GOOGLE HACKING 系列文章 【FreeXploiT整理收集】
本文涉及作者 swap(慕容小雨),zhaohuan(Xfocus),snipe(4ngel)
信息安全的隱患-GoogleHacking原理和防范
作者:zhaohuan@phack.org 來源:www.phack.org
技術天地:GoogleHacking是利用Google的搜索引擎快速查找存在脆弱性的主機以及包含敏感數據的信息,最近這種以前由黑客手動進行操作的攻擊手段可以通過一種新的蠕蟲病毒來自動完成。為了引起大家對GoogleHacking的關注與重視,我們編發了這篇文章希望大家通過對Hack的攻擊手段的了解,更好的保護自己的信息安全。本文中重在對GoogleHacking攻擊手段的理解,對一些攻擊的細節不予詳述請諒解。
前言:
2004年在拉斯維加斯舉行的BlackHat大會上,有兩位安全專家分別作了名為You found that on google ? 和google attacks 的主題演講。經過安全焦點論壇原版主WLJ大哥翻譯整理后,個人覺得有必要補充完善一些細節部分。今天向大家講述的是Google的又一功能:利用搜索引擎快速查找存在脆弱性的主機以及包含敏感數據的信息,甚至可以直接進行傻瓜入侵。
用google來進行“滲透測試”
我們今天滲透測試人員在實施攻擊之前,往往會先進行信息搜集工作,而后才是漏洞確認和最終的漏洞利用、擴大戰果。在這里我們現在要談的是:
一、利用google查找被人安裝了php webshell后門的主機,并測試能否使用;
二、利用google查找暴露出來的INC敏感信息.
OK,現在我們開始:
1.查找利用php webshell
我們在google的搜索框中填入:
??Code:
intitle:"php shell*" "Enable stderr" filetype:php
(注: intitle—網頁標題??Enable stderr—UNIX標準輸出和標準錯誤的縮寫filetype—文件類型)。搜索結果中,你能找到很多直接在機器上執行命令的web shell來。如果找到的PHPSHELL不會利用,如果你不熟悉UNIX,可以直接看看LIST,這里就不詳細說了,有很多利用價值。要說明的是,我們這里搜索出來的一些國外的PHPSHELL上都要使用UNIX命令,都是system調用出來的函數(其實用百度及其他搜索引擎都可以,只是填寫搜索的內容不同)。通過我的檢測,這個PHPWEBSHELL是可以直接Echo(Unix常用命令)。一句話就把首頁搞定了:
??Code:
echo "召喚" > index.jsp
在得到的
??Code:
echo /
后再寫上:"召喚"
現在看看首頁,已經被我們改成: "召喚" 了
我們也可以用WGET上傳一個文件上去(比如你要替換的葉子吧)。然后execute Command輸入 cat file > index.html or echo "" > file
echo "test" >> file
這樣一條條打出來,站點首頁就成功被替換了。同樣的也可以
??Code:
uname -a;cat /etc/passwd
不過有點要注意,有些WEBSHELL程序有問題,執行不了的,比如:
http://www.al3toof.com/card/smal ... c_html&command=
http://ramsgaard.net/upload/shell.php
這些站的php是global register off??
解決方案:
我們可以利用相關工具進行在互聯網進行搜索,如果有信息被濫用,到http://www.google.com/remove.html 提交你希望刪除的信息,
控制搜索引擎機器人的查詢.
2.搜索INC敏感信息
我們在google的搜索框中填入:
??Code:
.org filetype:inc
我們現在搜索的是org域名的站點的INC信息(因為google屏蔽掉了搜索"COM"信息,我們還可以搜其他gov,cn,info,tw,jp,edu等等之類的)
PS:我在看許多PHP編程人員在編程時候,都喜歡把一些常寫的代碼或配置信息,寫在一個.inc的文件中,如shared.inc、global.inc、conn.inc等等,當然這是一個很好的習慣,包括PHP官方網站都是如此,但不知你有沒有注意到這里面含一個安全隱患問題。
我有一次在寫一個PHP代碼時,無意中寫錯了一句話,當我在瀏覽器里查看此PHP文件時,竟然發現屏幕詳細的顯示了我所出錯的PHP文件路徑及代碼行。(PHP錯誤顯示配置是開著的.此功能在PHP里是默認的!),這就是說當我們無意寫錯代碼(同樣.inc文件也一樣) 或者PHP代碼解析出問題時,而PHP錯誤顯示又是開著的,客戶端的用戶就會看到具體url地址的.inc文件,而.url文件如同txt文本一樣,當在瀏覽器中瀏覽時,就毫無保留地顯示了它的內容,而且不少站點在.inc文件寫了重要的信息如用戶密碼之類!包括國內著名海爾公司以及嘉鈴摩托公司,我之所以敢公布是因為我本人測試過,http://www.haier.com/su ***/inc/conn.inc 暴出的數據庫ID密碼用客戶端連不上去,網站關閉了1215,而且防火墻也過濾掉了。
好,INC的知識說完后,我們繼續又搜索到了好多,找到一個暴露了MYSQL口令的
我們又可以用客戶端登陸上去修改數據了.這里涉及到數據庫的知識,我們不談太多,關于"INC暴露敏感信息"就到這里結束吧
當然我們可以通過一些辦法解決:
1,你可以專門對.inc文件進行配置,避免用戶直接獲取源文件。
2,當然比較好的方法是,加上并且改文件擴展名為.php(PHP可以解析的擴展名),這樣客戶端就不會獲取源文件了。
這里,我將FreeMind繪制的圖片用文本表示了.
有關Google Hack的詳細信息,幫助我們分析踩點
連接符:
??Code:
+??????-?????? :???????? .????????*???????? |
操作符:
??Code:
"foo1 foo2"??
filetype:123??
site:foo.com??
intext:foo??
intitle:footitle??
allinurl:foo
密碼相關
??Code:
:“index of”
htpasswd / passwd????
filetype:xls username password email????
"ws_ftp.log"????
??"config.php"????
allinurl:admin mdb??
service filetype:pwd (frontpage)??
敏感信息:
??Code:
"robots.tx"
"disallow:"
filetype:txt
??inurl:_vti_cnf (frontpage files)
allinurl:/msadc/samples/selector/showcode.asp
allinurl:/examples/jsp/snp/snoop.jsp
allinurl:phpsysinfo
ipsec filetype:conf
intitle:"error occurred" odbc request where (select|insert)
"mydomain.com" nessus??report
"report generated by"??
結尾:
如果要拿ROOT權限就要具體問題具體分析了,不過有了SHELL權限就好提了,網上有很多根據WEBSHELL提升權限的文章大家可以參照一下.
通過google我們還可以搜索到很多有用的東西,不過是細節,要通過信息收集慢慢分析、擴大、進行入侵.
這些我就不具體分析了.給大家個思路,大家慢慢研究好了
到這里,這篇文章就要結束了,寫這篇文章的目的是為了引起大家的關注與重視,了解新的HACK手段,了解新的防護方法,事物都有兩面性,在當今Google盛行的時代,在充分利用google的同時.也應該看得更全面.
?
?
?
google hacking的實現以及應用
?
?
google hacking的實現以及應用(上)
本文作者:sniper
文章出于:www.4ngel.net
日??期 : 05/01/26
修改/發布: 05/02/21
本文僅做于技術討論于研究,請勿用做其他用途.
PS:慶祝一下暫時擺脫應試教育的魔爪,向那些打著素質教育暗地里搞應試教育的學校豎起中指!
前言
????google hacking其實并算不上什么新東西,在早幾年我在一些國外站點上就看見過相關的介紹,但是由于當時并沒有重視這種技術,認為最多就只是用來找找未改名的mdb或者別人留下的webshell什么的,并無太大實際用途.但是前段時間仔細啃了些資料才猛然發覺google hacking其實并非如此簡單...
google hacking的簡單實現
????記得以前看見過一篇文章寫的就是簡單的通過用www.google.com來搜索dvbbs6.mdb或conn.inc來獲得一些站點的敏感信息.其實使用google中的一些語法可以提供給我們更多的信息(當然也提供給那些習慣攻擊的人更多他們所想要的.),下面就來介紹一些常用的語法.
intext:
這個就是把網頁中的正文內容中的某個字符做為搜索條件.例如在google里輸入:intext:動網.將返回所有在網頁正文部分包含"動網"的網頁.allintext:使用方法和intext類似.
intitle:
和上面那個intext差不多,搜索網頁標題中是否有我們所要找的字符.例如搜索:intitle:安全天使.將返回所有網頁標題中包含"安全天使"的網頁.同理allintitle:也同intitle類似.
cache:
搜索google里關于某些內容的緩存,有時候也許能找到一些好東西哦.
define:
搜索某個詞語的定義,搜索:define:hacker,將返回關于hacker的定義.
filetype:
這個我要重點推薦一下,無論是撒網式攻擊還是我們后面要說的對特定目標進行信息收集都需要用到這個.搜索指定類型的文件.例如輸入:filetype:doc.將返回所有以doc結尾的文件URL.當然如果你找.bak、.mdb或.inc也是可以的,獲得的信息也許會更豐富:)
info:
查找指定站點的一些基本信息.
inurl:
搜索我們指定的字符是否存在于URL中.例如輸入:inurl:admin,將返回N個類似于這樣的連接:http://www.xxx.com/xxx/admin,用來找管理員登陸的URL不錯.allinurl也同inurl類似,可指定多個字符.
link:
例如搜索:inurl:www.4ngel.net可以返回所有和www.4ngel.net做了鏈接的URL.
site:
這個也很有用,例如:site:www.4ngel.net.將返回所有和4ngel.net這個站有關的URL.
