I'm venerable and an easy target but that gives you no right to take advantage of me and use me in ways you'd only dream of
seen from Türkiye

seen from United States

seen from United States

seen from Italy
seen from United States

seen from Türkiye
seen from Saudi Arabia
seen from Germany
seen from China
seen from United States

seen from Germany
seen from China
seen from United States
seen from Türkiye

seen from France

seen from Germany

seen from Greece
seen from United States
seen from United States
seen from United States
I'm venerable and an easy target but that gives you no right to take advantage of me and use me in ways you'd only dream of
vulnerability... more people should have it.
the way the insides strike the bones...
it weathers and splits like rotting wood.
and, its as if i'm seeing you for the first time in a different light.
after all these years, I finally found the spark...
that moment you let go of all your inhibitions...
its those moments, that make you so much more beautiful than all the shrouds of clothing you wear to hide yourself from it all.
thank you for reminding me that life's messy and sometimes its okay not to clean it up.
its what makes us, h u m a n
the internal struggle for a sense of love and belonging.
you had it all along, i found it in you
"Tmedit Popuop" Deface and Shell upload vulnerability
"Tmedit Popuop" Deface and Shell upload vulnerability Dork: inurl:/editor/tmedit/popups Exploit Path : /editor/tmedit/popups/InsertFile/insert_file.php #start :) open Google.com or Bing.com and type this dork inurl:/editor/tmedit/popups i got 9740 vulnrable results, now select any site from seacrh result and look for upload option on that Page now upload you shell, deface page, or anyfile there, After uploading your file you'll see your uploaded file's url there, if you are not getting any perview url then goto /images directory to view your uploaded file for example : http://vulnrablesite.com/images/yourfilehere Live Demo : http://www.arabicthailand.com/editor/tmedit/popups/insert_image_en.php http://www.masjidklangchachengsao.com/editor/tmedit/popups/InsertFile/insert_file.php Result : http://www.arabicthailand.com/images/backlinks.html http://www.masjidklangchachengsao.com/uploadfiles/backlinks.html *Note for Hackers [Please Sumbit your exploit here, its will publish with your name and Link]
"jsp Webfolder Managment" A new shell and Deface upload exploit
"jFoler, jsp Webfolder Managment" A new shell and Deface upload exploit Hi Mates !! Hapy holi to evryone checkout holi special post here so i'm back with a new exploit its a new remote file upload vulnerability, you can upload your deface page, files and shells on websites, without gaining Admin acess mostly vulnerable websites for this attacks belongs to China and Tiwan (.cn and .tw) Dork : www.topronet.com ,All Rights Reserved.Any question, please email me [email protected] and JFoler 1.0 A jsp based web folder management tool by Steven Cee (its not a Particular dork, please try to modify it and if you sucessfull modified then leave new dork in comment) Just select any site from search results and now upload your deface page or shell shell upload : for shell uploading rename your asp shell (shell.asp) to shell.jsp then upload it, you can try .php too, every Extension is allowed but in some sites you can't excute php and asp shell Path : depends on website to View your upload file just goto http://www.site.com/yourfilehere Live Demo : http://www.coalworld.net/detail/09/10/30/00000006/berk.jsp http://jangbiya.com/img/upload/jsp.jsp http://www.shnotary.gov.cn/notarial/UserFiles/Vote/MMYB1330972040320.jsp http://www.zzb.ks.gov.cn/images/ycjy-yh.gif.jsp http://www.zjdx.gov.cn/uploads/upload_20091128_162444_fcktemplates.jsp Results : http://www.coalworld.net/backlinks.html
"File Manager" ~ remote shell and deface upload vulnerability
"File Manager" ~ remote shell and deface upload vulnerability
Dorks : inurl:/filemanager/userfiles/ filetype:pdf inurl:/filemanager/index.html
Exploit :
http://www.site.com/filemanager/index.html
Lets Start ! open google or bing and type dork inurl:/filemanager/userfiles/ filetype:pdf or
inurl:/filemanager/index.html
now select any website from search results
after clicking on website url will be
http://www.site.com/filemanager/UserFiles/File/xyz/abc.pdf
Now Delete keywords after filemanager
for example :
