Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- Readme:
- SecPoint.com Google Penetration Testing Hack Database v 1.5
- Database of Google Hacks and a tool for manipulating it.
- Database is separated to files by categories. You could use DB alone, or
- make some manipulations using our tool like generating URLs for Google
- search engine or generating pretty HTML output with links. The tool
- could also help in analysing your own site by adding site search option
- to all queries.
- This tool will take source file (file with a list of queries) and generate
- website-specific queries (-s option) by adding site:sitename.com to each
- query. Not only queries, but full Google URLs could be generated for each
- query (-q). Output could be saved to file in text format (-o) or in HTML with
- links format (-t) which will automatically create URLs list.
- run as
- ./googleDB-tool.py <source file> <options>
- <source file> queries source file from GoogleDB (files in db directory)
- Options are:
- -o output.txt save output to file
- -s sitename.com generate queries for this site only
- -q generate google query urls for each line
- -t generate output in HTML format (implies -q)
- -m LISTFILE generate queries for multiple sites listed in LISTFILE
- Command line examples:
- 1-generate list of search strings for finding login pages
- ./googleDB-tool.py "login_pages.txt"
- 2-generate list of Google queries for finding login pages
- ./googleDB-tool.py "login_pages.txt" -q
- 3-same as 2, but in HTML format
- ./googleDB-tool.py "login_pages.txt" -q -t
- 4-same as 3, but save to "OUT.html"
- ./googleDB-tool.py "login_pages.txt" -q -t -o "OUT.html"
- 5-generate queries as in 4, but only for site.com
- ./googleDB-tool.py "login_pages.txt" -q -t -o "OUT.html" -s site.com
- 6-all of the above, for multiple sites from "sites.txt" list
- ./googleDB-tool.py "login_pages.txt" -q -t -o OUT.html -s site.com -m sites.txt
- History:
- # ## 1.0 initial release
- # ## 1.1 google query generating option (-q)
- # ## 1.2 generating HTML output (-t)
- # ## 1.3 added support for multiple sites generation (-m option), database update - 7824 records
- # ## 1.5 friendly output and examples, database update
- Copy Paste At Google:
- Misc:
- "(C) Copyright IBM Welcome to Websphere"
- # -FrontPage- ext:pwd inurl:(service | authors | administrators | users) "# -FrontPage-" inurl:service.pwd
- # phpMyAdmin MySQL-Dump filtype:txt
- (intitle:"Please login - Forums
- (intitle:"rymo Login")|(intext:"Welcome to rymo") -family
- (inurl:"ars/cgi-bin/arweb?O=0" | inurl:arweb.jsp) -site:remedy.com -site:mil
- -site:php.net -"The PHP Group" inurl:source inurl:url ext:pHp
- AIM buddy lists
- Analysis Console for Incident Databases
- AnyBoard" intitle:"If you are a new user:" intext:"Forum
- AnyBoard" inurl:gochat -edu
- Axis Network Cameras: inurl:indexFrame.shtml Axis
- CGI:IRC Login
- Can't connect to local intitle:warning
- Chatologica MetaSearch "stack tracking"
- ClearQuest Web Logon
- Code:
- Coldfusion Error Pages
- CuteNews" "2003..2005 CutePHP"
- DUpaypal" -site:duware.com
- DWMail" password intitle:dwmail
- Duclassified" -site:duware.com "DUware All Rights reserved"
- Dudirectory" -site:duware.com
- Easy File Sharing Web Server"
- Elite Forum Version *.*"
- Fichier contenant des informations sur le r?seau :
- File Upload Manager v1.3
- Financial spreadsheets: finance.xls
- Financial spreadsheets: finances.xls
- Gallery in configuration mode
- Ganglia Cluster Reports
- HTTP_FROM=googlebot googlebot.com "Server_Software="
- Hassan Consulting's Shopping Cart Version 1.18
- ICQ chat logs, please...
- IIS 4.0 error messages
- IIS web server error messages
- IlohaMail"
- Internal Server Error
- Link Department"
- Looking Glass
- Lotus Domino address books
- MYSQL error message: supplied argument....
