API tools faq
paste
Faeizzamriee

Google-Hack-Db Misc

Faeizzamriee
Jan 3rd, 2015
1,453
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 11.21 KB | None | 0 0
raw download clone embed print report
  1. Readme:
  2. SecPoint.com Google Penetration Testing Hack Database v 1.5
  3.  
  4. Database of Google Hacks and a tool for manipulating it.
  5. Database is separated to files by categories. You could use DB alone, or
  6. make some manipulations using our tool like generating URLs for Google
  7. search engine or generating pretty HTML output with links. The tool
  8. could also help in analysing your own site by adding site search option
  9. to all queries.
  10.  
  11. This tool will take source file (file with a list of queries) and generate
  12. website-specific queries (-s option) by adding site:sitename.com to each
  13. query. Not only queries, but full Google URLs could be generated for each
  14. query (-q). Output could be saved to file in text format (-o) or in HTML with
  15. links format (-t) which will automatically create URLs list.
  16.  
  17. run as
  18. ./googleDB-tool.py <source file> <options>
  19.  
  20. <source file> queries source file from GoogleDB (files in db directory)
  21.  
  22. Options are:
  23. -o output.txt save output to file
  24. -s sitename.com generate queries for this site only
  25. -q generate google query urls for each line
  26. -t generate output in HTML format (implies -q)
  27. -m LISTFILE generate queries for multiple sites listed in LISTFILE
  28.  
  29.  
  30. Command line examples:
  31. 1-generate list of search strings for finding login pages
  32. ./googleDB-tool.py "login_pages.txt"
  33.  
  34. 2-generate list of Google queries for finding login pages
  35. ./googleDB-tool.py "login_pages.txt" -q
  36.  
  37. 3-same as 2, but in HTML format
  38. ./googleDB-tool.py "login_pages.txt" -q -t
  39.  
  40. 4-same as 3, but save to "OUT.html"
  41. ./googleDB-tool.py "login_pages.txt" -q -t -o "OUT.html"
  42.  
  43. 5-generate queries as in 4, but only for site.com
  44. ./googleDB-tool.py "login_pages.txt" -q -t -o "OUT.html" -s site.com
  45.  
  46. 6-all of the above, for multiple sites from "sites.txt" list
  47. ./googleDB-tool.py "login_pages.txt" -q -t -o OUT.html -s site.com -m sites.txt
  48.  
  49.  
  50.  
  51. History:
  52. # ## 1.0 initial release
  53. # ## 1.1 google query generating option (-q)
  54. # ## 1.2 generating HTML output (-t)
  55. # ## 1.3 added support for multiple sites generation (-m option), database update - 7824 records
  56. # ## 1.5 friendly output and examples, database update
  57.  
  58. Copy Paste At Google:
  59. Misc:
  60.  
  61. "(C) Copyright IBM Welcome to Websphere"
  62. # -FrontPage- ext:pwd inurl:(service | authors | administrators | users) "# -FrontPage-" inurl:service.pwd
