servers site

1. Google Hacking
2.  
3. allintitle:Brains, Corp. camera
4.  
5. allintitle:"index of/admin"
6. allintitle:"index of/root"
7. allintitle:restricted filetype:doc site:gov
8. allintitle:restricted filetype :mail
9. allintitle:sensitive filetype:doc
10.  
11. allinurl:/bash_history
12. allinurl:winnt/system32/ (get cmd.exe)
13.  
14. ext:ini eudora.ini
15. ext:pwd inurl:(service|authors|administrators |users) "# -FrontPage-"
16.  
17. filetype:bak inurl:"htaccess|passwd|shadow|htusers"
18. filetype:conf slapd.conf
19. filetype:ctt "msn"
20. filetype:mdb inurl:"account|users|admin|administrators|passwd|password"
21. filetype:mdb inurl:users.mdb
22. filetype:QDF QDF
23. filetype:pdf "Host Vulnerability Summary Report" "Assessment Report"
24. filetype:sql ("passwd values ****" | "password values ****" | "pass values ****" )
25. filetype:xls inurl:"email.xls"
26. filetype:user eggdrop user
27.  
28. "Index of /admin"
29. "Index of /" +.htaccess
30. "Index of /mail"
31. "Index of /" "Parent Directory" "WS_FTP.ini" filetype:ini
32. "Index of /" +passwd
33. "Index of /password"
34. "Index of /" +password.txt
35. intext:"BiTBOARD v2.0" "BiTSHiFTERS Bulletin Board"
36. intext:centreware inurl:status
37. intext:"MOBOTIX M1"
38. intext:"MOBOTIX M10"
39. intext:"Open Menu"
40. intext:"powered by Web Wiz Journal"
41. intext:"Tobias Oetiker" "traffic analysis"
42.  
43. intitle:index.of "Apache/1.3.28 Server at"
44. intitle:index.of "Apache/2.0 Server at"
45. intitle:index.of "Apache/* Server at"
46. intitle:index.of "HP Apache-based Web Server/*"
47. intitle:index.of "IBM _ HTTP _ Server/* * Server at"
48. intitle:index.of "Microsoft-IIS/4.0 Server at"
49. intitle:index.of "Microsoft-IIS/5.0 Server at"
50. intitle:index.of "Microsoft-IIS/6.0 Server at"
51. intitle:index.of "Microsoft-IIS/* Server at"
52. intitle:index.of "Netscape/* Server at"
53. intitle:index.of "Oracle HTTP Server/* Server at"
54. intitle:index.of "Red Hat Secure/*"
55.  
56. intitle:"Apache::Status" (inurl:server-status | inurl:status.html | inurl:apache.html)
57. intitle:"Welcome to IIS 4.0!"
58. intitle:"Welcome to Windows 2000 Internet Services"
59. intitle:"Welcome to Windows XP Server Internet Services"
60. intitle:"Welcome to Your New Home Page!"
61. intitle:"Test Page for Apache Installation" "It worked!" "this Web site!"
62. intitle:"Test Page for Apache Installation" "Seeing this instead"
63. intitle:"Test Page for Apache Installation" "You are free"
64. intitle:"Test Page for the Apache Http Server on Fedora Core"
65. intitle:"Test Page for the Apache Web Server on RedHat Linux"
66. intitle:"Test Page for the SSL/TLS-aware Apache Installation" "Hey, it worked!"
67.  
68. intitle:"index of" .bash_history
69. intitle:"index of" etc/shadow
70. intitle:"index.of" finances.xls
71. intitle:"index of" htpasswd
72. intitle:"Index Of" inurl:maillog
73. intitle:"index of" master.passwd
74. intitle:"index of" members OR accounts
75. intitle:"index.of" mystuff.xml
76. intitle:"index of" passwd
77. intitle:"index of" people.lst
78. intitle:"index of" pwd.db
79. intitle:"Index of" pwd.db
80. intitle:"Index of" .sh_history
81. intitle:"index of" spwd
82. intitle:"index.of" trillian.ini
83. intitle:"index of" user_carts OR user_cart
84. intitle:"active webcam page"
85. intitle:"ASP Stats Generator *.*" "ASP Stats Generator" "2003-2004 weppos"
86. intitle:"curriculum vitae" "phone * * *" "address *"
87. intitle:"Dell Laser Printer" ews
88. intitle:"EvoCam" inurl:"webcam.html"
89. intitle:liveapplet inurl:LvAppl
90. intitle:"Multimon UPS status page"
91. intitle:"my webcamXP server!" inurl:":8080"
92. intitle:"statistics of" "advanced web statistics"
93. intitle:"System Statistics" +"System and Network Information Center"
94. intitle:"Terminal Services Web Connection"
95. intitle:"Usage Statistics for" "Generated by Webalizer"
96. intitle:"VNC Desktop" inurl:5800
97. intitle:"Web Server Statistics for ****"
98. inurl:admin filetype:db
99. inurl:admin inurl:backup intitle:index.of
100. inurl:"auth_user_file.txt"
101. inurl:"/axs/ax-admin.pl" -script
102. inurl:"/cricket/grapher.cgi"
103. inurl:hp/device/this.LCDispatcher
104. inurl:iisadmin
105. inurl:indexFrame.shtml Axis
106. inurl:"main.php" "phpMyAdmin" "running on"
107. inurl:passwd filetype:txt
108. inurl:"printer/main.html" intext:"settings"
109. inurl:server-info "Apache Server Information"
110. inurl:"ViewerFrame?Mode="
111. inurl:"wvdial.conf" intext:"password"
112. inurl:"wwwroot/*."
113.  