????對了還有一些操作符也是很有用的:
+ 把google可能忽略的字列如查詢范圍
- 把某個字忽略
~ 同意詞
. 單一的通配符
* 通配符,可代表多個字母
""????精確查詢
????下面開始說說實際應用(我個人還是比較習慣用google.com,以下內容均在google上搜索),對于一個居心叵測的攻擊者來說,可能他最感興趣的就是密碼文件了.而google正因為其強大的搜索能力往往會把一些敏感信息透露給他們.用google搜索以下內容:
intitle:"index of" etc
intitle:"Index of" .sh_history
intitle:"Index of" .bash_history
intitle:"index of" passwd
intitle:"index of" people.lst
intitle:"index of" pwd.db
intitle:"index of" etc/shadow
intitle:"index of" spwd
intitle:"index of" master.passwd
intitle:"index of" htpasswd
"# -FrontPage-" inurl:service.pwd
有時候因為各種各樣的原因一些重要的密碼文件被毫無保護的暴露在網絡上,如果被別有用心的人獲得,那么危害是很大的.下面是我找到的一個FreeBSD系統的passwd文件(我已做過處理):
圖一
????同樣可以用google來搜索一些具有漏洞的程序,例如ZeroBoard前段時間發現個文件代碼泄露漏洞,我們可以用google來找網上使用這套程序的站點:
intext:ZeroBoard filetype:php
或者使用:
inurl:outlogin.php?_zb_path= site:.jp
來尋找我們所需要的頁面.phpmyadmin是一套功能強大的數據庫操作軟件,一些站點由于配置失誤,導致我們可以不使用密碼直接對phpmyadmin進行操作.我們可以用google搜索存在這樣漏洞的程序URL:
intitle:phpmyadmin intext:Create new database
圖二
????還記得http://www.xxx.com/_vti_bin/..%5C..%5C..%5C..%5C..%5C../winnt/system32/cmd.exe?dir嗎?用google找找,你也許還可以找到很多古董級的機器。同樣我們可以用這個找找有其他cgi漏洞的頁面。
allinurl:winnt system32
圖三
????
????前面我們已經簡單的說過可以用google來搜索數據庫文件,用上一些語法來精確查找能夠獲得更多東西(access的數據庫,mssql、mysql的連接文件等等).舉個例子示例一下:
allinurl:bbs data
filetype:mdb inurl:database
filetype:inc conn
inurl:data filetype:mdb
intitle:"index of" data??//在一些配置不正確的apache+win32的服務器上經常出現這種情況
????和上面的原理一樣,我們還可以用google來找后臺,方法就略了,舉一反三即可,畢竟我寫這篇文章的目的是讓大家了解google hacking,而不是讓你用google去破壞.安全是把雙刃劍,關鍵在于你如何去運用.
????????????????????????????????????google hacking的實現以及應用(下)
本文作者:sniper
文章出于:www.4ngel.net
日??期 : 05/01/26
本文僅做于技術討論于研究,請勿用做其他用途.
本文的上半部分可在4ngel.net找到.
????利用google完全是可以對一個站點進行信息收集和滲透的,下面我們用google對特定站點進行一次測試。www.xxxx.com是全國著名大學之一,一次偶然的機會我決定對其站點進行一次測試(文中所涉及該學校的信息均已經過處理,請勿對號入座:).
????首先用google先看這個站點的一些基本情況(一些細節部分就略去了):
site:xxxx.com
????從返回的信息中,找到幾個該校的幾個系院的域名:
http://a1.xxxx.com
http://a2.xxxx.com
http://a3.xxxx.com
http://a4.xxxx.com
????順便ping了一下,應該是在不同的服務器.(想想我們學校就那一臺可憐的web服務器,大學就是有錢,汗一個)。學校一般都會有不少好的資料,先看看有什么好東西沒:
site:xxxx.com filetype:doc
得到N個不錯的doc。先找找網站的管理后臺地址:
site:xxxx.com intext:管理
site:xxxx.com inurl:login
site:xxxx.com intitle:管理
超過獲得2個管理后臺地址:
http://a2.xxxx.com/sys/admin_login.asp
http://a3.xxxx.com:88/_admin/login_in.asp
還算不錯,看看服務器上跑的是什么程序:
site:a2.xxxx.com filetype:asp
site:a2.xxxx.com filetype:php
site:a2.xxxx.com filetype:aspx
site:a3.xxxx.com filetype:asp
site:.......
......
a2服務器用的應該是IIS,上面用的是asp的整站程序,還有一個php的論壇
a3服務器也是IIS,aspx+asp。web程序都應該是自己開發的。有論壇那就看看能不能遇見什么公共的FTP帳號什么的:
site:a2.xxxx.com intext:ftp://*:*
沒找到什么有價值的東西。再看看有沒有上傳一類的漏洞:
site:a2.xxxx.com inurl:file
site:a3.xxxx.com inurl:load
在a2上發現一個上傳文件的頁面:
http://a2.xxxx.com/sys/uploadfile.asp
用IE看了一下,沒權限訪問。試試注射,
site:a2.xxxx.com filetype:asp
得到N個asp頁面的地址,體力活就讓軟件做吧,這套程序明顯沒有對注射做什么防范,dbowner權限,雖然不高但已足矣,back a shell我不太喜歡,而且看起來數據庫的個頭就不小,直接把web管理員的密碼暴出來再說,MD5加密過。一般學校的站點的密碼都比較有規律,通常都是域名+電話一類的變形,用google搞定吧。
site:xxxx.com????//得到N個二級域名
site:xxxx.com intext:*@xxxx.com??//得到N個郵件地址,還有郵箱的主人的名字什么的
site:xxxx.com intext:電話???? //N個電話
把什么的信息做個字典吧,掛上慢慢跑。過了一段時間就跑出4個帳號,2個是學生會的,1個管理員,還有一個可能是老師的帳號。登陸上去:
name:網站管理員
pass:a2xxxx7619????//說了吧,就是域名+4個數字
要再怎么提權那就不屬于本文討論訪問了,呵呵,到此為止。
關于google hacking的防范:
????以前我們站的曉風·殘月寫過一篇躲避google的文章,原理就是通過在站點根目錄下建立一個robots.txt以避免網絡機器人獲得一些敏感的信息,具體大家看原文章:http://www.4ngel.net/article/26.htm。
????不過這種方法我個人不推薦,有點此地無銀三百兩的味道。簡單一點的方法就是上google把自己站點的一些信息刪除掉,訪問這個URL:
http://www.google.com/remove.html
前幾天看見又有人討論用程序來欺騙robot的方法,我覺得可以試試:
代碼如下:
<?php
if (strstr($_SERVER['HTTP_USER_AGENT'], "Googlebot"))
{
header("HTTP/1.1 301");
header("Location: http://www.google.com");
}
?>
asp的:
<%
if instr(Request.Servervariables("HTTP_USER_AGENT"),"Googlebot") then
??response.redirect("http://www.google.com")
end if
??
%>
后記
????這段時間在國外的一些google hack的研究站點看了看,其實也都差不多是一些基本語法的靈活運用,或者配合某個腳本漏洞,主要還是靠個人的靈活思維。國外對于google hack方面的防范也并不是很多,所以大家還是點到為止,不要去搞破壞拉,呵呵。對于一些在win上跑
apache的網管們應該多注意一下這方面,一個intitle:index of就差不多都出來了:)?
?
?
以下是來至swap的收集
?
