Scribd Logo
Upload

Welcome to Scribd!

  • Google Hacking List 3

    Uploaded by

    annajfong
    3K views11 pages
    vm

    Copyright

    © Attribution Non-Commercial (BY-NC)

    Available Formats

    TXT, PDF, TXT or read online from Scribd

    Did you find this document useful?

    Is this content inappropriate?

    Report this Document
    vm

    Copyright:

    Attribution Non-Commercial (BY-NC)
    Download as TXT, PDF, TXT or read online from Scribd
    Flag for inappropriate content
    3K views11 pages

    Google Hacking List 3

    Uploaded by

    annajfong
    vm

    Copyright:

    Attribution Non-Commercial (BY-NC)
    Download as TXT, PDF, TXT or read online from Scribd
    Flag for inappropriate content
    of 11

    Use Google to get the PWD information Security issues revealed Noobs,don't go crazy messing up people sites,this is to make

    awareness of how ne gligent can an administrator be. 1- Why deface when you can own it? Go to Google and type this: intitle:PhpMyAdmin "Welcome to phpMyAdmin***" running on * as root@*" This will give you tons of no passworded phpMyAdmin,means you'll have access to all files,can make changes ect. ====================================== To find websites Admin Password type the following in the Google bar: inurl:vti_pvt "service.pwd" (password will be encrypted) "convert encrypted password to md5 hash then use mi lw0rm Also You can You use this codes when you have free time..enjoy Google Search strings ------------------------* inurl:/db/main.mdb |ASP-Nuke passwords * filetype:cfm "cfapplication |ColdFusion source with potential passwords na me" password * filetype:pass |dbman credentials pass intext:userid * allinurl:auth_user_file.txt |DCForum user passwords * eggdrop filetype:user user |Eggdrop IRC user credentials * filetype:ini inurl:flashFXP.ini |FlashFXP FTP credentials * filetype:url +inurl:"ftp://" |FTP bookmarks cleartext passwords +inurl:"@" * inurl:zebra.conf intext: |GNU Zebra passwords password -sample -test -tutorial download * filetype:htpasswd htpasswd |HTTP htpasswd Web user credentials * intitle:"Index of" ".htpasswd" |HTTP htpasswd Web user credentials "htgroup" -intitle:"dist" -apache -htpasswd.c * intitle:"Index of" ".htpasswd" |HTTP htpasswd Web user credentials htpasswd.bak * "http://*:*@www" bob:bob |HTTP passwords (bob is a sample username) * "sets mode: +k" |IRC channel keys (passwords) * "Your password is * |Remember IRC NickServ registration passwords this for later use" * signin filetype:url |JavaScript authentication credentials * LeapFTP intitle:"index.of./" |LeapFTP client login credentials sites.ini modified * inurl:lilo.conf filetype:conf |LILO passwords password -tatercounter2000 -bootpwd man * filetype:config config intext: |Mcft .NET application credentials appSettings "User ID" * filetype:pwd service |Mcft FrontPage Service Web passwords * intitle:index.of |Mcft FrontPage Web credentials administrators.pwd * "# -FrontPage-" |Mcft FrontPage Web passwords inurl:service.pwd ext:pwd inurl:_vti_pvt inurl: |Mcft FrontPage Web passwords (Service | authors | administrators)

    * inurl:perform filetype:ini |mIRC nickserv credentials * intitle:"index of" intext: |mySQL database credentials connect.inc * intitle:"index of" intext: |mySQL database credentials globals.inc * filetype:conf oekakibbs |Oekakibss user passwords * filetype:dat wand.dat |Opera Magic Wand Web credentials * inurl:ospfd.conf intext: |OSPF Daemon Passwords password -sample -test -tutorial download * index.of passlist |Passlist user credentials * inurl:passlist.txt |passlist.txt file user credentials * filetype:dat "password.dat" |password.dat files * inurl:password.log filetype:log |password.log file reveals usernames, |passwords,and hostnames * filetype:log inurl:"password.log" |password.log files cleartext |passwords * inurl:people.lst filetype:lst |People.lst generic password file * intitle:index.of config.php |PHP Configuration File database |credentials * inurl:config.php dbuname dbpass |PHP Configuration File database |credentials * inurl:nuke filetype:sql |PHP-Nuke credentials * filetype:conf inurl:psybnc.conf |psyBNC IRC user credentials "USER.PASS=" * filetype:ini ServUDaemon |servU FTP Daemon credentials * filetype:conf slapd.conf |slapd configuration files root password * inurl:"slapd.conf" intext: |slapd LDAP credentials "credentials" -manpage -"Manual Page" -man: -sample * inurl:"slapd.conf" intext: |slapd LDAP root password "rootpw" -manpage -"Manual Page" -man: -sample * filetype:sql "IDENTIFIED BY" cvs |SQL passwords * filetype:sql password |SQL passwords * filetype:ini wcx_ftp |Total Commander FTP passwords * filetype:netrc password |UNIX .netrc user credentials * index.of.etc |UNIX /etc directories contain |various credential files * intitle:"Index of..etc" passwd |UNIX /etc/passwd user credentials * intitle:index.of passwd |UNIX /etc/passwd user credentials passwd.bak * intitle:"Index of" pwd.db |UNIX /etc/pwd.db credentials * intitle:Index.of etc shadow |UNIX /etc/shadow user credentials * intitle:index.of master.passwd |UNIX master.passwd user credentials * intitle:"Index of" spwd.db |UNIX spwd.db credentials passwd -pam.conf * filetype:bak inurl:"htaccess| |UNIX various password file backups passwd|shadow|htusers * filetype:inc dbconn |Various database credentials * filetype:inc intext:mysql_ |Various database credentials, server names connect * filetype:properties inurl:db |Various database credentials, server names intext:password * inurl:vtund.conf intext:pass cvs |Virtual Tunnel Daemon passwords * inurl:"wvdial.conf" intext: |wdial dialup user credentials "password" * filetype:mdb wwforum |Web Wiz Forums Web credentials * "AutoCreate=TRUE password=*" |Website Access Analyzer user passwords * filetype:pwl pwl |Windows Password List user credentials

    * filetype:reg reg +intext: |Windows Registry Keys containing user "defaultusername" intext: |credentials "defaultpassword" * filetype:reg reg +intext: |Windows Registry Keys containing user "internet account manager" |credentials * "index of/" "ws_ftp.ini" |WS_FTP FTP credentials "parent directory" * filetype:ini ws_ftp pwd |WS_FTP FTP user credentials * inurl:admin filetype: |asp Generic userlist files inurl:userlist | * inurl:php inurl: |Half-life statistics file, lists username and hlstats intext: |other information Server Username | * filetype:ctl | inurl:haccess. |Mcft FrontPage equivalent of htaccess ctl Basic |shows Web user credentials * filetype:reg | reg intext: |Mcft Internet Account Manager can * "internet account manager" |reveal usernames and more filetype:wab wab |Mcft Outlook Express Mail address |books * filetype:mdb inurl:profiles |Mcft Access databases containing |profiles. * index.of perform.ini |mIRC IRC ini file can list IRC usernames and |other information * inurl:root.asp?acs=anon |Outlook Mail Web Access directory can be |used to discover usernames * filetype:conf inurl:proftpd. |PROFTP FTP server configuration file conf sample |reveals |username and server information * filetype:log username putty |PUTTY SSH client logs can reveal |usernames |and server information * filetype:rdp rdp |Remote Desktop Connection files reveal user |credentials * intitle:index.of |UNIX bash shell history reveals commands .bash_history |typed at a bash command prompt; usernames |are often typed as argument strings * intitle:index.of |UNIX shell history reveals commands typed at .sh_history |a shell command prompt; usernames are |often typed as argument strings * "index of " lck |Various lock files list the user currently using |a file * +intext:webalizer +intext: |Webalizer Web statistics page lists Web userTotal Usernames +intext: |names and statistical information "Usage Statistics for" * filetype:reg reg HKEY_ |Windows Registry exports can reveal CURRENT_USER |username usernames and other information Labels: googling to hack Posted by jithender at 2:09 AM 0 comments Links to this post Other Sites passwords Revealing through Google also visit my other blogs from visit this link Pay attention to your passwords, you can't imagine what can be discovered with g

    oogle, some people ask me how to recover their blog or website because it was ha cked, remember to always backup your files. here are some examples you can try by yourself in google (just type the left par t into Google's search box:

    nurl:/db/main.mdb style='mso-spacerun:yes'> ASP-Nuke passwords

    filetype:cfm cfapplication name password ColdFusion source with potential passwords

    filetype:pass pass intext:userid dbman credentials

    allinurl:auth_user_file.txt style='mso-spacerun:yes'> DCForum user passwords

    eggdrop filetype:user user Eggdrop IRC user credentials

    filetype:ini inurl:flashFXP.ini FlashFXP FTP credentials

    filetype:url +inurl: ftp:// +inurl: @ FTP bookmarks cleartext passwords

    inurl:zebra.conf intext:password -sample -test -tutorial style='mso-spacerun:yes'> GNU Zebra passwords

    download

    filetype:htpasswd htpasswd

    HTTP htpasswd Web user credentials

    intitle: Index of .htpasswd htgroup -intitle: dist -apache -htpasswd.c style='mso-spacerun:yes'> HTTP htpasswd Web user credentials

    intitle: Index of .htpasswd htpasswd.bak HTTP htpasswd Web user credentials

    http://*:*@www bob:bob style='mso-spacerun:yes'> HTTP passwords (bob is a sample username)

    sets mode: +k style='mso-spacerun:yes'> IRC channel keys (passwords)

