Error Messages
| DATE | Title | Summary |
|---|---|---|
| 2003-06-24 | Coldfusion Error Pages | These aren't too horribly bad, but there are SO MANY of them. These sites got googlebotted while the site was having "technical difficulties... |
| 2003-06-24 | MYSQL error message: supplied argument.... | One of many potential error messages that spew interesting information. The results of this message give you real path names inside the webserver as w... |
| 2003-08-15 | "Chatologica MetaSearch" "stack tra... | There is soo much crap in this error message... Apache version, CGI environment vars, path names, stack-freaking-dumps, process ID's, perl versio... |
| 2004-01-09 | ORA-00921: unexpected end of SQL command | Another SQL error message from Cesar. This one coughs up full web pathnames and/or php filenames.... |
| 2004-03-04 | sitebuildercontent | This is a default directory for the sitebuilder web design software program. If these people posted web pages with default sitebuilder sirectory names... |
| 2004-03-04 | sitebuilderfiles | This is a default directory for the sitebuilder web design software program. If these people posted web pages with default sitebuilder sirectory names... |
| 2004-03-04 | sitebuilderpictures | This is a default directory for the sitebuilder web design software program. If these people posted web pages with default sitebuilder sirectory names... |
| 2004-03-04 | IIS 4.0 error messages | IIS 4.0 servers. Extrememly old, incredibly easy to hack...... |
| 2004-03-04 | Windows 2000 web server error messages | Windows 2000 web servers. Aging, fairly easy to hack, especially out of the box...... |
| 2004-03-04 | IIS web server error messages | This query finds various types of IIS servers. This error message is fairly indicative of a somewhat unmodified IIS server, meaning it may be easier t... |
| 2004-03-04 | Internal Server Error | This one shows the type of web server running on the site, and has the ability to show other information depending on how the message is internally fo... |
| 2004-03-04 | mysql error with query | Another error message, this appears when an SQL query bails. This is a generic mySQL message, so there's all sort of information hackers can use,... |
| 2004-03-04 | SQL syntax error | Another generic SQL message, this message can display path names and partial SQL code, both of which are very helpful for hackers...... |
| 2004-03-04 | ORA-00936: missing expression | A generic ORACLE error message, this message can display path names, function names, filenames and partial database code, all of which are very helpfu... |
| 2004-03-04 | "Supplied argument is not a valid MySQL resul... | Another generic SQL message, this message can display path names, function names, filenames and partial SQL code, all of which are very helpful for ha... |
| 2004-03-04 | ORA-00921: unexpected end of SQL command | Another generic SQL message, this message can display path names, function names, filenames and partial SQL code, all of which are very helpful for ha... |
| 2004-03-04 | "ORA-00933: SQL command not properly ended&qu... | An Oracle error message, this message can display path names, function names, filenames and partial SQL code, all of which are very helpful for hacker... |
| 2004-03-04 | "Unclosed quotation mark before the character... | An SQL Server error message, this message can display path names, function names, filenames and partial code, all of which are very helpful for hacker... |
| 2004-03-04 | "Incorrect syntax near" | An SQL Server error message, this message can display path names, function names, filenames and partial code, all of which are very helpful for hacker... |
| 2004-03-04 | "Incorrect syntax near" | An SQL Server error message, this message can display path names, function names, filenames and partial code, all of which are very helpful for hacker... |
| 2004-03-04 | "PostgreSQL query failed: ERROR: parser: pa... | An PostgreSQL error message, this message can display path names, function names, filenames and partial code, all of which are very helpful for hacker... |
| 2004-03-04 | Supplied argument is not a valid PostgreSQL result | An PostgreSQL error message, this message can display path names, function names, filenames and partial code, all of which are very helpful for hacker... |
| 2004-03-04 | "Syntax error in query expression " -the | An Access error message, this message can display path names, function names, filenames and partial code, all of which are very helpful for hackers...... |
| 2004-03-04 | "An illegal character has been found in the s... | An Informix error message, this message can display path names, function names, filenames and partial code, all of which are very helpful for hackers.... |
| 2004-03-04 | "A syntax error has occurred" filetype:i... | An Informix error message, this message can display path names, function names, filenames and partial code, all of which are very helpful for hackers... |
| 2004-03-04 | "detected an internal error [IBM][CLI Driver]... | A DB2 error message, this message can display path names, function names, filenames, partial code and program state, all of which are very helpful for... |
| 2004-03-04 | An unexpected token "END-OF-STATEMENT" w... | A DB2 error message, this message can display path names, function names, filenames, partial code and program state, all of which are very helpful for... |
| 2004-03-04 | "Warning: Cannot modify header information - ... | A PHP error message, this message can display path names, function names, filenames and partial code, all of which are very helpful for hackers...... |
| 2004-03-04 | "access denied for user" "using pas... | Another SQL error message, this message can display the username, database, path names and partial SQL code, all of which are very helpful for hackers... |
| 2004-03-04 | intitle:"Under construction" "does ... | This error message can be used to narrow down the operating system and web server version which can be used by hackers to mount a specific attack.... |
| 2004-03-04 | "Can't connect to local" intitle:wa... | Another SQL error message, this message can display database name, path names and partial SQL code, all of which are very helpful for hackers...... |
| 2004-03-16 | filetype:asp "Custom Error Message" Cate... | This is an ASP error message that can reveal information such as compiler used, language used, line numbers, program names and partial source code.... |
