Opções de Buscas.
Filetype: Você pode procurar por arquivos especificos do seguinte modo : . :*.xls, *.doc, *.pdf, *.ps, *.ppt, *.rtf, *.db, *.mdb, *.cfg, *.pwd, *.dat , etc.
usando ex.: Filetype:xls "pass"
Inurl: Você pode com uma especifica palavra, e retornar as urls
contendo as palavras. - usando ex.: inurl:admin
"Index of": voce pode encontrar pastas especificas dentro de servidores
usando ex.: "index of" admin ou index.of.admin
Site: você pode encontrar sites especificos (dominios) ex. *.com, *.org,
*.mi, *.gov, etc. - usando ex.: site:gov ou site:gov "cyprus"
Intitle: - usa-se para achar uma URL que contenha no titulo as palavras que você pesquisar.
ex.: intitle:BEL
Você pode conseguir muitas informações e copiar arquivos direto dos servidores veja os exemplos. tente procurar por :
* inurl:gov filetype:xls "restricted" (retornará por arquivos do governo com excel contendo palavras "restricted".
* inurl:admin.cfg (admin.cfg, arquivo de configuração de admin, contendo passwords, o arquivo contem informações sigilosas).
* Webadmin: (Isso é um pequeno software em que a maioria dos administradores usam para fazer o upload de arquivos remotos.
usaando ex. inurl:file_upload.php)
* Content Manager Systems: São softwares que o administrador edita o conteudo do site facilmente, os nomes deles a maioria das veses são : panel.html , cms.html , control.cfg , basta usar na opção inurl.
inurl:admin inurl: |userlist Generic userlist files
---------------------------------------------------------
inurl:admin filetype: |asp Generic userlist files
inurl:userlist |
---------------------------------------------------------
inurl:php inurl: |Half-life statistics file, lists username and
hlstats intext: |other information
Server Username |
---------------------------------------------------------
filetype:ctl |
inurl:haccess. |alent of hcess
c |shows Web user credentials
---------------------------------------------------------
filetype:reg |
reg intext: |Mger can
---------------------------------------------------------
"internet account manager" |reveal usernames and more
filetype:wab wab |Mdress
|books
---------------------------------------------------------
filetype:mdb inurl:profiles |Msning
|profiles.
---------------------------------------------------------
index.of perform.ini |mIRC IRC ini file can list IRC usernames and
|other information
---------------------------------------------------------
inurl:root.asp?acs=anon |O directory can be
|used to discover usernames
---------------------------------------------------------
filetype:conf inurl:proftpd. |PROFTP FTP server configuration file
conf –sample |reveals
|username and server information
---------------------------------------------------------
filetype:log username
---------------------------------------------------------
filetype:rdp rdp |Remote Desktop Connection files reveal user
|credentials
---------------------------------------------------------
intitle:index.of |UNIX bash shell history reveals commands
.bash_history |typed at a bash command prompt; usernames
|are often typed as argument strings
---------------------------------------------------------
intitle:index.of |UNIX shell history reveals commands typed at
.sh_history |a shell command prompt; usernames are
|often typed as argument strings
---------------------------------------------------------
"index of " lck |Various lock files list the user currently using
|a file
---------------------------------------------------------
+intext:webalizer +intext: |Webalizer Web statistics page lists Web user-
Total Usernames +intext: |names and statistical information
"Usage Statistics for"
---------------------------------------------------------
filetype:reg reg HKEY_ |orts can reveal
CURRENT_USER |username usernames and other information
---------------------------------------------------------
---------------------------------------------------------
inurl:/db/main.mdb | passwords
---------------------------------------------------------
filetype:cfm "cfapplication | source with potential passwords
name" password
---------------------------------------------------------
filetype:pass |dbman credentials
pass intext:userid
---------------------------------------------------------
allinurl:auth_user_file.txt |DCForum user passwords
---------------------------------------------------------
---------------------------------------------------------
filetype:ini inurl:flashFXP.ini |FlashFXP FTP credentials
---------------------------------------------------------
filetype:url +inurl:"ftp://" |FTP bookmarks cleartext passwords
+inurl:"@"
---------------------------------------------------------
inurl:zebra.conf intext: | passwords
password -sample -test
-tutorial –download
---------------------------------------------------------
filetype:htpasswd htpasswd |HTTP htpasswd Web user credentials
---------------------------------------------------------
intitle:"Index of" ".htpasswd" |HTTP htpasswd Web user credentials
"htgroup" -intitle:"dist"
-apache -htpasswd.c
---------------------------------------------------------
intitle:"Index of" ".htpasswd" |HTTP htpasswd Web user credentials
htpasswd.bak
---------------------------------------------------------
"http://*:*@www" bob:bob |HTTP passwords (bob is a sample username)
---------------------------------------------------------
"sets mode: +k" |IRC channel keys (passwords)
---------------------------------------------------------
"Your password is * |Remember IRC NickServ registration passwords
this for later use"
---------------------------------------------------------
signin filetype:url |JavaScript authentication credentials
---------------------------------------------------------
---------------------------------------------------------
inurl:lilo.conf filetype:conf |LILO passwords
password -tatercounter2000
-bootpwd –man
