Saturday, 13 September 2014

Cara Mencari Shell Backdoor yang Sudah Tertanam Di Dalam Website

Cara Mencari Shell Backdoor yang Sudah Tertanam Di Dalam Website - Shell Backdoor yang Sudah Tertanam di dalam Website tentu seabgian besar dari shell-shell tersebut akan di Index oleh mesih pencari seperti Google Bing dan Yahoo dan inilah trick defacer-defacer untuk menaikan peringkat mereka di Mirror Defacement.
Jika ditanya untuk apa ? shell-shell tersebut sungguh berguna selain untuk berburu backlink web dan sebagainya untuk para blogger dan juga untuk ajang defacement untuk pemula menengah atau mastah semua ruang lingkup , untuk pemula mungkin belum tau disini mastah biasanya mem-baypass shell oh itu masih dirahasiakan , udah puas membaca nya ? oke sekarang silahkan lu liat tutorial nya :
1. Pertama Silahkan Lu Buka Google / Bing.
2. Silahkan lu pilih salah satu code shell dibawah contoh “inurl:.root”.”webr00t cgi shell”
3. Selamat Bekerja
intitle:webr00t cgi shell
“inurl:.root”.”webr00t cgi shell”
“intitle:Index of */sym”.”inurl:/sym”
“5.2.17 Safe mode:”
“5.2.11 Safe mode:”
“5.2.12 Safe mode:”
“Sifre=webr00t”
“5.2.11 Safe mode:”
“5.2.10 Safe mode:”
“5.2.1 Safe mode:”
intxt:”webadmin.php”
inurl:webadmin.php”
intitle: Linux * 2.6.18-348.1.1.el5PAE
intitle: – WSO 2.3
intitle: – WSO 2.4
intitle: – WSO 2.5
intitle: – WSO 2.5.1
5.2.16 Safe mode: OFF [ phpinfo ] Datetime:
2009 i686 Server IP:
2010 i686 Server IP:
2011 i686 Server IP:
2012 i686 Server IP:
2013 i686 Server IP:
“Userful: gcc, cc, ld, make, php, perl, python, tar, gzip, bzip2, nc, locate”
“Downloaders: wget, lynx, links, curl, lwp-mirror”
“Type Host Login Password Database”
“Execution PHP-code”
“reverse (login -> nigol)”.”/etc/passwd”
” Bind port to /bin/sh [perl]“
“drwxr-xr-x [ home ]“
inurl:wso2.php
inurl:wso2.4.php
inurl:wso2.5.php
inurl:wso2.5.1.php
“Filesystem Size Used Avail Use% Mounted on”
“# Do not remove the following line, or various programs”
inurl:wso.php uid=0(root)
“posix_getpwuid (“Read” /etc/passwd)”
“captain crunch security team” inurl:wso
download wso2.php
download wso2.5.1.php
inurl:sym.php
allinurl: wsotest.php
inurl:wso.php
“-:[ User & Domains & Symlink ]:-“
allinurl: wso.php
inurl:”/wso.php”
allinurl: wso2.5.php
inurl:wso.php
inurl:”sym.php” Symlink Sa 3.0
inurl:wso.php uid=0(root)
“Symlink Sa 3.0″
intitle:Symlink Sa 3.0
inurl:”/wso.php”
inurl:wso.php
inurl:wso2.php
inurl:wso2.5.php
inurl:wso2.5.1.php
wso shell v.1.0 (roots)
inurl:wso.php
allintitle: “[ Home ] [ User & Domains & Symlink ] [ Domains & Script ] [ Symlink File ] [ Symlink Bypass ] “
inurl:”[ Home ] [ User & Domains & Symlink ] [ Domains & Script ] [ Symlink File ] [ Symlink Bypass ] “
intxt:[ Bypass Read ] [ Mass Joomla ] [ Mass WordPress ] [ Mass vBulletin ] [ Help ]
intitle:B-F Config_cPanel
intitle:Blind SQL Injection
intitle:Bypass Disable function
intitle:Carbylamine PHP Encoder
intitle:Change Joomla Index
intitle:Change WP Index
intitle:Converter Havij To Pro
intitle:Cpanel Brute Forcer 2012
intitle:Cpanel Brute Forcer 2011
intitle:Cpanel Brute Forcer 2013
intitle:Cpanel Webmail Brute Forcer
intitle:Face Book Brute Forcer
intitle:zip Filez Server ScaNNer v1.0
“Saudi Sh3ll v1.0″
inurl:wso.php#
Allinurl:wso2.5.1.php#
Allinurl:wso2.5.php#
Allinurl:wso2.4.php#
intitle:wsec_wp GUI v1.0
intitle:Symlink Sa v3.0
intitle:Symlink Sa v2.0
intitle:Symlink Sa v1.0
intitle:king B_F v1.0 Brute Forcer script
intitle:r00t4Lif t00lkit v0.2
allinurl: “wso.php”
intitle:symlink_Sa 2.0
inurl:.php?sws=sec
inurl:.php?sws=sym
