25.05.2011, 17:41
|
|
Новичок
Регистрация: 13.04.2010
Сообщений: 0
Провел на форуме:
1350
Репутация:
0
|
|
Ах да забыл мини фак
First of, this isn't such a great google hack, it's simply searching for known
keywords, wich you can get from viewing the PHP shell in action or just look at
the source code. So, this is the magic:
Titles - Most PHP shell's have an unique title, or part of the title. So we use
the google filter "intitle:".
Examples - intitle:r57shell
intitle:" - c99shell"
intitle:"MyShell 1.1.0 build 20010923"
URL's - People often use the original filename of the shell. Maybe for lazyness,
maybe to recognize what's that file is about or to remember the url.
Again, let's use a filter, "inurl:"
Examples - inurl:r57.php
inurl:c99.php
Keywords - That's the simplest yet an effective search. We check the PHP shell for
pretty unique strings, like the menu of an shell. Just put that in quotes
and fire it up.
Examples - "[ phpinfo ] [ php.ini ] [ cpu ] [ mem ] [ users ] [ tmp ] [ delete ]"
"Encoder Tools Proc. FTP brute Sec. SQL PHP-code Update Feedback Self remove Logout"
"[ Main Menu ] [ PHPKonsole ] [ Haxplorer ]"
|
|
|