- Merak Mail Server Software" -.gov -.mil -.edu -site:merakmailserver.com
- Microsoft Money Data Files
- Midmart Messageboard" "Administrator Login"
- Monster Top List" MTL numrange:200-
- MySQL tabledata dumps
- Netscape Application Server Error page
- NickServ registration passwords
- ORA-00921: unexpected end of SQL command
- OWA Public Folders (direct view)
- Outlook Web Access (a better way)
- PHPhotoalbum Statistics
- PHPhotoalbum Upload
- Peoples MSN contact lists
- PhotoPost PHP Upload
- PostgreSQL query failed: ERROR: parser: parse error
- Quicken data files
- SQL Server Driver][SQL Server]Line 1: Incorrect syntax near
- SQL data dumps
- SQL syntax error
- Snitz! forums db path error
- Squid cache server reports
- Supplied argument is not a valid MySQL result resource
- UBB.threads")|(inurl:login.php "ubb")
- UebiMiau" -site:sourceforge.net
- Ultima Online loginservers
- Unreal IRCd
- VHCS Pro ver -demo
- W-Nailer Upload Area
- WWWThreads")|(inurl:"wwwthreads/login.php")|(inurl:"wwwthreads/login.pl?Cat=")
- Warning: mysql_connect(): Access denied for user: '*@* "on line" -help -forum
- WebLog Referrers
- Welcome to YourCo Financial
- Welcome to ntop!
- Welcome to phpMyAdmin "Create new database"
- Windows 2000 web server error messages
- You have requested to access the management functions -.edu
- ZoneAlamr Logging Client"
- admin account info" filetype:log
- allinurl:control/multiview
- auth_user_file.txt
- cgiirc.conf
- config.php
- data filetype:mdb
- deteced an internal error [IBM] [CLI Driver][DB2|6000]
- duclassmate" -site:duware.com
- dudownload" -site:duware.com
- etc (index.of)
- exported email addresses
- ext:log password END_FILE
- ext:mdb inurl:*.mdb inurl:fpdb shop.mdb
- ez Publish administration
- filetpe:log access.log -CVS
- filetype:asp + "[ODBC SQL"
- filetype:cfg ks intext:rootpw -sample -test -howto
- filetype:cfg mrtg "target
- filetype:cfg mrtg "target(*)" -sample -cvs -example
- filetype:conf inrul:firewall -intitle:vs
- filetype:conf inurl:psybnc.conf "USER.PASS="
- filetype:config config intext: appSettings "User ID"
- filetype:eml eml +intext:"Subject" +intext:"From" +intext:"To"
- filetype:fp5 fp5 -"cvs lgo"
- filetype:ini inurl:trillian.ini
- filetype:log "PHP Parse error" | "PHP Warning" | "
- filetype:log "See `ipsec --copyright"
- filetype:log hijackthis "scan saved"
- filetype:log intext:"ConnectionManager2"
- filetype:log inurl:access.og TCP_HIT
- filetype:log inurl:cache.log
- filetype:log inurl:store.log
- filetype:log inurl:useragent.log
- filetype:log iserror.log
- filetype:r1w r1w
- filetype:r4w r4w
- filetype:reg reg +intext: "internet account manager"
- filetype:reg reg +intext:?? WINVNC3??
- filetype:url +inurl:"ftp://" +inurl:";@"
- filetype:xls inurl:"password.xls"
- filetype:xls inurl:contact
- filetype:xls private
- generated by wwwstat
- haccess.ctl (VERY reliable)
- haccess.ctl (one way)
- ht://Dig htsearch error
- htpasswd
- htpasswd / htgroup
- htpasswd / htpasswd.bak
- http://*:*@www domainname
- iletype:log inurl:"password.log"
- index.of.etc tial files
- intext:""BiTBOARD v2.0" BiTSHiFTERS Bulletin Board"
- intext:"EZGuestbook"
- intext:"Warning: * am able * write ** configuration file" "includes/configure.php" -
- intext:"Web Wiz Journal"
- intext:(password | passcode) intext:(username | userid | user) filetype:csv
- intext:/help/help6_client.nsf
- intitle:"Belarc Advisor Current Profile" intext:"Click here for Belarc's PC Management products, for large and small companies."
