Google Hacking Database.docx

April 20, 2017 | Author: Professor Watchlist | Category: N/A
Share Embed Donate


Short Description

Download Google Hacking Database.docx...

Description

Google Hacking Database (GHDB) Search the Google Hacking Database or browse GHDB categories

Sensitive Directories Google's collection of web sites sharing sensitive directories. The files contained in here will vary from sesitive to uber-secret!

DATE Title Summary 2003What kinds of things might you find in directories marked private 06-27 "private?" let's find out..... 2003What kinds of goodies lurk in directories marked as secret 06-27 "secret?" Find out...... 2003Backup directories are often very interesting places to Look in my backup directories! Please? 06-24 explore. More than one server has been ... 2004Adding "inurl:ftp (pub | incoming)" to the "index.of" intitle:"index of" inurl:ftp (pub | inco... 12-30 searches helps locati... 2004allinurl:"/*/_vti_pvt/" | allinurl:"... Frontpage extensions for Unix ? So be it..... 12-29 2004These directories reveal the configuration file of the abyss intitle:index.of abyss.conf 12-19 webserver. These files can contain... 2004With ColdFusion, you can build and deploy powerful web intitle:"Index of /CFIDE/" administrator 12-19 applications and web services with far l... 2004Invision Power File Manager is a popular file "Powered by Invision Power File Manager"... 12-19 management script, written in the popular PHP Scr... 2004This search uses desktop.ini to track users with a intitle:"index of" "parent director... 12-05 webserver running on their desktop computers... 2004TotalIndex v2.0 is an open source script that is designed intext:"Powered By: TotalIndex" intitle:... 11-28 to replace the simple, and boring def... 2004This search looks for indexes with the following "intitle:Index.Of /" stats merchant cgi-... 11-07 subdirectories: stats, merchant, online-store ... 2004This dork indicates the "Local settings" dir in most cases, intitle:"index of" intext:"content.... 10-31 and browseble server dire... 2004Yes! I probably have should have told you guys earlier, intitle:"index of" -inurl:htm -inurl:htm... 10-20 but this is how ive been getting 100% ... 2004The DCIM directory is the default name for a few brands index.of.dcim 10-25 of digital camers. This is not a big ne... 2004The Google Hackers Guide explains how to find Apache intitle:"Directory Listing For" intext:T... 10-19 directory indexes, which are the most comm... 2004Webadmin.php is a free simple Web-based file manager. intitle:"webadmin - /*" filetype:php dir... 09-24 This search finds sites that use this sof... 2004- intitle:index.of (inurl:fileadmin | TYPO3 is a free Open Source content management

09-21 intitle:filead... 2004intitle:"Index of *" inurl:"my shar... 09-10 2004intitle:index.of /AlbumArt_ 08-26 200408-05 200407-20 200407-16 200410-31 200407-12 200406-14 200406-02 200406-01 200405-13 200405-11 200405-04 200404-28 200404-28 200404-28 200404-23 200404-19 200403-29 200402-10 200308-12 200403-16 200306-27 2003-

intext:"d.aspx?id" || inurl:"d.aspx... "index of" / picasa.ini index.of.password inurl:explorer.cfm inurl:(dirpath| This_Directory)

system for enterprise purposes on the web and in... These are index pages of "My Shared Folder". Sometimes they contain juicy stuff like ... Directories containing commercial music.AlbumArt_{.*}.jpg are download/create by MSWindows Med... "The YouSendIt team was formed to tackle a common problem: secure transmission of large do... Picasa is an 'Automated Digital Photo Organizer' recently aquired by Google. This search allows... These directories are named "password." I wonder what you might find in here. Warning... Filemanager without authentication....

phpMyAdmin is a tool written in PHP intended to handle the administration of MySQL over the Web... filetype:cfg ks intext:rootpw -sample -test Anaconda is a linux configuration tool like yast on suse -howto linux. The root password is often encr... Gallery (http://gallery.menalto.com) is software that intitle:"album permissions" "Users ... allows users to create webalbums and uplo... Many of these directories contain information about the "Index Of /network" "last modified&... network, though an attacker would need ... According to whatis.com: "An intranet is a private intitle:intranet inurl:intranet +intext:"huma... network that is contained within an ent... Many times, this search will reveal temporary files and inurl:/tmp directories on the web server. The info... This is the default name of the Windows recycle bin. The "index of" inurl:recycler files in this directory may contain se... This is the default installation location of Oracle manuals. inurl:/pls/sample/admin_/help/ This helps in footprinting a serve... This directory contains sample Oracle JSP scripts which inurl:ojspdemos are installed on the server. These prog... This directory contains sample JSP scripts which are inurl:j2ee/examples/jsp installed on the server. These programs ma... CGI directories contain scripts which can often be "index of cgi-bin" exploited by attackers. Regardless of the vu... This is the top level directory of ColdFusion, a powerful intitle:"Index of" cfide web development environment. This dir... This directory has various personal documents and intitle:"index.of.personal" pictures.... These pages indicate that they are sharing the intitle:"Index of c:\Windows" C:\WINDOWS directory, which is the system folder... phpMyAdmin is a widly spread webfrontend used to "Welcome to phpMyAdmin" " Create ne... mantain sql databases. The default security me... This query reveals backup directories. These directories inurl:backup intitle:index.of inurl:admin can contain various information rangin... These directories are named "password." I wonder what index.of.password you might find in here. Warning... protected What could be in a directory marked as "protected?" Let's Index of phpMyAdmin

06-27 200306-27 200306-27 201505-27 201505-26 201504-23 201504-03 201504-03 201502-27 201502-19 201502-11 201501-06 201402-05 201311-25 201309-24 201308-08 201308-08 201308-08 201304-09 201304-09 201211-02 201111-19 201011-10 201011-10 201011-10

secure winnt inurl:wp-admin/ intext:css/ intitle:"Index of ftp"

find out...... What could be hiding in directories marked as "secure?" let's find out...... The \WINNT directory is the directory that Windows NT is installed into by default. Now just be... The dork finds misconfigured WordPress sites. Author:NickiK. ... This dork finds open ftps. This is a base dork, where you can add intext:"ssh/" for ...

intitle:index.of.dropbox

Sensitive Directories Ariel Anonis - @ariel_anonis ...

intitle:index.of.accounts

Dork for directory with accounts. By Rootkit. ...

intitle:index.of +"Indexed by Apache::Gallery...

Google dork for finding Private pics ;) :D #13lacKDemOn ... Relates to https://wordpress.org/plugins/wp-backitup/ Sensitive data/site rips/db rips in pu...

inurl:/wp-content/wpbackitup_backups "Config" intitle:"Index of" in...

Directory with keys of vpn servers. By Rootkit. ...

"jos_users" intitle:"Index of"

"jos_users" intitle:"Index of" Files of configuration of user Joomla serve...

inurl:/cgi-bin/.cgi

Finds open index of /cgi-bin. ...

allinurl:/hide_my_wp= intitle:"index of" intext:".ds_stor... intitle:"index of" myshare inurl:8080 intitle:"Dashboard [Jenkins]" intitle:index.of intext:.bash_history intext:xampp-dav-unsecure: $apr1$6O9scpDQ$JGw2Tjz0j... "index of" inurl:sym "index of" inurl:root intitle:symlink inurl:ckfinder intext:"ckfinder.html" in...

i just found a google dork that is file/path disclosure of Hide My WP plugin Google dork -... Mac OSX directories -- -[Voluntas Vincit Omnia]website http://www.erisresearch.org/ Go... Google search for shared HDD directories or shared directories on servers. Gives access to oft... #Summary: Acces to Jenkins Dashboard #Author: g00gl3 5c0u7 ... the GHDB on subject (intitle:index.of intext:.bash_history) finds all home users directory pat... # Exploit Title: google dork for apache directory listing by url edit # Google Dork: intext:xa... Google Dork: "index of" inurl:sym You can Steal the symlinks of other Servers A... Google Dork: index of" inurl:root intitle:symlink Steal Others Symlink Author: Un0wn... Dork: inurl:ckfinder intext:"ckfinder.html" intitle:"Index of /ckfinder" ...

inurl:/xampp

this dork looks for servers with xampp installed...

allintext:"WebServerX Server at"

Quick and dirty WebserverX HTTP server google dork ...

intitle:index.of ios -site:cisco.com

Google search for Cisco IOS images Author: fdisk...

intitle:index.of cisco asa -site:cisco.com

Google search for Pix/Asa images Author: fdisk...

200607-14 200602-28 200601-16 200512-01 200511-28 200511-11 200509-26 200509-26 200509-13 200507-21 200505-02 200503-26 200502-17 200501-16 200501-09 200501-07 200501-05 200501-01 201611-29 201611-29 201610-04 201608-08 201607-27 201606-06 2016-

These directories can give information about a web servers configuration. This should never be ... allintitle:"FirstClass Login" this is for firstclass directory allintitle:"FirstClass Login" listingsgo to http://[... Excelent information for foot holds. Everything from OS, inurl:install.pl intext:"Reading path paramat... to forum software, etc. Other exploits... "Warning: Installation directory exists by this dork you can find fresh installations of Zenat&qu... Cartsee Full Disclosure forums fore detail... intitle:index.of.config

"Welcome to the directory listing of" &q...

this is for NetworkActiv-Web-Server directory listing...

log inurl:linklint filetype:txt -"checking&qu...

Linklint is an Open Source Perl program that checks links on web sites. This search finds the L...

"Directory Listing for" "Hosted by ...

directory listing for Xerver web server...

intitle:"Folder Listing" "Folder Li...

directory listing for Fastream NETFile Web Server...

intitle:"Backup-Management (phpMyBackup phpMyBackup is an mySQL backup tool, with features v.0.4... like copying backups to a different server u... This search reveals the photo albums taken by Sprint PCS intitle:"pictures thumbnails" site:pictu... customers. Pictures taken with Sprint'... Finds java powered web servers which have indexing intitle:index.of WEB-INF enabled on their config directory... intitle:index.of /maildir/new/ filetype:ini Desktop.ini intext:mydocs.dll filetype:torrent torrent "Index of" rar r01 nfo Modified 2004

search gives you a mailbox dir. Contains a lot of mails.... This dork finds any webshared windows folder inside my docs. You can change the end bit "i... Torrent files .. don't expect to find spectacular stuff with this kind of string, this just to ... New Warez Directory Lists...

This will ask google to search for a php script used to manage files on a server. The script &q... "The HttpFileServer is a Java based mechanism for intitle:"HFS /" +"HttpFileServer&qu... providing web access to a set of files o... intitle:upload inurl:upload intext:upload The search reveals server upload portals.An attacker can -forum -... use server space for his own benefit.... Hostinger © 2016. All rights reserved Google Dork: Hostinger © 2016. All rights reserved inurl:defaul... inurl:default.php Hostinger web hosting c... Dork: inurl:".esy.es/default.php" You can add “Here is a inurl:".esy.es/default.php" list of files in your pub... name =find liferay file page Google dork Description: index:"html/js/editor/fckeditor/editor/filema... index:"html/js/editor/fckeditor/ed... inurl:/FCKeditor/editor/filemanager/upload/ Let's you go inurl:/FCKeditor/editor/filemanager/upload/ through unprotected files in the FC... inurl:pictures intitle:index.of Loads of personal pictures inurl:pictures intitle:index.of and what not Sent from trump t... One man's trash is another man's treasure. inurl:trash inurl:trash intitle:index.of intitle:index.of Decoy ... inurl:.ssh intitle:index.of authorized_keys SSH Keys inurl:.ssh intitle:index.of authorized_keys "Web File Browser" "Use regular exp...

06-06 2016inurl:/sites/default/files/webform/ 05-10 2016intitle:Index of /__MACOSX ... 04-21 2016(intext:"index of /.git") ("parent ... 03-22 2016inurl:safm.asp ext:asp 03-07 201601-06 201512-21 201511-13 201511-11 201511-11 201511-02 201510-30 201510-22 201510-22 201510-20 201510-19 201510-19 201510-19 201510-16 201510-16 201510-16 201509-17 201509-10 201509-07 2015-

intitle: Index of /awstats/data inurl:/server/webapps intitle:index.of.mail

Decoy ... Description: Drupal default web-forms' storage path, usually a lot of files there contains juic... MAC OS X. Parent Directory Wordpress information. -Xploit ... This dork will find git repository's which may have sensitive information. (intext:"ind... inurl:safm.asp ext:asp http://atawho.blogspot.com.tr/2016/03/simple-aspfilemanager.html ... Awstats Log file's directory can reveal file/directory location These logs file may also revea... Google Search: inurl:/server/webapps Submission Date: 12/19/2015 Description: Apache Tomcat... Dork with juicy info. Enjoy xD. Dork by Rootkit Pentester. ...

inurl:pipermail intitle:index.of parent

Pipermail Archives Decoy ...

inurl:"wp-content/uploads/private"

Directories with juicy data. Dork by Rootkit Pentester. ...

intitle:index.of inurl:grades site:edu

Directories containing grades. Decoy ...

intitle:index.of parent inurl:repos "Desktop" parent intitle:index.of "My Documents" "parent" intitl... "sql" "parent" intitle:index.o... inurl:/aspnet_client/system_web/

http://www.google.com/search?q=intitle:index.of parent inurl:repos Shared repositories. Very... http://www.google.com/search?q="Desktop" parent intitle:index.of Desktops shared o... http://www.google.com/search?q="My Documents" "parent" intitle:index.of ... Directories containing SQL Installs and/or SQL databases... Decoy ... Google dork Description: Juice Directory "ASP" Google search: inurl:/aspnet_client/s...

inurl:.DS_Store intitle:index.of

Directories with DS_Store files. By Rootkit Pentester. ...

inurl:.listing intitle:index.of

Directories with .listing files. By Rootkit Pentester. ...

inurl:users intitle:index.of private parent intitle:index.of mail spool intitle:index.of inurl:"default.php" intext:"website... intitle:"Index.of" "attachments&quo... intitle:"Index of" "WhatsApp Databa... inurl:"/cms/app/webroot"

http://www.google.com/search?q=inurl:users intitle:index.of User folders containing interest... http://www.google.com/search?q=private parent intitle:index.of Dork for all sorts of juicy s... Dork for mail spools. Decoy ... Dork= inurl:"default.php" intext:"website" "has been successfully inst... Directories with interesting info. Have Fun Responsible. Dork by Rootkit Pentester. ... this dork find db.crypt/.db files of whatsapp conversations you can open them with https://co... inurl:"/cms/app/webroot" Author:ShockvaWe (mrnoone)

09-01 201508-24 201508-19 201508-10 201507-09 201506-30 201506-17 201506-17 201506-10 201506-04

intitle:"Index of" "WhatsApp Images... intitle:"Index of" "DCIM" intext:index of sym intitle:index.of.pubs

özüm ... WhatsApp Images folder, usually from backups. --pmbento ... A lot of Camera Photos Dump. Have Fun!. Rootkit. ... Dork: intext:index of sym Most of hacker use auto server symlink script and grab all the con... Exploit title: intitle:index.of.pubs Description: intitle:index.of.pubs Sensitive Directories...

intitle:"Index of" "wwwroot"

Directory of wwwroot Dork. Enjoy xD. By Rootkit. ...

intitle:"index of" inurl:"no-ip.com...

# Exploit Title: intitle:"index of" inurl:"no-ip.com" # Google Dork: intit...

intitle:"Index Of" intext:"iCloud P...

From: Creep Mode Baby ...

inurl:private_files

Directory private files xD. By Rootkit. ...

intitle:"index of" "onetoc2" &...

# Exploit Title: intitle:"index of" "onetoc2" "one" # Google Dor...

https://www.exploit-db.com/google-hacking-database/3/?pg=1

Table of Contents: Footholds Files containing usernames Sensitive Directories Web Server Detection Vulnerable Files Vulnerable Servers Error Messages Files containing juicy info Files containing passwords Sensitive Online Shopping Info Network or vulnerability data Pages containing login portals Various Online Devices credit http://www.exploit-db.com/google-dorks/ 2014-04intitle:”Zimbra Web Client Sign In” 21

Pages containing login portals

2014-04intitle:”Zimbra Web Client Log In” 21

Pages containing login portals

2014-04inurl:typo3/install/index.php?mode= 07

Pages containing login portals

2014-04inurl:typo3conf/localconf.php 07

Files containing passwords

2014-03inurl:/backup intitle:index of backup intext:*sql Files containing passwords 31 2014-03inurl:”Citrix/XenApp/auth/login.aspx” 31

Pages containing login portals

2014-03filetype:pdf “acunetix website audit” &q… 31

Files containing juicy info

2014-03- inurl:crossdomain filetype:xml intext:allow27 access…

Files containing juicy info

2014-03- inurl:clientaccesspolicy filetype:xml 27 intext:allow…

Files containing juicy info

2014-02intitle:Admin inurl:login.php site:.co.in 28

Pages containing login portals

2014intitle:”WSO 2.4″ [ Sec. Info ], [ Files… 01-03

dork to find uploaded WSO 2.4 shell by hackers. found Anon?M ID …

2014intitle:”=[ 1n73ct10n privat shell ]=” 01-03

the dork is used to find uploaded 1n73ct10n Shell on website. found by Anon?M ID …

2013- filetype:php intext:”!C99Shell v. 1.0 11-25 beta&qu…

php backdoor: c99 shell — -[Voluntas Vincit Omnia]website http://www.erisresearch.org/…

2013intitle:”uploader by ghost-dz” ext:php 11-25

intitle:”uploader by ghost-dz” ext:php…

2013inurl:1337w0rm.php intitle:1337w0rm 08-08

Finds websites that have 1337w0rm’s CPanel cracker uploaded. Since the Cracker is relatively n…

2012inurl:”r00t.php” 11-02

This dork finds websites that were hacked, backdoored contains their system information e…

2012intitle:C0ded By web.sniper 11-02

User & Domain || Symlink Using this dork you can find t User and the Domains of the Serv…

2012intitle:Priv8 SCR 11-02

I am Un0wn_X Symlink User configs intitle:Priv8 SCR …

2011- inurl:”amfphp/browser/servicebrowser.swf AMFPHP service browser, debug interface. Author: sydd 09-26 ”… 2011allintext:”fs-admin.php” 01-09

A foothold using allintext:”fs-admin.php” shows the wo readable directories of a…

2006sHOUTcast is a free-of-charge audio homesteading solu (intitle:”SHOUTcast Administrator”)|(int… 05-03 It permits anyone on the internet to… 2006(intitle:”WordPress â€Å 03-15

Alter setup configuration files.add ?step=1…

2006“index of /” ( upload.cfm | upload.asp |… 03-06

searches for scripts that let you upload files which you then execute on the server….

2006- “Please re-enter your password It must 02-08 match …

Invision Powerboard registration pages. Plain and simpl

2006inurl:”tmtrack.dll?” 01-04

This query shows installations of Serena Teamtrack. (www.serena.com).You may be able to adjust …

2005inurl:polly/CP 10-06

You can get into admin panel without logging….

2005intitle:”net2ftp” “powered by net2f… 09-25

net2ftp is a web-based FTP client written in PHP. Lets explain this in detail. Web-based means …

2005intitle:MyShell 1.1.0 build 20010923 08-15

Basicly MyShell is a php program that allows you to exe commands remotely on whichever serv…

2005- intitle:”YALA: Yet Another LDAP 05-02 Administrator…

YALA is a web-based LDAP administration GUI. The idea to simplify the directory administrati…

2005- intitle:”ERROR: The requested URL could 04-27 not b…

squid error messages, most likely from reverse proxy servers….

2004- inurl:”phpOracleAdmin/php” 12-19 -download -cv…

phpOracleAdmin is intended to be a webbased Oracle Object Manager.In many points alike phpMyAdm…

2004- PHPKonsole PHPShell filetype:php PHPKonsole is just a little telnet like shell wich allows you to ru 11-28 -echo commands on the webserver…. 2004- filetype:php HAXPLORER “Server 11-28 Files Browser&…

Haxplorer is a webbased filemanager which enables the user t browse files on the webserver. Yo…

2004- inurl:ConnectComputer/precheck.h Windows Small Business Server 2003: The network configurati 11-06 tm | inurl:Remote/… page is called “ConnectCompu… 2004- (inurl:81/cgi-bin/.cobalt/) | 10-22 (intext:”Welco…

The famous Sun linux appliance. The default page displays thi text:”Congratulations on Ch…

2004- intitle:”Web Data Administrator – 10-09 Login”

The Web Data Administrator is a utility program implemented ASP.NET that enables you to easi…

2004- “adding new user” 07-20 inurl:addnewuser -&quo…

Allows an attacker to create an account on a server running Argosoft mail server pro for window…

2004PHP Shell (unprotected) 07-12

PHP Shell is a shell wrapped in a PHP script. It’s a tool you can to execute arbiritary she…

2004Public PHP FileManagers 07-12

PHPFM is an open source file manager written in PHP. It is easy set up for a beginner, but s…

2004- +htpasswd +WS_FTP.LOG 05-20 filetype:log

WS_FTP.LOG can be used in many ways to find more informatio about a server. This query is very…

2003intitle:admin intitle:login 09-09

Admin Login pages. Now, the existance of this page does not necessarily mean a server is vulner…

2013- intext:”root:x:0:0:root:/root:/bin/bash Author: ./tic0 | Izzudin al-Qassam Cyber Fighter … 04-22 ”… 2013inurl:”/root/etc/passwd” intext:”ho… inurl:”/root/etc/passwd” intext:”home/*:” … 04-22 2006- site:extremetracking.com 07-31 inurl:”login=”

The search reveals usernames (right in the URL in green) an links to the sites that are signed…

2005- intext:”SteamUserPassphrase=” 06-05 intext:&qu…

This will search for usernames and passwords for steam (www.steampowered.com) taken from the St…

2004OWA Public folders & Address book 06-19

This search jumps right to the main page of Outlook Web Ac Public Folders and the Exchange …

2004- filetype:conf inurl:proftpd.conf 05-20 -sample

A standard FTP configuration file that provides far too many details about how the server is se…

2004filetype:log username putty 05-13

These log files record info about the SSH client PUTTY. These files contain usernames, site nam…

2004- filetype:reg reg +intext:”internet 05-12 account ma…

This google search reveals users names, pop3 passwords, e addresses, servers connected to a…

2004- filetype:reg reg 05-11 HKEY_CURRENT_USER username

This search finds registry files from the Windows Operating system. Considered the “soul&q…

2004The webalizer program displays various information but this +intext:”webalizer” +intext:”Total … 05-03 query displays usernames that have … 2004- inurl:php inurl:hlstats intext:”Server 04-28 Userna…

This page shows the halflife stat script and reveals the username to the system. Table structur…

2004index.of perform.ini 04-13

This file contains information about the mIRC client and may include channel and user names….

2004“index of” / lck 04-13

These lock files often contain usernames of the user that ha locked the file. Username harvest…

2004This search reveals userlists of administrative importance. inurl:admin filetype:asp inurl:userlist 03-16 Userlists found using this method c… 2004inurl:admin inurl:userlist 03-16

This search reveals userlists of administrative importance. Userlists found using this method c…

2003sh_history files 06-24

Ok, this file contains what a user typed at a shell command prompt. You shouldn’t advertise thi…

2003bash_history files 06-24

Ok, this file contains what a user typed at a shell command prompt. You shouldn’t advertise thi…

2014allinurl:/hide_my_wp= 02-05

i just found a google dork that is file/path disclosure of Hide WP plugin Google dork -…

2013intitle:”index of” intext:”.ds_stor… 11-25

Mac OSX directories — -[Voluntas Vincit Omnia]- website http://www.erisresearch.org/ Go…

2013intitle:”index of” myshare 09-24

Google search for shared HDD directories or shared directori on servers. Gives access to oft…

2013- inurl:8080 intitle:”Dashboard 08-08 [Jenkins]”

#Summary: Acces to Jenkins Dashboard #Author: g00gl3 5c …

2013intitle:index.of intext:.bash_history 08-08

the GHDB on subject (intitle:index.of intext:.bash_history) fin all home users directory pat…

2013- intext:xampp-dav-unsecure: 08-08 $apr1$6O9scpDQ$JGw2Tjz0j…

# Exploit Title: google dork for apache directory listing by ur # Google Dork: intext:xa…

2013“index of” inurl:sym 04-09

Google Dork: “index of” inurl:sym You can Steal the symlinks other Servers A…

2013“index of” inurl:root intitle:symlink 04-09

Google Dork: index of” inurl:root intitle:symlink Steal Others Symlink Author: Un0wn…

2012- inurl:ckfinder intext:”ckfinder.html” 11-02 in…

Dork: inurl:ckfinder intext:”ckfinder.html” intitle:”Index of /ckfinder” …

2011inurl:/xampp 11-19

this dork looks for servers with xampp installed…

2010allintext:”WebServerX Server at” 11-10

Quick and dirty WebserverX HTTP server google dork …

2010intitle:index.of ios -site:cisco.com 11-10

Google search for Cisco IOS images Author: fdisk…

2010- intitle:index.of cisco asa 11-10 -site:cisco.com

Google search for Pix/Asa images Author: fdisk…

2006intitle:index.of.config 07-14

These directories can give information about a web servers configuration. This should never be …

2006allintitle:”FirstClass Login” 02-28

allintitle:”FirstClass Login” this is for firstclass directory listin to http://[…

2006- inurl:install.pl intext:”Reading path 01-16 paramat…

Excelent information for foot holds. Everything from OS, to fo software, etc. Other exploits…

2005- “Warning: Installation directory 12-01 exists at&qu…

by this dork you can find fresh installations of Zen-Cartsee Fu Disclosure forums fore detail…

2005- “Welcome to the directory listing of” this is for NetworkActiv-Web-Server directory listing… 11-28 &q… 2005- log inurl:linklint filetype:txt 11-11 -“checking&qu…

Linklint is an Open Source Perl program that checks links on sites. This search finds the L…

2005“Directory Listing for” “Hosted by … directory listing for Xerver web server… 09-26 2005- intitle:”Folder Listing” 09-26 “Folder Li… 2005- intitle:”Backup09-13 Management

directory listing for Fastream NETFile Web Server…

phpMyBackup is an mySQL backup tool, with features like copying backu

(phpMyBackup v.0.4…

to a different server u…

2005- intitle:”pictures This search reveals the photo albums taken by Sprint PCS customers. 07-21 thumbnails” site:pictu… Pictures taken with Sprint’…

2005Finds java powered web servers which have indexing enabled on their co intitle:index.of WEB-INF 05-02 directory… 2005- intitle:index.of 03-26 /maildir/new/

search gives you a mailbox dir. Contains a lot of mails….

2005- filetype:ini Desktop.ini 02-17 intext:mydocs.dll

This dork finds any webshared windows folder inside my docs. You can change the end bit “i…

2005filetype:torrent torrent 01-16

Torrent files .. don’t expect to find spectacular stuff with this kind of strin this just to …

2005- “Index of” rar r01 nfo 01-09 Modified 2004

New Warez Directory Lists…

2005- “Web File Browser” “Use This will ask google to search for a php script used to manage files on a 01-07 regular exp… server. The script &q… 2005- intitle:”HFS /” 01-05 +”HttpFileServer&qu…

“The HttpFileServer is a Java based mechanism for providing web access set of files o…

intitle:upload 2005The search reveals server upload portals.An attacker can use server spa inurl:upload 01-01 for his own benefit…. intext:upload -forum -…

2004- intitle:”index of” inurl:ftp Adding “inurl:ftp (pub | incoming)” to the “index.of” searches helps loca 12-30 (pub | inco… 2004- allinurl:”/*/_vti_pvt/” | 12-29 allinurl:”…

Frontpage extensions for Unix ? So be it…..

2004- intitle:index.of 12-19 abyss.conf

These directories reveal the configuration file of the abyss webserver. Th files can contain…

2004- intitle:”Index of /CFIDE/” With ColdFusion, you can build and deploy powerful web applications an 12-19 administrator web services with far l… 2004- “Powered by Invision 12-19 Power File Manager”…

Invision Power File Manager is a popular file management script, written the popular PHP Scr…

2004- intitle:”index of” “parent This search uses desktop.ini to track users with a webserver running on 12-05 director… desktop computers… 2004- intext:”Powered By: 11-28 TotalIndex” intitle:…

TotalIndex v2.0 is an open source script that is designed to replace the simple, and boring def…

2004- “intitle:Index.Of /” stats This search looks for indexes with the following subdirectories: stats, 11-07 merchant cgi-… merchant, online-store … 2004- intitle:”index of” 10-31 intext:”content….