---------------------------------------------------------
filetype:config config intext: |Microsoft .NET application credentials
appSettings "User ID"
---------------------------------------------------------
filetype:pwd service |
---------------------------------------------------------
intitle:index.of |s.pwd
---------------------------------------------------------
"# -Fge-" |rds
inurl:service.pwd
ext:pwd inurl:_vti_pvt inurl: |Mi passwords
(Service | authors | administrators)
---------------------------------------------------------
inurl:perform filetype:ini |mIRC nickserv credentials
---------------------------------------------------------
intitle:"index of" intext: |mySQL database credentials
connect.inc
---------------------------------------------------------
intitle:"index of" intext: |mySQL database credentials
globals.inc
---------------------------------------------------------
filetype:conf oekakibbs |Oekakibss user passwords
---------------------------------------------------------
filetype:dat wand.dat |Opera‚ ÄúMagic Wand‚Äù Web credentials
---------------------------------------------------------
inurl:ospfd.conf intext: |OSPF Daemon Passwords
password -sample -test
-tutorial –download
---------------------------------------------------------
index.of
---------------------------------------------------------
inurl:list.txt
---------------------------------------------------------
filetype:dat "password.dat" |password.dat files
---------------------------------------------------------
inurl:password.log filetype:log |password.log file reveals usernames,
|passwords,and hostnames
---------------------------------------------------------
filetype:log inurl:"password.log" |password.log files cleartext
|passwords
---------------------------------------------------------
inurl:pple.lst filetype:lst |
---------------------------------------------------------
intitle:index.of config.php |PHP Configuration File database
|credentials
---------------------------------------------------------
inurl:config.php dbuname dbpass |PHP Configuration File database
|credentials
---------------------------------------------------------
---------------------------------------------------------
filetype:conf inurl:psybnc.conf |psyBNC IRC user credentials
"USER.PASS="
---------------------------------------------------------
fals
---------------------------------------------------------
filetype:conf slapd.conf |slapd configuration files root password
---------------------------------------------------------
inurl:"slapd.conf" intext: |slap
"credentials" -manpage
-"Manual Page" -man: -sample
---------------------------------------------------------
inurl:"slapd.conf" intext: |sla
"rootpw" -manpage
-"Manual Page" -man: -sample
---------------------------------------------------------
filetype:sql "IDENTIFIED BY" –cvs |SQL passwords
---------------------------------------------------------
filetype:sql password |SQL passwords
---------------------------------------------------------
filetype:ini wcx_ftp |Total Commander FTP passwords
---------------------------------------------------------
filetype:netrc password |UNIX .netrc user credentials
---------------------------------------------------------
index.of.etc |UNIX /etc directories contain
|various credential files
---------------------------------------------------------
intitle:"Index of..etc" passwd |UNIX /etc/passwd user credentials
---------------------------------------------------------
intitle:index.of passwd |UNIX /etc/passwd user credentials
passwd.bak
---------------------------------------------------------
intitle:"Index of" pwd.db |UNIX /etc/pwd.db credentials
---------------------------------------------------------
intitle:Index.of etc shadow |UNIX /etc/shadow user credentials
---------------------------------------------------------
intitle:index.of master.passwd |UNIX master.passwd user credentials
---------------------------------------------------------
intitle:"Index of" spwd.db |UNIX spwd.db credentials
passwd -pam.conf
---------------------------------------------------------
filetype:bak inurl:"htaccess| |UNIX various password file backups
passwd|shadow|htusers
---------------------------------------------------------
filetype:inc dbconn |Various database credentials
---------------------------------------------------------
filetype:inc intext:mysql_ |Various database credentials, server names
connect
---------------------------------------------------------
filetype:properties inurl:db |Various database credentials, server names
intext:password
---------------------------------------------------------
inurl:vtund.conf intext:pass –cvs |n passwords
---------------------------------------------------------
inurl:"wvdial.conf" intext: |wdial dialup user credentials
"password"
---------------------------------------------------------
filetype:mdb wwforum |Ws Web credentials
---------------------------------------------------------
"AutoCreate=TRUE password=*" |Website Access Analyzer user passwords
---------------------------------------------------------
filetype:pwl pwl |Windows Password List user credentials
---------------------------------------------------------
filetype:reg reg +intext: |Winy Keys containing user
"defaultusername" intext: |credentials
"defaultpassword"
---------------------------------------------------------
filetype:reg reg +intext: |Winy Keys containing user
"internet account manager" |credentials
---------------------------------------------------------
"index of/" "ws_ftp.ini" |WS_FTP FTP credentials
"parent directory"
---------------------------------------------------------
filetype:ini ws_ftp pwd |WS_FTP FTP user credentials
---------------------------------------------------------
inurl:/wwwboard |wwwboard user credentials
-
>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>.