- intitle:"Content Management System" "user name"|"password"|"admin" "Microsoft IE 5.5" -mambo
- intitle:"DocuShare" inurl:"docushare/dsweb/" -faq -gov -edu
- intitle:"EXTRANET login" -.edu -.mil -.gov
- intitle:"Error Occurred While Processing Request" +WHERE (SELECT|INSERT) filetype:cfm
- intitle:"Flash Operator Panel" -ext:php -wiki -cms -inurl:asternic -inurl:sip -intitle:ANNOUNCE -inurl:lists
- intitle:"Icecast Administration Admin Page"
- intitle:"Index Of" -inurl:maillog maillog size
- intitle:"Index Of" cookies.txt size
- intitle:"Index of" sc_serv.conf sc_serv content
- intitle:"Login -
- intitle:"Login Forum
- intitle:"Login to @Mail" (ext:pl | inurl:"index") -dwaffleman
- intitle:"MX Control Console" "If you can't remember"
- intitle:"OnLine Recruitment Program - Login"
- intitle:"PHP Explorer" ext:php (inurl:phpexplorer.php | inurl:list.php | inurl:browse.php)
- intitle:"Remote Desktop Web Connection" inurl:tsweb
- intitle:"Terminal Services Web Connecti+kon"
- intitle:"admin panel" +"RedKernel"
- intitle:"b2evo > Login form" "Login form. You must log in! You will have to accept cookies in order to log in" -demo -site:b2evolution.net
- intitle:"communigate pro * *" intitle:"entrance"
- intitle:"messaging login" "(C) Copyright IBM"
- intitle:"oMail-admin Administration - Login" -inurl:omnis.ch
- intitle:"php icalendar administration" -site:sourceforge.net
- intitle:"phpremoteview" filetype: php "Name, Size, inurl:"plog/register.php"
- intitle:"remote assessment" OpenAanval Console
- intitle:"web-cyradm"|"by Luc de Louw" "This is only for authorized users" -tar.gz -site:web-cyradm.org
- intitle:admin intitle:login
- intitle:asterisk.management.portal web-access
- intitle:endymion.sak?.mail.login.page | inurl:sake.servlet
- intitle:ilohamail "
- intitle:ilohamail intext:"Version 0.8.10" "
- intitle:index.of cleanup.log
- intitle:index.of inbox dbx
- intitle:opengroupware.org "resistance is obsolete" "Report Bugs" "Username" "password"
- intitle:oracle http server inde" "Copyright *Oracle Corporation."
- intitle:osCommerce inurl:admin intext:"redistributable under the GNU" intext:"Online Catalog" -demo -site:oscommerce.com
- intitle:phpMyAdmin "Welcome to phpMyAdmin ***" "running on * as root@*"
- inurl:"/com/novell/webaccess"
- inurl:"/com/novell/webpublisher"
- inurl:"index.php? module=ew_filemanager"
- inurl:"slapd.conf" intext:"rootpw" -manpage -"Manual Page" -man: -sample
- inurl:"smb.conf" intext:"workgroup" filetype:conf conf
- inurl:"vsadmin/login" | inurl:"vsadmin/admin" inurl:.php|.asp
- inurl:*db filetype.mdb
- inurl:/com/novell/gwmonitor
- inurl:2000 intitle:RemotelyAnywhere -site:realvnc.com
- inurl:access.log filetype:log -cvs
- inurl:admin_/globalsettings.htm
- inurl:backup | inurl:bak
- inurl:cfg OR inurl:config
- inurl:default_content.asp ClearQuest
- inurl:error.log filetype:log -cvs
- inurl:htpasswd filetype:htpasswd
- inurl:intranet | help.desk
- inurl:netscape.hst
- inurl:pass.dat
- inurl:password.log filetype:log
- inurl:people.lst filetype:lst
- inurl:profiels filetype:mdb
- inurl:server.cfg rcon password
- inurl:temp | inurl:tmp |
- inurl:vtund.conf intext: pass-cvs
- inurl:webvpn.html "login" "Please enter your" Login ("Jetbox One CMS ???" | "Jetstream ? *")
- inurl:wp-mail.php + "There doesn't seem to be any new mail."
- inurl:yapboz_detay.asp + View Webcam User Accessing
- ipsec.conf
- ipsec.secrets
- master.passwd
- mt-db-pass.cgi files
- mysql history files
- mystuff.xml - Trillian data files
- passlist
- passlist.txt (a better way)
- passwd
- passwd / etc (reliable)
- people.lst
- php-addressbook "This is the addressbook for *" -warning
- phpMyAdmin dumps
- phpOpenTracker" Statistics
- phpWebMail
- phpinfo()
- phpinfo.php -manual
- powered | performed by Beyond Security's Automated Scanning -kazaa -example
- private key files (.csr)
- private key files (.key)
- produced by getstats
- psyBNC config files
- pwd.db
- rename to
- robots.txt
- site:netcraft.com intitle:That.Site.Running Apache
- sitebuildercontent
- sitebuilderfiles
- sitebuilderpictures
- spwd.db / passwd
- trillian.ini
- wwwboard WebAdmin inurl:passwd.txt wwwboard|webadmin
- you can now password | "this is a special page only seen by you. your profile visitors" inurl:imchaos ("Indexed.By"|"Monitored.By") hAcxFtpScan
- шnurl:/admin/login.asp
Add Comment
Please, Sign In to add comment