Web Pentesting Google Hacking Dorks Priv8 2017

Mr. KingSkrupellos Cyberizm Digital Security Team / Paylaşımların Devamı için ++ REP Beğenilere Basalım Lütfen :D

https://www.cyberizm.org/cyberizm-web-pentesting-google-hacking-dorks-priv8-2017.html

Web Pentesting Google Hacking Dorks Priv8 2017 [ Kullanın Gençler - Her Kesime Yaşa Hitaben -
Dualarınızı Eksik Etmeyin.

2016'nın Başından itibaren Kendim İnternette Gezinirken Bizzat Bulduğum Keşfettiğim Dorklardır.
Arada Başka Kaynaklardan Bulduklarımı Biraraya Toparladım. Sizlere sunuyorum.

Hayırlı Kullanımlar. Siber Savaşta sizde yerinizi alın ve Türkiye ve İslam için Savaşın Yiğitler.
______________________________________________________________

Vulnerabilidades
comment:advisories and vulnerabilities*-----
"1999-2004 FuseTalk Inc" -site:fusetalk.com
"2003 DUware All Rights Reserved"
"Active Webcam Page" inurl:8080
"BlackBoard 1.5.1-f | © 2003-4 by Yves Goergen"
"BosDates Calendar System " "powered by BosDates v3.2 by BosDev"
"Copyright © 2002 Agustin Dondo Scripts"
"delete entries" inurl:admin/delete.asp
"driven by: ASP Message Board"
"Enter ip" inurl:"php-ping.php"
"IceWarp Web Mail 5.3.0" "Powered by IceWarp"
"Ideal BB Version: 0.1" -idealbb.com
"inurl:/site/articles.asp?idcategory="
"Obtenez votre forum Aztek" -site:forum-aztek.com
"Online Store - Powered by ProductCart"
"Powered *: newtelligence" ("dasBlog 1.6"| "dasBlog 1.5"| "dasBlog 1.4"|"dasBlog 1.3")
"Powered by A-CART"
"Powered by AJ-Fork v.167"
"powered by antiboard"
"Powered by Coppermine Photo Gallery"
"Powered by CubeCart"
"Powered by DCP-Portal v5.5"
"Powered by DMXReady Site Chassis Manager" -site:dmxready.com
"Powered by FUDforum"
"Powered by Gallery v1.4.4"
"Powered by IceWarp Software" inurl:mail
"Powered by Ikonboard 3.1.1"
"Powered by Megabook *" inurl:guestbook.cgi
"Powered by MercuryBoard [v1"
"powered by minibb" -site:www.minibb.net -intext:1.7f
"Powered by My Blog" intext:"FuzzyMonkey.org"
"Powered by ocPortal" -demo -ocportal.com
"powered by phpWebSite" 0.9-3-2...4
"Powered by PowerPortal v1.3"
"powered by vbulletin 3.0"
"Powered by WordPress" -html filetype:php -demo -wordpress.org -bugtraq
"Powered by WowBB" -site:wowbb.com
"Powered by YaPig V0.92b"
"Powered by yappa-ng"
"running: Nucleus v3.1" -.nucleuscms.org -demo
"SquirrelMail version 1.4.4" inurl:src ext:php
"This page has been automatically generated by Plesk Server Administrator"
+"Powered by Invision Power Board v2.0.0..2"
+"Powered by phpBB 2.0.6..10" -phpbb.com -phpbb.pl
inurl:"dispatch.php?atknodetype" | inurl:class.at -----Achievo webbased project management-----
allintitle:aspjar.com guestbook
inurl:"/becommunity/community/index.php?pageurl=" -----E-market remote code execution-----
inurl:custva.asp -----EarlyImpact Productcart-----
ext:php intext:"Powered by phpNewMan Version"
ext:pl inurl:cgi intitle:"FormMail *" -"*Referrer" -"* Denied" -sourceforge -error -cvs -input
filetype:cgi inurl:nbmember.cgi
filetype:cgi inurl:pdesk.cgi
filetype:cgi inurl:tseekdir.cgi
Mr. KingSkrupellos Cyberizm Digital Security Team
filetype:php inurl:index.php inurl:"module=subjects" inurl:"func=*" (listpages| viewpage | listcat)
intext:("UBB.threads™ 6.2"|"UBB.threads™ 6.3") intext:"You * not logged *" -site:ubbcentral.com
intitle:"EMUMAIL - Login" "Powered by EMU Webmail"
intitle:"MRTG/RRD" 1.1* (inurl:mrtg.cgi | inurl:14all.cgi |traffic.cgi)
intitle:"View Img" inurl:viewimg.php
intitle:"WebJeff - FileManager" intext:"login" intext:Pass|PAsse
intitle:"WordPress > * > Login form" inurl:"wp-login.php"
intitle:guestbook "advanced guestbook 2.2 powered"
intitle:welcome.to.horde
inurl:"/cgi-bin/loadpage.cgi?user_id="
inurl:"/site/articles.asp?idcategory="
inurl:"comment.php?serendipity"
inurl:"messageboard/Forum.asp?"
inurl:"slxweb.dll"
inurl:/SiteChassisManager/
inurl:cal_make.pl
inurl:citrix/metaframexp/default/login.asp? ClientDetection=On
inurl:comersus_message.asp
inurl:directorypro.cgi
inurl:gotoURL.asp?url=
inurl:technote inurl:main.cgi*filename=*
inurl:ttt-webmaster.php
inurl:wiki/MediaWiki
"Powered by Invision Power Board(U) v1.3 Final" -----Invision Power Board SSI.PHP SQL Injection-----
"Powered by mnoGoSearch - free web search engine software" -----nGoSearch vulnerability-----
"FC Bigfeet" -inurl:mail -----Quicksite demopages for Typo3-----
inurl:com_remository -----ReMOSitory module for Mambo-----
uploadpics.php?did= -forumintext:Generated.by.phpix.1.0? inurl:$mode=album
"Powered by: vBulletin * 3.0.1" inurl:newreply.php -----vBulletin version 3.0.1 newreply.php XSS-----
filetype:asp inurl:"shopdisplayproducts.asp" -----VP-ASP Shopping Cart XSS-----
inurl:/cgi-bin/index.cgi inurl:topics inurl:viewcat= +intext:"WebAPP" -site:web-app.org -----WebAPP directory traversal-----
1. inurl:index.php?id=aboutus
2. inurl:?item_id=6310
3. inurl:ZoomItemDetail.aspx?item_id=
Site: inurl:virtual_show_detail.php?ID=
___________________________________________________________________________________________________

