Google Hack搜索技巧
想了解更多搜索技巧,点击下面网站了解
http://exploit-db.com/google-dorks
Google Hack的一些整理
这里是google关键字的用法,要设置它为中文,则是
http://www.google.com/custom?hl=zh-CN
英文则是http://www.google.com/custom?hl=en
常用的google关键字:
foo1 foo2 (也就是关联,比如搜索xx公司 xx美女)
operator:foo
filetype:123 类型
site:foo.com 相对直接看网站更有意思,可以得到许多意外的信息
intext:foo
intitle: fooltitle 标题哦
allinurl:foo 搜索xx网站的所有相关连接。(踩点必备)
links:foo 不要说就知道是它的相关链接
allintilte:foo.com
我们可以辅助"-" "+"来调整搜索的精确程度
直接搜索密码:(引号表示为精确搜索)
当然我们可以再延伸到上面的结果里进行二次搜索
"index of" htpasswd / passwd
filetype:xls username password email
"ws_ftp.log"
"config.php"
allinurl:admin mdb
service filetype:pwd ….或者某个比如pcanywhere的密码后缀cif等
越来越有意思了,再来点更敏感信息
"robots.txt" "Disallow:" filetype:txt
inurl:_vti_cnf (FrontPage的关键索引啦,扫描器的CGI库一般都有地)
allinurl: /msadc/Samples/selector/showcode.asp
/../../../passwd
/examples/jsp/snp/snoop.jsp
phpsysinfo
intitle:index of /admin
intitle:"documetation"
inurl: 5800(vnc的端口)或者desktop port等多个关键字检索
webmin port 10000
inurl:/admin/login.asp
intext:Powered by GBook365
intitle:"php shell*" "Enable stderr" filetype:php 直接搜索到phpwebshell
foo.org filetype:inc
ipsec filetype:conf
intilte:"error occurred" ODBC request WHERE (select|insert) 说白了就是说,可以直接试着查查数据库检索,针对目前流行的sql注射,会发达哦
intitle:"php shell*" "Enable stderr" filetype:php
"Dumping data for table" username password
intitle:"Error using Hypernews"
"Server Software"
intitle:"HTTP_USER_AGENT=Googlebot"
"HTTP_USER_ANGET=Googlebot" THS ADMIN
filetype:.doc site:.mil classified 直接搜索军方相关word
检查多个关键字:
intitle:config confixx login password
"mydomain.com" nessus report
"report generated by"
"ipconfig"
"winipconfig"
google缓存利用(hoho,最有影响力的东西)推荐大家搜索时候多"选搜索所有网站"
特别推荐:administrator users 等相关的东西,比如名字,生日等……最惨也可以拿来做字典嘛
cache:foo.com
可以查阅类似结果
先找找网站的管理后台地址:
site:xxxx.com intext:管理
site:xxxx.com inurl:login
site:xxxx.com intitle:管理
site:a2.xxxx.com inurl:file
site:a3.xxxx.com inurl:load
site:a2.xxxx.com intext:ftp://*:*
site:a2.xxxx.com filetype:asp
site:xxxx.com //得到N个二级域名
site:xxxx.com intext:*@xxxx.com //得到N个邮件地址,还有邮箱的主人的名字什么的
site:xxxx.com intext:电话 //N个电话
intitle:"index of" etc
intitle:"Index of" .sh_history
intitle:"Index of" .bash_history
intitle:"index of" passwd
intitle:"index of" people.lst
intitle:"index of" pwd.db
intitle:"index of" etc/shadow
intitle:"index of" spwd
intitle:"index of" master.passwd
intitle:"index of" htpasswd
"# -FrontPage-" inurl:service.pwd
allinurl:bbs data
filetype:mdb inurl:database
filetype:inc conn
inurl:data filetype:mdb
intitle:"index of" data
……
一些技巧集合:
3) "http://*:*@www" domainname 找一些ISP站点,可以查对方ip的虚拟主机
3
4) auth_user_file.txt 不实用了,太老了
5) The Master List 寻找邮件列表的
6) intitle:"welcome.to.squeezebox" 一种特殊的管理系统,默认开放端口90
7) passlist.txt (a better way) 字典
8) "A syntax error has occurred" filetype:ihtml
9) ext:php program_listing intitle:MythWeb.Program.Listing
10) intitle:index.of abyss.conf
11)ext:nbe nbe
12)intitle:"SWW link" "Please wait….."
