SHOW:
|
|
- or go back to the newest paste.
| 1 | Google Hacking | |
| 2 | ||
| 3 | allintitle:Brains, Corp. camera | |
| 4 | ||
| 5 | allintitle:"index of/admin" | |
| 6 | allintitle:"index of/root" | |
| 7 | allintitle:restricted filetype:doc site:gov | |
| 8 | allintitle:restricted filetype :mail | |
| 9 | allintitle:sensitive filetype:doc | |
| 10 | ||
| 11 | allinurl:/bash_history | |
| 12 | allinurl:winnt/system32/ (get cmd.exe) | |
| 13 | ||
| 14 | ext:ini eudora.ini | |
| 15 | ext:pwd inurl:(service|authors|administrators |users) "# -FrontPage-" | |
| 16 | ||
| 17 | filetype:bak inurl:"htaccess|passwd|shadow|htusers" | |
| 18 | filetype:conf slapd.conf | |
| 19 | filetype:ctt "msn" | |
| 20 | filetype:mdb inurl:"account|users|admin|administrators|passwd|password" | |
| 21 | filetype:mdb inurl:users.mdb | |
| 22 | filetype:QDF QDF | |
| 23 | filetype:pdf "Host Vulnerability Summary Report" "Assessment Report" | |
| 24 | filetype:sql ("passwd values ****" | "password values ****" | "pass values ****" )
| |
| 25 | filetype:xls inurl:"email.xls" | |
| 26 | filetype:user eggdrop user | |
| 27 | ||
| 28 | "Index of /admin" | |
| 29 | "Index of /" +.htaccess | |
| 30 | "Index of /mail" | |
| 31 | "Index of /" "Parent Directory" "WS_FTP.ini" filetype:ini | |
| 32 | "Index of /" +passwd | |
| 33 | "Index of /password" | |
| 34 | "Index of /" +password.txt | |
| 35 | intext:"BiTBOARD v2.0" "BiTSHiFTERS Bulletin Board" | |
| 36 | intext:centreware inurl:status | |
| 37 | intext:"MOBOTIX M1" | |
| 38 | intext:"MOBOTIX M10" | |
| 39 | intext:"Open Menu" | |
| 40 | intext:"powered by Web Wiz Journal" | |
| 41 | intext:"Tobias Oetiker" "traffic analysis" | |
| 42 | ||
| 43 | intitle:index.of "Apache/1.3.28 Server at" | |
| 44 | intitle:index.of "Apache/2.0 Server at" | |
| 45 | intitle:index.of "Apache/* Server at" | |
| 46 | intitle:index.of "HP Apache-based Web Server/*" | |
| 47 | intitle:index.of "IBM _ HTTP _ Server/* * Server at" | |
| 48 | intitle:index.of "Microsoft-IIS/4.0 Server at" | |
| 49 | intitle:index.of "Microsoft-IIS/5.0 Server at" | |
| 50 | intitle:index.of "Microsoft-IIS/6.0 Server at" | |
| 51 | intitle:index.of "Microsoft-IIS/* Server at" | |
| 52 | intitle:index.of "Netscape/* Server at" | |
| 53 | intitle:index.of "Oracle HTTP Server/* Server at" | |
| 54 | intitle:index.of "Red Hat Secure/*" | |
| 55 | ||
| 56 | intitle:"Apache::Status" (inurl:server-status | inurl:status.html | inurl:apache.html) | |
| 57 | intitle:"Welcome to IIS 4.0!" | |
| 58 | intitle:"Welcome to Windows 2000 Internet Services" | |
| 59 | intitle:"Welcome to Windows XP Server Internet Services" | |
| 60 | intitle:"Welcome to Your New Home Page!" | |
| 61 | intitle:"Test Page for Apache Installation" "It worked!" "this Web site!" | |
| 62 | intitle:"Test Page for Apache Installation" "Seeing this instead" | |
| 63 | intitle:"Test Page for Apache Installation" "You are free" | |
| 64 | intitle:"Test Page for the Apache Http Server on Fedora Core" | |
| 65 | intitle:"Test Page for the Apache Web Server on RedHat Linux" | |
| 66 | intitle:"Test Page for the SSL/TLS-aware Apache Installation" "Hey, it worked!" | |
| 67 | ||
| 68 | intitle:"index of" .bash_history | |
| 69 | intitle:"index of" etc/shadow | |
| 70 | intitle:"index.of" finances.xls | |
| 71 | intitle:"index of" htpasswd | |
| 72 | intitle:"Index Of" inurl:maillog | |
| 73 | intitle:"index of" master.passwd | |
| 74 | intitle:"index of" members OR accounts | |
| 75 | intitle:"index.of" mystuff.xml | |
| 76 | intitle:"index of" passwd | |
| 77 | intitle:"index of" people.lst | |
| 78 | intitle:"index of" pwd.db | |
| 79 | intitle:"Index of" pwd.db | |
| 80 | intitle:"Index of" .sh_history | |
| 81 | intitle:"index of" spwd | |
| 82 | intitle:"index.of" trillian.ini | |
| 83 | intitle:"index of" user_carts OR user_cart | |
| 84 | intitle:"active webcam page" | |
| 85 | intitle:"ASP Stats Generator *.*" "ASP Stats Generator" "2003-2004 weppos" | |