intitle:"Index of" passwords modified
allinurl:auth_user_file.txt
"access denied for user" "using password"
"A syntax error has occurred" filetype:ihtml
allinurl: admin mdb
"ORA-00921: unexpected end of SQL command"
inurl:passlist.txt
"Index of /backup"
"Chatologica MetaSearch" "stack tracking:"
"parent directory " /appz/ -xxx -html -htm -php -shtml -opendivx -md5 -md5sums
"parent directory " DVDRip -xxx -html -htm -php -shtml -opendivx -md5 -md5sums
"parent directory "Xvid -xxx -html -htm -php -shtml -opendivx -md5 -md5sums
"parent directory " Gamez -xxx -html -htm -php -shtml -opendivx -md5 -md5sums
"parent directory " MP3 -xxx -html -htm -php -shtml -opendivx -md5 -md5sums
"parent directory " Name of Singer or album -xxx -html -htm -php -shtml -opendivx -md5 -md5sums
>METHOD 2
put this string in search:
?intitle:index.of? mp3
You only need add the name of the song/artist/singer.
Example: ?intitle:index.of? mp3 name
>METHOD 3
put this string in e search:
inurl:microsoft filetype:iso
You can change the string to watever you want, ex. microsoft to adobe, iso to zip etc…
"# -FrPge-" inurl:service.pwd
Frontpage passwords.. very nice clean search results listing !!
"Aute=TRUE password=*"
"http://*:*@www" domainname
This is a query to get inline passwords from search engines (not just
le), you must type in the query followed with the the domain name
without the .com or .net
"http://*:*@www" bangbus or "http://*:*@www"bangbus
Another way is by just typing
"http://bob:bob@www"
"sets mode: +k"
This search reveals channel keys (passwords) on IRC as revealed from IRC chat logs.
allinurl: admin mdb
Not all of these pages are administrator's access databases containing
usernames, passwords and other sensitive information, but many are!
allinurl:auth_user_file.txt
intitle:"Index of" config.php
eggdrop filetype:user user
These are eggdrop config files. Avoiding a full-blown descussion about
eggdrops and IRC bots, suffice it to say that this file contains
usernames and passwords for IRC users.
intitle:index.of.etc
filetype:bak inurl:"htaccess|passwd|shadow|htusers"
This will search for backup files (*.bak) created by some editors or even by the administrator
>>>>>>>>>>>>>>>>>>>>>>>>>>
= Index
----------------------------------------------------------------------
0) Key
1) Directories
2) Xitami Servers
3) Directory Listing
4) Andromeda Servers
5) Zina Artists
6) Apache mp3 Servers
7) Individual Songs
----------------------------------------------------------------------
= Section 0 - KEY
---------------------------------------------------------------------- You this are just some definitions I will use below. [Directory String] can be any of the following : 1) "index of" 2) "last modified" 3) "parent of" [file type] can be any of the following : 1) "mp3" 2) "shn" 3) "wma" [mp3 name] can be any of the following : 1) the name of the album in quotes 2) the name of the artist in quotes 3) be daring and leave it blank and have lots of links 4) be creative! [limitors] 1) -html -htm -php -asp -txt -pls (inurl:) is optional and may be omitted and in fact most be omitted if not using a search tool other than000. (intitle:) can be used in place of (inurl:) and has a similar effect again you must be useing000e. (-filetype:txt) adding this to the end of your search string can filter some false positives. (-playlist) adding this to the end of your search string can filter some false positives. ----------------------------------------------------------------------
= Section 1 - Directories
