sample sqli dorks/Accurate Exact Web Pentest Dorks

1. inurl:index.php?id=aboutus
2. inurl:?item_id=6310
3. inurl:ZoomItemDetail.aspx?item_id=

Dork 1 Site: inurl:virtual_show_detail.php?ID=


Vulnerabilidades
comment:advisories and vulnerabilities*-----
"1999-2004 FuseTalk Inc" -site:fusetalk.com
"2003 DUware All Rights Reserved"
"Active Webcam Page" inurl:8080
"BlackBoard 1.5.1-f | © 2003-4 by Yves Goergen"
"BosDates Calendar System " "powered by BosDates v3.2 by BosDev"
"Copyright © 2002 Agustin Dondo Scripts"
"delete entries" inurl:admin/delete.asp
"driven by: ASP Message Board"
"Enter ip" inurl:"php-ping.php"
"IceWarp Web Mail 5.3.0" "Powered by IceWarp"
"Ideal BB Version: 0.1" -idealbb.com
"inurl:/site/articles.asp?idcategory="
"Obtenez votre forum Aztek" -site:forum-aztek.com
"Online Store - Powered by ProductCart"
"Powered *: newtelligence" ("dasBlog 1.6"| "dasBlog 1.5"| "dasBlog 1.4"|"dasBlog 1.3")
"Powered by A-CART"
"Powered by AJ-Fork v.167"
"powered by antiboard"
"Powered by Coppermine Photo Gallery"
"Powered by CubeCart"
"Powered by DCP-Portal v5.5"
"Powered by DMXReady Site Chassis Manager" -site:dmxready.com
"Powered by FUDforum"
"Powered by Gallery v1.4.4"
"Powered by IceWarp Software" inurl:mail
"Powered by Ikonboard 3.1.1"
"Powered by Megabook *" inurl:guestbook.cgi
"Powered by MercuryBoard [v1"
"powered by minibb" -site:www.minibb.net -intext:1.7f
"Powered by My Blog" intext:"FuzzyMonkey.org"
"Powered by ocPortal" -demo -ocportal.com
"powered by phpWebSite" 0.9-3-2...4
"Powered by PowerPortal v1.3"
"powered by vbulletin 3.0"
"Powered by WordPress" -html filetype:php -demo -wordpress.org -bugtraq
"Powered by WowBB" -site:wowbb.com
"Powered by YaPig V0.92b"
"Powered by yappa-ng"
"running: Nucleus v3.1" -.nucleuscms.org -demo
"SquirrelMail version 1.4.4" inurl:src ext:php
"This page has been automatically generated by Plesk Server Administrator"
+"Powered by Invision Power Board v2.0.0..2"
+"Powered by phpBB 2.0.6..10" -phpbb.com -phpbb.pl
inurl:"dispatch.php?atknodetype" | inurl:class.at -----Achievo webbased project management-----
allintitle:aspjar.com guestbook
inurl:"/becommunity/community/index.php?pageurl=" -----E-market remote code execution-----
inurl:custva.asp -----EarlyImpact Productcart-----
ext:php intext:"Powered by phpNewMan Version"
ext:pl inurl:cgi intitle:"FormMail *" -"*Referrer" -"* Denied" -sourceforge -error -cvs -input
filetype:cgi inurl:nbmember.cgi
filetype:cgi inurl:pdesk.cgi
filetype:cgi inurl:tseekdir.cgi
filetype:php inurl:index.php inurl:"module=subjects" inurl:"func=*" (listpages| viewpage | listcat)
intext:("UBB.threads™ 6.2"|"UBB.threads™ 6.3") intext:"You * not logged *" -site:ubbcentral.com
intitle:"EMUMAIL - Login" "Powered by EMU Webmail"
intitle:"MRTG/RRD" 1.1* (inurl:mrtg.cgi | inurl:14all.cgi |traffic.cgi)
intitle:"View Img" inurl:viewimg.php
intitle:"WebJeff - FileManager" intext:"login" intext:Pass|PAsse
intitle:"WordPress > * > Login form" inurl:"wp-login.php"
intitle:guestbook "advanced guestbook 2.2 powered"
intitle:welcome.to.horde
inurl:"/cgi-bin/loadpage.cgi?user_id="
inurl:"/site/articles.asp?idcategory="
inurl:"comment.php?serendipity"
inurl:"messageboard/Forum.asp?"
inurl:"slxweb.dll"
inurl:/SiteChassisManager/
inurl:cal_make.pl
inurl:citrix/metaframexp/default/login.asp? ClientDetection=On
inurl:comersus_message.asp
inurl:directorypro.cgi
inurl:gotoURL.asp?url=
inurl:technote inurl:main.cgi*filename=*
inurl:ttt-webmaster.php
inurl:wiki/MediaWiki
"Powered by Invision Power Board(U) v1.3 Final" -----Invision Power Board SSI.PHP SQL Injection-----
"Powered by mnoGoSearch - free web search engine software" -----nGoSearch vulnerability-----
"FC Bigfeet" -inurl:mail -----Quicksite demopages for Typo3-----
inurl:com_remository -----ReMOSitory module for Mambo-----
uploadpics.php?did= -forumintext:Generated.by.phpix.1.0? inurl:$mode=album
"Powered by: vBulletin * 3.0.1" inurl:newreply.php -----vBulletin version 3.0.1 newreply.php XSS-----
filetype:asp inurl:"shopdisplayproducts.asp" -----VP-ASP Shopping Cart XSS-----
inurl:/cgi-bin/index.cgi inurl:topics inurl:viewcat= +intext:"WebAPP" -site:web-app.org -----WebAPP directory traversal-----