| 2004-03-16 | "Fatal error: Call to undefined function"... | This error message can reveal information such as compiler used, language used, line numbers, program names and partial source code.... |
| 2004-03-11 | warning "error on line" php sablotron | Sablotron is an XML toolit thingie. This query hones in on error messages generated by this toolkit. These error messages reveal all sorts of interest... |
| 2004-04-19 | intitle:"Error Occurred" "The error... | This is a typical error message from ColdFusion. A good amount of information is available from an error message like this including lines of source c... |
| 2004-04-28 | intitle:"Execution of this script not permitt... | This is a cgiwrap error message which displays admin name and email, port numbers, path names, and may also include optional information like phone nu... |
| 2004-05-28 | "Invision Power Board Database Error" | These are SQL error messages, ranging from to many connections, access denied to user xxx, showing full path info to the php files etc.. There is an e... |
| 2004-06-15 | intitle:"Error using Hypernews" "Se... | HyperNews is a cross between the WWW and Usenet News. Readers can browse through the messages written by other people and reply to those messages. ... |
| 2004-06-24 | intitle:"Error Occurred While Processing Requ... | Cold fusion error messages logging the SQL SELECT or INSERT statements and the location of the .cfm file on the webserver. An attacker could use th... |
| 2004-06-24 | ht://Dig htsearch error | The ht://Dig system is a complete world wide web indexing and searching system for a domain or intranet. A list of publically available sites that use... |
| 2004-07-09 | intext:"Warning: Failed opening" "o... | These error messages reveal information about the application that created them as well as revealing path names, php file names, line numbers and incl... |
| 2004-07-14 | PHP application warnings failing "include_pat... | These error messages reveal information about the application that created them as well as revealing path names, php file names, line numbers and incl... |
| 2004-07-16 | "Internal Server Error" "server at&... | We have a similar search already, but it relies on "500 Internal Server" which doesn't appear on all errors like this one. It reveals t... |
| 2004-07-16 | filetype:php inurl:"logging.php" "D... | Discuz! Board error messages related to MySQL. The error message may be empty or contain path information or the offending SQL statement. All discuz! ... |
| 2004-07-16 | "ORA-12541: TNS:no listener" intitle:&qu... | In many cases, these pages display nice bits of SQL code which can be used by an attacker to mount attacks against the SQL database itself. Other piec... |
| 2004-07-26 | "ASP.NET_SessionId" "data source=&q... | .NET pages revealing their datasource and sometimes the authentication credentials with it. The complete debug line looks something like this for exam... |
| 2004-07-29 | "error found handling the request" cocoo... | Cocoon is an XML publishing framework. It allows you to define XML documents and transformations to be applied on it, to eventually generate a present... |
| 2004-08-14 | filetype:log "PHP Parse error" "P... | This search will show an attacker some PHP error logs wich may contain information on wich an attack can be based.... |
| 2004-08-25 | "Warning: pg_connect(): Unable to connect to ... | This search reveals Postgresql servers in yet another way then we had seen before. Path information appears in the error message and sometimes databas... |
| 2004-09-07 | Snitz! forums db path error | Snitz forums uses a microsoft access databases for storage and the default name is "Snitz_forums_2000.mdb". The installation recommends chan... |
| 2004-10-16 | "The script whose uid is " "is not ... | This PHP error message is revealing the webserver's directory and user ID. ... |
| 2004-11-13 | intitle:Configuration.File inurl:softcart.exe | This search finds configuration file errors within the softcart application. It includes the name of the configuration file and discloses server file ... |
| 2004-11-28 | "Warning: mysql_query()" "invalid q... | MySQL query errors revealing database schema and usernames.... |
| 2005-01-26 | intext:"Error Message : Error loading require... | This throws up pages which contain "CGI ERROR" reports - which include the file (and line number) of the errors occurence, the version of Pe... |
| 2005-04-05 | Netscape Application Server Error page | This error message highlights potentially unpatched or misconfigured Netscape Application Server or iPlanet application servers. An inquisitive mind w... |
| 2005-04-07 | "SQL Server Driver][SQL Server]Line 1: In... | you can find many servers infected with sql injection... |
| 2005-04-26 | "Parse error: parse error, unexpected T_VARIA... | PHP error with a full web root path disclosure... |
| 2005-04-26 | intitle:"Default PLESK Page" | Plesk Server Administrator (PSA) is web based software that enables remote administration of web servers. It can be used on Linux and other systems th... |
| 2005-08-16 | "There seems to have been a problem with the&... | search reveals database errors on vbulletin sites. View the page source and you can get information about the sql query executed, this can help in all... |
| 2005-09-25 | "Warning: Supplied argument is not a valid Fi... | This error message cqan reveal path information. This message (like other error messages) is often posted to help forums, although the message still r... |
| 2005-09-25 | "Warning:" "SAFE MODE Restriction i... | This error message reveals full path information. Recommend use of site: operator to narrow searches.... |
| 2006-03-13 | filetype:asp + "[ODBC SQL" | This search returns more than just the one I saw already here. This one will return all ODBC SQL error pages including all data returned in the error.... |
| 2006-04-25 | "Warning: Division by zero in" "on ... | Just another error that reveals full paths.... |
| 2006-04-25 | "Warning: mysql_connect(): Access denied for ... | This dork reveals logins to databases that were denied for some reason.... |
| 2006-04-25 | "Warning:" "failed to open stream: ... | Just another error message.... |
| 2006-04-25 | "Warning: Bad arguments to (joinimplode) () ... | and another error. open it from cache when not working.... |
| 2006-04-25 | "Unable to jump to row" "on MySQL r... | another error message... |
| 2006-06-15 | intitle:"Apache Tomcat" "Error Repo... | Apache Tomcat Error messages. These can reveal various kinds information depending on the type of error.... |
댓글 없음:
댓글 쓰기