---------------------------------------------------------------------- These are the most common way that mp3s are stored on the www, you should try these strings first. String Format : Type 1 : [Directory String] + (inurl:)[file type] + [mp3 name] Type 2 : [Directory String] + (intitle:)[file type] + [mp3 name] Type 3 : [Directory String] + [file type] + [mp3 name] + [limitors] Example Strings : - intitle:index.of + mp3 + "grandaddy" -html -htm -php -asp -txt -pls - "index of" + "mp3" + "radiohead" -html -htm -php - "index of" + mp3 + "grandaddy" - "index of" + inurl:mp3 + "beatles" -txt -pls - "index of" + intitle:mp3 + beatles - "last modified" + "shn" + "dylan" - "last modified" + inurl:shn + "bob dylan" - "parent of" + inurl:wma + "grandaddy" Suggestions : - Try (intitle:index.of + "mp3" + "band name" -htm -html -php -asp) first it is usually the most effective. Another Little Trick: - If you have been getting alot of results on 0000 but the pages don't seem to be there try adding dates and the "apache" string to your search i.e. - intitle:index.of + mp3 + "grandaddy" -html -htm -php -asp apache feb-2005 - intitle:index.of + mp3 + "grandaddy" -html -htm -php -asp apache 2005 or if you just want a big list of mp3' doing a search like this everymonth - intitle:index.of + mp3 + -html -htm -php -asp apache mar ----------------------------------------------------------------------
= Section 2 - Xitami Servers
----------------------------------------------------------------------
String Format :
Type 1 : "xitami web server" + (inurl:)[file type] + [mp3 name]
Type 2 : "xitami web server" + (intitle:)[file type] + [mp3 name]
Example Strings :
- "xitami web server" + "mp3" + "radiohead"
- "xitami web server" + intitle:shn + "beatles"
- "xitami web server" + inurl:mp3 + "magnetic fields"
----------------------------------------------------------------------
= Section 3 - Directory Listing
----------------------------------------------------------------------
String Format :
Type 1 : "directory listings" + (inurl:)[file type] + [mp3 name]
Type 2 : "directory listings" + (intitle:)[file type] + [mp3 name]
Type 3 : "directory listings of" + (inurl:)[file type] + [mp3 name]
Type 4 : "directory listings of" + (intitle:)[file type] + [mp3 name]
Example Strings
- "directory listings" + "mp3" + "radiohead"
- "directory listings" + intitle:shn + "beatles"
- "directory listings" + inurl:mp3 + "magnetic fields"
- "directory listings of" + "mp3" + "radiohead"
- "directory listings of" + intitle:shn + "beatles"
- "directory listings of" + inurl:mp3 + "magnetic fields"
----------------------------------------------------------------------
= Section 4 - Andromeda Servers
----------------------------------------------------------------------
String Format :
Type 1 : "scott matthews" + andromeda + [mp3 name]
Type 2 : "scott matthews" + andromeda + [file type] + [mp3 name]
Type 3 : "powered by andromeda" + [mp3 name]
Type 4 : "powered by andromeda" + [file type] + [mp3 name]
Type 5 : inurl:andromeda.php + [mp3 name]
Type 6 : inurl:anromeda.php + [file type] + [mp3 name]
Type 7 : "scott matthews"
Type 8 : "powered by andromeda"
Type 9 : inurl:andromeda.php
Examples :
- "scott matthews" + andromeda + "radiohead"
- "scott matthews" + andromeda + "mp3" + "fitter"
- "powered by andromeda" + "gradaddy"
- "powered by andromeda" + "mp3" + "just like women"
- inurl:andromeda.php + "shn"
- inurl:anromeda.php + "wma" + "dylan"
- "scott matthews"
- "powered by andromeda"
- inurl:andromeda.php
----------------------------------------------------------------------
= Section 5 - Zina Artists
----------------------------------------------------------------------
String Format :
Type 1 : "zina artists"
Examples :
- "zina artists"
----------------------------------------------------------------------
= Section 6 - Apache mp3 Servers
----------------------------------------------------------------------
String Format :
Type 1 : "stream all" + apache + [mp3 name]
Type 2 : "stream all" + apache
Type 3 : "shuffle all" + apache + [mp3 name]
Type 4 : "shuffle all" + apache
Examples :
- "stream all" + apache
- "stream all" "shuffle all" mp3
- "stream all" + apache + radiohead
- "shuffle all" + beatles
----------------------------------------------------------------------
= Section 7 - Individual Songs
----------------------------------------------------------------------
Format : [mp3 name].mp3 -playlist -filetype:txt
Examples :
- "ok_computer_live.mp3" -playlist -filetype:txt
- "*ok_computer*.mp3" -playlist -filetype:txt
- kid*a.mp3 -playlist -filetype:txt
Assinar:
Postar comentários (Atom)
Nenhum comentário:
Postar um comentário