  Arquivos com senha


comment:Files containing passwords***-----
"# -FrontPage-" ext:pwd inurl:(service | authors | administrators | users)
"# -FrontPage-" inurl:service.pwd
"AutoCreate=TRUE password=*"
"http://*:*@www" domainname
"index of/" "ws_ftp.ini" "parent directory"
"liveice configuration file" ext:cfg -site:sourceforge.net
"powered by ducalendar" -site:duware.com
"Powered by Duclassified" -site:duware.com
"Powered by Duclassified" -site:duware.com "DUware All Rights reserved"
"powered by duclassmate" -site:duware.com
"Powered by Dudirectory" -site:duware.com
"powered by dudownload" -site:duware.com
"Powered By Elite Forum Version *.*"
"Powered by Link Department"
"sets mode: +k"
"Powered by DUpaypal" -site:duware.com
allinurl: admin mdb
auth_user_file.txt
config.php
eggdrop filetype:user user
etc (index.of)
ext:ini eudora.ini
ext:ini Version=4.0.0.4 password
filetype:bak inurl:"htaccess|passwd|shadow|htusers"
filetype:cfg mrtg "target[*]" -sample -cvs -example
filetype:cfm "cfapplication name" password
filetype:conf oekakibbs
filetype:conf sc_serv.conf
filetype:conf slapd.conf
filetype:config config intext:appSettings "User ID"
filetype:dat "password.dat"
filetype:dat wand.dat
filetype:inc dbconn
filetype:inc intext:mysql_connect
filetype:inc mysql_connect OR mysql_pconnect
filetype:ini inurl:"serv-u.ini"
filetype:ini inurl:flashFXP.ini
filetype:ini ServUDaemon
filetype:ini wcx_ftp
filetype:ini ws_ftp pwd
filetype:ldb admin
filetype:log "See `ipsec --copyright"
filetype:log inurl:"password.log"
filetype:mdb inurl:users.mdb
filetype:mdb wwforum
filetype:netrc password
filetype:pass pass intext:userid
filetype:pem intext:private
filetype:properties inurl:db intext:password
filetype:pwd service
filetype:pwl pwl
filetype:reg reg +intext:"defaultusername" +intext:"defaultpassword"
filetype:reg reg HKEY_CURRENT_USER SSHHOSTKEYS
filetype:sql ("values * MD5" | "values * password" | "values * encrypt")
filetype:sql ("passwd values" | "password values" | "pass values" )
filetype:sql +"IDENTIFIED BY" -cvs
filetype:sql password
filetype:url +inurl:"ftp://" +inurl:";@"
filetype:xls username password email
htpasswd
htpasswd / htgroup
htpasswd / htpasswd.bak
intext:"enable secret 5 $"
intext:"powered by Web Wiz Journal"
intitle:"index of" intext:connect.inc
intitle:"index of" intext:globals.inc
intitle:"Index of" passwords modified
intitle:dupics inurl:(add.asp | default.asp | view.asp | voting.asp) -site:duware.com
intitle:index.of administrators.pwd
intitle:Index.of etc shadow
intitle:index.of intext:"secring.skr"|"secring.pgp"|"secring.bak"
inurl:"GRC.DAT" intext:"password"
inurl:"slapd.conf" intext:"credentials" -manpage -"Manual Page" -man: -sample
inurl:"slapd.conf" intext:"rootpw" -manpage -"Manual Page" -man: -sample
inurl:"wvdial.conf" intext:"password"
inurl:/db/main.mdb
inurl:/wwwboard
inurl:ccbill filetype:log
inurl:chap-secrets -cvs
inurl:config.php dbuname dbpass
inurl:filezilla.xml -cvs
inurl:lilo.conf filetype:conf password -tatercounter2000 -bootpwd -man
inurl:nuke filetype:sql
inurl:ospfd.conf intext:password -sample -test -tutorial -download
inurl:pap-secrets -cvs
inurl:perform filetype:ini
inurl:secring ext:skr | ext:pgp | ext:bak
inurl:vtund.conf intext:pass -cvs
inurl:zebra.conf intext:password -sample -test -tutorial -download
LeapFTP intitle:"index.of./" sites.ini modified
intitle:index.of master.passwd -----master.passwd-----
intitle:"Index of" .mysql_history -----mysql history files-----
"Your password is * Remember this for later use" -----NickServ registration passwords-----
index.of passlist -----passlist-----
inurl:passlist.txt -----passlist.txt-----
intitle:index.of passwd passwd.bak -----passwd-----
intitle:"Index of..etc" passwd -----passwd / etc-----
intitle:index.of people.lst -----people.lst-----
filetype:conf inurl:psybnc.conf "USER.PASS=" -----psyBNC config files-----
intitle:"Index of" pwd.db -----pwd.db-----
signin filetype:url
intitle:"Index of" spwd.db passwd -pam.conf -----spwd.db / passwd-----
intitle:index.of trillian.ini -----trillian.ini-----

  Diretórios sensíveis

comment:Sensitive Directories***]
"Index Of /network" "last modified"
"index of cgi-bin"
"index of" / picasa.ini
"index of" inurl:recycler
"Index of" rar r01 nfo Modified 2004
"intitle:Index.Of /" stats merchant cgi-* etc
"Powered by Invision Power File Manager" (inurl:login.php) | (intitle:"Browsing directory /" )
"Web File Browser" "Use regular expression"
"Welcome to phpMyAdmin" " Create new database"
allinurl:"/*/_vti_pvt/" | allinurl:"/*/_vti_cnf/"
filetype:cfg ks intext:rootpw -sample -test -howto
filetype:torrent torrent
Index of phpMyAdmin
index.of.dcim
index.of.password
index.of.password
intext:"d.aspx?id" || inurl:"d.aspx?id"
intext:"Powered By: TotalIndex" intitle:"TotalIndex"
intitle:"album permissions" "Users who can modify photos" "EVERYBODY"
intitle:"Directory Listing For" intext:Tomcat -intitle:Tomcat
intitle:"HFS /" +"HttpFileServer"
intitle:"Index of *" inurl:"my shared folder" size modified
intitle:"Index of /CFIDE/" administrator
intitle:"Index of c:\Windows"
intitle:"index of" "parent directory" "desktop.ini" site:dyndns.org
intitle:"index of" -inurl:htm -inurl:html mp3
intitle:"Index of" cfide
intitle:"index of" intext:"content.ie5"
intitle:"index of" inurl:ftp (pub | incoming)
intitle:"index.of.personal"
intitle:"webadmin - /*" filetype:php directory filename permission
intitle:index.of (inurl:fileadmin | intitle:fileadmin)
intitle:index.of /AlbumArt_
intitle:index.of abyss.conf
intitle:intranet inurl:intranet +intext:"human resources"
intitle:upload inurl:upload intext:upload -forum -shop -support -w3c
inurl:/pls/sample/admin_/help/
inurl:/tmp
inurl:backup intitle:index.of inurl:admin
inurl:explorer.cfm inurl:(dirpath|This_Directory)
inurl:j2ee/examples/jsp
inurl:ojspdemos
"Index of /backup" -----Look in my backup directories! Please?-----
index.of.private -----private-----
index.of.protected -----protected-----
index.of.secret -----secret-----
index.of.secure -----secure-----
index.of.winnt -----winnt-----

-----------------------------------------------------------------------------------

ERROS

comment:Error messages***-----
"A syntax error has occurred" filetype:ihtml
"access denied for user" "using password"
"An illegal character has been found in the statement" -"previous message"
"ASP.NET_SessionId" "data source="
"Can't connect to local" intitle:warning
"Chatologica MetaSearch" "stack tracking"
"detected an internal error [IBM][CLI Driver][DB2/6000]"
"error found handling the request" cocoon filetype:xml
"Fatal error: Call to undefined function" -reply -the -next
"Incorrect syntax near"
"Incorrect syntax near"
"Internal Server Error" "server at"
"Invision Power Board Database Error"
"ORA-00933: SQL command not properly ended"
"ORA-12541: TNS:no listener" intitle:"error occurred"
"PostgreSQL query failed: ERROR: parser: parse error"
"Supplied argument is not a valid MySQL result resource"
"Syntax error in query expression " -the
"The script whose uid is " "is not allowed to access"
"Unclosed quotation mark before the character string"
"Warning: Cannot modify header information - headers already sent"
"Warning: mysql_query()" "invalid query"
"Warning: pg_connect(): Unable to connect to PostgreSQL server: FATAL"
An unexpected token "END-OF-STATEMENT" was found
"Error Diagnostic Information" intitle:"Error Occurred While" -----Coldfusion Error Pages-----
filetype:asp "Custom Error Message" Category Source
filetype:log "PHP Parse error" | "PHP Warning" | "PHP Error"
filetype:php inurl:"logging.php" "Discuz" error
ht://Dig htsearch error
intitle:"the page cannot be found" inetmgr -----IIS 4.0 error messages-----
intitle:"the page cannot be found" "internet information services" -----IIS web server error messages-----
intitle:"500 Internal Server Error" "server at" -----Internal Server Error-----
intext:"Error Message : Error loading required libraries."
intext:"Warning: Failed opening" "on line" "include_path"
intitle:"Error Occurred While Processing Request" +WHERE (SELECT|INSERT) filetype:cfm
intitle:"Error Occurred" "The error occurred in" filetype:cfm
intitle:"Error using Hypernews" "Server Software"
intitle:"Execution of this script not permitted"
intitle:"Under construction" "does not currently have"
intitle:Configuration.File inurl:softcart.exe
"supplied argument is not a valid MySQL result resource" -----MYSQL error message: supplied argument....-----
"mySQL error with query" -----mysql error with query-----
"ORA-00921: unexpected end of SQL command" -----ORA-00921: unexpected end of SQL command-----
"ORA-00936: missing expression" -----ORA-00936: missing expression-----
intext:"Warning: Failed opening" "on line" "include_path" -----PHP application warnings failing "include_path"-----
inurl:sitebuildercontent -----sitebuildercontent-----
inurl:sitebuilderfiles -----sitebuilderfiles-----
inurl:sitebuilderpictures -----sitebuilderpictures-----
databasetype. Code : 80004005. Error Description -----Snitz! forums db path error-----
"You have an error in your SQL syntax near" -----SQL syntax error-----
"Supplied argument is not a valid PostgreSQL result" -----Supplied argument is not a valid PostgreSQL result-----
warning "error on line" php sablotron
intitle:"the page cannot be found" "2004 microsoft corporation" -----Windows 2000 web server error messages-----