 Arquivos com senha


comment:Files containing passwords***-----
"# -FrontPage-" ext:pwd inurl:(service | authors | administrators | users)
"# -FrontPage-" inurl:service.pwd
"AutoCreate=TRUE password=*"
"http://*:*@www" domainname
"index of/" "ws_ftp.ini" "parent directory"
"liveice configuration file" ext:cfg -site:sourceforge.net
"powered by ducalendar" -site:duware.com
"Powered by Duclassified" -site:duware.com
"Powered by Duclassified" -site:duware.com "DUware All Rights reserved"
"powered by duclassmate" -site:duware.com
"Powered by Dudirectory" -site:duware.com
"powered by dudownload" -site:duware.com
"Powered By Elite Forum Version *.*"
"Powered by Link Department"
"sets mode: +k"
"Powered by DUpaypal" -site:duware.com
allinurl: admin mdb
auth_user_file.txt
config.php
eggdrop filetype:user user
etc (index.of)
ext:ini eudora.ini
ext:ini Version=4.0.0.4 password
filetype:bak inurl:"htaccess|passwd|shadow|htusers"
filetype:cfg mrtg "target[*]" -sample -cvs -example
filetype:cfm "cfapplication name" password
filetype:conf oekakibbs
filetype:conf sc_serv.conf
filetype:conf slapd.conf
filetype:config config intext:appSettings "User ID"
filetype:dat "password.dat"
filetype:dat wand.dat
filetype:inc dbconn
Mr. KingSkrupellos Cyberizm Digital Security Team
filetype:inc intext:mysql_connect
filetype:inc mysql_connect OR mysql_pconnect
filetype:ini inurl:"serv-u.ini"
filetype:ini inurl:flashFXP.ini
filetype:ini ServUDaemon
filetype:ini wcx_ftp
filetype:ini ws_ftp pwd
filetype:ldb admin
filetype:log "See `ipsec --copyright"
filetype:log inurl:"password.log"
filetype:mdb inurl:users.mdb
filetype:mdb wwforum
filetype:netrc password
filetype:pass pass intext:userid
filetype:pem intext:private
filetype:properties inurl:db intext:password
filetype:pwd service
filetype:pwl pwl
filetype:reg reg +intext:"defaultusername" +intext:"defaultpassword"
filetype:reg reg HKEY_CURRENT_USER SSHHOSTKEYS
filetype:sql ("values * MD5" | "values * password" | "values * encrypt")
filetype:sql ("passwd values" | "password values" | "pass values" )
filetype:sql +"IDENTIFIED BY" -cvs
filetype:sql password
filetype:url +inurl:"ftp://" +inurl:";@"
filetype:xls username password email
htpasswd
htpasswd / htgroup
htpasswd / htpasswd.bak
intext:"enable secret 5 $"
intext:"powered by Web Wiz Journal"
intitle:"index of" intext:connect.inc
intitle:"index of" intext:globals.inc
intitle:"Index of" passwords modified
intitle:dupics inurl:(add.asp | default.asp | view.asp | voting.asp) -site:duware.com
intitle:index.of administrators.pwd
intitle:Index.of etc shadow
intitle:index.of intext:"secring.skr"|"secring.pgp"|"secring.bak"
inurl:"GRC.DAT" intext:"password"
inurl:"slapd.conf" intext:"credentials" -manpage -"Manual Page" -man: -sample
inurl:"slapd.conf" intext:"rootpw" -manpage -"Manual Page" -man: -sample
inurl:"wvdial.conf" intext:"password"
inurl:/db/main.mdb
inurl:/wwwboard
inurl:ccbill filetype:log
inurl:chap-secrets -cvs
inurl:config.php dbuname dbpass
inurl:filezilla.xml -cvs
inurl:lilo.conf filetype:conf password -tatercounter2000 -bootpwd -man
inurl:nuke filetype:sql
inurl:ospfd.conf intext:password -sample -test -tutorial -download
inurl:pap-secrets -cvs
inurl:perform filetype:ini
inurl:secring ext:skr | ext:pgp | ext:bak
inurl:vtund.conf intext:pass -cvs
inurl:zebra.conf intext:password -sample -test -tutorial -download
LeapFTP intitle:"index.of./" sites.ini modified
intitle:index.of master.passwd -----master.passwd-----
intitle:"Index of" .mysql_history -----mysql history files-----
"Your password is * Remember this for later use" -----NickServ registration passwords-----
index.of passlist -----passlist-----
Mr. KingSkrupellos Cyberizm Digital Security Team
inurl:passlist.txt -----passlist.txt-----
intitle:index.of passwd passwd.bak -----passwd-----
intitle:"Index of..etc" passwd -----passwd / etc-----
intitle:index.of people.lst -----people.lst-----
filetype:conf inurl:psybnc.conf "USER.PASS=" -----psyBNC config files-----
intitle:"Index of" pwd.db -----pwd.db-----
signin filetype:url
intitle:"Index of" spwd.db passwd -pam.conf -----spwd.db / passwd-----
intitle:index.of trillian.ini -----trillian.ini-----

___________________________________________________________________________________________________


  Diretórios sensíveis

comment:Sensitive Directories***]
"Index Of /network" "last modified"
"index of cgi-bin"
"index of" / picasa.ini
"index of" inurl:recycler
"Index of" rar r01 nfo Modified 2004
"intitle:Index.Of /" stats merchant cgi-* etc
"Powered by Invision Power File Manager" (inurl:login.php) | (intitle:"Browsing directory /" )
"Web File Browser" "Use regular expression"
"Welcome to phpMyAdmin" " Create new database"
allinurl:"/*/_vti_pvt/" | allinurl:"/*/_vti_cnf/"
filetype:cfg ks intext:rootpw -sample -test -howto
filetype:torrent torrent
Index of phpMyAdmin
index.of.dcim
index.of.password
index.of.password
intext:"d.aspx?id" || inurl:"d.aspx?id"
intext:"Powered By: TotalIndex" intitle:"TotalIndex"
intitle:"album permissions" "Users who can modify photos" "EVERYBODY"
intitle:"Directory Listing For" intext:Tomcat -intitle:Tomcat
intitle:"HFS /" +"HttpFileServer"
intitle:"Index of *" inurl:"my shared folder" size modified
intitle:"Index of /CFIDE/" administrator
intitle:"Index of c:\Windows"
intitle:"index of" "parent directory" "desktop.ini" site:dyndns.org
intitle:"index of" -inurl:htm -inurl:html mp3
intitle:"Index of" cfide
intitle:"index of" intext:"content.ie5"
intitle:"index of" inurl:ftp (pub | incoming)
intitle:"index.of.personal"
intitle:"webadmin - /*" filetype:php directory filename permission
intitle:index.of (inurl:fileadmin | intitle:fileadmin)
intitle:index.of /AlbumArt_
intitle:index.of abyss.conf
Mr. KingSkrupellos Cyberizm Digital Security Team
intitle:intranet inurl:intranet +intext:"human resources"
intitle:upload inurl:upload intext:upload -forum -shop -support -w3c
inurl:/pls/sample/admin_/help/
inurl:/tmp
inurl:backup intitle:index.of inurl:admin
inurl:explorer.cfm inurl:(dirpath|This_Directory)
inurl:j2ee/examples/jsp
inurl:ojspdemos
"Index of /backup" -----Look in my backup directories! Please?-----
index.of.private -----private-----
index.of.protected -----protected-----
index.of.secret -----secret-----
index.of.secure -----secure-----
index.of.winnt -----winnt-----

-----------------------------------------------------------------------------------
___________________________________________________________________________________________________