13)
14) intitle:"Freifunk.Net – Status" -site:commando.de
15) intitle:"WorldClient" intext:"? (2003|2004) Alt-N Technologies."
17) intitle:open-xchange inurl:login.pl
20) intitle:"site administration: please log in" "site designed by emarketsouth"
21) ORA-00921: unexpected end of SQL command
22)intitle:"YALA: Yet Another LDAP Administrator"
23)welcome.to phpqladmin "Please login" -cvsweb
24)intitle:"SWW link" "Please wait….."
25)inurl:"port_255" -htm
27)intitle:"WorldClient" intext:"? (2003|2004) Alt-N Technologies."
这些是新的一些漏洞技巧,在0days公告公布
ext:php program_listing intitle:MythWeb.Program.Listing
inurl:preferences.ini "[emule]"
intitle:"Index of /CFIDE/" administrator
"access denied for user" "using password"
ext:php intext:"Powered by phpNewMan Version" 可以看到:path/to/news/browse.php?clang=../../../../../../file/i/want
inurl:"/becommunity/community/index.php?pageurl="
intitle:"ASP FileMan" Resend -site:iisworks.com
"Enter ip" inurl:"php-ping.php"
ext:conf inurl:rsyncd.conf -cvs -man
intitle: private, protected, secret, secure, winnt
intitle:"DocuShare" inurl:"docushare/dsweb/" -faq -gov -edu
"#mysql dump" filetype:sql
"allow_call_time_pass_reference" "PATH_INFO"
"Certificate Practice Statement" inurl:(PDF | DOC)
LeapFTP intitle:"index.of./" sites.ini modified
master.passwd
mysql history files
NickServ registration passwords
passlist
passlist.txt (a better way)
passwd
passwd / etc (reliable)
people.lst
psyBNC config files
pwd.db
signin filetype:url
spwd.db / passwd
trillian.ini
wwwboard WebAdmin inurl:passwd.txt wwwboard|webadmin
"# -FrontPage-" ext:pwd inurl:(service | authors | administrators | users) "# -FrontPage-"
inurl:service.pwd
"AutoCreate=TRUE password=*"
"http://*:*@www" domainname
"index of/" "ws_ftp.ini" "parent directory"
"liveice configuration file" ext:cfg -site:sourceforge.net
"powered by ducalendar" -site:duware.com
"Powered by Duclassified" -site:duware.com
"Powered by Duclassified" -site:duware.com "DUware All Rights reserved"
"powered by duclassmate" -site:duware.com
"Powered by Dudirectory" -site:duware.com
"powered by dudownload" -site:duware.com
"Powered By Elite Forum Version *.*"
"Powered by Link Department"
"sets mode: +k"
"Powered by DUpaypal" -site:duware.com
allinurl: admin mdb
auth_user_file.txt
config.php
eggdrop filetype:user user
etc (index.of)
ext:ini eudora.ini
ext:ini Version=… password
ext:txt inurl:unattend.txt
filetype:bak inurl:"htaccess|passwd|shadow|htusers"
filetype:cfg mrtg "target
" -sample -cvs -example
filetype:cfm "cfapplication name" password
filetype:conf oekakibbs
filetype:conf sc_serv.conf
filetype:conf slapd.conf
filetype:config config intext:appSettings "User ID"
filetype:dat "password.dat"
filetype:dat wand.dat
filetype:inc dbconn
filetype:inc intext:mysql_connect
filetype:inc mysql_connect OR mysql_pconnect
filetype:inf sysprep
filetype:ini inurl:"serv-u.ini"
filetype:ini inurl:flashFXP.ini
filetype:ini ServUDaemon
filetype:ini wcx_ftp
filetype:ini ws_ftp pwd
filetype:ldb admin
filetype:log "See `ipsec copyright"
filetype:log inurl:"password.log"