inurl:.php?sws=file
inurl:.php?act=selfremove
inurl:.php?act=sql
safe-mode: off (not secure) drwxrwxrwx c99shell
inurl:c99.php
inurl:c99.php uid=0(root)
root c99.php
"Captain Crunch Security Team" inurl:c99
inurl:c99.php
allinurl: c99.php
inurl:c99.php
inurl:"c99.php" c99shell
inurl:c99.php uid=0(root)
c99shell powered by admin
c99shell powered by admin
inurl:"/c99.php"
inurl:c99.php
c99 shell v.1.0 (roots)
inurl:c99.php
allintitle: "c99shell"
inurl:"c99.php
allinurl: "c99.php"
inurl:c99.php
intitle:C99Shell v. 1.0 pre-release +uname
allinurl: "c99.php"
inurl:c99.php
inurl:"c99.php" c99shell
inurl:"/c99.php
inurl:/c99.php+uname
allinurl:"c99.php"
inurl:"c99.php"
allinurl:c99.php
"inurl:c99..php"
c99shell [file on secure ok ]?
powered by Captain Crunch Security Team
allinurl:c99.php
"c99.php" filetype:php
allinurl:c99.php
inurl:c99.php
allinurl:.c99.php
"inurl:c99.php"
c99. PHP-code Feedback Self remove
allinurl:c99.php
download c99.php
allinurl:c99.php
inurl:c99.php
allinurl: "c99.php"
intitle:C99Shell v. 1.0 pre-release +uname
allinurl:"c99.php"
inurl:c99.php
safe-mode: off (not secure) drwxrwxrwx c99shell
c99.php download
inurl:c99.php
c99shell filetype:php -echo
inurl:"c99.php"
inurl:c99.php uid=0(root)
allinurl:c99.php
inurl:"/c99.php" intitle:"C99shell"
C99Shell v. 1.0 pre-release build #5
--[ c99shell v. 1.0 pre-release build #16
c99shell linux infong
C99Shell v. 1.0 pre-release build
!C99Shell v. 1.0 beta!
Encoder Tools Proc. FTP brute Sec. SQL PHP-code Update Feedback Self remove Logout
!c99shell v. 1+Safe-mode: OFF (not secure)
"C99Shell v. 1.0 pre-release build "
intitle:c99shell +filetype:php
inurl:c99.php
intitle:C99Shell v. 1.0 pre-release +uname
intitle:!C99Shell v. 1.0 pre-release build #16! root
!C99Shell v. 1.0 pre-release build #5!
inurl:"c99.php"
C99Shell v. 1.0 pre-release build #16!
intitle:c99shell intext:uname
allintext:C99Shell v. 1.0 pre-release build #12
c99shell v. 1.0 pre-release build #16
--[ c99shell v. 1.0 pre-release build #15 | Powered by ]--
allinurl: "c99.php"
Encoder Tools Proc. FTP brute Sec. SQL PHP-code Update Feedback Self remove Logout
"c99shell v 1.0"
ftp apache inurl:c99.php
c99shell+v.+1.0 16
C99Shell v. 1.0 pre-release build #16 download
intitle:c99shell "Software: Apache"
allinurl: c99.php
allintext: Encoder Tools Proc. FTP brute Sec. SQL PHP-code Update Feedback Self remove
intitle:c99shell uname -bbpress
intitle:"index.of" c99.php
inurl:admin/files/
intitle:"index of /" "c99.php"
intitle:"index of" intext:c99.php
intitle:index.of c99.php
intitle:"index of" + c99.php
intitle:index/of file c99.php
intitle:index/of file c99.php
index of /admin/files/
intitle:"Index of/"+c99.php
c99.php "intitle:Index of "
intitle:index.of c99.php
img/c99.php
intitle:index.of c99.php
img.c99.php
intitle:"Index of/"+c99.php
"index of /" c99.php
c99.php
intitle:"Index of" c99.php
"index of" c99.php
"Index of/"+c99.php
safe-mode: off (not secure) drwxrwxrwx c99shell
inurl:c99.txt
inurl:c99.php uid=0(root)
root c99.php
“Captain Crunch Security Team” inurl:c99
download c99.php
inurl:c99.php
allinurl: c99.php
allinurl: c99.txt
inurl:”/c99.php”
inurl:”c99.php” c99shell
inurl:c99.php uid=0(root)
c99shell powered by admin
inurl:”/c99.php”
c99 shell v.1.0 (roots)
allintitle: “c99shell”
inurl:”c99.php
allinurl: “c99.php”
intitle:C99Shell v. 1.0 pre-release +uname
intitle:C99Shell v. 1.0 pre-release +uname
allinurl: “c99.php”
inurl:”c99.php”
inurl:”c99.php”
inurl:”c99.php” c99shell
inurl:”c99.php”
inurl:”/c99.php
inurl:c99.php?