ERROS

comment:Error messages***-----
"A syntax error has occurred" filetype:ihtml
"access denied for user" "using password"
"An illegal character has been found in the statement" -"previous message"
"ASP.NET_SessionId" "data source="
"Can't connect to local" intitle:warning
"Chatologica MetaSearch" "stack tracking"
"detected an internal error [IBM][CLI Driver][DB2/6000]"
"error found handling the request" cocoon filetype:xml
"Fatal error: Call to undefined function" -reply -the -next
"Incorrect syntax near"
"Incorrect syntax near"
"Internal Server Error" "server at"
"Invision Power Board Database Error"
"ORA-00933: SQL command not properly ended"
"ORA-12541: TNS:no listener" intitle:"error occurred"
"PostgreSQL query failed: ERROR: parser: parse error"
"Supplied argument is not a valid MySQL result resource"
"Syntax error in query expression " -the
"The script whose uid is " "is not allowed to access"
"Unclosed quotation mark before the character string"
"Warning: Cannot modify header information - headers already sent"
"Warning: mysql_query()" "invalid query"
"Warning: pg_connect(): Unable to connect to PostgreSQL server: FATAL"
An unexpected token "END-OF-STATEMENT" was found
"Error Diagnostic Information" intitle:"Error Occurred While" -----Coldfusion Error Pages-----
filetype:asp "Custom Error Message" Category Source
filetype:log "PHP Parse error" | "PHP Warning" | "PHP Error"
filetype:php inurl:"logging.php" "Discuz" error
ht://Dig htsearch error
intitle:"the page cannot be found" inetmgr -----IIS 4.0 error messages-----
intitle:"the page cannot be found" "internet information services" -----IIS web server error messages-----
intitle:"500 Internal Server Error" "server at" -----Internal Server Error-----
intext:"Error Message : Error loading required libraries."
intext:"Warning: Failed opening" "on line" "include_path"
intitle:"Error Occurred While Processing Request" +WHERE (SELECT|INSERT) filetype:cfm
intitle:"Error Occurred" "The error occurred in" filetype:cfm
intitle:"Error using Hypernews" "Server Software"
intitle:"Execution of this script not permitted"
intitle:"Under construction" "does not currently have"
intitle:Configuration.File inurl:softcart.exe
Mr. KingSkrupellos Cyberizm Digital Security Team
"supplied argument is not a valid MySQL result resource" -----MYSQL error message: supplied argument....-----
"mySQL error with query" -----mysql error with query-----
"ORA-00921: unexpected end of SQL command" -----ORA-00921: unexpected end of SQL command-----
"ORA-00936: missing expression" -----ORA-00936: missing expression-----
intext:"Warning: Failed opening" "on line" "include_path" -----PHP application warnings failing "include_path"-----
inurl:sitebuildercontent -----sitebuildercontent-----
inurl:sitebuilderfiles -----sitebuilderfiles-----
inurl:sitebuilderpictures -----sitebuilderpictures-----
databasetype. Code : 80004005. Error Description -----Snitz! forums db path error-----
"You have an error in your SQL syntax near" -----SQL syntax error-----
"Supplied argument is not a valid PostgreSQL result" -----Supplied argument is not a valid PostgreSQL result-----
warning "error on line" php sablotron
intitle:"the page cannot be found" "2004 microsoft corporation" -----Windows 2000 web server error messages-----

-----------------------------------------------------------------------------------

___________________________________________________________________________________________________


Arquivos de user's

comment:Files containing usernames***-----
"index of" / lck
+intext:"webalizer" +intext:"Total Usernames" +intext:"Usage Statistics for"
intitle:index.of .bash_history -----bash_history files-----
filetype:conf inurl:proftpd.conf -sample
filetype:log username putty
filetype:reg reg +intext:"internet account manager"
filetype:reg reg HKEY_CURRENT_USER username
index.of perform.ini
inurl:admin filetype:asp inurl:userlist
inurl:admin inurl:userlist
inurl:php inurl:hlstats intext:"Server Username"
inurl:root.asp?acs=anon -----OWA Public folders & Address book-----
intitle:index.of .sh_history -----sh_history files-----
comment:Footholds***-----
"adding new user" inurl:addnewuser -"there are no domains"
(inurl:81/cgi-bin/.cobalt/) | (intext:"Welcome to the Cobalt RaQ")
+htpasswd +WS_FTP.LOG filetype:log
filetype:php HAXPLORER "Server Files Browser"
intitle:"Web Data Administrator - Login"
intitle:admin intitle:login
inurl:"phpOracleAdmin/php" -download -cvs
inurl:ConnectComputer/precheck.htm | inurl:Remote/logon.aspx
intitle:"PHP Shell *" "Enable stderr" filetype:php -----PHP Shell (unprotected)-----
PHPKonsole PHPShell filetype:php -echo
"Powered by PHPFM" filetype:php -username -----Public PHP FileManagers-----
comment:Pages containing login portals***-----
intitle:"remote assessment" OpenAanval Console
Mr. KingSkrupellos Cyberizm Digital Security Team
intitle:opengroupware.org "resistance is obsolete" "Report Bugs" "Username" "password"
"IMail Server Web Messaging" intitle:login
"Login - Sun Cobalt RaQ"
"Login to Usermin" inurl:20000
"Microsoft CRM : Unsupported Browser Version"
"OPENSRS Domain Management" inurl:manage.cgi
"pcANYWHERE EXPRESS Java Client"
"please log in"
"powered by CuteNews" "2003..2005 CutePHP"
"SysCP - login"
"ttawlogin.cgi/?action="
"VHCS Pro ver" -demo
"VNC Desktop" inurl:5800
"Web Control Panel" "Enter your password here"
"WebExplorer Server - Login" "Welcome to WebExplorer Server"
"WebSTAR Mail - Please Log In"
(inurl:"ars/cgi-bin/arweb?O=0" | inurl:arweb.jsp) -site:remedy.com -site:mil
"4images Administration Control Panel"
allinurl:"exchange/logon.asp"
ASP.login_aspx "ASP.NET_SessionId"
filetype:cgi inurl:"irc.cgi" | intitle:"CGI:IRC Login" -----CGI:IRC Login-----
Admin intitle:"eZ publish administration" -----ez Publish administration-----
filetype:php inurl:"webeditor.php"
filetype:pl "Download: SuSE Linux Openexchange Server CA"
filetype:r2w r2w
intext:""BiTBOARD v2.0" BiTSHiFTERS Bulletin Board"
intext:"Mail admins login here to administrate your domain."
intext:"Storage Management Server for" intitle:"Server Administration"
intitle:"Athens Authentication Point"
intitle:"ColdFusion Administrator Login"
intitle:"Dell Remote Access Controller"
intitle:"ePowerSwitch Login"
intitle:"Icecast Administration Admin Page"
intitle:"ISPMan : Unauthorized Access prohibited"
intitle:"ITS System Information" "Please log on to the SAP System"
intitle:"Kurant Corporation StoreSense" filetype:bok Posts: 23 filetype:bok intitle:"Kurant Corporation StoreSense"
intitle:"Login - powered by Easy File Sharing Web Server"
intitle:"MailMan Login"
intitle:"microsoft certificate services" inurl:certsrv
intitle:"MikroTik RouterOS Managing Webpage"
intitle:"MX Control Console" "If you can't remember"
intitle:"Novell Web Services" intext:"Select a service and a language."
intitle:"oMail-admin Administration - Login" -inurl:omnis.ch
intitle:"Philex 0.2*" -script -site:freelists.org
intitle:"PHP Advanced Transfer" inurl:"login.php"
intitle:"php icalendar administration" -site:sourceforge.net
intitle:"php icalendar administration" -site:sourceforge.net
intitle:"please login" "your password is *"
intitle:"Remote Desktop Web Connection" inurl:tsweb
intitle:"teamspeak server-administration
intitle:"Tomcat Server Administration"
intitle:"TUTOS Login"
intitle:"vhost" intext:"vHost . 2000-2004"
intitle:"Virtual Server Administration System"
intitle:"VitalQIP IP Management System"
intitle:"VNC viewer for Java"
intitle:"WebLogic Server" intitle:"Console Login" inurl:console
intitle:"Welcome Site/User Administrator" "Please select the language" -demos
intitle:"welcome to netware *" -site:novell.com
intitle:"ZyXEL Prestige Router" "Enter password"
Mr. KingSkrupellos Cyberizm Digital Security Team
intitle:Group-Office "Enter your username and password to login"
intitle:Login * Webmailer
intitle:Login intext:"RT is © Copyright"
intitle:Node.List Win32.Version.3.11
intitle:Novell intitle:WebAccess "Copyright *-* Novell, Inc"
intitle:plesk inurl:login.php3
inurl:"1220/parse_xml.cgi?"
inurl:"631/admin" (inurl:"op=*") | (intitle:CUPS)
inurl:":10000" intext:webmin
inurl:"Activex/default.htm" "Demo"
inurl:"calendar.asp?action=login"
inurl:"gs/adminlogin.aspx"
inurl:"typo3/index.php?u=" -demo
inurl:"usysinfo?login=true"
inurl:"utilities/TreeView.asp"
inurl:"webadmin" filetype:nsf
inurl:/admin/login.asp
inurl:/cgi-bin/sqwebmail?noframes=1
inurl:/Citrix/Nfuse17/
inurl:/dana-na/auth/welcome.html
inurl:/eprise/
inurl:/webedit.* intext:WebEdit Professional -html
inurl:1810 "Oracle Enterprise Manager"
inurl:administrator "welcome to mambo"
inurl:cgi-bin/ultimatebb.cgi?ubb=login
inurl:confixx inurl:login|anmeldung
inurl:coranto.cgi intitle:Login (Authorized Users Only)
inurl:default.asp intitle:"WebCommander"
inurl:irc filetype:cgi cgi:irc
inurl:login filetype:swf swf
inurl:login.asp
inurl:login.cfm
inurl:login.php "SquirrelMail version"
inurl:metaframexp/default/login.asp | intitle:"Metaframe XP Login"
inurl:mewebmail
inurl:names.nsf?opendatabase
inurl:orasso.wwsso_app_admin.ls_login
inurl:postfixadmin intitle:"postfix admin" ext:php
inurl:search/admin.php
inurl:WCP_USER
Login ("Powered by Jetbox One CMS ™" | "Powered by Jetstream © *")
Novell NetWare intext:"netware management portal version"
inurl:"exchange/logon.asp" OR intitle:"Microsoft Outlook Web Access - Logon" -----Outlook Web Access (a better way)-----
-Login inurl:photopost/uploadphoto.php -----PhotoPost PHP Upload-----
inurl:PHPhotoalbum/statistics intitle:"PHPhotoalbum - Statistics" -----PHPhotoalbum Statistics-----
intitle:"PHPhotoalbum - Upload" | inurl:"PHPhotoalbum/upload" -----PHPhotoalbum Upload-----
filetype:php login (intitle:phpWebMail|WebMail) -----phpWebMail-----
+"Powered by INDEXU" inurl:(browse|top_rated|power) -----Powered by INDEXU-----
filetype:cfg login "LoginServer=" -----Ultima Online loginservers-----
uploadpics.php?did= -forum -----W-Nailer Upload Area-----

