Tweet
Ae vou posta umas strings de pesquisas para achar sites vulneráveis como a lista é muinto grande eu não conseguir postar tudo intão fiz um upload vou posta alguamas aki quem quiser baixar o resto o link ta ae= Apenas usuários registrados e ativados podem ver os links., Clique aqui para se cadastrar...
PHP Injection – Remote File Inclusion (RFI)
Essa falha é muito comum e permite que o invasor execute um objeto remoto, com scripts adptados pra esse tipo de intrusão o deface,invasor,script-kid tem controle total sobre seu alvo desde que os parametros de segurança do server estejam em mode - off .
Strings:
/index.php?site=
/index.php?link=
/index.php?pagina=
/index.php?page=
/index.php?include=
/index.php?pg=
/index.php?p=
/index.php?x=
/index.php?home=
/modules/xgallery/upgrade_album.php?GALLERY_BASEDIR=
/pivot/modules/module_db.php?pivot_path=
/pivot/modules/module_db.php?pivot_path=
/ashnews.php?pathtoashnews=
/modules/agendax/addevent.inc.php?agendax_path=
/modules/4nAlbum/public/displayCategory.php?basepath=
/shoutbox/expanded.php?conf=
/shoutbox/expanded.php?conf=
/modules/coppermine/themes/default/theme.php?THEME_DIR=
/modules/My_eGallery/public/displayCategory.php?basepath=
/write.php?dir=
/index.php?go=
/index.php?carrega=
/index.php?carga=
/index.php?ir=
/classes/adodbt/sql.php?classes_dir= "adobt"
/classes/adodbt/sql.php?classes_dir= adobt
/classes/adodbt/sql.php?classes_dir= adobt
/classified_right.php?language_dir= "classified.php"
/classified_right.php?language_dir= classified.php
/classified_right.php?language_dir= classified.php phpbazar
/classified_right.php?language_dir= "phpbazar"
/classified_right.php?language_dir= phpbazar
/coin_includes/constants.php?_CCFG[_PKG_PATH_INCL]= "phpCOIN"
/coin_includes/constants.php?_CCFG[_PKG_PATH_INCL]= phpCOIN
/coin_includes/constants.php?_CCFG[_PKG_PATH_INCL]= "phpCOIN 1.2.3"
/coin_includes/constants.php?_CCFG[_PKG_PATH_INCL]= phpCOIN 1.2.3
/coin_includes/constants.php?_CCFG[_PKG_PATH_INCL]= "powered by phpCOIN 1.2.3"
/coin_includes/constants.php?_CCFG[_PKG_PATH_INCL]= powered by phpCOIN 1.2.3
/components/com_extended_registration/registration_detailed.inc.php?mosConfig_absolute_p ath= com_extended_registration
/components/com_extended_registration/registration_detailed.inc.php?mosConfig_absolute_p ath= "com_extended_registration"
/components/com_extended_registration/registration_detailed.inc.php?mosConfig_absolute_p ath= com_extended_registration
/components/com_facileforms/facileforms.frame.php?ff_compath= com_facileforms"
/components/com_facileforms/facileforms.frame.php?ff_compath= "com_facileforms"
/components/com_facileforms/facileforms.frame.php?ff_compath= com_facileforms
components/com_performs/performs.php?mosConfig_absolute_path= com_performs
components/com_performs/performs.php?mosConfig_absolute_path= "com_performs"
/components/com_zoom/includes/database.php?mosConfig_absolute_path= "com_zoom"
/components/com_zoom/includes/database.php?mosConfig_absolute_path= com_zoom
/components/com_zoom/includes/database.php?mosConfig_absolute_path= "index.php?option="com_zoom"
content.php?page= "content.php?page=*.php"
/embed/day.php?path= "Calendar"
/embed/day.php?path= Calendar
/embed/day.php?path= intitle:"Login to Calendar"
/embed/day.php?path= "Login to Calendar"
/embed/day.php?path= Login to Calendar
/embed/day.php?path= "WebCalendar"
/embed/day.php?path= WebCalendar
enc/content.php?Home_Path= "doodle"
enc/content.php?Home_Path= doodle
enc/content.php?Home_Path= "doodle cart"
