In fact, it should have been published. I am probably one of the earliest people to organize Google skills in China. Later, Sniper wrote Google hack, so he became even lazy to post. Now that I help my wife find papers, I am so tired of matching keywords. These skills are what I have sorted out and eliminated after I have sorted out. If you are interested, you can ask me for the best ones.
Http://
By swap
The search address in the site is:
/custom?domains= (write the site we want to search here, for example)
You can choose www and then choose the site we want to search!
The hacker-specific information and data search addresses are:
/custom?hl=xx-hacker
Here is the usage of Google keywords. To set it to Chinese, it is
/custom?hl=zh-CN
In English, it is /custom?hl=en
Commonly used Google keywords:
foo1 foo2 (that is, association, such as searching for xx company xx beauty)
operator:foo
filetype:123 Type
site: It is more interesting to read the website directly, and you can get a lot of unexpected information.
intext:foo
intitle: fooltitle Title
allinurl:foo Search all related connections of xx website. (A must-have for scouting)
links:foo Don’t just say it’s related links
allintilte:
We can assist "-" "+" to adjust the accuracy of the search
Direct search password: (quotation marks are denoted as accurate search)
Of course we can extend it to the above results for a secondary search.
"index of" htpasswd / passwd
filetype:xls username password email
"ws_ftp.log"
""
allinurl:admin mdb
service filetype:pwd ...or a password suffix cif such as pcanywhere, etc.
It's getting more interesting, let's get some more sensitive information
"" "Disallow:" filetype:txt
inurl:_vti_cnf (The key index of FrontPage, the scanner's CGI library generally has a place)
allinurl: /msadc/Samples/selector/
/../../../passwd
/examples/jsp/snp/
phpsysinfo
intitle:index of /admin
intitle:"documetation"
Inurl: 5800 (the port of vnc) or desktop port and other keyword search
webmin port 10000
inurl:/admin/
intext:Powered by GBook365
intitle:"php shell*" "Enable stderr" filetype:php Search directly to phpwebshell
filetype:inc
ipsec filetype:conf
Intilte:"error occurred" ODBC request WHERE (select|insert) To put it bluntly, you can directly try to check the database search. It will be developed for the current popular SQL injections.
intitle:"php shell*" "Enable stderr" filetype:php
"Dumping data for table" username password
intitle:"Error using Hypernews"
"Server Software"
intitle:"HTTP_USER_AGENT=Googlebot"
"HTTP_USER_ANGET=Googlebot" THS ADMIN
filetype:.doc site:.mil classified Search directly to the military-related words
Check multiple keywords:
intitle:config confixx login password
"" nessus report
"report generated by"
"ipconfig"
"winipconfig"
Google cache utilization (hoho, the most influential thing) recommended that you search more "select searches for all websites"
Special recommendation: administrator users and other related things, such as names, birthdays, etc.... The worst thing can you use them as a dictionary.
cache:
Similar results can be found
First find the management backend address of the website:
site: intext:Management
site: inurl:login
site: intitle:Management
site: inurl:file
site: inurl:load
site: intext:ftp://*:*
site: filetype:asp
site://Get N secondary domain names
site: intext:*@//Get N email addresses, and the name of the owner of the email address.
site: intext: Telephone //N phone number
intitle:"index of" etc
intitle:"Index of" .sh_history
intitle:"Index of" .bash_history
intitle:"index of" passwd
intitle:"index of"
intitle:"index of"
intitle:"index of" etc/shadow
intitle:"index of" spwd
intitle:"index of"
intitle:"index of" htpasswd
"# -FrontPage-" inurl:
allinurl:bbs data
filetype:mdb inurl:database
filetype:inc conn
inurl:data filetype:mdb
intitle:"index of" data
……
A collection of some tips:
3) "http://*:*@www" domainname Find some ISP sites and you can check the other party's IP virtual host.
3
4) auth_user_file.txt is not practical, too old
5) The Master List Looking for mailing list
6) intitle:"" A special management system with a default open port 90
7) (a better way) Dictionary
8) "A syntax error has occurred" filetype:ihtml
9) ext:php program_listing intitle:
10) intitle:
11)ext:nbe nbe
12)intitle:"SWW link" "Please wait....."
