Monday, December 4, 2017

intext:/wp-content/uploads/wpsc/

Find Wordpress directories



INTEXT PARAMETER :

intext:/wp-content/uploads/wpsc/

Result :

Sensitive directories


About :


WordPress, an open source software used by bloggers. (© Wikipedia)

Tuesday, September 12, 2017

site:facebook.com & intext:dvdrip

Discover the global state of the Piracy on Internet.


site:facebook.com & intext:dvdrip


site:pinterest.com & intext:dvdrip


site:google.com & intext:dvdrip


site:wordpress.com & intext:dvdrip


site:github.com & intext:dvdrip


site:twitter.com & intext:dvdrip


site:reddit.com & intext:dvdrip


Pattern :

site:name & intext:kind

Results :

+ Direct link to pirated contents.
+ The global state is positive for piracy as there is no control.
+ @ is relaying piracy content. | # #Piracy

Tuesday, May 23, 2017

intext:Dump with BackWPup & filetype:sql

Find BackWPup Wordpress dump files


BackWPup Dump file

INTEXT + FILETYPE PARAMETER :

intext:Dump with BackWPup & filetype:sql
intext:Plugin for WordPress by Daniel Huesken & filetype:sql
intext:Dump on & intext:Huesken & filetype:sql

Friday, March 11, 2016

intitle:Mass Revslider Exl0it1ng

Find websites exploiting the Revslider plugin vulnerability :





intitle:Mass Revslider Exl0it1ng
intext:Mass Revslider Plugin Exl0it1ng
intext:IP Scanner Exploiter Find DB Panel Exploit Dorks Domains 2 IP

Find wordpress websites with the revslider plugin installed :

inurl:wp-content/plugins/revslider/
inurl:revslider
inurl:revslider_admin.php
inurl:revslider_front.php
inurl:plugins/revslider/
intext:Powered by Revslider
intitle:"Index Of/ revslider"
intitle:"Index Of/wp-content/themes/revslider"
intitle:"Index Of/wp-content/plugins/revslider"
intitle:"Index Of/admin/revslider"
intitle:"Index Of/fr/revslider"
intitle:"Index Of/en/revslider"
intitle:"Index Of/us/revslider"
intitle:"Index Of/ar/revslider"
intitle:"Index Of/es/revslider"
intitle:"Index Of/de/revslider"

About the Revslider vulnerabilities :

CVE-2015-5151 : Cross-site scripting (XSS) vulnerability in the Slider Revolution (revslider) plugin 4.2.2 for WordPress allows remote attackers to inject arbitrary web script or HTML via the client_action parameter in a revslider_ajax_action action to wp-admin/admin-ajax.php.

CVE-2014-9735 : The ThemePunch Slider Revolution (revslider) plugin before 3.0.96 for WordPress and Showbiz Pro plugin 1.7.1 and earlier for Wordpress does not properly restrict access to administrator AJAX functionality, which allows remote attackers to upload and execute arbitrary files via an update_plugin action; delete arbitrary sliders via a delete_slider action; and create, update, import, or export arbitrary sliders via unspecified vectors.

CVE-2014-9734 : Directory traversal vulnerability in the Slider Revolution (revslider) plugin before 4.2 for WordPress allows remote attackers to read arbitrary files via a leak in the img parameter in a revslider_show_image action to wp-admin/admin-ajax.php.

Friday, January 15, 2016

intitle:"Shell I" inurl:revslider inurl:error.php inurl:cmd

Find shells inserted using the revslider vulnerability :


intitle:"Shell I" inurl:revslider inurl:error.php inurl:cmd

Saturday, December 13, 2014

filetype:sql & intext:wp_users & -github

filetype:sql & intext:wp_users & -github

Find Wordpress users inside SQL backup, remove the Github entry...