inurl:/c99.php+uname
allinurl:”c99.php”
inurl:”c99.php”
allinurl:c99.php?
“inurl:c99..php”
allinurl:c99.php
c99shell [file on secure ok ]?
inurl:c99.php
powered by Captain Crunch Security Team
allinurl:c99.php
“c99.php” filetypehp
allinurl:c99.php
inurl:c99shell.php
allinurl:.c99.php
“inurl:c99.php”
c99. PHP-code Feedback Self remove
allinurl:c99.php
download c99.txt
inurl:c99shell.txt
allinurl: “c99.php”
allinurl:c99.php
allinurl:c99.php
c99shell
inurl:c99.php
intitle:C99Shell v. 1.0 pre-release +uname
allinurl:”c99.php”
inurl:c99.php
safe-mode: off (not secure) drwxrwxrwx c99shell
inurl:/c99.php
inurl:”c99.php”
inurl:c99.php
c99.php download
inurl:”c99.php”
inurl:/c99.php
inurl:”c99.php?”
files/c99.php
c99shell filetypehp -echo
c99shell powered by admin
inurl:”c99.php”
inurl:c99.php uid=0(root)
inurl:”c99.php”
inurl:”/c99.php” intitle:”C99shell”
C99Shell v. 1.0 pre-release build #5
inurl:c99.php
–[ c99shell v. 1.0 pre-release build #16
c99shell linux infong
C99Shell v. 1.0 pre-release build
!C99Shell v. 1.0 beta!
Encoder Tools Proc. FTP brute Sec. SQL PHP-code Update Feedback Self remove Logout
!c99shell v. 1+Safe-mode: OFF (not secure)
"C99Shell v. 1.0 pre-release build "
intitle:c99shell +filetypehp
intitle:C99Shell v. 1.0 pre-release +uname
"Encoder Tools Proc. FTP brute Sec. SQL PHP-code Update Feedback Self remove Logout
Encoder Tools Proc. FTP brute Sec. SQL PHP-code Update Feedback Self remove Logout
intitle:!C99Shell v. 1.0 pre-release build #16! root
!C99Shell v. 1.0 pre-release build #5!
C99Shell v. 1.0 pre-release build #16!
intitle:c99shell intext:uname
allintext:C99Shell v. 1.0 pre-release build #12
c99shell v. 1.0 pre-release build #16
--[ c99shell v. 1.0 pre-release build #15 | Powered by ]–
Encoder Tools Proc. FTP brute Sec. SQL PHP-code Update Feedback Self remove Logout
“c99shell v 1.0?
ftp apache inurl:c99.php
c99shell+v.+1.0 16
C99Shell v. 1.0 pre-release build #16 download
intitle:c99shell “Software: Apache”
allinurl: c99.php
allintext: Encoder Tools Proc. FTP brute Sec. SQL PHP-code Update Feedback Self remove
Logout
powered by Captain Crunch Security Team
!C99Shell v. 1.0 pre-release build #5!
c99shell v. 1.0 release security
c99shell v. 1.0 pre-release build
c99shell [file on secure ok ]?
C99Shell v. 1.3
Encoder Tools Proc. FTP brute Sec. SQL PHP-code Update Feedback Self remove Logout
inurl:c99.php uid=0(root)
powered by Captain Crunch Security Team
C99Shell v. 1.0 pre-release build #16
c99shell[on file]ok
c99shell[file on ]ok
Encoder Tools Proc. FTP brute Sec. SQL PHP-code Update Feedback Self remove Logout
“C99Shell v. 1.0 pre”
=C99Shell v. 1.0 pre-release
Encoder Tools Proc. FTP brute Sec. SQL PHP-code Update Feedback Self remove Logout
c99shell v. pre-release build
inurl:c99.php c99 shell
inurl:c99.php c99 shell
powered by Captain Crunch Security Team
!C99Shell v. 1.0 pre-release build #5!
intitle:”c99shell” filetypehp root
intitle:”c99shell” Linux infong 2.4
C99Shell v. 1.0 beta !