?
google hack dat 又增加了一些比較新的數據 "cacheserverreport for";%22cacheserverreport+for%22+%22This+analysis+was+produced+by+calamaris%22&btnG=Google+Searchintitle:"Ganglia" "Cluster Report for";intitle%3A%22Ganglia%22+%22Cluster+Report+for%22&btnG=Search
intitle:"Apache HTTP Server" intitle:"documentation";intitle%3A%22Apache+HTTP+Server%22+intitle%3A%22documentation%22&btnG=Search
"Error Diagnostic Information" intitle:"Error Occurred While";%22Error+Diagnostic+Information%22+intitle%3A%22Error+Occurred+While%22&btnG=Search
intitle:"Index of" finance.xls;intitle%3A%22Index+of%22+finance.xls&btnG=Search
intitle:index.of finances.xls;intitle%3Aindex.of+finances.xls&btnG=Search
"# Dumping data for table";%22%23+Dumping+data+for+table%22&btnG=Search
intitle:index.of .bash_history;intitle%3Aindex.of+.bash_history&btnG=Search
intitle:index.of .sh_history;intitle%3Aindex.of+.sh_history&btnG=Search
intitle:"Index of" .mysql_history;intitle%3A%22Index+of%22+.mysql_history&btnG=Search
intitle:index.of mt-db-pass.cgi;intitle%3Aindex.of+mt-db-pass.cgi&btnG=Search
"Index of /backup";%22Index+of+%2Fbackup%22&btnG=Search
"powered by openbsd" +"powered by apache";%22powered+by+openbsd%22+%2B%22powered+by+apache%22&btnG=Search
intitle:index.of intext:"secring.skr"|"secring.pgp"|"secring.bak";intitle%3Aindex.of+intext%3A%22secring.skr%22%7C%22secring.pgp%22%7C%22secring.bak%22&btnG=Search
intitle:index.of passwd passwd.bak;intitle%3Aindex.of+passwd+passwd.bak&btnG=Search
intitle:index.of master.passwd;intitle%3Aindex.of+master.passwd&btnG=Search
intitle:"Index of" pwd.db;intitle%3A%22Index+of%22+pwd.db&btnG=Search
intitle:"Index of" ".htpasswd" htpasswd.bak;intitle%3A%22Index+of%22+%22.htpasswd%22+htpasswd.bak&btnG=Search
intitle:"Index of" ".htpasswd" "htgroup" -intitle:"dist" -apache -htpasswd.c;intitle%3A%22Index+of%22+%22.htpasswd%22+%22htgroup%22+-intitle%3A%22dist%22+-apache+-htpasswd.cpache&btnG=Search
intitle:"Index of" spwd.db passwd -pam.conf;intitle%3A%22Index+of%22+spwd.db+passwd+-pam.conf&btnG=Search
intitle:"Index of..etc" passwd;intitle%3A%22Index+of..etc%22+passwd&btnG=Search
buddylist.blt;buddylist.blt&btnG=Search
intitle:index.of config.php;intitle%3Aindex.of+config.php&btnG=Search
intitle:phpinfo "PHP Version";intitle%3Aphpinfo+%22PHP+Version%22&btnG=Search
"supplied argument is not a valid MySQL result resource";%22supplied+argument+is+not+a+valid+MySQL+result+resource%22&btnG=Search
intitle:index.of robots.txt;intitle%3Aindex.of+robots.txt&btnG=Search
index.of passlist;index.of+passlist&btnG=Search
index.of.secret;index.of.secret&btnG=Search
index.of.private;index.of.private&btnG=Search
index.of.etc;index.of.etc&btnG=Search
index.of.winnt;index.of.winnt&btnG=Search
index.of.secure;index.of.secure&btnG=Search
index.of.password;index.of.password&btnG=Search
"This report was generated by WebLog";%22This+report+was+generated+by+WebLog%22&btnG=Search
"These statistics were produced by getstats";%22These+statistics+were+produced+by+getstats%22&btnG=Search
"This summary was generated by wwwstat";%22This+summary+was+generated+by+wwwstat%22&btnG=Search
intitle:index.of haccess.ctl;intitle%3Aindex.of+haccess.ctl&btnG=Search
filetype:ctl Basic;filetype%3Actl+Basic&btnG=Search
filetype:xls username password email;filetype%3Axls+username+password+email&btnG=Search
site:edu admin grades;site%3Aedu+admin+grades&btnG=Search
allinurl:auth_user_file.txt;allinurl%3Aauth_user_file.txt&btnG=Search
inurl:config.php dbuname dbpass;inurl%3Aconfig.php+dbuname+dbpass&btnG=Search
inurl:tech-support inurl:show Cisco;inurl%3Atech-support+inurl%3Ashow+Cisco&btnG=Search
intitle:index.of trillian.ini;intitle%3Aindex.of+trillian.ini&btnG=Search
intitle:admin intitle:login;intitle%3Aadmin+intitle%3Alogin&btnG=Search
"ORA-00921: unexpected end of SQL command";%22ORA-00921%3A+unexpected+end+of+SQL+command%22&btnG=Search
inurl:passlist.txt;inurl%3Apasslist.txt&btnG=Search
inurl:sitebuildercontent;inurl%3Asitebuildercontent&btnG=Search
filetype:htpasswd htpasswd;filetype%3Ahtpasswd+htpasswd&btnG=Search
"YaBB SE Dev Team";%22YaBB+SE+Dev+Team%22&btnG=Search
inurl:custva.asp;inurl%3Acustva.asp&btnG=Search
"# phpMyAdmin MySQL-Dump" filetype:txt;%22%23+phpMyAdmin+MySQL-Dump%22+filetype%3Atxt&btnG=Search
"# phpMyAdmin MySQL-Dump" "INSERT INTO" -"the";%22%23+phpMyAdmin+MySQL-Dump%22+%22INSERT+INTO%22+-%22the%22&btnG=Search
intitle:"Gallery in Configuration mode";intitle%3A%22Gallery+in+Configuration+mode%22&btnG=Search
intitle:index.of cgiirc.config;intitle%3Aindex.of+cgiirc.config&btnG=Search
inurl:cgiirc.config;inurl%3Acgiirc.config&btnG=Search
inurl:ipsec.secrets -history -bugs;inurl%3Aipsec.secrets+-history+-bugs&btnG=Search
intitle:"500 Internal Server Error" "server at";intitle%3A%22500+Internal+Server+Error%22+%22server+at%22&btnG=Search
"mySQL error with query";%22mySQL+error+with+query%22&btnG=Search
"You have an error in your SQL syntax near";%22You+have+an+error+in+your+SQL+syntax+near%22&btnG=Search
"ORA-00921: unexpected end of SQL command";%22ORA-00921%3A+unexpected+end+of+SQL+command%22&btnG=Search
"Unclosed quotation mark before the character string";%22Unclosed+quotation+mark+before+the+character+string%22&btnG=Search
"PostgreSQL query failed: ERROR: parser: parse error";%22PostgreSQL+query+failed%3A+ERROR%3A+parser%3A+parse+error%22&btnG=Search
"Supplied argument is not a valid PostgreSQL result";%22Supplied+argument+is+not+a+valid+PostgreSQL+result%22&btnG=Search
"A syntax error has occurred" filetype:ihtml;%22A+syntax+error+has+occurred%22+filetype%3Aihtml&btnG=Search
intitle:"Usage Statistics for" "Generated by Webalizer";intitle%3A%22Usage+Statistics+for%22+%22Generated+by+Webalizer%22&btnG=Search
"robots.txt" "Disallow:" filetype:txt;%22robots.txt%22+%22Disallow%3A%22+filetype%3Atxt&btnG=Search
"phpMyAdmin" "running on" inurl:"main.php";%22phpMyAdmin%22+%22running+on%22+inurl%3A%22main.php%22&btnG=Search
inurl:main.php Welcome to phpMyAdmin;inurl%3Amain.php+Welcome+to+phpMyAdmin&btnG=Search
intitle:index.of "Apache" "server at";intitle%3Aindex.of+%22Apache%22+%22server+at%22&btnG=Search
"access denied for user" "using password";%22access+denied+for+user%22+%22using+password%22&btnG=Search
intitle:"Under construction" "does not currently have";intitle%3A%22Under+construction%22+%22does+not+currently+have%22&btnG=Search
"seeing this instead" intitle:"test page for apache";%22seeing+this+instead%22+intitle%3A%22test+page+for+apache%22&btnG=Search
intitle:"Test Page for Apache" "It Worked!";intitle%3A%22Test+Page+for+Apache%22+%22It+Worked%21%22&btnG=Search
"Can't connect to local" intitle:warning;%22Can%27t+connect+to+local%22+intitle%3Awarning&btnG=Search
intitle:index.of ws_ftp.ini;intitle%3Aindex.of+ws_ftp.ini&btnG=Search
intitle:index.of administrators.pwd;intitle%3Aindex.of+administrators.pwd&btnG=Search