filetype:mdb inurl:users.mdb
filetype:mdb wwforum
filetype:netrc password
filetype:pass pass intext:userid
filetype:pem intext:private
filetype:properties inurl:db intext:password
filetype:pwd service
filetype:pwl pwl
filetype:reg reg +intext:"defaultusername" +intext:"defaultpassword"
filetype:reg reg HKEY_CURRENT_USER SSHHOSTKEYS
filetype:sql ("values * MD" | "values * password" | "values * encrypt")
filetype:sql ("passwd values" | "password values" | "pass values" )
filetype:sql +"IDENTIFIED BY" -cvs
filetype:sql password
filetype:url +inurl:"ftp://" +inurl:";@"
filetype:xls username password email
htpasswd
htpasswd / htgroup
htpasswd / htpasswd.bak
intext:"enable secret $"
intext:"powered by Web Wiz Journal"
intitle:"index of" intext:connect.inc
intitle:"index of" intext:globals.inc
intitle:"Index of" passwords modified
intitle:dupics inurl:(add.asp | default.asp | view.asp | voting.asp) -site:duware.com
———————————————————————————————————————-
intitle:index.of intext:"secring.skr"|"secring.pgp"|"secring.bak"
inurl:"GRC.DAT" intext:"password"
inurl:"slapd.conf" intext:"credentials" -manpage -"Manual Page" -man: -sample
inurl:"slapd.conf" intext:"rootpw" -manpage -"Manual Page" -man: -sample
inurl:"wvdial.conf" intext:"password"
inurl:/db/main.mdb
inurl:chap-secrets -cvs
inurl:config.php dbuname dbpass
inurl:filezilla.xml -cvs
inurl:lilo.conf filetype:conf password -tatercounter -bootpwd -man
inurl:nuke filetype:sql
inurl:ospfd.conf intext:password -sample -test -tutorial -download 路由配置
inurl:pap-secrets -cvs
inurl:perform filetype:ini
inurl:secring ext:skr | ext:pgp | ext:bak
inurl:vtund.conf intext:pass -cvs
inurl:zebra.conf intext:password -sample -test -tutorial -download
"Generated by phpSystem"
"generated by wwwstat"
"Host Vulnerability Summary Report" ]
"HTTP_FROM=googlebot" googlebot.com "Server_Software="
"Index of" / "chat/logs" 聊天室
"Installed Objects Scanner" inurl:default.asp
"Mecury Version" "Infastructure Group"
"Microsoft (R) Windows * (TM) Version * DrWtsn Copyright (C)" ext:log
"Most Submitted Forms and Scripts" "this section"
"Network Vulnerability Assessment Report"
"not for distribution" confidential
"phone * * *" "address *" "e-mail" intitle:"curriculum vitae"
"phpMyAdmin" "running on" inurl:"main.php"
"produced by getstats"
"Request Details" "Control Tree" "Server Variables"
"robots.txt" "Disallow:" filetype:txt
"Running in Child mode"
"sets mode: +p"
"sets mode: +s"
"Thank you for your order" +receipt
"This is a Shareaza Node"
"This report was generated by WebLog"
( filetype:mail | filetype:eml | filetype:mbox | filetype:mbx ) intext:password|subject
(inurl:"robot.txt" | inurl:"robots.txt" ) intext:disallow filetype:txt
-site:php.net -"The PHP Group" inurl:source inurl:url ext:pHp
FBR "ADOBE PHOTOSHOP"
AIM buddy lists
allinurl:/examples/jsp/snp/snoop.jsp
allinurl:servlet/SnoopServlet
cgiirc.conf
data filetype:mdb -site:gov -site:mil
exported email addresses
ext:asp inurl:pathto.asp
ext:cgi inurl:editcgi.cgi inurl:file=
ext:conf inurl:rsyncd.conf -cvs -man