-----------------------------------------------------------------------------------

Arquivos de user's

comment:Files containing usernames***-----
"index of" / lck
+intext:"webalizer" +intext:"Total Usernames" +intext:"Usage Statistics for"
intitle:index.of .bash_history -----bash_history files-----
filetype:conf inurl:proftpd.conf -sample
filetype:log username putty
filetype:reg reg +intext:"internet account manager"
filetype:reg reg HKEY_CURRENT_USER username
index.of perform.ini
inurl:admin filetype:asp inurl:userlist
inurl:admin inurl:userlist
inurl:php inurl:hlstats intext:"Server Username"
inurl:root.asp?acs=anon -----OWA Public folders & Address book-----
intitle:index.of .sh_history -----sh_history files-----
comment:Footholds***-----
"adding new user" inurl:addnewuser -"there are no domains"
(inurl:81/cgi-bin/.cobalt/) | (intext:"Welcome to the Cobalt RaQ")
+htpasswd +WS_FTP.LOG filetype:log
filetype:php HAXPLORER "Server Files Browser"
intitle:"Web Data Administrator - Login"
intitle:admin intitle:login
inurl:"phpOracleAdmin/php" -download -cvs
inurl:ConnectComputer/precheck.htm | inurl:Remote/logon.aspx
intitle:"PHP Shell *" "Enable stderr" filetype:php -----PHP Shell (unprotected)-----
PHPKonsole PHPShell filetype:php -echo
"Powered by PHPFM" filetype:php -username -----Public PHP FileManagers-----
comment:Pages containing login portals***-----
intitle:"remote assessment" OpenAanval Console
intitle:opengroupware.org "resistance is obsolete" "Report Bugs" "Username" "password"
"IMail Server Web Messaging" intitle:login
"Login - Sun Cobalt RaQ"
"Login to Usermin" inurl:20000
"Microsoft CRM : Unsupported Browser Version"
"OPENSRS Domain Management" inurl:manage.cgi
"pcANYWHERE EXPRESS Java Client"
"please log in"
"powered by CuteNews" "2003..2005 CutePHP"
"SysCP - login"
"ttawlogin.cgi/?action="
"VHCS Pro ver" -demo
"VNC Desktop" inurl:5800
"Web Control Panel" "Enter your password here"
"WebExplorer Server - Login" "Welcome to WebExplorer Server"
"WebSTAR Mail - Please Log In"
(inurl:"ars/cgi-bin/arweb?O=0" | inurl:arweb.jsp) -site:remedy.com -site:mil
"4images Administration Control Panel"
allinurl:"exchange/logon.asp"
ASP.login_aspx "ASP.NET_SessionId"
filetype:cgi inurl:"irc.cgi" | intitle:"CGI:IRC Login" -----CGI:IRC Login-----
Admin intitle:"eZ publish administration" -----ez Publish administration-----
filetype:php inurl:"webeditor.php"
filetype:pl "Download: SuSE Linux Openexchange Server CA"
filetype:r2w r2w
intext:""BiTBOARD v2.0" BiTSHiFTERS Bulletin Board"
intext:"Mail admins login here to administrate your domain."
intext:"Storage Management Server for" intitle:"Server Administration"
intitle:"Athens Authentication Point"
intitle:"ColdFusion Administrator Login"
intitle:"Dell Remote Access Controller"
intitle:"ePowerSwitch Login"
intitle:"Icecast Administration Admin Page"
intitle:"ISPMan : Unauthorized Access prohibited"
intitle:"ITS System Information" "Please log on to the SAP System"
intitle:"Kurant Corporation StoreSense" filetype:bok Posts: 23 filetype:bok intitle:"Kurant Corporation StoreSense"
intitle:"Login - powered by Easy File Sharing Web Server"
intitle:"MailMan Login"
intitle:"microsoft certificate services" inurl:certsrv
intitle:"MikroTik RouterOS Managing Webpage"
intitle:"MX Control Console" "If you can't remember"
intitle:"Novell Web Services" intext:"Select a service and a language."
intitle:"oMail-admin Administration - Login" -inurl:omnis.ch
intitle:"Philex 0.2*" -script -site:freelists.org
intitle:"PHP Advanced Transfer" inurl:"login.php"
intitle:"php icalendar administration" -site:sourceforge.net
intitle:"php icalendar administration" -site:sourceforge.net
intitle:"please login" "your password is *"
intitle:"Remote Desktop Web Connection" inurl:tsweb
intitle:"teamspeak server-administration
intitle:"Tomcat Server Administration"
intitle:"TUTOS Login"
intitle:"vhost" intext:"vHost . 2000-2004"
intitle:"Virtual Server Administration System"
intitle:"VitalQIP IP Management System"
intitle:"VNC viewer for Java"
intitle:"WebLogic Server" intitle:"Console Login" inurl:console
intitle:"Welcome Site/User Administrator" "Please select the language" -demos
intitle:"welcome to netware *" -site:novell.com
intitle:"ZyXEL Prestige Router" "Enter password"
intitle:Group-Office "Enter your username and password to login"
intitle:Login * Webmailer
intitle:Login intext:"RT is © Copyright"
intitle:Node.List Win32.Version.3.11
intitle:Novell intitle:WebAccess "Copyright *-* Novell, Inc"
intitle:plesk inurl:login.php3
inurl:"1220/parse_xml.cgi?"
inurl:"631/admin" (inurl:"op=*") | (intitle:CUPS)
inurl:":10000" intext:webmin
inurl:"Activex/default.htm" "Demo"
inurl:"calendar.asp?action=login"
inurl:"gs/adminlogin.aspx"
inurl:"typo3/index.php?u=" -demo
inurl:"usysinfo?login=true"
inurl:"utilities/TreeView.asp"
inurl:"webadmin" filetype:nsf
inurl:/admin/login.asp
inurl:/cgi-bin/sqwebmail?noframes=1
inurl:/Citrix/Nfuse17/
inurl:/dana-na/auth/welcome.html
inurl:/eprise/
inurl:/webedit.* intext:WebEdit Professional -html
inurl:1810 "Oracle Enterprise Manager"
inurl:administrator "welcome to mambo"
inurl:cgi-bin/ultimatebb.cgi?ubb=login
inurl:confixx inurl:login|anmeldung
inurl:coranto.cgi intitle:Login (Authorized Users Only)
inurl:default.asp intitle:"WebCommander"
inurl:irc filetype:cgi cgi:irc
inurl:login filetype:swf swf
inurl:login.asp
inurl:login.cfm
inurl:login.php "SquirrelMail version"
inurl:metaframexp/default/login.asp | intitle:"Metaframe XP Login"
inurl:mewebmail
inurl:names.nsf?opendatabase
inurl:orasso.wwsso_app_admin.ls_login
inurl:postfixadmin intitle:"postfix admin" ext:php
inurl:search/admin.php
inurl:WCP_USER
Login ("Powered by Jetbox One CMS ™" | "Powered by Jetstream © *")
Novell NetWare intext:"netware management portal version"
inurl:"exchange/logon.asp" OR intitle:"Microsoft Outlook Web Access - Logon" -----Outlook Web Access (a better way)-----
-Login inurl:photopost/uploadphoto.php -----PhotoPost PHP Upload-----
inurl:PHPhotoalbum/statistics intitle:"PHPhotoalbum - Statistics" -----PHPhotoalbum Statistics-----
intitle:"PHPhotoalbum - Upload" | inurl:"PHPhotoalbum/upload" -----PHPhotoalbum Upload-----
filetype:php login (intitle:phpWebMail|WebMail) -----phpWebMail-----
+"Powered by INDEXU" inurl:(browse|top_rated|power) -----Powered by INDEXU-----
filetype:cfg login "LoginServer=" -----Ultima Online loginservers-----
uploadpics.php?did= -forum -----W-Nailer Upload Area-----


Informações Senciveis de ADM online

comment:Sensitive Online Shopping Info***-----
"More Info about MetaCart Free"
inurl:"/database/comersus.mdb" -----Comersus.mdb database-----
inurl:midicart.mdb
inurl:shopdbtest.asp
POWERED BY HIT JAMMER 1.0!
site:ups.com intitle:"Ups Package tracking" intext:"1Z ### ### ## #### ### #"
inurl:"shopadmin.asp" "Shop Administrators only" -----VP-ASP Shop Administrators only-----
comment:Various online devices***-----
"Copyright (c) Tektronix, Inc." "printer status"
"intitle:Cisco Systems, Inc. VPN 3000 Concentrator"
"please visit" intitle:"i-Catcher Console" Copyright "iCode Systems"
"powered by webcamXP" "Pro|Broadcast"
"Starting SiteZAP 6.0"
("Fiery WebTools" inurl:index2.html) | "WebTools enable * * observe, *, * * * flow * print jobs"
inurl:sts_index.cgi -----Aficio 1022-----
allintitle:Brains, Corp. camera
allinurl:index.htm?cus?audio
inurl:indexFrame.shtml Axis -----Axis Network Cameras-----
axis storpoint "file view" inurl:/volumes/
camera linksys inurl:main.cgi
intitle:"remote ui:top page" -----Canon ImageReady machines-----
intitle:liveapplet inurl:LvAppl -----Canon Webview netcams-----
filetype:cgi transcoder.cgi
intext:"MaiLinX Alert (Notify)" -site:networkprinters.com
intext:"Please enter correct password for Administrator Access. Thank you" "Copyright © 2003 SMC Networks, Inc. All rights reserved."
intext:"Ready with 10/100T Ethernet"
intext:"UAA (MSB)" Lexmark -ext:pdf
intext:"Videoconference Management System" ext:htm
intitle:"AudioReQuest.web.server"
intitle:"axis storpoint CD" intitle:"ip address"
intitle:"BorderManager Information alert"
intitle:"Browser Launch Page"
intitle:"Cayman-DSL.home"
intitle:"DEFAULT_CONFIG - HP"
intitle:"DEFAULT_CONFIG - HP"
intitle:"dreambox web"
intitle:"DVR Web client"
intitle:"EpsonNet WebAssist Rev"
intitle:"EverFocus.EDSR.applet"
intitle:"EvoCam" inurl:"webcam.html"
intitle:"Home" "Xerox Corporation" "Refresh Status"
intitle:"ipcop - main"
intitle:"iVISTA.Main.Page"
intitle:"lantronix web-manager"
intitle:"Live NetSnap Cam-Server feed"
intitle:"Live View / - AXIS"
intitle:"my webcamXP server!" inurl:":8080"
intitle:"Network Print Server" filetype:shtm ( inurl:u_printjobs | inurl:u_server | inurl:a_server | inurl:u_generalhelp | u_printjobs )
intitle:"Network Print Server" intext:"http://www.axis.com" filetype:shtm
intitle:"Setup Home" "You will need * log in before * * change * settings"
intitle:"Sipura.SPA.Configuration" -.pdf
intitle:"Smoothwall Express" inurl:cgi-bin "up * days"
intitle:"Spam Firewall" inurl:"8000/cgi-bin/index.cgi"
intitle:"SpeedStream Router Management Interface"
intitle:"supervisioncam protocol"
intitle:"switch home page" "cisco systems" "Telnet - to"
intitle:"switch login" "IBM Fast Ethernet Desktop"
intitle:"The AXIS 200 Home Page"
intitle:"toshiba network camera - User Login"
intitle:"V-Gear BEE"
intitle:"View and Configure PhaserLink"
intitle:"Brother" intext:"View Configuration" intext:"Brother Industries, Ltd."
intitle:"Connection Status" intext:"Current login"
intitle:Linksys site:ourlinksys.com
intitle:RICOH intitle:"Network Administration"
intitle:webeye inurl:login.ml
inurl:"8003/Display?what="
inurl:":631/printers" -php -demo
inurl:"ipp/pdisplay.htm"
inurl:"level/15/exec/-/show"
inurl:"next_file=main_fs.htm" inurl:img inurl:image.cgi
inurl:"printer/main.html" intext:"settings"
inurl:axis-cgi
inurl:camctrl.cgi
inurl:hp/device/this.LCDispatcher
inurl:na_admin
inurl:netw_tcp.shtml
inurl:TiVoConnect?Command=QueryServer
inurl:webArch/mainFrame.cgi
intitle:"network administration" inurl:"nic" -----Konica Network Printer Administration-----
(intext:"MOBOTIX M1" | intext:"MOBOTIX M10") intext:"Open Menu" Shift-Reload -----Mobotix netcams-----
intitle:"Live View / - AXIS" | inurl:view/view.sht -----More Axis netcams !-----
inurl:"ViewerFrame?Mode=" -----Panasonic Network Cameras-----
intitle:"WJ-NT104 Main Page" -----Panasonic WJ-NT104 netcams-----
intext:centreware inurl:status -----Phasers 4500/6250/8200/8400-----
intitle:flexwatch intext:"Home page ver" -----Seyeon FlexWATCH cameras-----
site:.viewnetcam.com -www.viewnetcam.com
intitle:snc-z20 inurl:home/ -----Sony SNC-RZ20 network cameras-----
intitle:snc-rz30 inurl:home/ -----Sony SNC-RZ30 Network Cameras-----
WebControl intitle:"AMX NetLinx"
"Phaser 6250" "Printer Neighborhood" "XEROX CORPORATION" -----Xerox Phaser 6250-----
"Phaser 8200" "© Xerox" "refresh" " Email Alerts" -----Xerox Phaser 8200-----
"Phaser® 740 Color Printer" "printer named: " -----Xerox Phaser® 740 Color Printer-----
"Phaser® 840 Color Printer" "Current Status" "printer named:" -----Xerox Phaser® 840 Color Printer-----


Arquivos com informaçoes LOG's

comment:Files containing juicy info***]
intitle:"DocuShare" inurl:"docushare/dsweb/" -faq -gov -edu
"#mysql dump" filetype:sql
"allow_call_time_pass_reference" "PATH_INFO"
"Certificate Practice Statement" inurl:(PDF | DOC)
"Generated by phpSystem"
"generated by wwwstat"
"Host Vulnerability Summary Report"
"HTTP_FROM=googlebot" googlebot.com "Server_Software="
"Index of" / "chat/logs"
"Installed Objects Scanner" inurl:default.asp
"Mecury Version" "Infastructure Group"
"Microsoft (R) Windows * (TM) Version * DrWtsn32 Copyright (C)" ext:log
"Most Submitted Forms and Scripts" "this section"
"Network Vulnerability Assessment Report"
"not for distribution" confidential
"phone * * *" "address *" "e-mail" intitle:"curriculum vitae"
"phpMyAdmin" "running on" inurl:"main.php"
"produced by getstats"
"Request Details" "Control Tree" "Server Variables"
"robots.txt" "Disallow:" filetype:txt
"Running in Child mode"
"sets mode: +p"
"sets mode: +s"
"Thank you for your order" +receipt
"This is a Shareaza Node"
"This report was generated by WebLog"
( filetype:mail | filetype:eml | filetype:mbox | filetype:mbx ) intext:password|subject
(inurl:"robot.txt" | inurl:"robots.txt" ) intext:disallow filetype:txt
+":8080" +":3128" +":80" filetype:txt
+"HSTSNR" -"netop.com"
-site:php.net -"The PHP Group" inurl:source inurl:url ext:pHp
94FBR "ADOBE PHOTOSHOP"
buddylist.blt -----AIM buddy lists-----
allinurl:/examples/jsp/snp/snoop.jsp
allinurl:servlet/SnoopServlet
intitle:index.of cgiirc.config -----cgiirc.conf-----
inurl:cgiirc.config -----cgiirc.conf-----
data filetype:mdb -site:gov -site:mil
e-mail address filetype:csv csv -----exported email addresses-----
ext:asp inurl:pathto.asp
ext:cgi inurl:editcgi.cgi inurl:file=
ext:conf inurl:rsyncd.conf -cvs -man
ext:conf NoCatAuth -cvs
ext:dat bpk.dat
ext:gho gho
ext:ini intext:env.ini
ext:ldif ldif
ext:log "Software: Microsoft Internet Information Services *.*"
ext:mdb inurl:*.mdb inurl:fpdb shop.mdb
ext:nsf nsf -gov -mil
ext:pqi pqi -database
ext:reg "username=*" putty
ext:txt "Final encryption key"
ext:txt inurl:dxdiag
ext:vmdk vmdk
ext:vmx vmx
filetype:asp DBQ=" * Server.MapPath("*.mdb")
filetype:bkf bkf
filetype:blt "buddylist"
filetype:blt blt +intext:screenname
filetype:cfg auto_inst.cfg
filetype:cnf inurl:_vti_pvt access.cnf
filetype:conf inurl:firewall -intitle:cvs
filetype:config web.config -CVS
filetype:ctt Contact
filetype:ctt ctt messenger
filetype:eml eml +intext:"Subject" +intext:"From" +intext:"To"
filetype:fp3 fp3
filetype:fp5 fp5 -site:gov -site:mil -"cvs log"
filetype:fp7 fp7
filetype:inf inurl:capolicy.inf
filetype:lic lic intext:key
filetype:log access.log -CVS
filetype:mbx mbx intext:Subject
filetype:myd myd -CVS
filetype:ns1 ns1
filetype:ora ora
filetype:pdb pdb backup (Pilot | Pluckerdb)
filetype:php inurl:index inurl:phpicalendar -site:sourceforge.net
filetype:pot inurl:john.pot
filetype:pst inurl:"outlook.pst"
filetype:pst pst -from -to -date
filetype:qbb qbb
filetype:rdp rdp
filetype:reg "Terminal Server Client"
filetype:vcs vcs
filetype:wab wab
filetype:xls -site:gov inurl:contact
filetype:xls inurl:"email.xls"
intitle:"Index of" finance.xls -----Financial spreadsheets: finance.xls-----
intitle:index.of finances.xls -----Financial spreadsheets: finances.xls-----
intitle:"Ganglia" "Cluster Report for" -----Ganglia Cluster Reports-----
intitle:index.of haccess.ctl -----haccess.ctl (one way)-----
filetype:ctl Basic -----haccess.ctl (VERY reliable)-----
intitle:"Index of" dbconvert.exe chats -----ICQ chat logs, please...-----
filetype:log cron.log
intext:"Session Start * * * *:*:* *" filetype:log
intext:"Tobias Oetiker" "traffic analysis"
intext:(password | passcode) intext:(username | userid | user) filetype:csv
intext:gmail invite intext:http://gmail.google.com/gmail/a
intext:SQLiteManager inurl:main.php
intitle:"Apache::Status" (inurl:server-status | inurl:status.html | inurl:apache.html)
intitle:"AppServ Open Project" -site:www.appservnetwork.com
intitle:"ASP Stats Generator *.*" "ASP Stats Generator" "2003-2004 weppos"
intitle:"Big Sister" +"OK Attention Trouble"
intitle:"edna:streaming mp3 server" -forums
intitle:"FTP root at"
intitle:"index of" +myd size
intitle:"Index Of" -inurl:maillog maillog size
intitle:"Index Of" cookies.txt size
intitle:"index of" mysql.conf OR mysql_config
intitle:"Index of" upload size parent directory
intitle:"index.of *" admin news.asp configview.asp
intitle:"index.of" .diz .nfo last modified
intitle:"Multimon UPS status page"
intitle:"PHP Advanced Transfer" (inurl:index.php | inurl:showrecent.php )
intitle:"PhpMyExplorer" inurl:"index.php" -cvs
intitle:"statistics of" "advanced web statistics"
intitle:"System Statistics" +"System and Network Information Center"
intitle:"Usage Statistics for" "Generated by Webalizer"
intitle:"wbem" compaq login
intitle:"Web Server Statistics for ****"
intitle:"web server status" SSH Telnet
intitle:"welcome.to.squeezebox"
intitle:admin intitle:login
intitle:index.of "Apache" "server at"
intitle:index.of cleanup.log
intitle:index.of dead.letter
intitle:index.of inbox
intitle:index.of inbox dbx
intitle:index.of ws_ftp.ini
intitle:intranet inurl:intranet +intext:"phone"
inurl:"/axs/ax-admin.pl" -script
inurl:"/cricket/grapher.cgi"
inurl:"bookmark.htm"
inurl:"cacti" +inurl:"graph_view.php" +"Settings Tree View" -cvs -RPM
inurl:"newsletter/admin/"
inurl:"newsletter/admin/" intitle:"newsletter admin"
inurl:"putty.reg"
inurl:"smb.conf" intext:"workgroup" filetype:conf conf
inurl:*db filetype:mdb
inurl:/_layouts/settings
inurl:admin filetype:xls
inurl:admin intitle:login
inurl:backup filetype:mdb
inurl:cgi-bin/printenv
inurl:cgi-bin/testcgi.exe "Please distribute TestCGI"
inurl:changepassword.asp
inurl:ds.py
inurl:email filetype:mdb
inurl:fcgi-bin/echo
inurl:forum filetype:mdb
inurl:forward filetype:forward -cvs
inurl:getmsg.html intitle:hotmail
inurl:log.nsf -gov
inurl:main.php phpMyAdmin
inurl:main.php Welcome to phpMyAdmin
inurl:netscape.hst
inurl:netscape.hst
inurl:netscape.ini
inurl:odbc.ini ext:ini -cvs
inurl:perl/printenv
inurl:php.ini filetype:ini
inurl:preferences.ini "[emule]"
inurl:profiles filetype:mdb
inurl:report "EVEREST Home Edition "
inurl:server-info "Apache Server Information"
inurl:server-status "apache"
inurl:snitz_forums_2000.mdb
inurl:ssl.conf filetype:conf
inurl:tdbin
inurl:vbstats.php "page generated"
inurl:ipsec.conf -intitle:manpage -----ipsec.conf-----
inurl:ipsec.secrets -history -bugs -----ipsec.secrets-----
inurl:ipsec.secrets "holds shared secrets" -----ipsec.secrets-----
inurl:"/names.nsf?OpenDatabase" -----Lotus Domino address books-----
mail filetype:csv -site:gov intext:name
filetype:mny mny -----Microsoft Money Data Files-----
intitle:index.of mt-db-pass.cgi -----mt-db-pass.cgi files-----
"# Dumping data for table (username|user|users|password)" -----MySQL tabledata dumps-----
intitle:index.of mystuff.xml -----mystuff.xml - Trillian data files-----
inurl:/public/?Cmd=contents -----OWA Public Folders (direct view)-----
filetype:ctt "msn" -----Peoples MSN contact lists-----
php-addressbook "This is the addressbook for *" -warning
intitle:phpinfo "PHP Version" -----phpinfo()-----
"# phpMyAdmin MySQL-Dump" filetype:txt -----phpMyAdmin dumps-----
"# phpMyAdmin MySQL-Dump" "INSERT INTO" -"the" -----phpMyAdmin dumps-----
BEGIN (CERTIFICATE|DSA|RSA) filetype:csr -----private key files (.csr)-----
BEGIN (CERTIFICATE|DSA|RSA) filetype:key -----private key files (.key)-----
filetype:QDF QDF -----Quicken data files-----
intitle:index.of robots.txt -----robots.txt-----
site:edu admin grades
"# Dumping data for table" -----SQL data dumps-----
"cacheserverreport for" "This analysis was produced by calamaris" -----Squid cache server reports-----
filetype:conf inurl:unrealircd.conf -cvs -gentoo -----Unreal IRCd-----
intitle:"Welcome to ntop!" -----Welcome to ntop!-----

INFORMAÇÕES DE SERVES

comment:Pages containing network or vulnerability data***-----
filetype:log intext:"ConnectionManager2"
"apricot - admin" 00h
"Network Host Assessment Report" "Internet Scanner"
"Output produced by SysWatch *"
"Phorum Admin" "Database Connection" inurl:forum inurl:admin
"Powered by phpOpenTracker" Statistics
"powered | performed by Beyond Security's Automated Scanning" -kazaa -example
"SnortSnarf alert page"
"This file was generated by Nessus"
"this proxy is working fine!" "enter *" "URL***" * visit
"This report lists" "identified by Internet Scanner"
"Traffic Analysis for" "RMON Port * on unit *"
"Version Info" "Boot Version" "Internet Settings"
((inurl:ifgraph "Page generated at") OR ("This page was built using ifgraph"))
ACID "by Roman Danyliw" filetype:php -----Analysis Console for Incident Databases 12-Jul-2004 866-----
ext:cfg radius.cfg
ext:cgi intext:"nrg-" " This web page was created on "
filetype:pdf "Assessment Report" nessus
filetype:php inurl:ipinfo.php "Distributed Intrusion Detection System"
filetype:php inurl:nqt intext:"Network Query Tool"
filetype:vsd vsd network -samples -examples
intext:"Welcome to the Web V.Networks" intitle:"V.Networks [Top]" -filetype:htm
intitle:"ADSL Configuration page"
intitle:"Azureus : Java BitTorrent Client Tracker"
intitle:"BNBT Tracker Info"
intitle:"Microsoft Site Server Analysis"
intitle:"PHPBTTracker Statistics" | intitle:"PHPBT Tracker Statistics"
intitle:"start.managing.the.device" remote pbx acc
intitle:"sysinfo * " intext:"Generated by Sysinfo * written by The Gamblers."
intitle:"twiki" inurl:"TWikiUsers"
inurl:"/catalog.nsf" intitle:catalog
inurl:"install/install.php"
inurl:"map.asp?" intitle:"WhatsUp Gold"
inurl:"sitescope.html" intitle:"sitescope" intext:"refresh" -demo
inurl:/adm-cfgedit.php
inurl:/cgi-bin/finger? "In real life"
inurl:/cgi-bin/finger? Enter (account|host|user|username)
inurl:phpSysInfo/ "created by phpsysinfo"
inurl:portscan.php "from Port"|"Port Range"
inurl:statrep.nsf -gov
inurl:testcgi xitami
inurl:webutil.pl
"Looking Glass" (inurl:"lg/" | inurl:lookingglass) -----Looking Glass-----
intitle:That.Site.Running Apache