13)
14) intitle:" - Status" -site:
15) intitle:"WorldClient" intext:"? (2003|2004) Alt-N Technologies."
17) intitle:open-xchange inurl:
20) intitle:"site administration: please log in" "site designed by emarketsouth"
21) ORA-00921: unexpected end of SQL command
22)intitle:"YALA: Yet Another LDAP Administrator"
23) phpqladmin "Please login" -cvsweb
24)intitle:"SWW link" "Please wait....."
25)inurl:"port_255" -htm
27)intitle:"WorldClient" intext:"? (2003|2004) Alt-N Technologies."
These are some new vulnerability tips, announced in the 0days announcement
ext:php program_listing intitle:
inurl: "[emule]"
intitle:"Index of /CFIDE/" administrator
"access denied for user" "using password"
ext:php intext:"Powered by phpNewMan Version" You can see: path/to/news/?clang=../../../../../../../file/i/want
inurl:"/becommunity/community/?pageurl="
intitle:"ASP FileMan" Resend -site:
"Enter ip" inurl:""
ext:conf inurl: -cvs -man
intitle: private, protected, secret, secure, winnt
intitle:"DocuShare" inurl:"docushare/dsweb/" -faq -gov -edu
"#mysql dump" filetype:sql
"allow_call_time_pass_reference" "PATH_INFO"
"Certificate Practice Statement" inurl:(PDF | DOC)
LeapFTP intitle:"./" modified
mysql history files
NickServ registration passwords
passlist
(a better way)
passwd
passwd / etc (reliable)
psyBNC config files
signin filetype:url
/ passwd
wwwboard WebAdmin inurl: wwwboard|webadmin
"# -FrontPage-" ext:pwd inurl:(service | authors | administrators | users) "# -FrontPage-"
inurl:
"AutoCreate=TRUE password=*"
"http://*:*@www" domainname
"index of/" "ws_ftp.ini" "parent directory"
"liveice configuration file" ext:cfg -site:
"powered by ducalendar" -site:
"Powered by Duclassified" -site:
"Powered by Duclassified" -site: "DUware All Rights reserved"
"powered by duclassmate" -site:
"Powered by Dudirectory" -site:
"powered by dudownload" -site:
"Powered By Elite Forum Version *.*"
"Powered by Link Department"
"sets mode: +k"
"Powered by DUpaypal" -site:
allinurl: admin mdb
auth_user_file.txt
eggdrop filetype:user user
etc ()
ext:ini
ext:ini Version=... password
ext:txt inurl:
filetype:bak inurl:"htaccess|passwd|shadow|htusers"
filetype:cfg mrtg "target[*]" -sample -cvs -example
filetype:cfm "cfapplication name" password
filetype:conf oekakibbs
filetype:conf sc_serv.conf
filetype:conf
filetype:config config intext:appSettings "User ID"
filetype:dat ""
filetype:dat
filetype:inc dbconn
filetype:inc intext:mysql_connect
filetype:inc mysql_connect OR mysql_pconnect
filetype:inf sysprep
filetype:ini inurl:""
filetype:ini inurl:
filetype:ini ServUDaemon
filetype:ini wcx_ftp
filetype:ini ws_ftp pwd
filetype:ldb admin
filetype:log "See `ipsec copyright"
filetype:log inurl:""
filetype:mdb inurl:
filetype:mdb wwforum
filetype:netrc password
filetype:pass pass intext:userid
filetype:pem intext:private
filetype:properties inurl:db intext:password
filetype:pwd service
filetype:pwl pwl
filetype:reg reg +intext:"defaultusername" +intext:"defaultpassword"
filetype:reg reg HKEY_CURRENT_USER SSHHOSTKEYS
filetype:sql ("values * MD" | "values * password" | "values * encrypt")
filetype:sql ("passwd values" | "password values" | "pass values" )
filetype:sql +"IDENTIFIED BY" -cvs
filetype:sql password
filetype:url +inurl:"ftp://" +inurl:";@"
filetype:xls username password email
htpasswd
htpasswd / htgroup
htpasswd /
intext:"enable secret $"
intext:"powered by Web Wiz Journal"
intitle:"index of" intext:
intitle:"index of" intext:
intitle:"Index of" passwords modified
intitle:dupics inurl:( | | | ) -site:
----------------------------------------------------------------------------------------------------------------------
intitle: intext:""|""|""
inurl:"" intext:"password"
inurl:"" intext:"credentials" -manpage -"Manual Page" -man: -sample
inurl:"" intext:"rootpw" -manpage -"Manual Page" -man: -sample
inurl:"" intext:"password"
inurl:/db/
inurl:chap-secrets -cvs
inurl: dbuname dbpass
inurl: -cvs
inurl: filetype:conf password -tatercounter -bootpwd -man
inurl:nuke filetype:sql
inurl: intext:password -sample -test -tutorial -download Route configuration
inurl:pap-secrets -cvs
inurl:perform filetype:ini
inurl:secring ext:skr | ext:pgp | ext:bak
inurl: intext:pass -cvs
inurl: intext:password -sample -test -tutorial -download
"Generated by phpSystem"
"generated by wwwstat"
"Host Vulnerability Summary Report" ]
"HTTP_FROM=googlebot" "Server_Software="
"Index of" / "chat/logs" Chat Room
"Installed Objects Scanner" inurl:
"Mecury Version" "Infastructure Group"
"Microsoft (R) Windows * (TM) Version * DrWtsn Copyright (C)" ext:log
"Most Submitted Forms and Scripts" "this section"
"Network Vulnerability Assessment Report"
"not for distribution" confidential
"phone * * *" "address *" "e-mail" intitle:"curriculum vitae"
"phpMyAdmin" "running on" inurl:""
"produced by getstats"
"Request Details" "Control Tree" "Server Variables"
"" "Disallow:" filetype:txt
"Running in Child mode"
"sets mode: +p"
"sets mode: +s"
"Thank you for your order" +receipt
"This is a Shareaza Node"
"This report was generated by WebLog"
( filetype:mail | filetype:eml | filetype:mbox | filetype:mbx ) intext:password|subject
(inurl:"" | inurl:"" ) intext:disallow filetype:txt
-site: -"The PHP Group" inurl:source inurl:url ext:pHp
FBR "ADOBE PHOTOSHOP"
AIM buddy lists
allinurl:/examples/jsp/snp/
allinurl:servlet/SnoopServlet
data filetype:mdb -site:gov -site:mil
exported email addresses
ext:asp inurl:
ext:cgi inurl: inurl:file=
ext:conf inurl: -cvs -man
ext:conf NoCatAuth -cvs
ext:dat
ext:gho gho
ext:ini intext:
ext:ldif ldif
ext:log "Software: Microsoft Internet Information Services *.*"
------------------------------------------------------------------------------------------
ext:mdb inurl:*.mdb inurl:fpdb
filetype:bkf bkf
filetype:blt "buddylist"
filetype:blt blt +intext:screenname
filetype:cfg auto_inst.cfg
filetype:conf inurl:firewall -intitle:cvs
filetype:config -CVS
filetype:ctt ctt messenger
filetype:fp fp
filetype:fp fp -site:gov -site:mil -"cvs log"
filetype:inf inurl:
filetype:lic lic intext:key
filetype:myd myd -CVS
filetype:ns ns
filetype:ora ora
filetype:ora tnsnames
filetype:pdb pdb backup (Pilot | Pluckerdb)
filetype:pot inurl:
------------------------------------------------------------------------------------------------------------------
filetype:pst inurl:""
filetype:pst pst -from -to -date
filetype:qbb qbb
filetype:rdp rdp
filetype:reg "Terminal Server Client"
filetype:vcs vcs
filetype:wab wab
filetype:xls -site:gov inurl:contact
filetype:xls inurl:""
Financial spreadsheets:
Financial spreadsheets:
Ganglia Cluster Reports
(one way)
(VERY reliable)
ICQ chat logs, please...