ext:conf NoCatAuth -cvs
ext:dat bpk.dat
ext:gho gho
ext:ini intext:env.ini
ext:ldif ldif
ext:log "Software: Microsoft Internet Information Services *.*"
——————————————————————————————
ext:mdb inurl:*.mdb inurl:fpdb shop.mdb
filetype:bkf bkf
filetype:blt "buddylist"
filetype:blt blt +intext:screenname
filetype:cfg auto_inst.cfg
filetype:conf inurl:firewall -intitle:cvs
filetype:config web.config -CVS
filetype:ctt ctt messenger
filetype:fp fp
filetype:fp fp -site:gov -site:mil -"cvs log"
filetype:inf inurl:capolicy.inf
filetype:lic lic intext:key
filetype:myd myd -CVS
filetype:ns ns
filetype:ora ora
filetype:ora tnsnames
filetype:pdb pdb backup (Pilot | Pluckerdb)
filetype:pot inurl:john.pot
——————————————————————————————————————
filetype:pst inurl:"outlook.pst"
filetype:pst pst -from -to -date
filetype:qbb qbb
filetype:rdp rdp
filetype:reg "Terminal Server Client"
filetype:vcs vcs
filetype:wab wab
filetype:xls -site:gov inurl:contact
filetype:xls inurl:"email.xls"
Financial spreadsheets: finance.xls
Financial spreadsheets: finances.xls
Ganglia Cluster Reports
haccess.ctl (one way)
haccess.ctl (VERY reliable)
ICQ chat logs, please…
iletype:log cron.log
intext:"Session Start * * * *:*:* *" filetype:log
intext:"Tobias Oetiker" "traffic analysis"
intext:(password | passcode) intext:(username | userid | user) filetype:csv
intext:gmail invite intext:http://gmail.google.com/gmail/a
intext:SQLiteManager inurl:main.php
intitle:"Apache::Status" (inurl:server-status | inurl:status.html | inurl:apache.html)
intitle:"AppServ Open Project" -site:www.appservnetwork.com
intitle:"ASP Stats Generator *.*" "ASP Stats Generator" "- weppos"
intitle:"FTP root at"
intitle:"index of" +myd size
intitle:"Index Of" -inurl:maillog maillog size
intitle:"Index Of" cookies.txt size
intitle:"index of" mysql.conf OR mysql_config
intitle:"Index of" upload size parent directory
intitle:"index.of" .diz .nfo last modified
intitle:"Multimon UPS status page"
intitle:"PHP Advanced Transfer" (inurl:index.php | inurl:showrecent.php )
intitle:"PhpMyExplorer" inurl:"index.php" -cvs
———————————————————————
intitle:"statistics of" "advanced web statistics"
intitle:"System Statistics" +"System and Network Information Center"
intitle:"Usage Statistics for" "Generated by Webalizer"
intitle:"wbem" compaq login "Compaq Information Technologies Group"
intitle:"Web Server Statistics for ****"
intitle:"web server status" SSH Telnet
intitle:"welcome.to.squeezebox"
intitle:admin intitle:login
intitle:index.of "Apache" "server at"
intitle:index.of cleanup.log
intitle:index.of dead.letter
intitle:index.of inbox
intitle:index.of inbox dbx
intitle:intranet inurl:intranet +intext:"phone"
inurl:"/axs/ax-admin.pl" -script
inurl:"/cricket/grapher.cgi"
inurl:"bookmark.htm"
inurl:"cacti" +inurl:"graph_view.php" +"Settings Tree View" -cvs -RPM
inurl:"newsletter/admin/"
inurl:"newsletter/admin/" intitle:"newsletter admin"
inurl:"putty.reg"
inurl:"smb.conf" intext:"workgroup" filetype:conf conf
———————————————————————————————————-
Welcome to ntop!