enc/content.php?Home_Path= doodle cart
enc/content.php?Home_Path= "powered by doodle cart"
enc/content.php?Home_Path= powered by doodle cart
/header.php?abspath= "MobilePublisherPHP"
/header.php?abspath= MobilePublisherPHP
impex/ImpExData.php?systempath= intext
owered by vbulletin
impex/ImpExData.php?systempath= powered by vbulletin
impex/ImpExData.php?systempath= "vbulletin"
impex/ImpExData.php?systempath= vbulletin
/includes/dbal.php?eqdkp_root_path= "EQdkp"
/includes/dbal.php?eqdkp_root_path= EQdkp
/includes/dbal.php?eqdkp_root_path= "powered by EQdkp"
/includes/dbal.php?eqdkp_root_path= powered by EQdkp
/includes/kb_constants.php?module_root_path= "Base"
/includes/kb_constants.php?module_root_path= Base
/includes/kb_constants.php?module_root_path= "Knowledge"
/includes/kb_constants.php?module_root_path= Knowledge
/includes/kb_constants.php?module_root_path= "Knowledge Base"
/includes/kb_constants.php?module_root_path= Knowledge Base
/includes/kb_constants.php?module_root_path= "Powered by Knowledge Base"
/includes/kb_constants.php?module_root_path= Powered by Knowledge Base
index1.php?= "index1.php?="
index1.php?= index1.php?=
index1.php?= "index1.php?=*.php?
index2.php?= "index2.php?="
index2.php?= index2.php?=
index2.php?= "index2.php?=*.php?"
index.php?body= index.php?body=
index.php?body= "index.php?body="
index.php?go1= index.php?go1=
index.php?go1= "index.php?go1="
index.php?go= "index.php?go="
index.php?go= index.php?go=
index.php?pageurl= "index.php?pageurl="
index.php?pageurl= "index.php?pageurl=*.php"
index.php?pageurl= index.php?pageurl=*.php
index.php?pageurl= "index.php?pageurl=*.php
index.php?pagina1= "index.php?pagina1="
index.php?pagina1= index.php?pagina1=
index.php?pagina= "index.php?pagina="
index.php?pagina= "index.php?pagina=*.php"
index.php?site1= index.php?site1=
index.php?site1= "index.php?site1="
index.php?site= "index.php?site="
index.php?site= index.php?site=
index.php?var1= "index.php?var1="
index.php?var1= index.php?var1=
index.php?var2= index.php?var2=
index.php?var= index.php?va21=
index.php?var= index.php?var=
index.php?var= "index.php?var1="
index.php?var= index.php?var1=
index.php?var= "index.php?var2="
index.php?var= index.php?var2=
index.php?var= "index.php?var=*.php"
index.php?var= index.php?var=*.php
/login.php?dir= login.php?dir=
/login.php?dir= "login.php?dir="
/login.php?dir= login.php?dir=
main.php?id= "main.php?id=*.php"
/main.php?sayfa= "main.php?sayfa="
/main.php?sayfa= main.php?sayfa=
/mcf.php?content= mcf.php"
mcf.php?content= mcf.php"
mcf.php?content= "mcf.php"
mcf.php?content= mcf.php
/modules/TotalCalendar/about.php?inc_dir= /TotalCalendar
/modules/TotalCalendar/about.php?inc_dir= /TotalCalendar
/modules/TotalCalendar/about.php?inc_dir= "TotalCalendar"
/modules/TotalCalendar/about.php?inc_dir= TotalCalendar
/modules/vwar/admin/admin.php?vwar_root= "vwar"
/modules/vwar/admin/admin.php?vwar_root= vwar
phpwcms/include/inc_ext/spaw/dialogs/table.php?spaw_root= "index.php?id="
phpwcms/include/inc_ext/spaw/dialogs/table.php?spaw_root= index.php?id=
phpwcms/include/inc_ext/spaw/dialogs/table.php?spaw_root= "phpwcms/index.php?id="
phpwcms/include/inc_ext/spaw/dialogs/table.php?spaw_root= phpwcms/index.php?id=
PHP Injection – Remote File Inclusion (RFI)
Essa falha é muito comum e permite que o invasor execute um objeto remoto, com scripts adptados pra esse tipo de intrusão o deface,invasor,script-kid tem controle total sobre seu alvo desde que os parametros de segurança do server estejam em mode - off .
