Google Search: filetype:log inurl:'password.log' These files contain cleartext usernames and passwords, as well as the sites associated with those credentials. Attackers can use this information to log on to that site as that user.
Opções de Buscas.Changing values without knowing what they are might make your phone unstable. Use the set-initial-password command of neo4j-admin to define the password for the native user neo4j. Filetype: xls inurl: 'password. Xls' intitle:index. Txt 22-Jun-2001 draft-ietf-curdle-ssh-kex-sha2-03. Akan ada file baru;Password. RechercheDescription inurl:/db/main.mdb ASP-Nuke passwords filetype:cfm « cfapplication name » password ColdFusion source with potential passwords filetype:pass pass intext:userid dbman credentials allinurl:authuserfile.txt DCForum user passwords eggdrop filetype:user user Eggdrop IRC user credentials filetype:ini. Ext:txt inurl:unattend.txt filetype:bak inurl:'htaccess passwd shadow htusers' filetype:cfg mrtg 'target' -sample -cvs -example filetype:cfm 'cfapplication name' password filetype:conf oekakibbs filetype:conf scserv.conf filetype:conf slapd.conf filetype:config config intext:appSettings 'User ID'. Get Cleveland & Ohio latest news. This wouldn't have been too much of a problem if they hadn't stored all of their passwords unencrypted, in plain text for an attacker to see. Asax index inurl:passwd filetype:txt inurl:admin filetype:db inurl:iisadmin inurl:'authuserfile. The IETF 109 Hackathon will take place 9-13 November.
Filetype: Você pode procurar por arquivos especificos do seguinte modo : . :*.xls, *.doc, *.pdf, *.ps, *.ppt, *.rtf, *.db, *.mdb, *.cfg, *.pwd, *.dat , etc.
usando ex.: Filetype:xls 'pass'
Inurl: Você pode com uma especifica palavra, e retornar as urls
contendo as palavras. - usando ex.: inurl:admin
'Index of': voce pode encontrar pastas especificas dentro de servidores
usando ex.: 'index of' admin ou index.of.admin
Site: você pode encontrar sites especificos (dominios) ex. *.com, *.org,
*.mi, *.gov, etc. - usando ex.: site:gov ou site:gov 'cyprus'
Intitle: - usa-se para achar uma URL que contenha no titulo as palavras que você pesquisar.
ex.: intitle:BEL
Você pode conseguir muitas informações e copiar arquivos direto dos servidores veja os exemplos. tente procurar por :
* inurl:gov filetype:xls 'restricted' (retornará por arquivos do governo com excel contendo palavras 'restricted'.
* inurl:admin.cfg (admin.cfg, arquivo de configuração de admin, contendo passwords, o arquivo contem informações sigilosas).
* Webadmin: (Isso é um pequeno software em que a maioria dos administradores usam para fazer o upload de arquivos remotos.
usaando ex. inurl:file_upload.php)
* Content Manager Systems: São softwares que o administrador edita o conteudo do site facilmente, os nomes deles a maioria das veses são : panel.html , cms.html , control.cfg , basta usar na opção inurl.
inurl:admin inurl: |userlist Generic userlist files
---------------------------------------------------------
inurl:admin filetype: |asp Generic userlist files
inurl:userlist |
---------------------------------------------------------
inurl:php inurl: |Half-life statistics file, lists username and
hlstats intext: |other information
Server Username |
---------------------------------------------------------
filetype:ctl |
inurl:haccess. |alent of hcess
c |shows Web user credentials
---------------------------------------------------------
filetype:reg |
reg intext: |Mger can
---------------------------------------------------------
'internet account manager' |reveal usernames and more
filetype:wab wab |Mdress
|books
---------------------------------------------------------
filetype:mdb inurl:profiles |Msning
|profiles.
