Use Google Dorks To Find Passwords
below are some of the google dork commands to find the password of any weak websites.
“Index of /” +passwd
Searches for directories listing their contents that contain the word "passwd," often indicating the presence of password-related files.
“Incorrect syntax near” (SQL script error)
This query likely aims to find web pages displaying SQL syntax errors, which can sometimes reveal database structure and potentially lead to SQL injection vulnerabilities.
gobal.asax index
Searches for "gobal.asax" files, which are configuration files for ASP.NET applications. The "index" keyword might be trying to find them within directory listings.
administrator.pwd.index
Similar to password file searches, looking for files related to administrator passwords within directory listings.
Index of ftp +.mdb allinurl:/cgi-bin/ +mailto
This query is a bit more complex. It seems to be looking for Microsoft Access database files (.mdb) potentially accessible via FTP within CGI-bin directories, possibly associated with email addresses.
inurl:”auth_user_file.txt”
...
allinurl:/bash_history
Searches for URLs containing "/bash_history," which typically stores the command history of Bash shell users.
intitle:”Index of” master.passwd
Looks for directory listings where the title of the page contains "Index of" and the file "master.passwd," a common name for user password files in some systems.
intitle:”Index of” “.htpasswd” -intitle:”dist” -apache -htpasswd.c
Seeks directory listings containing ".htpasswd" files (used for Apache authentication), while excluding results with "dist," "apache," and "htpasswd.c" in the title to filter out irrelevant results.
intitle:”Index of” spwd
Similar to passwd, searches for "spwd," which might refer to shadow password files.
intitle:”Index of” passwd
Another direct search for directory listings containing "passwd" files.
authors.pwd.index
Similar to other password file searches, possibly looking for author-related password files in directory listings.
allintitle: “index of/admin”
Searches for directory listings with "index of/admin" in the title.
Index of /” +.htaccess
....
“Supplied arguments is not a valid PostgreSQL result” (possible debilidad SQL)
Similar to the above, this searches for a specific PostgreSQL error message that might indicate a vulnerability.
service.pwd.index
Searches for password-related files associated with services, likely within directory listings.
intitle:”Index of” pwd.db
Looks for directory listings with a file named "pwd.db," which could be a password database.
inurlasslist.txt
Looks for URLs containing "passlist.txt," which could be a list of passwords.
intitle:”Index of” .sh_history
Searches for directory listings containing ".sh_history" files, which store shell command history and might contain sensitive information.
index.of.private (algo privado)
A generic search for directory listings with "private" in the name, indicating potentially sensitive areas. The "(algo privado)" suggests the user is looking for something private in Spanish.
_vti_pvt password intitle:index.of (Frontpage)
Targets FrontPage server extensions' private directory (_vti_pvt) for password-related information within directory listings.
intitle:”Index of” .bash_history
Another search for directory listings containing ".bash_history" files.
intitle:index.of master.passwd
Another variation of the master.passwd search.
allinurl: winnt/system32/ (get cmd.exe)
This query attempts to find servers where the winnt/system32/ directory is accessible, potentially allowing the retrieval of cmd.exe, the Windows command-line interpreter.
inurl:backup intitle:index.of inurl:admin
Looks for directory listings within URLs containing "backup" and "admin," suggesting potential backups of administrative areas.
inurl:”wwwroot/*.”
Attempts to find directory listings within the "wwwroot" directory, which is often the web server's document root. The wildcard * and trailing . might be intended to catch various file extensions.
filetype:config web
Broadly searches for configuration files related to web applications.
“Index of /backup”
Searches for directories listing their contents with "backup" in the path.
intitle:”Index of” user_carts OR user _cart
......
inurl:”auth_user_file.txt”
.....
intitle:”Index of” etc/shadow
Specifically targets directory listings containing the "shadow" file, which stores hashed passwords on Unix-like systems.
inurl:admin filetype:db
Searches for database files within URLs containing "admin."
index.of.winnt
Searches for directory listings related to "winnt," an older version of Windows, potentially exposing system information.
index.of.password
A general search for directory listings containing "password."
“Index of /password”
Another variation of the general password directory listing search.
intitle:”Index of..etc” passwd
A slightly malformed query aiming for directory listings under "/etc" containing "passwd."
allintitle: “index of/root”
Searches for directory listings with "index of/root" in the title, which is a sensitive directory on Unix-like systems.
intitle:”Index of” members OR accounts
Looks for directory listings containing either "members" or "accounts," which might hold user information.
allintitle: sensitive filetype:doc
Searches for Word documents (.doc) with "sensitive" in the title.
intitle:admin intitle:login
.....
intitle:”the page cannot be found” inetmgr
Searches for "The page cannot be found" errors that might be related to "inetmgr," the IIS Manager, potentially revealing server information.
allintitle: restricted filetype :mail
Looks for mail files with "restricted" in the title.
“Index of /admin”
Searches for directories listing their contents with "admin" in the path.
“Index of /mail”
Searches for directories listing their contents with "mail" in the path.
intitle:”Index of” people.1st
A more specific search that might be looking for a file named "people.1st" within a directory listing.
intitle:index.of ws_ftp.ini
Targets configuration files ("ws_ftp.ini") for WS_FTP, a Windows FTP client, which might contain stored credentials.
allintitle: restricted filetype:doc site:gov
Looks for restricted Word documents on government websites.
inurl:iisadmin
Looks for URLs containing "iisadmin," the administrative interface for Internet Information Services (IIS), Microsoft's web server.
filetype:htpasswd htpasswd
Directly searches for files with the ".htpasswd" extension.
inurlasswd filetype:txt
Searches for text files with "passwd" in the URL.
intitle:”Index of” htpasswd
Another search for directory listings containing "htpasswd" files.
Post a Comment
0Comments