This dork indicates the “Local settings” dir in most cases, and browseble server dire…

2004- intitle:”index of” -inurl:htm 10-20 -inurl:htm…

Yes! I probably have should have told you guys earlier, but this is ho ive been getting 100% …

2004index.of.dcim 10-25

The DCIM directory is the default name for a few brands of digital camers. This is not a big ne…

2004- intitle:”Directory Listing For” The Google Hackers Guide explains how to find Apache directory 10-19 intext:T… indexes, which are the most comm… 2004- intitle:”webadmin – /*” 09-24 filetype:php dir…

Webadmin.php is a free simple Web-based file manager. This search finds sites that use this sof…

intitle:index.of 2004(inurl:fileadmin | 09-21 intitle:filead…

TYPO3 is a free Open Source content management system for enter purposes on the web and in…

2004- intitle:”Index of *” inurl:”my These are index pages of “My Shared Folder”. Sometimes they conta 09-10 shar… juicy stuff like … 2004intitle:index.of /AlbumArt_ 08-26

Directories containing commercial music.AlbumArt_{.*}.jpg are download/create by MS-Windows Med…

2004- intext:”d.aspx?id” || 08-05 inurl:”d.aspx…

“The YouSendIt team was formed to tackle a common problem: secu transmission of large do…

2004“index of” / picasa.ini 07-20

Picasa is an ‘Automated Digital Photo Organizer’ recently aquired by Google. This search allows…

2004index.of.password 07-16

These directories are named “password.” I wonder what you might fi in here. Warning…

2004- inurl:explorer.cfm inurl: 10-31 (dirpath|This_Directory)

Filemanager without authentication….

2004Index of phpMyAdmin 07-12

phpMyAdmin is a tool written in PHP intended to handle the administration of MySQL over the Web…

2004- filetype:cfg ks intext:rootpw Anaconda is a linux configuration tool like yast on suse linux. The ro 06-14 -sample -test -howto password is often encr… 2004- intitle:”album permissions” 06-02 “Users …

Gallery (http://gallery.menalto.com) is software that allows users to create webalbums and uplo…

2004- “Index Of /network” “last 06-01 modified&…

Many of these directories contain information about the network, th an attacker would need …

2004- intitle:intranet inurl:intranet According to whatis.com: “An intranet is a private network that is 05-13 +intext:”huma… contained within an ent… 2004inurl:/tmp 05-11

Many times, this search will reveal temporary files and directories on web server. The info…

2004“index of” inurl:recycler 05-04

This is the default name of the Windows recycle bin. The files in this directory may contain se…

2004- inurl:/pls/sample/admin_/hel This is the default installation location of Oracle manuals. This helps 04-28 p/ footprinting a serve… 2004- inurl:ojspdemos

This directory contains sample Oracle JSP scripts which are installed

04-28

the server. These prog…

2004inurl:j2ee/examples/jsp 04-28

This directory contains sample JSP scripts which are installed on the ser These programs ma…

2004“index of cgi-bin” 04-23

CGI directories contain scripts which can often be exploited by attackers Regardless of the vu…

2004intitle:”Index of” cfide 04-19

This is the top level directory of ColdFusion, a powerful web developmen environment. This dir…

2004intitle:”index.of.personal” This directory has various personal documents and pictures…. 03-29 2004- intitle:”Index of 02-10 c:\Windows”

These pages indicate that they are sharing the C:\WINDOWS directory, which is the system folder…

“Welcome to 2003phpMyAdmin” ” Create 08-12 ne…

phpMyAdmin is a widly spread webfrontend used to mantain sql databa The default security me…

inurl:backup 2004intitle:index.of 03-16 inurl:admin

This query reveals backup directories. These directories can contain var information rangin…

2003index.of.password 06-27

These directories are named “password.” I wonder what you might find here. Warning…

2003protected 06-27

What could be in a directory marked as “protected?” Let’s find out……

2003secure 06-27

What could be hiding in directories marked as “secure?” let’s find out…

2003winnt 06-27

The \WINNT directory is the directory that Windows NT is installed into b default. Now just be…

2003private 06-27

What kinds of things might you find in directories marked “private?” let find out…..

2003secret 06-27

What kinds of goodies lurk in directories marked as “secret?” Find out…

2003- Look in my backup 06-24 directories! Please?

Backup directories are often very interesting places to explore. More tha one server has been …

2006- intitle:”BadBlue: the fileBadblue file sharing web server detection… 05-23 sharing web server… 2006- intext:”Target Multicast 05-03 Group” “be…

“… Multicast Beacon is a multicast diagnostic tool written in Perl which u the RTP pr…

2006- intitle:”Apache Status” 05-03 “Apache Ser…

New Apache Server Status Dork…

2006- inurl:wl.exe inurl:?SS1= 02-08 intext:”Operating sy…

List server apparently keeps track of many clients, not just Domains and hardware, but Operatin…

2005- inurl:nnls_brand.html OR Novell Nterprise Linux Services detection dork. Some of the features are

11-16 inurl:nnls_nav.html

iFolder* Samba* NetS…

2005- (intitle:”502 Proxy 05-30 Error”)|(intitle:&qu…

A reverse proxy is a gateway for servers, and enables one web server to provide content from an…

2005- intitle:”Welcome to 05-20 602LAN SUITE *”

The 602LAN SUITE runs on a webserver called WEB602/1.04 and include webmail….

2005- intitle:”Document title 05-02 goes here” intit…

IBM Http Server (AS/400)…

intitle:”Welcome To Your 2005This is the default page for the WebSTAR (Macintosh) web server (Heade WebSTAR Home 05-02 say –> Server: Web… Page&qu…

2005- intitle:”Welcome to the Webserver detection: The Advanced Extranet Server project aims to cre 04-27 Advanced Extranet Ser… an extensible open sou…

intitle:”Welcome to 2005Another way to find Small Business Server 2003, for more results check Windows Small Business 04-16 dork by JimmyNeutron… Se… 2005thttpd webserver 03-29

thttpd is is a webserver written in C and should compile and run on mos unix-like systems. As …

2005- intitle:”IPC@CHIP 03-29 Infopage”

web server detection for IPC@chip embedded webserverThe dork uses t webserver’s infopage whic…

2005yaws.*.server.at 03-31

YAWS (http://yaws.hyber.org), Yet Another Web Server, is a HTTP high perfomance 1.1 webserver. …

2005- intitle:”Test Page for the Apache 2.0 on Fedore Core Test page… 03-20 Apache HTTP Server…

2005- Powered.by.RaidenHTTPD RaidenHTTPD ( http://www.raidenhttpd.com/en ) is a full featured web se 03-18 intitle:index.of software for Window… 2005- (inurl:81-cobalt | 03-05 inurl:cgi-bin/.cobalt)

Cobal RaQ internal pages…

2005- intitle:”welcome to mono XSD is the demo webserver for the Mono project and allows the executio 02-15 xsp” ASP.NET on Unix… 2005- inurl:oraweb 01-27 -site:oraweb.org

Oracle administrators tend to naming their servers ora* – maybe becau they forget the name of…

2005- “Netware * Home” 01-26 inurl:nav.html

Rather than submitting various searches for all kinds of NetWare related pages, Novell NetWare’…

2005- XAMPP 01-21 “inurl:xampp/index”

XAMPP is an easy to install Apache distribution containing MySQL, PHP an Perl. XAMPP is really…

2004inurl:2506/jana-admin 12-13

The JanaServer 2 is amongst other things a proxy server, that makes it possible for LAN members…

2004- allintext:”Powered by 12-13 LionMax Software” …

WWW File Share Pro is a small HTTP server that can help you share files w your friends. They…

2004- intitle:”Resin Default

Resin provides a fast standalone web server. This search locates those

11-30 Home Page”

servers based on the tit…

2004- intitle:”Welcome To 11-28 Xitami” -site:xitami…

Default Xitami installationAdditionally every default installation of Xitami webserver has a te…

2004- intitle:”Welcome to Your This finds the default Apache page on Debian installs…. 11-13 New Home Page!”…

2004- “About Mac OS Personal Mac OS Personal Web Sharing allows Mac OS users to share Folders over 11-07 Web Sharing” Web.If you open this … 2004- “Switch to table format” This is an index page of OReilly WebSite Professional.WebsitePro was 11-07 inurl:table|pla… developed by O’reily and d… 2004- intitle:”Object not 10-12 found!” intext:”…

This one detects apache werbservers (2.0.X/SuSE) with its error page….

2004- intitle:”Open WebMail” 10-12 “Open WebMai…

“Open WebMail is a webmail system based on the Neomail version 1.14 f Ernie Miller. Ope…

2004- intitle:”error 404″ “From WebLogic Server Process Edition extends the functionality of the Applicat 10-12 RFC 2068 … Server by convergi… 2004- intitle:”Directory Listing, Vendor page:”Einfache HTTP-Server-Software für privates 10-12 Index of /*/”… Homepage-Hosting …

2004- intitle:”Lotus Domino Go Domino Go Webserver is a scalable high-performance Web server that ru 10-12 Webserver:” &qu… on a broad range of pla… 2004- intitle:”Object not 10-09 found” netware “…

This search will show netware apache webservers as the result….

intitle:AnswerBook2 2004inurl:ab2/ (inurl:8888 | 09-26 inurl…

First of all this search indicates solaris machines and second the webserv is vulnerable to …

2004- intext:”404 Object Not 08-16 Found” Microsoft-…

This search finds IIS 5.0 error pages = IIS 5.0 Server…

2004- intitle:”Shoutcast 07-29 Administrator”

shoutcast is software for streaming mp3 and such. This search finds the administrator page. It …

2004- “powered by” 07-29 “shoutstats” hour…

shoutstats is a fast, free Shoutcast server statistic analysis program. It produces instant and…

“Novell, Inc” 2004WEBACCESS Username This may be used to find Novell Grouwise Webaccess servers…. 07-26 Passwor… 2004- “httpd+ssl/kttd” * 07-19 server at intitle:ind…

The version of a particular web server can be detected with a simple que like this one. Altho…

2004- fitweb-wwws * server at The version of a particular web server can be detected with a simple que 07-19 intitle:index.of like this one. Altho…

2004- sEDWebserver * server The version of a particular web server can be detected with a simple que 07-19 +at intitle:index.of like this one. Altho… 2004- “Red Hat Secure/3.0

The version of a particular web server can be detected with a simple que

07-19 server at”

like this one. Altho…

2004“Red Hat Secure/2.0” 07-19

The version of a particular web server can be detected with a simple que like this one. Altho…

2004- “OpenSA/1.0.4” 07-19 intitle:index.of

The version of a particular web server can be detected with a simple que like this one. Altho…

2004- “OmniHTTPd/2.10” 07-19 intitle:index.of

The version of a particular web server can be detected with a simple que like this one. Altho…

2004- “Microsoft-IIS/6.0” 07-19 intitle:index.of

The version of a particular web server can be detected with a simple que like this one. Altho…

2004- “Microsoft-IIS/5.0 server The version of a particular web server can be detected with a simple que 07-19 at” like this one. Altho… 2004- “Microsoft-IIS/4.0” 07-19 intitle:index.of

The version of a particular web server can be detected with a simple que like this one. Altho…

2004- “Microsoft-IIS/* server 07-19 at” intitle:inde…

The version of a particular web server can be detected with a simple que like this one. Altho…

2004- “MaXX/3.1” 07-19 intitle:index.of

The version of a particular web server can be detected with a simple que like this one. Altho…

2004- “JRun Web Server” 07-19 intitle:index.of

The version of a particular web server can be detected with a simple que like this one. Altho…

2004- “CERN httpd 3.0B (VAX The version of a particular web server can be detected with a simple que 07-19 VMS)” like this one. Altho… 2004- “AnWeb/1.42h” 07-19 intitle:index.of

The version of a particular web server can be detected with a simple que like this one. Altho…

2004- Red Hat Unix 07-12 Administration

Red Hat UNIX Administration Pages. This search detects the fixed title for admin pages on c…

2004Environment vars 07-02

This is a generic way of grabbing those CGI-spewed environmental var lis To narrow to things…

2004- allinurl:”.nsconfig” 06-18 -sample -howto -tut…

Access to a Web server’s content, CGI scripts, and configuration files is controlled by entries…

2004inurl:domcfg.nsf 05-17

This will return a listing of servers running Lotus Domino. These servers b default have very…

2004- intitle:”300 multiple 05-13 choices”

This search shows sites that have the 300 error code, but also reveal a s tag at the botto…

2004- intitle:Snap.Server 04-23 inurl:Func=

This page reveals the existance of a SNAP server (Netowrk attached serv NAS devices) Depen…

2004- intitle:”Test Page for 04-20 Apache”

This is the default web page for Apache 1.2.6 – 1.3.9. Hackers can use th information to dete…

2004- allintitle:Netscape This finds default installations of Netscape Fasttrack Server. In many case 03-18 FastTrack Server Home default installat…

Page 2004- intitle:”Test Page for 03-04 Apache” “It …

This is the default web page for Apache 1.2.6 – 1.3.9. Hackers can use th information to dete…

2004- intitle:”Test Page for 03-04 Apache” “It …

This is the default web page for Apache 1.2.6 – 1.3.9. Hackers can use th information to dete…

2004- “seeing this instead” 03-04 intitle:”test…

This is the default web page for Apache 1.3.11 – 1.3.26. Hackers can use information to de…

aboutprinter.shtml 2003More Xerox printers on the web! Google found these printers. Should the (More Xerox printers on 08-11 management interface … the web… index_i.shtml Ready 2003(Xerox printers on the 08-11 web!)

These printers are not-only web-enabled, but their management interfac somehow got crawled by …

2003- inurl:tech-support 08-07 inurl:show Cisco

This is a way to find Cisco products with an open web interface. These ar generally supposed t…

2003- OpenBSD running 06-24 Apache

I like the OpenBSD operating system. I really do. And I like the Apache we server software. Ho…

2003IIS 4.0 06-24

Moving from personal, lightweight web servers into more production-read software, we find that…

2003- Windows 2000 Internet At first glance, this search reveals even more examples of operating syst 06-24 Services users enabling the … 2003- Apache online 06-24 documentation

When you install the Apache web server, you get a nice set of online documentation. When you le…

2013- -site:simplemachines.org 09-24 “These are the paths…

Dork: -site:simplemachines.org “These are the paths and URLs to SMF installation&qu…

2011- allinurl:forcedownload.php? 08-25 file=

Didn’t see this anywhere in the GHDB, but its been known for a wh and widely abused by oth…

2011- ionCube Loader Wizard 05-28 information disclosure

inurl:loader-wizard ext:php This dork displays sensitive information Auth0r: MaXe…

2011inurl:/install/install.php intitle:vBulletin * Install System This dork vBulletin Install Page Detection 05-27 displays the untreat… 2006inurl:”simplenews/admin” 09-13

hxxp://evuln.com/vulns/94/summary.html…

2006- inurl:updown.php | 02-28 intext:”Powered by PHP Upl…

this (evil ) script lets you to upload a php shell on target server, in most cases not password…

2005- inurl:guestbook/guestbooklist. A sql vulnerability has been reported in a Techno Dreams asp scrip 12-19 asp “Post Date&… login.asp. http://search.s… 2005intitle:”CJ Link Out V1″ 10-26

A cross site scripting vunerability has been discovered in CJ linkou version 1.x. CJ linkout i…

2005- “powered by mailgust”

MailGust 1.9/2.0 (possibly prior versions) SQL injection / board

09-26

takevorsoftware:site: http://w…

2005“powered by my little forum” 09-26

My Little Forum 1.5 / 1.6beta SQL Injectionsoftware:site: http://www.mylittlehomepage.net/my_li…

2005- intitle:”Control panel” “Control Build, manage and customize your own search engine friendly new 09-25 Pa… article site from scratch –… 2005inurl:cartwiz/store/index.asp 09-25

The CartWIZ eCommerce Shopping Cart System will help you build your online store through an int…

2005- “e107.org 2002/2003” 09-13 inurl:forum_post.ph…

e107 is prone to an input validation vulnerability. This issue is due failure in the appli…

2005- “maxwebportal” 09-13 inurl:”default”…

several vulnerabilities relating to this.MaxWebPortal is a web porta and online community syst…

2005- “Mail-it Now!” intitle:”Contact Mail-it Now! 1.5 (possibly prior versions) contact.php remote code 09-11 for… executionsite: http://www.sk…

2005- “Warning:” “Cannot execute a “Warning: passthru(): Cannot execute a blank command in” “Warn 09-11 blank … system(): Can… 2005“Powered by Xcomic” 09-08

“Powered by xcomic”this is a recent exploit, you can retrieve any fi on target syst…

2005“Powered by FunkBoard” 08-08

FunkBoard V0.66CF (possibly prior versions) cross site scripting, possible database username/pa…

2005- “Powered by FlexPHPNews” 08-07 inurl:news | in…

24/07/2005 2.38.13Flex PHPNews 0.0.4 login bypass/ sql injection, cross site scripting & re…

2005- “Powered By: Simplicity oF 08-07 Upload” inurl…

26/07/2005 16.09.18Simplicity OF Upload 1.3 (possibly prior verso remote code execution &…

2005- inurl:nquser.php 08-07 filetype:php

Netquery 3.1 remote commands execution, cross site scripting, informat disclosure poc exploi…

2005- PHPFreeNews 08-07 inurl:Admin.php

29/07/2005 8.36.03PHPFreeNews Version 1.32 (& previous) sql injection/login bypass, cross s…

2005silvernews 2.0.3 (possibly previous versions ) SQL Injection / Login Bypa “Powered by SilverNews” 08-07 Remote commands e… 2005- “Powered by Gravity 08-07 Board”

4.22 07/08/2005 Gravity Board X v1.1 (possibly prior versions) Remote c execution, SQL Injec…

2005- filetype:mdb “standard 07-26 jet”

These Microsoft Access Database files may contain usernames, passwor simply prompts for su…

2005- intitle:”PHPstat” 06-03 intext:”Browser&q…

Phpstat shows nice statistical informatino about a website’s visitors. Cer versions are als…

2005- intitle:”SSHVnc 05-20 Applet”OR intitle:”…

sSHTerm Applet en SSHVnc Applet pages….

2005- inurl:cgi-bin 04-27 inurl:bigate.cgi

Anonymous surfing with bigate.cgi. Remove http:// when you copy paste it won’t work….

filetype:pl 2004-intext:”/usr/bin/perl” 12-01 inur…

WebCal allows you to create and maintain an interactive events calenda scheduling system on…

2004- filetype:mdb 11-30 inurl:”news/news”

Web Wiz Site News unprotected database holds config and admin information in a microsoft access…

inurl:php.exe 2004filetype:exe 11-28 -example.com

It is possible to read any file remotely on the server with PHP.EXE (assum a script alias fo…

2004- “Powered by Land Down sQL injection vulnerability in Land Down Under 601 could give an attack 11-18 Under 601” administrative access… 2004- ext:asp “powered by DUForum is one of those free forum software packages. The database 11-16 DUForum” inurl:(mess… location is determined by th… 2004- ext:asp inurl:DUgallery 11-16 intitle:”3.0″ -s…

The MS access database can be downloaded from inside the docroot. Th user table holds the admi…

2004- filetype:cgi 11-04 inurl:cachemgr.cgi

cachemgr.cgi is a management interface for the Squid proxy service. It w installed by default…

2004“powered by YellDL” 10-31

Finds websites using YellDL (or also known as YellDownLoad), a downloa tracker written in PHP….

2004- inurl:click.php 10-27 intext:PHPClickLog

A script written in PHP 4 which logs a user’s statistics when they click on link. The log is…

2004- “File Upload Manager 10-27 v1.3” “rename …

thepeak file upload manager let you manage your webtree with up and downloading files….

2004- intitle:”phpremoteview” phpRemoteView is webbased filemanger with a basic shell. With this an 10-26 filetype:php &qu… attacker can browse the s… 2004- intitle:”ASP FileMan” 10-19 Resend -site:iiswo…

FileMan is a corporate web based storage and file management solution intra- and internet. …

2004- ezBOO “Administrator Panel” 10-16 -cvs

ezBOO WebStats is a high level statistical tool for web sites monitoring. It allows real time …

2004- intitle:mywebftp “Please enter 10-14 your password&…

MyWebFTP Free is a free lite version of MyWebFTP Personal – a PH script providing FTP client c…

2004- intitle:”Directory Listing” “tree 10-14 v…

Dirlist is an ASP script that list folders in an explorer style: * Tree Detailed * Tiled …

2004inurl:changepassword.cgi -cvs 10-09

Allows a user to change his/her password for authentication to th system. Script allows for r…

2004- inurl:” WWWADMIN.PL” 10-06 intitle:”wwwad…

wwwadmin.pl is a script that allows a user with a valid username password, to delete files …

2004inurl:cgi.asx?StoreID 10-05

BeyondTV is a web based software product which let you manage your TV station. All you need is …

2004filetype:lit lit (books|ebooks) 09-18

Tired of websearching ? Want something to read ? You can find Ebooks (thousands of them) with t…

2004- PHP-Nuke – create super user 09-13 right now !

PHP-Nuke is a popular web portal thingie. It has popped up in the Google dorks before. I think …

2004Gallery is a popular images package for websites. Unfortunately, Gallery configuration setup files 09-10 so many users, more bugs … 2004- inurl:”nph-proxy.cgi” “Start 09-09 browsi…

Observing the web cracker in the wild, one feels like they are watching a bear. Like a bear sto…

2004- link:http://www.toastforums.co Toast Forums is an ASP message board on the Internet. Toast Foru 09-06 m/ also has all the features of… 2004inurl:”plog/register.php” 09-06

pLog is a popular form of bloggin software. Currently there are estimated about 1450 sites runn…

2004inurl:robpoll.cgi filetype:cgi 08-30

robpoll.cgi is used to administrate polls.The default password use adding polls is ‘robpol…

2004- intitle:”PHP Explorer” ext:php 08-20 (inurl:ph…

This searches for PHP Explorer scripts. This looks like a file manag with some nice extra opt…

2004ext:cgi inurl:ubb6_test 08-13

The UBB trial version contains files that are not safe to keep onlin after going live. The ins…

2004Cookies are often used for authentication and a lot of other stuff. filetype:inc inc intext:setcookie 08-01 “inc” php head… 2004filetype:wsdl wsdl 08-01

The XML headers are called *.wsdl files.they can include data, functions or objects. An attacke…

2004- filetype:cnf my.cnf -cvs 07-21 -example

The MySQL database system uses my.cnf files for configuration. I include a lot of informat…

2004- filetype:php inurl:”viewfile” 06-16 -“ind…

Programmers do strange things sometimes and forget about secu This search is the perfect e…

2004- intitle:”Index of /” modified 06-10 php.exe

PHP installed as a cgi-bin on a Windows Apache server will allow attacker to view arbitrary …

2014Search Oracle Reports likely vulnerable to DB user/password inurl:”/reports/rwservlet” intext:”… 02-05 disclosure (CVE-2012-3152 and CVE… 2013inurl:”struts” filetype:action 11-25

Google search for actoin files wich could be explotable via CVE 2013-2251 “Multiple Remot…

inurl:.php? 2013inurl:.php? intext:CHARACTER_SETS,COLLATIONS, ? intext:CHARACTER_SETS,COLLATIO 08-08 intitle:phpmyadmin view phpMyAdmin of web sit… NS, ?int… 2012inurl:/wp-content/w3tc/dbcache/ 12-31

– Jay Townsend…

2012- intext:SQL syntax & 12-31 inurl:index.php?=id & …

# Exploit Title: SQLI Exploit # Google Dork: intext:SQL syntax inurl:index.php?=id &…

2012More than 100k sites affected It will show asp sites that are intext: intext: intext: intext: intext: 08-21 vulnerable to sql injection (… 2012- intitle:awen+intitle:asp.net

Hi, This google dork exposes any already uploaded asp.net she

05-15

which are available in Bac…

2012- intitle:”-N3t” filetype:php 05-15 undetectable

intitle:”-N3t” filetype:php undetectable Search WebShell index on a page. — …

2011- inurl:.php intitle:- BOFF 1.0 intext:[ This search attempts to find the BOFF 1.0 Shell. Author: alsa7r 12-23 Sec. Info ] 2011- filetype:php inurl:tiki-index.php 11-25 +sirius +1.9.*

Finds servers vulnerable to the CVE-2007-5423 exploit. Author Matt Jones …

2011- filetype:php inanchor:c99 inurl:c99 This search attempts to find the c99 backdoor that may be 11-24 intitle:c99she… knowingly or unknowingly installed o… 2011- inurl:php intitle:”Cpanel , FTP 11-19 CraCkeR”

locates cpanel and ftp cracker. Author: alsa7r …

2011intitle:#k4raeL – sh3LL 10-11

intitle:#k4raeL – sh3LL Finds K4rael Shell , though many of the are dead but we can get som…

2011inurl:view.php?board1_sn= 09-26

locates a webapp vulnerable to SQL injection …

2011intitle:m1n1 1.01 07-26

find the b374k shell…. Submitted by : biLLbud …

2011- intitle:Locus7shell 05-03 intext:”Software:”

intitle:Locus7shell intext:”Software:” Submitted by lionaneesh Thanks Ane…

2011- intitle:”[EasyPHP] – 03-23 Administration”

Unprotected EasyPHP Admin page detection.. Author: Aneesh Dogra (lionaneesh) …

2011- MySQL: ON MSSQL: OFF Oracle: 02-24 OFF MSSQL: OFF Postgr…

Author :- eXeSoul You will get lots of web shells even some priv shells….

2011intitle:cyber anarchy shell 02-24

Submitter: eXeSoul cyber anarchy shell …

2010inurl:/vb/install/upgrade.php 12-10

Vbulletin custom updrade wizards. Author: ScOrPiOn…

2010- inurl:/vb/install/install.ph Vbulletin installation wizards, allow users to modify installation paramete 12-10 p May also reveal … “CGI-Telnet Unit-x Team 2010Connected to 12-09 *.com&qu…

Locates CGI-Telnet web shells. Author: ScOrPiOn…

2010- “www.*.com – c99shell” Locates c99 web shells Author: ScOrPiOn… 12-08 OR “www.*.ne… “safe_mode: * PHP 2010version: * cURL: * 12-07 MySQL…

Locates r57 web shells Author: ScOrPiOn…

2010“r57shell” 12-07

Locates r57 web shells Author: ScOrPiOn…

2010- “r57shell 1.4”

Locates r57 web shells Author: ScOrPiOn…

12-07 2010- “[ phpinfo ] [ php.ini ] 12-07 [ cpu ] [ mem ] …

Locates r57 web shells Author: ScOrPiOn…

inurl:index.php? 2010pagedb=rss 11-13 -Vulnerability -inurl

CVE: 2007-4007 EDB-ID: 4221 This google dork possibly exposes sites w the Article Direct…

2006- intitle:”Uploader – 05-03 Uploader v6″ -pixloa…

File upload servers, dangerous if used in couple with mytrashmail.com…

2006MvBlog is prone to multiple input-validation vulnerabilities. These issues intitle:”MvBlog powered” 04-25 due to a failure… 2006- intitle:”Horde :: My 02-03 Portal” -“[Tic…

Hi It will give you administrative ownership over Horde webmail system p all users in Hord…

2006inurl:rpSys.html 01-22

Web configuration pages for various types of systems. Many of these systems are not password pr…

filetype:pl 2006intitle:”Ultraboard 01-16 Setup”

setup pages to the ultraboard system….

“Welcome to 2005Administration” 09-17 “Genera…

This reveals admin site for Argo Software Design Mail Server….

2005- XOOPS Custom 09-16 Installation

XOOPS custom installation wizards, allow users to modify installation parameters. May also reve…

2005- “you can now password” IMchaos link tracker admin pages. Reveals AIM screennames, IP ADDRES 09-15 | “this is a… AND OTHER INFO via deta…

2005- “set up the administrator Using this, you can find sites with a Pivot weblog installed but not set up 07-03 user” inurl:pi… default set up… 2005- “html allowed” 06-11 guestbook

When this is typed in google it finds websites which have HTML Enabled guestbooks. This is real…

2005- “Powered by: vBulletin 03-19 Version 1.1.5”

This google dork reveals vulnerable message boards. It works for all Vbu version up to 2….

