Monday, May 23, 2011

More RFI's for 5/23/2011

hxxp://cafecrew.h4ck.la/killer/byroe.jpg??
hxxp://cafecrew.h4ck.la/killer/allnet.jpg??
hxxp://www.all3c.com///images/mono/20100907/app/functions/response.txt?
hxxp://www.narkdeveloper.com/images/images/crime.jpg??
hxxp://www.narkdeveloper.com/images/images/private.jpg??
hxxp://newbie.stormpages.com/loader/idosyris.txt????
hxxp://www.ebazar.co.uk/byroe.jpg??
hxxp://www.ebazar.co.uk/allnet.jpg??
hxxp://www.sivainc.com/css/killer/id.txt??
hxxp://www.sivainc.com/css/killer/id.txt???
hxxp://femke.kuulkers.nl//media/idosyris.txt????
hxxp://lopx.interfree.it/id.txt
hxxp://www.dunaszerelveny.hu/uploaded/idxml.txt??
hxxp://www.bangkoklimo4u.com/image_post/id.txt??
hxxp://randyyang.org/.injek/.injek/injek.txt??
hxxp://randyyang.org/.injek/.file/anak.txt???????
hxxp://balaaka.com/files/crime.jpg??
hxxp://balaaka.com/files/private.jpg??
hxxp://cafecrew.h4ck.la/cafecrew/minang.jpg??
hxxp://www.isg-dk.dk////////administrator/components/com_virtuemart/goodid.txt?
hxxp://tal.ohhappy.net/counter/documents/logon.txt??
hxxp://www.b-c-a.org/byroe.jpg??
hxxp://www.b-c-a.org/allnet.jpg??
hxxp://quatangvp.com/images/page/myid.jpg?
hxxp://www.mymw.info//id.jpg?
hxxp://www.geocities.ws/sumatera/byroe.jpg??
hxxp://www.condoms-shop.com/images/star.jpg??
hxxp://www.geocities.ws/sumatera/allnet.jpg??
hxxp://www.condoms-shop.com/images/indo.jpg??
hxxp://onthebay.ca/graphics/key.jpg??
hxxp://ionesky.comoj.com/ddos.jpg??
hxxp://www.detroitdrinks.com/byroe.jpg??
hxxp://bidbuystore.com/images/allnet.jpg??
hxxp://www.musicspectator.com/form_tools/images/goodid.txt?
hxxp://www.condoms-shop.com/images/zinks.jpg??
hxxp://www.condoms-shop.com/images/zinkss.jpg??
hxxp://smokechemicals.com/shop/star.jpg??
hxxp://smokechemicals.com/shop/indo.jpg??
hxxp://lifecoachtom.com/life/skins/guadeloupe/img/zfxid1.txt???

Posted by Admin at 9:21 AM 0 comments  

RFI's for 5/23/2011

hxxp://femke.kuulkers.nl//media/idosyris.txt????
hxxp://www.greenhealth-bg.com///administrator/components/com_virtuemart/html/id.txt???
hxxp://www.utama-audio.com/files/id/botx.jpg??
hxxp://www.utama-audio.com/files/id/bots.jpg??
hxxp://www4.polarcomm.com/html/verbotV7.txt??
hxxp://crazyfashion.ru/images/tcp/byroe.jpg??
hxxp://crazyfashion.ru/images/tcp/allnet.jpg??
hxxp://lopx.interfree.it/id.txt
hxxp://onthebay.ca/graphics/key.jpg??
hxxp://www.catastrobogota.gov.co/portel/pandegaid.txt?
hxxp://www.catastrobogota.gov.co/portel/vero.jpg?
hxxp://www.catastrobogota.gov.co/portel/ID-RFI.txt??
hxxp://onthebay.ca/graphics/keys.jpg??
hxxp://www.condoms-shop.com/images/zinks.jpg??
hxxp://www.condoms-shop.com/images/zinkss.jpg??
hxxp://www.musicspectator.com/form_tools/images/goodid.txt?
hxxp://scriptsss.com//cache/browse/f/7/7c/7ca/blood.jpg??
hxxp://scriptsss.com//cache/browse/f/7/img0123.jpg??
hxxp://scriptsss.com//cache/browse/f/7/images/img0124.jpg??
hxxp://www.nvl.cl//modules/log.jpg??
hxxp://www.narkdeveloper.com/images/images/id_mantaf.txt%0D??
hxxp://www.vipekaem.ru/images/vero.jpg??

