Menu
» » Google Hacking Database 2015

A+ A-

1. File chứa mật khẩu
inurl:"security/xamppdirpasswd.txt"inurl:yahoo_site_admin/credentials/
"automatic teller" "operator manual" "password" filetype:pdf
inurl:ws_ftp.ini "[WS_FTP]" filetype:ini
xamppdirpasswd.txt filetype:txt
inurl:typo3conf/localconf.php
inurl:/backup intitle:index of backup intext:*sql
ext:sql intext:@gmail.com intext:password
ext:sql intext:@hotmail.com intext :password
filetype:config inurl:web.config inurl:ftp

  2. Thư mục nhạy cảm
"Config" intitle:"Index of" intext:vpn
"jos_users" intitle:"Index of"
inurl:/cgi-bin/.cgi
allinurl:/hide_my_wp=
intitle:"index of" intext:".ds_store"
intitle:"index of" myshare

3. Tập tin chứa thông tin nhạy cảm
filetype:xml inurl:/WEB-INF/ inurl:ftp:// -www
ext:pem intext:BEGIN CERTIFICATE
ext:log telnet intext:password
ext:msg OR ext:eml site:gov OR site:edu
filetype:log intext:org.apache.hadoop.hdfs
"google confidential" filetype:pdf
inurl:"/server-info" intext:"Loaded Modules"
inurl:"installer-log.txt" intext:"DUPLICATOR INSTALL-LOG"
filetype:mobileconfig intext:password OR intext:pass
ext:txt inurl:gov intext:"Content-Type: text/plain; charset=utf-8" AND intext:"Received: from "
filetype:sql site:gov and "insert into"
intext:phpMyAdmin SQL Dump filetype:sql intext:INSERT INTO `admin` (`id`, `user`, `password`) VALUES -github
(intext:mail AND intext:samAccountName) AND (filetype:xlsx OR filetype:xls OR filetype:csv OR filetype:txt)
inurl:crossdomain filetype:xml intext:allow-access-from

4. Lỗ hổng
inurl:fckeditor -intext:"ConfigIsEnabled = False" intext:ConfigIsEnabled
intitle:"pChart 2.x - examples" intext:"2.1.3"

5. Vulnerable Servers
inurl:/elfinder/elfinder.html+intitle:"elFinder 2.0"
inurl:robots.txt intext:CHANGELOG.txt intext:disallow ext:txt -site:github.com
inurl:CHANGELOG.txt intext:drupal intext:"SA-CORE" -intext:7.32 -site:github.com -site:drupal.org
ext:cgi inurl:cgi-bin intext:#!/bin/bash
"OpenSSL" AND "1.0.1 Server at" OR "1.0.1a Server at" OR "1.0.1b Server at" OR "1.0.1c Server at" OR "1.0.1d Server at" OR "1.0.1e Server at" OR "1.0.1f Server at"
inurl:"/reports/rwservlet" intext:"Oracle"
Người đăng:
Nhãn:

Share to:

vào lúc 14:56

Đăng nhận xét Blogger

Đăng ký: Đăng Nhận xét (Atom)
 
Top