C99Shell v. 1.0 pre-release build #
allintext:C99Shell v. 1.0 pre-release build #12
“C99Shell v. 1.0 pre”
powered by Captain Crunch Security Team
Encoder Tools Proc. FTP brute Sec. SQL PHP-code Update Feedback Self remove Logout
inurl:/c99.php?
intitle:C99Shell pre-release
powered by Captain Crunch Security Team
C99Shell v. 1.0 pre-release build #16!
C99Shell v. 1.0 pre-release build #16 administrator
intitle:c99shell filetypehp
powered by Captain Crunch Security Team
powered by Captain Crunch Security Team
C99Shell v. 1.0 pre-release build #12
c99shell v.1.0
“c99shell v. 1.0 pre-release build”
inurl:”c99.php” filetypehp
“c99shell v. 1.0 “
ok c99.php
Encoder Tools Proc. FTP brute Sec. SQL PHP-code Update Feedback Self remove Logout
c99shell v. 1.0 pre-release build #16 |
!C99Shell v. 1.0 pre-release build #5!
!C99Shell v. 1.0 pre-release build #5!
powered by Captain Crunch Security Team
Encoder Tools Proc. FTP brute Sec. SQL PHP-code Update Feedback Self remove Logout
powered by Captain Crunch Security Team
C99Shell v. 1.0 pre-release
inurl:c99.php exthp
allinurl:”c99.php”
Encoder Tools Proc. FTP brute Sec. SQL PHP-code Update Feedback Self remove Logout
powered by Captain Crunch Security Team
Encoder Tools Proc. FTP brute Sec. SQL PHP-code Update Feedback Self remove Logout
Encoder Tools Proc. FTP brute Sec. SQL PHP-code Update Feedback Self remove Logout”
C99Shell v. 1.0 pre-release build #16 software apache
Encoder Tools Proc. FTP brute Sec. SQL PHP-code Update Feedback Self remove Logout
“c99shell v 1.0?
allintitle: C99shell filetypehp
C99Shell v. 1.0 pre-release build #16!
“c99shell v. 1.0 pre-release”
c99shell v. 1.0 pre-release build #5
allinurl:”c99.php” filetypehp
Encoder Tools Proc. FTP brute Sec. SQL PHP-code Update Feedback Self remove Logout
Encoder Tools Proc. FTP brute Sec. SQL PHP-code Update Feedback Self remove Logout
!C99Shell v. 1.0 pre-release build #16!
intitle:C99Shell v. 1.0 pre-release +uname
c99shell v. 1.0
–[ c99shell v. 1.0 pre-release build #16 powered by Captain Crunch Security Team | ]–
inurl:”/c99.php”
c99shell +uname
c99shell php + uname
c99shell php + uname
–[ c99shell v. 1.0 pre-release build #16 powered by Captain Crunch Security Team | ]–
!C99Shell v. 1.0 pre-release build #5!
C99Shell v.1.0 pre-release
Encoder Tools Proc. FTP brute Sec. SQL PHP-code Update Feedback Self remove Logout
intitle:c99shell filetypehp
“Encoder Tools Proc. FTP brute”
“c99? filetypehp intext:”Safe-Mode: OFF”
c99shell v. 1.0 pre
intitle:c99shell uname -bbpress
intitle:”index.of” c99.php
inurl:admin/files/
intitle:”index of /” “c99.php”
intitle:”index of” intext:c99.php
intitle:index.of c99.php
intitle:”index of” + c99.php
intitle:index/of file c99.php
intitle:index/of file c99.php
index of /admin/files/
intitle:”Index of/”+c99.php
c99.php “intitle:Index of “
c99.php “intitle:Index of “
c99.php “intitle:Index of “
intitle:index.of c99.php
img/c99.php
intitle:index.of c99.php
img.c99.php
intitle:”Index of/”+c99.php
“index of /” c99.php
intitle:”Index of” c99.php
“index of” c99.php
“Index of/”+c99.php

Berikut ada lah Shell Dorking untuk mencari Mencari Shell Backdoor yang Sudah Tertanam Di Dalam Website , saya tekankan kalo lu udah mendapatkan shell yang work dan memiliki index alangkah baiknya lo ngasih tau adminnya daripada harus menebas index tersebut but dosa ditanggung pengguna gue tidak bertanggung jawab atas apa yang lu lakuin sekian.

 
function hideNow(e) { if (e.target.id == 'ac-wrapper') document.getElementById('ac-wrapper').style.display = 'none'; }