intitle:Index.of etc shadow;intitle%3AIndex.of+etc+shadow&btnG=Search
"Select a database to view" intitle:"filemaker pro";%22Select+a+database+to+view%22+intitle%3A%22filemaker+pro%22&btnG=Search
"not for distribution" confidential;%22not+for+distribution%22+confidential&btnG=Search
"Thank you for your purchase" +download;%22Thank+you+for+your+purchase%22+%2Bdownload&btnG=Search
allinurl:intranet admin;allinurl%3Aintranet+admin&btnG=Search
"This report lists" "identified by Internet Scanner";%22This+report+lists%22+%22identified+by+Internet+Scanner%22&btnG=Search
"Network Host Assessment Report" "Internet Scanner";%22Network+Host+Assessment+Report%22+%22Internet+Scanner%22&btnG=Search
"Network Vulnerability Assessment Report";%22Network+Vulnerability+Assessment+Report%22&btnG=Search
"Host Vulnerability Summary Report";%22Host+Vulnerability+Summary+Report%22&btnG=Search
intitle:index.of inbox;intitle%3Aindex.of+inbox&btnG=Search
intitle:index.of inbox dbx;intitle%3Aindex.of+inbox+dbx&btnG=Search
"#mysql dump" filetype:sql;%22%23mysql+dump%22+filetype%3Asql&btnG=Search
allinurl:install/install.php;allinurl%3Ainstall%2Finstall.php&btnG=Search
inurl:vbstats.php "page generated";inurl%3Avbstats.php+%22page+generated%22&btnG=Search
inurl:zebra.conf intext:password -sample;inurl%3Azebra.conf+intext%3Apassword+-sample&btnG=Search
inurl:ospfd.conf intext:password -sample;inurl%3Aospfd.conf+intext%3Apassword+-sample&btnG=Search
intitle:"Index of /" modified php.exe;intitle%3A%22Index+of+%2F%22+modified+php.exe&btnG=Search
intitle:"Error using Hypernews" "Server Software";intitle%3A%22Error+using+Hypernews%22+%22Server+Software%22&btnG=Search
inurl:ccbill filetype:log;inurl%3Accbill+filetype%3Alog&btnG=Search
filetype:mdb inurl:users.mdb;filetype%3Amdb+inurl%3Ausers.mdb&btnG=Search
filetype:cfg ks intext:rootpw -sample;filetype%3Acfg+ks+intext%3Arootpw+-sample&btnG=Search
filetype:php inurl:"viewfile" -"index.php" -"idfil";filetype%3Aphp+inurl%3A%22viewfile%22+-%22index.php%22+-%22idfil%22&btnG=Search
intitle:"Microsoft Outlook Web Access - Logon";intitle%3A%22Microsoft+Outlook+Web+Access+-+Logon%22&btnG=Search
inurl:root.asp?acs=anon;inurl%3Aroot.asp%3Facs%3Danon&btnG=Search
"Looking Glass" (inurl:"lg/" | inurl:lookingglass);%22Looking+Glass%22+%28inurl%3A%22lg%2F%22+%7C+inurl%3Alookingglass%29&btnG=Search
filetype:cgi inurl:"irc.cgi";filetype%3Acgi+inurl%3A%22irc.cgi%22&btnG=Search
filetype:ctt ctt messenger;filetype%3Actt+ctt+messenger&btnG=Search
intitle:"Error Occurred While Processing Request";intitle%3A%22Error+Occurred+While+Processing+Request%22&btnG=Search
intitle:"htsearch error" ht://Dig error;intitle%3A%22htsearch+error%22+ht%3A%2F%2FDig+error&btnG=Search
filetype:asp inurl:"shopdisplayproducts.asp";filetype%3Aasp+inurl%3A%22shopdisplayproducts.asp%22&btnG=Search
inurl:/public/?Cmd=contents;inurl%3A%2Fpublic%2F%3FCmd%3Dcontents&btnG=Search
"Powered by: vBulletin * 3.0.1" inurl:newreply.php;%22Powered+by%3A+vBulletin+*+3.0.1%22+inurl%3Anewreply.php&btnG=Search
filetype:mny mny;filetype%3Amny+mny&btnG=Search
HTTP_USER_AGENT=Googlebot;HTTP_USER_AGENT%3DGooglebot&btnG=Search
"# Dumping data for table (username|user|users|password)";%22%23+Dumping+data+for+table+%28username%7Cuser%7Cusers%7Cpassword%29%22&btnG=Search
intitle:"Welcome to ntop!";intitle%3A%22Welcome+to+ntop%21%22&btnG=Search
filetype:conf inurl:unrealircd.conf -cvs -gentoo;filetype%3Aconf+inurl%3Aunrealircd.conf+-cvs+-gentoo&btnG=Search
intitle:"Index of" service.pwd;intitle%3A%22Index+of%22+service.pwd
intitle:"Index of" users.pwd;intitle%3A%22Index+of%22+users.pwd
intitle:"Index of" authors.pwd;intitle%3A%22Index+of%22+authors.pwd
intitle:"Index of" administrators.pwd;intitle%3A%22Index+of%22+administrators.pwd
intitle:"Index of" showcode.asp;intitle%3A%22Index+of%22+showcode.asp
intitle:"Index of" sendmail.cfm;intitle%3A%22Index+of%22+sendmail.cfm
intitle:"Index of" SessionServlet;intitle%3A%22Index+of%22+SessionServlet
intitle:"Index of" web_store.cgi;intitle%3A%22Index+of%22+web_store.cgi
intitle:"Index of" wwwboard.pl;intitle%3A%22Index+of%22+wwwboard.pl
intitle:"Index of" www-sql;intitle%3A%22Index+of%22+www-sql
intitle:"Index of" AT-admin.cgi;intitle%3A%22Index+of%22+AT-admin.cgi
intitle:"Index of" maillist.pl;intitle%3A%22Index+of%22+maillist.pl
intitle:"Index of" publisher;intitle%3A%22Index+of%22+publisher
intitle:"Index of" db.cgi;intitle%3A%22Index+of%22+db.cgi
intitle:"Index of" login.jsp;intitle%3A%22Index+of%22+login.jsp
intitle:"Index of" amadmin.pl;intitle%3A%22Index+of%22+amadmin.pl
inintitle:"Index of" (access_log|access-log);intitle%3A%22Index+of%22+%28access_log%7Caccess-log%29&btnG=Search
intitle:"Index of" log.htm;intitle%3A%22Index+of%22+log.htm&btnG=Search
intitle:"Index of" mailto.cgi.pwd;intitle%3A%22Index+of%22+mailto.cgi
intitle:"Index of" YaBB.pl.pwd;intitle%3A%22Index+of%22+YaBB.pl
intitle:"Index of" WSFTP.LOG;intitle%3A%22Index+of%22+WSFTP.LOG
intitle:"Index of" print.cgi;intitle%3A%22Index+of%22+print.cgi
intitle:"Index of" CrazyWWWBoard.cgi;intitle%3A%22Index+of%22+CrazyWWWBoard.cgi
intitle:"Index of" pwd.dat;intitle%3A%22Index+of%22+pwd.dat
intitle:"Index of" post-query;intitle%3A%22Index+of%22+post-query
intext:"404 Object Not Found" Microsoft-IIS/5.0;intext%3A%22404+Object+Not+Found%22+Microsoft-IIS%2F5.0
"Microsoft-IIS/5.0 server at";%22Microsoft-IIS%2F5.0+server+at%22&btnG=Search
"Microsoft-IIS/4.0" intitle:index.of;%22Microsoft-IIS%2F4.0%22+intitle%3Aindex.of&btnG=Search
"Microsoft-IIS/6.0" intitle:index.of;%22Microsoft-IIS%2F6.0%22+intitle%3Aindex.of&btnG=Search
"Novell, Inc" WEBACCESS Username Password "Version *.*" Copyright -inurl:help -guides|guide;%22Novell%2C+Inc%22+WEBACCESS+Username+Password+%22Version+*.*%22+Copyright++-inurl%3Ahelp+-guides%7Cguide&btnG=Search
"Red Hat Secure/2.0";%22Red+Hat+Secure%2F2.0%22&btnG=Search
allintext:"Powered by LionMax Software" "WWW File Share";allintext%3A%22Powered+by+LionMax+Software%22+%22WWW+File+Share%22&btnG=Zoeken&lr=
allinurl:".nsconfig" -sa;allinurl%3A%22.nsconfig%22+-sa
intitle:"Lotus Domino Go Webserver:" "Tuning your webserver" -site:ibm.com;intitle:%22Lotus+Domino+Go+Webserver:%22+%22Tuning+your+webserver%22+-site:ibm.com&hl=en&lr=&ie=UTF-8&filter=0
intitle:"Open WebMail" "Open WebMail version (2.20|2.21|2.30)";intitle%3A%22Open+WebMail%22+%22Open+WebMail+version+%282.20%7C2.21%7C2.30%29+%22&btnG=B%C3%BAsqueda&meta=
intitle:"Welcome To Xitami" -site:xitami.com;intitle%3A%22Welcome+To+Xitami%22+-site%3Axitami.com&btnG=Google+Search
intitle:"Welcome to windows 2000 Internet Services";intitle:%22Welcome+to+Windows+2000+Internet+Services%22
XAMPP "inurl:xampp/index";XAMPP+%22inurl:xampp/index%22
"Select a database to view" intitle:"filemaker pro";%22Select+a+database+to+view%22+intitle%3A%22filemaker+pro%22