2005- inurl:”/NSearch/AdminSe This search brings up results for Novell NetWare’s Web Search Manager.. 01-26 rvlet” best the sites will … 2005inurl:servlet/webacc 01-06

I was playing around on the net when I found a small problem with Novell’s WebAcces. With User….

2004- “There are no Administrators 12-27 Accounts” i…

This is a more specific search for the vulnerable PhpNuke index already seen on this website.Ph…

2004- intitle:”Mail Server CMailServer CMailServer is a small mail webmail server. Multiple vulnerabilities 12-04 Webmail”… were found, including buff… 2004inurl:newsdesk.cgi? inurl:”t=” 11-07

Newsdesk is a cgi script designed to allow remote administration o website news headlines.Due …

2004- (inurl:/shop.cgi/page=) | 11-07 (inurl:/shop.pl/page=)

This is a “double dork” finds two different shopping carts, both vulnerable1) Cyber-V…

2004- inurl:aol*/_do/rss_popup? 11-06 blogID=

AOL Journals BlogID Incrementing Discloses Account Names and E AddressesAOL Journals is bas…

2004- natterchat inurl:home.asp 11-05 -site:natterchat.co.uk

NatterChat is a webbased chat system written in ASP.An SQL injec vulnerability is identifie…

2004- intitle:phpMyAdmin “Welcome phpMyAdmin is a tool written in PHP intended to handle the 10-31 to phpMyAdmin ***… administration of MySQL over the Web…

2004- intitle:phpMyAdmin “Welcome search for phpMyAdmin installations that are configured to run the 08-21 to phpMyAdmin ***… MySQL database with root pri… 2004“ftp://” “www.eastgame.net” 08-20

Use this search to find eastgame.net ftp servers, loads of warez an that sort of thing.”t…

2004- intext:”Warning: * am able * 08-13 write ** configu…

OsCommerce has some security issues, including the following warning message: “Warning: I …

2004- allinurl:”index.php” 07-29 “site=sglinks&…

Easyins Stadtportal v4 is a German Content Management System cities and regions. Version 4 …

2004- inurl:”index.php? 07-29 module=ew_filemanager”

http://www.cirt.net/advisories/ew_file_manager.shtml:Product: EasyWeb FileManager Module – http…

2004filetype:cgi inurl:”fileman.cgi” 07-26

This brings up alot of insecure as well as secure filemanagers. The software solutions are of…

2004- filetype:cgi 07-26 inurl:”Web_Store.cgi”

Zero X reported that “Web_Store.cgi” allows Command Execution: application was wr…

2004- (“Indexed.By”|”Monitored.By”) hAcxFtpScan – software that use ‘l33t h@x0rz’ to monitor their file 07-26 … stroz on ftp. On the ftp se… 2004- “Welcome to the Prestige Web- This is the configuration screen for a Prestige router. This page 06-04 Based Configurat… indicates that the router has…

2004vAuthenticate is a multi-platform compatible PHP and MySQL scrip filetype:php inurl:vAuthenticate 06-04 which allows creation of new … 2004- intitle:”Samba Web 05-04 Administration Tool” …

This search reveals wide-open samba web adminitration servers. Attackers can change options on …

2004- intitle:”Gateway Configuration This is a normally protected configuration menu for Oracle Portal 04-28 Menu” Database Access Descriptors (…

2004- inurl:pls/admin_/gateway.ht This is a default login portal used by Oracle. In addition to the fact tha 04-28 m this file can be us… 2004allinurl:install/install.php 04-06

Pages with install/install.php files may be in the process of installing a new service or progr…

2004allinurl:intranet admin 03-29

According to whatis.com: “An intranet is a private network that is contained within an ent…

2004- “Select a database to view” An oldie but a goodie. This search locates servers which provides acc 03-29 intitle:&quo… to Filemaker pro datab… 2004- “Welcome to PHP-Nuke” 03-18 congratulations

This finds default installations of the postnuke CMS system. In many cases, default installatio…

2004inurl:info.inc.php 03-14

From http://www.securityfocus.com/bid/9664, the AllMyPHP family of products (Versions 0.1.2 – 0…

2004inurl:footer.inc.php 03-14

From http://www.securityfocus.com/bid/9664, the AllMyPHP family of products (Versions 0.1.2 – 0…

2004inurl:search.php vbulletin 03-04

Version 3.0.0 candidate 4 and earlier of Vbulletin may have a cross-si scripting vulnerabilit…

0000“Welcome to Intranet” 00-00

According to whatis.com: “An intranet is a private network that is contained within an ent…

2004- intitle:”Remote Desktop 03-04 Web Connection”

Microsoft Remote Desktop Connection Web Connection pages. These pages are not necessarily insec…

2004- intitle:”Terminal Services 03-04 Web Connection&quo…

Microsoft Terminal Services Web Connector pages. These pages are n necessarily insecure, sine…

2004inurl:ManyServers.htm 03-04

Microsoft Terminal Services Multiple Clients pages. These pages are n necessarily insecure, s…

2004- intitle:osCommerce This is a decent way to explore the admin interface of osCommerce e 03-04 inurl:admin intext:”redist… commerce sites. Depending o… 2004- Gallery in configuration 03-04 mode

Gallery is a nice little php program that allows users to post personal pictures on their websi…

2004“YaBB SE Dev Team” 03-04

Yet Another Bulletin Board (YABB) SE (versions 1.5.4 and 1.5.5 and perhaps others) contain an S…

2003- Hassan Consulting’s These servers can be messed with in many ways. One specific way is 07-08 Shopping Cart Version 1.18 way of the “../”… intext:”Powered by X2005Cart: shopping cart 06-03 soft…

X-Cart (version 4.0.8) has multiple input validation vulnerabilities. There doesn’t seem to be …

2005- intext:”powered by 05-29 Hosting Controller” i…

Description:==============Hosting Controller is a complete array Web hosting automation tool…

site:ups.com 2004intitle:"Ups 11-25 Package trackin…

Ever use the UPS Automated Tracking Service?? Wanna see where packa are going? Want to Man-i…

2004inurl:midicart.mdb 10-10

MIDICART is s an ASP and PHP based shopping Cart application with MS Access and SQL database. A…

2004- “More Info about 10-10 MetaCart Free”

MetaCart is an ASP based shopping Cart application with SQL database. A security vulnerability …

2004inurl:shopdbtest.asp 10-10

shopdbtest is an ASP page used by several e-commerce products. A vulnerability in the script al…

2004- Comersus.mdb 07-12 database

Comersus is an e-commerce system and has been installed all over the w in more than 20000 s…

2004- VP-ASP Shop 06-25 Administrators only

VP-ASP (Virtual Programming – ASP) has won awards both in the US and France. It is now in use i…

2004- POWERED BY HIT 06-06 JAMMER 1.0!

Hit Jammer is a Unix compatible script that allows you to manage the con and traffic exchan…

2014 “[function.getimagesize]: failed to open -02stre… 05

Just another error that reveals full paths…

2014 -02- intext:”Access denied for” intitle:”… 05

Here is a Dork I use in conjunction with sqlmap, for shopping carts with MySQL Error messages…

2013 inurl:advsearch.php?module= & intext:sql -04synta… 09

Exploit Title : SQLI Exploit Google Dork : inurl:advsearch.php?module= & intext:sql syntax…

2012 Dork to find Plugin errors in wordpress websites Dork – -12- intext:”Fatal error: Class ‘Red_Action’ not f… intext:”Fatal error: Class ‘Red_A… 06 2012 “CHARACTER_SETS” -08“COLLATION_CHARACT… 21

“CHARACTER_SETS”+”COLLATION_CHARACTER_SET_A CABILITY” find sql injectab…

2012 -05- inurl:”*.php?*=*.php” intext:”Warni… 15

PHP Error Messages…

2011 inurl:”index.php? -01m=content+c=rss+catid=10&quo… 21

Author: eidelweiss http://host/index.php? m=content&c=rss&catid=5 show MySQL Error (tabl…

2010 Many of the results of the search show error logs whic -12- “plugins/wp-db-backup/wp-db-backup.php” give an attacker the server side paths … 08 2010 -11- allintext:”fs-admin.php” 11

A foothold using allintext:”fs-admin.php” shows the w readable directories of a p…

2006 -06- intitle:”Apache Tomcat” “Error Repo… 15

Apache Tomcat Error messages. These can reveal vari kinds information depending on the type …

2006 -04- “Unable to jump to row” “on MySQL r… 25

another error message…

2006 “Warning: Bad arguments to (join|implode) -04() … 25

and another error. open it from cache when not workin

2006 -04- “Warning:” “failed to open stream: … 25

Just another error message….

2006 “Warning: mysql_connect(): Access denied -04for … 25

This dork reveals logins to databases that were denied some reason….

2006 -04- “Warning: Division by zero in” “on … 25

Just another error that reveals full paths….

2006 -03- filetype:asp + “[ODBC SQL” 13

This search returns more than just the one I saw alrea here. This one will return all ODBC SQ…

2005 -09- “Warning:” “SAFE MODE Restriction i… 25

This error message reveals full path information. Recommend use of site: operator to narrow sea…

2005 “Warning: Supplied argument is not a valid -09Fi… 25

This error message cqan reveal path information. This message (like other error messages) is of…

2005 “There seems to have been a problem with search reveals database errors on vbulletin sites. View -08the&… page source and you can get informa… 16 2005 -04- intitle:”Default PLESK Page” 26

Plesk Server Administrator (PSA) is web based softwar that enables remote administration of we…

2005- “Parse error: parse error, PHP error with a full web root path disclosure… 04-26 unexpected T_VARIA… "SQL Server 2005Driver][SQL Server]Line you can find many servers infected with sql injection… 04-07 1: In… 2005- Netscape Application 04-05 Server Error page

This error message highlights potentially unpatched or misconfigured Netscape Application Serve…

2005- intext:”Error Message : 01-26 Error loading require…

This throws up pages which contain “CGI ERROR” reports – which includ file (and …

“Warning: 2004mysql_query()” “invalid 11-28 q…

MySQL query errors revealing database schema and usernames….

2004- intitle:Configuration.File This search finds configuration file errors within the softcart application. 11-13 inurl:softcart.exe includes the na… 2004- “The script whose uid is This PHP error message is revealing the webserver’s directory and user 10-16 ” “is not … 2004- snitz! forums db path 09-07 error

snitz forums uses a microsoft access databases for storage and the defa name is “Snitz_…

2004- filetype:log “PHP Parse 08-14 error” | “P…

This search will show an attacker some PHP error logs wich may contain information on wich an a…

2004- “ASP.NET_SessionId” 07-26 “data source=&q…

.NET pages revealing their datasource and sometimes the authenticatio credentials with it. The…

2004- “ORA-12541: TNS:no 07-16 listener” intitle:&qu…

In many cases, these pages display nice bits of SQL code which can be u by an attacker to mo…

2004- filetype:php Discuz! Board error messages related to MySQL. The error message may 07-16 inurl:”logging.php” “D… empty or contain path i… 2004- “Internal Server Error” 07-16 “server at&…

We have a similar search already, but it relies on “500 Internal Server” which doesn’…

2004- PHP application warnings These error messages reveal information about the application that crea 07-14 failing “include_pat… them as well as reve… 2004- intext:”Warning: Failed 07-09 opening” “o…

These error messages reveal information about the application that crea them as well as reve…

2004ht://Dig htsearch error 06-24

The ht://Dig system is a complete world wide web indexing and searchin system for a domain or …

2004- intitle:”Error Occurred Cold fusion error messages logging the SQL SELECT or INSERT statemen 06-24 While Processing Requ… and the location of the … 2004- intitle:”Error using 06-15 Hypernews” “Se…

HyperNews is a cross between the WWW and Usenet News. Readers can browse through the messages w…

2004- “Invision Power Board 05-28 Database Error”

These are SQL error messages, ranging from to many connections, acce denied to user xxx, show…

2004- “error found handling 07-29 the request” cocoo…

Cocoon is an XML publishing framework. It allows you to define XML documents and transformation…

2004- intitle:”Execution of this This is a cgiwrap error message which displays admin name and email, p 04-28 script not permitt… numbers, path names, … 2004- intitle:”Error Occurred” This is a typical error message from ColdFusion. A good amount of 04-19 “The error… information is available from…

2004- warning “error on line” sablotron is an XML toolit thingie. This query hones in on error messages 03-11 php sablotron generated by this too… 2004- “Fatal error: Call to 03-16 undefined function”…

This error message can reveal information such as compiler used, langua used, line numbers, p…

2004- filetype:asp “Custom 03-16 Error Message” Cate…

This is an ASP error message that can reveal information such as compile used, language used, …

2004- “Can’t connect to local” Another SQL error message, this message can display database name, p 03-04 intitle:warning names and partial SQL c… 2004- intitle:”Under 03-04 construction” “does …

This error message can be used to narrow down the operating system an web server version which…

2004- “access denied for 03-04 user” “using pas…

Another SQL error message, this message can display the username, database, path names and part…

“Warning: Cannot 2004modify header 03-04 information – …

A PHP error message, this message can display path names, function nam filenames and partial…

2004- “Warning: pg_connect(): This search reveals Postgresql servers in yet another way then we had se 08-25 Unable to connect to … before. Path informa… An unexpected token 2004“END-OF-STATEMENT” 03-04 w…

A DB2 error message, this message can display path names, function na filenames, partial co…

2004- “detected an internal A DB2 error message, this message can display path names, function na 03-04 error [IBM][CLI Driver]… filenames, partial co… 2004- “A syntax error has 03-04 occurred” filetype:i…

An Informix error message, this message can display path names, functio names, filenames and p…

2004- “An illegal character has An Informix error message, this message can display path names, functio 03-04 been found in the s… names, filenames and p… 2004- “Syntax error in query 03-04 expression ” -the

An Access error message, this message can display path names, function names, filenames and par…

supplied argument is 2004not a valid PostgreSQL 03-04 result

An PostgreSQL error message, this message can display path names, function names, filenames and…

“PostgreSQL query 2004failed: ERROR: parser: 03-04 pa…

An PostgreSQL error message, this message can display path names, function names, filenames and…

2004An SQL Server error message, this message can display path names, fun “Incorrect syntax near” 03-04 names, filenames and…

2004An SQL Server error message, this message can display path names, fun “Incorrect syntax near” 03-04 names, filenames and… “Unclosed quotation 2004mark before the 03-04 character…

An SQL Server error message, this message can display path names, fun names, filenames and…

“ORA-00933: SQL 2004command not properly 03-04 ended&qu…

An Oracle error message, this message can display path names, function names, filenames and par…

2004- ORA-00921: unexpected Another generic SQL message, this message can display path names, 03-04 end of SQL command function names, filenames and… 2004- ORA-00936: missing 03-04 expression

A generic ORACLE error message, this message can display path names, function names, filenames …

“Supplied argument is 2004not a valid MySQL 03-04 resul…

Another generic SQL message, this message can display path names, function names, filenames and…

2004sQL syntax error 03-04

Another generic SQL message, this message can display path names and partial SQL code, both of …

2004mysql error with query 03-04

Another error message, this appears when an SQL query bails. This is a generic mySQL message, s…

2004Internal Server Error 03-04

This one shows the type of web server running on the site, and has the ability to show other in…

2004- IIS web server error 03-04 messages

This query finds various types of IIS servers. This error message is fairly indicative of a som…

2004- Windows 2000 web 03-04 server error messages

Windows 2000 web servers. Aging, fairly easy to hack, especially out of t box……

2004IIS 4.0 error messages 03-04

IIS 4.0 servers. Extrememly old, incredibly easy to hack……

2004sitebuilderpictures 03-04

This is a default directory for the sitebuilder web design software program these people po…

2004sitebuilderfiles 03-04

This is a default directory for the sitebuilder web design software program these people po…

2004sitebuildercontent 03-04

This is a default directory for the sitebuilder web design software program these people po…

2004- ORA-00921: unexpected Another SQL error message from Cesar. This one coughs up full web 01-09 end of SQL command pathnames and/or php filename… “Chatologica 2003MetaSearch” “stack 08-15 tra…

There is soo much crap in this error message… Apache version, CGI environment vars, path name…

2003- MYSQL error message: 06-24 supplied argument….

One of many potential error messages that spew interesting information. results of this mes…

2003Coldfusion Error Pages 06-24

These aren’t too horribly bad, but there are SO MANY of them. These site got googlebotted whil…

2012inurl:finger.cgi 11-02

Finger Submitted by: Christy Philip Mathew…

2012- site*.*.*/webalizer Shows usage statistics of sites. Includes monthy reports on the IP 08-21 intitle:”Usage Statistics… addresses, user agents, and … 2006- intitle:r57shell +uname 05-04 -bbpress

compromised servers… a lot are dead links, but pages cached show interesting info, this is r5…

2006- “The statistics were last 05-03 updated” “…

Results include many varius Network activity logs…

2006- inurl:/counter/index.php 04-06 intitle:”+PHPCounter…

This is an online vulnerable web stat program called PHPCounter 7.http://www.clydebelt.org.uk/c…

2006- inurl:”NmConsole/Login.as Ipswitch Whats Up Monitoring 2005!This is a console for Network 03-13 p” | intitle:&q… Monitoring, access beyond the p…

2006- inurl:CrazyWWWBoard.cgi gives tons of private forum configuration information.examples: Globa

02-08 intext:”detailed debu…

variables installed, wha…

2005inurl:ovcgi/jovw 12-31

An HP Java network management tool. It is a sign that a network may be configured properly….

2005- inurl:proxy | inurl:wpad Information about proxy servers, internal ip addresses and other netwo 12-21 ext:pac | ext:dat findpro… sensitive stuff…. inurl:webalizer 2005filetype:png -.gov -.edu 11-21 -.mil -op…

***WARNING: This search uses google images, disable images unless y want your IP spewed acros…

2005- intitle:”Retina Report” 10-26 “CONFIDENTI…

This googledork finds vulnerability reports produced by eEye Retina Security Scanner. The info…

2005- “Shadow Security Scanner This is a googledork to find vulnerability reports produced by Shadow 10-26 performed a vulnerab… Security Scanner. They c… 2005- “The following report 10-26 contains confidential i…

This googledork reveals vunerability reports from many different vendo These reports can co…

2005inurl:status.cgi?host=all 10-04

Nagios Status page. See what ports are being monitored as well as ip addresses.Be sure to check…

2005inurl:login.jsp.bak 09-30

JSP programmer anyone? You can read this!…

2005- intitle:”Belarc Advisor 02-15 Current Profile”…

People who have foolishly published an audit of their machine(s) on th with some server in…

2005- “Traffic Analysis for” 03-05 “RMON Port *…

List of RMON ports produced by MRTG which is a network traffic analys tool. See also #198…

2005- “powered | performed by 02-03 Beyond Security’s Aut…

This search finds Beyond Security reports. Beyond Security sells a box which performs automated…

2004- intitle:”PHPBTTracker 12-30 Statistics” | inti…

This query shows pages which summarise activity on PHPBT-powered BitTorrent trackers – all the …

2004This query shows pages which summarise activity on BNBT-powered intitle:”BNBT Tracker Info” 12-30 BitTorrent trackers – including…

2004- intitle:”Azureus : Java BitTorrent This query shows machines using the Azureus BitTorrent client’s b 12-30 Client Tra… in tracker – the pages ar… 2004inurl:”install/install.php” 12-29

This searches for the install.php file. Most results will be a Bulletin board like Phpbb etc.T…

2004- intext:”Welcome to the Web 12-07 V.Networks” i…

see and control JVC webcameras, you can move the camera, zoom change the settings, etc…….

2004- intitle:”start.managing.the.devi MCK Communications, Inc.PBXgatewayIIHigh density central site 12-10 ce” remo… gateway for remote PBX access(MCK… 2004ext:cfg radius.cfg 12-06

“Radiator is a highly configurable and flexible Radius server that supports authentication…

2004- filetype:php inurl:ipinfo.php 12-07 “Distributed In…

Dshield is a distributed intrusion detection system. The ipinfo.php script includes a whois loo…

2004- inurl:”sitescope.html” 12-03 intitle:”sit…

Mercury SiteScope designed to ensure the availability and performance of distributed IT infrast…

2004- intitle:”twiki” 12-02 inurl:”TWikiUsers&q…

TWiki has many security problems, depeding on the version insta TWiki, is a flexible, powe…

2004- “Phorum Admin” “Database 11-28 Connection…

Phorum admin pagesThis either shows Information leakage (path or it shows Unprotected Adm…

2004- “Output produced by SysWatch sysWatch is a CGI to display current information about your UNIX 11-28 *” system. It can display drive p… 2004inurl:testcgi xitami 11-28

Testpage / webserver environmentThis is the test cgi for xitami webserver. It shows the webserv…

2004- filetype:log 11-28 intext:”ConnectionManager2″

ISDNPM 3.x for OS/2-Dialer log files.These files contain sensitive i like ip addresses, phon…

2004- intitle:”sysinfo * ” 11-12 intext:”Genera…

Lots of information leakage on these pages about active network services, server info, network …

2004- inurl:portscan.php “from 11-12 Port”|”Por…

This is general search for online port scanners which accept any I does not find a specifi…

2004inurl:/adm-cfgedit.php 11-07

PhotoPost Pro is photo gallery system. This dork finds its installati page.You can use this p…

2004inurl:webutil.pl 11-07

webutil.pl is a web interface to the following services:* ping* traceroute* whois* finger* nslo…

2004inurl:statrep.nsf -gov 10-20

Domino is server technology which transforms Lotus NotesÂà into an Internet a…

2004- inurl:/cgi-bin/finger? “In real 10-19 life”

The finger command on unix displays information about the syste users. This search displays pr…

2004- inurl:/cgi-bin/finger? Enter 10-19 (account|host|user|us…

The finger command on unix displays information about the syste users. This search displays th…

2004- filetype:php inurl:nqt 10-18 intext:”Network Query …

Network Query Tool enables any Internet user to scan network information using:* Resolve/Revers…

2004- inurl:”map.asp?” 10-05 intitle:”WhatsUp G…

“WhatsUp Gold’s new SNMP Viewer tool enables Area-Wide to easily trac variables associate…

2004- ext:cgi intext:”nrg-” ” 09-29 This web pa…

NRG is a system for maintaining and visualizing network data and other resource utilization dat…

2004- ((inurl:ifgraph “Page 09-29 generated at”) OR …

ifGraph is a set of perl scripts that were created to fetch data from SNMP agents and feed a RR…

2004- inurl:”/catalog.nsf” 09-10 intitle:catalog

This will return servers which are running versions of Lotus Domino. The catalog.nsf is the ser…

2004- “Powered by 09-21 phpOpenTracker”

phpOpenTracker is a framework solution for the analysis of website traffi

Statistics

and visitor analysis…

site:netcraft.com 2004Netcraft reports a site’s operating system, web server, and netblock own intitle:That.Site.Running 09-21 together with, if av… Apache 2004- “this proxy is working 08-13 fine!” “ente…

These are test pages for some proxy program. Some have a text field th allows you to use that…

2004“apricot – admin” 00h 07-29

This search shows the webserver access stats as the user “admin”. The language used i…

“by Reimar Hoven. All 2006Rights Reserved. 04-15 Discla…

dork: “by Reimar Hoven. All Rights Reserved. Disclaimer” | inurl:”log/logdb.dta&…

2004- intitle:”Microsoft Site 07-16 Server Analysis”

Microsoft discontinued Site Server and Site Server Commerce Edition on June 1, 2001 with the in…

2004- Analysis Console for 07-12 Incident Databases

ACID stands for for “Analysis Console for Incident Databases”. It is a php frontend f…

2004Looking Glass 06-22

A Looking Glass is a CGI script for viewing results of simple queries exec on remote router…

2004- “Version Info” “Boot 06-04 Version” …

This is the status page for a Belkin Cable/DSL gateway. Information can retrieved from this …

2004- intitle:”ADSL 06-04 Configuration page”

This is the status screen for the Solwise ADSL modem. Information avail from this page incl…

2004- filetype:vsd vsd network Reveals network maps (or any other kind you seek) that can provide 05-13 -samples -examples sensitive information such a… 2004- filetype:pdf “Assessment These are reports from the Nessus Vulnerability Scanner. These report 05-03 Report” nessus contain detailed informat… inurl:phpSysInfo/ 2004“created by 04-16 phpsysinfo”…

This statistics program allows the an admin to view stats about a webse Some sites leave t…

2004“SnortSnarf alert page” 04-16

snort is an intrusion detection system. SnorfSnarf creates pretty web pa from intrusion dete…

2004- “Network Host This search yeids ISS scan reports, revealing potential vulnerabilities on 03-30 Assessment Report” “I… hosts and networks. … 2004- “This report lists” 03-30 “identified by … 2004- intitle:”Nessus Scan 03-30 Report” “This …

This search yeids ISS scan reports, revealing potential vulnerabilities on hosts and networks. … This search yeids nessus scan reports. Even if some of the vulnerabilities have been fixed, we …

2014 filetype:pdf “acunetix -03Finds reports generated by Acunetix scans. – Andy G – twitter.com/vxhex … website audit” &q… 31

2014 inurl:clientaccesspolic Locates clientaccesspolicy.xml files used by silverlight to determine the cros -03- y filetype:xml

27

intext:allow…

domain policy …

2014 inurl:crossdomain Locates crossdomain.xml files used by flash/flex/silverlight to determine the -03- filetype:xml cross domain pol… 27 intext:allow-access… 2014 site:bitbucket.org -02inurl:.bash_history 05

Finding Sensitive data site:bitbucket.org inurl:.bash_history By Pharos …

2013 intext:phpMyAdmin intext:phpMyAdmin SQL Dump filetype:sql intext:INSERT INTO `admin` (`id` -11- SQL Dump filetype:sql `user`, `password`) V… 27 intext:INS… 2013 inurl:mikrotik -11filetype:backup 27

mikrotik url backups uploaded.. then.. credentials cracked via http://mikrotikpasswordrecove…

2013 filetype:xml -11inurl:sitemap 25

Sitemaps, the opposite of Web Robots Exclusion Detail directory and page m — -[Volun…

2013 inurl:”jmxJBoss -11- console/HtmlAdaptor” http://docs.jboss.org/jbossas/docs/Server_Configuration_Guide/4/html/Conne 25 intitle:… g_to_the_J… 2013 -11- inurl:tar filetype:gz 25

Tar files Contain user and group information (in addition to potentially usefu files) — …

2013 filetype:bak (inurl:php This one could be used to find all sorts of backup data, but this example is -11| inurl:asp | inurl:rb) limited to just c… 25 2013 site:github.com -11- inurl:”id_rsa” 25 -inurl:&q…

Finds private SSH keys on GitHub. – Andy G – twitter.com/vxhex …

2013 site:github.com -11- inurl:”known_hosts” 25 &quo…

Finds SSH known_hosts files on GitHub. – Andy G – twitter.com/vxhex …

2013 inurl:/wp-11- content/uploads/ 25 filetype:sql

Google dork for WordPress database backup file (sql): inurl:/wp-content/uplo filetype:sq…

2013 inurl:config “fetch = -11- +refs/heads/*:refs/re 25 mo…

Git config file Easy way to find Git Repositories — -[Voluntas Vincit Omnia]website…

2013 filetype:php Project Honey Pot anti-spammer detection (http://www.projecthoneypot.org/ -11- intext:”PROJECT Can identify the … 25 HONEY POT ADDRES…

2013 inurl:github.com -11- intext:sftp-conf.json 25 +intext:/wp…

Find FTP logins and full path disclosures pushed to github inurl:github.com intext:sftp-conf…

2013 inurl:*/webalizer/* -09- intitle:”Usage 24 Statistics…

*Obrigado,* …

2013 intitle:index.of -09intext:.ssh 24

Find peoples ssh public and private keys – tmc / #havok …

2013 filetype:txt This dork can be used to find symlinked WordPress configuration files of othe -08- inurl:~~Wordpress2.t web sites … 08 xt 2013 filetype:txt inurl:wp-08config.txt 08

Easily hunt the WordPress configuration file in of remote web sites Author : Un0wn_X …

2013inurl:~~joomla3.txt filetype:txt 08-08

By this dork you can find juicy information joomla configurat files Author: Un0wn_X …

