Jumat, 02 September 2011

Download Gratis Tool Untuk Scan SQL Injection , LFI , XSS Vulnurable & Webshell


Sql injection scanner

 

XCode SQLI/LFI/XSS Vulnurable & webshell Scanner



Download XCode Exploits Scanner [re-patch September 2011]




USAGE:

Once downloaded, extract all the files and run XCodeXploitScanner.exe, insert your dork, Click Dork It
and it will collect links from Dork you enter and displays the list.
after displaying List, you will be able to conduct SQL injection
vulnerability scanning / Local File Inclusion / Cross Site Scripting on
the web that is in the list. This tool will send the injection
parameters to the web as’ – * /../../../../../../../../../../../../. . /
.. / etc / passwd% 00 “> alert (” XSS Xcode Exploit Scanner detected
“). If the Web has a bug then the status will appear:
www.target.com?blabla.php?=1234: SQLi Vulnerable.

www.target.com?blabla.php?=1234/../../../../../../../../../../../../. . / .. / etc / passwd% 00 LFI Vulnerable

www.target.com?blabla.php?=1234 “> alert (” XXS Xcode Exploit Scanner Detected “) XSS Vulnerable


At the status list is detected, you can click Open Vuln Link with Browser to display on your browser


This tool also adds webshell hunter, where you can search the web
shell C99, R57, C100, ITsecteam_shell, b374k, which had been uploaded by
the hackers.


Perhaps there are many shortcomings or bugs are not known by the
author. But at least this tool you can make it easier to find targets.


Hopefully Helpful






PENGGUNAAN

Setelah download, ekstrak semua filenya dan jalankan XCodeXploitScanner.exe, Klik Dork It
dan Tool ini akan mengumpulkan Link dari Dork yang anda masukkan
kemudian menampilkan listnya. setelah selesai menampilkan List, Anda
akan bisa melakukan scanning kerentanan SQL injection/Local File
Inclusion/Cross Site Scripting pada web yang ada di list. Tool ini akan
mengirimkan parameter injeksi ke web seperti ‘ – *
/../../../../../../../../../../../../../../etc/passwd%00 ,
“>alert(“XSS DETECTED XCode Exploit Scanner”) . Jika Web tersebut
memiliki bug maka di status akan muncul :
www.target.com?blabla.php?=1234 : SQLi Vulnerable.

www.target.com?blabla.php?=1234/../../../../../../../../../../../../../../etc/passwd%00 LFI Vulnerable

www.target.com?blabla.php?=1234″>alert(“XXS DETECTED XCode Exploit Scanner”) XSS Vulnerable


Pada status list yang terdeteksi, anda bisa klik Open Vuln Link with Browser untuk menampilkan web pada browser anda


Tool ini juga menambahkan webshell hunter, dimana anda bisa mencari
web shell c99, r57, c100, ITsecteam_shell, b374k, yang telah diupload
oleh hacker.


Mungkin masih banyak kekurangan atau Bug yang belum diketahui oleh
penulis. Tapi setidaknya tool ini bisa mempermudah anda untuk mencari
target.


Semoga Berguna


 



Screen Shot







LFI Vulnerable








================================================================

Credits:

Code name : .::XCode Exploit – Vulnurable & webshell Scanner::.

Description : – SQLI/LFI/XSS/Webshell Hunter with Google Engine -

Compiler : Microsoft Visual Basic 6.0

Author : poni

System : Windows 95, 98, XP, Vista, 7

Size : 1,38 mb

Update : I`m not sure where will i put it. Just

================================================================

Info :

XCode Exploit – Vulnurable & webshell Scanner help you to

gather the dorks Link from Google. then you may check the

results if its Vulnurable to exploit with SQL injection commands

, LFI,and XSS. And You may hunt the webshells those uploaded.

=================================================================



Source : Click here 

Download  : Click Here

3 komentar:

Anonymous mengatakan...

Widihh ... mantab mastah ... Ijin Nyedot yaa...

heru mengatakan...

Nice Post Gan ...
Ijin Nyedot Gan .. :sup sup

Anonymous mengatakan...

Wahh.. Kerenn .. jadi gk usah usah googling lagi ya bang...

Poskan Komentar