| 86 | intitle:"curriculum vitae" "phone * * *" "address *" | |
| 87 | intitle:"Dell Laser Printer" ews | |
| 88 | intitle:"EvoCam" inurl:"webcam.html" | |
| 89 | intitle:liveapplet inurl:LvAppl | |
| 90 | intitle:"Multimon UPS status page" | |
| 91 | intitle:"my webcamXP server!" inurl:":8080" | |
| 92 | intitle:"statistics of" "advanced web statistics" | |
| 93 | intitle:"System Statistics" +"System and Network Information Center" | |
| 94 | intitle:"Terminal Services Web Connection" | |
| 95 | intitle:"Usage Statistics for" "Generated by Webalizer" | |
| 96 | intitle:"VNC Desktop" inurl:5800 | |
| 97 | intitle:"Web Server Statistics for ****" | |
| 98 | inurl:admin filetype:db | |
| 99 | inurl:admin inurl:backup intitle:index.of | |
| 100 | inurl:"auth_user_file.txt" | |
| 101 | inurl:"/axs/ax-admin.pl" -script | |
| 102 | inurl:"/cricket/grapher.cgi" | |
| 103 | inurl:hp/device/this.LCDispatcher | |
| 104 | inurl:iisadmin | |
| 105 | inurl:indexFrame.shtml Axis | |
| 106 | inurl:"main.php" "phpMyAdmin" "running on" | |
| 107 | inurl:passwd filetype:txt | |
| 108 | inurl:"printer/main.html" intext:"settings" | |
| 109 | inurl:server-info "Apache Server Information" | |
| 110 | inurl:"ViewerFrame?Mode=" | |
| 111 | inurl:"wvdial.conf" intext:"password" | |
| 112 | inurl:"wwwroot/*." | |
| 113 | ||
| 114 | site:gov confidential | |
| 115 | site:mil confidential | |
| 116 | site:mil "top secret" | |
| 117 | "Copyright (c) Tektronix, Inc." "printer status" | |
| 118 | "Host Vulnerability Summary Report" | |
| 119 | "http://*:*@www" | |
| 120 | "Network Vulnerability Assessment Report" | |
| 121 | "not for distribution" | |
| 122 | "Output produced by SysWatch *" | |
| 123 | "These statistics were produced by getstats" | |
| 124 | "This file was generated by Nessus" | |
| 125 | "This report was generated by WebLog" | |
| 126 | "This summary was generated by wwwstat" | |
| 127 | "Generated by phpSystem" | |
| 128 | "Host Vulnerability Summary Report" | |
| 129 | "my webcamXP server!" | |
| 130 | sample/LvAppl/ | |
| 131 | "TOSHIBA Network Camera - User Login" | |
| 132 | /home/homeJ.html | |
| 133 | /ViewerFrame?Mode=Motion | |
| 134 | This reveals mySQL database dumps. These database dumps list the structure and content of databases, which can reveal many different types of sensitive information. http://www.google.com/search?hl=en&lr=&ie=UTF-8&oe=UTF-8&q=%22%23mysql+dump%22+filetype%3Asql&btnG=Search | |
| 135 | ||
| 136 | These log files record info about the SSH client PUTTY. These files contain usernames, site names, IP addresses, ports and various other information about the SSH server connected to. http://www.google.com/search?hl=en&lr=&ie=UTF-8&q=filetype%3Alog+username+putty | |
| 137 | ||
| 138 | These files contain cleartext usernames and passwords, as well as the sites associated with those credentials. Attackers can use this information to log on to that site as that user. http://www.google.com/search?hl=en&lr=&ie=UTF-8&q=filetype%3Alog+inurl%3A%22password.log%22 | |
| 139 | ||
| 140 | This file contains port number, version number and path info to MySQL server. http://www.google.com/search?hl=en&lr=&ie=UTF-8&q=intitle%3A%22index+of%22+mysql.conf+OR+mysql_config | |
| 141 | ||
| 142 | This search reveals sites which may be using Shockwave (Flash) as a login mechanism for a site. The usernames and passwords for this type of login mechanism are often stored in plaintext inside the source of the .swl file. http://www.google.com/search?hl=en&lr=&q=inurl%3Alogin+filetype%3Aswf+swf | |
| 143 | ||
| 144 | These are oulook express email files which contain emails, with full headers. The information in these emails can be useful for information gathering about a target. http://www.google.com/search?hl=en&lr=&q=filetype%3Aeml+eml+%2Bintext%3A%22Subject%22+%2Bintext%3A%22From%22+%2Bintext%3A%22To%22 | |
| 145 | ||