2013- intitle:”WAMPSERVER Homepage” & #Summary: Wampserver Homepage free access 08-08 inte… (*http://www.wampserver.com/).* #Author: g00gl3 5c0u… 2013inurl:wp-content/uploads/dump.sql 08-08

This is *Mohan Pendyala* (penetration tester) from india. Go Dork: *inurl:wp-content/u…

2013inurl:fluidgalleries/dat/login.dat 08-08

Works with every single fluidgalleries portofolio sites. Just decrypt the MD5 hash and login on…

2013“information_schema” filetype:sql 08-08

Dork: “information_schema” filetype:sql By: Cr4t3r …

2013- inurl:”zendesk.com/attachments/tok zendesk is good ticketing system . It has thousands of clients 08-08 en” si… with the above dork you can s… 2013allintext: /iissamples/default/ 04-23

Searching for “allintext: /iissamples/default/” may provide interesting informatio…

2013- filetype:php -site:php.net 04-22 intitle:phpinfo “p…

Tries to reduce false positive results from similar dorks. Finds pages containing output from …

2013- filetype:ini “This is the default 04-22 settings fi…

Finds PHP configuration files (php.ini) that have been placed indexed folders. Php.ini defi…

2013- inurl:”php?id=” intext:”DB_Error 04-09 Ob…

Description: Files containing juicy info Author:ruben_linux …

2013ext:gnucash 02-05

*Google Search:* http://www.google.com/search?q=ext:gnuc *Description:* Find Gnucas…

2013runtimevar softwareVersion= 02-05

Hits: 807 Config file from Thomson home routers, sometimes contains password’s and user’s …

2012- inurl:admin intext:username= AND 12-31 email= AND passwo…

— nitish mehta …

2012- inurl:newsnab/www/ 12-06 automated.config.php

Usenet Accounts from Newsnab configs inurl:newsnab/www/ automated.config.php Author: rmccurd…

2012inurl:.com/configuration.php-dist 11-02

Finds the configuration files of the PHP Database on the serv By Chintan GurjarRahul Tygi…

2012filetype:avastlic 08-21

Lots of Avast Licenses . Author : gr00ve_hack3r www.gr00vehack3r.wordpress.com …

2012- filetype:docx Domain Registrar $user Dork :- *filetype:docx Domain Registrar $user $pass* Use :- * 08-21 $pass find domain login password fo… 2012- inurl:”phpmyadmin/index.php” 08-21 intext:&quo…

This dork finds unsecured databases …

2012- intext:”Thank you for your 05-15 purchase/trial of …

This dork can fetch you Avast product licenses especially Ava Antiviruses , including Profes…

2012?intitle:index.of?”.mysql_history” 05-15

Find some juicy info in .mysql_history files enjoy bastich …

2012intext:”~~Joomla1.txt” title:”Index of /” Get all server config intext:”~~Joomla1.txt” title:”Index… 05-15 files… 2011allintext:D.N.I filetype:xls 12-27

This Query contains sensitive data (D.N.I

) in a xls for

(excel) and D.N.I for People of…

2011- List of Phone Numbers (In XLS File ) This is a dork for a list of Phone Private Numbers in Argentina 12-19 allinurl:tele… Author: Luciano UNLP … 2011- Microsoft-IIS/7.0 intitle:index.of 12-19 name size

IIS 7 directory listing. Author: huang …

2011- Google Dork inurl:Curriculum Vitale 12-16 filetype:doc (…

This dork locates Curriculum Vitale files. Author: Luciano UNL

2011- Google Dork For Social Security 12-16 Number ( In Spain …

This dork locates social security numbers. Author: Luciano U …

2011filetype:old (mysql_connect) () 11-24

There are three of mysql_connects but that all search in .inc warnings, non search for .old…

2011- filetype:old (define)(DB_USER| 11-24 DB_PASS|DB_NAME)

this dork locates backed up config files filetype:php~ (define (DB_USER|DB_PASS|DB_NAME) file…

filetype:reg reg 2011HKEY_CURRENT_USER 11-19 SSHHOSTKEYS

this dork locates registry dumps …

2011- intitle:index.of? 11-19 configuration.php.zip

this dork finds mostly backed up configuration.php files. Its possible to change the *.zip to …

2011inurl:”/includes/config.php” 11-19

The Dork Allows you to get data base information from config files. Author: XeNon …

2011example google dork to find trace.axd, a file used for debugg inurl:”trace.axd” ext:axd “Applicat… 11-19 asp that reveals full http re… 2011- +intext:”AWSTATS DATA FILE” 09-26 filetype:txt

Shows data downloads containing statistics on the site.Made AwstatsThe best dork for that sy…

2011- filetype:ini “Bootstrap.php” (pass| 08-25 passw…

Zend application ini, with usernames, passwords and db info Bastich …

2011filetype:pem “Microsoft” 07-26

Microsoft private keys, frequently used for servers with UserI the same page. — Sha…

2011- inurl:server-info intitle:”Server 07-26 Information…

Juicy information about the apache server installation in the website. — *Regards, Fady …

2011- inurl:/push/ .pem apns -“push 07-18 notifications&q…

iphone apple push notification system private keys, frequent unencrypted, frequently with De…

2011- site:stashbox.org cv Or resume OR 07-18 curriculum vitae…

Searches StashBox for publicly avaliable PDF’s or .doc files containing information used in a…

2011- site:mediafire.com cv Or resume OR Searches Mediafire for publicly avaliable PDF’s containing 07-18 curriculum vita… information used in a CV/Resume/Cur… 2011- site:docs.google.com intitle:(cv Or 07-18 resume OR curr…

Searches GoogleDocs for publicly avaliable PDF’s containing information used in a CV/Resume/Cu…

2011- site:dl.dropbox.com filetype:pdf cv OR 07-01 curriculum …

Searches Dropbox for publicly avaliable PDF’s containing information used in a CV/Resume/Curr

2011inurl:sarg inurl:siteuser.html 05-26

Submitter: pipefish Squid User Access Reports th show users’ browsing history t…

2011filetype:xls + password + inurl:.com 05-03

The filetype:xls never changes What is inbtween + sings can be what ever you are looking …

2011- allinurl:http://www.google.co.in/latitude/apps/ba Site: google.com/latitude – This is a free applicati 05-03 d… where you can track your PC, laptop and… 2011intext:db_pass inurl:settings.ini 02-24

Submitter: Bastich mysql.nimbit.com dashboard settings…

2011inurl:app/etc/local.xml 02-19

Magento local.xml sensitive information disclosur Author: Rambaud Pierre…

2010allinurl:/xampp/security.php 12-13

XAMPP Security Setting Page Information Disclosu Author: modpr0be …

2010inurl:phpinfo.php 12-10

Locates phpinfo files. A phpinfo file Outputs a larg amount of information about the current s…

2010inurl:”config.php.new” +vbulletin 12-07

locates the default configuration file for vBulletin (/includes/config.php.new) Author: MaXe…

2010inurl:configuration.php-dist 12-07

locates the default configuration file of JOOMLA Author: ScOrPiOn …

2010filetype: log inurl:”access.log” +intext… 11-25

Match some apache access.log files. Author: susmab…

2010Google search for Pix Authorization Keys Author: “Cisco PIX Security Appliance Software Versio… 11-10 fdisk… 2010- filetype:reg reg HKEY_CURRENT_USER 11-10 SSHHOSTKEYS

This search locates private SSHHostkeys. Author: loganWHD…

2006intitle:”AppServ Open Project *” “A… 10-02

Often includes phpinfo and unsecured links to phpmyadmin….

2006Logrep is an open source log file Extraction and intitle:”LOGREP – Log file reporting system&q… 03-21 Reporting System by ITeF!x. This dork finds t… 2006(intitle:”PRTG Traffic Grapher” inurl:&q… 03-18

PRTG Traffic Grapher is Windows software for monitoring and classifying bandwidth usage. It pr

2006intitle:”Joomla – Web Installer” 03-18

Joomla! is a Content Management System (CMS) created by the same team that brought the Mam CM…

2006“not for public release” -.edu -.gov -.m… 02-22

if you search through lots of these then you find some really juicy things, there files from po…

2006intext:ViewCVS inurl:Settings.php 01-16

CVs is a software used to keep track of changes t websites. You can review all updates and pre…

2006inurl:build.err 01-16

General build error file. Can tell what modules are installed, the OS the compiler the language…

2005inurl:/cgi-bin/pass.txt 12-22

Passwords…

(intitle:WebStatistica 2005WebStatistica provides detailed statistics about a web page. Normally y inurl:main.php) | (intitle: 12-19 would have to login … … inurl:wp-mail.php + 2005“There doesn’t seem to 11-24 b…

This is the WordPress script handling Post-By-Email functionality, the sea is focussed on th…

intitle:”Welcome to F2005Secure Policy Manager 11-16 S…

An attacker may want to know about the antivirus software running. The description says he can…

intitle:Bookmarks 2005inurl:bookmarks.html 10-22 “Bookm…

AFAIK are the bookmarks of Firefox, Netscape and Mozilla stored in bookmarks.html. It is often …

2005- intitle:”urchin (5|3| 10-04 admin)” ext:cgi

Gain access to Urchin analysis reports….

2005- rdbqds -site:.edu 09-08 -site:.mil -site:.gov

Ceasar encryption is a rather simple encryption. You simply shift letters or down across the…

2005contacts ext:wml 08-23

Forget Bluetooth Hacking! You’ll be amazed, at how many people sync t Cell Phones to the sa…

2005- intitle:”curriculum vitae” Hello. 1. It reveals personal datas, often private addresses, phone numb 08-12 filetype:doc e-mails, how many … 2005- intitle:”admin panel” 08-16 +”Powered by …

This finds all versions of RedKernel Referer Tracker(stats page) it just giv out some nice in…

2005- ext:(doc | pdf | xls | txt | Although this search is a bit broken (the file extensions don’t always wo 07-30 ps | rtf | odt | sxw … it reveals intere…

2005- site:www.mailinator.com Mailinator.com allows people to use temporary email boxes. Read the si 07-24 inurl:ShowMail.do won’t explain here…. 2005allinurl:cdkey.txt 07-21

cdkeys…

2005filetype:PS ps 07-08

PS is for “postscript”…which basically means you get the high quality pr data fo…

2005filetype:QBW qbw 06-21

Quickbooks is software to manage your business’s financials. Invoicing, banking, payroll, etc, …

2005inurl:XcCDONTS.asp 06-07

This query reveals an .asp script which can often be used to send anonymous emails from fake se…

2005ext:DCA DCA 04-27

IBM DisplayWrite Document Content Architecture Text File…

2005ext:ccm ccm -catacomb Lotus cc:Mail Mailbox file… 04-27 2005ext:CDX CDX 04-27

Visual FoxPro database index…

2005ext:DBF DBF 04-27

Dbase DAtabase file. Can contain sensitive data like any other database

2005ext:jbf jbf 04-27

There is a full path disclosure in .jbf files (paint shop pro), which by itself is not a vulner…

2005- ext:plist filetype:plist 04-26 inurl:bookmarks.plist

These Safari bookmarks that might show very interesting info abou user’s surfing habits…

2005ext:ics ics 04-26

ICalender Fileder that can contain a lot of useful information about possible target….

2005- “MacHTTP” filetype:log 04-26 inurl:machttp.log

MacHTTP is an webserver for Macs running OS 6-9.x. It’s pretty goo older Macs but the defa…

2005WebLog Referrers 03-30

ExpressionEngine is a modular, flexible, feature-packed web publish system that adapts to a …

2005- “#mysql dump” filetype:sql 02-28 21232f297a57a…

this is a mod of one of the previous queries posted in here. the basi thing is, to add this:21…

2005filetype:ora tnsnames 02-15

This searches for tns names files. This is an Oracle configuration file that sets up connectio…

2005- inurl:getmsg.html 03-02 intitle:hotmail

These pages contain hotmail messages that were saved as HTML. These messages can contain anythi…

2005+”HSTSNR” -“netop.com” 02-28

This search reveals NetOp license files. From the netop website: “N Remote Control is …

2005- intitle:”web server status” 02-15 SSH Telnet

simple port scanners for most common ports…

2005- -site:php.net -“The PHP 02-15 Group” inurl:sou…

scripts to view the source code of PHP scripts running on the server Can be very interesting i…

2005inurl:netscape.hst 01-27

History for Netscape – So an attacker can read a user’s browsing history….

2005inurl:”bookmark.htm” 01-27

Bookmarks for Netscape and various other browsers….

2005inurl:netscape.hst 01-27

Netscape Bookmark List/History: So an attacker would be able to lo the bookmark and history…

2005inurl:netscape.ini 01-27

There’s a bunch of interesting info in netscape.ini1. Viewers: which multimedia viewers the fir…

2005- intitle:”edna:streaming mp3 01-27 server” -for…

Edna allows you to access your MP3 collection from any networked computer. This software stream…

2005ext:reg “username=*” putty 01-27

Putty registry entries. Contain username and hostname pairs, as we type of session (sftp, …

2005ext:txt inurl:dxdiag 01-22

This will find text dumps of the DirectX Diag utility. It gives an outlin the hardware of t…

2005intitle:”FTP root at” 01-13

This dork will return some FTP root directories. The string can be m more specific by adding…

intext:gmail invite 2005This is a dork I did today. At first, I wanted to find out the formula fo intext:http://gmail.google.co 01-02 making one, but … … m… 2005Peoples MSN contact lists 01-02

This will give msn contact lists .. modify the “msn” to what ever you feel is messeng…

2005filetype:ctt Contact 01-02

This is for MSN Contact lists……

2004- intitle:”index.of” .diz .nfo last File_id.diz is a description file uploaders use to describe packages 12-30 modifi… uploaded to FTP sites. Alt… 2004filetype:blt “buddylist” 12-30

AIM buddylists….

2004- filetype:cnf inurl:_vti_pvt 12-30 access.cnf

The access.cnf file is a “weconfigfile” (webconfig file) used by Frontpage Extentions…

2004- intitle:”welcome.to.squeezebo squeezebox is the easiest way for music lovers to enjoy high-qualit 12-19 x” playback of their whole di… 2004- inurl:preferences.ini

This finds the emule configuration file which contains some genera

12-19 “[emule]”

proxy information.Somet…

2004- ext:conf inurl:rsyncd.conf -cvs rsync is an open source utility that provides fast incremental file 12-19 -man transfer.rsync can also tal… 2004inurl:ds.py 12-13

Affordable Web-based document and content management applica lets businesses of every size …

2004ext:dat bpk.dat 12-13

Perfect Keylogger is as the name says a keylogger :)This dork finds corresponding datafiles…

2004- intitle:”Multimon UPS status 12-04 page”

Multimon provide UPS monitoring services…

2004- php-addressbook “This is the php-addressbook shows user address information without a 12-05 addressbook for… password…. 2004“Generated by phpSystem” 12-05

PhpSystem shows info about unix systems, including: General Info (kernel, cpu, uptime), Connect…

2004- inurl:”/axs/ax-admin.pl” 12-04 -script

This system records visits to your site. This admin script allows you display these records …

2004ext:vmx vmx 12-03

VMWare allows PC emulation across a variety of platforms. Theseconfiguration files describe a v…

2004ext:vmdk vmdk 12-03

VMWare allows PC emulation across a variety of platforms. These fi are VMWare disk images wh…

2004ext:pqi pqi -database 12-03

PQ DriveImage allows administrators to create hard rive images for of purposes including b…

2004ext:gho gho 12-03

Norton Ghost allows administrators to create hard rive images for l of purposes including ba…

2004- intitle:”PHP Advanced 11-28 Transfer” (inurl:i…

PHP Advacaned Transfer is GPL’d software that claims to be the “Th ultimate PHP download …

2004- intitle:”DocuShare” 11-28 inurl:”docushar…

some companies use a Xerox Product called DocuShare. The proble with this is by default guest …

2004- ext:txt “Final encryption IPSec debug/log data which contains user data and password hashes.Ca 11-28 key” used to crack password… 2004- inurl:report “EVEREST 11-20 Home Edition “

Well what can be said about this one, I’ve added it to the DB under Juicy info, however it coul…

2004- “Microsoft (R) Windows * This file spills a lot of juicy info… in some cases, passwords in the raw du 11-23 (TM) Version * DrWts… but not in an… 2004- intitle:”Apache::Status” 11-21 (inurl:server-s…

The Apache::Status returns information about the server software, opera system, number of c…

2004- intitle:”PhpMyExplorer” 11-18 inurl:”inde…

PhpMyExplorer is a PHP application that allows you to easily update you online without an…

2004filetype:myd myd -CVS 11-18

MySQL stores its data for each database in individual files with the exten MYD.An attacker …

2004- filetype:config 11-16 web.config -CVS

Through Web.config an IIS adminstrator can specify settings like custom error pages, authen…

2004filetype:ns1 ns1 11-16

Netstunbler files contain information about the wireless network. For a cleanup add stuff like:…

2004- ext:cgi inurl:editcgi.cgi 11-16 inurl:file=

This was inspired by the K-Otic report. Only two results at time of writing The cgi script let…

2004- filetype:pst pst -from -to Finds Outlook PST files which can contain emails, calendaring and addre 11-12 -date information…. 2004inurl:”putty.reg” 11-07

This registry dump contains putty saved session data. SSH servers the according usernames and p…

2004NoCatAuth configuration file. This reveals the configuration details of wi ext:conf NoCatAuth -cvs 11-07 gateway includi… 2004- “Certificate Practice 11-05 Statement” inurl:(…

Certificate Practice Statement (CPS)A CPS defines the measures taken to secure CA operation an…

2004- filetype:inf 11-05 inurl:capolicy.inf

The CAPolicy.inf file provides Certificate Servicces configuration informa which is read d…

filetype:php inurl:index 2004PHP iCalendar is a php-based iCal file parser. Its based on v2.0 of the IET inurl:phpicalendar -site: 10-31 spec. It displays … … 2004- intitle:”Web Server 10-31 Statistics for ****”

These are www analog webstat reports. The failure report shows informa leakage about databa…

2004- intitle:”AppServ Open 10-31 Project” -site:www…

AppServ is the Apache/PHP/MySQL open source software installer packa This normally includes…

2004- intitle:”Index of” upload Files uploaded through ftp by other people, sometimes you can find all s 10-24 size parent di… of things from mov… 2004inurl:log.nsf -gov 10-20

Domino is server technology which transforms Lotus Notes® in an Internet a…

2004ext:nsf nsf -gov -mil 10-20

Domino is server technology which transforms Lotus Notes® in an Internet a…

2004- intitle:”index.of *” admin With Compulive News you can enter the details of your news items onto 10-19 news.asp conf… webform and upload imag… 2004- inurl:cgi-bin/testcgi.exe 10-18 “Please distribute …

Test CGI by Lilikoi Software aids in the installation of the Ceilidh discussi engine for the …

2004- ext:mdb inurl:*.mdb 10-18 inurl:fpdb shop.mdb

The directory “http:/xxx/fpdb/” is the database folder used by some vers of Front…

2004ext:ini intext:env.ini 10-16

This one shows configuration files for various applications. based on the application an attack…

2004- “Installed Objects 10-16 Scanner” inurl:defaul…

Installed Objects Scanner makes it easy to test your IIS Webserver for installed components. In…

2004- intitle:”ASP Stats

ASP Stats Generator is a powerful ASP script to track web site activity. It

10-16 Generator *.*” “…

combines a server s…

2004This search will show the googler ODBC client configuration files which m inurl:odbc.ini ext:ini -cvs 10-09 contain usernames/d… 2004- intext:SQLiteManager 10-05 inurl:main.php

sQLiteManager is a tool Web multi-language of management of data bas SQLite. # Management of…

2004- +”:8080″ +”:3128″ 09-29 +”:80&q…

With the string [+”:8080″ +”:3128″ +”:80″ filetype:txt] it is pos…

2004inurl:/_layouts/settings 09-23

With the combined collaboration features of Windows SharePoint Service and SharePoint Portal S…

2004ext:ldif ldif 09-23

www.filext.com says LDIF = LDAP Data Interchange Format.LDAP is used nearly everything in o…

2004- filetype:pst 09-11 inurl:”outlook.pst”

All versions of the popular business groupware client called Outlook hav the possibility to st…

2004filetype:vcs vcs 09-22

Filext.com says: “Various programs use the *.VCS extension; too many t individually….

ext:log “Software: 2004Microsoft Internet 09-21 Informa…

Microsoft Internet Information Services (IIS) has log files that are normal not in the docroo…

2004- Lotus Domino address 09-18 books

This search will return any Lotus Domino address books which may be o to the public. This ca…

2004- filetype:asp DBQ=” * 09-18 Server.MapPath(“*.m…

This search finds sites using Microsoft Access databases, by looking for t the database conne…

2004- filetype:pdb pdb backup Hotsync database files can be found using “All databases on a Palm dev 09-10 (Pilot | Pluckerdb) including the o… 2004- filetype:xls 09-10 inurl:”email.xls”

Our forum members never get tired of finding juicy MS office files. Here’ one by urban that fi…

2004- filetype:pot 09-10 inurl:john.pot

John the Ripper is a popular cracking program every hacker knows. It’s results are stored in a …

2004- filetype:reg “Terminal 09-07 Server Client”

These are Microsoft Terminal Services connection settings registry files. may sometimes co…

2004filetype:rdp rdp 09-07

These are Remote Desktop Connection (rdp) files. They contain th settings and sometimes the cr…

2004inurl:snitz_forums_2000.mdb 09-07

The SnitzTM Forums 2000 Version 3.4.04 Installation Guide and Readme says: “it is strongl…

2004filetype:bkf bkf 09-06

This search will show backupfiles for xp/2000 machines.Of course these files could contain near…

2004filetype:qbb qbb 09-06

This search will show QuickBooks Bakup Files. Quickbook is financ accounting software so sto…

2004- ( filetype:mail | filetype:eml | 08-26 filetype:mbox | f…

storing emails in your webtree isnt a good idea.with this search go will show files contai…

2004Quicken data files 08-25

The QDATA.QDF file (found sometimes in zipped “QDATA” archives online, sometimes not)…

2004- “phone * * *” “address *” 08-19 &qu…

This search gives hounderd of existing curriculum vitae with name and adress. An attacker coul…

2004ext:asp inurl:pathto.asp 08-13

The UBB trial version contains files that are not safe to keep onlin after going live. The ins…

2004- filetype:xls -site:gov 08-09 inurl:contact

Microsoft Excel sheets containing contact information….

2004- mail filetype:csv -site:gov 08-09 intext:name

CSV Exported mail (user) names and such….

2004- intext:”Session Start * * * *:*:* These are IRC and a few AIM log files. They may contain juicy info 08-09 *” fil… just hours of good clean … 2004- (inurl:”robot.txt” | 08-09 inurl:”robots….

Webmasters wanting to exclude search engine robots from certain parts of their site often choos…

2004filetype:cfg auto_inst.cfg 08-05

Mandrake auto-install configuration files. These contain informatio about the installed packag…

2004filetype:fp7 fp7 08-05

These are Filemaker Pro version 7 databases files….

2004filetype:fp3 fp3 08-05

These are FileMaker Pro version 3 Databases….

2004- filetype:fp5 fp5 -site:gov 08-02 -site:mil -“cvs lo…

These are various kinds of FileMaker Pro Databases (*.fp5 applies both version 5 and 6)….

2004inurl:*db filetype:mdb 08-02

More Microsoft Access databases for your viewing pleasure. Resul may vary, but there have bee…

2004- “allow_call_time_pass_referenc Returns publically visible pages generated by the php function 08-02 e” “P… phpinfo(). This search differs f… 2004filetype:ora ora 08-01

Greetings, The *.ora files are configuration files for oracle clients. attacker can identify…

2004- intitle:”Index Of” -inurl:maillog This google search reveals all maillog files within various directori 07-28 maill… on a webserver. This se… 2004filetype:rdp rdp 09-07

These are Remote Desktop Connection (rdp) files. They contain th settings and sometimes the cr…

2004inurl:snitz_forums_2000.mdb 09-07

The SnitzTM Forums 2000 Version 3.4.04 Installation Guide and Readme says: “it is strongl…

2004filetype:bkf bkf 09-06

This search will show backupfiles for xp/2000 machines.Of course these files could contain near…

2004filetype:qbb qbb 09-06

This search will show QuickBooks Bakup Files. Quickbook is financ accounting software so sto…

2004- ( filetype:mail | filetype:eml | 08-26 filetype:mbox | f…

storing emails in your webtree isnt a good idea.with this search go will show files contai…

2004Quicken data files 08-25

The QDATA.QDF file (found sometimes in zipped “QDATA” archives online, sometimes not)…

2004- “phone * * *” “address *” 08-19 &qu…

This search gives hounderd of existing curriculum vitae with name and adress. An attacker coul…

2004ext:asp inurl:pathto.asp 08-13

The UBB trial version contains files that are not safe to keep onlin after going live. The ins…

2004- filetype:xls -site:gov 08-09 inurl:contact

Microsoft Excel sheets containing contact information….

2004- mail filetype:csv -site:gov 08-09 intext:name

CSV Exported mail (user) names and such….

2004- intext:”Session Start * * * *:*:* These are IRC and a few AIM log files. They may contain juicy info 08-09 *” fil… just hours of good clean … 2004- (inurl:”robot.txt” | 08-09 inurl:”robots….

Webmasters wanting to exclude search engine robots from certain parts of their site often choos…

2004filetype:cfg auto_inst.cfg 08-05

Mandrake auto-install configuration files. These contain informatio about the installed packag…

2004filetype:fp7 fp7 08-05

These are Filemaker Pro version 7 databases files….

2004filetype:fp3 fp3 08-05

These are FileMaker Pro version 3 Databases….

2004- filetype:fp5 fp5 -site:gov 08-02 -site:mil -“cvs lo…

These are various kinds of FileMaker Pro Databases (*.fp5 applies both version 5 and 6)….

2004inurl:*db filetype:mdb 08-02

More Microsoft Access databases for your viewing pleasure. Resul may vary, but there have bee…

2004- “allow_call_time_pass_referenc Returns publically visible pages generated by the php function 08-02 e” “P… phpinfo(). This search differs f… 2004filetype:ora ora 08-01

Greetings, The *.ora files are configuration files for oracle clients. attacker can identify…

2004- intitle:”Index Of” -inurl:maillog This google search reveals all maillog files within various directori 07-28 maill… on a webserver. This se… 2004- inurl:profiles 07-26 filetype:mdb

Microsoft Access databases containing (user) profiles …..

intext:(password | 2004passcode) intext: 07-26 (username | us…

CSV formatted files containing all sorts of user/password combinations. Results may vary, but a…

2004- intitle:”Index Of”

searches for cookies.txt file. On MANY servers this file holds all cookie

07-26 cookies.txt size

information, which ma…

2004- inurl:forum 07-26 filetype:mdb

Microsoft Access databases containing ‘forum’ information …..

2004- inurl:backup 07-26 filetype:mdb

Microsoft Access database backups…..

2004- data filetype:mdb 07-26 -site:gov -site:mil

Microsoft Access databases containing all kinds of ‘data’….