Posted by Admin at 9:18 AM 0 comments  

What Is Remote File Inclusion (RFI)

Remote File Inclusion (RFI) is a variety of vulnerability most often found on webpages, it enables the attacker to include a remote file usually through a script on the webpage. This vulnerability occurs due to the use of user supplied input without proper validation. This will likely lead to something as minimal as outputting the contents of a file, but depending on the severity, it can lead to one of the following:

Code execution on the webpage.
Code execution on the client-side such as JavaScript which can lead to other plans of attack such as cross site scripting (XSS).
Denial of Service (DoS).
Data Theft  and/or Manipulation.
PHP Botnets

Posted by Admin at 9:01 AM 0 comments  

Friday, May 20, 2011

Recent Remote File Inclusions 5/20/2011

hxxp://geocities.ws/sumatera/byroe.jpg??
hxxp://geocities.ws/sumatera/allnet.jpg??
hxxp://condoms-shop.com/images/star.jpg??
hxxp://condoms-shop.com/images/indo.jpg??
hxxp://digilander.libero.it/MaGoNeR00/diam.txt???&modez=scannerz
hxxp://healthbeyond2000.co.nz/shop/templates/fallback/content/rfiid.txt?
hxxp://healthbeyond2000.co.nz/shop/templates/fallback/content/Auzssprd.txt?
hxxp://digilander.libero.it/MaGoNeR00/MaGoNeRo.jpg?&modez=scannerz
hxxp://digilander.libero.it/MaGoNeR00/MaGoNeRo.jpg?&modez=psybnc
hxxp://digilander.libero.it/MaGoNeR00/diam.txt???&modez=botz
hxxp://digilander.libero.it/MaGoNeR00/diam.txt???&modez=psybnc
hxxp://digilander.libero.it/MaGoNeR00/MaGoNeRo.jpg?&modez=botz
hxxp://onthebay.ca/graphics/key.jpg??
hxxp://imperadocmd.fileave.com/fx29id.txt?
hxxp://imperadocmd.fileave.com/fx29id2.txt??
hxxp://digilander.libero.it/MaGoNeR00/MaGoNeRo.jpg?&modez=shellz
hxxp://vereinsknowhow.de/nlprof/acp/export.jpg??
hxxp://tal.ohhappy.net/counter/documents/logon.txt??
hxxp://radioactivecrew.net/forum/radio1.jpg?
hxxp://ggmason.com/media/crime.jpg??
hxxp://ggmason.com/media/private.jpg??
hxxp://bangkoklimo4u.com/image_post/id.txt??

Labels:

Posted by Admin at 10:18 AM 0 comments  

Tuesday, May 17, 2011

More RFI's for May 2011

Note: Replace hxxp:// with http:// , Also save .jpg's as .txt to see their contents