| 146 | This google search reveals users names, pop3 passwords, email addresses, servers connected to and more. The IP addresses of the users can also be revealed in some cases. http://www.google.com/search?num=100&hl=en&lr=&q=filetype%3Areg+reg+%2Bintext%3A%22internet+account+manager | |
| 147 | ||
| 148 | ||
| 149 | ||
| 150 | ||
| 151 | Footprinting Websites and Information Gathering Resources | |
| 152 | ||
| 153 | A hacker or pen tester may also do a Google search or a site search to locate information about employees. Some sites useful to find more information about an organization and its employees include: | |
| 154 | ||
| 155 | www.trula.com - real estate | |
| 156 | ||
| 157 | www.zillow.com - real estate | |
| 158 | ||
| 159 | www.netronline.com - real estate | |
| 160 | ||
| 161 | www.whosarat.com - informants | |
| 162 | ||
| 163 | www.zabaseach.com - name, address, location info | |
| 164 | ||
| 165 | www.zoominfo.com - person & company data | |
| 166 | ||
| 167 | www.vitalrec.com - people info | |
| 168 | ||
| 169 | www.pipl.com - people search | |
| 170 | ||
| 171 | www.skipease.com/blog/ - people search | |
| 172 | ||
| 173 | www.pretrieve.com - people search | |
| 174 | ||
| 175 | www.publicdata.com - people search | |
| 176 | ||
| 177 | www.urapi.com - people search | |
| 178 | ||
| 179 | https://addons.mozilla.org/en-US/firefox/addon/1912 (who is this person) | |
| 180 | ||
| 181 | www.nndb.com – people activity tracker | |
| 182 | ||
| 183 | www.willyancey.com/finding.htm online info | |
| 184 | ||
| 185 | www.courthousedirect.com - property records | |
| 186 | ||
| 187 | www.turboscout.com - multisearch engine tool | |
| 188 | ||
| 189 | www.theultimates.com - phone number lookup | |
| 190 | ||
| 191 | http://skipease.whitepages.com/reverse_address - address lookup | |
| 192 | ||
| 193 | www.thevault.com - company search / profile | |
| 194 | ||
| 195 | www.blogsearchengine.com - search blogs for info or person | |
| 196 | ||
| 197 | www.ccrs.info - China based company search /profile | |
| 198 | ||
| 199 | www.hoovers.com - company search / profile | |
| 200 | ||
| 201 | www.lexisnexis.com - company search / profile | |
| 202 | ||
| 203 | www.topix.net - region specific news articles | |
| 204 | ||
| 205 | www.pacer.uscourts.gov/natsuit.html - Court records | |
| 206 | ||
| 207 | www.oihweb.com - online investigation techniques | |
| 208 | ||
| 209 | www.linkedin.com - business person's network | |
| 210 | ||
| 211 | ||
| 212 | Footprinting Links | |
| 213 | ||
| 214 | Google Hacking Database | |
| 215 | A search that finds password hashes | |
| 216 | Nessus Reports from Google | |
| 217 | More Passwords from Google | |
| 218 | Google Hacks Volume III by Halla | |
| 219 | G-Zapper Blocks the Google Cookie to Search Anonymously | |
| 220 | SiteDigger 2.0 searches Google’s cache to look for vulnerabilities | |
| 221 | BeTheBot - View Pages as the Googlebot Sees Them | |
| 222 | An experts-exchange page to demonstrate the Googlebot | |
| 223 | HTTP Header Viewer | |
| 224 | Masquerading Your Browser | |
| 225 | User Agent Switcher :: Firefox Add-ons | |
| 226 | Modify Headers :: Firefox Add-ons | |
| 227 | User Agent Sniffer for Project 1 | |
| 228 | GNU Wget - Tool to Mirror Websites | |
| 229 | Teleport Pro - Tool to Mirror Websites | |
| 230 | Google Earth | |
| 231 | Finding Subdomains (Zone Transfers) | |
| 232 | Dakota Judge rules that Zone Transfers are Hacking | |
| 233 | Internet Archive - Wayback Machine | |
| 234 | Wikto - Web Server Assessment Tool - With Google Hacking | |
| 235 | VeriSign Whois Search from VeriSign, Inc. | |
| 236 | whois.com | |
| 237 | ARIN: WHOIS Database Search | |
| 238 | Border Gateway Protocol (BGP) and AS Numbers | |
| 239 | Internic | Whois - the only one that finds hackthissite.org | |
| 240 | Teenager admits eBay domain hijack | |
| 241 | NeoTrace | |
| 242 | VisualRoute traceroute: connection test, trace IP address, IP trace, IP address locations |
