Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- Readme:
- SecPoint.com Google Penetration Testing Hack Database v 1.5
- Database of Google Hacks and a tool for manipulating it.
- Database is separated to files by categories. You could use DB alone, or
- make some manipulations using our tool like generating URLs for Google
- search engine or generating pretty HTML output with links. The tool
- could also help in analysing your own site by adding site search option
- to all queries.
- This tool will take source file (file with a list of queries) and generate
- website-specific queries (-s option) by adding site:sitename.com to each
- query. Not only queries, but full Google URLs could be generated for each
- query (-q). Output could be saved to file in text format (-o) or in HTML with
- links format (-t) which will automatically create URLs list.
- run as
- ./googleDB-tool.py <source file> <options>
- <source file> queries source file from GoogleDB (files in db directory)
- Options are:
- -o output.txt save output to file
- -s sitename.com generate queries for this site only
- -q generate google query urls for each line
- -t generate output in HTML format (implies -q)
- -m LISTFILE generate queries for multiple sites listed in LISTFILE
- Command line examples:
- 1-generate list of search strings for finding login pages
- ./googleDB-tool.py "login_pages.txt"
- 2-generate list of Google queries for finding login pages
- ./googleDB-tool.py "login_pages.txt" -q
- 3-same as 2, but in HTML format
- ./googleDB-tool.py "login_pages.txt" -q -t
- 4-same as 3, but save to "OUT.html"
- ./googleDB-tool.py "login_pages.txt" -q -t -o "OUT.html"
- 5-generate queries as in 4, but only for site.com
- ./googleDB-tool.py "login_pages.txt" -q -t -o "OUT.html" -s site.com
- 6-all of the above, for multiple sites from "sites.txt" list
- ./googleDB-tool.py "login_pages.txt" -q -t -o OUT.html -s site.com -m sites.txt
- History:
- # ## 1.0 initial release
- # ## 1.1 google query generating option (-q)
- # ## 1.2 generating HTML output (-t)
- # ## 1.3 added support for multiple sites generation (-m option), database update - 7824 records
- # ## 1.5 friendly output and examples, database update
- Copy Paste At Google:
- Vulnerable_Systems:
- """CGI-Telnet Unit-x Team Connected to *.com"" OR ""CGI-Telnet Unit-x Team Connected to"""
- """File Upload Manager v1.3"" ""rename to"""
- """Mail-it Now!"" intitle:""Contact form"" | inurl:contact.php"
- """Please re-enter your password It must match exactly"""
- """Powered By: Simplicity oF Upload"" inurl:download.php | inurl:upload.php"
- """Powered by FlexPHPNews"" inurl:news | inurl:press"
- """Powered by FunkBoard"""
- """Powered by Gravity Board"""
- """Powered by Land Down Under 601"""
- """Powered by PHPFM"" filetype:php -username"
- """Powered by SilverNews"""
- """Powered by Xcomic"""
- """Powered by: vBulletin Version 1.1.5"""
- """Select a database to view"" intitle:""filemaker pro"""
- """There are no Administrators Accounts"" inurl:admin.php -mysql_fetch_row"
- """Warning:"" ""Cannot execute a blank command in"""
- """Welcome to Administration"" ""General"" ""Local Domains"" ""SMTP Authentication"" inurl:admin"
- """Welcome to Intranet"""
- """Welcome to PHP-Nuke"" congratulations"
- """Welcome to the Prestige Web-Based Configurator"""
- """YaBB SE Dev Team"""
- """[ phpinfo ] [ php.ini ] [ cpu ] [ mem ] [ users ] [ tmp ] [ delete ]"""
- """adding new user"" inurl:addnewuser -""there are no domains"""
- """create the Super User"" ""now by clicking here"""
- """e107.org 2002/2003"" inurl:forum_post.php?nt"
- """ftp://"" ""www.eastgame.net"""
- """html allowed"" guestbook"
- """index of /"" ( upload.cfm | upload.asp | upload.php | upload.cgi | upload.jsp | upload.pl )"
- """maxwebportal"" inurl:""default"" ""snitz forums"" +""homepage"" -intitle:maxwebportal"
- """powered by YellDL"""
- """powered by mailgust"""
- """powered by my little forum"""
- """r57shell 1.4"""
- """r57shell"""
- """safe_mode: * PHP version: * cURL: * MySQL: * MSSQL: * PostgreSQL: * Oracle: *"""
- """set up the administrator user"" inurl:pivot"
- """www.*.com - c99shell"" OR ""www.*.net - c99shell"" OR ""www.*.org - c99shell"""
- """you can now password"" | ""this is a special page only seen by you. your profile visitors"" inurl:imchaos"
- "(""Indexed.By""|""Monitored.By"") hAcxFtpScan"
- "(intitle:""SHOUTcast Administrator"")|(intext:""U SHOUTcast D.N.A.S. Status"")"
- "(intitle:""WordPress › Setup Configuration File"")|(inurl:""setup-config.php?step="")"
- "(inurl:81/cgi-bin/.cobalt/) | (intext:""Welcome to the Cobalt RaQ"")"
- "allintext:""fs-admin.php"""
- "allinurl:""index.php"" ""site=sglinks"""
- "ext:asp ""powered by DUForum"" inurl:(messages|details|login|default|register) -site:duware.com"
- "ext:asp inurl:DUgallery intitle:""3.0"" -site:dugall"
- "ezBOO ""Administrator Panel"" -cvs"
- "filetype:cgi inurl:""Web_Store.cgi"""
- "filetype:cgi inurl:""fileman.cgi"""
- "filetype:mdb ""standard jet"" (password | username | user | pass)"
- "filetype:mdb inurl:""news/news"""
- "filetype:php HAXPLORER ""Server Files Browser"""
- "filetype:php inurl:""viewfile"" -""index.php"" -""idfil"
- "filetype:pl -intext:""/usr/bin/perl"" inurl:webcal (inurl:webcal | inurl:add | inurl:delete | inurl:config)"
- "filetype:pl intitle:""Ultraboard Setup"""
- "intext:""Warning: * am able * write ** configuration file"" ""includes/configure.php"" -Forums"
- "intitle:""ASP FileMan"" Resend -site:iisworks.com"
- "intitle:""CJ Link Out V1"""
- "intitle:""Control panel"" ""Control Panel Login"" ArticleLive inurl:admin -demo"
- "intitle:""Directory Listing"" ""tree view"""
- "intitle:""ERROR: The requested URL could not be retrieved"" ""While trying to retrieve the URL"" ""The following error was encountered:"""
- "intitle:""Gallery in Configuration mode"""
- "intitle:""Gateway Configuration Menu"""
- "intitle:""Horde :: My Portal"" -""[Tickets"""
- "intitle:""Index of /"" modified php.exe"
- "intitle:""Mail Server CMailServer Webmail"" ""5.2"""
- "intitle:""MvBlog powered"""
- "intitle:""PHP Explorer"" ext:php (inurl:phpexplorer.php | inurl:list.php | inurl:browse.php)"
- "intitle:""PHP Shell *"" ""Enable stderr"" filetype:php"
- "intitle:""PHPstat"" intext:""Browser"" intext:""PHPstat setup"""
- "intitle:""Remote Desktop Web Connection"""
- "intitle:""SSHVnc Applet""OR intitle:""SSHTerm Applet"""
- "intitle:""Samba Web Administration Tool"" intext:""Help Workgroup"""
- "intitle:""Terminal Services Web Connection"""
- "intitle:""Uploader - Uploader v6"" -pixloads.com"
- "intitle:""Web Data Administrator - Login"""
- "intitle:""YALA: Yet Another LDAP Administrator"""
- "intitle:""[EasyPHP] - Administration"""
- "intitle:""net2ftp"" ""powered by net2ftp"" inurl:ftp OR intext:login OR inurl:login"
- "intitle:""phpremoteview"" filetype:php ""Name, Size,"
- "intitle:Locus7shell intext:""Software:"""
- "intitle:gallery inurl:setup ""Gallery configuration"""
- "intitle:mywebftp ""Please enter your password"""
- "intitle:osCommerce inurl:admin intext:""redistributable under the GNU""intext:""Online Catalog"" -demo -site:oscommerce.com"
- "intitle:phpMyAdmin ""Welcome to phpMyAdmin ***"" ""running on * as root@*"""
- "inurl:"" WWWADMIN.PL"" intitle:""wwwadmin"""
- "inurl:""/NSearch/AdminServlet"""
- "inurl:""amfphp/browser/servicebrowser.swf"""
- "inurl:""index.php?module=ew_filemanager"""
- "inurl:""nph-proxy.cgi"" ""Start browsing through this CGI-based proxy"""
- "inurl:""phpOracleAdmin/php"" -download -cvs"
- "inurl:""plog/register.php"""
- "inurl:""simplenews/admin"""
- "inurl:""tmtrack.dll?"""
- "inurl:guestbook/guestbooklist.asp ""Post Date"" From"
- "inurl:newsdesk.cgi? inurl:""t="""
- "inurl:php intitle:""Cpanel , FTP CraCkeR"""
- "inurl:shop ""Hassan Consulting's Shopping Cart Version 1.18"""
- "inurl:updown.php | intext:""Powered by PHP Uploader Downloader"""
- (inurl:/shop.cgi/page=) | (inurl:/shop.pl/page=)
- +htpasswd +WS_FTP.LOG filetype:log
- MySQL: ON MSSQL: OFF Oracle: OFF MSSQL: OFF PostgreSQL: OFF cURL: ON WGet: ON Fetch: OFF Perl: ON
- PHPFreeNews inurl:Admin.php
- PHPKonsole PHPShell filetype:php -echo
- XOOPS Custom Installation
- allinurl:forcedownload.php?file=
- allinurl:install/install.php
- allinurl:intranet admin
- ext:cgi inurl:ubb6_test.cgi
- filetype:cgi inurl:cachemgr.cgi
- filetype:cnf my.cnf -cvs -example
- filetype:inc inc intext:setcookie
- filetype:lit lit (books|ebooks)
- filetype:php inanchor:c99 inurl:c99 intitle:c99shell -seeds -marijuana
- filetype:php inurl:tiki-index.php +sirius +1.9.*
- filetype:php inurl:vAuthenticate
- filetype:wsdl wsdl
- http://www.google.com/search?q=inurl%3Aindex.php%3Fpagedb%3Drss
- intitle:#k4raeL - sh3LL
- intitle:MyShell 1.1.0 build 20010923
- intitle:admin intitle:login
- intitle:cyber anarchy shell
- intitle:m1n1 1.01
- inurl:/vb/install/install.php
- inurl:/vb/install/upgrade.php
- inurl:ConnectComputer/precheck.htm | inurl:Remote/logon.aspx
- inurl:ManyServers.htm
- inurl:aol*/_do/rss_popup?blogID=
- inurl:cartwiz/store/index.asp
- inurl:cgi-bin inurl:bigate.cgi
- inurl:cgi.asx?StoreID
- inurl:changepassword.cgi -cvs
- inurl:click.php intext:PHPClickLog
- inurl:footer.inc.php
- inurl:info.inc.php
- inurl:nquser.php filetype:php
- inurl:php.exe filetype:exe -example.com
- inurl:pls/admin_/gateway.htm
- inurl:polly/CP
- inurl:robpoll.cgi filetype:cgi
- inurl:rpSys.html
- inurl:search.php vbulletin
- inurl:servlet/webacc
- inurl:view.php?board1_sn=
- ionCube Loader Wizard information disclosure
- link:http://www.toastforums.com/
- natterchat inurl:home.asp -site:natterchat.co.uk
- vBulletin Install Page Detection
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement