葵花宝典 (源于2012年)

黄大仙 150 次浏览 0
温馨提示

翻找文件,偶然发现了一份来自过去的GOOGLE hack语法

edit./<[php../php../edit?<id=
inurl:..upload.asp..
inurl:\../..\upload/../upload.asp
inurl:\../..\..fckeditor../..\../..asp
inurl:@inc../inc..///../<data../@.,.///暴库
inurl:../com../php../../uploads.././
____________________________
inurl:news_update.asp
inurl:news/edit
inurl:admin_news_edit.asp
UPFILE_news.asp
inurl:/..admin../upload../.cn./
inurl:<..manager...>../admin
inurl:../../../../admin./bbs../admin../
inurl:<..user...>../admin
inurl:<..blog...>../admin
inurl:<..add...>../admin
inurl:<..name...>../admin
inurl:<..administrator...>../admin
inurl:news_xiugai
inurl:newsxiugai.asp
/Admin_jobs_edit.asp?
inurl://admin/edit.asp../...../
inurl:/..admin../upload../.cn./
inurl:/../..blog../..admin../..admin../..asp../
inurl:/../..user../..admin../..admin../.asp../
inurl:/..edit../.admin../..asp../
inurl:..../user../edit../asp../..
inurl:/....ewebeditor../editor
inurl:/....mdb../..jsp?
inurl:<..admin...>../asp?id=1
inurl:/..admin../....admin../admin.asp../../
inurl:add/..admin\../admin..\
inurl:/.../edit../admin/../edu
inurl:/.../edit../admin/../edu
inurl:edit/../../admin
inurl:edit/../../edit
inurl:edit/../../asp..\edit
inurl:edit/../../..\blog
inurl:../new<edit><new
inurl:../<editor></../@/admin/..\admin
inurl:..#news$/_><_\admin\..admin../
inurl:..#402$/_><_\admin\..admin../
inurl:../<jsp?></../@/admin/..\admin..\
inurl:../<com?></../@/admin/..\admin..\
Hotspot Shield 1.58”
inurl:manage/..\edit../
inurl:#%edit/..\editor../
inurl:#%aspx /.edit.\admin
inurl:manager/..\edit../4><#%@&
inurl:3/..\edit../manage
bbs.\admin..\upload../manager

http://gameact.qq.com/act/820/
admin..\admin..admin../php.edit../cn

admin..\admin..admin../php.edu../cn
inurl:add.asp?admin

inurl:manage../admin?id=../1=1

/../..\"edit/user ..\admin../edu,edu

解析报错表达式::MONEY.../...\   
遍历返回表达式::MONEY../.../.../\.../../\../
突破表达式:url:MONEY../...@admin../...
获取COOKIE记忆表达式:money:update../> session": input="id">
门户爬行表达式:money="admin":,,../.../../../admin.../.../
错误表达式:money="error":/jsp?>id=
强制跳转挂载点:money>../.../../login?id="><script>?</script>
源码泄:money="config../".../.."../../">"i>
数据库泄露表达式:money="config:>::#conn../../.../../
工号对应:money="admin?;;../. :::../?uid="../
MAIL文件泄露:money="email"../.../.../member../../..":asp

发表评论 取消回复
表情 图片 链接 代码