Main » Articles » Web Hacking » Exploits and Vulenrablities |
Find Passwords and Uploaded PHP Shells via Google using Private Dorks
Google can be used to find some shells and password to bypass the security and do anything being an admin of that website etc. So here are the steps and Dorks are listed below too Go to Google.com and type these Dorks, and you will got a Lot of uploaded shells in Google serach results !! Dorks for finding shells:inurl:.php "cURL: ON MySQL: ON MSSQL: OFF” "Shell” filetype:php intext:”uname -a:” "EDT 2010″ intitle:”intitle:r57shell” [ phpinfo ] [ php.ini ] [ cpu ] [ mem ] [ users ] [ tmp ] [ delete ] inurl:”c99.php” & intext:Encoder Tools Proc. FTP brute Sec. SQL PHP-code Update Feedback Self remove Logout inurl:”c100.php” & intext:Encoder Tools Proc. FTP brute Sec. SQL PHP-code Update Feedback Self remove Logout intitle:”Shell” inurl:”.php” & intext:Encoder Tools Proc. FTP brute Sec. SQL PHP-code Update Dorks for finding Passwords:filetype:htpasswd htpasswd intitle:”index of” ".htpasswd” -intitle:”dist” -apache -htpasswd.c index.of.private (algo privado) intitle:index.of master.passwd inurlasslist.txt (para encontrar listas de passwords) intitle:”index of..etc” passwd intitle:admin intitle:login "incorrect syntax near” (sql script error) intitle:”the page cannot be found” inetmgr (debilidad en iis4) intitle:index.of ws_ftp.ini "supplied arguments is not a valid postgresql result” (possible debilidad sql) _vti_pvt password intitle:index.of (frontpage) inurl:backup intitle:index.of inurl:admin "index of /backup” index.of.password index.of.winnt inurl:”auth_user_file.txt” "index of /admin” "index of /password” "index of /mail” "index of /” +passwd index of /” +.htaccess index of ftp +.mdb allinurl:/cgi-bin/ +mailto allintitle: "index of/admin” allintitle: "index of/root” allintitle: sensitive filetype:doc allintitle: restricted filetype :mail allintitle: restricted filetype:doc site:gov administrator.pwd.index authors.pwd.index service.pwd.index filetype:config web gobal.asax index inurlasswd filetype:txt inurl:admin filetypeBig Grinb inurl:iisadmin inurl:”auth_user_file.txt” inurl:”wwwroot/*.” allinurl: winnt/system32/ (get cmd.exe) allinurl:/bash_history intitle:”index of” .sh_history intitle:”index of” .bash_history intitle:”index of” passwd intitle:”index of” people.1st intitle:”index of” pwd.db intitle:”index of” etc/shadow intitle:”index of” spwd intitle:”index of” master.passwd intitle:”index of” htpasswd intitle:”index of” members or accounts intitle:”index of” user_carts or user _cart | |
Views: 13327 | Comments: 1 | Rating: 3.3/3 |
Total comments: 1 | ||
| ||