114. site:gov confidential
115. site:mil confidential
116. site:mil "top secret"
117. "Copyright (c) Tektronix, Inc." "printer status"
118. "Host Vulnerability Summary Report"
119. "http://*:*@www"
120. "Network Vulnerability Assessment Report"
121. "not for distribution"
122. "Output produced by SysWatch *"
123. "These statistics were produced by getstats"
124. "This file was generated by Nessus"
125. "This report was generated by WebLog"
126. "This summary was generated by wwwstat"
127. "Generated by phpSystem"
128. "Host Vulnerability Summary Report"
129. "my webcamXP server!"
130. sample/LvAppl/
131. "TOSHIBA Network Camera - User Login"
132. /home/homeJ.html
133. /ViewerFrame?Mode=Motion
134. This reveals mySQL database dumps. These database dumps list the structure and content of databases, which can reveal many different types of sensitive information. http://www.google.com/search?hl=en&lr=&ie=UTF-8&oe=UTF-8&q=%22%23mysql+dump%22+filetype%3Asql&btnG=Search
135.  
136. These log files record info about the SSH client PUTTY. These files contain usernames, site names, IP addresses, ports and various other information about the SSH server connected to. http://www.google.com/search?hl=en&lr=&ie=UTF-8&q=filetype%3Alog+username+putty
137.  
138. These files contain cleartext usernames and passwords, as well as the sites associated with those credentials. Attackers can use this information to log on to that site as that user. http://www.google.com/search?hl=en&lr=&ie=UTF-8&q=filetype%3Alog+inurl%3A%22password.log%22
139.  
140. This file contains port number, version number and path info to MySQL server. http://www.google.com/search?hl=en&lr=&ie=UTF-8&q=intitle%3A%22index+of%22+mysql.conf+OR+mysql_config
141.  
142. This search reveals sites which may be using Shockwave (Flash) as a login mechanism for a site. The usernames and passwords for this type of login mechanism are often stored in plaintext inside the source of the .swl file. http://www.google.com/search?hl=en&lr=&q=inurl%3Alogin+filetype%3Aswf+swf
143.  
144. These are oulook express email files which contain emails, with full headers. The information in these emails can be useful for information gathering about a target. http://www.google.com/search?hl=en&lr=&q=filetype%3Aeml+eml+%2Bintext%3A%22Subject%22+%2Bintext%3A%22From%22+%2Bintext%3A%22To%22
145.  
146. This google search reveals users names, pop3 passwords, email addresses, servers connected to and more. The IP addresses of the users can also be revealed in some cases. http://www.google.com/search?num=100&hl=en&lr=&q=filetype%3Areg+reg+%2Bintext%3A%22internet+account+manager
147.  
148.  
149.  
150.  
151. Footprinting Websites and Information Gathering Resources
152.  
153. A hacker or pen tester may also do a Google search or a site search to locate information about employees. Some sites useful to find more information about an organization and its employees include:
154.  
155. www.trula.com - real estate
156.  
157. www.zillow.com - real estate
158.  
159. www.netronline.com - real estate
160.  
161. www.whosarat.com - informants
162.  
163. www.zabaseach.com - name, address, location info
164.  
165. www.zoominfo.com - person & company data
166.  
167. www.vitalrec.com - people info
168.  
169. www.pipl.com - people search
170.  
171. www.skipease.com/blog/ - people search
172.  
173. www.pretrieve.com - people search
174.  
175. www.publicdata.com - people search
176.  
177. www.urapi.com - people search
178.  
179. https://addons.mozilla.org/en-US/firefox/addon/1912 (who is this person)
180.  
181. www.nndb.com – people activity tracker
182.  
183. www.willyancey.com/finding.htm online info
184.  
185. www.courthousedirect.com - property records
186.  
187. www.turboscout.com - multisearch engine tool
188.  
189. www.theultimates.com - phone number lookup
190.  
191. http://skipease.whitepages.com/reverse_address - address lookup
192.  
193. www.thevault.com - company search / profile
194.  
195. www.blogsearchengine.com - search blogs for info or person
196.  
197. www.ccrs.info - China based company search /profile
198.  
199. www.hoovers.com - company search / profile
200.  
201. www.lexisnexis.com - company search / profile
202.  
203. www.topix.net - region specific news articles
204.  
205. www.pacer.uscourts.gov/natsuit.html - Court records
206.  
207. www.oihweb.com - online investigation techniques
208.  
209. www.linkedin.com - business person's network
210.  
211.  
212. Footprinting Links
213.  
214. Google Hacking Database
215. A search that finds password hashes
216. Nessus Reports from Google
217. More Passwords from Google
218. Google Hacks Volume III by Halla
219. G-Zapper Blocks the Google Cookie to Search Anonymously
220. SiteDigger 2.0 searches Google’s cache to look for vulnerabilities
221. BeTheBot - View Pages as the Googlebot Sees Them
222. An experts-exchange page to demonstrate the Googlebot
223. HTTP Header Viewer
224. Masquerading Your Browser
225. User Agent Switcher :: Firefox Add-ons
226. Modify Headers :: Firefox Add-ons
227. User Agent Sniffer for Project 1
228. GNU Wget - Tool to Mirror Websites
229. Teleport Pro - Tool to Mirror Websites
230. Google Earth
231. Finding Subdomains (Zone Transfers)
232. Dakota Judge rules that Zone Transfers are Hacking
233. Internet Archive - Wayback Machine
234. Wikto - Web Server Assessment Tool - With Google Hacking
235. VeriSign Whois Search from VeriSign, Inc.
236. whois.com
237. ARIN: WHOIS Database Search
238. Border Gateway Protocol (BGP) and AS Numbers
239. Internic | Whois - the only one that finds hackthissite.org
240. Teenager admits eBay domain hijack
241. NeoTrace
242. VisualRoute traceroute: connection test, trace IP address, IP trace, IP address locations
243.