Nemokami skelbimai.
Nemokama skelbimų lenta. Privalumai:
- Nereikia registruotis
- Skelbimai talpinami iš karto keliose skelbimų lentose
- Galima pridėti nuotraukas
- Skelbimai gali būti laikomi nuo 7 dienų iki 1 metų (galima pasirinkti)
- Nemokama reklama ir SEO paslauga svetainėms - palaikomos tiesioginės www nuorodos
- Skelbimai gerai randami per paieškos sistemas, yra naujausių ir populiariausių skelbimų sąrašai, taigi skelbimai nepaskęsta tarp kitų, juos perskaito daug lankytojų
- 100% nemokama: nėra jokių mokamų paslaugų, viskas labai paprasta ir visiškai nemokama.
ManoSkelbimai.lt
Tuesday, August 28, 2007
Monday, August 27, 2007
Dainu zodziai
Šiame dainų žodžių archyve galite rasti įvairių naujausių ir senesnių dainų tekstų - tiek lietuviškų, tiek angliškų, rusiškų ir kitomis kalbomis. Tekstai sugrupuoti abėcėlės tvarka pagal atlikėjus, arba norimą tekstą galima surasti pasinaudojant paieška - tiek pagal atlikėjo ar dainos pavadinimą, tiek pagal bet kokius dainos žodžius. Svetainė gali praversti norint padainuoti mėgstamas dainas, suprasti, kas jose dainuojama, sužinoti atlikėją ar dainos pavadinimą pagal jos žodžius arba tiesiog paskaityti įdomesnius tekstus kaip poeziją.
Saturday, August 25, 2007
Download youtube videos
Download videos from from YouTube, Myspace, DailyMotion and other video sites.
Simply copy and paste here the link of the video page and you will get a direct link to download any video!
Simply copy and paste here the link of the video page and you will get a direct link to download any video!
Sunday, August 5, 2007
Google paieskos gudrybes
Straipsnis, kuris galbūt pravers norint rasti per Google tai, ko ieškai. Jį parašė hakeris, atskleidžiantis kai kurias saugumo spragas, bet taip pat galima pasinaudoti ir normaliais tikslais - ieškoti konkrečių failų (pvz., mp3), forumų/TVS, vietų, kur galima palikti nuorodas/pasireklamuoti ir t.t. O taip pat gerai pagalvoti prieš naudojant tam tikras TVS, skriptus ir pan. Arba gerai užkamšyti visas spragas.
Paimta iš http://www.dassad.atw.hu/the%20power%20of%20google.txt , o originalus šaltinis nežinomas.
******
Google can give lots of info to a hacker, to download files etc. The reason is because google has lots of options on its search engine.
Google search options.
Filetype: We can search for specific files ex. *.xls, *.doc, *.pdf, *.ps, *.ppt, *.rtf, *.db, *.mdb, *.cfg, *.pwd, *.dat , etc.
usage ex.: Filetype:xls "pass"
Inurl: We can specify a word, and it will return us all urls which contains the word - usage ex.: inurl:admin
"Index of": We can find directory listings of specific folders on servers-usage ex.: "index of" admin or index.of.admin
Site: We can find specific sites (domain names) ex. *.com, *.org, *.mi, *.gov, etc. - usage ex.: site:gov or site:gov
"cyprus"
Intitle: We can find specific urls with a specific title - usage ex.: intitle:brosteam
Link: Allows us to check which site links to a specific site - usage ex.: link:brosteam
Hacking and stealing info.
By combining these options, we can get lots of infos and to steal files etc. Lets see some examples and howto. Try
searching for:
inurl:gov filetype:xls "restricted" (will return all goverment sites with excel files with the name "restricted")
inurl:admin.cfg (admin.cfg, most of times is an admin configuration file. It may be as admin.cfg or
config.cfg or setup.cfg . These files contain sensitive informations).
Webadmin: This is a small software that many admins use for editing their sites and uploading files
remotely. The main page for the webadmin control centre is called webeditor.php (more infos and to
download at http://wacker-welt.de/webadmin/ ). So, we search for webeditor.php ex. inurl:webeditor.php (if
the admin failed to protect these pages, we can gain full access). The upload file usally is file_upload.php,
so we can directly search for this file ex. inurl:file_upload.php).
Content Manager Systems: Are softwares that allows the webmaster to edit, alter and control the content
of his site. Those kind uses online control panels usually named cms.html, panel.html or control.cfg. Just
use the inurl option.
Frontpage Server Extensions HTML Administration Forms: Users with access to these forms, are able to
perform a number of administrative functions remotely. The main page of these forms, is fpadmin.htm.
When a default install is performed, the files are located in admin directory. So, we can search for ex.
inurl:fpadmin.htm "index of" admin or inurl:admin/fpadmin.htm . HMTL Administration Forms are not
active when first installed, so u might not be able to perform any administrative functions.