ARQUIVOS SENCIVEIS

 comment:Vulnerable files***-----
filetype:pl -intext:"/usr/bin/perl" inurl:webcal (inurl:webcal | inurl:add | inurl:delete | inurl:config)
"File Upload Manager v1.3" "rename to"
"Powered by Land Down Under 601"
"powered by YellDL"
ext:asp "powered by DUForum" inurl:(messages|details|login|default|register) -site:duware.com
ext:asp inurl:DUgallery intitle:"3.0" -site:dugallery.com -site:duware.com
ext:cgi inurl:ubb6_test
ezBOO "Administrator Panel" -cvs
filetype:cgi inurl:cachemgr.cgi
filetype:cnf my.cnf -cvs -example
filetype:inc inc intext:setcookie
filetype:lit lit (books|ebooks)
filetype:mdb inurl:"news/news"
filetype:php inurl:"viewfile" -"index.php" -"idfil
filetype:wsdl wsdl
intitle:gallery inurl:setup "Gallery configuration" -----Gallery configuration setup files-----
intitle:"ASP FileMan" Resend -site:iisworks.com
intitle:"Directory Listing" "tree view"
intitle:"Index of /" modified php.exe
intitle:"PHP Explorer" ext:php (inurl:phpexplorer.php | inurl:list.php | inurl:browse.php)
intitle:"phpremoteview" filetype:php "Name, Size, Type, Modify"
intitle:mywebftp "Please enter your password"
inurl:" WWWADMIN.PL" intitle:"wwwadmin"
inurl:"nph-proxy.cgi" "Start browsing through this CGI-based proxy"
inurl:"plog/register.php"
inurl:cgi.asx?StoreID
inurl:changepassword.cgi -cvs
inurl:click.php intext:PHPClickLog
inurl:php.exe filetype:exe -example.com
inurl:robpoll.cgi filetype:cgi
link:http://www.toastforums.com/
"create the Super User" "now by clicking here" -----PHP-Nuke - create super user right now !-----
intitle:"Index of" _vti_inf.html
intitle:"Index of" service.pwd
intitle:"Index of" users.pwd
intitle:"Index of" authors.pwd
intitle:"Index of" administrators.pwd
intitle:"Index of" shtml.dll
intitle:"Index of" shtml.exe
intitle:"Index of" fpcount.exe
intitle:"Index of" default.asp
intitle:"Index of" showcode.asp
intitle:"Index of" sendmail.cfm
intitle:"Index of" getFile.cfm
intitle:"Index of" imagemap.exe
intitle:"Index of" test.bat
intitle:"Index of" msadcs.dll
intitle:"Index of" htimage.exe
intitle:"Index of" counter.exe
intitle:"Index of" browser.inc
intitle:"Index of" hello.bat
intitle:"Index of" default.asp\\
intitle:"Index of" dvwssr.dll
intitle:"Index of" dvwssr.dll
intitle:"Index of" dvwssr.dll
intitle:"Index of" cart32.exe
intitle:"Index of" add.exe
intitle:"Index of" index.JSP
intitle:"Index of" index.jsp
intitle:"Index of" SessionServlet
intitle:"Index of" shtml.dll
intitle:"Index of" index.cfm
intitle:"Index of" page.cfm
intitle:"Index of" shtml.exe
intitle:"Index of" web_store.cgi
intitle:"Index of" shop.cgi
intitle:"Index of" upload.asp
intitle:"Index of" default.asp
intitle:"Index of" pbserver.dll
intitle:"Index of" phf
intitle:"Index of" test-cgi
intitle:"Index of" finger
intitle:"Index of" Count.cgi
intitle:"Index of" jj
intitle:"Index of" php.cgi
intitle:"Index of" php
intitle:"Index of" nph-test-cgi
intitle:"Index of" handler
intitle:"Index of" webdist.cgi
intitle:"Index of" webgais
intitle:"Index of" websendmail
intitle:"Index of" faxsurvey
intitle:"Index of" htmlscript
intitle:"Index of" perl.exe
intitle:"Index of" wwwboard.pl
intitle:"Index of" www-sql
intitle:"Index of" view-source
intitle:"Index of" campas
intitle:"Index of" aglimpse
intitle:"Index of" glimpse
intitle:"Index of" man.sh
intitle:"Index of" AT-admin.cgi
intitle:"Index of" AT-generate.cgi
intitle:"Index of" filemail.pl
intitle:"Index of" maillist.pl
intitle:"Index of" info2www
intitle:"Index of" files.pl
intitle:"Index of" bnbform.cgi
intitle:"Index of" survey.cgi
intitle:"Index of" classifieds.cgi
intitle:"Index of" wrap
intitle:"Index of" cgiwrap
intitle:"Index of" edit.pl
intitle:"Index of" perl
intitle:"Index of" names.nsf
intitle:"Index of" webgais
intitle:"Index of" dumpenv.pl
intitle:"Index of" test.cgi
intitle:"Index of" submit.cgi
intitle:"Index of" submit.cgi
intitle:"Index of" guestbook.cgi
intitle:"Index of" guestbook.pl
intitle:"Index of" cachemgr.cgi
intitle:"Index of" responder.cgi
intitle:"Index of" perlshop.cgi
intitle:"Index of" query
intitle:"Index of" w3-msql
intitle:"Index of" plusmail
intitle:"Index of" htsearch
intitle:"Index of" infosrch.cgi
intitle:"Index of" publisher
intitle:"Index of" ultraboard.cgi
intitle:"Index of" db.cgi
intitle:"Index of" formmail.cgi
intitle:"Index of" allmanage.pl
intitle:"Index of" ssi
intitle:"Index of" adpassword.txt
intitle:"Index of" redirect.cgi
intitle:"Index of" f
intitle:"Index of" cvsweb.cgi
intitle:"Index of" login.jsp
intitle:"Index of" login.jsp
intitle:"Index of" dbconnect.inc
intitle:"Index of" admin
intitle:"Index of" htgrep
intitle:"Index of" wais.pl
intitle:"Index of" amadmin.pl
intitle:"Index of" subscribe.pl
intitle:"Index of" news.cgi
intitle:"Index of" auctionweaver.pl
intitle:"Index of" .htpasswd
intitle:"Index of" acid_main.php
intitle:"Index of" access_log
intitle:"Index of" access-log
intitle:"Index of" access.log
intitle:"Index of" log.htm
intitle:"Index of" log.html
intitle:"Index of" log.txt
intitle:"Index of" logfile
intitle:"Index of" logfile.htm
intitle:"Index of" logfile.html
intitle:"Index of" logfile.txt
intitle:"Index of" logger.html
intitle:"Index of" stat.htm
intitle:"Index of" stats.htm
intitle:"Index of" stats.html
intitle:"Index of" stats.txt
intitle:"Index of" webaccess.htm
intitle:"Index of" wwwstats.html
intitle:"Index of" source.asp
intitle:"Index of" perl
intitle:"Index of" mailto.cgi
intitle:"Index of" YaBB.pl
intitle:"Index of" mailform.pl
intitle:"Index of" cached_feed.cgi
intitle:"Index of" cr
intitle:"Index of" global.cgi
intitle:"Index of" Search.pl
intitle:"Index of" build.cgi
intitle:"Index of" common.php
intitle:"Index of" common.php
intitle:"Index of" show
intitle:"Index of" global.inc
intitle:"Index of" ad.cgi
intitle:"Index of" WSFTP.LOG
intitle:"Index of" index.html~
intitle:"Index of" index.php~
intitle:"Index of" index.html.bak
intitle:"Index of" index.php.bak
intitle:"Index of" print.cgi
intitle:"Index of" register.cgi
intitle:"Index of" webdriver
intitle:"Index of" bbs_forum.cgi
intitle:"Index of" mysql.class
intitle:"Index of" sendmail.inc
intitle:"Index of" CrazyWWWBoard.cgi
intitle:"Index of" search.pl
intitle:"Index of" way-board.cgi
intitle:"Index of" webpage.cgi
intitle:"Index of" pwd.dat
intitle:"Index of" adcycle
intitle:"Index of" post-query
intitle:"Index of" help.cgi


intitle:upload inurl:upload intext:upload -forum -shop -support -wc
intitle: private, protected, secret, secure, winnt
intitle:"DocuShare" inurl:"docushare/dsweb/" -faq -gov -edu
"Certificate Practice Statement" inurlPDF | DOC) mil
filetype:mdb inurl:.mdb mil
filetype:log inurl:"password.log"
filetype:bak inurl:"htaccess|passwd|shadow|htusers"
filetype:ini inurl:"serv-u.ini"
filetype:ini inurl:flashFXP.ini
filetype:ini ServUDaemon
filetype:ini wcx_ftp
filetype:ini ws_ftp pwd
filetype:pem intext:private 搜索加密密匙
filetype:reg reg +intext:"defaultusername" +intext:"defaultpassword" 找肉鸡，看admin密码
filetype:reg reg HKEY_CURRENT_USER SSHHOSTKEYS
filetype:url +inurl:"ftp://" +inurl:";@" 此技巧最好分开使用
intitle:"index of" intext:connect.inc
intitle:"index of" intext:globals.inc
intitle:"Index of" passwords modified 推荐
intitle:"index of" intext:welcome 如有pub和etc一般都有welcome
intitle:Index.of etc shadow
site:.gov filetype:sql
"HTTP_FROM=googlebot" googlebot.com "Server_Software=" 好的很啊
( filetype:mail | filetype:eml | filetype:mbox | filetype:mbx ) intext:password|subject site:edu 2005
filetype:eml eml +intext:"Subject" +intext:"From" +intext:"To"
inurl:forward filetype:forward -cvs 找密码和ftp最好的技巧
top secret site:mil
confidential site:mil

inurl:
private
protected
secret
secure
--------------------------------------------------------------------