---------------------------------------------------------
index.of perform.ini |mIRC IRC ini file can list IRC usernames and
|other information
---------------------------------------------------------
inurl:root.asp?acs=anon |O directory can be
|used to discover usernames
---------------------------------------------------------
filetype:conf inurl:proftpd. |PROFTP FTP server configuration file
conf –sample |reveals
|username and server information
---------------------------------------------------------
filetype:log username
---------------------------------------------------------
filetype:rdp rdp |Remote Desktop Connection files reveal user
|credentials
---------------------------------------------------------
intitle:index.of |UNIX bash shell history reveals commands
.bash_history |typed at a bash command prompt; usernames
|are often typed as argument strings
---------------------------------------------------------
intitle:index.of |UNIX shell history reveals commands typed at
.sh_history |a shell command prompt; usernames are
|often typed as argument strings
---------------------------------------------------------
'index of ' lck |Various lock files list the user currently using
|a file
---------------------------------------------------------
+intext:webalizer +intext: |Webalizer Web statistics page lists Web user-
Total Usernames +intext: |names and statistical information
'Usage Statistics for'
---------------------------------------------------------
filetype:reg reg HKEY_ |orts can reveal
CURRENT_USER |username usernames and other information
---------------------------------------------------------
---------------------------------------------------------
inurl:/db/main.mdb | passwords
---------------------------------------------------------
filetype:cfm 'cfapplication | source with potential passwords
name' password
---------------------------------------------------------
filetype:pass |dbman credentials
pass intext:userid
---------------------------------------------------------
allinurl:auth_user_file.txt |DCForum user passwords
---------------------------------------------------------
---------------------------------------------------------
filetype:ini inurl:flashFXP.ini |FlashFXP FTP credentials
---------------------------------------------------------
filetype:url +inurl:'ftp://' |FTP bookmarks cleartext passwords
+inurl:'@'
---------------------------------------------------------
inurl:zebra.conf intext: | passwords
password -sample -test
-tutorial –download
---------------------------------------------------------
filetype:htpasswd htpasswd |HTTP htpasswd Web user credentials
---------------------------------------------------------
intitle:'Index of' '.htpasswd' |HTTP htpasswd Web user credentials
'htgroup' -intitle:'dist'
-apache -htpasswd.c
---------------------------------------------------------
intitle:'Index of' '.htpasswd' |HTTP htpasswd Web user credentials
htpasswd.bak
---------------------------------------------------------
'http://*:*@www' bob:bob |HTTP passwords (bob is a sample username)
---------------------------------------------------------
'sets mode: +k' |IRC channel keys (passwords)
---------------------------------------------------------
'Your password is * |Remember IRC NickServ registration passwords
this for later use'
---------------------------------------------------------
signin filetype:url |JavaScript authentication credentials
---------------------------------------------------------
---------------------------------------------------------
inurl:lilo.conf filetype:conf |LILO passwords
password -tatercounter2000
-bootpwd –man
---------------------------------------------------------
filetype:config config intext: |Microsoft .NET application credentials
appSettings 'User ID'
---------------------------------------------------------
filetype:pwd service |
---------------------------------------------------------
intitle:index.of |s.pwd
---------------------------------------------------------
'# -Fge-' |rds
inurl:service.pwd
ext:pwd inurl:_vti_pvt inurl: |Mi passwords
(Service | authors | administrators)
---------------------------------------------------------
inurl:perform filetype:ini |mIRC nickserv credentials
---------------------------------------------------------
intitle:'index of' intext: |mySQL database credentials
connect.inc
---------------------------------------------------------
intitle:'index of' intext: |mySQL database credentials
globals.inc
---------------------------------------------------------
filetype:conf oekakibbs |Oekakibss user passwords
---------------------------------------------------------
filetype:dat wand.dat |Opera‚ ÄúMagic Wand‚Äù Web credentials
---------------------------------------------------------
inurl:ospfd.conf intext: |OSPF Daemon Passwords
password -sample -test
-tutorial –download
---------------------------------------------------------
index.of
---------------------------------------------------------
inurl:list.txt
---------------------------------------------------------
filetype:dat 'password.dat' |password.dat files
---------------------------------------------------------
inurl:password.log filetype:log |password.log file reveals usernames,
