pastebin

Paste Search Dynamic
Recent pastes
GOOGLE DORK
  1. GOOGLE HACKING DATABASE – GHDB – FTP PASSWORLD GOOGLE DORK XSS GOOGLE DORK PHP GOOGLE DORK SQL DORK WORLD PRESS DORK PASSWORLD FILE DORK MİCS DORK FREE SWAG DORK WEBCAM DORK
  2.  
  3. A.) FTP PASSWORD GOOGLE DORKS
  4. B.) XSS GOOGLE DORKS
  5. C.) PHP GOOGLE DORKS
  6. D.) SQL DORKS
  7. E.) WORDPRESS DORKS
  8. F.) PASSWORD FILE DORKS
  9. G.) MISC. DORKS
  10. H.) FREE SWAG DORKS
  11. I.) WEBCAM DORKS
  12.  
  13. A.) FTP PASSWORD GOOGLE DORKS
  14.  
  15. 1.) ws_ftp.ini configuration file search:
  16.  
  17. intitle:index.of ws_ftp.ini
  18.  
  19. 2.) ws_ftp.ini configuration file with “Parent Directory” search:
  20.  
  21. filetype:ini ws_ftp pwd
  22.  
  23. 3.) Variation:
  24.  
  25. ”index of/” “ws_ftp.ini” “parent directory”
  26.  
  27. 4.) Variation:
  28.  
  29. +htpasswd +WS_FTP.LOG filetype:log
  30.  
  31. 5.) Variation:
  32.  
  33. (Substitute vulnerablesite.com with your site you want to search)
  34. ”allinurl: “Vulnerablesite.com” WS_FTP.LOG filetype:log”
  35.  
  36. B.) XSS GOOGLE DORKS
  37.  
  38. 1.) cart32 executable file.
  39.  
  40. allinurl:/scripts/cart32.exe
  41.  
  42. 2.) Cute news php file.
  43.  
  44. allinurl:/CuteNews/show_archives.php
  45.  
  46. 3.) phpinfo.php file.
  47.  
  48. allinurl:/phpinfo.php
  49.  
  50. C.) PHP GOOGLE DORKS
  51.  
  52. 1.) config.php file search:
  53.  
  54. intitle:index.of config.php
  55.  
  56. 2.) PHP file contents search:
  57.  
  58. intitle:”Index of” phpinfo.php
  59.  
  60. 3.) download.php directory transversal vulneralbilities:
  61.  
  62. inurl:download.php?=filename
  63.  
  64. 4.) upload.php search:
  65.  
  66. intitle:index.of upload.php
  67.  
  68. inurl:upload.php
  69.  
  70. D.) SQL PASSWORD DUMP DORKS
  71.  
  72. 1.) SQL dumps saved to database search. (Some of the more common passwords for you):
  73.  
  74. a.) ”123456″ = hashed password
  75. ext:sql intext:@gmail.com intext:e10adc3949ba59abbe56e057f20f883e
  76.  
  77. b.) ”654321″ = hashed password
  78. ext:sql intext:@gmail.com intext:c33367701511b4f6020ec61ded352059
  79.  
  80. c.) ”password” = hashed password
  81. ext:sql intext:@gmail.com intext:5f4dcc3b5aa765d61d8327deb882cf99
  82.  
  83. d.) ”12345678″ = hashed password
  84. ext:sql intext:@gmail.com intext:25d55ad283aa400af464c76d713c07ad
  85.  
  86. e.) ”iloveyou” = hashed password
  87. ext:sql intext:@gmail.com intext:f25a2fc72690b780b2a14e140ef6a9e0
  88.  
  89. 2.) Variation of above search:
  90.  
  91. a.) ext:sql intext:”INSERT INTO” intext:@gmail.com intext:password
  92.  
  93. b.) ext:sql intext:”INSERT INTO” intext:@yahoo.com intext:password
  94.  
  95. c.) ext:sql intext:”INSERT INTO” intext:@hotmail.com intext:password
  96.  
  97. d.) ext:sql intext:”INSERT INTO” intext:@att.net intext:password
  98.  
  99. e.) ext:sql intext:”INSERT INTO” intext:@comcast.net intext:password
  100.  
  101. f.) ext:sql intext:”INSERT INTO” intext:@verizon.net intext:password
  102.  
  103. 3.) SQLi
  104.  
  105. allinurl:/privmsg.php
  106.  
  107. E.) WORDPRESS GOOGLE DORKS
  108.  
