DORK LIST for Remote File Inclusion
Wednesday, December 1, 2010
0
comments
Remote File Inclusion ( RFI ) allows the attacker to upload his file on website server. Using RFI you can literally deface the websites, get access to the server. Read my previous article first, if you do not know about RFI. If you want to find a victim for this type of attack, use Google hacking. Google hacking will give you a list where you can find you victim easily. Use these commands given below in Google search.
The Google dork for RFI is given below:
DORK LIST
inurl:/shoutbox/expanded.php?conf=
inurl:/main.php?x=
inurl:/myPHPCalendar/admin.php?cal_dir=
inurl:/index.php/main.php?x=
inurl:/index.php?include=
inurl:/index.php?x=
inurl:/index.php?open=
inurl:/index.php?visualizar=
inurl:/template.php?pagina=
inurl:/index.php?pagina=
inurl:/index.php?inc=
inurl:/modules/mod_mainmenu.php?mosConfig_absolute_path=
inurl:/include/new-visitor.inc.php?lvc_include_dir=
inurl:/_functions.php?prefix=
inurl:/cpcommerce/_functions.php?prefix=
inurl:/modules/coppermine/themes/default/theme.php?THEME_DIR=
inurl:/modules/agendax/addevent.inc.php?agendax_path=
inurl:/ashnews.php?pathtoashnews=
inurl:/eblog/blog.inc.php?xoopsConfig[xoops_url]=
inurl:/pm/lib.inc.php?pm_path=
inurl:/b2-tools/gm-2-b2.php?b2inc=
inurl:/modules/mod_mainmenu.php?mosConfig_absolute_path=
inurl:/modules/agendax/addevent.inc.php?agendax_path=
inurl:/includes/include_once.php?include_file=
inurl:/e107/e107_handlers/secure_img_render.php?p=
this is not the end of the list...
:P
please comment below if this post is useful for you..
:)
Categories:
GOOGLE HACK,
Remote File inclusion,
RFI,
Website hacking
0 comments:
Post a Comment