|passwords,and hostnames
---------------------------------------------------------
filetype:log inurl:'password.log' |password.log files cleartext
|passwords
---------------------------------------------------------
inurl:pple.lst filetype:lst |
---------------------------------------------------------
intitle:index.of config.php |PHP Configuration File database
|credentials
---------------------------------------------------------
inurl:config.php dbuname dbpass |PHP Configuration File database
|credentials
---------------------------------------------------------
---------------------------------------------------------
filetype:conf inurl:psybnc.conf |psyBNC IRC user credentials
'USER.PASS='
---------------------------------------------------------
fals
---------------------------------------------------------
filetype:conf slapd.conf |slapd configuration files root password
---------------------------------------------------------
inurl:'slapd.conf' intext: |slap
'credentials' -manpage
-'Manual Page' -man: -sample
---------------------------------------------------------
inurl:'slapd.conf' intext: |sla
'rootpw' -manpage
-'Manual Page' -man: -sample
---------------------------------------------------------
filetype:sql 'IDENTIFIED BY' –cvs |SQL passwords
---------------------------------------------------------
filetype:sql password |SQL passwords
---------------------------------------------------------
filetype:ini wcx_ftp |Total Commander FTP passwords
---------------------------------------------------------
filetype:netrc password |UNIX .netrc user credentials
---------------------------------------------------------
index.of.etc |UNIX /etc directories contain
|various credential files
---------------------------------------------------------
intitle:'Index of..etc' passwd |UNIX /etc/passwd user credentials
---------------------------------------------------------
intitle:index.of passwd |UNIX /etc/passwd user credentials
passwd.bak
---------------------------------------------------------
intitle:'Index of' pwd.db |UNIX /etc/pwd.db credentials
---------------------------------------------------------
intitle:Index.of etc shadow |UNIX /etc/shadow user credentials
---------------------------------------------------------
intitle:index.of master.passwd |UNIX master.passwd user credentials
---------------------------------------------------------
intitle:'Index of' spwd.db |UNIX spwd.db credentials
passwd -pam.conf
---------------------------------------------------------
filetype:bak inurl:'htaccess| |UNIX various password file backups
passwd|shadow|htusers
---------------------------------------------------------
filetype:inc dbconn |Various database credentials
---------------------------------------------------------
filetype:inc intext:mysql_ |Various database credentials, server names
connect
---------------------------------------------------------
filetype:properties inurl:db |Various database credentials, server names
intext:password
---------------------------------------------------------
inurl:vtund.conf intext:pass –cvs |n passwords
---------------------------------------------------------
inurl:'wvdial.conf' intext: |wdial dialup user credentials
'password'
---------------------------------------------------------
filetype:mdb wwforum |Ws Web credentials
---------------------------------------------------------
'AutoCreate=TRUE password=*' |Website Access Analyzer user passwords
---------------------------------------------------------
filetype:pwl pwl |Windows Password List user credentials
---------------------------------------------------------
filetype:reg reg +intext: |Winy Keys containing user
'defaultusername' intext: |credentials
'defaultpassword'
---------------------------------------------------------
filetype:reg reg +intext: |Winy Keys containing user
'internet account manager' |credentials
---------------------------------------------------------
'index of/' 'ws_ftp.ini' |WS_FTP FTP credentials
'parent directory'
---------------------------------------------------------
filetype:ini ws_ftp pwd |WS_FTP FTP user credentials
---------------------------------------------------------
inurl:/wwwboard |wwwboard user credentials
-
>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>.
intitle:'Index of' passwords modified
allinurl:auth_user_file.txt
'access denied for user' 'using password'
'A syntax error has occurred' filetype:ihtml
allinurl: admin mdb
'ORA-00921: unexpected end of SQL command'
inurl:passlist.txt
'Index of /backup'
'Chatologica MetaSearch' 'stack tracking:'
'parent directory ' /appz/ -xxx -html -htm -php -shtml -opendivx -md5 -md5sums
'parent directory ' DVDRip -xxx -html -htm -php -shtml -opendivx -md5 -md5sums
'parent directory 'Xvid -xxx -html -htm -php -shtml -opendivx -md5 -md5sums
'parent directory ' Gamez -xxx -html -htm -php -shtml -opendivx -md5 -md5sums
'parent directory ' MP3 -xxx -html -htm -php -shtml -opendivx -md5 -md5sums
'parent directory ' Name of Singer or album -xxx -html -htm -php -shtml -opendivx -md5 -md5sums
>METHOD 2
put this string in search:
?intitle:index.of? mp3
You only need add the name of the song/artist/singer.
Example: ?intitle:index.of? mp3 name
>METHOD 3
put this string in e search:
inurl:microsoft filetype:iso
You can change the string to watever you want, ex. microsoft to adobe, iso to zip etc…
'# -FrPge-' inurl:service.pwd
Frontpage passwords.. very nice clean search results listing !!
'Aute=TRUE password=*'
'http://*:*@www' domainname
This is a query to get inline passwords from search engines (not just
le), you must type in the query followed with the the domain name
without the .com or .net
'http://*:*@www' bangbus or 'http://*:*@www'bangbus
Another way is by just typing
'http://bob:bob@www'
'sets mode: +k'
This search reveals channel keys (passwords) on IRC as revealed from IRC chat logs.
allinurl: admin mdb
Not all of these pages are administrator's access databases containing
usernames, passwords and other sensitive information, but many are!
allinurl:auth_user_file.txt
intitle:'Index of' config.php
eggdrop filetype:user user
These are eggdrop config files. Avoiding a full-blown descussion about
eggdrops and IRC bots, suffice it to say that this file contains
usernames and passwords for IRC users.
intitle:index.of.etc
filetype:bak inurl:'htaccess|passwd|shadow|htusers'
This will search for backup files (*.bak) created by some editors or even by the administrator
>>>>>>>>>>>>>>>>>>>>>>>>>>
= Index
----------------------------------------------------------------------
0) Key
1) Directories
2) Xitami Servers
3) Directory Listing
4) Andromeda Servers
5) Zina Artists
6) Apache mp3 Servers
7) Individual Songs
----------------------------------------------------------------------
= Section 0 - KEY
---------------------------------------------------------------------- You this are just some definitions I will use below. [Directory String] can be any of the following : 1) 'index of' 2) 'last modified' 3) 'parent of' [file type] can be any of the following : 1) 'mp3' 2) 'shn' 3) 'wma' [mp3 name] can be any of the following : 1) the name of the album in quotes 2) the name of the artist in quotes 3) be daring and leave it blank and have lots of links 4) be creative! [limitors] 1) -html -htm -php -asp -txt -pls (inurl:) is optional and may be omitted and in fact most be omitted if not using a search tool other than000. (intitle:) can be used in place of (inurl:) and has a similar effect again you must be useing000e. (-filetype:txt) adding this to the end of your search string can filter some false positives. (-playlist) adding this to the end of your search string can filter some false positives. ----------------------------------------------------------------------
= Section 1 - Directories
---------------------------------------------------------------------- These are the most common way that mp3s are stored on the www, you should try these strings first. String Format : Type 1 : [Directory String] + (inurl:)[file type] + [mp3 name] Type 2 : [Directory String] + (intitle:)[file type] + [mp3 name] Type 3 : [Directory String] + [file type] + [mp3 name] + [limitors] Example Strings : - intitle:index.of + mp3 + 'grandaddy' -html -htm -php -asp -txt -pls - 'index of' + 'mp3' + 'radiohead' -html -htm -php - 'index of' + mp3 + 'grandaddy' - 'index of' + inurl:mp3 + 'beatles' -txt -pls - 'index of' + intitle:mp3 + beatles - 'last modified' + 'shn' + 'dylan' - 'last modified' + inurl:shn + 'bob dylan' - 'parent of' + inurl:wma + 'grandaddy' Suggestions : - Try (intitle:index.of + 'mp3' + 'band name' -htm -html -php -asp) first it is usually the most effective. Another Little Trick: - If you have been getting alot of results on 0000 but the pages don't seem to be there try adding dates and the 'apache' string to your search i.e. - intitle:index.of + mp3 + 'grandaddy' -html -htm -php -asp apache feb-2005 - intitle:index.of + mp3 + 'grandaddy' -html -htm -php -asp apache 2005 or if you just want a big list of mp3' doing a search like this everymonth - intitle:index.of + mp3 + -html -htm -php -asp apache mar ----------------------------------------------------------------------
