bpmcdevitt/exploit-db-mirror
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

DB: 2024-01-24

Browse source 
1 changes to exploits/shellcodes/ghdb
This commit is contained in:
Exploit-DB 2024-01-24 00:16:25 +00:00
parent cb7ba0c503
commit 967f9d17d6
1 changed files with 123 additions and 0 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

123
ghdb.xml
View file

@ -33369,6 +33369,24 @@ Dork by Rootkit Pentester.</textualDescription>
<date>2004-08-09</date> <date>2004-08-09</date>
<author>anonymous</author> <author>anonymous</author>
</entry> </entry>
<entry>
<id>8396</id>
<link>https://www.exploit-db.com/ghdb/8396</link>
<category>Files Containing Juicy Info</category>
<shortDescription>(site:jsonformatter.org | site:codebeautify.org) &amp; (intext:aws | intext:bucket | intext:password | intext:secret | intext:username)</shortDescription>
<textualDescription># Google Dork: (site:jsonformatter.org | site:codebeautify.org) &amp;
(intext:aws | intext:bucket | intext:password | intext:secret |
intext:username)
# Files Containing Juicy Info
# Date: 03/01/2024
# Exploit: letmewin
</textualDescription>
<query>(site:jsonformatter.org | site:codebeautify.org) &amp; (intext:aws | intext:bucket | intext:password | intext:secret | intext:username)</query>
<querystring>https://www.google.com/search?q=(site:jsonformatter.org | site:codebeautify.org) &amp; (intext:aws | intext:bucket | intext:password | intext:secret | intext:username)</querystring>
<edb></edb>
<date>2024-01-23</date>
<author>letmewin cyber</author>
</entry>
<entry> <entry>
<id>522</id> <id>522</id>
<link>https://www.exploit-db.com/ghdb/522</link> <link>https://www.exploit-db.com/ghdb/522</link>
@ -36729,6 +36747,22 @@ Author: loganWHD</textualDescription>
<date>2011-11-19</date> <date>2011-11-19</date>
<author>anonymous</author> <author>anonymous</author>
</entry> </entry>
<entry>
<id>8395</id>
<link>https://www.exploit-db.com/ghdb/8395</link>
<category>Files Containing Juicy Info</category>
<shortDescription>filetype:reg reg HKEY_CURRENT_USER SSHHOSTKEYS</shortDescription>
<textualDescription># Google Dork: inurl:/.well-known/ai-plugin.json
# Files Containing Juicy Info
# Date: 30/11/2023
# Exploit: Mohamed Choukrate
</textualDescription>
<query>filetype:reg reg HKEY_CURRENT_USER SSHHOSTKEYS</query>
<querystring>https://www.google.com/search?q=filetype:reg reg HKEY_CURRENT_USER SSHHOSTKEYS</querystring>
<edb></edb>
<date>2024-01-23</date>
<author>web work</author>
</entry>
<entry> <entry>
<id>5865</id> <id>5865</id>
<link>https://www.exploit-db.com/ghdb/5865</link> <link>https://www.exploit-db.com/ghdb/5865</link>
@ -99105,6 +99139,27 @@ sometimes with exposed passwords can be found.
<date>2020-03-31</date> <date>2020-03-31</date>
<author>Alexandros Pappas</author> <author>Alexandros Pappas</author>
</entry> </entry>
<entry>
<id>8394</id>
<link>https://www.exploit-db.com/ghdb/8394</link>
<category>Sensitive Directories</category>
<shortDescription>intitle:&quot;index of&quot; database.properties</shortDescription>
<textualDescription># Google Dork: intitle:&quot;index of&quot; database.properties
# Description:- This page contains various database.properties of spring
MVC,
# Author: Odela Rohith
# Date: 28-DEC-2023
# Linkedin: https://www.linkedin.com/in/odela-rohith-b723a7122/
# Facebook: https://www.facebook.com/odela.rohith.7
Regards,
Odela Rohith</textualDescription>
<query>intitle:&quot;index of&quot; database.properties</query>
<querystring>https://www.google.com/search?q=intitle:&quot;index of&quot; database.properties</querystring>
<edb></edb>
<date>2024-01-23</date>
<author>Odela Rohith</author>
</entry>
<entry> <entry>
<id>5960</id> <id>5960</id>
<link>https://www.exploit-db.com/ghdb/5960</link> <link>https://www.exploit-db.com/ghdb/5960</link>