iletype:log
intext:"Session Start * * * *:*:* *" filetype:log
intext:"Tobias Oetiker" "traffic analysis"
intext:(password | passcode) intext:(username | userid | user) filetype:csv
intext:gmail invite intext:/gmail/a
intext:SQLiteManager inurl:
intitle:"Apache::Status" (inurl:server-status | inurl: | inurl:)
intitle:"AppServ Open Project" -site:
intitle:"ASP Stats Generator *.*" "ASP Stats Generator" "- weppos"
intitle:"FTP root at"
intitle:"index of" +myd size
intitle:"Index Of" -inurl:maillog maillog size
intitle:"Index Of" size
intitle:"index of" OR mysql_config
intitle:"Index of" upload size parent directory
intitle:"" .diz .nfo last modified
intitle:"Multimon UPS status page"
intitle:"PHP Advanced Transfer" (inurl: | inurl: )
intitle:"PhpMyExplorer" inurl:"" -cvs
---------------------------------------------------------------------
intitle:"statistics of" "advanced web statistics"
intitle:"System Statistics" +"System and Network Information Center"
intitle:"Usage Statistics for" "Generated by Webalizer"
intitle:"wbem" compaq login "Compaq Information Technologies Group"
intitle:"Web Server Statistics for ****"
intitle:"web server status" SSH Telnet
intitle:""
intitle:admin intitle:login
intitle: "Apache" "server at"
intitle:
intitle:
intitle: inbox
intitle: inbox dbx
intitle:intranet inurl:intranet +intext:"phone"
inurl:"/axs/" -script
inurl:"/cricket/"
inurl:""
inurl:"cacti" +inurl:"graph_view.php" +"Settings Tree View" -cvs -RPM
inurl:"newsletter/admin/"
inurl:"newsletter/admin/" intitle:"newsletter admin"
inurl:""
inurl:"" intext:"workgroup" filetype:conf conf
----------------------------------------------------------------------------------------------------------
Welcome to ntop!
"adding new user" inurl:addnewuser -"there are no domains"
(inurl:/cgi-bin/.cobalt/) | (intext:"Welcome to the Cobalt RaQ")
filetype:php HAXPLORER "Server Files Browser"
intitle:"Web Data Administrator - Login"
inurl:ConnectComputer/ | inurl:Remote/
PHP Shell (unprotected)
PHPKonsole PHPShell filetype:php -echo
Public PHP FileManagers
"index of" /
"index of" inurl:recycler
"Index of" rar r nfo Modified
"intitle: /" stats merchant cgi-* etc
"Powered by Invision Power File Manager" (inurl:) | (intitle:"Browsing directory /" )
"Web File Browser" "Use regular expression"
filetype:ini intext:
intext:"?id" || inurl:"?id"
intext:"Powered By: TotalIndex" intitle:"TotalIndex"
intitle:"album permissions" "Users who can modify photos" "EVERYBODY"
intitle:"Directory Listing For" intext:Tomcat -intitle:Tomcat
intitle:"HFS /" +"HttpFileServer"
intitle:"Index of *" inurl:"my shared folder" size modified
-------------------------------------------------------------------------------------------------------------------
"File Upload Manager v." "rename to"
ext:asp "powered by DUForum" inurl:(messages|details|login|default|register) -site:
ext:asp inurl:DUgallery intitle:"." -site: -site:
ext:cgi inurl:ubb_test
ezBOO "Administrator Panel" -cvs
filetype:cgi inurl:
filetype:cnf -cvs -example
filetype:inc inc intext:setcookie
filetype:php inurl:"viewfile" -"" -"idfil
filetype:wsdl wsdl
intitle:"ASP FileMan" Resend -site:
intitle:"Index of /" modified
intitle:"phpremoteview" filetype:php "Name, Size, Type, Modify"
inurl:" " intitle:"wwwadmin"
inurl:"" "Start browsing through this CGI-based proxy"
inurl:"plog/"
inurl:?StoreID
inurl: filetype:cgi
The Master List
"More Info about MetaCart Free"
Http://
By swap
The search address in the site is:
/custom?domains= (write the site we want to search here, for example)
You can choose www and then choose the site we want to search!