filetype:xls username password email
"config.php"
service filetype:pwd (frontpage)
inurl:_vti_cnf (frontpage files)
allinurl:/msadc/samples/selector/showcode.asp
allinurl:/examples/jsp/snp/snoop.jsp
ipsec filetype:conf
"mydomain.com" nessus report
"report generated by"
"ws_ftp.log"
inurl:server-info "Apache Server Information"
inurl:ssl.conf filetype:conf
ipsec.conf
Lotus Domino address books 用户数据库，重要
robots.txt 看目录


filetype:url +inurl:"ftp://" +inurl:"@"

filetype:cnf inurl:_vti_pvt access.cnf


allinurl:"/*/_vti_pvt/" | allinurl:"/*/_vti_cnf/" 推荐
"access denied for user" "using password" mysql暴错，暴出路径
intitleogin intext:"RT is ? Copyright" 找登陆页子
intitle:index.of WEB-INF 目录
intitle:"Index of" config.php
"Index of /admin" + passwd
inurl:passwd.txt wwwboard|webadmin
master.passwd
filetype:cfg mrtg "target
" -sample -cvs -example 看MRTG的配置的
ext:ini Version=... password
filetype:cfm "cfapplication name" password
filetype:config config intext:appSettings "User ID"
filetype:dat "password.dat"
filetype:inc dbconn 推荐
"#mysql dump" filetype:sql
"allow_call_time_pass_reference" "ATH_INFO"
filetype:inc intext:mysql_connect
filetype:inc mysql_connect or mysql_pconnect
filetype:mdb inurl:users.mdb

filetype:pass pass intext:userid
filetype:properties inurl:db intext:password ]

filetype:sql ("values * MD" | "values * password" | "values * encrypt")
filetype:sql ("passwd values" | "password values" | "pass values" )
filetype:sql +"IDENTIFIED BY" -cvs
filetype:sql password
filetype:xls username password email mil

htpasswd
htpasswd / htgroup
htpasswd / htpasswd.bak

inurljspdemos private protected secret secure

intitle:dupics inurladd.asp | default.asp | view.asp | voting.asp) -site:duware.com
inurl:config.php dbuname dbpass phpnuke的漏洞
"Welcome to phpMyAdmin" " Create new database"
"phone * * *" "address *" "e-mail" intitle:"curriculum vitae" 跟踪
"phpMyAdmin" "running on" inurl:"main.php"
"robots.txt" "Disallow:" filetype:txt 可以查看漏洞
ext:reg "username=*" putty
-site:php.net -"The PHP Group" inurl:source inurl:url ext:pHp
ext:log "Software: Microsoft Internet Information Services *.*"
filetype:asp DBQ=" * Server.MapPath("*.mdb")
filetype:php inurl:index inurl:phpicalendar -site:sourceforge.net 泄露源代码
haccess.ctl (one way)
haccess.ctl (VERY reliable)
intext:gmail invite intext:http://gmail.google.com/gmail/a
-------------------------------------------------------------------------------------
intitle:"Index of" upload size parent directory
intitle:"System Statistics" +"System and Network Information Center"
intitle:"wbem" compaq login "Compaq Information Technologies Group"
intitle:index.of "Apache" "server at"
intitle:index.of cleanup.log
intitle:index.of dead.letter
intitle:index.of inbox
intitle:index.of inbox dbx
"intitle:Index.Of /" stats cgi-* etc
intitle:"Directory Listing For" intext:Tomcat -intitle:Tomcat mil
intitle:"Index of *" inurl:"my shared folder" size modified
intitle:"index of" "parent directory" "desktop.ini" site:gov NASA
"Index of /backup"
intitle:"Index of /" modified php.exe

intitle:"index of" -inurl:htm -inurl:html mp
intitle:"Index of" cfide
intitle:"index of" intext:"content.ie"
intitle:"index.of.personal"
intitle:"webadmin - /*" filetype:php directory filename permission
intitle:index.of (inurl:fileadmin | intitle:fileadmin)
intitle:index.of /AlbumArt_
intitle:index.of /maildir/new/
intitle:index.of abyss.conf
intitle:intranet inurl:intranet +intext:"human resources"
inurl:/tmp

filetype:pl -intext:"/usr/bin/perl" inurl:webcal (inurl:webcal | inurl:add | inurl:delete | inurl:config)

inurl:explorer.cfm inurldirpath|This_Directory)


"parent directory " /appz/ -xxx -html -htm -php -shtml -opendivx -md5 -md5sums

"parent directory " DVDRip -xxx -html -htm -php -shtml -opendivx -md5 -md5sums

"parent directory "Xvid -xxx -html -htm -php -shtml -opendivx -md5 -md5sums

"parent directory " Gamez -xxx -html -htm -php -shtml -opendivx -md5 -md5sums

"parent directory " MP3 -xxx -html -htm -php -shtml -opendivx -md5 -md5sums

"parent directory " Name of Singer or album -xxx -html -htm -php -shtml -opendivx -md5 -md5sums

"AutoCreate=TRUE password=*"

"index of cgi-bin"
+htpasswd +WS_FTP.LOG filetype:log
filetype:cfg ks intext:rootpw -sample -test -howto gov
config.inc.php 偶自己发现地
site:mil admin grades
inurl:backup filetype:mdb
inurl:perl/printenv
inurldbc.ini ext:ini -cvs
"Index Of /network" "last modified"
filetype:mbx mbx intext:Subject
Apache Tomcat Admin intitle:”Tomcat Server Administration”
ASP.NET inurl:ASP.login_aspx
Citrix Metaframe inurl:/Citrix/Nfuse17/
Citrix Metaframe inurl:citrix/metaframexp/default/login.asp
ColdFusion Admin intitle:”ColdFusion Administrator Login”
ColdFusion Generic inurl:login.cfm
Lotus Domino Admin inurl:”webadmin” filetype:nsf
Lotus Domino inurl:names.nsf?opendatabase
Microsoft Certificate Server intitle:”microsoft certificate services”
inurl:certsrv
Microsoft Outlook Web Access allinurl:”exchange/logon.asp”
Microsoft Outlook Web Access inurl:”exchange/logon.asp” or
intitle:”Microsoft Outlook Web Access –
Logon”
Microsoft Remote Desktop intitle:Remote.Desktop.Web.Connection
inurl:tsweb
Network Appliance Admin inurl:na_admin
Novell Groupwise Web Access inurl:/servlet/webacc Novell
Shockwave Flash Login inurl:login filetype:swf swf
Tivoli Server Administration intitle:”Server Administration” “Tivoli power”
VNC “VNC Desktop” inurl:5800

inurl:error.log filetype:log -cvs Apache error log
inurl:access.log filetype:log –cvs Apache access log (Windows)
filetype:log inurl:cache.log Squid cache log
filetype:log inurl:store.log RELEASE Squid disk store log
filetype:log inurl:access.log TCP_HIT Squid access log
filetype:log inurl:useragent.log Squid useragent log
filetype:log hijackthis “scan saved” Hijackthis scan log
ext:log “Software: Microsoft IIS server log files
Internet Information Services *.*”
filetype:log iserror.log MS Install Shield logs
intitle:index.of .bash_history UNIX bash shell history file
intitle:index.of .sh_history UNIX shell history file
“Index of” / “chat/logs” Chat logs
filetype:log username putty Putty SSH client logs
filetype:log inurl:”password.log” Password logs
filetype:log cron.log UNIX cron logs
filetype:log access.log –CVS HTTPD server access logs
+htpasswd WS_FTP.LOG filetype:log WS_FTP client log files
“sets mode: +k” IRC logs, channel key set
“sets mode: +s” IRC logs, secret channel set
intitle:”Index Of” -inurl:maillog Mail log files
maillog size