hxxp://brasilforgames.com/xml/log.txt??
hxxp://www.aevegas.com/cache/gnet.jpg??
hxxp://www.gigablast.com/spider.html
hxxp://www.aevegas.com/cache/xnet.jpg??
hxxp://www.barini.info/calendar/test.gif??
hxxp://www.icnet2000.it/captcha/logon.txt??
hxxp://www.tutoplaneta.com//new_img/id.txt????
hxxp://portal.kpwkm.gov.my/limesurvey/locale/cs/LC_MESSAGES/ID-RFI.txt??
hxxp://tal.ohhappy.net/tt/skin/096_quan/images/logon.txt??
hxxp://aytenaltunic.com.tr/id/ipuls/byroe.jpg??
hxxp://aytenaltunic.com.tr/id/ipuls/allnet.jpg??
hxxp://www.all3c.com///images/mono/20100907/app/functions/response.txt?
hxxp://www.avantbrowser.com
hxxp://www.websiteartdesigner.fr/sitejoomla//components/com_file/raff.gif??
hxxp://www.websiteartdesigner.fr/sitejoomla//components/com_file/rob.jpg??
hxxp://nwmbcms.marketaccess.ca/images/banners/ID-RFI.txt??
hxxp://smatemonkp.sch.id/profile.txt????
hxxp://ionesky.comoj.com/ddos.jpg??
hxxp://utama-audio.com/files/brons/senin.jpg??
hxxp://utama-audio.com/files/brons/selasa.jpg??
hxxp://www.fandefutebol.com.br/torcedores/byroe.jpg??
hxxp://www.fandefutebol.com.br/torcedores/allnet.jpg??
hxxp://rechurchcommunity.com/ID-RFI.txt??
hxxp://rechurchcommunity.com/vero.jpg?
hxxp://brus.fileave.com/id1.txt?
hxxp://rechurchcommunity.com/pandegaid.txt?
hxxp://h1.ripway.com/mexxshi/Ckrid1.jpg??
hxxp://tepian.dum.su/tepian.jpg??
hxxp://tepian.dum.su/pian.jpg??
hxxp://www.idocreative.ru///logs/byroe.jpg??
hxxp://www.idocreative.ru///logs/allnet.jpg??
hxxp://imperadocmd.fileave.com/fx29id.txt?
hxxp://www.progettovietri.org/components/com_agora/img/members/0/pbots.txt?
hxxp://www.hackorea.com/zfxid1.txt???
hxxp://moenge.ch/counter/includes/idxml.txt???
hxxp://www.hondabikes.net/pictures/id/ipuls/byroe.jpg??
hxxp://www.hondabikes.net/pictures/id/ipuls/allnet.jpg??
hxxp://www.sunnfolk.no/templates/beez/images/man.jpg??
hxxp://www.sunnfolk.no/templates/beez/images/men.jpg??
hxxp://h1.ripway.com/bey/msg.txt??
hxxp://h1.ripway.com/bey/pla.txt??
hxxp://mwm-clan.co.uk/e107_files/misc/myid.jpg??
hxxp://webmail.netropol.hu//horde/util/dump.txt??
hxxp://modifiedcarforums.com/shop/images/Unreal3.2.7/futja.jpg??
hxxp://modifiedcarforums.com/shop/images/Unreal3.2.7/ec.jpg??
hxxp://porkie-pie.com/admin/id.txt??
hxxp://www.forumjeunes-lemans.fr/language/pdf_fonts/tmp.jpg??
hxxp://feelcomz.fileave.com/id1.txt?
hxxp://www.a3.be/shop/images/gt_interactive/goodid.txt?
hxxp://www.sculptor-studio.com/media/clas.jpg??
hxxp://www.sculptor-studio.com/media/pro.jpg??
hxxp://www.ketabname.com/bookstore/images_of_news/byroe.jpg??
hxxp://www.ketabname.com/bookstore/images_of_news/allnet.jpg??
hxxp://iogn.interfree.it/echos.txt??
hxxp://madnet-bg.com/scripts/logs/airmata.jpg??
hxxp://madnet-bg.com/scripts/logs/byroe.jpg??
hxxp://madnet-bg.com/scripts/logs/allnet.jpg??
hxxp://holk.interfree.it/echos.txt??
hxxp://parcs.com.au/templates/pandegaid.txt?
hxxp://parcs.com.au/templates/vero.jpg?
hxxp://tenggarong.wapdale.com/rong.jpg??
hxxp://creativeink.ca/CPMS/id.txt?????
hxxp://bouno.com.mx/sitio/templates/keys.jpg??
hxxp://www.euromac2.com//modules/mod_stats/idx.pdf??
hxxp://www.lsp-to.or.id/network/tools/log.txt??
hxxp://nwmbcms.marketaccess.ca/images/banners/myid.jpg?
hxxp://com.rb.ma/components/com_wrapper/.x/lang.txt???
hxxp://tal.ohhappy.net/counter/documents/logon.txt??
hxxp://www.handballbus.de/trikotsandmore/images/microsoft/star.jpg??
hxxp://www.handballbus.de/trikotsandmore/images/microsoft/indo.jpg??
hxxp://indra.ucoz.org/load.txt??
hxxp://indra.ucoz.org/loadind.txt??
hxxp://www.vipekaem.ru/images/vero.jpg??
hxxp://videmos.net/vero.txt?
hxxp://roie.interfree.it/idosyris.txt????
hxxp://creativeink.ca/CPMS/id.txt???
hxxp://www.balkmetafoor.be/templates/vero.jpg?
hxxp://www.balkmetafoor.be/templates/ID-RFI.txt??
hxxp://com.rb.ma/images/yootheme/myid.jpg?
hxxp://www.balkmetafoor.be/templates/pandegaid.txt?
hxxp://www.singelkerk.nl/logs/idosyris.txt????
hxxp://h4ck3d.wsnw.net/edit_data.txt?
hxxp://www.bangkoklimo4u.com/image_post/id.txt??
hxxp://comsci.srru.ac.th/student/51122420233/images/b.txt??
hxxp://comsci.srru.ac.th/student/51122420233/images/c.txt??
hxxp://www.tothcsaba.com/byroe.jpg??
hxxp://bertswarehouse.com/allnet.jpg??
hxxp://125.7.237.132/hytnt//skin_shop/standard/2_view_body/images.jpg????
hxxp://www.google.com/bot.html
hxxp://www.hawaiimarinelife.com/Zone/byroe.jpg??
hxxp://www.hawaiimarinelife.com/Zone/allnet.jpg??
hxxp://pluginhoju.com//shop/data/.bash/a/star.jpg??
hxxp://pluginhoju.com//shop/data/.bash/a/indo.jpg??
hxxp://www.extrasportok.hu/e107_files/idx.txt???
hxxp://taverna-etterem.hu/images/slaps.jpg??
hxxp://taverna-etterem.hu/images/kill.jpg??
hxxp://www.utec.biz/byroe.jpg??
hxxp://www.utec.biz/allnet.jpg??
hxxp://www.dik.co.kr/upfile/rose.jpg??
hxxp://www.dik.co.kr/upfile/orchid.jpg??
hxxp://aquaarticles.com/.my/dev.jpg??
hxxp://aquaarticles.com/.my/jamputz.jpg??
hxxp://persaga.info/n0n0x/botshell.txt??
hxxp://persaga.info/n0n0x/spread.txt??
hxxp://defendersofthecross.com/indexx.jpg??
hxxp://defendersofthecross.com/allnet.jpg??