  109. 1.) Asset Manager Plugin Exploit – Unprotected Remote File Upload Vuleralbility.
  110.  
  111. inurl:Editor/assetmanager/assetmanager.asp
  112.  
  113. 2.) Timthumb Plugin Exploit – Attacker can attach a shell to a image file and upload the shell. (It has been patched, but there are still a lot of webmasters who have NOT updated!)
  114.  
  115. inurl:index.of thumb.php
  116.  
  117. inurl:thumb.php
  118.  
  119. 3.) Search for plugins directory:
  120.  
  121. inurl:wp-content/plugins/
  122.  
  123. 4.) Search for themes directory:
  124.  
  125. inurl:wp-content/themes/
  126.  
  127. F.) PASSWORD FILE GOOGLE DORKS
  128.  
  129. 1.) Search for Microsoft Excel data file:
  130.  
  131. ”Login: *” “password =*” filetype: xls
  132.  
  133. 2.) Search for auth_user_file:
  134.  
  135. allinurl: auth_user_file.txt
  136.  
  137. 3.) Search for username/password saved in Microsoft Excel files:
  138.  
  139. filetype: xls inurl: “password.xls”
  140.  
  141. 4.) Search for login pages:
  142.  
  143. intitle: login password
  144.  
  145. 5.) Search for “master password” page:
  146.  
  147. intitle: “Index of” master.passwd
  148.  
  149. 6.) Search for backup directory:
  150.  
  151. index of /backup
  152.  
  153. 7.) Search for password backup file index:
  154.  
  155. intitle:index.of passwd.bak
  156.  
  157. 8.) Search for password databases:
  158.  
  159. intitle:index.of pwd.db
  160.  
  161. intitle:”index of” pwd.db
  162.  
  163. 9.) Search for /etc/passwd/ index:
  164.  
  165. intitle:”index of .. etc” passwd
  166.  
  167. 10.) Search for plaintext password file:
  168.  
  169. index.of passlist.txt
  170.  
  171. inurl:passlist.txt
  172.  
  173. 11.) Search for hidden documents/password files:
  174.  
  175. index.of.secret
  176.  
  177. index.of.private
  178.  
  179. 12.) Search for PhpMyAdmin files:
  180.  
  181. ”# PhpMyAdmin MySQL-Dump” filetype: txt
  182.  
  183. 13.) Hidden Superuser (root) data files:
  184.  
  185. inurl:ipsec.secrets-history-bugs
  186.  
  187. inurl:ipsec.secrets “holds shared secrets”
  188.  
  189. 14.) Find the information files:
  190.  
  191. inurl:ipsec.conf-intitle:manpage
  192.  
  193. 15.) Search for a stored password in a database:
  194.  
  195. filetype:ldb admin
  196.  
  197. 16.) Search for admin.php file:
  198.  
  199. inurl:search/admin.php
  200.  
  201. 17.) Search for password log files:
  202.  
  203. inurl:password.log filetype:log
  204.  
  205. 18.) Search for Hkey_Current_User in registry files:
  206.  
  207. filetype: reg HKEY_CURRENT_USER username
  208.  
  209. 19.) Search for username/password file backups:
  210.  
  211. ”Http://username: password @ www …” filetype: bak inurl: “htaccess | passwd | shadow | ht users”
  212.  
  213. 20.) Search for username/password files:
  214.  
  215. filetype:mdb inurl:”account|users|admin|administrators|passwd|password” mdb files
  216.  
  217. 21.) Search for Microsoft Frontpage passwords:
  218.  
  219. ext:pwd inurl:(service|authors|administrators|users) “# -FrontPage-”
  220.  
  221. 22.) Search for SQL database Code and passwords:
  222.  
  223. filetype: sql ( “passwd values ****” |” password values ****” | “pass values ****”)
  224.  
  225. 23.) Search for e-mail account files:
  226.  
  227. intitle: “Index Of”-inurl: maillog
  228.  
  229. G.) MISC. DORKS
  230.  
  231. 1.) WebWiz Rich Text Editor (RTE) – Remote file upload vulneralbility:
  232.  
  233. inurl:rte/my_documents/my_files
  234.  
  235. 2.) EZFilemanager – Remote file upload vulneralbility:
  236.  
  237. inurl:ezfilemanager/ezfilemanager.php
  238.  
  239. 3.) robots.txt – See directories hidden from crawlers. Also sometimes you can pull off a directory transversal with this:
  240.  
  241. inurl:robots.txt
  242.  
