![]() IP: ((?:(?:25|2|?)\.)(?:25|2|?))Ītscan -t ?index.php?id=rang(1-10) -sqlĪtscan -t -expHost "/index.php?id=rang(1-10)" -sqlĪtscan -t -expHost "/index.php?id=repeat(./-9)wp-config.php"Ītscan -t -port Ītscan -t (ip start)-(ip end) -port Ītscan -t -port (port start)-(port end) -command "your extern command"ĭata: atscan -t -data "field1=>value1, field2=>value2, field3=>value3" Įxploit: -exp/expHost -data "field1=>value1, field2=>value2, field3=>value3" -vshell -v / -status Search + get ips: atscan -dork -level -ips Search + get site emails: atscan -dork site: -level -email Search + output: atscan -dork -level -save Get Server wordpress sites: atscan -t -wp Search with many dorks: atscan -dork dork1 dork2 dork3] -level Set selective engines: atscan -d -l -m google,bing. Set engine: atscan -dork -level -m bing or google,ask,yandex or all Or -proxy file Ex: -proxy my_proxies.txtĪtscan -dork -level -header "Authorization => 'Basic YWRtaW46YWRtaW4', keep_alive => '1'"Ītscan -t target -data "name=>username, email=>xxxxxx, pass=>xxxxx" -post -header "Authorization => 'Basic YWRtaW46YWRtaW4', keep_alive => '1'" List all protocols that can be used when performing on-demand Internet scans via Shodan.Ĭalculates honeypot score ranging from 0 (not a honeypot) to 1.0 (is a honeypot) in shodan List of port numbers that the crawlers are looking for Search the directory of saved Shodan search queries In /index.php?id=./wp-config.php then /index.php?id=././wp-config.php 9 times Remove string value from Query url Įxecute Extern Command in new terminal windowĮX: -expHost "/index.php?id=rang(1-9)" -sql OR -t "/index.php?id=rang(1-9)" -sqlĮX: -expHost "/index.php?id=repeat(./-9)wp-config.php" -status 200 OR -t "/index.php?id=./wp-config.php" ![]() Will be replaced by open port in extern command Will be replaced by host IP in extern command Will be replaced by host in extern command Will be replaced by target in extern command Scan wordpress sites for arbitrary file download Get targets where all strings do not exist in htmlĮxploit/Payload will be added to full target Get targets where strings do not exist in html Validate by string at least 1 is matching Produce beep sound when scan process is finished. Produce beep sound if positive scan found. ![]() Validate by url ex: -HOST/shell.php or file Scan level (Number of results pages to scan) Random proxy or -prandom "socks://localhost:9050"]īing google ask yandex sogou exalead googleapis googlecache or allĭork to search cars hotel] Menu: Applications > Web Application analysis > atscan Engines: Bing Ask Yandex Sogou Exalead Shodanĭisponible in Blackarch and Dracos Linux.Advanced Mass Search / Dork / Exploitation ScannerĪlisam Technology is not responsible for any misuse, damage caused by this script or attacking targets without prior mutual consent! It is your responsibility to obey laws!
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |