Google-Hack-Db Network_Or_Vulnerability Data

1. Readme:
2. SecPoint.com Google Penetration Testing Hack Database v 1.5
3.  
4. Database of Google Hacks and a tool for manipulating it.
5. Database is separated to files by categories. You could use DB alone, or
6. make some manipulations using our tool like generating URLs for Google
7. search engine or generating pretty HTML output with links. The tool
8. could also help in analysing your own site by adding site search option
9. to all queries.
10.  
11. This tool will take source file (file with a list of queries) and generate
12. website-specific queries (-s option) by adding site:sitename.com to each
13. query. Not only queries, but full Google URLs could be generated for each
14. query (-q). Output could be saved to file in text format (-o) or in HTML with
15. links format (-t) which will automatically create URLs list.
16.  
17. run as
18. ./googleDB-tool.py <source file> <options>
19.  
20. <source file> queries source file from GoogleDB (files in db directory)
21.  
22. Options are:
23. -o output.txt save output to file
24. -s sitename.com generate queries for this site only
25. -q generate google query urls for each line
26. -t generate output in HTML format (implies -q)
27. -m LISTFILE generate queries for multiple sites listed in LISTFILE
28.  
29.  
30. Command line examples:
31. 1-generate list of search strings for finding login pages
32. ./googleDB-tool.py "login_pages.txt"
33.  
34. 2-generate list of Google queries for finding login pages
35. ./googleDB-tool.py "login_pages.txt" -q
36.  
37. 3-same as 2, but in HTML format
38. ./googleDB-tool.py "login_pages.txt" -q -t
39.  
40. 4-same as 3, but save to "OUT.html"
41. ./googleDB-tool.py "login_pages.txt" -q -t -o "OUT.html"
42.  
43. 5-generate queries as in 4, but only for site.com
44. ./googleDB-tool.py "login_pages.txt" -q -t -o "OUT.html" -s site.com
45.  
46. 6-all of the above, for multiple sites from "sites.txt" list
47. ./googleDB-tool.py "login_pages.txt" -q -t -o OUT.html -s site.com -m sites.txt
48.  
49.  
50.  
51. History:
52. # ## 1.0 initial release
53. # ## 1.1 google query generating option (-q)
54. # ## 1.2 generating HTML output (-t)
55. # ## 1.3 added support for multiple sites generation (-m option), database update - 7824 records
56. # ## 1.5 friendly output and examples, database update
57.  
58. Copy Paste At Google:
59. Network_Or_Vulnerability Data:
60.  
61. """Looking Glass"" (inurl:""lg/"" | inurl:lookingglass)"
62. """Network Host Assessment Report"" ""Internet Scanner"""
63. """Output produced by SysWatch *"""
64. """Phorum Admin"" ""Database Connection"" inurl:forum inurl:admin"
65. """Powered by phpOpenTracker"" Statistics"
66. """Shadow Security Scanner performed a vulnerability assessment"""
67. """SnortSnarf alert page"""
68. """The following report contains confidential information"" vulnerability -search"
69. """The statistics were last updated"" ""Daily""-microsoft.com"
70. """This report lists"" ""identified by Internet Scanner"""
71. """Traffic Analysis for"" ""RMON Port * on unit *"""
72. """Version Info"" ""Boot Version"" ""Internet Settings"""
73. """apricot - admin"" 00h"
74. """by Reimar Hoven. All Rights Reserved. Disclaimer"" | inurl:""log/logdb.dta"""
75. """powered | performed by Beyond Security's Automated Scanning"" -kazaa -example"
76. """this proxy is working fine!"" ""enter *"" ""URL***"" * visit"
77. "((inurl:ifgraph ""Page generated at"") OR (""This page was built using ifgraph""))"
78. "ACID ""by Roman Danyliw"" filetype:php"
79. "ext:cgi intext:""nrg-"" "" This web page was created on """
80. "filetype:log intext:""ConnectionManager2"""
81. "filetype:pdf ""Assessment Report"" nessus"
82. "filetype:php inurl:ipinfo.php ""Distributed Intrusion Detection System"""
83. "filetype:php inurl:nqt intext:""Network Query Tool"""
84. "intext:""Welcome to the Web V.Networks"" intitle:""V.Networks [Top]"" -filetype:htm"
85. "intitle:""ADSL Configuration page"""
86. "intitle:""Azureus : Java BitTorrent Client Tracker"""
87. "intitle:""BNBT Tracker Info"""
88. "intitle:""Belarc Advisor Current Profile"" intext:""Click here for Belarc's PC Management products, for large and small companies."""
89. "intitle:""Microsoft Site Server Analysis"""
90. "intitle:""Nessus Scan Report"" ""This file was generated by Nessus"""
91. "intitle:""PHPBTTracker Statistics"" | intitle:""PHPBT Tracker Statistics"""
92. "intitle:""Retina Report"" ""CONFIDENTIAL INFORMATION"""
93. "intitle:""start.managing.the.device"" remote pbx acc"
94. "intitle:""sysinfo * "" intext:""Generated by Sysinfo * written by The Gamblers."""
95. "intitle:""twiki"" inurl:""TWikiUsers"""
96. "inurl:""/catalog.nsf"" intitle:catalog"
97. "inurl:""NmConsole/Login.asp"" | intitle:""Login - Ipswitch WhatsUp Professional 2005"" | intext:""Ipswitch WhatsUp Professional 2005 (SP1)"" ""Ipswitch, Inc"""
98. "inurl:""install/install.php"""
99. "inurl:""map.asp?"" intitle:""WhatsUp Gold"""
100. "inurl:""sitescope.html"" intitle:""sitescope"" intext:""refresh"" -demo"
101. "inurl:/cgi-bin/finger? ""In real life"""
102. "inurl:/counter/index.php intitle:""+PHPCounter 7.*"""
103. "inurl:CrazyWWWBoard.cgi intext:""detailed debugging information"""
104. "inurl:phpSysInfo/ ""created by phpsysinfo"""
105. "inurl:portscan.php ""from Port""|""Port Range"""
106. ext:cfg radius.cfg
107. filetype:vsd vsd network -samples -examples
108. intitle:r57shell +uname -bbpress
109. inurl:/adm-cfgedit.php
110. inurl:/cgi-bin/finger? Enter (account|host|user|username)
111. inurl:login.jsp.bak
112. inurl:ovcgi/jovw
113. inurl:proxy | inurl:wpad ext:pac | ext:dat findproxyforurl
114. inurl:statrep.nsf -gov
115. inurl:status.cgi?host=all
116. inurl:testcgi xitami
117. inurl:webalizer filetype:png -.gov -.edu -.mil -opendarwin
118. inurl:webutil.pl
119. site:netcraft.com intitle:That.Site.Running Apache