"adding new user" inurl:addnewuser -"there are no domains"
(inurl:/cgi-bin/.cobalt/) | (intext:"Welcome to the Cobalt RaQ")
filetype:php HAXPLORER "Server Files Browser"
intitle:"Web Data Administrator – Login"
inurl:ConnectComputer/precheck.htm | inurl:Remote/logon.aspx
PHP Shell (unprotected)
PHPKonsole PHPShell filetype:php -echo
Public PHP FileManagers
"index of" / picasa.ini
"index of" inurl:recycler
"Index of" rar r nfo Modified
"intitle:Index.Of /" stats merchant cgi-* etc
"Powered by Invision Power File Manager" (inurl:login.php) | (intitle:"Browsing directory /" )
"Web File Browser" "Use regular expression"
filetype:ini Desktop.ini intext:mydocs.dll
intext:"d.aspx?id" || inurl:"d.aspx?id"
intext:"Powered By: TotalIndex" intitle:"TotalIndex"
intitle:"album permissions" "Users who can modify photos" "EVERYBODY"
intitle:"Directory Listing For" intext:Tomcat -intitle:Tomcat
intitle:"HFS /" +"HttpFileServer"
intitle:"Index of *" inurl:"my shared folder" size modified
——————————————————————————————————————-
"File Upload Manager v." "rename to"
ext:asp "powered by DUForum" inurl:(messages|details|login|default|register) -site:duware.com
ext:asp inurl:DUgallery intitle:"." -site:dugallery.com -site:duware.com
ext:cgi inurl:ubb_test
ezBOO "Administrator Panel" -cvs
filetype:cgi inurl:cachemgr.cgi
filetype:cnf my.cnf -cvs -example
filetype:inc inc intext:setcookie
filetype:php inurl:"viewfile" -"index.php" -"idfil
filetype:wsdl wsdl
intitle:"ASP FileMan" Resend -site:iisworks.com
intitle:"Index of /" modified php.exe
intitle:"phpremoteview" filetype:php "Name, Size, Type, Modify"
inurl:" WWWADMIN.PL" intitle:"wwwadmin"
inurl:"nph-proxy.cgi" "Start browsing through this CGI-based proxy"
inurl:"plog/register.php"
inurl:cgi.asx?StoreID
inurl:robpoll.cgi filetype:cgi
Google Hack搜索技巧的更多相关文章
- 如何使用GOOGLE高级搜索技巧
如何使用GOOGLE高级搜索技巧 一,GOOGLE简介 Google(www.google.com)是一个搜索引擎,由两个斯坦福大学博士生Larry Page与Sergey Brin于1998年9月发 ...
- Google高级搜索技巧十则
前言:多数人在使用Google搜索的过程是非常低效和无谓的,如果你只是输入几个关键词,然后按搜索按钮,你将是那些无法得到Google全部信息的用户,在这篇文章中,Google搜索专家迈克尔.米勒将向您 ...
- GOOGLE高级搜索技巧
前记: 我是完整的看完了.内容有点乱啊,自己没有时间整理,先放在自己的印象笔记里了.... 二,GOOGLE特色 GOOGLE支持多达132种语言,包括简体中文和繁体中文: GOOGLE网站只提 ...
- Google 黑客搜索技巧
常用的google关键字: foo1 foo2 (也就是关联,比如搜索xx公司 xx美女) operatorfoo filetype123 类型 sitefoo.com 相对直接看网站更有意思,可以得 ...
