allinurl:moadmin.php -google -github

  • 日期:2015-03-04
  • 类别:
  • 作者:anonymous
  • 语法:allinurl:moadmin.php -google -github
  • The dork "allinurl:moadmin.php -google -github" show all the sites that

    uses Mongo DB

    and the moadmin module to amministrate it.

    Some versions of this module allow non autenticated user to execute

    arbitrary Unix commands sending a special POST request documented here:

    https://www.exploit-db.com/exploits/36251/

    PsyDel