Also try "# -FrontPage-" inurl:service.pwd
Freesco Router: Is a software for linux which, by default, installs a web browser, which allows owners to
control the router through the http protocol. The default password and login for this control panel is admin
and admin . Lots of people dont know this, so we search ex. intitle:"freesco control panel"or"intitle:check
the connection".
intitle:"Index of" passwords modified
allinurl:auth_user_file.txt
"access denied for user" "using password"
"A syntax error has occurred" filetype:ihtml
allinurl: admin mdb
"ORA-00921: unexpected end of SQL command"
inurl:passlist.txt
"Index of /backup"
"Chatologica MetaSearch" "stack tracking:"
Amex Numbers: 300000000000000..399999999999999
MC Numbers: 5178000000000000..5178999999999999
visa 4356000000000000..4356999999999999
"parent directory " /appz/ -xxx -html -htm -php -shtml -opendivx -md5 -md5sums
"parent directory " DVDRip -xxx -html -htm -php -shtml -opendivx -md5 -md5sums
"parent directory "Xvid -xxx -html -htm -php -shtml -opendivx -md5 -md5sums
"parent directory " Gamez -xxx -html -htm -php -shtml -opendivx -md5 -md5sums
"parent directory " MP3 -xxx -html -htm -php -shtml -opendivx -md5 -md5sums
"parent directory " Name of Singer or album -xxx -html -htm -php -shtml -opendivx -md5 -md5sums
inurl:microsoft filetype:iso You can change the string to watever you want, ex. microsoft to adobe, iso to zip
etc.
"AutoCreate=TRUE password=*"
This searches the password for "Website Access Analyzer", a Japanese software that creates webstatistics.
For those who can read Japanese, check out the author's site at: http://www.coara.or.jp/~passy/
http://www.google.com/search?hl=en&lr=&ie=UTF-
8&c2coff=1&q=%22http%3A%2F%2F*%3A*@www%22+domainname
This is a query to get inline passwords from search engines (not just Google), you must type in the query
followed with the the domain name without the .com or .net
Another way is by just typing
http://www.google.com/search?hl=en&lr=&ie=UTF-
8&c2coff=1&q=%22http%3A%2F%2FGeorge%3AGeorge@www%22
"sets mode: +k" This search reveals channel keys (passwords) on IRC as revealed from IRC chat logs.
allinurl: admin mdb Not all of these pages are administrator's access databases containing usernames
passwords and other sensitive information, but many are!
allinurl:auth_user_file.txt
DCForum's password file. This file gives a list of (crackable) passwords, usernames and email addresses
for DCForum and for DCShop (a shopping cart program.
intitle:"Index of" config.php
This search brings up sites with "config.php" files. To skip the technical discussion, this configuration file
contains both a username and a password for an SQL database. Most sites with forums run a PHP message
base. This file gives you the keys to that forum, including FULL ADMIN access to the database.
eggdrop filetype:user user
These are eggdrop config files. Avoiding a full-blown descussion about eggdrops and IRC bots, suffice it to
say that this file contains usernames and passwords for IRC users.
intitle:index.of.etc
This search gets you access to the etc directory, where many many many types of password files can be found.
This link is not as reliable, but crawling etc directories can be really fun!
filetype:bak inurl:"htaccess|passwd|shadow|htusers"
This will search for backup files (*.bak) created by some editors or even by the administrator himself
(before activating a new version).
Every attacker knows that changing the extenstion of a file on a webserver can have ugly consequences.
Let's pretend you need a serial number. T o find the serial for Adobe Photoshop - "Adobe Photoshop"
94FBR
?intitle:index.of? mp3 You only need add the name of the song/artist/singer. Example: ?intitle:index.of?
mp3 eminem
General notes.
Try searching for strings in different languages.
Learn more about different softwares that webmasters use, find important files and search for.
You can find different vulnerabilities (ex. by taking the list of a vulnerabilitie scanner or by checking the net)
and combine them with ur strings or to get new ideas for strings to search for.
******
Keletas kitų mano blogų.
Paimta iš http://www.dassad.atw.hu/the%20power%20of%20google.txt , o originalus šaltinis nežinomas.
******
Google can give lots of info to a hacker, to download files etc. The reason is because google has lots of options on its search engine.
Google search options.
Filetype: We can search for specific files ex. *.xls, *.doc, *.pdf, *.ps, *.ppt, *.rtf, *.db, *.mdb, *.cfg, *.pwd, *.dat , etc.
usage ex.: Filetype:xls "pass"
Inurl: We can specify a word, and it will return us all urls which contains the word - usage ex.: inurl:admin
"Index of": We can find directory listings of specific folders on servers-usage ex.: "index of" admin or index.of.admin
Site: We can find specific sites (domain names) ex. *.com, *.org, *.mi, *.gov, etc. - usage ex.: site:gov or site:gov
"cyprus"
Intitle: We can find specific urls with a specific title - usage ex.: intitle:brosteam
Link: Allows us to check which site links to a specific site - usage ex.: link:brosteam
Hacking and stealing info.
By combining these options, we can get lots of infos and to steal files etc. Lets see some examples and howto. Try
searching for:
inurl:gov filetype:xls "restricted" (will return all goverment sites with excel files with the name "restricted")
inurl:admin.cfg (admin.cfg, most of times is an admin configuration file. It may be as admin.cfg or
config.cfg or setup.cfg . These files contain sensitive informations).