- 高效率使用google,国外搜索引擎,国内顺利使用Google的另类技巧,可用谷歌镜像, 可用google学术, 如何使用robots不让百度和google收录
Google良好的搜索和易用性已经得到了广大网友的欢迎,但是除了我们经常使用的Google网站.图像和新闻搜索之外,它还有很多其他搜索功能和搜索技巧.如果我们也能充分利用,必将带来更大的便利.这里我介 ...
- Google和Baidu常用的搜索技巧--转
原文链接:http://mp.weixin.qq.com/s?__biz=MjM5NTY0MTY1OQ==&mid=2654509772&idx=1&sn=754454e374 ...
- 技术|程序员必须要学会Google搜索技巧
程序员必须要学会Google搜索技巧 摘要: 因为Google在我天朝被墙,学FQ请通过Bing进行搜索如何FQGoogle搜索技巧我曾经多次劝我的另一个朋友花10分钟学习一下Google通配符的使用 ...
- google搜索技巧汇总
由于不能访问google,可访问ggso.in进行搜索. 简单整理记录一下常用的一些Google搜索技巧:或操作一般搜索时,如果输入多个词,默认是与的关系,如输入词1和词2,即搜索同时包含词1和词2的 ...
- 十大谷歌Google搜索技巧分享
前言:多数人在使用Google搜索的过程是非常低效和无谓的,如果你只是输入几个关键词,然后按搜索按钮,你将是那些无法得到Google全部信息的用户,在这篇文章中,Google搜索专家迈克尔.米勒将向您 ...
随机推荐
- Confluence 6 的小型文字档案(Cookies)
这个页面列出了存储在 Confluence 用户浏览器中的小型文字档案(Cookies)内容.这些内容是由 Confluence 自己创建的.这个页面不会列出由 Confluence 安装的第三方插件 ...
- Confluence 6 从其他备份中恢复数据
一般来说,Confluence 数据库可以从 Administration Console 或者 Confluence Setup Wizard 中进行恢复. 如果你在恢复压缩的 XML 备份的时候遇 ...
- ionic3 使用html2canvas将数据导出为图片,并下载本地
1.安装html2canvas npm install --save html2canvas 官方网站 https://html2canvas.hertzen.com/ 2.在需要的组件中引入html ...
- D3.js 使用缩放zoom时节点无法拖动,只能整体移动的问题
.on("dragstart", function() { d3.event.sourceEvent.stopPropagation(); }) https://stackover ...
- 获取表单内的所有元素的值 表单格式化插件jquery.serializeJSON
简单描述:一个form表单里有十几个input或者select,要获取到他们的值,我的做法一直都是$("#id").val();这样做本来没什么说的,但是如果有很多呢,就很麻烦,看 ...
- WireShark 实例分析笔记(概念)
1.嗅探器工作原理(中文版) 安装软件的附带WinPcap(实现从网卡接受数据可视化) 数据嗅探器工作原理, 第一:收集数据(数据包嗅探器从网络线缆上收集原始二进制数据,选定特定网卡设置混杂模式来完 ...
- You are my brother
问题 : You are my brother 时间限制: 1 Sec 内存限制: 128 MB 题目描述 Little A gets to know a new friend, Little B, ...
- Loadrunner常用目录、组成部分及负载测试流程
常用目录 bin:存放一些可执行程序 classes:可能用到的jar包 My Template:存放一些自己创建的模板 include:头文件(可以编写自定义函数,保存成.h的头文件形式并放在这个目 ...
- Windows Internals 笔记——线程局部存储区
1.由于C/C++运行库是在多线程应用程序出现的许多年前设计的,因此运行库中的大多数函数是为单线程应用程序设计的. 2.当应用程序第一次调用_tcstok_s的时候该函数将传入的字符串地址保存在它自己 ...
- CPU虚拟化
1. 为什么需要 CPU 虚拟化 X86 操作系统是设计在直接运行在裸硬件设备上的,因此它们自动认为它们完全占有计算机硬件.x86 架构提供四个特权级别给操作系统和应用程序来访问硬件. Ring 是 ...