Strings:
/index.php?site=
/index.php?link=
/index.php?pagina=
/index.php?page=
/index.php?include=
/index.php?pg=
/index.php?p=
/index.php?x=
/index.php?home=
/modules/xgallery/upgrade_album.php?GALLERY_BASEDIR=
/pivot/modules/module_db.php?pivot_path=
/pivot/modules/module_db.php?pivot_path=
/ashnews.php?pathtoashnews=
/modules/agendax/addevent.inc.php?agendax_path=
/modules/4nAlbum/public/displayCategory.php?basepath=
/shoutbox/expanded.php?conf=
/shoutbox/expanded.php?conf=
/modules/coppermine/themes/default/theme.php?THEME_DIR=
/modules/My_eGallery/public/displayCategory.php?basepath=
/write.php?dir=
/index.php?go=
/index.php?carrega=
/index.php?carga=
/index.php?ir=
/classes/adodbt/sql.php?classes_dir= "adobt"
/classes/adodbt/sql.php?classes_dir= adobt
/classes/adodbt/sql.php?classes_dir= adobt
/classified_right.php?language_dir= "classified.php"
/classified_right.php?language_dir= classified.php
/classified_right.php?language_dir= classified.php phpbazar
/classified_right.php?language_dir= "phpbazar"
/classified_right.php?language_dir= phpbazar
/coin_includes/constants.php?_CCFG[_PKG_PATH_INCL]= "phpCOIN"
/coin_includes/constants.php?_CCFG[_PKG_PATH_INCL]= phpCOIN
/coin_includes/constants.php?_CCFG[_PKG_PATH_INCL]= "phpCOIN 1.2.3"
/coin_includes/constants.php?_CCFG[_PKG_PATH_INCL]= phpCOIN 1.2.3
/coin_includes/constants.php?_CCFG[_PKG_PATH_INCL]= "powered by phpCOIN 1.2.3"
/coin_includes/constants.php?_CCFG[_PKG_PATH_INCL]= powered by phpCOIN 1.2.3
/components/com_extended_registration/registration_detailed.inc.php?mosConfig_absolute_p ath= com_extended_registration
/components/com_extended_registration/registration_detailed.inc.php?mosConfig_absolute_p ath= "com_extended_registration"
/components/com_extended_registration/registration_detailed.inc.php?mosConfig_absolute_p ath= com_extended_registration
/components/com_facileforms/facileforms.frame.php?ff_compath= com_facileforms"
/components/com_facileforms/facileforms.frame.php?ff_compath= "com_facileforms"
/components/com_facileforms/facileforms.frame.php?ff_compath= com_facileforms
components/com_performs/performs.php?mosConfig_absolute_path= com_performs
components/com_performs/performs.php?mosConfig_absolute_path= "com_performs"
/components/com_zoom/includes/database.php?mosConfig_absolute_path= "com_zoom"
/components/com_zoom/includes/database.php?mosConfig_absolute_path= com_zoom
/components/com_zoom/includes/database.php?mosConfig_absolute_path= "index.php?option="com_zoom"
content.php?page= "content.php?page=*.php"
/embed/day.php?path= "Calendar"
/embed/day.php?path= Calendar
/embed/day.php?path= intitle:"Login to Calendar"
/embed/day.php?path= "Login to Calendar"
/embed/day.php?path= Login to Calendar
/embed/day.php?path= "WebCalendar"
/embed/day.php?path= WebCalendar
enc/content.php?Home_Path= "doodle"
enc/content.php?Home_Path= doodle
enc/content.php?Home_Path= "doodle cart"
enc/content.php?Home_Path= doodle cart
enc/content.php?Home_Path= "powered by doodle cart"
enc/content.php?Home_Path= powered by doodle cart