  63. # phpMyAdmin MySQL-Dump filtype:txt
  64. (intitle:"Please login - Forums
  65. (intitle:"rymo Login")|(intext:"Welcome to rymo") -family
  66. (inurl:"ars/cgi-bin/arweb?O=0" | inurl:arweb.jsp) -site:remedy.com -site:mil
  67. -site:php.net -"The PHP Group" inurl:source inurl:url ext:pHp
  68. AIM buddy lists
  69. Analysis Console for Incident Databases
  70. AnyBoard" intitle:"If you are a new user:" intext:"Forum
  71. AnyBoard" inurl:gochat -edu
  72. Axis Network Cameras: inurl:indexFrame.shtml Axis
  73. CGI:IRC Login
  74. Can't connect to local intitle:warning
  75. Chatologica MetaSearch "stack tracking"
  76. ClearQuest Web Logon
  77. Code:
  78. Coldfusion Error Pages
  79. CuteNews" "2003..2005 CutePHP"
  80. DUpaypal" -site:duware.com
  81. DWMail" password intitle:dwmail
  82. Duclassified" -site:duware.com "DUware All Rights reserved"
  83. Dudirectory" -site:duware.com
  84. Easy File Sharing Web Server"
  85. Elite Forum Version *.*"
  86. Fichier contenant des informations sur le r?seau :
  87. File Upload Manager v1.3
  88. Financial spreadsheets: finance.xls
  89. Financial spreadsheets: finances.xls
  90. Gallery in configuration mode
  91. Ganglia Cluster Reports
  92. HTTP_FROM=googlebot googlebot.com "Server_Software="
  93. Hassan Consulting's Shopping Cart Version 1.18
  94. ICQ chat logs, please...
  95. IIS 4.0 error messages
  96. IIS web server error messages
  97. IlohaMail"
  98. Internal Server Error
  99. Link Department"
  100. Looking Glass
  101. Lotus Domino address books
  102. MYSQL error message: supplied argument....
  103. Merak Mail Server Software" -.gov -.mil -.edu -site:merakmailserver.com
  104. Microsoft Money Data Files
  105. Midmart Messageboard" "Administrator Login"
  106. Monster Top List" MTL numrange:200-
  107. MySQL tabledata dumps
  108. Netscape Application Server Error page
  109. NickServ registration passwords
  110. ORA-00921: unexpected end of SQL command
  111. OWA Public Folders (direct view)
  112. Outlook Web Access (a better way)
  113. PHPhotoalbum Statistics
  114. PHPhotoalbum Upload
  115. Peoples MSN contact lists
  116. PhotoPost PHP Upload
  117. PostgreSQL query failed: ERROR: parser: parse error
  118. Quicken data files
  119. SQL Server Driver][SQL Server]Line 1: Incorrect syntax near
  120. SQL data dumps
  121. SQL syntax error
  122. Snitz! forums db path error
  123. Squid cache server reports
  124. Supplied argument is not a valid MySQL result resource
  125. UBB.threads")|(inurl:login.php "ubb")
  126. UebiMiau" -site:sourceforge.net
  127. Ultima Online loginservers
  128. Unreal IRCd
  129. VHCS Pro ver -demo
  130. W-Nailer Upload Area
  131. WWWThreads")|(inurl:"wwwthreads/login.php")|(inurl:"wwwthreads/login.pl?Cat=")
  132. Warning: mysql_connect(): Access denied for user: '*@* "on line" -help -forum
  133. WebLog Referrers
  134. Welcome to YourCo Financial
  135. Welcome to ntop!
  136. Welcome to phpMyAdmin "Create new database"
  137. Windows 2000 web server error messages
  138. You have requested to access the management functions -.edu
  139. ZoneAlamr Logging Client"
  140. admin account info" filetype:log
  141. allinurl:control/multiview
  142. auth_user_file.txt
  143. cgiirc.conf
  144. config.php
  145. data filetype:mdb
  146. deteced an internal error [IBM] [CLI Driver][DB2|6000]
  147. duclassmate" -site:duware.com
  148. dudownload" -site:duware.com
  149. etc (index.of)
  150. exported email addresses
  151. ext:log password END_FILE
  152. ext:mdb inurl:*.mdb inurl:fpdb shop.mdb
  153. ez Publish administration
  154. filetpe:log access.log -CVS
  155. filetype:asp + "[ODBC SQL"
  156. filetype:cfg ks intext:rootpw -sample -test -howto
  157. filetype:cfg mrtg "target
  158. filetype:cfg mrtg "target(*)" -sample -cvs -example
  159. filetype:conf inrul:firewall -intitle:vs
  160. filetype:conf inurl:psybnc.conf "USER.PASS="
  161. filetype:config config intext: appSettings "User ID"
  162. filetype:eml eml +intext:"Subject" +intext:"From" +intext:"To"
  163. filetype:fp5 fp5 -"cvs lgo"
  164. filetype:ini inurl:trillian.ini
  165. filetype:log "PHP Parse error" | "PHP Warning" | "
  166. filetype:log "See `ipsec --copyright"
  167. filetype:log hijackthis "scan saved"
  168. filetype:log intext:"ConnectionManager2"
  169. filetype:log inurl:access.og TCP_HIT
  170. filetype:log inurl:cache.log
  171. filetype:log inurl:store.log
  172. filetype:log inurl:useragent.log
  173. filetype:log iserror.log
  174. filetype:r1w r1w
  175. filetype:r4w r4w
  176. filetype:reg reg +intext: "internet account manager"
  177. filetype:reg reg +intext:?? WINVNC3??