  243. 4.) Serial Numbers – Look for software serial numbers
  244.  
  245. ”software name” 94FBR
  246.  
  247. H.) FIND FREE SWAG
  248.  
  249. 1.) site:*.com intitle:”Thank You For Your Order” intext:Click Here to Download
  250.  
  251. 2.) site:*.net intitle:”Thank You For Your Order” intext:Click Here to Download
  252.  
  253. 3.) site:*.co intitle:”Thank You For Your Order” intext:Click Here to Download
  254.  
  255. 4.) site:*.org intitle:”Thank You For Your Order” intext:Click Here to Download
  256.  
  257. 5.) site:*.biz intitle:”Thank You For Your Order” intext:Click Here to Download
  258.  
  259. 6.) site:*.tv intitle:”Thank You For Your Order” intext:Click Here to Download
  260.  
  261. 7.) site:*.co.uk intitle:”Thank You For Your Order” intext:Click Here to Download
  262.  
  263. 8.) site:*.org.uk intitle:”Thank You For Your Order” intext:Click Here to Download
  264.  
  265. 9.) site:*.eu intitle:”Thank You For Your Order” intext:Click Here to Download
  266.  
  267. 10.) intitle:Thank you for your purchase! intext:PLR OR MRR OR Package OR Bonus
  268.  
  269. 11.) intitle:Thank you for your order! intext:PLR OR MRR OR Package OR Bonus
  270.  
  271. 12.) intitle:Thank you for your order! intext:PLR OR MRR
  272.  
  273. 13.) intitle:Thank you for your Purchase! intext:PLR OR MRR
  274.  
  275. 14.) inurl:/thankyou*.html intitle:Thank you for your order!
  276.  
  277. 15.) intext:Click Here To Download
  278.  
  279. 16.) inurl:thanks intext:”Thank You For Your Order!” “Click Here” filetype:html
  280.  
  281. 17.) intitle:Thank You For Your Order! intext:Private Label
  282.  
  283. 18.) intitle:Thank You For Your Purchased! intext:Private Label
  284.  
  285. 19.) intext:”Thank You For Your Order” intext:PLR
  286.  
  287. 20.) intitle:”Thank You For Your Order!” intext:download
  288.  
  289. 21.) intitle:”Thank You For Your Order” intext:Click Here To Download Now
  290.  
  291. 22.) intitle:Thank you for your purchase! intext:Click Here to Download
  292.  
  293. 23.) * thank you for your order download
  294.  
  295. 24.) * intitle:Thank you for your Purchase! intext:PLR OR MRR OR Package OR Bonus
  296.  
  297. 25.) * intitle:Thank you for your order! intext:PLR OR MRR
  298.  
  299. 26.) * intitle:Thank You For Your Purchase! intext:Click Here to Download
  300.  
  301. 27.) * intitle:Thank You For Your Order! intext:download
  302.  
  303. 28.) inurl:index.of .mp3
  304.  
  305. 29.) inurl:index.of .mov
  306.  
  307. 30.) inurl:index.of .iso
  308.  
  309. 31.) ?intitle:index.of? mp3
  310.  
  311. 32.) ?intitle:index.of? mov
  312.  
  313. 33.) ?intitle:index.of? iso
  314.  
  315. 34.) inurl:”insert filetype”:iso+OR+exe+OR+zip+OR+rar+OR+gzip+OR+tar
  316.  
  317. 35.) intext:”parent directory” intext:”[EXE]“
  318.  
  319. 36.) intext:”parent directory” index of:”[EXE]“
  320.  
  321. 37.) intext:”parent directory” index of:”[RAR]“
  322.  
  323. 38.) intext:”parent directory” intext:”[VID]“
  324.  
  325. 39.) intext:”parent directory” index of:”[VID]“
  326.  
  327. 40.) intext:”parent directory” intext:”[MP3]“
  328.  
  329. 41.) intext:”parent directory” index of:”[MP3]“
  330.  
  331. 42.) intext:”parent directory” index of:”[Gamez]“
  332.  
  333. I.) WEBCAM GOOGLE DORKS
  334.  
  335. 1.) inurl:/view.index.shtml
  336.  
  337. 2.) inurl:/view.shtml
  338.  
  339. 3.) intitle:”Live View / – AXIS” | inurl:view/view.shtml^
  340.  
  341. 4.) inurl:ViewerFrame?Mode=
  342.  
  343. 5.) inurl:ViewerFrame?Mode=Refresh
  344.  
Parsed in 0.020 seconds