___________________________________________________________________________________________________


Informações Senciveis de ADM online

comment:Sensitive Online Shopping Info***-----
"More Info about MetaCart Free"
inurl:"/database/comersus.mdb" -----Comersus.mdb database-----
inurl:midicart.mdb
inurl:shopdbtest.asp
POWERED BY HIT JAMMER 1.0!
site:ups.com intitle:"Ups Package tracking" intext:"1Z ### ### ## #### ### #"
inurl:"shopadmin.asp" "Shop Administrators only" -----VP-ASP Shop Administrators only-----
comment:Various online devices***-----
"Copyright (c) Tektronix, Inc." "printer status"
"intitle:Cisco Systems, Inc. VPN 3000 Concentrator"
Mr. KingSkrupellos Cyberizm Digital Security Team
"please visit" intitle:"i-Catcher Console" Copyright "iCode Systems"
"powered by webcamXP" "Pro|Broadcast"
"Starting SiteZAP 6.0"
("Fiery WebTools" inurl:index2.html) | "WebTools enable * * observe, *, * * * flow * print jobs"
inurl:sts_index.cgi -----Aficio 1022-----
allintitle:Brains, Corp. camera
allinurl:index.htm?cus?audio
inurl:indexFrame.shtml Axis -----Axis Network Cameras-----
axis storpoint "file view" inurl:/volumes/
camera linksys inurl:main.cgi
intitle:"remote ui:top page" -----Canon ImageReady machines-----
intitle:liveapplet inurl:LvAppl -----Canon Webview netcams-----
filetype:cgi transcoder.cgi
intext:"MaiLinX Alert (Notify)" -site:networkprinters.com
intext:"Please enter correct password for Administrator Access. Thank you" "Copyright © 2003 SMC Networks, Inc. All rights reserved."
intext:"Ready with 10/100T Ethernet"
intext:"UAA (MSB)" Lexmark -ext:pdf
intext:"Videoconference Management System" ext:htm
intitle:"AudioReQuest.web.server"
intitle:"axis storpoint CD" intitle:"ip address"
intitle:"BorderManager Information alert"
intitle:"Browser Launch Page"
intitle:"Cayman-DSL.home"
intitle:"DEFAULT_CONFIG - HP"
intitle:"DEFAULT_CONFIG - HP"
intitle:"dreambox web"
intitle:"DVR Web client"
intitle:"EpsonNet WebAssist Rev"
intitle:"EverFocus.EDSR.applet"
intitle:"EvoCam" inurl:"webcam.html"
intitle:"Home" "Xerox Corporation" "Refresh Status"
intitle:"ipcop - main"
intitle:"iVISTA.Main.Page"
intitle:"lantronix web-manager"
intitle:"Live NetSnap Cam-Server feed"
intitle:"Live View / - AXIS"
intitle:"my webcamXP server!" inurl:":8080"
intitle:"Network Print Server" filetype:shtm ( inurl:u_printjobs | inurl:u_server | inurl:a_server | inurl:u_generalhelp | u_printjobs )
intitle:"Network Print Server" intext:"http://www.axis.com" filetype:shtm
intitle:"Setup Home" "You will need * log in before * * change * settings"
intitle:"Sipura.SPA.Configuration" -.pdf
intitle:"Smoothwall Express" inurl:cgi-bin "up * days"
intitle:"Spam Firewall" inurl:"8000/cgi-bin/index.cgi"
intitle:"SpeedStream Router Management Interface"
intitle:"supervisioncam protocol"
intitle:"switch home page" "cisco systems" "Telnet - to"
intitle:"switch login" "IBM Fast Ethernet Desktop"
intitle:"The AXIS 200 Home Page"
intitle:"toshiba network camera - User Login"
intitle:"V-Gear BEE"
intitle:"View and Configure PhaserLink"
intitle:"Brother" intext:"View Configuration" intext:"Brother Industries, Ltd."
intitle:"Connection Status" intext:"Current login"
intitle:Linksys site:ourlinksys.com
intitle:RICOH intitle:"Network Administration"
Mr. KingSkrupellos Cyberizm Digital Security Team
intitle:webeye inurl:login.ml
inurl:"8003/Display?what="
inurl:":631/printers" -php -demo
inurl:"ipp/pdisplay.htm"
inurl:"level/15/exec/-/show"
inurl:"next_file=main_fs.htm" inurl:img inurl:image.cgi
inurl:"printer/main.html" intext:"settings"
inurl:axis-cgi
inurl:camctrl.cgi
inurl:hp/device/this.LCDispatcher
inurl:na_admin
inurl:netw_tcp.shtml
inurl:TiVoConnect?Command=QueryServer
inurl:webArch/mainFrame.cgi
intitle:"network administration" inurl:"nic" -----Konica Network Printer Administration-----
(intext:"MOBOTIX M1" | intext:"MOBOTIX M10") intext:"Open Menu" Shift-Reload -----Mobotix netcams-----
intitle:"Live View / - AXIS" | inurl:view/view.sht -----More Axis netcams !-----
inurl:"ViewerFrame?Mode=" -----Panasonic Network Cameras-----
intitle:"WJ-NT104 Main Page" -----Panasonic WJ-NT104 netcams-----
intext:centreware inurl:status -----Phasers 4500/6250/8200/8400-----
intitle:flexwatch intext:"Home page ver" -----Seyeon FlexWATCH cameras-----
site:.viewnetcam.com -www.viewnetcam.com
intitle:snc-z20 inurl:home/ -----Sony SNC-RZ20 network cameras-----
intitle:snc-rz30 inurl:home/ -----Sony SNC-RZ30 Network Cameras-----
WebControl intitle:"AMX NetLinx"
"Phaser 6250" "Printer Neighborhood" "XEROX CORPORATION" -----Xerox Phaser 6250-----
"Phaser 8200" "© Xerox" "refresh" " Email Alerts" -----Xerox Phaser 8200-----
"Phaser® 740 Color Printer" "printer named: " -----Xerox Phaser® 740 Color Printer-----
"Phaser® 840 Color Printer" "Current Status" "printer named:" -----Xerox Phaser® 840 Color Printer-----