"Welcome to PHP-Nuke" congratulations;%22Welcome+to+PHP-Nuke%22+congratulations
intitle:"Mail Server CMailServer Webmail" "5.2";intitle%3A%22Mail+Server+CMailServer+Webmail%22+%225.2%22
allintitle:Brains, Corp. camera;allintitle:Brains,+Corp.+camera
inurl:indexFrame.shtml Axis;inurl%3AindexFrame.shtml+Axis&btnG=Google+Search
intitle:"remote ui:top page";intitle%3A%22remote+ui%3Atop+page%22
intext:"Ready with 10/100T Ethernet";intext:%22Ready+with+10/100T+Ethernet%22
intitle:"EvoCam" inurl:"webcam.html";intitle:%22EvoCam%22+inurl:%22webcam.html%22
intitle:"my webcamXP server!" inurl:":8080";intitle%3A%22my+webcamXP+server!%22+inurl%3A%22%3A8080%22&btnG=Search
intitle:"toshiba network camera - User Login";intitle%3A%22toshiba+network+camera+-+User+Login%22
inurl:"ViewerFrame?Mode=";inurl%3A%22ViewerFrame%3FMode%3D%22
intext:centreware inurl:status;intext%3Acentreware+inurl%3Astatus
intext:"MOBOTIX M1" intext:"Open Menu";intext%3A%22MOBOTIX+M1%22+intext%3A%22Open+Menu%22
inurl:"printer/main.html" intext:"settings";inurl%3A%22printer%2Fmain.html%22+intext%3A%22settings%22
intitle:"Browser Launch Page";intitle%3A%22Browser+Launch+Page%22
intitle:liveapplet inurl:LvAppl;intitle%3Aliveapplet+inurl%3ALvAppl
還有篇差不多呢 收集的比較全
Google Hacker by dav2600@gmail.com;%22Alle+gro%C3%9Fen+Anarchisten+starben+am+23.%22&btnG=Search
"cacheserverreport for";%22cacheserverreport+for%22+%22This+analysis+was+produced+by+calamaris%22&btnG=Google+Search
intitle:"Ganglia" "Cluster Report for";intitle%3A%22Ganglia%22+%22Cluster+Report+for%22&btnG=Search
intitle:"Apache HTTP Server" intitle:"documentation";intitle%3A%22Apache+HTTP+Server%22+intitle%3A%22documentation%22&btnG=Search
"Error Diagnostic Information" intitle:"Error Occurred While";%22Error+Diagnostic+Information%22+intitle%3A%22Error+Occurred+While%22&btnG=Search
intitle:"Index of" finance.xls;intitle%3A%22Index+of%22+finance.xls&btnG=Search
intitle:index.of finances.xls;intitle%3Aindex.of+finances.xls&btnG=Search
"# Dumping data for table";%22%23+Dumping+data+for+table%22&btnG=Search
intitle:index.of .bash_history;intitle%3Aindex.of+.bash_history&btnG=Search
intitle:index.of .sh_history;intitle%3Aindex.of+.sh_history&btnG=Search
intitle:"Index of" .mysql_history;intitle%3A%22Index+of%22+.mysql_history&btnG=Search
intitle:index.of mt-db-pass.cgi;intitle%3Aindex.of+mt-db-pass.cgi&btnG=Search
intitle:"Welcome to windows 2000 Internet Services";intitle%3A%22Welcome+to+Windows+2000+Internet+Services%22&btnG=Search
intitle:"Welcome to IIS 4.0";intitle%3A%22Welcome+to+IIS+4.0%22&btnG=Search
"Index of /backup";%22Index+of+%2Fbackup%22&btnG=Search
"powered by openbsd" +"powered by apache";%22powered+by+openbsd%22+%2B%22powered+by+apache%22&btnG=Search
intitle:index.of intext:"secring.skr"|"secring.pgp"|"secring.bak";intitle%3Aindex.of+intext%3A%22secring.skr%22%7C%22secring.pgp%22%7C%22secring.bak%22&btnG=Search
intitle:index.of passwd passwd.bak;intitle%3Aindex.of+passwd+passwd.bak&btnG=Search
intitle:index.of master.passwd;intitle%3Aindex.of+master.passwd&btnG=Search
intitle:"Index of" pwd.db;intitle%3A%22Index+of%22+pwd.db&btnG=Search
intitle:"Index of" ".htpasswd" htpasswd.bak;intitle%3A%22Index+of%22+%22.htpasswd%22+htpasswd.bak&btnG=Search
intitle:"Index of" ".htpasswd" "htgroup" -intitle:"dist" -apache -htpasswd.c;intitle%3A%22Index+of%22+%22.htpasswd%22+%22htgroup%22+-intitle%3A%22dist%22+-apache+-htpasswd.cpache&btnG=Search
intitle:"Index of" spwd.db passwd -pam.conf;intitle%3A%22Index+of%22+spwd.db+passwd+-pam.conf&btnG=Search
intitle:"Index of..etc" passwd;intitle%3A%22Index+of..etc%22+passwd&btnG=Search
buddylist.blt;buddylist.blt&btnG=Search
intitle:index.of config.php;intitle%3Aindex.of+config.php&btnG=Search
intitle:phpinfo "PHP Version";intitle%3Aphpinfo+%22PHP+Version%22&btnG=Search
"supplied argument is not a valid MySQL result resource";%22supplied+argument+is+not+a+valid+MySQL+result+resource%22&btnG=Search
intitle:index.of robots.txt;intitle%3Aindex.of+robots.txt&btnG=Search
index.of passlist;index.of+passlist&btnG=Search
index.of.secret;index.of.secret&btnG=Search
index.of.private;index.of.private&btnG=Search
index.of.etc;index.of.etc&btnG=Search
index.of.winnt;index.of.winnt&btnG=Search
index.of.secure;index.of.secure&btnG=Search
index.of.password;index.of.password&btnG=Search
"This report was generated by WebLog";%22This+report+was+generated+by+WebLog%22&btnG=Search
"These statistics were produced by getstats";%22These+statistics+were+produced+by+getstats%22&btnG=Search
"This summary was generated by wwwstat";%22This+summary+was+generated+by+wwwstat%22&btnG=Search
intitle:index.of haccess.ctl;intitle%3Aindex.of+haccess.ctl&btnG=Search
filetype:ctl Basic;filetype%3Actl+Basic&btnG=Search
filetype:xls username password email;filetype%3Axls+username+password+email&btnG=Search
site:edu admin grades;site%3Aedu+admin+grades&btnG=Search
allinurl:auth_user_file.txt;allinurl%3Aauth_user_file.txt&btnG=Search
inurl:config.php dbuname dbpass;inurl%3Aconfig.php+dbuname+dbpass&btnG=Search
inurl:tech-support inurl:show Cisco;inurl%3Atech-support+inurl%3Ashow+Cisco&btnG=Search
intitle:index.of trillian.ini;intitle%3Aindex.of+trillian.ini&btnG=Search
intitle:admin intitle:login;intitle%3Aadmin+intitle%3Alogin&btnG=Search
"ORA-00921: unexpected end of SQL command";%22ORA-00921%3A+unexpected+end+of+SQL+command%22&btnG=Search
inurl:passlist.txt;inurl%3Apasslist.txt&btnG=Search
inurl:sitebuildercontent;inurl%3Asitebuildercontent&btnG=Search
filetype:htpasswd htpasswd;filetype%3Ahtpasswd+htpasswd&btnG=Search
"YaBB SE Dev Team";%22YaBB+SE+Dev+Team%22&btnG=Search
inurl:custva.asp;inurl%3Acustva.asp&btnG=Search
"# phpMyAdmin MySQL-Dump" filetype:txt;%22%23+phpMyAdmin+MySQL-Dump%22+filetype%3Atxt&btnG=Search
"# phpMyAdmin MySQL-Dump" "INSERT INTO" -"the";%22%23+phpMyAdmin+MySQL-Dump%22+%22INSERT+INTO%22+-%22the%22&btnG=Search
intitle:"Gallery in Configuration mode";intitle%3A%22Gallery+in+Configuration+mode%22&btnG=Search
intitle:index.of cgiirc.config;intitle%3Aindex.of+cgiirc.config&btnG=Search
inurl:cgiirc.config;inurl%3Acgiirc.config&btnG=Search
inurl:ipsec.secrets -history -bugs;inurl%3Aipsec.secrets+-history+-bugs&btnG=Search
intitle:"500 Internal Server Error" "server at";intitle%3A%22500+Internal+Server+Error%22+%22server+at%22&btnG=Search
"mySQL error with query";%22mySQL+error+with+query%22&btnG=Search
"You have an error in your SQL syntax near";%22You+have+an+error+in+your+SQL+syntax+near%22&btnG=Search
"ORA-00921: unexpected end of SQL command";%22ORA-00921%3A+unexpected+end+of+SQL+command%22&btnG=Search
"Unclosed quotation mark before the character string";%22Unclosed+quotation+mark+before+the+character+string%22&btnG=Search