2004inurl:email filetype:mdb Microsoft Access databases containing email information….. 07-26 2004- intitle:”index of” +myd The MySQL data directory uses subdirectories for each database and 07-21 size common files for table stora… 2004“sets mode: +s” 07-19

This search reveals secret channels on IRC as revealed by IRC chat logs…

2004“sets mode: +p” 07-19

This search reveals private channels on IRC as revealed by IRC chat logs…

2004- inurl:ssl.conf 07-15 filetype:conf

The information contained in these files depends on the actual file itself. SSL.conf files cont…

2004private key files (.csr) 07-12

This search will find private key files… Private key files are supposed to b well… privat…

2004private key files (.key) 07-12

This search will find private key files… Private key files are supposed to b well… privat…

2004- exported email 07-12 addresses

Loads of user information including email addresses exported in comma separated file format (.c…

2004Welcome to ntop! 07-06

Ntop shows the current network usage. It displays a list of hosts that are currently using the …

2004- MySQL tabledata 07-06 dumps

sQL database dumps. LOTS of data in these. So much data, infact, I’m pressed to think of what e…

2004- Microsoft Money Data 07-02 Files

Microsoft Money 2004 provides a way to organize and manage your pers finances (http://www.m…

2004- OWA Public Folders 06-25 (direct view)

This search looks for Outlook Web Access Public Folders directly. These lin open public folde…

2004Unreal IRCd 07-06

Development of UnrealIRCd began in 1999. Unreal was created from the Dreamforge IRCd that was f…

2004- filetype:ctt ctt 06-22 messenger

MSN Messenger uses the file extension *.ctt when you export the contact An attacker could…

2004- 94FBR “ADOBE 06-10 PHOTOSHOP”

94FBR is part of many serials. An malicious user would only have to cha the programm name (p…

2004- inurl:forward 05-26 filetype:forward -cvs

Users on *nix boxes can forward their mail by placing a .forward file in t home directory. …

2004- intitle:”System Statistics” This search reveals internal network information including network 05-24 +”Syste… configuratino, ping times, s…

2004- inurl:”cacti” This search reveals internal network info including architecture, hosts a 05-24 +inurl:”graph_view.ph… services available…. 2004- inurl:”/cricket/grapher.cgi This search reveals information about internal networks, such as 05-24 ” configuration, services, bandw…

2004- intitle:”Big Sister” +”OK This search reveals Internal network status information about services a 05-24 Attention… hosts…. 2004- “Mecury Version” 05-18 “Infastructure Gro…

Mecury is a centralized ground control program for research satellites. T query simply loca…

2004inurl:php.ini filetype:ini 05-17

The php.ini file contains all the configuration for how PHP is parsed on a server. It can cont…

intitle:intranet 2004inurl:intranet 05-17 +intext:”phon…

These pages are often private intranet pages which contain phone listin and email addresses. …

2004- filetype:blt blt 05-14 +intext:screenname

Reveals AIM buddy lists, including screenname and who’s on their ‘budd list and their ‘blocke…

2004- filetype:log access.log 05-14 -CVS

These are http server access logs which contain all sorts of information ranging from usernames…

2004filetype:log cron.log 05-14

Displays logs from cron, the *nix automation daemon. Can be used to determine backups, full an…

2004filetype:lic lic intext:key 05-13

License files for various software titles that may contain contact info an the product version…

2004- intitle:”index of” This file contains port number, version number and path info to MySQL 05-13 mysql.conf OR mysql_c… server….

2004- filetype:eml eml These are oulook express email files which contain emails, with full hea 05-12 +intext:”Subject” +inte… The information … 2004- filetype:mbx mbx 05-11 intext:Subject

These searches reveal Outlook v 1-4 or Eudora mailbox files. Often thes are made public on pur…

2004filetype:wab wab 05-10

These are Microsoft Outlook Mail address books. The information contai will vary, but at the…

2004- “Request Details” 05-06 “Control Tree&quo…

These pages contain a great deal of information including path names, session ID’s, stack trace…

2004- “HTTP_FROM=googlebot” These pages contain trace information that was collected when the 05-06 googlebot.com &qu… googlebot crawled a page. The…

2004- filetype:conf inurl:firewall These are firewall configuration files. Although these are often example 05-05 -intitle:cvs sample files, in m… 2004- inurl:”smb.conf” 05-04 intext:”workgroup&…

These are samba configuration files. They include information a the network, trust relation…

2004- inurl:tdbin

This is the default directory for TestDirector

05-03

(http://www.mercuryinteractive.com/products/test…

2004- intext:”Tobias Oetiker” “traffic 05-03 an…

This is the MRTG traffic analysis pages. This page lists informatio about machines on the netw…

2004- inurl:server-info “Apache Server 04-28 Information&…

This is the Apache server-info program. There is so much sensiti stuff listed on this page th…

2004inurl:perl/printenv 04-28

This is the print environemnts script which lists sensitive inform such as path names, ser…

2004inurl:cgi-bin/printenv 04-28

This is the print environemnts script which lists sensitive inform such as path names, ser…

2004inurl:fcgi-bin/echo 04-28

This is the fastcgi echo script, which provides a great deal of information including port numb…

2004inurl:server-status “apache” 04-26

This page shows all sort of information about the Apache web server. It can be used to track pr…

2004“This is a Shareaza Node” 04-21

These pages are from Shareaza client programs. Various data is displayed including client versi…

2004“Running in Child mode” 04-21

This is a gnutella client that was picked up by google. There is a of data present includin…

2004allinurl:servlet/SnoopServlet 04-20

These pages reveal server information such as port, server softw version, server name, full …

2004- allinurl:/examples/jsp/snp/snoop.j These pages reveal information about the server including path 04-20 sp information, port information, e… 2004inurl:”newsletter/admin/” 04-16

These pages generally contain newsletter administration pages. Some of these site are password …

2004- inurl:”newsletter/admin/” 04-16 intitle:”…

These pages generally contain newsletter administration pages. Some of these site are password …

2004“Index of” / “chat/logs” 04-13

This search reveals chat logs. Depending on the contents of the logs, these files could contain…

2004- inurl:vbstats.php “page 04-08 generated”

This is your typical stats page listing referrers and top ips and su This information can ce…

2004“#mysql dump” filetype:sql 04-05

This reveals mySQL database dumps. These database dumps lis structure and content of datab…

2004intitle:index.of cleanup.log 04-05

This search reveals potential location for mailbox files by keying the Outlook Express clean…

2004intitle:index.of inbox dbx 04-05

This search reveals potential location for mailbox files. In some cases, the data in this direc…

2004intitle:index.of inbox 04-05

This search reveals potential location for mailbox files. In some cases, the data in this direc…

2004- “Host Vulnerability 03-30 Summary Report”

This search yeids host vulnerability scanner reports, revealing potential vulnerabilities on ho…

2004- “Network Vulnerability 03-30 Assessment Report”…

This search yeids vulnerability scanner reports, revealing potential vulnerabilities on hosts a…

2004- “Thank you for your 03-29 order” +receipt

After placing an order via the web, many sites provide a page containin phrase “Thank…

2004- “not for distribution” 03-29 confidential

The terms “not for distribution” and confidential indicate a sensitive document. Resu…

2004- inurl:changepassword.as This is a common script for changing passwords. Now, this doesn’t actu 03-24 p reveal the password,… 2004- “Most Submitted Forms 03-22 and Scripts” “…

More www statistics on the web. This one is very nice.. Lots of directory and client acce…

2004inurl:admin filetype:xls 03-16

This search can find Excel spreadsheets in an administrative directory o an administrative …

2004This search can find administrative login pages. Not a vulnerability in an intitle:admin intitle:login 03-14 itself, this que… 2004inurl:admin intitle:login 03-14

This search can find administrative login pages. Not a vulnerability in an itself, this que…

2004ws_ftp.ini is a configuration file for a popular FTP client that stores intitle:index.of ws_ftp.ini 03-04 usernames, (weakly) enc… 2004- intitle:index.of 03-04 dead.letter

dead.letter contains the contents of unfinished emails created on the UN platform. Emails (fi…

2004- intitle:index.of “Apache” This is a very basic string found on directory listing pages which show th 03-04 “server a… version of the Apac… 2004- intitle:”wbem” compaq 03-04 login “Compaq…

These devices are running HP Insight Management Agents for Servers w “provide device i…

2004- inurl:main.php Welcome From phpmyadmin.net : “phpMyAdmin is a tool written in PHP intended 03-04 to phpMyAdmin handle the administ… 2004- inurl:main.php 03-04 phpMyAdmin

From phpmyadmin.net : “phpMyAdmin is a tool written in PHP intended handle the administ…

2004- “phpMyAdmin” “running From phpmyadmin.net : “phpMyAdmin is a tool written in PHP intended 03-04 on” inur… handle the administ… 2004- “robots.txt” “Disallow:” 03-04 filet…

The robots.txt file serves as a set of instructions for web crawlers. The “disallow” …

2004- intitle:”Usage Statistics 03-04 for” “Gen…

The webalizer program shows web statistics for web servers. This information includes who is vi…

2004- intitle:”statistics of” 03-04 “advanced w…

the awstats program shows web statistics for web servers. This informa includes who is visi…

2004ipsec.conf 03-04

The ipsec.conf file could help hackers figure out what uber-secure users freeS/WAN are prote…

2004ipsec.secrets 03-04

from the manpage for ipsec_secrets: “It is vital that these secrets be protected. The file…

2004ipsec.secrets 03-04

from the manpage for ipsec_secrets: “It is vital that these secrets be protected. The file…

2004cgiirc.conf 03-04

This is another less reliable way of finding the cgiirc.config file. CGIIRC is a web-based IRC …

2004cgiirc.conf 03-04

CGIIRC is a web-based IRC client. Very cool stuff. The cgiirc.config file lists options for…

2004phpMyAdmin dumps 03-04

From phpmyadmin.net : “phpMyAdmin is a tool written in PHP intended to handle the administ…

2004phpMyAdmin dumps 03-04

From phpmyadmin.net : “phpMyAdmin is a tool written in PHP intended to handle the administ…

2003- mystuff.xml – Trillian 08-19 data files

This particular file contains web links that trillian users have entered into tool. Trillia…

2003I never really thought about this until I started coming up with juicy exam site:edu admin grades 07-10 for DEFCON 11….. 2003- haccess.ctl (VERY 06-30 reliable)

haccess.ctl is the frontpage(?) equivalent of the .htaccess file. Either way file decribe…

2003haccess.ctl (one way) 06-30

this is the frontpage(?) equivalent of htaccess, I believe. Anyhow, this file describes who can…

2003- “generated by 06-30 wwwstat”

More www statistics on the web. This one is very nice.. Lots of directory in and client acce…

2003Another web statistics package. This one originated from a google scan o “produced by getstats” 06-30 ivy league college… 2003- “This report was These are weblog-generated statistics for web sites… A roadmap of files, 06-27 generated by WebLog” referrers, errors, s… 2003robots.txt 06-27

The robots.txt file contains “rules” about where web spiders are allowed ( NOT all…

2004phpinfo() 11-18

this brings up sites with phpinfo(). There is SO much cool stuff in here tha you just have to …

2003AIM buddy lists 06-24

These searches bring up common names for AOL Instant Messenger “buddylists”. These li…

2003mt-db-pass.cgi files 06-24

These folks had the technical prowess to unpack the movable type files, b couldn’t manage to …

2003sQL data dumps 06-24

sQL database dumps. LOTS of data in these. So much data, infact, I’m pre to think of what e…

2003- Financial spreadsheets: “Hey! I have a great idea! Let’s put our finances on our website in a secre 06-24 finances.xls directory so …

2003- Financial spreadsheets: “Hey! I have a great idea! Let’s put our finances on our website in a secre 06-24 finance.xls directory so … 2003- ICQ chat logs, 06-24 please…

ICQ (http://www.icq.com) allows you to store the contents of your online ch into a file. The…

2003- Ganglia Cluster 06-24 Reports

These are server cluster reports, great for info gathering. Lesse, what were those server names…

2003- squid cache server 06-24 reports

These are squid server cache reports. Fairly benign, really except when yo consider using them…

2012inurl:finger.cgi 11-02

Finger Submitted by: Christy Philip Mathew…

2012- site*.*.*/webalizer Shows usage statistics of sites. Includes monthy reports on the IP 08-21 intitle:”Usage Statistics… addresses, user agents, and … 2006- intitle:r57shell +uname 05-04 -bbpress

compromised servers… a lot are dead links, but pages cached show interesting info, this is r5…

2006- “The statistics were last 05-03 updated” “…

Results include many varius Network activity logs…

2006- inurl:/counter/index.php 04-06 intitle:”+PHPCounter…

This is an online vulnerable web stat program called PHPCounter 7.http://www.clydebelt.org.uk/c…

2006- inurl:”NmConsole/Login.as Ipswitch Whats Up Monitoring 2005!This is a console for Network 03-13 p” | intitle:&q… Monitoring, access beyond the p…

2006- inurl:CrazyWWWBoard.cgi gives tons of private forum configuration information.examples: Globa 02-08 intext:”detailed debu… variables installed, wha… 2005inurl:ovcgi/jovw 12-31

An HP Java network management tool. It is a sign that a network may be configured properly….

2005- inurl:proxy | inurl:wpad Information about proxy servers, internal ip addresses and other netwo 12-21 ext:pac | ext:dat findpro… sensitive stuff…. inurl:webalizer 2005filetype:png -.gov -.edu 11-21 -.mil -op…

***WARNING: This search uses google images, disable images unless y want your IP spewed acros…

2005- intitle:”Retina Report” 10-26 “CONFIDENTI…

This googledork finds vulnerability reports produced by eEye Retina Security Scanner. The info…

2005- “Shadow Security Scanner This is a googledork to find vulnerability reports produced by Shadow 10-26 performed a vulnerab… Security Scanner. They c… 2005- “The following report 10-26 contains confidential i…

This googledork reveals vunerability reports from many different vendo These reports can co…

2005inurl:status.cgi?host=all 10-04

Nagios Status page. See what ports are being monitored as well as ip addresses.Be sure to check…

2005inurl:login.jsp.bak 09-30

JSP programmer anyone? You can read this!…

2005- intitle:”Belarc Advisor

People who have foolishly published an audit of their machine(s) on th

02-15 Current Profile”…

with some server in…

2005- “Traffic Analysis for” 03-05 “RMON Port *…

List of RMON ports produced by MRTG which is a network traffic analys tool. See also #198…

2005- “powered | performed by 02-03 Beyond Security’s Aut…

This search finds Beyond Security reports. Beyond Security sells a box which performs automated…

2004- intitle:”PHPBTTracker 12-30 Statistics” | inti…

This query shows pages which summarise activity on PHPBT-powered BitTorrent trackers – all the …

2004This query shows pages which summarise activity on BNBT-powered intitle:”BNBT Tracker Info” 12-30 BitTorrent trackers – including…

2004- intitle:”Azureus : Java BitTorrent This query shows machines using the Azureus BitTorrent client’s b 12-30 Client Tra… in tracker – the pages ar… 2004inurl:”install/install.php” 12-29

This searches for the install.php file. Most results will be a Bulletin board like Phpbb etc.T…

2004- intext:”Welcome to the Web 12-07 V.Networks” i…

see and control JVC webcameras, you can move the camera, zoom change the settings, etc…….

2004- intitle:”start.managing.the.devi MCK Communications, Inc.PBXgatewayIIHigh density central site 12-10 ce” remo… gateway for remote PBX access(MCK… 2004ext:cfg radius.cfg 12-06

“Radiator is a highly configurable and flexible Radius server that supports authentication…

2004- filetype:php inurl:ipinfo.php 12-07 “Distributed In…

Dshield is a distributed intrusion detection system. The ipinfo.php script includes a whois loo…

2004- inurl:”sitescope.html” 12-03 intitle:”sit…

Mercury SiteScope designed to ensure the availability and performance of distributed IT infrast…

2004- intitle:”twiki” 12-02 inurl:”TWikiUsers&q…

TWiki has many security problems, depeding on the version insta TWiki, is a flexible, powe…

2004- “Phorum Admin” “Database 11-28 Connection…

Phorum admin pagesThis either shows Information leakage (path or it shows Unprotected Adm…

2004- “Output produced by SysWatch sysWatch is a CGI to display current information about your UNIX 11-28 *” system. It can display drive p… 2004inurl:testcgi xitami 11-28

Testpage / webserver environmentThis is the test cgi for xitami webserver. It shows the webserv…

2004- filetype:log 11-28 intext:”ConnectionManager2″

ISDNPM 3.x for OS/2-Dialer log files.These files contain sensitive i like ip addresses, phon…

2004- intitle:”sysinfo * ” 11-12 intext:”Genera…

Lots of information leakage on these pages about active network services, server info, network …

2004- inurl:portscan.php “from 11-12 Port”|”Por…

This is general search for online port scanners which accept any I does not find a specifi…

2004inurl:/adm-cfgedit.php 11-07

PhotoPost Pro is photo gallery system. This dork finds its installati page.You can use this p…

2004inurl:webutil.pl 11-07

webutil.pl is a web interface to the following services:* ping* traceroute* whois* finger* nslo…

2004inurl:statrep.nsf -gov 10-20

Domino is server technology which transforms Lotus NotesÂà into an Internet a…

2004- inurl:/cgi-bin/finger? “In real 10-19 life”

The finger command on unix displays information about the syste users. This search displays pr…

2004- inurl:/cgi-bin/finger? Enter 10-19 (account|host|user|us…

The finger command on unix displays information about the syste users. This search displays th…

2004- filetype:php inurl:nqt 10-18 intext:”Network Query …

Network Query Tool enables any Internet user to scan network information using:* Resolve/Revers…

2004- inurl:”map.asp?” 10-05 intitle:”WhatsUp G…

“WhatsUp Gold’s new SNMP Viewer tool enables Area-Wide to easily trac variables associate…

2004- ext:cgi intext:”nrg-” ” 09-29 This web pa…

NRG is a system for maintaining and visualizing network data and other resource utilization dat…

2004- ((inurl:ifgraph “Page 09-29 generated at”) OR …

ifGraph is a set of perl scripts that were created to fetch data from SNMP agents and feed a RR…

2004- inurl:”/catalog.nsf” 09-10 intitle:catalog

This will return servers which are running versions of Lotus Domino. The catalog.nsf is the ser…

“Powered by 2004phpOpenTracker” 09-21 Statistics

phpOpenTracker is a framework solution for the analysis of website traffi and visitor analysis…

site:netcraft.com 2004Netcraft reports a site’s operating system, web server, and netblock own intitle:That.Site.Running 09-21 together with, if av… Apache 2004- “this proxy is working 08-13 fine!” “ente…

These are test pages for some proxy program. Some have a text field th allows you to use that…

2004“apricot – admin” 00h 07-29

This search shows the webserver access stats as the user “admin”. The language used i…

“by Reimar Hoven. All 2006Rights Reserved. 04-15 Discla…

dork: “by Reimar Hoven. All Rights Reserved. Disclaimer” | inurl:”log/logdb.dta&…

2004- intitle:”Microsoft Site 07-16 Server Analysis”

Microsoft discontinued Site Server and Site Server Commerce Edition on June 1, 2001 with the in…

2004- Analysis Console for 07-12 Incident Databases

ACID stands for for “Analysis Console for Incident Databases”. It is a php frontend f…

2004Looking Glass 06-22

A Looking Glass is a CGI script for viewing results of simple queries exec on remote router…

2004- “Version Info” “Boot 06-04 Version” …

This is the status page for a Belkin Cable/DSL gateway. Information can retrieved from this …

2004- intitle:”ADSL 06-04 Configuration page”

This is the status screen for the Solwise ADSL modem. Information avail from this page incl…

2004- filetype:vsd vsd network Reveals network maps (or any other kind you seek) that can provide 05-13 -samples -examples sensitive information such a… 2004- filetype:pdf “Assessment These are reports from the Nessus Vulnerability Scanner. These report 05-03 Report” nessus contain detailed informat… inurl:phpSysInfo/ 2004“created by 04-16 phpsysinfo”…

This statistics program allows the an admin to view stats about a webse Some sites leave t…

2004“SnortSnarf alert page” 04-16

snort is an intrusion detection system. SnorfSnarf creates pretty web pa from intrusion dete…

2004- “Network Host This search yeids ISS scan reports, revealing potential vulnerabilities on 03-30 Assessment Report” “I… hosts and networks. … 2004- “This report lists” 03-30 “identified by …

This search yeids ISS scan reports, revealing potential vulnerabilities on hosts and networks. …

201 typo3 passwords 4inurl:typo3conf/localconf.php 0407 201 4inurl:/backup intitle:index of 03- backup intext:*sql 31

Bruno Schmid …

Google Search:https://www.google.com/search? client=opera&q=admin+username+and+pass&sour…

201 3Passwords for Java Management Extensions (JMX Remote) Used by filetype:password jmxremote 11jconsole, Eclipse’s MAT, Java Vi… 25 201 3ext:sql intext:@gmail.com 11- intext:password 25

author:haji …

201 3site:github.com inurl:sftp11- config.json 25

Find disclosed FTP login credentials in github repositories Credit: RogueCoder…

201 3site:github.com inurl:sftp11- config.json intext:/wp-… 25

Finds disclosed ftp FTP for WordPress installs, which have been pushe a public repo on GitH…

201 3“BEGIN RSA PRIVATE KEY” 09- filetype:key -gi… 24

To find private RSA Private SSL Keys …

201 3filetype:sql insite:pass && 04- user 22

Google Dork: filetype:sql insite:pass && user We Can get login userna and password…

201 3ext:sql intext:@hotmail.com 04- intext :password 09

By , NItish Mehta , www.illuminativeworks.com/blog https://www.facebook.com/illuminativework…

201 3filetype:config 04- inurl:web.config inurl:ftp 09

This google dork to find sensitive information of MySqlServer , “uid, a password” …

201 3filetype:inc OR filetype:bak 02- OR filetype:old mysql… 05

Aggregates previous mysql_(p)connect google dorks and adds a new filetype. Searches common fil…

201 3ext:xml (“proto=’prpl-‘” | 02- “prpl-ya… 05

*Google Search:* https://www.google.com/search?q=ext:xml %20(%22proto=’prpl-‘%22%20|%20%22prp…

201 2allinurl:”User_info/auth_user_ Google dork for find user info and configuration password of DCForum 11- file.txt” allinurl:”User_info/… 05 201 2inurl:”/dbman/default.pass” 1102

A path to a DES encrypted password for DBMan ( http://www.gossam threads.com/products/archiv…

201 2“parent directory” 11- proftpdpasswd intitle… 02

This dork is based on this: http://www.exploit-db.com/ghdb/1212/ but improved cause that is u…

201 2filetype:xls “username | 11- password” 02

filetype:xls “username | password” This search reveals usernames an passwords of …

201 ext:xml 2(“mode_passive”|”mode_defa OffSec: So the dork is: ext:xml (“mode_passive”|”mode_default”) Th… 11u… 02 201 2intext:charset_test= email= 08- default_persistent= 21 201 inurl:”passes” OR

find facebook email and password



Hack the $cr1pt kiddies. There are a lot of Phishing pages hosted on

20821

inurl:”passwords&…

201 2filetype:cfg “radius” (pass| 05- passwd|passw… 15

internet , this dork wi…

Find config files with radius configs and passwords and secrets… Lov Bastich …

2011- (username=* | username:* |) | 12-27 ( ((password=* | pas…

Logged username, passwords, hashes Author: GhOsT-PR …

2011filetype:sql inurl:wp-content/backup-* 12-14

Search for WordPress MySQL database backup. Author: AngelParrot …

2011“My RoboForm Data” “index of” 12-12

This dork looks for Roboform password files. Author: Robe McCurdy …

2011inurl:”/Application Data/Filezilla/*” OR… this dork locates files containing ftp passwords … 11-19

2011- filetype:php~ (pass|passwd|password| Backup or temp versions of php files containing you gues 10-11 dbpass|db_pass… it passwords or other ripe for the… 2011inurl:ftp “password” filetype:xls 09-26

this string may be used to find many low hanging fruit on sites recently indexed by google….

2011- filetype:sql “phpmyAdmin SQL Dump” 06-28 (pass…

phpMyAdmin SQL dump with passwords Bastich …

2011- filetype:sql “MySQL dump” (pass| 06-28 password…

MySQL database dump with passwords Bastich …

2011- filetype:sql “PostgreSQL database 06-28 dump” …

PostgreSQL database dump with passwords Bastich …

2011- filetype:ini “[FFFTP]” (pass|passwd| 04-18 pass…

Asian FTP software -, run the password hash through John Author: Bastich …

2011- filetype:ini “FtpInBackground” (pass| 04-18 pas…

Total commander wxc_ftp.ini run has through John etc. or better use http://wcxftp.org.ru/…

2011- filetype:ini “precurio” (pass|passwd| 04-18 pas…

plain text passwods …

2011- filetype:ini “SavedPasswords” (pass| 04-18 pass…

Unreal Tournament config, plain text passwords Author: Bastich …

2011- filetype:ini “pdo_mysql” (pass|passwd| full details dbname dbuser dbpass all plain text 04-18 pa… Author:Bastich … 2011inurl:web/frontend_dev.php -trunk 01-09

Google search for web site build with symfony framework in development environment. In …

2011- inurl:config/databases.yml -trac -trunk 01-09 -“Goo…

Google search for web site build with symfony framework This file contains the login / passwo…

2010inurl:-cfg intext:”enable password” 11-10

Google search for Cisco config files (some variants below) inurl:router-confg inurl:-confg…

2006“login: *” “password: *” filet… 09-06

This returns xls files containing login names and password works by showing all the xls fi…

2006ext:php intext:”$dbms””$dbhost”… 08-10

Hacking a phpBB forum. Here you can gather the mySQL connection information for their forum dat…

2006inurl:”calendarscript/users.txt” 03-21

CalenderScript is an overpriced online calender system written in perl. The passwords are encry…

2006- filetype:sql “insert into” (pass| Looks for SQL dumps containing cleartext or encrypted passwords… 03-06 passwd|…

2006- filetype:reg reg +intext:âà This can be used to get encoded vnc passwords which can otherwis 02-05 ¢â€šÂ¬Ã… obtained by a local regist… 2006- ext:asa | ext:bak intext:uid 01-02 intext:pwd -“uid…

search for plaintext database credentials in ASA and BAK files….

2006- enable password | secret 01-02 “current configurati…

Another Cisco configuration search. This one is cleaner, gives comp configuration files and…

2006- ext:passwd -intext:the 01-02 -sample -example

Various encrypted passwords, some plaintext passwords and some private keys are revealed by thi…

2006- inurl:”editor/list.asp” | 01-02 inurl:”da…

This search finds CLEARTEXT usernames/passwords for the Results Database Editor. The log in po…

2006filetype:bak createobject sa 01-01

This query searches for files that have been renamed to a .bak extension (obviously), but inclu…

2005- inurl:ventrilo_srv.ini 12-19 adminpassword

This search reveals the ventrilo (voice communication program use many online gamers) passw…

2005- “parent directory” 11-30 +proftpdpasswd

User names and password hashes from web server backups genera by cpanel for ProFTPd. Passwo…

2005Ruby on Rails is a MVC full-stack framework for development of we ext:yml database inurl:config 11-14 applications. There’s a conf… 2005inurl:”Sites.dat”+”PASS=” 11-03

FlashFXP has the ability to import a Sites.dat file into its current Sites.dat file, using this…

2005server-dbs “intitle:index of” 10-30

Yes, people actually post their teamspeak servers on websites. Just for the words superadm…

2005- inurl:/yabb/Members/Admin.d This search will show you the Administrator password (very first lin 09-28 at YaBB forums whose own… 2005- “admin account info” 09-25 filetype:log

searches for logs containing admin server account information such username and password….

2005- “your password is” 09-24 filetype:log

This search finds log files containing the phrase (Your password is). These files often contain…

2005intitle:rapidshare intext:login Rapidshare login passwords…. 09-18 2005intext:”enable password 7″ 09-13

some people are that stupid to keep their Cisco routers config files site. You can easly fin…

2005filetype:dat inurl:Sites.dat 09-13

If you want to find out FTP passwords from FlashFXP Client, just typ this query in google and …

2005ext:inc “pwd=” “UID=” 08-31

Database connection strings including passwords…

2005- [WFClient] Password= 07-27 filetype:ica

The WinFrame-Client infos needed by users to connect toCitrix Application Servers (e.g. Metafra…

2005- inurl:cgi-bin 06-24 inurl:calendar.cfg

CGI Calendar (Perl) configuration file reveals information including passwords for the program….

2005- intitle:”phpinfo()” 06-05 +”mysql.default…

This will look throught default phpinfo pages for ones that have a defau mysql password….

2005inurl:pass.dat 06-04

Accesses passwords mostly in cgibin but not all the timeCan find passw + usernames (sometim…

2005- inurl:perform.ini 06-06 filetype:ini

mIRC Passwords For Nicks & Channels in channel\[chanfolder] section o mirc.ini you can fin…

2005- intext:”powered by 05-11 EZGuestbook”

HTMLJunction EZGuestbook is prone to a database disclosure vulnerabi Remote users may down…

2005- inurl:server.cfg rcon 05-06 password

Counter strike rcon passwords, saved in the server.cfg….

!Host=*.* 2005some people actually keep their VPN profiles on the internet…omg… Sim intext:enc_UserPassword 05-02 donwload the pcf f… =* ext:pcf wwwboard WebAdmin 2005inurl:passwd.txt 03-28 wwwboard|webad…

This is a filtered version of previous ‘inurl:passwd’ searches, focusing on WWWBoard [1]. Ther…

2005filetype:inf sysprep 03-20

sysprep is used to drive unanttended MS Windows installations. The file contain all informatio…

2005the unattend.txt is used to drive unanttended MS Windows installations ext:txt inurl:unattend.txt 03-20 The files contain all i… filetype:sql 2005("passwd 02-23 values" | …

Find insert statements where the field (or table name) preceding the operator VALUES will be ‘…

2005- filetype:sql (“values * 02-23 MD5” | “val…

Locate insert statements making use of some builtin function to encryp password. PASSWORD(),…

2005- intitle:”Index of” 02-10 sc_serv.conf sc_serv …

This dork lists sc_serv.conf files. These files contain information for Shoutcast servers and o…

2005- “Powered by Link 02-15 Department”

Link management script with advanced yet easy to use admin control panel, fully template driven…

"Powered by 2005DUpaypal" 02-07 -site:duwa…

Here is another DUware product, DUpaypal. Once you get hold of the database it contains the adm…

filetype:inc 2005mysql_connect OR 02-09 mysql_pconnect

INC files have PHP code within them that contain unencrypted usernam passwords, and addresse…

2005- ext:ini Version=4.0.0.4 01-27 password

The servU FTP Daemon ini file contains setting and session information including usernames, pas…

2004ext:ini eudora.ini 12-19

Well, this is the configuration file for Eudora…may contain sensitive information like pop se…

2004- intext:”powered by Web 12-13 Wiz Journal”

Web Wiz Journal ASP Blog. The MDB database is mostly unprotected an can be downloaded directly…

2004inurl:filezilla.xml -cvs 12-02

filezilla.xml contains Sites,Logins and crypted Passwords of ftp connecti made with the open…

2004- inurl:”GRC.DAT” symantec Norton Anti-Virus Corporate Edition data file containing encrypte 11-28 intext:”password&qu… passwords…. 2004- filetype:log “See 11-28 `ipsec –copyright”

BARF log filesMan page:Barf outputs (on standard output) a collection of debugging information …

“powered by 2004dudownload” 11-23 -site:duware.com

Most duware products use Microsoft Access databases in default locations without instructing th…

intitle:dupics inurl: 2004Most duware products use Microsoft Access databases in default locations (add.asp | default.asp 11-23 without instructing th… | view… “powered by 2004duclassmate” 11-23 -site:duware.co…

Most duware products use Microsoft Access databases in default locations without instructing th…

“Powered by 2004Duclassified” 11-23 -site:duware.c…

Most duware products use Microsoft Access databases in default locations without instructing th…

“Powered by 2004Dudirectory” 11-23 -site:duware.co…

Most duware products use Microsoft Access databases in default locations without instructing th…

“Powered by 2004Duclassified” 11-23 -site:duware.c…

Most duware products use Microsoft Access databases in default locations without instructing th…

“powered by 2004ducalendar” 11-23 -site:duware.com

Most duware products use Microsoft Access databases in default locations without instructing th…

2004- intext:”enable secret 5 sometimes people make mistakes and post their cisco configs on “help site

11-16 $”

and don’t…

2004- “liveice configuration 11-08 file” ext:cfg -si…

This finds the liveice.cfg file which contains all configuration data for an Ice server. P…

2004- filetype:ini inurl:”serv- serv-U is a ftp/administration server for Windows. This file leaks info about 11-06 u.ini” version, user…

2004linux vpns store there usernames and passwords for PAP authentification in inurl:pap-secrets -cvs 11-06 file called “… 2004linux vpns store their usernames and passwords for CHAP authentification inurl:chap-secrets -cvs 11-06 file called “… 2004- filetype:ini 10-10 inurl:flashFXP.ini

FlashFXP offers the easiest and fastest way to transfer any file using FTP, providing an except…

2004- “Powered By Elite 09-24 Forum Version *.*”

Elite forums is one of those Microsoft Access .mdb file based forums. This o is particularly …

2004Web Wiz Forums is a free ASP Bulletin Board software package. It uses a filetype:mdb wwforum 09-24 Microsoft Access databa… 2004- “index of/” “ws_ftp.ini” This search is a cleanup of a previous entry by J0hnny. It uses “parent 09-17 “… directory” to… filetype:config config 2004intext:appSettings 09-16 “Us…

These files generally contain configuration information for a .Net Web Application. Things like…

2004filetype:ini wcx_ftp 08-25

This searches for Total commander FTP passwords (encrypted) in a file calle wcx_ftp.ini. Only …

2004- LeapFTP intitle:”index.of./” 08-20 sites.ini m…

The LeapFTP client configuration file “sites.ini” holds the login credentials for tho…

2004filetype:conf oekakibbs 08-16

Oekakibss is a japanese anime creation application. The config tells an attacker the encry…

2004“http://*:*@www” domainname 08-14

This is a query to get inline passwords from search engines (no Google), you must type in…

2004- filetype:bak inurl:”htaccess| 08-14 passwd|shadow|ht…

This will search for backup files (*.bak) created by some editors even by the administrator …

2004inurl:/db/main.mdb 08-13

ASP-Nuke database file containing passwords.This search goes the direct location and has fe…

2004inurl:nuke filetype:sql 08-10

This search reveals database dumps that most likely relate to t php-nuke or postnuke content …

2004filetype:ini ServUDaemon 08-06

The servU FTP Daemon ini file contains setting and session information including usernames, pas…

2004filetype:pass pass intext:userid 08-06

Generally, these are dbman password files. They are not clearte but still allow an attacker …

2004This searches the password for “Website Access Analyzer”, a “AutoCreate=TRUE password=*” 08-05 Japanese software that cr… 2004inurl:/wwwboard 08-01

The software wwwboard stores its passwords in a file called “passwd.txt”.An attacker …

2004filetype:pwl pwl 07-29

These are Windows Password List files and have been known to easy to crack since the release…

2004- “# -FrontPage-” ext:pwd inurl: 07-26 (service |…

Frontpage.. very nice clean search results listing !!No further comments required..changelog:22…

2004“sets mode: +k” 07-19

This search reveals channel keys (passwords) on IRC as reveale from IRC chat logs….

2004- intitle:”Index of” passwords 07-16 modified

These directories are named “password.” I wonder what you m find in here. Warning…

2004- inurl:lilo.conf filetype:conf 07-16 password -tatercount…

LILO is a general purpose boot manager that can be used to bo multiple operating systems, inc…

2004NickServ registration passwords 07-12

NickServ allows you to “register” a nickname (on some IRC networks) and prevent other…

2004psyBNC config files 07-06

psyBNC is an IRC-Bouncer with many features. It compiles on Li FreeBSD, SunOs and Solaris. …

2004filetype:mdb inurl:users.mdb 06-16

Everyone has this problem, we need to remember many passw to access the resources we use. S…

2004inurl:ccbill filetype:log 06-18

CCBill.com sells E-tickets to online entertainment and subscript based websites. CCBill.com …

2004- inurl:ospfd.conf intext:password 06-10 -sample -test -tu…

GNU Zebra is free software that manages TCP/IP based routing protocols. It supports BGP-4 proto…

inurl:zebra.conf 2004GNU Zebra is free software that manages TCP/IP based routing protocols. intext:password -sample 06-10 supports BGP-4 prot… -test -tu… 2004filetype:pwd service 06-10

Microsoft Frontpage extensions appear on virtually every type of scanner the late 90’s peop…

2004filetype:sql password 06-04

Database maintenance is often automated by use of .sql files that contai many lines of batched…

2004- filetype:sql 06-04 +”IDENTIFIED BY” -cvs

Database maintenance is often automated by use of .sql files wich may contain many lines of bat…

2004filetype:ldb admin 06-02

According to filext.com, the ldb file is “A lock file is used to keep muti-use databases …

2004- filetype:cfg mrtg Mrtg.cfg is the configuration file for polling SNMP enabled devices. The 06-02 “target[*]” -sample -c… community string (ofte… 2004filetype:dat wand.dat 05-27

The world-famous web-browser Opera has the ability to save the passwo for you, and it call th…

2004- signin filetype:url

Javascript for user validation is a bad idea as it shows cleartext user/pass

05-26

combos. There is …

2004The .netrc file is used for automatic login to servers. The passwords are filetype:netrc password 05-26 stored in cleartext…. 2004filetype:ini ws_ftp pwd 05-26

The encryption method used in WS_FTP is _extremely_ weak. These files be found with the &qu…

2004- inurl:”slapd.conf” 05-25 intext:”rootpw&q…

slapd.conf is the configuration file for slapd, the opensource LDAP deamo You can view a clea…

2004- inurl:”slapd.conf” 05-25 intext:”credenti…

slapd.conf is the configuration file for slapd, the opensource LDAP deamo The key “crede…

2004filetype:inc dbconn 05-26

This file contains the username and password the website uses to conne the db. Lots of th…

2004- inurl:”wvdial.conf” 05-24 intext:”passwor…

The wvdial.conf is used for dialup connections.it contains phone numbers usernames and passwor…

2004- filetype:pem 05-17 intext:private

This search will find private key files… Private key files are supposed to b well… privat…

2004slapd.conf is the file that contains all the configuration for OpenLDAP, filetype:conf slapd.conf 05-17 including the root pas… 2004- filetype:dat 05-17 “password.dat”

This file contains plaintext usernames and password. Deadly information the hands of an atta…

2004- filetype:log 05-13 inurl:”password.log”

These files contain cleartext usernames and passwords, as well as the sit associated with tho…

filetype:url 2004+inurl:”ftp://” 05-12 +inurl:&qu…

These are FTP Bookmarks, some of which contain plaintext login names a passwords….

2004- inurl:vtund.conf 05-12 intext:pass -cvs

Theses are vtund configuration files (http://vtun.sourceforge.net). Vtund encrypted tunne…

filetype:reg reg 2004HKEY_CURRENT_USER 05-11 SSHHOSTKEYS

This search reveals SSH host key fro the Windows Registry. These fi contain information abou…

filetype:reg reg 2004These pages display windows registry keys which reveal passwords +intext:”defaultusername&qu 05-07 and/or usernames…. o… 2004- filetype:inc 05-05 intext:mysql_connect

INC files have PHP code within them that contain unencrypted usernames, passwords, and addresse…

2004- filetype:properties inurl:db 05-04 intext:password

The db.properties file contains usernames, decrypted passwords an even hostnames and ip addres…

2004- intitle:”index of” 05-03 intext:globals.inc

contains plaintext user/pass for mysql database…

2004inurl:perform filetype:ini 05-03

Displays the perform.ini file used by the popular irc client mIRC. Of times has channel pass…

2004- intitle:”index of” 04-26 intext:connect.inc

These files often contain usernames and passwords for connection mysql databases. In many ca…

2004eggdrop filetype:user user 04-26

These are eggdrop config files. Avoiding a full-blown descussion ab eggdrops and IRC bots, s…

2004- filetype:cfm “cfapplication 04-19 name” passwo…

These files contain ColdFusion source code. In some cases, the pag are examples that are foun…

2004allinurl: admin mdb 04-16

Not all of these pages are administrator’s access databases contain usernames, passwords and…

2004intitle:Index.of etc shadow 03-04

This file contains usernames and (lame) encrypted passwords! Arm with this file and a decent …

2004- inurl:secring ext:skr | ext:pgp This file is the secret keyring for PGP encryption. Armed with this fi 03-04 | ext:bak (and perhaps a passphr… 2004- intitle:index.of 03-04 administrators.pwd

This file contains administrative user names and (weakly) encrypte password for Microsoft Fron…

2004htpasswd 03-04

This is a nifty way to find htpasswd files. Htpasswd files contain usernames and crackable pass…

2004passlist.txt (a better way) 01-23

Cleartext passwords. No decryption required!…

2003trillian.ini 08-19

Trillian pulls together all sort of messaging clients like AIM MSN, Yah IRC, ICQ, etc. The v…

2003- inurl:config.php dbuname 07-29 dbpass

The old config.php script. This puppy should be held very closely. It should never be viewable …

2003auth_user_file.txt 07-11

DCForum’s password file. This file gives a list of (crackable) passwo usernames and email a…

2003- filetype:xls username 06-30 password email

This search shows Microsoft Excel spreadsheets containing the wor username, password and emai…

2003etc (index.of) 06-27

This search gets you access to the etc directory, where many many many types of password files …

2003passlist 06-27

I’m not sure what uses this, but the passlist and passlist.txt files contain passwords in CLEAR…

2003config.php 06-24

This search brings up sites with “config.php” files. To skip the technical discussion…

2003passwd / etc (reliable) 06-24

There’s nothing that defines a googleDork more than getting your PASSWORDS grabbed by Google fo…

2003spwd.db / passwd 06-24

There’s nothing that defines a googleDork more than getting your PASSWORDS grabbed by Google fo…

2003htpasswd / htgroup 06-24

There’s nothing that defines a googleDork more than getting your PASSWORDS grabbed by Google fo…

2003There’s nothing that defines a googleDork more than getting your htpasswd / htpasswd.bak 06-24 PASSWORDS grabbed by Google fo… 2003pwd.db 06-24

There’s nothing that defines a googleDork more than getting your PASSWORDS grabbed by Google fo…

2003master.passwd 06-24

There’s nothing that defines a googleDork more than getting your PASSWORDS grabbed by Google fo…

2003passwd 06-24

There’s nothing that defines a googleDork more than getting your PASSWORDS grabbed by Google fo…

2003people.lst 06-24

*sigh*…

2003- intitle:index.of PGP is a great encryption technology. It keeps secrets safe. Everyone fro 06-24 intext:”secring.skr”|&q… drug lords to the he… 2003mysql history files 06-24

The .mysql_history file contains commands that were performed agains mysql database. A “…

2014intitle:”Zimbra Web Client Log In” 04-21

Open Source Zimbra Webmail Login pages …

2014intitle:”Zimbra Web Client Sign In” 04-21

Open Source Zimbra Webmail Login pages …

2014inurl:typo3/install/index.php?mode= 04-07

typo3 install logins Bruno Schmid …

2014inurl:”Citrix/XenApp/auth/login.aspx” 03-31

Finds login portals for Citrix XenApp. – Andy G – twitter.com/vxhex …

2014intitle:Admin inurl:login.php site:.co.in 02-28

dork submitted by M4RKM3N aka Osama Mahmood revels admin login panels of sites …

2014allinurl:”zimbra/?zinitmode=http” -googl… 02-05

zimbra webmail login page lookup allinurl:”zimbra/ zinitmode=http” -google -github …

2014allinurl:”/main/auth/profile.php” -githu… 01-03

[+] This dork will help you find Chamilo login porta Depending on the version, the site co…

2013inurl:/administrator/index.php?autologin=1 12-03

Title: google hacking username and password of jo Google Dork: inurl:/administrator/index….

2013“inurl:/data/nanoadmin.php” 11-25

Hi, I would like to submit this GHDB which allow to out nanoCMS administration pages :…

2013inurl:”/jenkins/login” “Page genera… 11-25

Finds login pages for Jenkins continuous integration servers. – Andy G – twitter.com/vxhex …

2013- inurl:”/module.php/core/loginuserpass.php&qu Finds SimpleSAMLphp login pages. – Andy G – 11-25 o… twitter.com/vxhex … 2013allinurl:”owa/auth/logon.aspx” -google -… 11-25

[+] Description – Find OWA login portals Regards, necrodamus http://www.twitter.com/ne…

2013intitle:”Comrex ACCESS Rack” 09-24

IP Codecs offering “studio quality audio and video o wired and wireless IP circuits&qu…

2013- inurl:phpmyadmin/index.php & 08-08 (intext:username …

#Summary: PHP Admin login portals #Author: g00g 5c0u7 …

2013intitle:”::: Login :::” & intext:&qu… 08-08

#Summary: Surveillance login portals #Author: g0 5c0u7 …

2013inurl:8080 intitle:”login” intext:”… 08-08

#Summary: VoIP login portals #Category: Pages containing login portals #Author: g00gl3 5c0u7 …

2013- intitle:”WebMail | Powered by Winmail Server 08-08 …

#Summary: Winmail login portals #Author: g00gl3 5c0u7 …

2013intitle:”Login – OTRS” inurl:pl 08-08

#Summary: OTRS login portals #Author: g00gl3 5c …

2013inurl:”/secure/login.aspx” 08-08

#Summary: Several Web Pages Login Portal #Cate Pages containing login portals #Author: g…

2013- intext:”I’m using a public or shared 08-08 computer…

#Summary: Windows Business Server 2003 Login portal #Category: Pages containing login portals …

2013- intitle:”.:: Welcome to the 08-08 Web-Based Configu…

#Summary: ZyXEL router login portal #Category: Pages containing lo portals #Author: g00gl3…

2013- intitle:”Internet Security 08-08 Appliance” &a…

#Summary: ZyWall Firewall login portal #Category: Various Online Devices #Author: g00gl3 5c0u…

2013- inurl:5000/webman/index.c Synology nas login … 08-08 gi 2013- “Welcome to phpMyAdmin” Finds cPanel login pages. – Andy G – twitter.com/vxhex … 08-08 + “Username… 2013- inurl:/secure/Dashboard.jsp Finds login pages and system dashboards for Atlassian’s JIRA. – Andy 08-08 a intitle:”System … twitter.com/vxhex … 2013- intitle:”Cisco Integrated 08-08 Management Controll…

intitle:”Cisco Integrated Management Controller Login” The Cisco Integrated Manage…

2013inurl:”dasdec/dasdec.csp” 08-08

inurl:”dasdec/dasdec.csp” DASDEC II Emergency Alert System User Manual: http://www….

2013- intitle:”VNC Viewer for 08-08 Java”

VNC Viewer for Java ~4N6 Security~ …

2013- Serv-U (c) Copyright 1995- # Category: FTP Login Portals # Description : Dork for finding FTP Log 04-22 2013 Rhino Software, Inc… portals # Google Dor…

2013- intext:Computer Misuse Act Category : Pages containing login portals Description : Dork for findin 04-09 inurl:login.aspx sensitive login porta…

intext:YOU ARE ACCESSING 2013Category : Pages containing login portals Description : Dork for findin A GOVERNMENT 04-09 government login port… INFORMATION … 2013- intext:THIS IS A PRIVATE

Category : Pages containing login portals Description : Dork for findin

04-09

SYSTEM AUTHORISED ACCESS …

sensitive login porta…

2013- allintext: “Please login to 04-09 continue…”…

Reported by: Jasper Briels…

2013site:login.*.* 02-05

DORK:site:login.*.* Description: Allow User To View Login Panel Of Man WebSites.. Author:MT…

2012- you really should fix this 12-31 security hole by settin…

Gives sites with default username root and no password — nitish meh

2012inurl:phpliteadmin.php 11-02

The default password is ‘admin’ …

2012- inurl:”InfoViewApp/logon.js Google Hacking *SAP Business Object 3.1 XI* 11-02 p” inurl:”InfoViewApp/logon.jsp” tw… 2012intitle:”DVR+Web+Client” 08-21

This dork will find most Linux-based DVR web clients that are accessib to the web and throug…

2012- Please-logon “intitle:zarafa Zarafa Webaccess logon pages. Greetings, Alrik. … 08-21 webaccess “ 2012- intitle:”Log In” “Access 08-21 unsecured …

iOmega Storcenter login page: intitle:”Log In” “Access unsecured cont with…

2012- inurl:/app_dev.php/login 08-21 “Environment”

Search for login screen in web aplications developed with Symfony2 in a development environment…

2012inurl:”cgi-bin/webcgi/main” 08-21

inurl:”cgi-bin/webcgi/main” This dork finds indexed public fac Dell Remote Acce…

2012Hi, By default, while subscribing to a mailing list on a websit “mailing list memberships reminder” 05-15 running Mailman (GNU) for… 2012- “Welcome to Sitecore” + “License 05-15 Ho…

Sitecore CMS detection. …

2011Search for login screen of default instance: Cyber Recruiter intitle:”cyber recruiter” “User ID&… 05-11 (applicant tracking and recruitin… 2011- intitle:”Enabling Self-Service 05-11 Procurement&qu…

Search for login screen of default instance: Puridiom (A Procurement Web Application) …

2011- “Login Name” Repository Webtop 05-11 intitle:l…

Search for login screen of default instance: Documentum We by EMC …

2011- intitle:”cascade server” 03-15 inurl:login.act

Search for login screen of default instance: Cascade Server C by Hannon Author: Erik Horton …

2010inurl:src/login.php 11-13

Locates SquirrelMail Login Pages Author: 0daydevilz…

2010inurl:/dana-na/auth/ 11-12

Juniper SSL Author: bugbear…

2010- “Remote Supervisor Adapter II” 11-10 inurl:use…

IBM e-server’s login pages. Author: DigiP…

2010||Powered by [ClipBucket 2.0.91] 11-10

This search identifies clpbpucket installations. They frequent have an admin/admin default pa…

2006- intitle:ARI “Phone System 10-02 Administrator”

Login page for “Asterisk Recording Interface” (ARI)….

2006- intitle:”AdventNet ManageEngine 10-02 ServiceDesk P…

serviceDesk Plus is a 100 % web-based Help Desk and Asset Management software.vendor: h**p://ma…

2006Customer login pages for what looks like an inhouse eshop. M inurl:”/?pagename=CustomerLogin” 09-20 information here:h**p://catalin… 2006- inurl:”/? 09-20 pagename=AdministratorLogin”

Powered by Bariatric AdvantageAdmin Login:Admin login pag for what looks like an inhouse esho…

2006inurl:+:8443/login.php3 09-27

Plesk is a multi platform control panel solution for hosting.Mo information: hxxp://www.swsof…

2006- (intitle:”SilkyMail by Cyrusoft 08-03 International…

silkyMail is a free internet email client, from www.cyrusoft.co that runs in your browser. Th…

2006- intitle:”Login to @Mail” (ext:pl | 08-03 inurl…

Webmail is a http based email server made by atmail.com. T get to the admin login instead of t…

2006- “SurgeMAIL” inurl:/cgi/user.cgi 08-03 ext:cgi

surgemail is an email server from netwinsite.com that can b accessed by a web browser. This do…

2006intitle:Ampache intitle:”love of music” … 06-29

Ampache is a Web-based MP3/Ogg/RM/Flac/WMA/M4A manager. It allows you to view, edit, and play y…

2006FlashChat v4.5.7 07-29

This simple search brings up lots of online Flash Chat clients. Flash Chat’s administration dir…

2006intitle:”eXist Database Administration” … 05-03

Login Pages “eXist is an Open Source native XML database featuring efficient, index-based …

2006(intitle:”WmSC e-Cart Administration”)|(… 05-03

Login Pages for WebMyStyle.”WebMyStyle offers a full range of web hosting and dedicated se…

2006- (intitle:”Please login – Forums powered by 05-03 UB…

Logins for Forums powered by UBB.threads…

2006intitle:”SHOUTcast Administrator” inurl:… 05-03

Login pages for SHOUTcast”SHOUTcast is a free-of-cha audio homesteading solution. It pe…

2006intitle:IMP inurl:imp/index.php3 05-03

Webmail Login pages for IMP”IMP is a set of PHP scrip that implement an IMAP based webma…

2006intitle:”TWIG Login” 05-03

“TWIG is a Web-based groupware suite written in PHP compatible with both PHP3 and PHP4. I…

2006“SquirrelMail version” “By the Squi… 05-03

More SquirrelMail Logins…

2006intitle:(“TrackerCam Live Video”)|(“… 05-03

“TrackerCam® is a software application that you put your webcam on…

2006(intitle:”rymo Login”)|(intext:”We… 05-03

“rymo is a small but reliable webmail gateway. It cont a POP3-server for mail reading …

2006- (intitle:”Please login – Forums powered by 05-03 WW…

“WWWthreads is a high powered, full scalable, customizable open source bulletin board pack…

2006- inurl:”/slxweb.dll/external? 05-03 name=(custportal|…

Customer login pages”SalesLogix is the Customer Relationship Management Solution that driv…

2006intitle:”Employee Intranet Login” 05-03

Intranet login pages by decentrix.com…

2006inurl:”php121login.php” 05-03

“PHP121 is a free web based instant messenger – writ entirely in PHP. This means that i…

2006- Please enter a valid password! 04-25 inurl:polladmin

The PHP Poll Wizard 2 ist a powerful and easy-to-use P Script for creating and managing polls…

2006intitle:”EZPartner” -netpond 03-21

EZPartner is a great marketing tool that will help you increase your sales by sending webmaster…

2006intitle:”Login to @Mail” (ext:pl | inurl… 03-21

Webmail is a http based email server made by atmail.com. To get to the admin login instead of r…

2006inurl:”vsadmin/login” | inurl:”vsad… 03-21

Ecommerce templates makes a online shopping cart solution. This search finds the admin login….

2006“Web-Based Management” “Please inpu… 03-21

This dork finds firewall/vpn products from fiber logic. T only require a one-factor authent…

inurl:2000 2006RemotelyAnywhere is a program that enables remote control, in the sa intitle:RemotelyAnywhere 03-21 matter as VNC. Once Log… -site:realvnc….

2006- inurl:”/admin/configuratio simply google inurl trick for Oscommerce for open administrator page.I 03-07 n. php?” Mysto… no .htpassword is set f… 2006inurl:ids5web 02-09

EasyAccess Web is a application to view radiological images online.Like hospitals or univers…

2006- intext:”Fill out the form 02-08 below completely to…

The page to change admin passwords. Minor threat but the place to sta an attack….

2006- “Powered by Midmart 01-16 Messageboard” “…

Midmart Messageboard lets you run a highly customizable bulletin boar with a very nice user in…

2006- intitle:Ovislink 01-16 inurl:private/login

Ovislink vpn login page….

2006- “intitle:3300 Integrated 01-14 Communications Platf…

logon portal to the mitel 330 integrated communications platform. [Mitel® 330…

2006- “bp blog admin” 01-02 intitle:login | intitle:…

betaparticle (bp) blog is blog software coded in asp. This google dork fi the admin logins….

2005- “Emergisoft web

Hospital patient management system, in theory it could be dangerous…

12-31

applications are a part of ou…

2005- intitle:”b2evo > Login 12-19 form” “Lo…

b2evolution is a free open-source blogging system from b2evolution.ne This dork finds the ad…

2005- intitle:”Admin login” “Web sift Group makes a web site administration product which can be acces 12-19 Site Adm… via a web browser. Th…

inurl:/Merchant2/admin.m 2005Miva Merchant is a product that helps buisnesses get into e-commerce. v| 12-19 dork locates their … inurl:/Merchant2/admin… 2005- “site info for” “Enter 11-21 Admin Passwo…

This will take you to the cash crusader admin login screen. It is my first google hack.. also t…

2005- “Establishing a secure 11-16 Integrated Lights Out …

iLo and related login pages !? Whoops…..

2005- inurl:webvpn.html “login” The Cisco WebVPN Services Module is a high-speed, integrated Secure 11-16 “Please e… Sockets Layer (SSL) VPN ser… 2005- “This is a restricted 11-16 Access Server” &qu…

Mostly Login Pages for iPlanet Messenger Express, which is a web-base electronic mail program …

2005- intitle:”Merak Mail Server User login pages for Merak Email Server Suite which consists of Merak 11-16 Web Administration… Email Server core and opt… 2005- “Powered by Merak Mail 11-13 Server Software” …

Webmail login portals for Merak Email ServerMerak Email Server Suite consists of multiple award…

2005“iCONECT 4.1 :: Login” 11-12

This search finds the login page for iCONECTnxt, it enables firms to sea organize, and revi…

2005- intitle:”Novell Web 11-12 Services” “Grou…

Novell GroupWise is a complete collaboration software solution that provides information worker…

2005- intitle:”*- HP WBEM 11-12 Login” | “You a…

HP WBEM Clients are WBEM enabled management applications that pro the user interface and fu…

2005- intitle:”EXTRANET login” This search finds many different Extranet login pages…. 11-12 -.edu -.mil -.g… 2005- intitle:”EXTRANET * – 11-12 Identification”

WorkZone Extranet Solution login page. All portals are in french or span belive….

intitle:”OnLine 2005Recruitment Program – 11-12 Login&q…

This is the Employer’s Interface of eRecruiter, a 100% Paper Less Recruitment Solution implemen…

2005- intitle:”Docutek ERes – 10-26 Admin Login” -ed…

Docutek Eres is software that helps libaries get an internet end to them This dork finds the a…

2005- inurl:ocw_login_usernam WEBppliance is a software application designed to automate the 10-13 e deployment and management of Web… 2005- intitle:”Supero Doctor III” “Supero Doctor III Remote Management” by Supermicro, Inc.info: 09-26 -inurl:super… http://www.supermicro….