___________________________________________________________________________________________________

Arquivos com informaçoes LOG's

comment:Files containing juicy info***]
intitle:"DocuShare" inurl:"docushare/dsweb/" -faq -gov -edu
"#mysql dump" filetype:sql
"allow_call_time_pass_reference" "PATH_INFO"
"Certificate Practice Statement" inurl:(PDF | DOC)
"Generated by phpSystem"
"generated by wwwstat"
"Host Vulnerability Summary Report"
"HTTP_FROM=googlebot" googlebot.com "Server_Software="
"Index of" / "chat/logs"
"Installed Objects Scanner" inurl:default.asp
"Mecury Version" "Infastructure Group"
"Microsoft (R) Windows * (TM) Version * DrWtsn32 Copyright (C)" ext:log
"Most Submitted Forms and Scripts" "this section"
"Network Vulnerability Assessment Report"
"not for distribution" confidential
"phone * * *" "address *" "e-mail" intitle:"curriculum vitae"
"phpMyAdmin" "running on" inurl:"main.php"
"produced by getstats"
"Request Details" "Control Tree" "Server Variables"
"robots.txt" "Disallow:" filetype:txt
"Running in Child mode"
"sets mode: +p"
"sets mode: +s"
"Thank you for your order" +receipt
"This is a Shareaza Node"
"This report was generated by WebLog"
( filetype:mail | filetype:eml | filetype:mbox | filetype:mbx ) intext:password|subject
(inurl:"robot.txt" | inurl:"robots.txt" ) intext:disallow filetype:txt
+":8080" +":3128" +":80" filetype:txt
+"HSTSNR" -"netop.com"
-site:php.net -"The PHP Group" inurl:source inurl:url ext:pHp
94FBR "ADOBE PHOTOSHOP"
buddylist.blt -----AIM buddy lists-----
allinurl:/examples/jsp/snp/snoop.jsp
allinurl:servlet/SnoopServlet
intitle:index.of cgiirc.config -----cgiirc.conf-----
inurl:cgiirc.config -----cgiirc.conf-----
data filetype:mdb -site:gov -site:mil
e-mail address filetype:csv csv -----exported email addresses-----
Mr. KingSkrupellos Cyberizm Digital Security Team
ext:asp inurl:pathto.asp
ext:cgi inurl:editcgi.cgi inurl:file=
ext:conf inurl:rsyncd.conf -cvs -man
ext:conf NoCatAuth -cvs
ext:dat bpk.dat
ext:gho gho
ext:ini intext:env.ini
ext:ldif ldif
ext:log "Software: Microsoft Internet Information Services *.*"
ext:mdb inurl:*.mdb inurl:fpdb shop.mdb
ext:nsf nsf -gov -mil
ext:pqi pqi -database
ext:reg "username=*" putty
ext:txt "Final encryption key"
ext:txt inurl:dxdiag
ext:vmdk vmdk
ext:vmx vmx
filetype:asp DBQ=" * Server.MapPath("*.mdb")
filetype:bkf bkf
filetype:blt "buddylist"
filetype:blt blt +intext:screenname
filetype:cfg auto_inst.cfg
filetype:cnf inurl:_vti_pvt access.cnf
filetype:conf inurl:firewall -intitle:cvs
filetype:config web.config -CVS
filetype:ctt Contact
filetype:ctt ctt messenger
filetype:eml eml +intext:"Subject" +intext:"From" +intext:"To"
filetype:fp3 fp3
filetype:fp5 fp5 -site:gov -site:mil -"cvs log"
filetype:fp7 fp7
filetype:inf inurl:capolicy.inf
filetype:lic lic intext:key
filetype:log access.log -CVS
filetype:mbx mbx intext:Subject
filetype:myd myd -CVS
filetype:ns1 ns1
filetype:ora ora
filetype:pdb pdb backup (Pilot | Pluckerdb)
filetype:php inurl:index inurl:phpicalendar -site:sourceforge.net
filetype:pot inurl:john.pot
filetype:pst inurl:"outlook.pst"
filetype:pst pst -from -to -date
filetype:qbb qbb
filetype:rdp rdp
filetype:reg "Terminal Server Client"
filetype:vcs vcs
filetype:wab wab
filetype:xls -site:gov inurl:contact
filetype:xls inurl:"email.xls"
intitle:"Index of" finance.xls -----Financial spreadsheets: finance.xls-----
intitle:index.of finances.xls -----Financial spreadsheets: finances.xls-----
intitle:"Ganglia" "Cluster Report for" -----Ganglia Cluster Reports-----
intitle:index.of haccess.ctl -----haccess.ctl (one way)-----
filetype:ctl Basic -----haccess.ctl (VERY reliable)-----
intitle:"Index of" dbconvert.exe chats -----ICQ chat logs, please...-----
filetype:log cron.log
intext:"Session Start * * * *:*:* *" filetype:log
intext:"Tobias Oetiker" "traffic analysis"
intext:(password | passcode) intext:(username | userid | user) filetype:csv
intext:gmail invite intext:http://gmail.google.com/gmail/a
intext:SQLiteManager inurl:main.php
intitle:"Apache::Status" (inurl:server-status | inurl:status.html | inurl:apache.html)
intitle:"AppServ Open Project" -site:www.appservnetwork.com
intitle:"ASP Stats Generator *.*" "ASP Stats Generator" "2003-2004 weppos"
intitle:"Big Sister" +"OK Attention Trouble"
intitle:"edna:streaming mp3 server" -forums
Mr. KingSkrupellos Cyberizm Digital Security Team
intitle:"FTP root at"
intitle:"index of" +myd size
intitle:"Index Of" -inurl:maillog maillog size
intitle:"Index Of" cookies.txt size
intitle:"index of" mysql.conf OR mysql_config
intitle:"Index of" upload size parent directory
intitle:"index.of *" admin news.asp configview.asp
intitle:"index.of" .diz .nfo last modified
intitle:"Multimon UPS status page"
intitle:"PHP Advanced Transfer" (inurl:index.php | inurl:showrecent.php )
intitle:"PhpMyExplorer" inurl:"index.php" -cvs
intitle:"statistics of" "advanced web statistics"
intitle:"System Statistics" +"System and Network Information Center"
intitle:"Usage Statistics for" "Generated by Webalizer"
intitle:"wbem" compaq login
intitle:"Web Server Statistics for ****"
intitle:"web server status" SSH Telnet
intitle:"welcome.to.squeezebox"
intitle:admin intitle:login
intitle:index.of "Apache" "server at"
intitle:index.of cleanup.log
intitle:index.of dead.letter
intitle:index.of inbox
intitle:index.of inbox dbx
intitle:index.of ws_ftp.ini
intitle:intranet inurl:intranet +intext:"phone"
inurl:"/axs/ax-admin.pl" -script
inurl:"/cricket/grapher.cgi"
inurl:"bookmark.htm"
inurl:"cacti" +inurl:"graph_view.php" +"Settings Tree View" -cvs -RPM
inurl:"newsletter/admin/"
inurl:"newsletter/admin/" intitle:"newsletter admin"
inurl:"putty.reg"
inurl:"smb.conf" intext:"workgroup" filetype:conf conf
inurl:*db filetype:mdb
inurl:/_layouts/settings
inurl:admin filetype:xls
inurl:admin intitle:login
inurl:backup filetype:mdb
inurl:cgi-bin/printenv
inurl:cgi-bin/testcgi.exe "Please distribute TestCGI"
inurl:changepassword.asp
inurl:ds.py
inurl:email filetype:mdb
inurl:fcgi-bin/echo
inurl:forum filetype:mdb
inurl:forward filetype:forward -cvs
inurl:getmsg.html intitle:hotmail
inurl:log.nsf -gov
inurl:main.php phpMyAdmin
inurl:main.php Welcome to phpMyAdmin
inurl:netscape.hst
inurl:netscape.hst
inurl:netscape.ini
inurl:odbc.ini ext:ini -cvs
inurl:perl/printenv
inurl:php.ini filetype:ini
inurl:preferences.ini "[emule]"
inurl:profiles filetype:mdb
inurl:report "EVEREST Home Edition "
inurl:server-info "Apache Server Information"
inurl:server-status "apache"
inurl:snitz_forums_2000.mdb
inurl:ssl.conf filetype:conf
inurl:tdbin
inurl:vbstats.php "page generated"
inurl:ipsec.conf -intitle:manpage -----ipsec.conf-----
inurl:ipsec.secrets -history -bugs -----ipsec.secrets-----
inurl:ipsec.secrets "holds shared secrets" -----ipsec.secrets-----
inurl:"/names.nsf?OpenDatabase" -----Lotus Domino address books-----
mail filetype:csv -site:gov intext:name
filetype:mny mny -----Microsoft Money Data Files-----
intitle:index.of mt-db-pass.cgi -----mt-db-pass.cgi files-----
"# Dumping data for table (username|user|users|password)" -----MySQL tabledata dumps-----
intitle:index.of mystuff.xml -----mystuff.xml - Trillian data files-----
inurl:/public/?Cmd=contents -----OWA Public Folders (direct view)-----
filetype:ctt "msn" -----Peoples MSN contact lists-----
php-addressbook "This is the addressbook for *" -warning
intitle:phpinfo "PHP Version" -----phpinfo()-----
"# phpMyAdmin MySQL-Dump" filetype:txt -----phpMyAdmin dumps-----
"# phpMyAdmin MySQL-Dump" "INSERT INTO" -"the" -----phpMyAdmin dumps-----
BEGIN (CERTIFICATE|DSA|RSA) filetype:csr -----private key files (.csr)-----
BEGIN (CERTIFICATE|DSA|RSA) filetype:key -----private key files (.key)-----
filetype:QDF QDF -----Quicken data files-----
intitle:index.of robots.txt -----robots.txt-----
site:edu admin grades
"# Dumping data for table" -----SQL data dumps-----
"cacheserverreport for" "This analysis was produced by calamaris" -----Squid cache server reports-----
filetype:conf inurl:unrealircd.conf -cvs -gentoo -----Unreal IRCd-----
intitle:"Welcome to ntop!" -----Welcome to ntop!-----

___________________________________________________________________________________________________


INFORMAÇÕES DE SERVES

comment:Pages containing network or vulnerability data***-----
filetype:log intext:"ConnectionManager2"
"apricot - admin" 00h
"Network Host Assessment Report" "Internet Scanner"
"Output produced by SysWatch *"
"Phorum Admin" "Database Connection" inurl:forum inurl:admin
"Powered by phpOpenTracker" Statistics
"powered | performed by Beyond Security's Automated Scanning" -kazaa -example
"SnortSnarf alert page"
"This file was generated by Nessus"
"this proxy is working fine!" "enter *" "URL***" * visit
"This report lists" "identified by Internet Scanner"
"Traffic Analysis for" "RMON Port * on unit *"
"Version Info" "Boot Version" "Internet Settings"
((inurl:ifgraph "Page generated at") OR ("This page was built using ifgraph"))
ACID "by Roman Danyliw" filetype:php -----Analysis Console for Incident Databases 12-Jul-2004 866-----
ext:cfg radius.cfg
ext:cgi intext:"nrg-" " This web page was created on "
filetype:pdf "Assessment Report" nessus
filetype:php inurl:ipinfo.php "Distributed Intrusion Detection System"
filetype:php inurl:nqt intext:"Network Query Tool"
filetype:vsd vsd network -samples -examples
intext:"Welcome to the Web V.Networks" intitle:"V.Networks [Top]" -filetype:htm
intitle:"ADSL Configuration page"
intitle:"Azureus : Java BitTorrent Client Tracker"
intitle:"BNBT Tracker Info"
intitle:"Microsoft Site Server Analysis"
intitle:"PHPBTTracker Statistics" | intitle:"PHPBT Tracker Statistics"
Mr. KingSkrupellos Cyberizm Digital Security Team
intitle:"start.managing.the.device" remote pbx acc
intitle:"sysinfo * " intext:"Generated by Sysinfo * written by The Gamblers."
intitle:"twiki" inurl:"TWikiUsers"
inurl:"/catalog.nsf" intitle:catalog
inurl:"install/install.php"
inurl:"map.asp?" intitle:"WhatsUp Gold"
inurl:"sitescope.html" intitle:"sitescope" intext:"refresh" -demo
inurl:/adm-cfgedit.php
inurl:/cgi-bin/finger? "In real life"
inurl:/cgi-bin/finger? Enter (account|host|user|username)
inurl:phpSysInfo/ "created by phpsysinfo"
inurl:portscan.php "from Port"|"Port Range"
inurl:statrep.nsf -gov
inurl:testcgi xitami
inurl:webutil.pl
"Looking Glass" (inurl:"lg/" | inurl:lookingglass) -----Looking Glass-----
intitle:That.Site.Running Apache
___________________________________________________________________________________________________