"PostgreSQL query failed: ERROR: parser: parse error";%22PostgreSQL+query+failed%3A+ERROR%3A+parser%3A+parse+error%22&btnG=Search
"Supplied argument is not a valid PostgreSQL result";%22Supplied+argument+is+not+a+valid+PostgreSQL+result%22&btnG=Search
"A syntax error has occurred" filetype:ihtml;%22A+syntax+error+has+occurred%22+filetype%3Aihtml&btnG=Search
intitle:"Usage Statistics for" "Generated by Webalizer";intitle%3A%22Usage+Statistics+for%22+%22Generated+by+Webalizer%22&btnG=Search
"robots.txt" "Disallow:" filetype:txt;%22robots.txt%22+%22Disallow%3A%22+filetype%3Atxt&btnG=Search
"phpMyAdmin" "running on" inurl:"main.php";%22phpMyAdmin%22+%22running+on%22+inurl%3A%22main.php%22&btnG=Search
inurl:main.php Welcome to phpMyAdmin;inurl%3Amain.php+Welcome+to+phpMyAdmin&btnG=Search
intitle:index.of "Apache" "server at";intitle%3Aindex.of+%22Apache%22+%22server+at%22&btnG=Search
"access denied for user" "using password";%22access+denied+for+user%22+%22using+password%22&btnG=Search
intitle:"Under construction" "does not currently have";intitle%3A%22Under+construction%22+%22does+not+currently+have%22&btnG=Search
"seeing this instead" intitle:"test page for apache";%22seeing+this+instead%22+intitle%3A%22test+page+for+apache%22&btnG=Search
intitle:"Test Page for Apache" "It Worked!";intitle%3A%22Test+Page+for+Apache%22+%22It+Worked%21%22&btnG=Search
"Can't connect to local" intitle:warning;%22Can%27t+connect+to+local%22+intitle%3Awarning&btnG=Search
intitle:index.of ws_ftp.ini;intitle%3Aindex.of+ws_ftp.ini&btnG=Search
intitle:index.of administrators.pwd;intitle%3Aindex.of+administrators.pwd&btnG=Search
intitle:Index.of etc shadow;intitle%3AIndex.of+etc+shadow&btnG=Search
inurl:ManyServers.htm;inurl%3AManyServers.htm&btnG=Search
intitle:"Terminal Services Web Connection";intitle%3A%22Terminal+Services+Web+Connection%22&btnG=Search
intitle:"Remote Desktop Web Connection";intitle%3A%22Remote+Desktop+Web+Connection%22&btnG=Search
"Welcome to Intranet";%22Welcome+to+Intranet%22&btnG=Search
inurl:search.php vbulletin;inurl%3Asearch.php+vbulletin&btnG=Search
inurl:admin intitle:login;inurl%3Aadmin+intitle%3Alogin&btnG=Search
filetype:asp "Custom Error Message" Category Source;filetype%3Aasp+%22Custom+Error+Message%22+Category+Source&btnG=Suche&lr=
"Fatal error: Call to undefined function" -reply -the -next;%22Fatal+error%3A+Call+to+undefined+function%22+-reply+-the+-next&btnG=Suche&lr=
inurl:admin filetype:xls;inurl%3Aadmin+filetype%3Axls&btnG=Google+Search
inurl:admin inurl:userlist;inurl%3Aadmin+inurl%3Auserlist&btnG=Search
inurl:admin filetype:asp inurl:userlist;inurl%3Aadmin+filetype%3Aasp+inurl%3Auserlist&btnG=Search
inurl:backup intitle:index.of inurl:admin;inurl%3Abackup+intitle%3Aindex.of+inurl%3Aadmin&btnG=Search
"Welcome to PHP-Nuke" congratulations;%22Welcome+to+PHP-Nuke%22+congratulations&btnG=Search
allintitle:Netscape FastTrack Server Home Page;allintitle%3ANetscape+FastTrack+Server+Home+Page&btnG=Search
"Welcome to phpMyAdmin" " Create new database";%22Welcome+to+phpMyAdmin%22+%22+Create+new+database%22&btnG=Search
intitle:"Index of c:/Windows";intitle%3A%22Index+of+c%3A%5CWindows%22&btnG=Search
warning "error on line" php sablotron;warning+%22error+on+line%22+php+sablotron&btnG=Search
"Most Submitted Forms and Scripts" "this section";%22Most+Submitted+Forms+and+Scripts%22+%22this+section%22&btnG=Search
inurl:changepassword.asp;inurl%3Achangepassword.asp&btnG=Search
"Select a database to view" intitle:"filemaker pro";%22Select+a+database+to+view%22+intitle%3A%22filemaker+pro%22&btnG=Search
"not for distribution" confidential;%22not+for+distribution%22+confidential&btnG=Search
"Thank you for your purchase" +download;%22Thank+you+for+your+purchase%22+%2Bdownload&btnG=Search
allinurl:intranet admin;allinurl%3Aintranet+admin&btnG=Search
"This report lists" "identified by Internet Scanner";%22This+report+lists%22+%22identified+by+Internet+Scanner%22&btnG=Search
"Network Host Assessment Report" "Internet Scanner";%22Network+Host+Assessment+Report%22+%22Internet+Scanner%22&btnG=Search
"Network Vulnerability Assessment Report";%22Network+Vulnerability+Assessment+Report%22&btnG=Search
"Host Vulnerability Summary Report";%22Host+Vulnerability+Summary+Report%22&btnG=Search
intitle:index.of inbox;intitle%3Aindex.of+inbox&btnG=Search
intitle:index.of inbox dbx;intitle%3Aindex.of+inbox+dbx&btnG=Search
"#mysql dump" filetype:sql;%22%23mysql+dump%22+filetype%3Asql&btnG=Search
allinurl:install/install.php;allinurl%3Ainstall%2Finstall.php&btnG=Search
inurl:vbstats.php "page generated";inurl%3Avbstats.php+%22page+generated%22&btnG=Search
"index of" / lck;%22index+of%22+%2F+lck&btnG=Search
index.of perform.ini;index.of+perform.ini&btnG=Search
"SnortSnarf alert page";%22SnortSnarf+alert+page%22&btnG=Search
inurl:"newsletter/admin/" intitle:"newsletter admin";inurl%3A%22newsletter%2Fadmin%2F%22+intitle%3A%22newsletter+admin%22&btnG=Search
inurl:"newsletter/admin/";inurl%3A%22newsletter%2Fadmin%2F%22&btnG=Search
inurl:phpSysInfo/ "created by phpsysinfo";inurl%3AphpSysInfo%2F+%22created+by+phpsysinfo%22&btnG=Search
allinurl: admin mdb;allinurl%3A+admin+mdb&btnG=Search
allinurl:"exchange/logon.asp";allinurl%3A%22exchange%2Flogon.asp%22&btnG=Search
intitle:big.brother attention trouble unavailable offline;intitle%3Abig.brother+attention+trouble+unavailable+offline&btnG=Search
intitle:"Index of" cfide;intitle%3A%22Index+of%22+cfide&btnG=Search
inurl:login.cfm;inurl%3Alogin.cfm&btnG=Search
filetype:cfm "cfapplication name" password;filetype%3Acfm+%22cfapplication+name%22+password&btnG=Search
inurl:":10000" intext:webmin;inurl%3A%22%3A10000%22+intext%3Awebmin&btnG=Search
allinurl:/examples/jsp/snp/snoop.jsp;allinurl%3A%2Fexamples%2Fjsp%2Fsnp%2Fsnoop.jsp&btnG=Search
allinurl:servlet/SnoopServlet;allinurl%3Aservlet%2FSnoopServlet&btnG=Search
intitle:"Test Page for Apache";intitle%3A%22Test+Page+for+Apache%22&btnG=Search
"Running in Child mode";%22Running+in+Child+mode%22&btnG=Search
"This is a Shareaza Node";%22This+is+a+Shareaza+Node%22&btnG=Search
"VNC Desktop" inurl:5800;%22VNC+Desktop%22+inurl%3A5800&btnG=Search
"index of cgi-bin";%22index+of+cgi-bin%22&btnG=Search
"Mr.Bush";fuck+you+mr+bush%21&btnG=Search
intitle:Snap.Server inurl:Func=;intitle%3ASnap.Server+inurl%3AFunc%3D&btnG=Search
inurl:server-status "apache";inurl%3Aserver-status+%22apache%22&btnG=Search
eggdrop filetype:user user;eggdrop+filetype%3Auser+user&btnG=Search
intitle:"index of" intext:connect.inc;intitle%3A%22index+of%22+intext%3Aconnect.inc&btnG=Search
inurl:login.asp;inurl%3Alogin.asp&btnG=Search
intitle:"MikroTik RouterOS Managing Webpage";intitle%3A%22MikroTik+RouterOS+Managing+Webpage%22&btnG=Search
inurl:fcgi-bin/echo;inurl%3Afcgi-bin%2Fecho&btnG=Search
inurl:cgi-bin/printenv;inurl%3Acgi-bin%2Fprintenv&btnG=Search