Posted by Admin at 6:30 AM 0 comments  

Recent Remote File Inclusions 5/17/2011

Note: Replace hxxp:// with http:// , Also save .jpg's as .txt to see their contents

hxxp://bangkoklimo4u.com/image_post/id.txt??
hxxp://cafecrew.h4ck.la/killer/byroe.jpg??
hxxp://cafecrew.h4ck.la/killer/allnet.jpg??
hxxp://gda2011.org/.Laknat/allnet.jpg??
hxxp://digilander.libero.it/MaGoNeR00/diam.txt???&modez=botz
hxxp://com.rb.ma/images/yootheme/myid.jpg?
hxxp://digilander.libero.it/MaGoNeR00/diam.txt???&modez=psybnc
hxxp://com.rb.ma/images/yootheme/thumb.txt?
hxxp://digilander.libero.it/MaGoNeR00/MaGoNeRo.jpg?&modez=shellz
hxxp://digilander.libero.it/MaGoNeR00/MaGoNeRo.jpg?&modez=botz
hxxp://imperadocmd.fileave.com/fx29id.txt?
hxxp://digilander.libero.it/MaGoNeR00/diam.txt???&modez=scannerz
hxxp://sepakat.or.id/id/ipuls/byroe.jpg??
hxxp://digilander.libero.it/MaGoNeR00/MaGoNeRo.jpg?&modez=scannerz
hxxp://sepakat.or.id/id/ipuls/allnet.jpg??
hxxp://cafecrew.h4ck.la/scan/idx.txt???
hxxp://free.7host01.com/webmaster14/cmd.txt?
hxxp://cafecrew.h4ck.la/scan/idxx.txt????
hxxp://persaga.info/n0n0x/botshell.txt??
hxxp://digilander.libero.it/MaGoNeR00/MaGoNeRo.jpg?&modez=psybnc
hxxp://cafecrew.h4ck.la/scan/setan3.txt??
hxxp://persaga.info/n0n0x/spread.txt??
hxxp://imperadocmd.fileave.com/fx29id2.txt??
hxxp://cafecrew.h4ck.la/scan/p.txt??
hxxp://cafecrew.h4ck.la/scan/fd.txt??
hxxp://GOBER.fileave.com/rendy.txt???

Posted by Admin at 6:27 AM 0 comments  

Subscribe to: Posts (Atom)