ARQUIVOS SENCIVEIS

 comment:Vulnerable files***-----
filetype:pl -intext:"/usr/bin/perl" inurl:webcal (inurl:webcal | inurl:add | inurl:delete | inurl:config)
"File Upload Manager v1.3" "rename to"
"Powered by Land Down Under 601"
"powered by YellDL"
ext:asp "powered by DUForum" inurl:(messages|details|login|default|register) -site:duware.com
ext:asp inurl:DUgallery intitle:"3.0" -site:dugallery.com -site:duware.com
ext:cgi inurl:ubb6_test
ezBOO "Administrator Panel" -cvs
filetype:cgi inurl:cachemgr.cgi
filetype:cnf my.cnf -cvs -example
filetype:inc inc intext:setcookie
filetype:lit lit (books|ebooks)
filetype:mdb inurl:"news/news"
filetype:php inurl:"viewfile" -"index.php" -"idfil
filetype:wsdl wsdl
intitle:gallery inurl:setup "Gallery configuration" -----Gallery configuration setup files-----
intitle:"ASP FileMan" Resend -site:iisworks.com
intitle:"Directory Listing" "tree view"
intitle:"Index of /" modified php.exe
intitle:"PHP Explorer" ext:php (inurl:phpexplorer.php | inurl:list.php | inurl:browse.php)
intitle:"phpremoteview" filetype:php "Name, Size, Type, Modify"
intitle:mywebftp "Please enter your password"
inurl:" WWWADMIN.PL" intitle:"wwwadmin"
inurl:"nph-proxy.cgi" "Start browsing through this CGI-based proxy"
inurl:"plog/register.php"
inurl:cgi.asx?StoreID
inurl:changepassword.cgi -cvs
inurl:click.php intext:PHPClickLog
inurl:php.exe filetype:exe -example.com
inurl:robpoll.cgi filetype:cgi
link:http://www.toastforums.com/
"create the Super User" "now by clicking here" -----PHP-Nuke - create super user right now !-----
intitle:"Index of" _vti_inf.html
intitle:"Index of" service.pwd
intitle:"Index of" users.pwd
intitle:"Index of" authors.pwd
intitle:"Index of" administrators.pwd
intitle:"Index of" shtml.dll
intitle:"Index of" shtml.exe
intitle:"Index of" fpcount.exe
intitle:"Index of" default.asp
intitle:"Index of" showcode.asp
intitle:"Index of" sendmail.cfm
intitle:"Index of" getFile.cfm
intitle:"Index of" imagemap.exe
intitle:"Index of" test.bat
intitle:"Index of" msadcs.dll
intitle:"Index of" htimage.exe
intitle:"Index of" counter.exe
intitle:"Index of" browser.inc
intitle:"Index of" hello.bat
intitle:"Index of" default.asp\\
intitle:"Index of" dvwssr.dll
intitle:"Index of" dvwssr.dll
intitle:"Index of" dvwssr.dll
intitle:"Index of" cart32.exe
intitle:"Index of" add.exe
intitle:"Index of" index.JSP
intitle:"Index of" index.jsp
intitle:"Index of" SessionServlet
intitle:"Index of" shtml.dll
intitle:"Index of" index.cfm
intitle:"Index of" page.cfm
intitle:"Index of" shtml.exe
intitle:"Index of" web_store.cgi
intitle:"Index of" shop.cgi
intitle:"Index of" upload.asp
intitle:"Index of" default.asp
intitle:"Index of" pbserver.dll
intitle:"Index of" phf
intitle:"Index of" test-cgi
intitle:"Index of" finger
intitle:"Index of" Count.cgi
intitle:"Index of" jj
intitle:"Index of" php.cgi
intitle:"Index of" php
intitle:"Index of" nph-test-cgi
intitle:"Index of" handler
intitle:"Index of" webdist.cgi
intitle:"Index of" webgais
intitle:"Index of" websendmail
intitle:"Index of" faxsurvey
intitle:"Index of" htmlscript
intitle:"Index of" perl.exe
intitle:"Index of" wwwboard.pl
intitle:"Index of" www-sql
intitle:"Index of" view-source
intitle:"Index of" campas
intitle:"Index of" aglimpse
intitle:"Index of" glimpse
intitle:"Index of" man.sh
intitle:"Index of" AT-admin.cgi
intitle:"Index of" AT-generate.cgi
intitle:"Index of" filemail.pl
intitle:"Index of" maillist.pl
intitle:"Index of" info2www
intitle:"Index of" files.pl
intitle:"Index of" bnbform.cgi
intitle:"Index of" survey.cgi
intitle:"Index of" classifieds.cgi
intitle:"Index of" wrap
intitle:"Index of" cgiwrap
intitle:"Index of" edit.pl
intitle:"Index of" perl
intitle:"Index of" names.nsf
intitle:"Index of" webgais
intitle:"Index of" dumpenv.pl
intitle:"Index of" test.cgi
intitle:"Index of" submit.cgi
intitle:"Index of" submit.cgi
intitle:"Index of" guestbook.cgi
intitle:"Index of" guestbook.pl
intitle:"Index of" cachemgr.cgi
intitle:"Index of" responder.cgi
intitle:"Index of" perlshop.cgi
intitle:"Index of" query
intitle:"Index of" w3-msql
intitle:"Index of" plusmail
intitle:"Index of" htsearch
intitle:"Index of" infosrch.cgi
intitle:"Index of" publisher
intitle:"Index of" ultraboard.cgi
intitle:"Index of" db.cgi
intitle:"Index of" formmail.cgi
intitle:"Index of" allmanage.pl
intitle:"Index of" ssi
intitle:"Index of" adpassword.txt
intitle:"Index of" redirect.cgi
intitle:"Index of" f
intitle:"Index of" cvsweb.cgi
intitle:"Index of" login.jsp
intitle:"Index of" login.jsp
intitle:"Index of" dbconnect.inc
intitle:"Index of" admin
intitle:"Index of" htgrep
intitle:"Index of" wais.pl
intitle:"Index of" amadmin.pl
intitle:"Index of" subscribe.pl
intitle:"Index of" news.cgi
intitle:"Index of" auctionweaver.pl
intitle:"Index of" .htpasswd
intitle:"Index of" acid_main.php
intitle:"Index of" access_log
intitle:"Index of" access-log
intitle:"Index of" access.log
intitle:"Index of" log.htm
intitle:"Index of" log.html
intitle:"Index of" log.txt
intitle:"Index of" logfile
intitle:"Index of" logfile.htm
intitle:"Index of" logfile.html
intitle:"Index of" logfile.txt
intitle:"Index of" logger.html
intitle:"Index of" stat.htm
intitle:"Index of" stats.htm
intitle:"Index of" stats.html
intitle:"Index of" stats.txt
intitle:"Index of" webaccess.htm
intitle:"Index of" wwwstats.html
intitle:"Index of" source.asp
intitle:"Index of" perl
intitle:"Index of" mailto.cgi
intitle:"Index of" YaBB.pl
intitle:"Index of" mailform.pl
intitle:"Index of" cached_feed.cgi
intitle:"Index of" cr
intitle:"Index of" global.cgi
intitle:"Index of" Search.pl
intitle:"Index of" build.cgi
intitle:"Index of" common.php
intitle:"Index of" common.php
intitle:"Index of" show
intitle:"Index of" global.inc
intitle:"Index of" ad.cgi
intitle:"Index of" WSFTP.LOG
intitle:"Index of" index.html~
intitle:"Index of" index.php~
intitle:"Index of" index.html.bak
intitle:"Index of" index.php.bak
intitle:"Index of" print.cgi
intitle:"Index of" register.cgi
intitle:"Index of" webdriver
intitle:"Index of" bbs_forum.cgi
intitle:"Index of" mysql.class
intitle:"Index of" sendmail.inc
intitle:"Index of" CrazyWWWBoard.cgi
intitle:"Index of" search.pl
intitle:"Index of" way-board.cgi
intitle:"Index of" webpage.cgi
intitle:"Index of" pwd.dat
intitle:"Index of" adcycle
intitle:"Index of" post-query
intitle:"Index of" help.cgi
__________________________________________________________________________________________________

intitle:upload inurl:upload intext:upload -forum -shop -support -wc
intitle: private, protected, secret, secure, winnt
intitle:"DocuShare" inurl:"docushare/dsweb/" -faq -gov -edu
"Certificate Practice Statement" inurlPDF | DOC) mil
filetype:mdb inurl:.mdb mil
filetype:log inurl:"password.log"
filetype:bak inurl:"htaccess|passwd|shadow|htusers"
filetype:ini inurl:"serv-u.ini"
filetype:ini inurl:flashFXP.ini
filetype:ini ServUDaemon
filetype:ini wcx_ftp
filetype:ini ws_ftp pwd
filetype:pem intext:private 搜索加密密匙
filetype:reg reg +intext:"defaultusername" +intext:"defaultpassword" 找肉鸡，看admin密码
filetype:reg reg HKEY_CURRENT_USER SSHHOSTKEYS
Mr. KingSkrupellos Cyberizm Digital Security Team
filetype:url +inurl:"ftp://" +inurl:";@" 此技巧最好分开使用
intitle:"index of" intext:connect.inc
intitle:"index of" intext:globals.inc
intitle:"Index of" passwords modified 推荐
intitle:"index of" intext:welcome 如有pub和etc一般都有welcome
intitle:Index.of etc shadow
site:.gov filetype:sql
"HTTP_FROM=googlebot" googlebot.com "Server_Software=" 好的很啊
( filetype:mail | filetype:eml | filetype:mbox | filetype:mbx ) intext:password|subject site:edu 2005
filetype:eml eml +intext:"Subject" +intext:"From" +intext:"To"
inurl:forward filetype:forward -cvs 找密码和ftp最好的技巧
top secret site:mil
confidential site:mil

inurl:
private
protected
secret
secure
--------------------------------------------------------------------

filetype:xls username password email
"config.php"
service filetype:pwd (frontpage)
inurl:_vti_cnf (frontpage files)
allinurl:/msadc/samples/selector/showcode.asp
allinurl:/examples/jsp/snp/snoop.jsp
ipsec filetype:conf
"mydomain.com" nessus report
"report generated by"
"ws_ftp.log"
inurl:server-info "Apache Server Information"
inurl:ssl.conf filetype:conf
ipsec.conf
Lotus Domino address books 用户数据库，重要
robots.txt 看目录

