.
Abertura de arquivos com link direto.
Baixar todos os arquivos e pastas de uma pasta especial em formato zip, sem usar uma função específica.
Direct download de um arquivo.
Manter diretório de trabalho para uso de recursos do site todo.
Adicionar symlink de 2 maneiras: usando o OS de linha de comando e de habilidades do PHP.
Alterar seqüência de caracteres para outros formatos.
Mail Boomber.
Local Quedas do PHP e Apache.
Dumping databse em sql e formato gzip.
Massa desmoralização de todas as pastas com permissão de gravação de acesso.
Download de um arquivo de outros servidores.
Executando ataque DDoS remoto.
Procurando por todas as pastas gravável.
Bypass symlink e segurança Mod via htaccess e desativando o modo de segurança e desabilitar funções via php.ini se o servidor configurado impróprios.
Remonving shell automaticamente.
Copiando um arquivo sem usar função de cópia.
Mudança de modelo de reservatório.
Removendo bugs das versões anteriores.
Adicionando evento de actividades passado.
Desativando qoute magia em execução.

BAIXAR SHELL SCRIPT ITSECTEAM
goo.gl/NzQT8

Um belo pacote de 100 SHELL script's.

Resolvi disponiblizar uma lista de shells scripts para quem gosta da art do deface, umas 100 pra começar.