  178. filetype:url +inurl:"ftp://" +inurl:";@"
  179. filetype:xls inurl:"password.xls"
  180. filetype:xls inurl:contact
  181. filetype:xls private
  182. generated by wwwstat
  183. haccess.ctl (VERY reliable)
  184. haccess.ctl (one way)
  185. ht://Dig htsearch error
  186. htpasswd
  187. htpasswd / htgroup
  188. htpasswd / htpasswd.bak
  189. http://*:*@www domainname
  190. iletype:log inurl:"password.log"
  191. index.of.etc tial files
  192. intext:""BiTBOARD v2.0" BiTSHiFTERS Bulletin Board"
  193. intext:"EZGuestbook"
  194. intext:"Warning: * am able * write ** configuration file" "includes/configure.php" -
  195. intext:"Web Wiz Journal"
  196. intext:(password | passcode) intext:(username | userid | user) filetype:csv
  197. intext:/help/help6_client.nsf
  198. intitle:"Belarc Advisor Current Profile" intext:"Click here for Belarc's PC Management products, for large and small companies."
  199. intitle:"Content Management System" "user name"|"password"|"admin" "Microsoft IE 5.5" -mambo
  200. intitle:"DocuShare" inurl:"docushare/dsweb/" -faq -gov -edu
  201. intitle:"EXTRANET login" -.edu -.mil -.gov
  202. intitle:"Error Occurred While Processing Request" +WHERE (SELECT|INSERT) filetype:cfm
  203. intitle:"Flash Operator Panel" -ext:php -wiki -cms -inurl:asternic -inurl:sip -intitle:ANNOUNCE -inurl:lists
  204. intitle:"Icecast Administration Admin Page"
  205. intitle:"Index Of" -inurl:maillog maillog size
  206. intitle:"Index Of" cookies.txt size
  207. intitle:"Index of" sc_serv.conf sc_serv content
  208. intitle:"Login -
  209. intitle:"Login Forum
  210. intitle:"Login to @Mail" (ext:pl | inurl:"index") -dwaffleman
  211. intitle:"MX Control Console" "If you can't remember"
  212. intitle:"OnLine Recruitment Program - Login"
  213. intitle:"PHP Explorer" ext:php (inurl:phpexplorer.php | inurl:list.php | inurl:browse.php)
  214. intitle:"Remote Desktop Web Connection" inurl:tsweb
  215. intitle:"Terminal Services Web Connecti+kon"
  216. intitle:"admin panel" +"RedKernel"
  217. intitle:"b2evo > Login form" "Login form. You must log in! You will have to accept cookies in order to log in" -demo -site:b2evolution.net
  218. intitle:"communigate pro * *" intitle:"entrance"
  219. intitle:"messaging login" "(C) Copyright IBM"
  220. intitle:"oMail-admin Administration - Login" -inurl:omnis.ch
  221. intitle:"php icalendar administration" -site:sourceforge.net
  222. intitle:"phpremoteview" filetype: php "Name, Size, inurl:"plog/register.php"
  223. intitle:"remote assessment" OpenAanval Console
  224. intitle:"web-cyradm"|"by Luc de Louw" "This is only for authorized users" -tar.gz -site:web-cyradm.org
  225. intitle:admin intitle:login
  226. intitle:asterisk.management.portal web-access
  227. intitle:endymion.sak?.mail.login.page | inurl:sake.servlet
  228. intitle:ilohamail "
  229. intitle:ilohamail intext:"Version 0.8.10" "
  230. intitle:index.of cleanup.log
  231. intitle:index.of inbox dbx
  232. intitle:opengroupware.org "resistance is obsolete" "Report Bugs" "Username" "password"
  233. intitle:oracle http server inde" "Copyright *Oracle Corporation."