intitle:"Execution of this script not permitted";intitle%3A%22Execution+of+this+script+not+permitted%22&btnG=Search
inurl:perl/printenv;inurl%3Aperl%2Fprintenv&btnG=Search
inurl:j2ee/examples/jsp;inurl%3Aj2ee%2Fexamples%2Fjsp&btnG=Search
inurl:server-info "Apache Server Information";inurl%3Aserver-info+%22Apache+Server+Information%22&btnG=Search
inurl:admin_/globalsettings.htm;inurl%3Aadmin_%2Fglobalsettings.htm&btnG=Search
inurl:pls/admin_/gateway.htm;inurl%3Apls%2Fadmin_%2Fgateway.htm&btnG=Search
intitle:"Gateway Configuration Menu";intitle%3A%22Gateway+Configuration+Menu%22&btnG=Search
intitle:Remote.Desktop.Web.Connection inurl:tsweb;intitle%3ARemote.Desktop.Web.Connection+inurl%3Atsweb&btnG=Search
inurl:php inurl:hlstats intext:"Server Username";inurl%3Aphp+inurl%3Ahlstats+intext%3A%22Server+Username%22&btnG=Search
intext:"Tobias Oetiker" "traffic analysis";intext%3A%22Tobias+Oetiker%22+%22traffic+analysis%22&btnG=Search
inurl:tdbin;inurl%3Atdbin&btnG=Search
inurl:perform filetype:ini;inurl%3Aperform+filetype%3Aini&btnG=Search
intitle:"index of" intext:globals.inc;intitle%3A%22index+of%22+intext%3Aglobals.inc&btnG=Search
filetype:pdf "Assessment Report" nessus;filetype%3Apdf+%22Assessment+Report%22+nessus&btnG=Search
inurl:"smb.conf" intext:"workgroup" filetype:conf;inurl%3A%22smb.conf%22+intext%3A%22workgroup%22+filetype%3Aconf&btnG=Search
filetype:properties inurl:db intext:password;filetype%3Aproperties+inurl%3Adb+intext%3Apassword&btnG=Search
inurl:names.nsf?opendatabase;inurl%3Anames.nsf%3Fopendatabase&btnG=Search
"index of" inurl:recycler;%22index+of%22+inurl%3Arecycler&btnG=Search
filetype:conf inurl:firewall -intitle:cvs;filetype%3Aconf+inurl%3Afirewall+-intitle%3Acvs&btnG=Search
filetype:inc intext:mysql_connect;filetype%3Ainc+intext%3Amysql_connect&btnG=Search
"HTTP_FROM=googlebot" googlebot.com "Server_Software=";%22HTTP_FROM%3Dgooglebot%22+googlebot.com+%22Server_Software%3D%22&btnG=Search
"Request Details" "Control Tree" "Server Variables";%22Request+Details%22+%22Control+Tree%22+%22Server+Variables%22&btnG=Search
filetype:reg reg +intext:"defaultusername" +intext:"defaultpassword";filetype%3Areg+reg+%2Bintext%3A%22defaultusername%22+%2Bintext%3A%22defaultpassword%22&btnG=Search
inurl:metaframexp/default/login.asp;inurl%3Ametaframexp%2Fdefault%2Flogin.asp&btnG=Search
filetype:wab wab;filetype%3Awab+wab&btnG=Search
filetype:reg reg HKEY_CURRENT_USER username;filetype%3Areg+reg+HKEY_CURRENT_USER+username&btnG=Search
inurl:/tmp;inurl%3A%2Ftmp+&btnG=Search
filetype:mbx mbx intext:Subject;filetype%3Ambx+mbx+intext%3ASubject&btnG=Search
inurl:"webadmin" filetype:nsf;inurl%3A%22webadmin%22+filetype%3Ansf&btnG=Search
filetype:reg reg +intext:"internet account manager";filetype%3Areg+reg+%2Bintext%3A%22internet+account+manager%22&btnG=Search
filetype:eml eml +intext:"Subject" +intext:"From";filetype%3Aeml+eml+%2Bintext%3A%22Subject%22+%2Bintext%3A%22From%22&btnG=Search
inurl:vtund.conf intext:pass -cvs;inurl%3Avtund.conf+intext%3Apass+-cvs&btnG=Search
inurl:login filetype:swf swf;inurl%3Alogin+filetype%3Aswf+swf&btnG=Search
filetype:url +inurl:"ftp://" +inurl:"@";filetype%3Aurl+%2Binurl%3A%22ftp%3A%2F%2F%22+%2Binurl%3A%22%40%22&btnG=Search
intitle:guestbook "advanced guestbook 2.2 powered";intitle%3Aguestbook+%22advanced+guestbook+2.2+powered%22&btnG=Search
intitle:"300 multiple choices";intitle%3A%22300+multiple+choices%22&btnG=Search
intitle:"index of" mysql.conf OR mysql_config;intitle%3A%22index+of%22+mysql.conf+OR+mysql_config&btnG=Search
"please log in";%22please+log+in%22&btnG=Search
filetype:log username putty;filetype%3Alog+username+putty&btnG=Search
filetype:log inurl:"password.log";filetype%3Alog+inurl%3A%22password.log%22&btnG=Search
intitle:"Dell Remote Access Controller";intitle%3A%22Dell+Remote+Access+Controller%22&btnG=Search
intitle:intranet inurl:intranet +intext:"human resources";intitle%3Aintranet+inurl%3Aintranet+%2Bintext%3A%22human+resources%22&btnG=Search
filetype:log cron.log;filetype%3Alog+cron.log&btnG=Search
filetype:log access.log -CVS;filetype%3Alog+access.log+-CVS&btnG=Search
filetype:blt blt +intext:screenname;filetype%3Ablt+blt+%2Bintext%3Ascreenname&btnG=Search
filetype:dat "password.dat";filetype%3Adat+%22password.dat%22&btnG=Search
intitle:intranet inurl:intranet +intext:"phone";intitle%3Aintranet+inurl%3Aintranet+%2Bintext%3A%22phone%22&btnG=Search
filetype:conf slapd.conf;filetype%3Aconf+slapd.conf&btnG=Search
inurl:php.ini filetype:ini;inurl%3Aphp.ini+filetype%3Aini&btnG=Search
filetype:pem intext:private;filetype%3Apem+intext%3Aprivate&btnG=Search
filetype:conf inurl:proftpd.conf -sample;filetype%3Aconf+inurl%3Aproftpd.conf+-sample&btnG=Search
+htpasswd +WS_FTP.LOG filetype:log;%2Bhtpasswd+%2BWS_FTP.LOG+filetype%3Alog&btnG=Search
intitle:"System Statistics" +"System and Network Information Center";intitle%3A%22System+Statistics%22+%2B%22System+and+Network+Information+Center%22&btnG=Search
inurl:"wvdial.conf" intext:"password";inurl%3A%22wvdial.conf%22+intext%3A%22password%22&btnG=Search
filetype:inc dbconn;filetype%3Ainc+dbconn&btnG=Search
filetype:ini ws_ftp pwd;filetype%3Aini+ws_ftp+pwd&btnG=Search
inurl:forward filetype:forward -cvs;inurl%3Aforward+filetype%3Aforward+-cvs&btnG=Search
"Invision Power Board Database Error";%22Invision+Power+Board+Database+Error%22&btnG=Search
filetype:netrc password;filetype%3Anetrc+password&btnG=Search
"Index Of /network" "last modified";%22Index+Of+%2Fnetwork%22+%22last+modified%22&btnG=Search
filetype:r2w r2w;filetype%3Ar2w+r2w&btnG=Google+Search
filetype:php inurl:vAuthenticate;filetype%3Aphp+inurl%3AvAuthenticate&btnG=Search
intitle:"ZyXEL Prestige Router" "Enter password";intitle%3A%22ZyXEL+Prestige+Router%22+%22Enter+password%22&btnG=Search
intitle:"ADSL Configuration page";intitle%3A%22ADSL+Configuration+page%22&btnG=Search
"Version Info" "Boot Version" "Internet Settings";%22Version+Info%22+%22Boot+Version%22+%22Internet+Settings%22&btnG=Search
filetype:sql +"IDENTIFIED BY" -cvs;filetype%3Asql+%2B%22IDENTIFIED+BY%22+-cvs&btnG=Search
filetype:sql password;filetype%3Asql+password&btnG=Search
"ttawlogin.cgi/?action=";%22ttawlogin.cgi%2F%3Faction%3D%22&btnG=Search
inurl:indexFrame.shtml(Webcam);inurl%3AindexFrame.shtml&btnG=Search
POWERED BY HIT JAMMER 1.0!;POWERED+BY+HIT+JAMMER+1.0%21&btnG=Search
filetype:pwd service;filetype%3Apwd+service&btnG=Search
inurl:zebra.conf intext:password -sample;inurl%3Azebra.conf+intext%3Apassword+-sample&btnG=Search
inurl:ospfd.conf intext:password -sample;inurl%3Aospfd.conf+intext%3Apassword+-sample&btnG=Search
intitle:"Index of /" modified php.exe;intitle%3A%22Index+of+%2F%22+modified+php.exe&btnG=Search
intitle:"Error using Hypernews" "Server Software";intitle%3A%22Error+using+Hypernews%22+%22Server+Software%22&btnG=Search
inurl:ccbill filetype:log;inurl%3Accbill+filetype%3Alog&btnG=Search