C99Shell v. 1.0 beta (5.02.2005) PHP 

Cyber Shell PHP 

GFS Web-Shell PHP 

NFM 1.8 PHP 

r57shell PHP 

Small Web Shell by ZaCo PHP 

nsTView v2.1 PHP 

DxShell v1.0 PHP 

C99madShell v. 2.0 madnet edition PHP 

CTT Shell PHP 

GRP WebShell 2.0 release build 2018 ©2006,Great PHP 

Crystal shell PHP 

Loaderz WEB Shell PHP 

NIX REMOTE WEB SHELL PHP 

Antichat Shell PHP 

CasuS 1.5 PHP 

Sincap 1.0 PHP 

C99Shell v. 1.0 pre-release build(safe-mode) PHP 

hiddens shell v1 PHP 

Web-shell ©ShAnKaR PHP 

Predator PHP 

KA_uShell 0.1.6 PHP 

NGH PHP 

C2007Shell v. 1.0 pre-release build #16 Modded by Adora & u9 h4c93r PHP 

Antichat Shell. Modified by Go0o$E PHP 

c0derz shell [csh] v. 0.1.1 release PHP 

iMHaBiRLiGi Php FTP PHP 

PHVayv PHP 

phpRemoteView PHP 

STNC WebShell v0.8 PHP 

MyShell PHP 

ZyklonShell PHP 

AK-74 Security Team Web Shell Beta Version PHP 

Gamma Web Shell Perl-Cgi 

go-shell Perl-Cgi 

PhpSpy Ver 2006 Perl-Cgi 

CmdAsp.asp.txt ASP 

CyberSpy5.Asp.txt ASP 

klasvayv.asp.txt ASP 

indexer.asp.txt ASP 

NTDaddy v1.9 ASP 

reader.asp.txt ASP 

RemExp.asp.txt ASP 

zehir4.asp.txt ASP 

Elmaliseker.txt ASP 

EFSO_2.txt ASP 

accept_language PHP 

Ajax_PHP Command Shell PHP 

Antichat Shell v1.3 PHP 

Ayyildiz Tim -AYT- Shell v 2.1 Biz PHP 

aZRaiLPhp v1.0 PHP 

backupsql PHP 

c99 PHP 

c99_locus7s PHP 

c99_madnet PHP 

c99_PSych0 PHP 

c99_w4cking PHP 

Crystal PHP 

ctt_sh PHP 

cybershell PHP 

dC3 Security Crew Shell PRiV PHP 

Dive Shell 1.0 - Emperor Hacking Team PHP 

DTool Pro PHP 

Dx PHP 

GFS web-shell ver 3.1.7 - PRiV8 PHP 

gfs_sh PHP 

h4ntu shell [powered by tsoi] PHP 

iMHaPFtp PHP 

ironshell PHP 

JspWebshell 1.2 PHP 

KAdot Universal Shell v0.1.6 PHP 

lamashell PHP 

Liz0ziM Private Safe Mode Command Execuriton Bypass Exploit PHP 

load_shell PHP 

matamu PHP 

Moroccan Spamers Ma-EditioN By GhOsT PHP 

myshell PHP 

Mysql interface v1.0 PHP 

MySQL Web Interface Version 0.8 PHP 

mysql PHP 

mysql_tool PHP 

NCC-Shell PHP 

NetworkFileManagerPHP PHP 

NIX REMOTE WEB-SHELL v.0.5 alpha Lite Public Version PHP 

nshell PHP 

nstview PHP 

PH Vayv PHP 

PHANTASMA PHP 

PHP Shell PHP 

php-backdoor PHP 

php-include-w-shell PHP 

pHpINJ PHP 

PHPJackal PHP 

PHPRemoteView PHP 

Private-i3lue PHP 

pws PHP 

r57 PHP 

r57_iFX PHP 

r57_kartal PHP 

r57_Mohajer22 PHP 

rootshell PHP 

ru24_post_sh PHP 

s72 Shell v1.1 Coding PHP 

Safe0ver Shell -Safe Mod Bypass By Evilc0der PHP 

Safe_Mode Bypass PHP 4.4.2 and PHP 5.1.2 PHP 

SimAttacker - Vrsion 1.0.0 - priv8 4 My friend PHP 

simple_cmd PHP 

simple-backdoor PHP 

SimShell 1.0 - Simorgh Security MGZ PHP 

SnIpEr_SA Shell PHP 

Uploader PHP 

WinX Shell PHP 

Worse Linux Shell PHP 

zacosmall PHP 

Antichat Shell v1.3 PHP 

Ayyildiz Tim -AYT- Shell v 2.1 Biz PHP 

aZRaiLPhp v1.0 PHP 

CrystalShell v.1 PHP 

Cyber Shell (v 1.0) PHP 

dC3 Security Crew Shell PRiV PHP 

Dive Shell 1.0 - Emperor Hacking Team PHP 

DxShell.1.0 PHP 

ELMALISEKER Backd00r ASP 

GFS web-shell ver 3.1.7 - PRiV8 PHP 

h4ntu shell [powered by tsoi] PHP 

JspWebshell 1.2 JSP 

KAdot Universal Shell v0.1.6 PHP 

Liz0ziM Private Safe Mode Command Execuriton Bypass Exploit PHP 

Macker's Private PHPShell PHP 

Mysql interface v1.0 PHP 

MySQL Web Interface Version 0.8 PHP 

NIX REMOTE WEB-SHELL v.0.5 alpha Lite Public Version PHP 

Perl Web Shell by RST-GHC PL 

Private-i3lue PHP 

RedhatC99 [login=redhat-pass=root] PHP 

Rootshell.v.1.0 PHP 

s72 Shell v1.1 Coding PHP 

Safe0ver Shell -Safe Mod Bypass By Evilc0der PHP 

Safe_Mode Bypass PHP 4.4.2 and PHP 5.1.2 PHP 

SimAttacker - Vrsion 1.0.0 - priv8 4 My friend PHP 

SimShell 1.0 - Simorgh Security MGZs PHP 

WinX Shell PHP 

Worse Linux Shell PHP

BAIXAR SHELL'S

goo.gl/WPdy7

Programa Scanner de vulnerabilidade em Joomla CMS

JOOMLA SECURITY SCANNER 

Aé vai um programa scanner que varre vulnnerabilidades de sites feitos em joomla ,segui o link logo abaixo

Programa Scanner de vulnerabilidade em Joomla CMS

BAIXA O SCANNER:

goo.gl/OvNwP

Lista de 5mil sites vull a sql injection

Caros amigos aé vai uma listas de sites vull a SQL injection.