The hacker-specific information and data search addresses are:
/custom?hl=xx-hacker
Here is the usage of Google keywords. To set it to Chinese, it is
/custom?hl=zh-CN
In English, it is /custom?hl=en
Commonly used Google keywords:
foo1 foo2 (that is, association, such as searching for xx company xx beauty)
operator:foo
filetype:123 Type
site: It is more interesting to read the website directly, and you can get a lot of unexpected information.
intext:foo
intitle: fooltitle Title
allinurl:foo Search all related connections of xx website. (A must-have for scouting)
links:foo Don’t just say it’s related links
allintilte:
We can assist "-" "+" to adjust the accuracy of the search
Direct search password: (quotation marks are denoted as accurate search)
Of course we can extend it to the above results for a secondary search.
"index of" htpasswd / passwd
filetype:xls username password email
"ws_ftp.log"
""
allinurl:admin mdb
service filetype:pwd ...or a password suffix cif such as pcanywhere, etc.
It's getting more interesting, let's get some more sensitive information
"" "Disallow:" filetype:txt
inurl:_vti_cnf (The key index of FrontPage, the scanner's CGI library generally has a place)
allinurl: /msadc/Samples/selector/
/../../../passwd
/examples/jsp/snp/
phpsysinfo
intitle:index of /admin
intitle:"documetation"
Inurl: 5800 (the port of vnc) or desktop port and other keyword search
webmin port 10000
inurl:/admin/
intext:Powered by GBook365
intitle:"php shell*" "Enable stderr" filetype:php Search directly to phpwebshell
filetype:inc
ipsec filetype:conf
Intilte:"error occurred" ODBC request WHERE (select|insert) To put it bluntly, you can directly try to check the database search. It will be developed for the current popular SQL injections.
intitle:"php shell*" "Enable stderr" filetype:php
"Dumping data for table" username password
intitle:"Error using Hypernews"
"Server Software"
intitle:"HTTP_USER_AGENT=Googlebot"
"HTTP_USER_ANGET=Googlebot" THS ADMIN
filetype:.doc site:.mil classified Search directly to the military-related words
Check multiple keywords:
intitle:config confixx login password
"" nessus report
"report generated by"
"ipconfig"
"winipconfig"
Google cache utilization (hoho, the most influential thing) recommended that you search more "select searches for all websites"
Special recommendation: administrator users and other related things, such as names, birthdays, etc.... The worst thing can you use them as a dictionary.
cache:
Similar results can be found
First find the management backend address of the website:
site: intext:Management
site: inurl:login
site: intitle:Management
site: inurl:file
site: inurl:load
site: intext:ftp://*:*
site: filetype:asp
site://Get N secondary domain names
site: intext:*@//Get N email addresses, and the name of the owner of the email address.
site: intext: Telephone //N phone number
intitle:"index of" etc
intitle:"Index of" .sh_history
intitle:"Index of" .bash_history
intitle:"index of" passwd
intitle:"index of"
intitle:"index of"
intitle:"index of" etc/shadow
intitle:"index of" spwd
intitle:"index of"
intitle:"index of" htpasswd
"# -FrontPage-" inurl:
allinurl:bbs data
filetype:mdb inurl:database
filetype:inc conn
inurl:data filetype:mdb
intitle:"index of" data
……
A collection of some tips:
3) "http://*:*@www" domainname Find some ISP sites and you can check the other party's IP virtual host.
3
4) auth_user_file.txt is not practical, too old
5) The Master List Looking for mailing list
6) intitle:"" A special management system with a default open port 90
7) (a better way) Dictionary
8) "A syntax error has occurred" filetype:ihtml
9) ext:php program_listing intitle:
10) intitle:
11)ext:nbe nbe
12)intitle:"SWW link" "Please wait....."
