Komentarai Prisijungti
Viršuje: Seniausi | Naujausi
Anonymous 2008-02-26 18:03
Greitai laužti kompus mokės dar negimę kūdikiai
Anonymous 2008-02-26 21:58
Using Google to find passwords & other nice things
>>Google hacking at its finest..
Using Google, and some finely crafted searches we can find a lot of interesting information.
For Example we can find:
Credit Card Numbers
Passwords
Software / MP3's
...... (and on and on and on)
Presented below is just a sample of interesting searches
that we can send to google to obtain info that some people might not
want us having.. After you get a taste using some of these, try your
own crafted searches to find info that you would be interested in.
Try a few of these searches:
intitle:"Index of" passwords modified
allinurl:auth_user_file.txt
"access denied for user" "using password"
"A syntax error has occurred" filetype:ihtml
allinurl: admin mdb
"ORA-00921: unexpected end of SQL command"
inurl:passlist.txt
"Index of /backup"
"Chatologica MetaSearch" "stack tracking:"
"parent directory " /appz/ -xxx -html -htm -php -shtml -opendivx -md5 -md5sums
"parent directory " DVDRip -xxx -html -htm -php -shtml -opendivx -md5 -md5sums
"parent directory "Xvid -xxx -html -htm -php -shtml -opendivx -md5 -md5sums
"parent directory " Gamez -xxx -html -htm -php -shtml -opendivx -md5 -md5sums
"parent directory " MP3 -xxx -html -htm -php -shtml -opendivx -md5 -md5sums
"parent directory " Name of Singer or album -xxx -html -htm -php -shtml -opendivx -md5 -md5sums
Notice that I am only changing the word after the parent directory, change it to what you want and you will get a lot of stuff.
>METHOD 2
put this string in google search:
?intitle:index.of? mp3
You only need add the name of the song/artist/singer.
Example: ?intitle:index.of? mp3 jackson
>METHOD 3
put this string in google search:
inurl:microsoft filetype:iso
You can change the string to watever you want, ex. microsoft to adobe, iso to zip etc…
"# -FrontPage-" inurl:service.pwd
Frontpage passwords.. very nice clean search results listing !!
"AutoCreate=TRUE password=*"
This searches the password for "Website Access Analyzer", a Japanese
software that creates webstatistics. For those who can read Japanese,
check out the author's site at:
"http://*:*@www" domainname
This is a query to get inline passwords from search engines (not just
Google), you must type in the query followed with the the domain name
without the .com or .net
"http://*:*@www" bangbus or "http://*:*@www"bangbus
Another way is by just typing
"http://bob:bob@www"
"sets mode: +k"
This search reveals channel keys (passwords) on IRC as revealed from IRC chat logs.
allinurl: admin mdb
Not all of these pages are administrator's access databases containing
usernames, passwords and other sensitive information, but many are!
allinurl:auth_user_file.txt
DCForum's password file. This file gives a list of (crackable) passwords,
usernames and email addresses for DCForum and for DCShop (a shopping
cart program(!!!). Some lists are bigger than others, all are fun, and
all belong to googledorks. =)
intitle:"Index of" config.php
This search brings up sites with "config.php" files. To skip the technical
discussion, this configuration file contains both a username and a
password for an SQL database. Most sites with forums run a PHP message
base. This file gives you the keys to that forum, including FULL ADMIN
access to the database.
eggdrop filetype:user user
These are eggdrop config files. Avoiding a full-blown descussion about
eggdrops and IRC bots, suffice it to say that this file contains
usernames and passwords for IRC users.
intitle:index.of.etc
This search gets you access to the etc directory, where many many many types of password files can be found. This link is not as reliable, but
crawling etc directories can be really fun!
filetype:bak inurl:"htaccess|passwd|shadow|htusers"
This will search for backup files (*.bak) created by some editors or even by the administrator himself (before activating a new version).
Every attacker knows that changing the extenstion of a file on a webserver can have ugly consequences.
Let's pretend you need a serial number for Windows xp pro. In the google search bar type in just like this - "Windows XP Professional" 94FBR
the key is the 94FBR code.. it was included with many MS Office
registration codes so this will help you dramatically reduce the amount
of 'fake' porn sites that trick you.
or if you want to find the serial for winzip 8.1 - "Winzip 8.1" 94FBR
Anonymous 2008-02-26 22:13
Jei kam idomu kaip ta svetaine atrodo o del ko ja iseme is serverio ir taip aisku
Einate i google parasote svetaines hosto adresa ir apacioje parasyta google kopija ja ir atsidarote cia tik html failo kopija...
Anonymous 2008-02-26 22:18
Viskas ten veikia tik nekiekvienam ten patekti xD
Anonymous 2008-02-26 22:29
Parasyciau ir as kaip, bet man neleidzia adreso rasyti reikia registruotis tad apsieisit
Mindė 2008-02-27 01:12
www.goolag.net
Anonymous 2008-02-27 14:47
Jeigu nematai tai jos tau kazkodel neatidaro ;D reikia kai ka zinoti kad atsidarytu
Mindė 2008-02-28 11:11
Pihas, žinovas tu didysis... goolag . net atidaro ir be tavo auksinių žinių, jeigu nematai
Anonymous 2008-02-28 13:47
joa, .net atidaro ,tai cia trbt. ir buvo,tas jo (Pihas) "reikia kai ka zinoti kad atsidarytu" atidarimo budas ;]
Anonymous 2008-02-28 15:41
Anonymous 2008-02-28 15:43
Man tas jusu .net .com .biz .eu galune vienodai as i ja net demesio neatkreipiau galvojau del kai ko kitko neatidaro...
Anonymous 2008-02-28 16:01
siunciuos ji toj biskuti prabandysiu
Anonymous 2008-02-28 16:07
nebereikalingai hackeriu instalas kalba
Skeptikas 2008-03-29 19:54
Manau reiktų daugiau cenzūros, nes visokie vaikigaliai rašinėja nesąmones anglu kalba.
Komentuoti gali tik registruoti lankytojai.
Neregistruotiems lankytojams komentavimas uždraustas siekiant sumažinti
paviršutiniškų, beverčių ir įžeidinėjančių žinučių kiekį.
Hakeriai pavertė „Google“ saugumo spragų skeneriu