2005- intitle:”iDevAffiliate – 09-25 admin” -demo

Affiliate Tracking Software Adding affiliate tracking software to your site one of the most…

2005- “Please login with admin PHPsFTPd is a web based administration and configuration interface for 09-25 pass” -“le… SLimFTPd ftp serverI… 2005- intitle:”Admin Login” 09-25 “admin login&…

Blogware Login Portal: “An exciting and innovative tool for creating or enhancing your web…

2005- intitle:”Login Forum Anyboard Login Portals. In addition,A vulnerability has been reported in 09-23 Powered By AnyBoard”… Netbula Anyboard 9.x &… intitle:”Login to the 2005forums – 09-23 @www.aimoo.com…

Aimoo Login Pages. “Looking for a free message board solution? Aimoo provides one of the m…

2005- intitle:”i-secure v1.1″ 09-23 -edu

I-Secure Login Pages…

inurl:/modcp/ 2005there have been several dorks for vBulletin, but I could not find one in t intext:Moderator+vBullet 09-23 search that target… in

2005- intitle:”PHProjekt – login” PHProjekt is a group managing software for online calenders, chat, forum 09-21 login passwo… etc. I looked aroun… 2005- “login prompt” 09-13 inurl:GM.cgi

GreyMatter is prone to an HTML injection vulnerability. This issue is due failure in the a…

2005- “Powered by Monster Top 2 Step dork – Change url to add filename “admin.php” (just remove 09-13 List” MTL numran… index.php&stuff… 2005- intext:”Master Account” 09-13 “Domain Na…

There seems to be several vulns for qmail….

intitle:”Content 2005Management System” 09-13 &quo…

iCMS – Content Management System…Create dynamic interactive webs in minutes without knowi…

2005- “Please authenticate Photo gallery managment system login… 08-30 yourself to get access t… 2005- intitle:”*- HP WBEM 11-12 Login” | “You a…

HP WBEM Clients are WBEM enabled management applications that pro the user interface and fu…

2005- intitle:”EXTRANET login” This search finds many different Extranet login pages…. 11-12 -.edu -.mil -.g… 2005- intitle:”EXTRANET * – 11-12 Identification”

WorkZone Extranet Solution login page. All portals are in french or span belive….

intitle:”OnLine 2005Recruitment Program – 11-12 Login&q…

This is the Employer’s Interface of eRecruiter, a 100% Paper Less Recruitment Solution implemen…

2005- intitle:”Docutek ERes – 10-26 Admin Login” -ed…

Docutek Eres is software that helps libaries get an internet end to them This dork finds the a…

2005- inurl:ocw_login_usernam WEBppliance is a software application designed to automate the

10-13 e

deployment and management of Web…

2005- intitle:”Supero Doctor III” “Supero Doctor III Remote Management” by Supermicro, Inc.info: 09-26 -inurl:super… http://www.supermicro…. 2005- intitle:”iDevAffiliate – 09-25 admin” -demo

Affiliate Tracking Software Adding affiliate tracking software to your site one of the most…

2005- “Please login with admin PHPsFTPd is a web based administration and configuration interface for 09-25 pass” -“le… SLimFTPd ftp serverI… 2005- intitle:”Admin Login” 09-25 “admin login&…

Blogware Login Portal: “An exciting and innovative tool for creating or enhancing your web…

2005- intitle:”Login Forum Anyboard Login Portals. In addition,A vulnerability has been reported in 09-23 Powered By AnyBoard”… Netbula Anyboard 9.x &… intitle:”Login to the 2005forums – 09-23 @www.aimoo.com…

Aimoo Login Pages. “Looking for a free message board solution? Aimoo provides one of the m…

2005- intitle:”i-secure v1.1″ 09-23 -edu

I-Secure Login Pages…

inurl:/modcp/ 2005there have been several dorks for vBulletin, but I could not find one in t intext:Moderator+vBullet 09-23 search that target… in

2005- intitle:”PHProjekt – login” PHProjekt is a group managing software for online calenders, chat, forum 09-21 login passwo… etc. I looked aroun… 2005- “login prompt” 09-13 inurl:GM.cgi

GreyMatter is prone to an HTML injection vulnerability. This issue is due failure in the a…

2005- “Powered by Monster Top 2 Step dork – Change url to add filename “admin.php” (just remove 09-13 List” MTL numran… index.php&stuff… 2005- intext:”Master Account” 09-13 “Domain Na…

There seems to be several vulns for qmail….

intitle:”Content 2005Management System” 09-13 &quo…

iCMS – Content Management System…Create dynamic interactive webs in minutes without knowi…

2005- “Please authenticate Photo gallery managment system login… 08-30 yourself to get access t… “You have requested to 2005access the management Terracotta web manager admin login portal…. 08-30 … 2005- intitle:”web-cyradm”|”by Web-cyradm is a software that glues topnotch mailing technologies 08-30 Luc de Lou… together. The focus is on adm… 2005- intext:”Master Account” 08-30 “Domain Nam…

qmail mail admin login pages.There are several vulnerabilities relating t this software…

2005- intitle:”Content 08-30 Management System”

iCMS – Content Management System…Create websites without knowing

&quo…

HTML or web programming….

2005inurl:csCreatePro.cgi 08-28

Create Pro logon pages….

2005- intitle:”xams 0.0.0..15 – 08-14 Login”

This is the login for xams it should catch from 0.0.1-0.0.150.0.15 being latest version as …

2005- “HostingAccelerator” 08-14 intitle:”login…

This will find the login portal for HostingAccelerator ControlPanel I have looked for explo…

2005- “inspanel” intitle:”login” This finds all versions of the inspanel login page…. 08-15 -&q…

2005- intitle:”communigate pro Just reveals the login for Communigate Pro webmail. A brute force attac 08-11 * *” intitle:&q… could be attempted. Th…

2005intitle:”AlternC Desktop” This finds the login page for AlternC Desktop I dont know what versions 08-15 2005intitle:phpnews.login 08-10

Vulnerable script auth.php (SQL injection)— from rst.void.ru —Possible scenario of attack:[…

2005- intitle:”Cisco CallManager [quote]Cisco CallManagerCallManager is a FREE web application/interfa 08-08 User Options Log O… included with your VoIP… 2005- inurl:”default/login.php” 07-26 intitle:”…

This dork reveals login pages for Kerio Mail server. Kerio MailServer is a state-of-the-art gro…

2005- intitle:”Member Login” 07-24 “NOTE: Your …

Pretty standered login pages, they all have various differences but it appears that they use th…

2005- “This section is for Nothing special, just one more set of login pages, but the “Administrato 07-24 Administrators only. If … only” line… 2005- intitle:”Welcome to 07-22 Mailtraq WebMail”

Mailtraq WebMail is just another a web-based e-mail client. This is the lo page….

2005- intitle:”TOPdesk 07-22 ApplicationServer”

Topdesk is some kind of incident ticket system with a webinterface. It requires: Windows 98 and…

“You have requested 2005access to a restricted 07-20 ar…

BackgroundEasySite is a Content Management System (CMS) build on P and MySQL. Many easysite s…

2005- inurl:textpattern/index.ph Login portal for textpattern a CMS/Blogger tool…. 06-09 p 2005intitle:”Login to Cacti” 06-24

Cacti is a complete network graphing solution designed to harness the power of RRDTool’s data s…

2005- intitle:”XMail Web Administration 06-09 Interface&q…

This search will find the Web Administration Interface for servers running XMail.”XMail is…

2005intext:”Welcome to” inurl:”cp”… 06-05

This gives results for hosting plans that don’t have assoc fees, so anyone can sign up wit…

2005intitle:”XcAuctionLite” | “DRIVEN B… 06-07

This query reveals login pages for the administration of XcAuction and XcClassified Lite..”…

2005allintitle:”Welcome to the Cyclades” 06-02

This search reveals the login page for the Cyclades TS10 and TS2000 Web Management Service. T…

2005intitle:”VisNetic WebMail” inurl:”/… 06-06

VisNetic WebMail is a built-in web mail server that allows VisNetic Mail Server account holders…

2005- inurl:/SUSAdmin intitle:”Microsoft 05-23 Software U…

Microsoft SUS Server is a Patch Management Tool for Windows 2000, XP and 2003 systems.It can be…

2005inurl:exchweb/bin/auth/owalogon.asp 05-15

Outlook Web Access Login POrtal…

2005- inurl:Citrix/MetaFrame/default/default.as MetaFrame Presentation Server… 05-15 px 2005inurl::2082/frontend -demo 05-11

This allows you access to CPanel login dialogues/screens

2005intitle:”WorldClient” intext:”Ã�… 05-02

MDaemon , Windows-based email server software, conta full mail server functionality and cont…

2005intitle:open-xchange inurl:login.pl 05-02

Open-Xchange 5 is a high performance substitute for cos and inflexible Microsoft Exchange de…

2005- intitle:”site administration: please log 05-02 in&q…

Real Estate software package, with the admin login scree

2005inurl:gnatsweb.pl 05-02

GNU GNATS is a set of tools for tracking bugs reported by users to a central site. It allows pr…

2005- “Powered by DWMail” password 05-02 intitle:dwm…

What is DWmailâ„¢?: DWmailâà ¢â‚¬Å¾Ã‚¢ is an ‘…

2005Just another logon page search, this one is for SFXÂà intitle:”SFXAdmin – sfx_global” | intitl… 04-27 a link server from Ex … 2005By itself, this returns Zope’s help pages. Manipulation of intitle:”Zope Help System” inurl:HelpSys 04-27 URL, changing ‘HelpSys’ to ‘mana… 2005IlohaMail is a light-weight yet feature rich multilingual intitle:ilohamail “Powered by IlohaMail” 04-17 webmail system designed for ease of u… 2005intitle:ilohamail intext:”Version 0.8.10″… some version of ilohamail are vulnerable…. 04-11 2005- intitle:"inc. vpn 3000 04-11 concentrator&q…

This search will show the login page for Cisco VPN 3000 concentrators. Since the default user …

2005- intext:"vbulletin" 04-09 inurl:admincp

vBulletin Admin Control Panel…

2005- inurl:”usysinfo? 01-25 login=true”

Dell OpenManage enables remote execution of tasks such as system configuration, imaging, applic…

2005- intext:”Mail admins login Another way to locate Postfix admin logon pages…. 01-24 here to administrat… 2005PhotoPost PHP Upload 01-13

PhotoPost was designed to help you give your users exactly what they w Your users will be t…

2005PHPhotoalbum is a picturegallery script. You can upload pictures directly PHPhotoalbum Statistics 01-13 from your webbrowser…. 2005PHPhotoalbum Upload 01-13

Homepage: http://www.stoverud.com/PHPhotoalbum/PHPhotoalbum is a picturegallery script. You can…

2005- inurl:”631/admin” 01-18 (inurl:”op=*”…

Administration pages for CUPS, The Common UNIX Printing System. Mos are password protected….

2005- intitle:”VNC viewer for 01-15 Java”

VNC (Virtual Network Computing) allows a pc to be controlled remotely the Internet. These …

2005- inurl:”Activex/default.htm This search will reveal the active X plugin page that allows someone to 01-15 ” “Demo&q… access PC Anywhere from… 2005- “pcANYWHERE EXPRESS This search will reveal the java script program that allows someone to 01-15 Java Client” access PC Anywhere from,…

2004- intext:””BiTBOARD v2.0″ The bitboard2 is a board that need no database to work. So it is useful f 12-19 BiTSHiFTERS… webmaster that have…

2004- intitle:Login intext:”RT is RT is an enterprise-grade ticketing system which enables a group of peo 12-19 ÂÂ�… to intelligently and… 2004- intitle:”Athens 12-19 Authentication Point”

Athens is an Access Management system for controlling access to web based subscription services…

2004- intitle:”Novell Web 12-19 Services” intext:&qu…

“Novell® GroupWise is an enterprise collaboration system that provides …

2004- inurl:1810 “Oracle 12-19 Enterprise Manager”

Enterprise Manager 10g Grid Control provides a single tool that can mo and manage not only…

2004- intitle:”WebLogic Server” BEA WebLogic Server 8.1 provides an industrial-strength application 12-19 intitle:”… infrastructure for developi… 2004- intitle:”MX Control 12-19 Console” “If yo…

MX Logic’s customizable and easy-to-use MX Con Console…

2004- inurl:”1220/parse_xml.cgi Quicktime streaming server is uhhhhh…..well it’s a streaming server an 12-10 ?” can be managed via… 2004- intitle:”vhost” 12-13 intext:”vHost . 200…

vHost is a one-step solution for all virtual hosting needs. It enables a Linux/BSD server with …

2004- intitle:”VitalQIP IP 12-07 Management System”

The VitalQIP Web Client Interface provides a World Wide Web interface f the VitalQIP IP Manag…

intext:”Storage 2004These pages can reveal information about the operating system and pa Management Server for” 11-30 level, as well as provi… i… 2004- intitle:”PHP Advanced

PHP Advacaned Transfer is GPL’d software that claims to be the “Th

11-28 Transfer” inurl:&q…

ultimate PHP download …

2004- inurl:coranto.cgi intitle:Login 11-28 (Authorized Users …

Coranto is one of the most powerful Content Management System (CMS) available on the market. It…

2004- inurl:/webedit.* intext:WebEdit WebEdit is a content management system. This is the login portal 11-18 Professional -html search…. 2005- intitle:”phpPgAdmin – Login” 03-03 Language

phpPgAdmin is a web-based administration tool for PostgreSQL. It perfect for PostgreSQL DBAs…

2004- inurl:postfixadmin 11-16 intitle:”postfix admin&quo…

Postfix Admin login pages. Duh….

2004- intitle:”Icecast Administration Icecast streaming audio server web admin.This gives you a list of 11-07 Admin Page&qu… connected clients. Interestin… 2004inurl:irc filetype:cgi cgi:irc 11-04

CGIIRC is a web-based IRC client. Using a non-transparent proxy an attacker could communicate a…

2004- intitle:”php icalendar 10-31 administration” -…

This is the adminstration login portal search for PHP iCalendar. It is compatible with Evolutio…

2004- intitle:”php icalendar 10-31 administration” -…

PHP iCalendar is a php-based iCal file parser. Its based on v2.0 of t IETF spec. It displays …

2004- inurl:login.php “SquirrelMail 10-20 version”

squirrelMail is a standards-based webmail package written in PHP4 includes built-in pure PH…

2004- inurl:/dana10-20 na/auth/welcome.html

Neoteris Instant Virtual Extranet (IVE) has been reported prone to a cross-site scripting vulne…

2004intitle:plesk inurl:login.php3 10-20

Plesk is server management software developed for the Hosting Service Industry. Various vulnera…

2004- “OPENSRS Domain OpenSRS Domain Management SystemNo vulnerabilities are repor 10-19 Management” inurl:manage… to security focus…. 2004“Login – Sun Cobalt RaQ” 10-19

The famous Sun linux appliance. Nice clean portal search.Various vulnerabilities are reported t…

2004- intitle:”ISPMan : Unauthorized ISPMan is a distributed system to manage components of ISP from 10-19 Access prohibi… central management interface…. 2004“SysCP – login” 10-19

sysCP: Open Source server management tool for Debian LinuxNo vulnerabilities are reported to se…

2004- intitle:”Virtual Server 10-19 Administration System…

VISAS, German control panel software like confixx.No vulnerabilitie are reported to security f…

2004“VHCS Pro ver” -demo 10-19

VHCS is professional Control Panel Software for Shared, Reseller, vServer and Dedicated Servers…

2004- inurl:confixx inurl:login| 10-19 anmeldung

Confixx is a webhosting management tool and has the following features: * create resellers, * e…

2004- inurl:”calendar.asp? 10-06 action=login”

aspWebCalendar is a browser based software package that runs ov standard web browser, such …

2004- “IMail Server Web 10-19 Messaging” intitle:log…

IMail Server from Ipswitch is a messaging solution with 60 million users worldwide. It contains…

intitle:”remote 2004The Aanval Intrusion Detection Console is an advanced intrusion detect assessment” OpenAanval 10-16 monitor and alerting … C… 2004- “WebExplorer Server – 10-16 Login” “Welco…

WebExplorer Server is a web-based file management system for sharing files with user permission…

2004- intitle:”Philex 0.2*” 10-14 -script -site:free…

Philex (phile ‘file’ explorer) is a web content manager based php what philex can do ? – eas…

2004- inurl:default.asp Polycom WebCommander gives you control over all aspects of setting u 10-14 intitle:”WebCommander” conferences on Polycom MG… 2004intitle:”MailMan Login” 10-11

MailMan is a product by Endymion corporation that provides a web base interface to email via P…

intitle:”oMail-admin 2004Administration – 10-05 Login&q…

oMail-webmail is a Webmail solution for mail servers based on qmail an optionally vmailmgr or …

2004- intitle:”microsoft 09-24 certificate services”…

Microsoft Certificate Services Authority (CA) software can be used to iss digital certificate…

2004inurl:mewebmail 09-23

MailEnable Standard Edition provides robust SMTP and POP3 services fo Windows NT/2000/XP/2003 …

2005W-Nailer Upload Area 01-13

What is W-Nailer?W-Nailer is a PHP script which can create galleries for you.It uses a graphica…

2004- inurl:”typo3/index.php? 09-21 u=” -demo

TYPO3 is a free Open Source content management system for enterpris purposes on the web and in…

2004- inurl:administrator 09-21 “welcome to mambo”

Mambo is a full-featured content management system that can be used everything from simple …

2004Thousands of enterprises, governmental offices, non-profit organization ez Publish administration 09-21 small and middle size… 2004- intitle:”Tomcat Server 09-18 Administration”

This finds login portals for Apache Tomcat, an open source Java servlet container which can run…

2004- intitle:”Login – powered 09-18 by Easy File Sharing…

Easy File Sharing Web Server is a file sharing software that allows visito upload/download…

2004- “Login to Usermin” 09-18 inurl:20000

Usermin is a web interface that can be used by any user on a Unix syste to easily perform task…

2004intitle:”TUTOS Login” 09-18

TUTOS stands for “The Ultimate Team Organization Software.” This sear finds the log…

filetype:pl “Download: 2004SuSE Linux 09-10 Openexchang…

this search will get you on the web administration portal of linux open exchange servers….

2004- 4images Administration 08-25 Control Panel

4images Gallery – 4images is a web-based image gallery management system. The 4images administr…

intitle:Novell 2004intitle:WebAccess 08-21 “Copyright *…

search to show online Novell Groupwise web access portals….

2004GradeSpeed seems to be a .NET application to administer school resul inurl:”gs/adminlogin.aspx” 08-20 for several schools usin… 2004intitle:Login * Webmailer 08-20

1&1 Webmail login portals. This is made by a german company called Internet United active i…

2004- Login (“Powered by Jetbox Jetbox is a content management systems (CMS) that uses MySQL or 08-20 One CMS âÃ�… equivalent databases. There is … 2004- intitle:”ITS System 08-16 Information” “P…

Frontend for SAP Internet Transaction Server webgui service….

Novell NetWare 2004intext:”netware 08-16 management por…

Netware servers ( v5 and up ) use a web-based management utility ca Portal services, which …

2004- “powered by CuteNews” 08-16 “2003..2005 C…

This finds sites powered by various CuteNews versions. An attacker us this list and search the…

inurl:cgi2004bin/ultimatebb.cgi? 08-13 ubb=login

These are login pages for Infopop’s message board UBB.classic. For th UBB.threads you can use …

2004- intitle:”please login” “your These administrators were friendly enough to give hints about the 08-13 passwo… password…. 2004Ultima Online loginservers This one finds login servers for the Ultima Online game…. 08-09 2004- “WebSTAR Mail – Please 08-09 Log In”

@stake, Inc. advisory: “4D WebSTAR is a software product that provide Web, FTP, and Mail …

2004- intitle:”teamspeak server- TeamSpeak is an application which allows its users to talk to each othe 08-09 administration over the internet and … 2004- inurl:/cgi-bin/sqwebmail? 08-06 noframes=1

sQWebmail login portals….

2004- (inurl:”ars/cgi-bin/arweb? 08-05 O=0″ | inurl:a…

From the vendor site: “Remedy’s Action Request System…

2004- intitle:Node.List 08-05 Win32.Version.3.11

synchronet Bulletin Board System Software is a free software package can turn your persona…

2004- inurl:”utilities/TreeView.asp From the marketing brochure: “UltiPro Workforce Management offers y 07-29 ” the most comprehensi… 2004- ASP.login_aspx 07-26 “ASP.NET_SessionId”

.NET based login pages serving the whole environment and process tr for your viewing pleasur…

2004Powered by INDEXU 07-22

From the sales department: “INDEXU is a portal solution software that allows you to build …

2004phpWebMail 07-12

PhpWebMail is a php webmail system that supports imap or pop3. It h been reported that PHP…

2004- filetype:php 07-09 inurl:”webeditor.php”

This is a standard login portal for the webadmin program….

2004CGI:IRC Login 06-22

CGIIRC is a web-based IRC client. Using a non-transparent proxy an attacker could communicate a…

2004- Outlook Web Access (a better 06-18 way)

According to Microsoft “Microsoft (R) Outlook (TM) Web Access i Microsoft Exchange Acti…

2004“ttawlogin.cgi/?action=” 06-04

Tarantella is a family of enterprise-class secure remote access software products. This Google-…

2004- intitle:”Welcome Site/User 06-10 Administrator”…

service providers worldwide use Ensim’s products to automate t management of their hosting s…

2004- intitle:”ZyXEL Prestige Router” 06-04 “En…

This is the main authentication screen for the ZyXEL Prestige Router….

2004filetype:r2w r2w 06-04

WRQ Reflection gives you a standard desktop that includes web and Windows-based terminal emula…

2004inurl:search/admin.php 05-30

phpMySearch is a personal search engine that one can use to provide a search feature for one’s …

2004inurl:/eprise/ 05-26

silkRoad Eprise is a dynamic content management product that simplifies the flow of content to …

2004- intitle:”Dell Remote Access 05-17 Controller”

This is the Dell Remote Access Controller that allows remote administration of a Dell server….

2004“please log in” 05-13

This is a simple search for a login page. Attackers view login pa as the “front door&qu…

2004inurl:login filetype:swf swf 05-12

This search reveals sites which may be using Shockwave (Flash a login mechanism for a site….

2004inurl:”webadmin” filetype:nsf 05-11

This is a standard login page for Domino Web Administration….

2004- intitle:”eMule *” intitle:”- Web 05-11 Co…

This iks the login page for eMule, the p2p file-sharing program. These pages forego the login n…

2004inurl:/Citrix/Nfuse17/ 05-10

These are Citrix Metaframe login portals. Attackers can use thes profile a site and can use…

2004- inurl:metaframexp/default/login.a These are Citrix Metaframe login portals. Attackers can use thes 05-10 sp | intitle:&quo… profile a site and can use… 2004inurl:names.nsf?opendatabase 05-04

A Login portal for Lotus Domino servers. Attackers can attack th page or use it to gather inf…

2004- intitle:”Remote Desktop Web 04-28 Connection” …

This is the login page for Microsoft’s Remote Desktop Web Connection, which allows remote users…

2004- intitle:”MikroTik RouterOS 04-26 Managing Webpage&q…

This is the front page entry point to a “Mikro Tik” Router….

2004“VNC Desktop” inurl:5800 04-21

VNC is a remote-controlled desktop product. Depending on the configuration, remote users may no…

2004inurl:/admin/login.asp 04-21

This is a typical login page. It has recently become a target for S injection. Comsec’s artic…

2004inurl:login.asp 04-21

This is a typical login page. It has recently become a target for S injection. Comsec’s artic…

2004- inurl:”:10000″ 04-20 intext:webmin

Webmin is a html admin interface for Unix boxes. It is run on a proprie web server listenin…

2004inurl:login.cfm 04-19

This is the default login page for ColdFusion. Although many of these a secured, this is an i…

2004- intitle:”ColdFusion 04-19 Administrator Login”

This is the default login page for ColdFusion administration. Although many of these are secure…

2004- allinurl:”exchange/logon.as According to Microsoft “Microsoft (R) Outlook (TM) Web Access is a 04-16 p” Microsoft Exchange Acti… 2014- intitle:not accepted 02-05 inurl:”union+select”…

Find IDS and Mod security dork: intitle:not accepted inurl:”union+select” inurl:…

2013filetype:jnlp 11-25

Java Web Start (Java Network Launch Protocol) — -[Voluntas Vincit Omnia]- website http:/…

2013- intitle:”RT at a glance” 11-25 intext:”qu…

RT Request Tracker Ticket Database http://www.bestpractical.com/r -[Voluntas Vincit …

2013intitle:”IPCam Client” 11-25

Foscam IPCam By default these cameras attach to the myfoscam.o DDNS. So you could add sit…

2013- inurl:*/graphs* intitle:”Traffic 09-24 and system r…

With this search you can view results for mikrotik graphics interfac *Obrigado,*…

2013intitle:”Web Client for EDVS” 09-24

Yet another DVR system. Probably requires Java to display. 4N6 Sec …

2013inurl:”/webcm?getpage=” 09-24

Returns various Actiontec (and often Qwest) branded routers’ login pages. 4N6 Security …

2013- intitle:”RouterOS router 09-24 configuration page&q…

Returns login portals for Microtik routers running RouterOS version and up. 4N6 Security …

2013inurl:”/cgi-mod/index.cgi” 09-24

Returns login pages for various Barracuda Networks branded hardw spam filters and mail arch…

2013- intitle:”SPA504G 09-24 Configuration”

Dork : intitle:”SPA504G Configuration” Result : Gives access to Cisc SPA504G Config…

2013- intitle:”Web Image Monitor” & #Summary: Several printers that use “Web Image Monitor” contro 08-08 inurl:… panel ( http://ricoh… 2013- intitle:”Transponder/EOL 08-08 Configuration:”…

#Summary: Cheeta Technologies Transponder Configuration Portal http://www.cheetahtech.com)….

2013- intitle:”NetBotz Network 08-08 Monitoring Appliance…

#Summary:Various Online Divices #Category: Pages containing log portals #Author: g00gl3 5c0…

2013intitle:”Weather Wing WS-2″ 08-08

#Summary:Weather Wing (http://www.meteo-system.com/ws2.php Portal. #Category: Various Online …

2013- inurl:/voice/advanced/ 04-22 intitle:Linksys SPA configu…

This allows you to look at linksys VOIP Router Config pages. …

2013inurl:/control/userimage.html 02-05

Mobotix webcam search. yet another newer search …

2012- inurl:”Orion/SummaryView.asp Hello, Enumerate Solarwinds Orion network monitoring portals. In s 11-02 x” intext:&q… cases, the portal ca… 2012inurl:”/level/13|14|15/exec/” 11-02

inurl:”/level/13|14|15/exec/” Cisco IOS HTTP Auth Vulnerability .. Command before …

2012- intitle:”dd-wrt info” 11-02 intext:”Firmw…

This dork finds web interfaces of various routers using custom firm DD-WRT. Default login…

2012inurl:32400/web/index.html 11-02

Submitting this for the GHDB. These are web accessible Plex Media Servers where you can watch…

2012- intitle:”Pyxis Mobile Test 11-02 Page” inurl:&…

Pyxis Mobile Test Page intitle:”Pyxis Mobile Test Page” inurl:”mpTest.aspx&qu…

2012‘apc info’ ‘apc.php?SCOPE=’ 08-21

This dork will locate Unsecured PHP APC Installations. With regards Shubham Mittal (Hack …

2012- intext:”You may also donate 08-21 through the Money…

Still find alot of equipment running v24 sp1 …

2012- intitle:”hp laserjet” 08-21 inurl:info_configu…

HP LaserJet printers …

2012- inurl:Settings.aspx 05-15 intitle:Beyond TV

Beyond TV gives you the capability to turn your PC into a high qual digital video recorder…

2012- intitle:”HtmlAnvView:D7B039 This dork finds Wireless Security/Webcams that are accessible from 05-15 C1″ web. The interesting p… 2011inurl:cgi-bin/cosmobdf.cgi? 12-28

COSMOView for building management. Author: GhOsT-PR …

2011- inurl:RgFirewallRL.asp | 12-27 inurl:RgDmzHost.asp | inu…

Gateway Routers Author: GhOsT-PR …

2011intitle:SpectraIV-IP 12-26

Google dork for pelco SpectraIV-IP Dome Series cameras Default username/password “admin/a…

2011inurl:/cgi-bin/makecgi-pro 12-12

Brings up listings for Iomgea NAS devices. Password protected fold are susceptible to authe…

2011- allintitle:”UniMep Station 12-10 Controller”

UniMep is a device for managing fuel station. You can see process fueling cars and you can …

2011- inurl:”:9000″ PacketVideo 07-26 corporation

inurl:”:9000″ PacketVideo corporation About: This provides Twonky Server Media int…

2010inurl:/level/15/exec/11-21

Default Cisco 2800 Series page…

2010- inurl:/exec/show/tech11-21 support/cr

Default Cisco 2800 Series page…

2010- inurl:/level/15/exec/-/configure Default Cisco 2800 Series page… 11-21 /http 2010- allintitle:”SyncThru Web 11-11 Service”

This search finds Internet-connected Samsung printer control pane

2010- intitle:”EvoCam” 11-10 inurl:”webcam.html”

This search identifies EvoCam cameras accessible over the Interne There are also public explo…

2006- intitle:Top “Vantage Service 10-02 Gateway” -i…

VSG1200 Vantage Service Gateway (topframe), go up one level for login page. Vendor page at …

2006intitle:”Net2Phone Init Page” 10-02

Net2Phone CommCenter® is software that allows you to m phone calls and se…

2006- intitle:”Your Network Device” Login page for the Solwise Sar715+ ADSL Router from solwise.co.u 10-02 Status (LA… Thanks to jeffball55 for the… 2006- “SnapGear Management 10-02 Console” “Welc…

“Welcome to the SnapGear Unit! To begin configuring your SnapGear now, use the menu t…

2006- “Welcome to the 10-02 CyberGuard unit!”