http://www.solutionfocusedtrainers.co.uk/trainers.php?id='4
http://www.arcdi.com/trainers.php?id='30
http://youronesourcefitness.com/trainers.php?id='30
http://www.emarotta.com/article.php?ID='338
http://www.gesmer.com/publications/article.php?ID='51
http://www.elreloj.com/article.php?id='13798
http://www.bramleybuffs.com/news/article.php?Id='0222
http://www.limelight-software.com/article.php?id='59
http://www.bluecusa.com/press/article.php?id='000073
http://www.arocariaflowers.com/article.php?id='5
http://www.icehw.net/article.php?id='104
http://thebiggreen.net/article.php?id='1089
http://www.harrisburgu.net/news/article.php?id='416
http://youth.100steps.net/article.php?id='2524
http://www.pornkruba.net/article.php?id='11012&lang='th
http://www.bloomhealth.net/news/article.php?id='48
http://www.yangdentalgroup.net/nl/article.php?id='1512&type='col
http://www.all.org/article.php?id='10130
http://www.saveoureverglades.org/article.php?id='1
http://www.lam.org/news/article.php?id='305
http://www.plusline.org/article.php?id='6068
http://www.chayka.org/article.php?id='1164
http://www.unitedpurpose.org/archive/article.php?id='100
http://www.latinamericamission.org/news/article.php?id='183
http://www.sharetrails.org/magazine/article.php?id='1002
http://vb-faq.de/article.php?id='96
http://www.wbv-ohp.de/aktuelles/article.php?Id='270
http://www.duesseldorf.feg.de/static/sebalu2/article.php?id='48
http://www.mitmischen.cc/article.php?id='41
http://www.taoba.cc/article.php?id='3
http://agung-saputra.co.cc/article.php?id='1
http://www.clydebankpost.co.uk/article.php?id='12393&sec='1
http://www.website-design-lincolnshire.co.uk/article.php?id='59
http://anadoluofset.info/ana/modules/articles/article.php?id='35
http://www.israel-diaspora.info/article.php?id='853
http://www.scaa.us/article.php?id='1
http://www.eleganthomesinwesttoronto.com/ShowResources.cfm?Pageid='49485&TypeOfPage='2
http://www.communitycontrolcenter.com/index.php?PageID='21
http://www.positivenetworks.com/page.php?pageID='3
http://www.shanks.com/subpage.wwi?pageid='5
http://www.turkey-re.com/system/main.php?pageid='2616&articleid='3687&objectid='10032
http://www.sbp-journal.com/default.aspx?pageid='15
http://www.europe-re.com/system/main.php?objectid='10146&objectopt='news&pageid='2236
http://coherence.oracle.com/pages/viewpage.action?pageId='1343616
http://dama.i4a.com/i4a/pages/index.cfm?pageid='3533
http://www.bingham.com/Page.aspx?PageID='107
http://www.kalonjirecords.com/index.php?pageID='237
http://www.marincyclists.com/Default.aspx?pageId='131074
https://www.positivenetworks.com/page.php?pageID='122
http://www.surfwaxcandle.com/index.cfm?pageid='2
http://www.chefpaul.com/site.php?pageID='285&iteminfo='1&productID='229
http://www.konstmoten.com/pages.asp?PageID='171&MenuID='1134
http://www.lovemarks.com/index.php?pageID='20016&lmvideoid='106
http://www.irrawaddymedia.com/research.php?pageid='2
http://www.arcsoft.com/public/content_page.asp?pageID='470

O restante das vull ao total são umas 5 mil : http://blog.inurl.com.br/p/banco-de-strings_16.html

quarta-feira, 16 de fevereiro de 2011

Capturando lista de email em base csv.

Creia uma Dork para procura de List-mail em bases csv dentro de site,
abaixo segui uma introdução sobre o que é CSV

Comma-separated values (CSV), em português Valores Separados por Vírgula, é um formato de arquivo que armazena dados tabelados, cujo grande uso data da época dos mainframes. Por serem bastante simples, arquivos .csv são comuns em todas as plataformas de computador.

O CSV é um implementação particular de arquivos de texto separados por um delimitador, que usa a vírgula e a quebra de linha para separar os valores. O formato também usa as aspas em campos no qual são usados os caracteres reservados (vírgula e quebra de linha). Essa robustez no formato torna o CSV mais amplo que outros formatos digitais do mesmo segmento.

Especificação

Embora não exista uma especificação formal do formato CSV, o RFC 4180 descreve um formato comum e estabelece text/csv como um tipo MIME registrado na IANA. Formalmente, o CSV é um formato de dados delimitado que possui campos (colunas) separados por caracteres de vírgula e registros (linhas) separados por caracteres de quebra de linha. Campos que contêm caracteres especiais (vírgula, quebra de linha ou aspas) devem ser envolvidos em aspas. Entretanto, se uma linha contiver uma única entrada que seja uma cadeia vazia, ela também pode ser envolvida por aspas. Se um campo contiver um caractere de aspas, ele é discernido posicionando outro caractere igual logo em seguida. O formato CSV não requisita uma codificação de caracteres, uma ordenação de bytes ou um formato de terminador de linha.

Exemplo

1997	Ford	E350	ac, abs, moon	3000.00
1999	Chevy	Venture "Extended Edition"		4900.00
1996	Jeep	Grand Cherokee	MUST SELL! air, moon roof, loaded	4799.00

A tabela acima pode ser ser representada em CSV da seguinte maneira:

1997,Ford,E350,"ac, abs, moon",3000.00
1999,Chevy,"Venture ""Extended Edition""",,4900.00
1996,Jeep,Grand Cherokee,"MUST SELL!
air, moon roof, loaded",4799.00

------------------------------------------------------------------------------------------------------------

Quantidade:Aproximadamente 1 string
Autor:Cleiton Pinheiro
Fonte:blog.inurl.com.br
Código de pesquisa:
+@ +intext:(*mail*) +hotmail +br ext:csv

Páginas

Parceiro: Camisetas Hacker