sabato 30 luglio 2011


* inurl:/db/main.mdb |ASP-Nuke passwords
* filetype:cfm "cfapplication |ColdFusion source with potential passwords name" password
* filetype:pass |dbman credentials pass intext:userid
* allinurl:auth_user_file.txt |DCForum user passwords
* eggdrop filetype:user user |Eggdrop IRC user credentials
* filetype:ini inurl:flashFXP.ini |FlashFXP FTP credentials
* filetype:url +inurl:"ftp://" |FTP bookmarks cleartext passwords
* inurl:zebra.conf intext: |GNU Zebra passwords
password -sample -test
-tutorial –download
* filetype:htpasswd htpasswd |HTTP htpasswd Web user credentials
* intitle:"Index of" ".htpasswd" |HTTP htpasswd Web user credentials
"htgroup" -intitle:"dist"
-apache -htpasswd.c
* intitle:"Index of" ".htpasswd" |HTTP htpasswd Web user credentials
* "http://*:*@www" bob:bob |HTTP passwords (bob is a sample username)
* "sets mode: +k" |IRC channel keys (passwords)
* "Your password is * |Remember IRC NickServ registration passwords
this for later use"
* signin filetype:url |JavaScript authentication credentials
* LeapFTP intitle:"index.of./" |LeapFTP client login credentials
sites.ini modified
* inurl:lilo.conf filetype:conf |LILO passwords
password -tatercounter2000
-bootpwd –man
* filetype:config config intext: |Mcft .NET application credentials
appSettings "User ID"
* filetype:pwd service |Mcft FrontPage Service Web passwords
* intitle:index.of |Mcft FrontPage Web credentials
* "# -FrontPage-" |Mcft FrontPage Web passwords
ext:pwd inurl:_vti_pvt inurl: |Mcft FrontPage Web passwords
(Service | authors | administrators)
* inurl:perform filetype:ini |mIRC nickserv credentials
* intitle:"index of" intext: |mySQL database credentials
* intitle:"index of" intext: |mySQL database credentials
* filetype:conf oekakibbs |Oekakibss user passwords
* filetype:dat wand.dat |Opera‚ ÄúMagic Wand‚Äù Web credentials
* inurl:ospfd.conf intext: |OSPF Daemon Passwords
password -sample -test
-tutorial –download
* index.of passlist |Passlist user credentials
* inurl:passlist.txt |passlist.txt file user credentials
* filetype:dat "password.dat" |password.dat files
* inurl:password.log filetype:log |password.log file reveals usernames,
|passwords,and hostnames
* filetype:log inurl:"password.log" |password.log files cleartext
* inurl:people.lst filetype:lst |People.lst generic password file
* intitle:index.of config.php |PHP Configuration File database
* inurl:config.php dbuname dbpass |PHP Configuration File database
* inurl:nuke filetype:sql |PHP-Nuke credentials
* filetype:conf inurl:psybnc.conf |psyBNC IRC user credentials
* filetype:ini ServUDaemon |servU FTP Daemon credentials
* filetype:conf slapd.conf |slapd configuration files root password
* inurl:"slapd.conf" intext: |slapd LDAP credentials
"credentials" -manpage
-"Manual Page" -man: -sample
* inurl:"slapd.conf" intext: |slapd LDAP root password
"rootpw" -manpage
-"Manual Page" -man: -sample
* filetype:sql "IDENTIFIED BY" –cvs |SQL passwords
* filetype:sql password |SQL passwords
* filetype:ini wcx_ftp |Total Commander FTP passwords
* filetype:netrc password |UNIX .netrc user credentials
* index.of.etc |UNIX /etc directories contain
|various credential files
* intitle:"Index of..etc" passwd |UNIX /etc/passwd user credentials
* intitle:index.of passwd |UNIX /etc/passwd user credentials
* intitle:"Index of" pwd.db |UNIX /etc/pwd.db credentials
* intitle:Index.of etc shadow |UNIX /etc/shadow user credentials
* intitle:index.of master.passwd |UNIX master.passwd user credentials
* intitle:"Index of" spwd.db |UNIX spwd.db credentials
passwd -pam.conf
* filetype:bak inurl:"htaccess| |UNIX various password file backups
* filetype:inc dbconn |Various database credentials
* filetype:inc intext:mysql_ |Various database credentials, server names
* filetype:properties inurl:db |Various database credentials, server names
* inurl:vtund.conf intext:pass –cvs |Virtual Tunnel Daemon passwords
* inurl:"wvdial.conf" intext: |wdial dialup user credentials
* filetype:mdb wwforum |Web Wiz Forums Web credentials
* "AutoCreate=TRUE password=*" |Website Access Analyzer user passwords
* filetype:pwl pwl |Windows Password List user credentials
* filetype:reg reg +intext: |Windows Registry Keys containing user
"defaultusername" intext: |credentials
* filetype:reg reg +intext: |Windows Registry Keys containing user
"internet account manager" |credentials
* "index of/" "ws_ftp.ini" |WS_FTP FTP credentials
"parent directory"
* filetype:ini ws_ftp pwd |WS_FTP FTP user credentials
* inurl:admin filetype: |asp Generic userlist files
inurl:userlist |
* inurl:php inurl: |Half-life statistics file, lists username and
hlstats intext: |other information
Server Username |
* filetype:ctl |
inurl:haccess. |Mcft FrontPage equivalent of htaccess
ctl Basic |shows Web user credentials
* filetype:reg |
reg intext: |Mcft Internet Account Manager can
* "internet account manager" |reveal usernames and more
filetype:wab wab |Mcft Outlook Express Mail address
* filetype:mdb inurl:profiles |Mcft Access databases containing
* index.of perform.ini |mIRC IRC ini file can list IRC usernames and
|other information
* inurl:root.asp?acs=anon |Outlook Mail Web Access directory can be
|used to discover usernames
* filetype:conf inurl:proftpd. |PROFTP FTP server configuration file
conf –sample |reveals
|username and server information
* filetype:log username putty |PUTTY SSH client logs can reveal
|and server information
* filetype:rdp rdp |Remote Desktop Connection files reveal user
* intitle:index.of |UNIX bash shell history reveals commands
.bash_history |typed at a bash command prompt; usernames
|are often typed as argument strings
* intitle:index.of |UNIX shell history reveals commands typed at
.sh_history |a shell command prompt; usernames are
|often typed as argument strings
* "index of " lck |Various lock files list the user currently using
|a file
* +intext:webalizer +intext: |Webalizer Web statistics page lists Web user-
Total Usernames +intext: |names and statistical information
"Usage Statistics for"
* filetype:reg reg HKEY_ |Windows Registry exports can reveal
CURRENT_USER |username usernames and other information

Nessun commento:

Posta un commento