Before : http://www.site.com/filemanager/UserFiles/File/xyz/abc.pdf
After : http://www.site.com/filemanager/
Now find upload option there and upload your shell or deface Page there
you file will upload in userfiles directory
To View your upload shell or file goto
http://www.site.com/UserFiles/Shell.php
http://www.site.com/UserFiles/deface.html
or
http://www.site.com/UserFiles/directory/Shell.php
http://www.site.com/UserFiles/directory/deface.html
Donate a Facebook status !
"Testing Image collection" shell and files upload vulnrablity
"Testing Image collection" shell and files upload vulnrablity Dorks : inurl:"modules/filemanagermodule/actions/?picker.php??id=0" intitle:"Testing Image Collections" Goto Google or Bing and Type Dork inurl:"modules/filemanagermodule/actions/?picker.php??id=0" or intitle:"Testing Image Collections" now see search results in google or bing search .. select any site from search results and look for upload option here is demo of upload button : Now select your shell or deface page and upload it To view your upload shell or deface go to: http://website.com/files/yourfilehere or http://websites.com/path/yourfilehere Live Demo : http://www.bantamorloff.co.uk/modules/filemanagermodule/actions/picker.php?id=&highlight_file=472 result : http://www.bantamorloff.co.uk/files/backlinks.html other live examples :
http://www.admiralfc.co.uk/modules/filemanagermodule/actions/picker.php?id=0
http://www.dogandduckfc.com/newsite/modules/filemanagermodule/actions/picker.php?id=0
*UPDATE : Demo sites are patched now Find a new target >:D<
Write vulnerablity On China Government websites
I Got a new Write vulnerablity On China Government websites, This vulnerablity allow to hackers for writing in Files remotly You can Write your message in fileds Like " Hacked by XYZ" I recently posted website defacing with interface Results editor, its Similar to website defacing with interface Results editor, so Lets Start Goto A search portal (Google.cn or Yahoo and Baidu )and type this dorks one by one :
"inurl:admin/gg1/list.asp"
"inurl:admin/gg1/"
after opening website from serch result go to : website.com/admin/gg1/list.asp
and Transte page using Google Translator and Find edit option and edit that Page
Then Paste your message there
now click on save button and check website.com/admin/gg1/list.asp again
now you'll got your message here =) You sluold Make a Miror after editing because someone elase can cange your message [Best Mirror Provider Websites]
Live demo :
http://fpb.zhuxi.gov.cn/admin/gg1/list.asp
http://www.tianzhushan.gov.cn/admin/gg1/list.asp
http://www.jtzl.gov.cn/admin/gg1/list.asp
http://www.dbs110.gov.cn/admin/gg1/list.asp
http://www.rzrsld.gov.cn/admin/gg1/list.asp
http://www.xiejia.gov.cn/admin/gg1/list.asp
http://www.qjrenda.gov.cn/admin/gg1/list.asp
http://www.investna.gov.cn/admin/gg1/list.asp
http://www.bzhbj.gov.cn/admin/gg1/list.asp
http://www.kfxrmzf.gov.cn/admin/gg1/list.asp
http://www.westkj.gov.cn/admin/gg1/list.asp
http://www.ytjtw.gov.cn/admin/gg1/list.asp
http://www.jjmaqiao.gov.cn/admin/gg1/list.asp
http://xnmw.xining.gov.cn/admin/gg1/list.asp
http://www.dantulss.gov.cn/admin/gg1/list.asp http://www.bazhouhb.gov.cn/admin/gg1/list.asp
"Powerd By Kleeja" File Upload vulnerability
Title:"Powerd By Kleeja" File Upload vulnerability Bug : File Upload Vulnerablity Author : Minhal Mehdi Tested on : windows Linux & Mac Catagory : Web application Hi Guys, Happy valentine week to all, i'm Back on devils cafe with a New File Upload vulnerability Google Dork : powered by Kleeja >>> the best uploader ... >> Bugs | Plugins | Styles | Lets Start : Go to Google or Bing and type this Dork powered by Kleeja >>> the best uploader ... >> Bugs | Plugins | Styles | you'll see lot of websites in serach results.. I got About 3,100 results in Google serach in Google Serach results Look For website with /styles/default/ url now goto That website and Then Goto Home Page on that website now select your file and Upload Don't Forget to Check i'm agree with T&C button (its in arbic but you can understand, seethe image given Below)
in Most websites you can Upload images and Txt files only but some unPatched sites allow you to Uploading html files too, you'll see uploaded file URL after Uploding Take a Full screenshot of your deface Page and Crop it, nd upload it here it will looks like html deface Page Live demo : http://up.akonami.info/ Result : http://up.akonami.info/do.php?thmb=817