@ -116196,6 +116251,62 @@ PsyDel</textualDescription>
<date>2015-03-04</date> <date>2015-03-04</date>
<author>anonymous</author> <author>anonymous</author>
</entry> </entry>
<entry>
<id>8398</id>
<link>https://www.exploit-db.com/ghdb/8398</link>
<category>Vulnerable Servers</category>
<shortDescription>Apache Struts 2.x Path Traversal Vulnerability (CVE-2023-50164) Detection Dork</shortDescription>
<textualDescription>Dork:
intitle:&quot;Apache Struts 2.5&quot; &quot;index of /&quot; -git
Explanation:
intitle:&quot;Apache Struts 2.5&quot;: This part specifies that the search results
must have the words &quot;Apache Struts 2.5&quot; in the title. It helps narrow down
the results to instances related specifically to Apache Struts version 2.5.
&quot;index of /&quot;: This part looks for directories with the &quot;index of /&quot; string.
Such directories often contain a listing of files and folders, which could
be unintentionally exposed and may include sensitive information.
-git: This part excludes results that contain the term &quot;git&quot;. The idea is
to filter out Git repositories from the search results, focusing on other
types of exposed directories.
*Sample output : *
https://mirror.softaculous.com/apache/struts/2.5.30/
https://ftp.unicamp.br/pub/apache/struts/2.5.25/
https://ftp.itu.edu.tr/Mirror/Apache/struts/2.5.32/
https://repository.jboss.org/maven2/apache-struts/struts/
https://mirrors.gigenet.com/apache/struts/
https://ftp.riken.jp/net/apache/struts/
https://mirror.math.princeton.edu/pub/apache/struts/
This Google dork is searching for instances where the title includes
&quot;Apache Struts 2.5,&quot; and the webpage has a directory listing (&quot;index of /&quot;)
but excludes any results related to Git repositories. The aim is to
identify potentially exposed Apache Struts 2.5 instances that might have
unintentionally revealed directory structures.
Additional Information:
Affected versions: Struts 2.x before 2.5.33 or 6.x before 6.3.0.2
Description: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-50164
Thank you for your consideration.
Sincerely,
--
*Parth Jamodkar*
*CLoud security researcher 3*
*LinkedIn* </textualDescription>
<query>Apache Struts 2.x Path Traversal Vulnerability (CVE-2023-50164) Detection Dork</query>
<querystring>https://www.google.com/search?q=Apache Struts 2.x Path Traversal Vulnerability (CVE-2023-50164) Detection Dork</querystring>
<edb></edb>
<date>2024-01-23</date>
<author>Parth Jamodkar</author>
</entry>
<entry> <entry>
<id>4782</id> <id>4782</id>
<link>https://www.exploit-db.com/ghdb/4782</link> <link>https://www.exploit-db.com/ghdb/4782</link>
@ -117298,6 +117409,18 @@ This google dork possibly exposes sites with the Article Directory (index.php pa
<date>2004-03-14</date> <date>2004-03-14</date>
<author>anonymous</author> <author>anonymous</author>
</entry> </entry>
<entry>
<id>8397</id>
<link>https://www.exploit-db.com/ghdb/8397</link>
<category>Vulnerable Servers</category>
<shortDescription>inurl:install.php intitle:&quot;Froxlor Server Management Panel - Installation&quot;</shortDescription>
<textualDescription>inurl:install.php intitle:&quot;Froxlor Server Management Panel - Installation&quot;</textualDescription>
<query>inurl:install.php intitle:&quot;Froxlor Server Management Panel - Installation&quot;</query>
<querystring>https://www.google.com/search?q=inurl:install.php intitle:&quot;Froxlor Server Management Panel - Installation&quot;</querystring>
<edb></edb>
<date>2024-01-23</date>
<author>Nadir Boulacheb (RubX)</author>
</entry>
<entry> <entry>
<id>116</id> <id>116</id>
<link>https://www.exploit-db.com/ghdb/116</link> <link>https://www.exploit-db.com/ghdb/116</link>