“Welcome to the CyberGuard unit! To begin configuring your CyberGu unit now, use the me…

2006- “LANCOM DSL/*-* Office *” h**p://www.lancom-systems.de/Login page for these Lancom online D 10-02 “Entry Pa… devices…. 2006inurl:wrcontrollite 09-11

Browse up to 16 security cameras at one time :)…

2006allintitle:”DVR login” 06-30

softwell Technology “Wit-Eye” DVR.Default user/pass is admin:adminRequires ActiveX…

2006- intitle:”stingray fts login” | ( The Stingray File Transfer Server: Open communication regardless of 06-29 login.j… platform, protocol or locat… 2006- intitle:”BlueNet Video 06-25 Viewer”

Near broadcast quality video over the internet. A full 30fps at the 320 240 size. 12fps at th…

2006- allintitle: Axis 2.10 OR 2.12 No one search will reveal all Axis cameras. This is a variant for the 2xx 06-25 OR 2.30 OR 2.31 OR 2… series….

2006- intitle:”Live View / – AXIS” | No one search will reveal all Axis cameras. This is my mod of one of th 06-25 inurl:vie… queries. It usualy ret… 2006intitle:”Divar Web Client” 06-25

Boshe/Divar Net Cameras. Uses ActiveX – IE only….

2006- allintitle: EDR400 login | 06-25 Welcome

Everfocus EDR400…

2006- allintitle: EDR1600 login | 06-25 Welcome

Everfocus EDR1600…

2006- allintitle:Edr1680 remote 06-25 viewer

Everfocus EDR1680. Only returns 2 or 3 results, but submitted for completeness sake….

2006- allintitle: EverFocus | EDSR Modified Everfocus search, pulls in EDSR400’s as well s a few strays 06-25 | EDSR400 Applet missed by original query…. 2006- intitle:”SNC-RZ30 HOME” 06-22 -demo

This search will reveal Sony’s SNC-RZ30 IP camera’s web interface. Qu a few of these camera…

2006- inurl:cgi05-04 bin/guestimage.html

just more more MOBOTIX’s…

(intitle:(EyeSpyFX| 2006OptiCamFX) “go to 05-04 camera&q…

just more cameras vendor site: http://www.eyespyfx.com/…

2006- intitle:”Veo Observer XT” 05-04 -inurl:shtml|p…

just more results for this:http://johnny.ihackstuff.com/index.php? module=prodreviews&func=s…

2006- intitle:”iGuard Fingerprint 05-04 Security System&q…

vendor:http://www.iguardus.com/dome information disclosure: employ list & free camera a…

2006- intitle:”Device Status 05-03 Summary Page” -de…

hxxp://www.netbotz.com/products/index.htmlNetwork/server/room security and enviromental alarm d…

(intitle:MOBOTIX 2006intitle:PDAS) | 04-19 (intitle:MOBOTIX …

more cams…vendor site: http://www.mobotix.com/layout/set/index/language/index…

2006intitle:”IVC Control Panel” this searches for security cameras, vendor site:http://www.ivcco.com/… 04-18 2006- intitle:”Edr1680 remote 03-21 viewer”

This search finds the 1680 series digital video recorder from EverFocus…

2006- “OK logout” inurl:vb.htm? This is a google dork for Hunt Electronics web cams. To get to the came 03-21 logout=1 remove the vb.htm?l… 2006- intitle:”DVR Client” -the 03-21 -free -pdf -do…

This dork finds digital video recording client from Nuvico….

2006intitle:”GigaDrive Utility” Linksys GigaDrive network storage utility…. 03-18 2006- intitle:”Ethernet Network Linksys network storage utility…. 03-18 Attached Storage U…

intitle:”Skystream 2006Networks Edge Media 03-18 Router…

skystream Networks Edge Media Router….

2006- intitle:”NAS” 03-18 inurl:indexeng.html

Disk Online Server NAS device….

2006- intext:”you to handle ELSA DSL lan modems…. 03-18 frequent configuration … 2006- intitle:”WxGoos-” 03-18 (“Camera image&qu…

This is used in serverrooms and such where climate conditions are cruci hardware health. I…

2006- intitle:”AR-*” “browser of A few Sharp printers ….. 03-18 frame de… 2006- intitle:”Webview Logon 03-18 Page”

This is the web interface for Alcatel’s Omniswitch. Default login is: admin/switch….

2006- inurl:setdo.cgi intext:”Set Dcs-2100 camerasBy removing “intext:Set DO OK” you will get more hit 02-08 DO OK” but they will r… 2006- intext:”Welcome to 02-08 Taurus” “The Tau…

Celestix Networks, Inc., the premier supplier of network server applianc announces the Taurus…

2006- intitle:”::::: INTELLINET IP A variation on Jeffball55’s original Intellinet Ip Camera.This search finds 01-16 Camera Homepage … several more web ca…

2006- intitle:”Dell Laser Printer Dell laser printers. This search finds different results that dork id 1077… 01-02 *” port_0 -j… 2005- DCS 12-31 inurl:”/web/login.asp”

Login pages for the DCS-950 Web Camera. Even comes with a built in microphone….

intitle:Axis 2005similar searchs exist. This search finds a few more results as well as acc inurl:”/admin/admin.shtm 12-31 to the Admin area… l” 2005inurl:/img/vr.htm 12-31

Linksys wireless G Camera….

2005inurl:Printers/ipp_0001.asp 12-08

Thanks to Windows 2003 Remote Printing…

2005This an online device, you can search for unpassworded sha intitle:”Snap Server” intitle:”Home… 11-28 on Snap Appliance Server.Moderato… 2005- intitle:”Sony SNT-V304 Video 11-21 Network Station&…

The SNT-V304 Video Network Station.Sony’s network camera control station….

2005- Display Cameras intitle:”Express6 11-21 Live Image&…

Express6 live video controller.Displays video from “Netlive Cameras” found in this se…

2005- intitle:”Iomega NAS Manager” 11-16 -ihackstuff…

Login page dork for Iomega NAS Manager.. There’s only 1 re for it now, but this could chang…

2005- intitle:Cisco “You are using an old 11-16 browser o…

Login pages for Ciso VPN Concentrator stuff…

2005- intitle:”Summit Management 11-16 Interface” -g…

Extreme Networks Summit Switches Web admin pages. Serv Allegro-Software-RomPager/2.10…

2005- intitle:”SNOIE Intel Web Netport 11-16 Manager”…

Intel Netport Express Print Server….

2005- “This page is for configuring 11-11 Samsung Network…

several different samsung printers…

2005- (“port_255/home”)|(inurl:”home? 11-05 port…

standered printer search. Moderator note: see also dork id=1221…

2005- intitle:”IQeye302 | IQeye303 | 10-03 IQeye601 | IQe…

This is a googledork for IQeye netcams. Some of which you c control how they tilt/zoom. The …

2005- (intitle:”VisionGS Webcam 09-29 Software”)|(in…

I don’t know if the google query got submitted right because looks truncated. here it is ag…

2005- intitle:”Biromsoft WebCam” -4.0 09-29 -serial …

Brimsoft webcam software enables anyone with a webcam t easily create a webcam http server. T…

2005intitle:”Netcam” intitle:”user logi… 09-26

just yet other online cam….

2005intitle:”Orite IC301″ | intitle:”OR… 09-21

This search finds orite 301 netcams with audio capabilities…

2005- Phaser numrange:100-100000 Name This is a search for various phaser network printers. With thi 09-21 DNS IP “More … search you can look for printe… 2005- intitle:”netbotz appliance” -inurl:.php Netbotz devices are made to monitor video, temperature, 09-16 … electricity and door access in server r… 2005- intitle:”NetCam Live Image” -.edu 09-06 -.gov …

This is a googledork for StarDot netcams. You can watch the cams and if you have the admin p…

2005intitle:”INTELLINET” intitle:”IP Ca… 08-27

This googledork finds INTELLINET ip cameras. They are used monitor things and have a web in…

2005- intitle:iDVR -intitle:”com | net | 08-17 shop”…

Online camera. Default login is administrator and password blank. Video server runs default on …

2005intitle:”Network Storage Link for USB 2.0 Dis… 08-12

Networked USB hard drives (NSLU2). Be sure disable Google’s filter (&filters=0) as that…

2005“Summary View of Sensors” | “sensor… 08-07

sensorProbe is a SNMP enabled and Web base Environmental Monitoring Device. The sensor attach…

2005intitle:”HP ProCurve Switch *” “Thi… 08-07

HP ProCurve Switch web management pages, found by their [noscript] html tags. Please not this…

2005intitle:”V1″ “welcome to phone sett… 08-07

This is a small search for the Italk BB899 Phon Adaptor login page. iTalkBB is a local and lon…

2005- intitle:”WEBDVR” -inurl:product -inurl:d… 07-22

DVR is a generic name used to describe the recording process with a digital cam (digitial

video… 2005intitle:”Java Applet Page” inurl:ml 07-22

Another Standalone Network Camera.Default Login: remove wg_jwebeye.ml to get a nice clue ..Serv…

2005intitle:”Veo Observer Web Client” 07-22

Another online camera search. This one uses ActiveX thingies, so you need a M$ browser. Append …

2005intitle:”Middle frame of Videoconference Mana… 07-22

Tandberg is a manufacturer of videoconferenc A videoconference (also known as a video tele

2005intitle:”TANDBERG” “This page requi… 07-22

Tandberg is a manufacturer of videoconferenc A videoconference (also known as a video tele

2005tilt intitle:”Live View / – AXIS” | inur… 07-07

A small modification to the AXIS camera searc it now returns cameras with pan / tilt, which …

2005intitle:”AXIS 240 Camera Server” intext:… 06-10

This search finds AXIS 240 Camera Servers (a opposed to just the cameras) which can host many …

2005intitle:”GCC WebAdmin” -gcc.ru 06-08

All sorts of various printer status information…

2005“RICOH Network Printer D model-Restore Factor… 06-07

Not a whole lot here….

2005printers/printman.html 06-07

some interesting information on printer status including Name, Location, Model, Pagecount, Acti…

2005intitle:”Dell Laser Printer M5200″ port_… 06-07

Dell Laser Printer M5200…

2005intitle:”configuration” inurl:port_0 06-07

More dell and lexmark printers, The usual thin included….

2005inurl:”CgiStart?page=” 06-08

This search reveals even more Panasonic IP cameras!…

2005inurl:”S=320×240″ | inurl:”S=160×12… 06-07

Mobile cameras? Not sure what camera type t is for but they are all from Asia and no passwo

2005- (cam1java)|(cam2java)|(cam3java)|(cam4java)| 06-01 (cam5j…

Kpix Java Based Traffic Cameras. Based at CB broadcasting for San Fransisco, Oakland, and San…

2005intitle:”Netopia Router (*.)””to vi… 06-03

Web admin for netopia routersThis Web tool provides access to information about the curr sta…

2005- ( intitle:”PacketShaper 05-20 Login”)|(intitle…

Packeteer’s PacketShaper is an application traffic management system t monitors, controls, a…

2005- intitle:”PacketShaper 05-19 Customer Login”

PacketShaper Login.Provides login access for PacketShaper Customers…

2005- intitle:”Dell *” 05-31 inurl:port_0

oA few Online Dell Printers, status, paper, toner levels, ips macs, the usu (Lexmark and De…

“To view the Web 2005interface of the 05-20 SpeedTouch,…

speedtouch 510 DSL modem devices that were once unprotected. That m have changed by now….

2005inurl:start.htm?scrw= 05-14

VPON (Video Picture On Net) is a video surveillance setup which seems t used by a lot of bu…

2005- intitle:”— VIDEO WEB 05-14 SERVER —” intex…

AVTech Video Web Server is a surveillance producted that is directly connected to the internet …

2005- intext:”Powered by: 05-14 Adobe PrintGear” inu…

Printers equipped with Adobe’s PrintGear technologyAdobe’s PrintGear technology is a new printi…

2005- intitle:”InterJak Web 05-20 Manager”

A router device by Uroam (formerly FilaNet), with email and VPN possibilities….

2005- intitle:”SWW link” 05-02 “Please wait…….

Zyxel Zywall…

2005inurl:”port_255″ -htm 05-02

Another way to dig up some not yet dorked Lexmark and a couple of De printers.http://johnny.i…

2005- intitle:”Freifunk.Net – 05-02 Status” -site:co…

Hacked WRT54G Freifunk firmware. The router is based on Linux so after GPL the source code …

ext:dhtml 2005intitle:"document 05-02 centre|(home)…

Various Online Devices>Xerox (*Centre)…

2005- “Please use Netscape 04-27 2.0 or enhance !!” …

A search for some HTML code used in a variety of D-link network devices (webcams and such)….

2005- intitle:”NeroNET – 04-20 burning online”

NeroNet is an online burning device by Nero. Basically with this query yo get a listing of …

2005Winamp Web Interface 04-11

Just a bit of fun, should reveal a few instances of a Winamp HTTP contro program. Without logi…

2005- intitle:”OfficeConnect 04-16 Cable/DSL Gateway”…

This query allows you to find OfficeConnect Cable/DSL Gateways, by loc the browser-check p…

2005inurl:JPGLogin.htm 04-12

webserver detection for GeoHttpServer, the page is the login page or gu cam. Don’t ask why t…

2005- “display printer status” 04-16 intitle:”H…

Xerox Phaser printers….

intitle:jdewshlp 2005“Welcome to the 04-12 Embedded Web…

HP Officejet help page. Remove “help.html” for main page….

2005inurl:/en/help.cgi “ID=*” Aficio printers (this search locates the help pages).. 04-12

2005intitle:”Lexmark *” inurl:port_0 Lexmark printers (4 models)… 04-12 2005- intitle:”OfficeConnect Wireless OfficeConnect Wireless 11g Access Point… 04-12 11g Access Po… 2005“Webthru User Login” 03-20

samsung webthru cameras…

2005- intitle:”actiontec” main setup 03-20 status &q…

Actiontec Routers….

2005- intitle:”BorderWare MXtreme 03-20 Mail Firewall Log…

BorderWare MXtreme Mail firewallMXtreme is a hardened applianc with a highly robust mail trans…

2005- intitle:”Service Managed 03-20 Gateway Login”

service Managed Gateway from VirtualAccess login page…

2005- intitle:”Flash Operator Panel” 03-20 -ext:php …

Flash Operator Panel is a switchboard type application for the Ast PBX. It runs on a web b…

2005- intitle:asterisk.management.po Coalescent Systems Inc. launched The Asterisk Management Port 03-20 rtal web-access project to bring together best-…

2005- intitle:HomeSeer.Web.Control | HomeSeer (http://www.homeseer.com/) provides a well known ho 03-18 Home.Status.Events…. automation solution (software + … 2005intitle:”active webcam page” 02-15

searches for “Active Webcam” feeds on websites, a popular USB webcam interface….

2005intitle:”Dell Laser Printer” ews 03-04

Finds Dell’s printers with EWS.EWS : Embedded Web Server technology enables the usage of a stan…

2005allintitle:Brains, Corp. camera 03-05

mmEye webcam / cam servermmEye is a multifunction multimed server equipped with 32bit RISC CP…

2005inurl:camctrl.cgi 03-05

Vivotec web cams…

2005- intext:”Please enter correct 02-12 password for Adm…

Finds SMC Routers….

2005- intitle:”supervisioncam 02-22 protocol”

“SupervisionCam captures and compares images from video cam (internet) image files or…

2005- intitle:Linksys 02-15 site:ourlinksys.com

Ourlinksys.com DDNS entries pointing to Linksys web enabled cameras…

2005High scalable Ethernet switches by HP running in the default intitle:”DEFAULT_CONFIG – HP” 02-15 configuration… 2005- intitle:”switch login” “IBM Fast 02-15 Et…

IBM 8275 Model 416 High Performance Ethernet Workgroup Switc

2005- intitle:"Brother" 02-04 intext:&qu…

Finds a real bunch of Brother printers…

2005- intitle:"Connection 02-02 Status" inte…

This is an intriguing way of finding various ‘5861 DMT Routers’ – t presence of a web-interfa…

2005inurl:na_admin 02-01

This searches for the admin pages for a “Network Appliance” box authenticated use…

2005- intitle:”EpsonNet WebAssist 01-28 Rev”

This reveals the Epson Web Assist page (internal to the machine)…

2005The new EDSR-1600 (16-channel), EDSR-900 (9-channel) and EDS intitle:”EverFocus.EDSR.applet” 01-27 600 (6-channel) digital video rec… 2005inurl:”8003/Display?what=” 01-27

Norton AntiVirus for GatewaysEasily administered from anywhere an HTML interface, it scans …

2005allinurl:index.htm?cus?audio 01-27

This will find webcams made by Sweex, Orite and others. Support motion detection, ftp, smtp an…

2005intitle:”Browser Launch Page” 01-21

An ActiveX based webcam – so use MS IE…

2005- intitle:”Network Print Server” 01-12 intext:&q…

Axis Network Print Server devices (a better shorter search)….

2005- intitle:”Network Print Server” 01-12 filetype:…

Axis Network Print Server devices. This search has all the possible (more than strictly ne…

2005- intitle:”Setup Home” “You will 01-10 need…

This should reveal Belkin routers. Interestingly, Belkin routers by default have remote adminis…

2005filetype:cgi transcoder.cgi 01-11

Digital Video Recorder by SnapStream. It is possible on misconfig machines to stream video …

2004- inurl:”next_file=main_fs.htm” 12-30 inurl:img …

Linksys Wireless-G web cams….

2005- intitle:”SpeedStream * 01-08 Management Interface&q…

a lot of Speed stream routers :)…

2004- intitle:”Sipura.SPA.Configuratio Query returns configuration pages for online Voice over IP devices 12-30 n” -.pdf Discloses an obscene amount… 200412-08

some of the sites are very, very interesting – try a search substitu site:gov instead of si…

2004intitle:”Cayman-DSL.home” 12-19

Cayman DSL modems. Many Cayman units have a weakness whe even if remote administration is dis…

2004- intitle:”Spam Firewall” 12-13 inurl:”8000…

The Barracuda Spam Firewall is an integrated hardware and softw solution for complete protec…

2004intitle:”iVISTA.Main.Page” 12-13

And again another webcam search. MOst of these cams seem to b security cams…

2004- inurl:”:631/printers” -php 12-13 -demo

CUPS provides a portable printing layer for UNIX®-based operating systems. I…

2004- intitle:”AudioReQuest.web.serv Audio ReQuest home CD/MP3 player. Various information about th 12-06 er” configuration of the host and s… 2004intitle:”V-Gear BEE” 12-06 2004- intitle:”Live NetSnap 12-06 Cam-Server feed”

V-Gear Bee Web Cameras… Netsnap Online Cameras…

2004- axis storpoint “file view” The Axis Storpoint device turns a SCSI or ATA box with lots of cdrom pla 12-04 inurl:/volume… (or writers) into … 2004- inurl:”printer/main.html” Brother HL Printers…. 12-03 intext:”s… 2004- intext:”MaiLinX Alert 12-03 (Notify)” -site:ne…

Xerox DocuPrint printer models….

2004- “Copyright (c) Tektronix, Captain, the Phasers are online :)… 12-03 Inc.” “pr… 2004inurl:”ipp/pdisplay.htm” 11-30

Providing a standout printing solution, Novell iPrint offers secure print services that extend …

intext:”Videoconference 2004Tandberg video conferencing appliancesThe webinterface enables you t Management 11-28 drop calls and to browse … System&quo… 2004- intitle:”Smoothwall 11-24 Express” inurl:cgi-b…

smoothwall is a firewall operating system distribution based on Linux. (N many results for th…

2004intitle:”ipcop – main” 11-23

IPCop Firewall is a Linux firewall for home and SOHO users. IPCop can be managed from a simple …

2004- intitle:”EvoCam” 11-18 inurl:”webcam.html…

Evocams !…

2004“Starting SiteZAP 6.0” 11-16

siteZap webcams !…

2004inurl:axis-cgi 11-16

Just another search string to detect the infamous Axis netcams. This company actually changed t…

2004- “intitle:Cisco Systems, The Cisco VPN 3000 Concentrator is a remote access VPN. The 11-09 Inc. VPN 3000 Concent… ‘Concentrator’ is a piece of hardw… 2004- intext:”UAA (MSB)” 11-13 Lexmark -ext:pdf

Lexmark printers (T620, T522, Optra T614, E323, T622, Optra T610, Op T616, T520 and Optra S …

2004- intext:”Ready with 11-13 10/100T Ethernet”

Xerox 860 and 8200 Printers….

2004- intitle:”Home” “Xerox 11-07 Corporation&q…

CentreWare Internet Services is an interactive service that uses Internet technology to extend …

2004- WebControl intitle:”AMX AMX Netlink is a server appliance which connects various devices like a 11-06 NetLinx” beamer, laptop or video… 2004- “please visit” intitle:”i-

CCTV webcams by ICode….

11-03 Catcher C… 2004- intitle:”toshiba network Web interface of Toshiba network cameras…. 10-25 camera – User Login&… 2004- inurl:”level/15/exec/-/sho This search finds Cisco devices which have level 15 access open via 10-20 w” webinterface. If an attacke… 2004- site:.viewnetcam.com 10-19 -www.viewnetcam.com

The FREE viewnetcam.com service allows you to create a personal web address (e.g., http://bob.v…

2004intitle:”DVR Web client” 10-19

This embedded DVR is quick plug and play. Just plug it in a it will start recording. You can …

2004- inurl:TiVoConnect? 10-18 Command=QueryServer

Tivo is a the digital replacement for your analog videoreco It’s a digital media system th…

2004inurl:netw_tcp.shtml 10-12

An Axis Network Camera captures and transmits live imag directly over an IP network (e.g. LAN…

2004- (inurl:webArch/mainFrame.cgi ) | 10-11 (intitle:”we…

The Ricoh Aficio 2035 (fax/scanner) web interface.Attacke may read faxes and can get informat…

2004- intitle:”my webcamXP server!” 10-11 inurl:&quo…

“my webcamXP server!”Is there really an explantation needed?…

2004camera linksys inurl:main.cgi 10-10

Another webcam, Linksys style….

2004intitle:”DEFAULT_CONFIG – HP” 10-09

searches for the web interface of HP switches….

2004intitle:”switch home page” “cisco s… 10-09

Most cisco switches are shipped with a web administration interface. If a switch is reachable f…

2004- intitle:”axis storpoint CD” 10-05 intitle:&quo…

Axis’ network CD/DVD servers are faster, less costly and easier to manage than using full-blown…

2004intitle:webeye inurl:login.ml 10-05

This one gets you on the webinterface of Webeye webcam

2004inurl:hp/device/this.LCDispatcher 10-05

This one gets you on the web interface of some more HP Printers….

2004Canon ImageReady machines 09-29

The “large” Canon ImageReady machines with model vers 3300, 5000 & 60000….

2004intitle:”lantronix web-manager” 09-29

The Lantronix web manager home pages show the print s configuration (Server Name, Boot Cod…

2004- intitle:RICOH intitle:”Network 09-29 Administration…

Network Administration pages for several Ricoh Afficio pri models, for example the Aficio 1…

2004Aficio 1022 09-29

The Ricoh Aficio 1022 is a digital multifunctional B&W cop easily upgraded to include n…

2004Konica Network Printer Administration 09-29

This finds Konica Network Printer Administration pages. Th is one result at the time of writ…

2004- (“Fiery WebTools” inurl:index2.html) | 09-29 &…

Fiery WebTools offers many of the same capabilities of the Command WorkStationââ₅

2004intitle:”The AXIS 200 Home Page” 09-29

The Axis 200 HOME pages reside within the AXIS 200 devi and hold information about the curre…

2004More Axis netcams ! 09-29

More Axis Netcams, this search combines the cams with t default title (Live View) and extends…

2004this search will show web administration interfaces of linux dream boxes. intitle:”dreambox web” 09-10 Dreambox is one of… 2004- Phasers 08-05 4500/6250/8200/8400

More Xerox printers (Phasers 4500/6250/8200/8400). An attacker can acc the webinterface with…

2004- Canon Webview 07-29 netcams

Canon has a series of netcams that all use the “WebView LiveScope” software. They are…

2004- Xerox Phaser® This product is supported but no longer sold by Xerox in the United State 07-22 840 Color Printer Support and supplie… 2004Xerox Phaser 8200 07-22

Brochure info: “The Phaser 8200 uses solid ink, an alternative technology laser printin…

2004- Xerox Phaser® This product is supported but no longer sold by Xerox in the United State 07-22 740 Color Printer Replacement Product… 2004Xerox Phaser 6250 07-22

Base Specifications Phaser 6250N: Letter/Legal Size Color Printer 110V, 26ppm Color/B&W (24…

2004- intitle:”BorderManager 07-19 Information alert”…

This is an Informational message produced by the Novell BorderManager firewall/proxy server. At…

2004- intitle:”Live View / – 07-19 AXIS”

These AXIS cams seem to run their own http server (Boa/0.94.13). The se button can be hidden…

“powered by 2004webcamXP” “Pro| 07-16 Broadcas…

webcamXP PRO:http://www.webcamxp.com/productsadv.htmlThis is the m advanced version of the s…

2004- Panasonic WJ-NT104 07-10 netcams

The Panasonic WJ-NT104 allows easy monitoring with a conventional brow More vendor informat…

2004Mobotix netcams 07-10

Mobotix netcams use the thttpd-2.x. server (http://www.acme.com/software/thttpd/). The latest v…

2004- sony SNC-RZ20 network sony NC RZ20 cameras, only one result for this cam at the moment, a nic 07-10 cameras street view from a sky… 2004- seyeon FlexWATCH 07-10 cameras

seyeon provides various type of products and software to build up a remo video monitoring and…

2004- sony SNC-RZ30 Network sony NC RZ30 camera’s require a java capable browser. The admin pane 07-10 Cameras found at http://[siten… 2004- Panasonic Network 07-10 Cameras

Panasonic Network Cameras can be viewed and controlled from a standa web browser. These camer…

2004- intitle:”View and

These printer’s configuration is wide open. Attackers can change just abo

07-08 Configure PhaserLink”

any value through t…

2004Axis Network Cameras 06-06

The AXIS 2400 is a Web server of its own. This means that the server is secured like any other …

Taken from http://www.exploit-db.com/google-dorks/ all categories in 1

View more...

Comments

Copyright ©2017 KUPDF Inc.
SUPPORT KUPDF