  234. intitle:osCommerce inurl:admin intext:"redistributable under the GNU" intext:"Online Catalog" -demo -site:oscommerce.com
  235. intitle:phpMyAdmin "Welcome to phpMyAdmin ***" "running on * as root@*"
  236. inurl:"/com/novell/webaccess"
  237. inurl:"/com/novell/webpublisher"
  238. inurl:"index.php? module=ew_filemanager"
  239. inurl:"slapd.conf" intext:"rootpw" -manpage -"Manual Page" -man: -sample
  240. inurl:"smb.conf" intext:"workgroup" filetype:conf conf
  241. inurl:"vsadmin/login" | inurl:"vsadmin/admin" inurl:.php|.asp
  242. inurl:*db filetype.mdb
  243. inurl:/com/novell/gwmonitor
  244. inurl:2000 intitle:RemotelyAnywhere -site:realvnc.com
  245. inurl:access.log filetype:log -cvs
  246. inurl:admin_/globalsettings.htm
  247. inurl:backup | inurl:bak
  248. inurl:cfg OR inurl:config
  249. inurl:default_content.asp ClearQuest
  250. inurl:error.log filetype:log -cvs
  251. inurl:htpasswd filetype:htpasswd
  252. inurl:intranet | help.desk
  253. inurl:netscape.hst
  254. inurl:pass.dat
  255. inurl:password.log filetype:log
  256. inurl:people.lst filetype:lst
  257. inurl:profiels filetype:mdb
  258. inurl:server.cfg rcon password
  259. inurl:temp | inurl:tmp |
  260. inurl:vtund.conf intext: pass-cvs
  261. inurl:webvpn.html "login" "Please enter your" Login ("Jetbox One CMS ???" | "Jetstream ? *")
  262. inurl:wp-mail.php + "There doesn't seem to be any new mail."
  263. inurl:yapboz_detay.asp + View Webcam User Accessing
  264. ipsec.conf
  265. ipsec.secrets
  266. master.passwd
  267. mt-db-pass.cgi files
  268. mysql history files
  269. mystuff.xml - Trillian data files
  270. passlist
  271. passlist.txt (a better way)
  272. passwd
  273. passwd / etc (reliable)
  274. people.lst
  275. php-addressbook "This is the addressbook for *" -warning
  276. phpMyAdmin dumps
  277. phpOpenTracker" Statistics
  278. phpWebMail
  279. phpinfo()
  280. phpinfo.php -manual
  281. powered | performed by Beyond Security's Automated Scanning -kazaa -example
  282. private key files (.csr)
  283. private key files (.key)
  284. produced by getstats
  285. psyBNC config files
  286. pwd.db
  287. rename to
  288. robots.txt
  289. site:netcraft.com intitle:That.Site.Running Apache
  290. sitebuildercontent
  291. sitebuilderfiles
  292. sitebuilderpictures
  293. spwd.db / passwd
  294. trillian.ini
  295. wwwboard WebAdmin inurl:passwd.txt wwwboard|webadmin
  296. you can now password | "this is a special page only seen by you. your profile visitors" inurl:imchaos ("Indexed.By"|"Monitored.By") hAcxFtpScan
  297. шnurl:/admin/login.asp
Add Comment
Please, Sign In to add comment
Public Pastes
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!