/header.php?abspath= "MobilePublisherPHP"
/header.php?abspath= MobilePublisherPHP
impex/ImpExData.php?systempath= intext
owered by vbulletinimpex/ImpExData.php?systempath= powered by vbulletin
impex/ImpExData.php?systempath= "vbulletin"
impex/ImpExData.php?systempath= vbulletin
/includes/dbal.php?eqdkp_root_path= "EQdkp"
/includes/dbal.php?eqdkp_root_path= EQdkp
/includes/dbal.php?eqdkp_root_path= "powered by EQdkp"
/includes/dbal.php?eqdkp_root_path= powered by EQdkp
/includes/kb_constants.php?module_root_path= "Base"
/includes/kb_constants.php?module_root_path= Base
/includes/kb_constants.php?module_root_path= "Knowledge"
/includes/kb_constants.php?module_root_path= Knowledge
/includes/kb_constants.php?module_root_path= "Knowledge Base"
/includes/kb_constants.php?module_root_path= Knowledge Base
/includes/kb_constants.php?module_root_path= "Powered by Knowledge Base"
/includes/kb_constants.php?module_root_path= Powered by Knowledge Base
index1.php?= "index1.php?="
index1.php?= index1.php?=
index1.php?= "index1.php?=*.php?
index2.php?= "index2.php?="
index2.php?= index2.php?=
index2.php?= "index2.php?=*.php?"
index.php?body= index.php?body=
index.php?body= "index.php?body="
index.php?go1= index.php?go1=
index.php?go1= "index.php?go1="
index.php?go= "index.php?go="
index.php?go= index.php?go=
index.php?pageurl= "index.php?pageurl="
index.php?pageurl= "index.php?pageurl=*.php"
index.php?pageurl= index.php?pageurl=*.php
index.php?pageurl= "index.php?pageurl=*.php
index.php?pagina1= "index.php?pagina1="
index.php?pagina1= index.php?pagina1=
index.php?pagina= "index.php?pagina="
index.php?pagina= "index.php?pagina=*.php"
index.php?site1= index.php?site1=
index.php?site1= "index.php?site1="
index.php?site= "index.php?site="
index.php?site= index.php?site=
index.php?var1= "index.php?var1="
index.php?var1= index.php?var1=
index.php?var2= index.php?var2=
index.php?var= index.php?va21=
index.php?var= index.php?var=
index.php?var= "index.php?var1="
index.php?var= index.php?var1=
index.php?var= "index.php?var2="
index.php?var= index.php?var2=
index.php?var= "index.php?var=*.php"
index.php?var= index.php?var=*.php
/login.php?dir= login.php?dir=
/login.php?dir= "login.php?dir="
/login.php?dir= login.php?dir=
main.php?id= "main.php?id=*.php"
/main.php?sayfa= "main.php?sayfa="
/main.php?sayfa= main.php?sayfa=
/mcf.php?content= mcf.php"
mcf.php?content= mcf.php"
mcf.php?content= "mcf.php"
mcf.php?content= mcf.php
/modules/TotalCalendar/about.php?inc_dir= /TotalCalendar
/modules/TotalCalendar/about.php?inc_dir= /TotalCalendar
/modules/TotalCalendar/about.php?inc_dir= "TotalCalendar"
/modules/TotalCalendar/about.php?inc_dir= TotalCalendar
/modules/vwar/admin/admin.php?vwar_root= "vwar"
/modules/vwar/admin/admin.php?vwar_root= vwar
phpwcms/include/inc_ext/spaw/dialogs/table.php?spaw_root= "index.php?id="
phpwcms/include/inc_ext/spaw/dialogs/table.php?spaw_root= index.php?id=
phpwcms/include/inc_ext/spaw/dialogs/table.php?spaw_root= "phpwcms/index.php?id="
phpwcms/include/inc_ext/spaw/dialogs/table.php?spaw_root= phpwcms/index.php?id=
Comment