Thursday 21 April 2011

DORK LIST for Remote File Inclusion

In one of my previous article i wrote how to hack a website by Remote FILE INCLUSION .
Remote File Inclusion ( RFI ) allows the attacker to upload his file on website server. Using RFI you can literally deface the websites, get access to the server. Read my previous article first, if you do not know about RFIIf you want to find a victim for this type of attack, use Google hacking. Google hacking will give you a list where you can find you victim easily. Use these commands given below in Google search.



The Google dork for RFI is given below:


DORK LIST


inurl:/shoutbox/expanded.php?conf=
inurl:/main.php?x=
inurl:/myPHPCalendar/admin.php?cal_dir=
inurl:/index.php/main.php?x=
inurl:/index.php?include=
inurl:/index.php?x=
inurl:/index.php?open=
inurl:/index.php?visualizar=
inurl:/template.php?pagina=
inurl:/index.php?pagina=
inurl:/index.php?inc=


inurl:/modules/mod_mainmenu.php?mosConfig_absolute_path=
inurl:/include/new-visitor.inc.php?lvc_include_dir=
inurl:/_functions.php?prefix=
inurl:/cpcommerce/_functions.php?prefix=
inurl:/modules/coppermine/themes/default/theme.php?THEME_DIR=
inurl:/modules/agendax/addevent.inc.php?agendax_path=
inurl:/ashnews.php?pathtoashnews=
inurl:/eblog/blog.inc.php?xoopsConfig[xoops_url]=
inurl:/pm/lib.inc.php?pm_path=
inurl:/b2-tools/gm-2-b2.php?b2inc=
inurl:/modules/mod_mainmenu.php?mosConfig_absolute_path=
inurl:/modules/agendax/addevent.inc.php?agendax_path=
inurl:/includes/include_once.php?include_file=
inurl:/e107/e107_handlers/secure_img_render.php?p=



this is not the end of the list...
:P




please comment below if this post is useful for you..
:)

2 comments:

  1. TҺe gratitude οf every home in оur Island, in our Empirе, and indeed throughout the
    world, except in the abodes of tɦe guilty,
    goeѕ out to the British airmen who, undauntеd by
    odds, unwearied in theiг constant challenge and mortal danger, are turning the tide օf the world war by their prߋwess and Ƅy their
    devotion. Never in the field of human conflіct was so much owed by sо many to so few.


    Here is mƴ web blog; scientology

    ReplyDelete


  2. This professional hacker is absolutely reliable and I strongly recommend him for any type of hack you require. I know this because I have hired him severally for various hacks and he has never disappointed me nor any of my friends who have hired him too, he can help you with any of the following hacks:

    -Phone hacks (remotely)
    -Credit repair
    -Bitcoin recovery (any cryptocurrency)
    -Make money from home (USA only)
    -Social media hacks
    -Website hacks
    -Erase criminal records (USA & Canada only)
    -Grade change

    Email: cybergoldenhacker at gmail dot com

    ReplyDelete