    Your password is * Remember this for later use IRC NickServ registration passwords

    signin filetype:url style='mso-spacerun:yes'> JavaScript authentication credentials

    LeapFTP intitle: index.of./ sites.ini modified LeapFTP client login credentials

    inurl:lilo.conf filetype:conf password -tatercounter2000 -bootpwd style='mso-spacerun:yes'> LILO passwords

    man

    filetype:config config intext:appSettings User ID Microsoft .NET application credentials

    filetype:pwd service style='mso-spacerun:yes'> Microsoft FrontPage Service Web passwords

    intitle:index.of administrators.pwd Microsoft FrontPage Web credentials

    # -FrontPageinurl:service.pwd Microsoft FrontPage Web passwords

    ext:pwd inurl:_vti_pvt inurl:(Service | authors | administrators) style='mso-spacerun:yes'> Microsoft FrontPage Web passwords

    inurl:perform filetype:ini mIRC nickserv credentials

    intitle: index of intext:connect.inc mySQL database credentials

    intitle: index of intext:globals.inc mySQL database credentials

    filetype:conf oekakibbs style='mso-spacerun:yes'> Oekakibss user passwords

    filetype:dat wand.dat style='mso-spacerun:yes'> Opera, Magic Wand, Web credentials

    inurl:ospfd.conf intext:password -sample -test -tutorial style='mso-spacerun:yes'> OSPF Daemon Passwords

    download

    index.of passlist style='mso-spacerun:yes'> Passlist user credentials

    inurl:passlist.txt style='mso-spacerun:yes'> passlist.txt file user credentials

    filetype:dat password.dat password.dat files

    inurl:password.log filetype:log password.log file reveals usernames, passwords, and hostnames filetype:log inurl: password.log password.log files cleartext passwords

    inurl:people.lst filetype:lst People.lst generic password file

    intitle:index.of config.php PHP Configuration File database credentials

    inurl:config.php dbuname dbpass PHP Configuration File database credentials

    inurl:nuke filetype:sql style='mso-spacerun:yes'>

    PHP-Nuke credentials

    filetype:conf inurl:psybnc.conf USER.PASS= psyBNC IRC user credentials

    filetype:ini ServUDaemon style='mso-spacerun:yes'> servU FTP Daemon credentials

    filetype:conf slapd.conf style='mso-spacerun:yes'> slapd configuration files root password

    inurl: slapd.conf intext: credentials -manpage - Manual Page style='mso-spacerun:yes'> slapd LDAP credentials

    -man: -sample

    inurl: slapd.conf intext: rootpw -manpage - Manual Page style='mso-spacerun:yes'> slapd LDAP root password

    -man: -sample

    filetype:sql IDENTIFIED BY cvs SQL passwords

    filetype:sql password style='mso-spacerun:yes'> SQL passwords

    filetype:ini wcx_ftp style='mso-spacerun:yes'> Total Commander FTP passwords

    filetype:netrc password style='mso-spacerun:yes'> UNIX .netrc user credentials

    index.of.etc style='mso-spacerun:yes'> UNIX /etc directories contain various credential files

    intitle: Index of..etc passwd UNIX /etc/passwd user credentials

    intitle:index.of passwd passwd.bak UNIX /etc/passwd user credentials

    intitle: Index of pwd.db style='mso-spacerun:yes'> UNIX /etc/pwd.db credentials

    intitle:Index.of etc shadow UNIX /etc/shadow user credentials

    intitle:index.of master.passwd UNIX master.passwd user credentials

    intitle: Index of spwd.db passwd -pam.conf UNIX spwd.db credentials

    filetype:bak inurl: htaccess|passwd|shadow|htusers UNIX various password file backups

    filetype:inc dbconn style='mso-spacerun:yes'> Various database credentials

    filetype:inc intext:mysql_connect Various database credentials, server names

    filetype:properties inurl:db intext:password Various database credentials, server names

    inurl:vtund.conf intext:pass cvs Virtual Tunnel Daemon passwords

    inurl: wvdial.conf intext: password wdial dialup user credentials

    filetype:mdb wwforum style='mso-spacerun:yes'> Web Wiz Forums Web credentials

    AutoCreate=TRUE password=* Website Access Analyzer user passwords

    filetype:pwl pwl style='mso-spacerun:yes'> Windows Password List user credentials

    filetype:reg reg +intext: defaultusername intext: defaultpassword style='mso-spacerun:yes'> Windows Registry Keys containing user credentials

    filetype:reg reg +intext: internet account manager Windows Registry Keys containing user credentials

    index of/ ws_ftp.ini parent directory WS_FTP FTP credentials

    filetype:ini ws_ftp pwd style='mso-spacerun:yes'> WS_FTP FTP user credentials

    inurl:/wwwboard style='mso-spacerun:yes'> wwwboard user credentials

    You might also like