= Section 2 - Xitami Servers
----------------------------------------------------------------------
String Format :
Type 1 : 'xitami web server' + (inurl:)[file type] + [mp3 name]
Type 2 : 'xitami web server' + (intitle:)[file type] + [mp3 name]
Example Strings :
- 'xitami web server' + 'mp3' + 'radiohead'
- 'xitami web server' + intitle:shn + 'beatles'
- 'xitami web server' + inurl:mp3 + 'magnetic fields'
----------------------------------------------------------------------
= Section 3 - Directory Listing
----------------------------------------------------------------------
String Format :
Type 1 : 'directory listings' + (inurl:)[file type] + [mp3 name]
Type 2 : 'directory listings' + (intitle:)[file type] + [mp3 name]
Type 3 : 'directory listings of' + (inurl:)[file type] + [mp3 name]
Type 4 : 'directory listings of' + (intitle:)[file type] + [mp3 name]
Example Strings
- 'directory listings' + 'mp3' + 'radiohead'
- 'directory listings' + intitle:shn + 'beatles'
- 'directory listings' + inurl:mp3 + 'magnetic fields'
- 'directory listings of' + 'mp3' + 'radiohead'
- 'directory listings of' + intitle:shn + 'beatles'
- 'directory listings of' + inurl:mp3 + 'magnetic fields'
----------------------------------------------------------------------
= Section 4 - Andromeda Servers
----------------------------------------------------------------------
String Format :
Type 1 : 'scott matthews' + andromeda + [mp3 name]
Type 2 : 'scott matthews' + andromeda + [file type] + [mp3 name]
Type 3 : 'powered by andromeda' + [mp3 name]
Type 4 : 'powered by andromeda' + [file type] + [mp3 name]
Type 5 : inurl:andromeda.php + [mp3 name]
Type 6 : inurl:anromeda.php + [file type] + [mp3 name]
Type 7 : 'scott matthews'
Type 8 : 'powered by andromeda'
Type 9 : inurl:andromeda.php
Examples :
- 'scott matthews' + andromeda + 'radiohead'
- 'scott matthews' + andromeda + 'mp3' + 'fitter'
- 'powered by andromeda' + 'gradaddy'
- 'powered by andromeda' + 'mp3' + 'just like women'
- inurl:andromeda.php + 'shn'
- inurl:anromeda.php + 'wma' + 'dylan'
- 'scott matthews'
- 'powered by andromeda'
- inurl:andromeda.php
----------------------------------------------------------------------
= Section 5 - Zina Artists
----------------------------------------------------------------------
String Format :
Type 1 : 'zina artists'
Examples :
Inurl Password Filetype Txt Download
- 'zina artists'
----------------------------------------------------------------------
= Section 6 - Apache mp3 Servers
----------------------------------------------------------------------
String Format :
Type 1 : 'stream all' + apache + [mp3 name]
Type 2 : 'stream all' + apache
Type 3 : 'shuffle all' + apache + [mp3 name]
Inurl Password Filetype Txt Reader
Type 4 : 'shuffle all' + apache
Examples :
- 'stream all' + apache
- 'stream all' 'shuffle all' mp3
- 'stream all' + apache + radiohead
- 'shuffle all' + beatles
----------------------------------------------------------------------
Inurl Password Filetype Txt Password
= Section 7 - Individual Songs----------------------------------------------------------------------
Format : [mp3 name].mp3 -playlist -filetype:txt
Examples :
Inurl Password Filetype Txt
- 'ok_computer_live.mp3' -playlist -filetype:txt
Inurl Passwd Filetype Txt Reader
- '*ok_computer*.mp3' -playlist -filetype:txt- kid*a.mp3 -playlist -filetype:txt