13)
14) intitle:" - Status" -site:
15) intitle:"WorldClient" intext:"? (2003|2004) Alt-N Technologies."
17) intitle:open-xchange inurl:
20) intitle:"site administration: please log in" "site designed by emarketsouth"
21) ORA-00921: unexpected end of SQL command
22)intitle:"YALA: Yet Another LDAP Administrator"
23) phpqladmin "Please login" -cvsweb
24)intitle:"SWW link" "Please wait....."
25)inurl:"port_255" -htm
27)intitle:"WorldClient" intext:"? (2003|2004) Alt-N Technologies."
These are some new vulnerability tips, announced in the 0days announcement
ext:php program_listing intitle:
inurl: "[emule]"
intitle:"Index of /CFIDE/" administrator
"access denied for user" "using password"
ext:php intext:"Powered by phpNewMan Version" You can see: path/to/news/?clang=../../../../../../../file/i/want
inurl:"/becommunity/community/?pageurl="
intitle:"ASP FileMan" Resend -site:
"Enter ip" inurl:""
ext:conf inurl: -cvs -man
intitle: private, protected, secret, secure, winnt
intitle:"DocuShare" inurl:"docushare/dsweb/" -faq -gov -edu
"#mysql dump" filetype:sql
"allow_call_time_pass_reference" "PATH_INFO"
"Certificate Practice Statement" inurl:(PDF | DOC)
LeapFTP intitle:"./" modified
mysql history files
NickServ registration passwords
passlist
(a better way)
passwd
passwd / etc (reliable)
psyBNC config files
signin filetype:url
/ passwd
wwwboard WebAdmin inurl: wwwboard|webadmin
"# -FrontPage-" ext:pwd inurl:(service | authors | administrators | users) "# -FrontPage-"
inurl:
"AutoCreate=TRUE password=*"
"http://*:*@www" domainname
"index of/" "ws_ftp.ini" "parent directory"
"liveice configuration file" ext:cfg -site:
"powered by ducalendar" -site:
"Powered by Duclassified" -site:
"Powered by Duclassified" -site: "DUware All Rights reserved"
"powered by duclassmate" -site:
"Powered by Dudirectory" -site:
"powered by dudownload" -site:
"Powered By Elite Forum Version *.*"
"Powered by Link Department"
"sets mode: +k"
"Powered by DUpaypal" -site:
allinurl: admin mdb
auth_user_file.txt
eggdrop filetype:user user
etc ()
ext:ini
ext:ini Version=... password
ext:txt inurl:
filetype:bak inurl:"htaccess|passwd|shadow|htusers"
filetype:cfg mrtg "target[*]" -sample -cvs -example
filetype:cfm "cfapplication name" password
filetype:conf oekakibbs
filetype:conf sc_serv.conf
filetype:conf
filetype:config config intext:appSettings "User ID"
filetype:dat ""
filetype:dat
filetype:inc dbconn
filetype:inc intext:mysql_connect
filetype:inc mysql_connect OR mysql_pconnect
filetype:inf sysprep
filetype:ini inurl:""
filetype:ini inurl:
filetype:ini ServUDaemon
filetype:ini wcx_ftp
filetype:ini ws_ftp pwd
filetype:ldb admin
filetype:log "See `ipsec copyright"
filetype:log inurl:""
filetype:mdb inurl:
filetype:mdb wwforum
filetype:netrc password
filetype:pass pass intext:userid
filetype:pem intext:private
filetype:properties inurl:db intext:password
filetype:pwd service
filetype:pwl pwl
filetype:reg reg +intext:"defaultusername" +intext:"defaultpassword"
filetype:reg reg HKEY_CURRENT_USER SSHHOSTKEYS
filetype:sql ("values * MD" | "values * password" | "values * encrypt")
filetype:sql ("passwd values" | "password values" | "pass values" )
filetype:sql +"IDENTIFIED BY" -cvs
filetype:sql password
filetype:url +inurl:"ftp://" +inurl:";@"
filetype:xls username password email
htpasswd
htpasswd / htgroup