Webadmin: This is a small software that many admins use for editing their sites and uploading files
remotely. The main page for the webadmin control centre is called webeditor.php (more infos and to
download at http://wacker-welt.de/webadmin/ ). So, we search for webeditor.php ex. inurl:webeditor.php (if
the admin failed to protect these pages, we can gain full access). The upload file usally is file_upload.php,
so we can directly search for this file ex. inurl:file_upload.php).
Content Manager Systems: Are softwares that allows the webmaster to edit, alter and control the content
of his site. Those kind uses online control panels usually named cms.html, panel.html or control.cfg. Just
use the inurl option.
Frontpage Server Extensions HTML Administration Forms: Users with access to these forms, are able to
perform a number of administrative functions remotely. The main page of these forms, is fpadmin.htm.
When a default install is performed, the files are located in admin directory. So, we can search for ex.
inurl:fpadmin.htm "index of" admin or inurl:admin/fpadmin.htm . HMTL Administration Forms are not
active when first installed, so u might not be able to perform any administrative functions.
Also try "# -FrontPage-" inurl:service.pwd
Freesco Router: Is a software for linux which, by default, installs a web browser, which allows owners to
control the router through the http protocol. The default password and login for this control panel is admin
and admin . Lots of people dont know this, so we search ex. intitle:"freesco control panel"or"intitle:check
the connection".
intitle:"Index of" passwords modified
allinurl:auth_user_file.txt
"access denied for user" "using password"
"A syntax error has occurred" filetype:ihtml
allinurl: admin mdb
"ORA-00921: unexpected end of SQL command"
inurl:passlist.txt
"Index of /backup"
"Chatologica MetaSearch" "stack tracking:"
Amex Numbers: 300000000000000..399999999999999
MC Numbers: 5178000000000000..5178999999999999
visa 4356000000000000..4356999999999999
"parent directory " /appz/ -xxx -html -htm -php -shtml -opendivx -md5 -md5sums
"parent directory " DVDRip -xxx -html -htm -php -shtml -opendivx -md5 -md5sums
"parent directory "Xvid -xxx -html -htm -php -shtml -opendivx -md5 -md5sums
"parent directory " Gamez -xxx -html -htm -php -shtml -opendivx -md5 -md5sums
"parent directory " MP3 -xxx -html -htm -php -shtml -opendivx -md5 -md5sums
"parent directory " Name of Singer or album -xxx -html -htm -php -shtml -opendivx -md5 -md5sums
inurl:microsoft filetype:iso You can change the string to watever you want, ex. microsoft to adobe, iso to zip
etc.
"AutoCreate=TRUE password=*"
This searches the password for "Website Access Analyzer", a Japanese software that creates webstatistics.
For those who can read Japanese, check out the author's site at: http://www.coara.or.jp/~passy/
http://www.google.com/search?hl=en&lr=&ie=UTF-
8&c2coff=1&q=%22http%3A%2F%2F*%3A*@www%22+domainname
This is a query to get inline passwords from search engines (not just Google), you must type in the query
followed with the the domain name without the .com or .net
Another way is by just typing
http://www.google.com/search?hl=en&lr=&ie=UTF-
8&c2coff=1&q=%22http%3A%2F%2FGeorge%3AGeorge@www%22
"sets mode: +k" This search reveals channel keys (passwords) on IRC as revealed from IRC chat logs.
allinurl: admin mdb Not all of these pages are administrator's access databases containing usernames
passwords and other sensitive information, but many are!
allinurl:auth_user_file.txt
DCForum's password file. This file gives a list of (crackable) passwords, usernames and email addresses
for DCForum and for DCShop (a shopping cart program.
intitle:"Index of" config.php
This search brings up sites with "config.php" files. To skip the technical discussion, this configuration file
contains both a username and a password for an SQL database. Most sites with forums run a PHP message
base. This file gives you the keys to that forum, including FULL ADMIN access to the database.
eggdrop filetype:user user
These are eggdrop config files. Avoiding a full-blown descussion about eggdrops and IRC bots, suffice it to
say that this file contains usernames and passwords for IRC users.
intitle:index.of.etc
This search gets you access to the etc directory, where many many many types of password files can be found.
This link is not as reliable, but crawling etc directories can be really fun!
filetype:bak inurl:"htaccess|passwd|shadow|htusers"
This will search for backup files (*.bak) created by some editors or even by the administrator himself
(before activating a new version).
Every attacker knows that changing the extenstion of a file on a webserver can have ugly consequences.
Let's pretend you need a serial number. T o find the serial for Adobe Photoshop - "Adobe Photoshop"
94FBR
?intitle:index.of? mp3 You only need add the name of the song/artist/singer. Example: ?intitle:index.of?
mp3 eminem
General notes.
Try searching for strings in different languages.
Learn more about different softwares that webmasters use, find important files and search for.
You can find different vulnerabilities (ex. by taking the list of a vulnerabilitie scanner or by checking the net)
and combine them with ur strings or to get new ideas for strings to search for.
******
Keletas kitų mano blogų.
Subscribe to:
Comments (Atom)