___________________________________________________________________________________________________


filetype:url +inurl:"ftp://" +inurl:"@"

filetype:cnf inurl:_vti_pvt access.cnf


allinurl:"/*/_vti_pvt/" | allinurl:"/*/_vti_cnf/" 推荐
"access denied for user" "using password" mysql暴错，暴出路径
intitleogin intext:"RT is ? Copyright" 找登陆页子
intitle:index.of WEB-INF 目录
intitle:"Index of" config.php
"Index of /admin" + passwd
inurl:passwd.txt wwwboard|webadmin
master.passwd
filetype:cfg mrtg "target
" -sample -cvs -example 看MRTG的配置的
ext:ini Version=... password
filetype:cfm "cfapplication name" password
filetype:config config intext:appSettings "User ID"
filetype:dat "password.dat"
filetype:inc dbconn 推荐
"#mysql dump" filetype:sql
"allow_call_time_pass_reference" "ATH_INFO"
filetype:inc intext:mysql_connect
filetype:inc mysql_connect or mysql_pconnect
filetype:mdb inurl:users.mdb

filetype:pass pass intext:userid
filetype:properties inurl:db intext:password ]

filetype:sql ("values * MD" | "values * password" | "values * encrypt")
filetype:sql ("passwd values" | "password values" | "pass values" )
filetype:sql +"IDENTIFIED BY" -cvs
filetype:sql password
filetype:xls username password email mil

htpasswd
htpasswd / htgroup
htpasswd / htpasswd.bak

inurljspdemos private protected secret secure

intitle:dupics inurladd.asp | default.asp | view.asp | voting.asp) -site:duware.com
inurl:config.php dbuname dbpass phpnuke的漏洞
"Welcome to phpMyAdmin" " Create new database"
"phone * * *" "address *" "e-mail" intitle:"curriculum vitae" 跟踪
"phpMyAdmin" "running on" inurl:"main.php"
"robots.txt" "Disallow:" filetype:txt 可以查看漏洞
ext:reg "username=*" putty
-site:php.net -"The PHP Group" inurl:source inurl:url ext:pHp
ext:log "Software: Microsoft Internet Information Services *.*"
filetype:asp DBQ=" * Server.MapPath("*.mdb")
filetype:php inurl:index inurl:phpicalendar -site:sourceforge.net 泄露源代码
haccess.ctl (one way)
haccess.ctl (VERY reliable)
intext:gmail invite intext:http://gmail.google.com/gmail/a
-------------------------------------------------------------------------------------
intitle:"Index of" upload size parent directory
intitle:"System Statistics" +"System and Network Information Center"
intitle:"wbem" compaq login "Compaq Information Technologies Group"
intitle:index.of "Apache" "server at"
intitle:index.of cleanup.log
intitle:index.of dead.letter
intitle:index.of inbox
intitle:index.of inbox dbx
"intitle:Index.Of /" stats cgi-* etc
intitle:"Directory Listing For" intext:Tomcat -intitle:Tomcat mil
intitle:"Index of *" inurl:"my shared folder" size modified
intitle:"index of" "parent directory" "desktop.ini" site:gov NASA
"Index of /backup"
intitle:"Index of /" modified php.exe
Mr. KingSkrupellos Cyberizm Digital Security Team
intitle:"index of" -inurl:htm -inurl:html mp
intitle:"Index of" cfide
intitle:"index of" intext:"content.ie"
intitle:"index.of.personal"
intitle:"webadmin - /*" filetype:php directory filename permission
intitle:index.of (inurl:fileadmin | intitle:fileadmin)
intitle:index.of /AlbumArt_
intitle:index.of /maildir/new/
intitle:index.of abyss.conf
intitle:intranet inurl:intranet +intext:"human resources"
inurl:/tmp

filetype:pl -intext:"/usr/bin/perl" inurl:webcal (inurl:webcal | inurl:add | inurl:delete | inurl:config)

inurl:explorer.cfm inurldirpath|This_Directory)

___________________________________________________________________________________________________


"parent directory " /appz/ -xxx -html -htm -php -shtml -opendivx -md5 -md5sums

"parent directory " DVDRip -xxx -html -htm -php -shtml -opendivx -md5 -md5sums

"parent directory "Xvid -xxx -html -htm -php -shtml -opendivx -md5 -md5sums

"parent directory " Gamez -xxx -html -htm -php -shtml -opendivx -md5 -md5sums

"parent directory " MP3 -xxx -html -htm -php -shtml -opendivx -md5 -md5sums

"parent directory " Name of Singer or album -xxx -html -htm -php -shtml -opendivx -md5 -md5sums

"AutoCreate=TRUE password=*"

"index of cgi-bin"
+htpasswd +WS_FTP.LOG filetype:log
filetype:cfg ks intext:rootpw -sample -test -howto gov
config.inc.php 偶自己发现地
site:mil admin grades
inurl:backup filetype:mdb
inurl:perl/printenv
inurldbc.ini ext:ini -cvs
"Index Of /network" "last modified"
filetype:mbx mbx intext:Subject
Apache Tomcat Admin intitle:”Tomcat Server Administration”
ASP.NET inurl:ASP.login_aspx
Citrix Metaframe inurl:/Citrix/Nfuse17/
Citrix Metaframe inurl:citrix/metaframexp/default/login.asp
ColdFusion Admin intitle:”ColdFusion Administrator Login”
ColdFusion Generic inurl:login.cfm
Lotus Domino Admin inurl:”webadmin” filetype:nsf
Lotus Domino inurl:names.nsf?opendatabase
Microsoft Certificate Server intitle:”microsoft certificate services”
inurl:certsrv
Microsoft Outlook Web Access allinurl:”exchange/logon.asp”
Microsoft Outlook Web Access inurl:”exchange/logon.asp” or
intitle:”Microsoft Outlook Web Access –
Logon”
Microsoft Remote Desktop intitle:Remote.Desktop.Web.Connection
inurl:tsweb
Network Appliance Admin inurl:na_admin
Novell Groupwise Web Access inurl:/servlet/webacc Novell
Shockwave Flash Login inurl:login filetype:swf swf
Tivoli Server Administration intitle:”Server Administration” “Tivoli power”
VNC “VNC Desktop” inurl:5800

___________________________________________________________________________________________________


inurl:error.log filetype:log -cvs Apache error log
inurl:access.log filetype:log –cvs Apache access log (Windows)
filetype:log inurl:cache.log Squid cache log
filetype:log inurl:store.log RELEASE Squid disk store log
filetype:log inurl:access.log TCP_HIT Squid access log
filetype:log inurl:useragent.log Squid useragent log
filetype:log hijackthis “scan saved” Hijackthis scan log
ext:log “Software: Microsoft IIS server log files
Internet Information Services *.*”
filetype:log iserror.log MS Install Shield logs
intitle:index.of .bash_history UNIX bash shell history file
intitle:index.of .sh_history UNIX shell history file
“Index of” / “chat/logs” Chat logs
filetype:log username putty Putty SSH client logs
filetype:log inurl:”password.log” Password logs
Mr. KingSkrupellos Cyberizm Digital Security Team
filetype:log cron.log UNIX cron logs
filetype:log access.log –CVS HTTPD server access logs
+htpasswd WS_FTP.LOG filetype:log WS_FTP client log files
“sets mode: +k” IRC logs, channel key set
“sets mode: +s” IRC logs, secret channel set
intitle:”Index Of” -inurl:maillog Mail log files - maillog size

___________________________________________________________________________________________________

Mr. KingSkrupellos Cyberizm Digital Security Team