htpasswd /
intext:"enable secret $"
intext:"powered by Web Wiz Journal"
intitle:"index of" intext:
intitle:"index of" intext:
intitle:"Index of" passwords modified
intitle:dupics inurl:( | | | ) -site:
----------------------------------------------------------------------------------------------------------------------
intitle: intext:""|""|""
inurl:"" intext:"password"
inurl:"" intext:"credentials" -manpage -"Manual Page" -man: -sample
inurl:"" intext:"rootpw" -manpage -"Manual Page" -man: -sample
inurl:"" intext:"password"
inurl:/db/
inurl:chap-secrets -cvs
inurl: dbuname dbpass
inurl: -cvs
inurl: filetype:conf password -tatercounter -bootpwd -man
inurl:nuke filetype:sql
inurl: intext:password -sample -test -tutorial -download Route configuration
inurl:pap-secrets -cvs
inurl:perform filetype:ini
inurl:secring ext:skr | ext:pgp | ext:bak
inurl: intext:pass -cvs
inurl: intext:password -sample -test -tutorial -download
"Generated by phpSystem"
"generated by wwwstat"
"Host Vulnerability Summary Report" ]
"HTTP_FROM=googlebot" "Server_Software="
"Index of" / "chat/logs" Chat Room
"Installed Objects Scanner" inurl:
"Mecury Version" "Infastructure Group"
"Microsoft (R) Windows * (TM) Version * DrWtsn Copyright (C)" ext:log
"Most Submitted Forms and Scripts" "this section"
"Network Vulnerability Assessment Report"
"not for distribution" confidential
"phone * * *" "address *" "e-mail" intitle:"curriculum vitae"
"phpMyAdmin" "running on" inurl:""
"produced by getstats"
"Request Details" "Control Tree" "Server Variables"
"" "Disallow:" filetype:txt
"Running in Child mode"
"sets mode: +p"
"sets mode: +s"
"Thank you for your order" +receipt
"This is a Shareaza Node"
"This report was generated by WebLog"
( filetype:mail | filetype:eml | filetype:mbox | filetype:mbx ) intext:password|subject
(inurl:"" | inurl:"" ) intext:disallow filetype:txt
-site: -"The PHP Group" inurl:source inurl:url ext:pHp
FBR "ADOBE PHOTOSHOP"
AIM buddy lists
allinurl:/examples/jsp/snp/
allinurl:servlet/SnoopServlet
data filetype:mdb -site:gov -site:mil
exported email addresses
ext:asp inurl:
ext:cgi inurl: inurl:file=
ext:conf inurl: -cvs -man
ext:conf NoCatAuth -cvs
ext:dat
ext:gho gho
ext:ini intext:
ext:ldif ldif
ext:log "Software: Microsoft Internet Information Services *.*"
------------------------------------------------------------------------------------------
ext:mdb inurl:*.mdb inurl:fpdb
filetype:bkf bkf
filetype:blt "buddylist"
filetype:blt blt +intext:screenname
filetype:cfg auto_inst.cfg
filetype:conf inurl:firewall -intitle:cvs
filetype:config -CVS
filetype:ctt ctt messenger
filetype:fp fp
filetype:fp fp -site:gov -site:mil -"cvs log"
filetype:inf inurl:
filetype:lic lic intext:key
filetype:myd myd -CVS
filetype:ns ns
filetype:ora ora
filetype:ora tnsnames
filetype:pdb pdb backup (Pilot | Pluckerdb)
filetype:pot inurl:
------------------------------------------------------------------------------------------------------------------
filetype:pst inurl:""
filetype:pst pst -from -to -date
filetype:qbb qbb
filetype:rdp rdp
filetype:reg "Terminal Server Client"
filetype:vcs vcs
filetype:wab wab
filetype:xls -site:gov inurl:contact
filetype:xls inurl:""
Financial spreadsheets:
Financial spreadsheets:
Ganglia Cluster Reports
(one way)
(VERY reliable)
ICQ chat logs, please...
iletype:log
intext:"Session Start * * * *:*:* *" filetype:log
intext:"Tobias Oetiker" "traffic analysis"
intext:(password | passcode) intext:(username | userid | user) filetype:csv
intext:gmail invite intext:/gmail/a
intext:SQLiteManager inurl:
intitle:"Apache::Status" (inurl:server-status | inurl: | inurl:)
intitle:"AppServ Open Project" -site:
intitle:"ASP Stats Generator *.*" "ASP Stats Generator" "- weppos"
intitle:"FTP root at"
intitle:"index of" +myd size
intitle:"Index Of" -inurl:maillog maillog size
intitle:"Index Of" size
intitle:"index of" OR mysql_config
intitle:"Index of" upload size parent directory
intitle:"" .diz .nfo last modified
intitle:"Multimon UPS status page"
intitle:"PHP Advanced Transfer" (inurl: | inurl: )
intitle:"PhpMyExplorer" inurl:"" -cvs
---------------------------------------------------------------------
intitle:"statistics of" "advanced web statistics"
intitle:"System Statistics" +"System and Network Information Center"
intitle:"Usage Statistics for" "Generated by Webalizer"
intitle:"wbem" compaq login "Compaq Information Technologies Group"
intitle:"Web Server Statistics for ****"
intitle:"web server status" SSH Telnet
intitle:""
intitle:admin intitle:login
intitle: "Apache" "server at"
intitle:
intitle:
intitle: inbox
intitle: inbox dbx
intitle:intranet inurl:intranet +intext:"phone"
inurl:"/axs/" -script
inurl:"/cricket/"
inurl:""
inurl:"cacti" +inurl:"graph_view.php" +"Settings Tree View" -cvs -RPM
inurl:"newsletter/admin/"
inurl:"newsletter/admin/" intitle:"newsletter admin"
inurl:""
inurl:"" intext:"workgroup" filetype:conf conf
----------------------------------------------------------------------------------------------------------
Welcome to ntop!
"adding new user" inurl:addnewuser -"there are no domains"
(inurl:/cgi-bin/.cobalt/) | (intext:"Welcome to the Cobalt RaQ")
filetype:php HAXPLORER "Server Files Browser"
intitle:"Web Data Administrator - Login"
inurl:ConnectComputer/ | inurl:Remote/
PHP Shell (unprotected)
PHPKonsole PHPShell filetype:php -echo
Public PHP FileManagers
"index of" /
"index of" inurl:recycler
"Index of" rar r nfo Modified
"intitle: /" stats merchant cgi-* etc
"Powered by Invision Power File Manager" (inurl:) | (intitle:"Browsing directory /" )
"Web File Browser" "Use regular expression"
filetype:ini intext:
intext:"?id" || inurl:"?id"
intext:"Powered By: TotalIndex" intitle:"TotalIndex"
intitle:"album permissions" "Users who can modify photos" "EVERYBODY"
intitle:"Directory Listing For" intext:Tomcat -intitle:Tomcat
intitle:"HFS /" +"HttpFileServer"
intitle:"Index of *" inurl:"my shared folder" size modified
-------------------------------------------------------------------------------------------------------------------
"File Upload Manager v." "rename to"
ext:asp "powered by DUForum" inurl:(messages|details|login|default|register) -site:
ext:asp inurl:DUgallery intitle:"." -site: -site:
ext:cgi inurl:ubb_test
ezBOO "Administrator Panel" -cvs
filetype:cgi inurl:
filetype:cnf -cvs -example
filetype:inc inc intext:setcookie
filetype:php inurl:"viewfile" -"" -"idfil
filetype:wsdl wsdl
intitle:"ASP FileMan" Resend -site:
intitle:"Index of /" modified
intitle:"phpremoteview" filetype:php "Name, Size, Type, Modify"
inurl:" " intitle:"wwwadmin"
inurl:"" "Start browsing through this CGI-based proxy"
inurl:"plog/"
inurl:?StoreID
inurl: filetype:cgi
The Master List
"More Info about MetaCart Free"