filetype:mdb inurl:users.mdb;filetype%3Amdb+inurl%3Ausers.mdb&btnG=Search
filetype:cfg ks intext:rootpw -sample;filetype%3Acfg+ks+intext%3Arootpw+-sample&btnG=Search
filetype:php inurl:"viewfile" -"index.php" -"idfil";filetype%3Aphp+inurl%3A%22viewfile%22+-%22index.php%22+-%22idfil%22&btnG=Search
intitle:"Microsoft Outlook Web Access - Logon";intitle%3A%22Microsoft+Outlook+Web+Access+-+Logon%22&btnG=Search
inurl:root.asp?acs=anon;inurl%3Aroot.asp%3Facs%3Danon&btnG=Search
"Looking Glass" (inurl:"lg/" | inurl:lookingglass);%22Looking+Glass%22+%28inurl%3A%22lg%2F%22+%7C+inurl%3Alookingglass%29&btnG=Search
filetype:cgi inurl:"irc.cgi";filetype%3Acgi+inurl%3A%22irc.cgi%22&btnG=Search
filetype:ctt ctt messenger;filetype%3Actt+ctt+messenger&btnG=Search
intitle:"Error Occurred While Processing Request";intitle%3A%22Error+Occurred+While+Processing+Request%22&btnG=Search
intitle:"htsearch error" ht://Dig error;intitle%3A%22htsearch+error%22+ht%3A%2F%2FDig+error&btnG=Search
filetype:asp inurl:"shopdisplayproducts.asp";filetype%3Aasp+inurl%3A%22shopdisplayproducts.asp%22&btnG=Search
inurl:/public/?Cmd=contents;inurl%3A%2Fpublic%2F%3FCmd%3Dcontents&btnG=Search
"Powered by: vBulletin * 3.0.1" inurl:newreply.php;%22Powered+by%3A+vBulletin+*+3.0.1%22+inurl%3Anewreply.php&btnG=Search
filetype:mny mny;filetype%3Amny+mny&btnG=Search
HTTP_USER_AGENT=Googlebot;HTTP_USER_AGENT%3DGooglebot&btnG=Search
"# Dumping data for table (username|user|users|password)";%22%23+Dumping+data+for+table+%28username%7Cuser%7Cusers%7Cpassword%29%22&btnG=Search
intitle:"Welcome to ntop!";intitle%3A%22Welcome+to+ntop%21%22&btnG=Search
filetype:conf inurl:unrealircd.conf -cvs -gentoo;filetype%3Aconf+inurl%3Aunrealircd.conf+-cvs+-gentoo&btnG=Search
intitle:"Index of" service.pwd;intitle%3A%22Index+of%22+service.pwd
intitle:"Index of" users.pwd;intitle%3A%22Index+of%22+users.pwd
intitle:"Index of" authors.pwd;intitle%3A%22Index+of%22+authors.pwd
intitle:"Index of" administrators.pwd;intitle%3A%22Index+of%22+administrators.pwd
intitle:"Index of" showcode.asp;intitle%3A%22Index+of%22+showcode.asp
intitle:"Index of" sendmail.cfm;intitle%3A%22Index+of%22+sendmail.cfm
intitle:"Index of" SessionServlet;intitle%3A%22Index+of%22+SessionServlet
intitle:"Index of" web_store.cgi;intitle%3A%22Index+of%22+web_store.cgi
intitle:"Index of" wwwboard.pl;intitle%3A%22Index+of%22+wwwboard.pl
intitle:"Index of" www-sql;intitle%3A%22Index+of%22+www-sql
intitle:"Index of" AT-admin.cgi;intitle%3A%22Index+of%22+AT-admin.cgi
intitle:"Index of" maillist.pl;intitle%3A%22Index+of%22+maillist.pl
intitle:"Index of" publisher;intitle%3A%22Index+of%22+publisher
intitle:"Index of" db.cgi;intitle%3A%22Index+of%22+db.cgi
intitle:"Index of" login.jsp;intitle%3A%22Index+of%22+login.jsp
intitle:"Index of" amadmin.pl;intitle%3A%22Index+of%22+amadmin.pl
inintitle:"Index of" (access_log|access-log);intitle%3A%22Index+of%22+%28access_log%7Caccess-log%29&btnG=Search
intitle:"Index of" log.htm;intitle%3A%22Index+of%22+log.htm&btnG=Search
intitle:"Index of" mailto.cgi.pwd;intitle%3A%22Index+of%22+mailto.cgi
intitle:"Index of" YaBB.pl.pwd;intitle%3A%22Index+of%22+YaBB.pl
intitle:"Index of" WSFTP.LOG;intitle%3A%22Index+of%22+WSFTP.LOG
intitle:"Index of" print.cgi;intitle%3A%22Index+of%22+print.cgi
intitle:"Index of" CrazyWWWBoard.cgi;intitle%3A%22Index+of%22+CrazyWWWBoard.cgi
intitle:"Index of" pwd.dat;intitle%3A%22Index+of%22+pwd.dat
intitle:"Index of" post-query;intitle%3A%22Index+of%22+post-query
intext:"404 Object Not Found" Microsoft-IIS/5.0;intext%3A%22404+Object+Not+Found%22+Microsoft-IIS%2F5.0
"Microsoft-IIS/5.0 server at";%22Microsoft-IIS%2F5.0+server+at%22&btnG=Search
"Microsoft-IIS/4.0" intitle:index.of;%22Microsoft-IIS%2F4.0%22+intitle%3Aindex.of&btnG=Search
"Microsoft-IIS/6.0" intitle:index.of;%22Microsoft-IIS%2F6.0%22+intitle%3Aindex.of&btnG=Search
"Novell, Inc" WEBACCESS Username Password "Version *.*" Copyright -inurl:help -guides|guide;%22Novell%2C+Inc%22+WEBACCESS+Username+Password+%22Version+*.*%22+Copyright++-inurl%3Ahelp+-guides%7Cguide&btnG=Search
"Red Hat Secure/2.0";%22Red+Hat+Secure%2F2.0%22&btnG=Search
allintext:"Powered by LionMax Software" "WWW File Share";allintext%3A%22Powered+by+LionMax+Software%22+%22WWW+File+Share%22&btnG=Zoeken&lr=
allinurl:".nsconfig" -sa;allinurl%3A%22.nsconfig%22+-sa
intitle:"Lotus Domino Go Webserver:" "Tuning your webserver" -site:ibm.com;intitle:%22Lotus+Domino+Go+Webserver:%22+%22Tuning+your+webserver%22+-site:ibm.com&hl=en&lr=&ie=UTF-8&filter=0
intitle:"Open WebMail" "Open WebMail version (2.20|2.21|2.30)";intitle%3A%22Open+WebMail%22+%22Open+WebMail+version+%282.20%7C2.21%7C2.30%29+%22&btnG=B%C3%BAsqueda&meta=
intitle:"Welcome To Xitami" -site:xitami.com;intitle%3A%22Welcome+To+Xitami%22+-site%3Axitami.com&btnG=Google+Search
intitle:"Welcome to windows 2000 Internet Services";intitle:%22Welcome+to+Windows+2000+Internet+Services%22
XAMPP "inurl:xampp/index";XAMPP+%22inurl:xampp/index%22
"Select a database to view" intitle:"filemaker pro";%22Select+a+database+to+view%22+intitle%3A%22filemaker+pro%22
"Welcome to PHP-Nuke" congratulations;%22Welcome+to+PHP-Nuke%22+congratulations
intitle:"Mail Server CMailServer Webmail" "5.2";intitle%3A%22Mail+Server+CMailServer+Webmail%22+%225.2%22
allintitle:Brains, Corp. camera;allintitle:Brains,+Corp.+camera
inurl:indexFrame.shtml Axis;inurl%3AindexFrame.shtml+Axis&btnG=Google+Search
intitle:"remote ui:top page";intitle%3A%22remote+ui%3Atop+page%22
intext:"Ready with 10/100T Ethernet";intext:%22Ready+with+10/100T+Ethernet%22
intitle:"EvoCam" inurl:"webcam.html";intitle:%22EvoCam%22+inurl:%22webcam.html%22
intitle:"my webcamXP server!" inurl:":8080";intitle%3A%22my+webcamXP+server!%22+inurl%3A%22%3A8080%22&btnG=Search
intitle:"toshiba network camera - User Login";intitle%3A%22toshiba+network+camera+-+User+Login%22
inurl:"ViewerFrame?Mode=";inurl%3A%22ViewerFrame%3FMode%3D%22
intext:centreware inurl:status;intext%3Acentreware+inurl%3Astatus
intext:"MOBOTIX M1" intext:"Open Menu";intext%3A%22MOBOTIX+M1%22+intext%3A%22Open+Menu%22
inurl:"printer/main.html" intext:"settings";inurl%3A%22printer%2Fmain.html%22+intext%3A%22settings%22
intitle:"Browser Launch Page";intitle%3A%22Browser+Launch+Page%22
intitle:liveapplet inurl:LvAppl;intitle%3Aliveapplet+inurl%3ALvAppl
?google hack技巧的一些收集
最早以前寫了google技巧后送幾一些好友,私下傳傳也就無所謂了,不知道怎么就傳出去了,好多站點都有轉載,而且連偶的ID都沒有,更別說昵稱,弄的心里滿大不是滋味,所以寫了一些東西再沒發出來過。今天無聊,再發幾章技巧,偶然路過的朋友收藏了記得別share哦!
19
"1999-2004 FuseTalk Inc" -site:fusetalk.com
"2003 DUware All Rights Reserved"
"Active Webcam Page" inurl:8080
"BlackBoard 1.5.1-f | ? 2003-4 by Yves Goergen"
"BosDates Calendar System " "powered by BosDates v3.2 by BosDev"
"Copyright ? 2002 Agustin Dondo Scripts"
"delete entries" inurl:admin/delete.asp
"driven by: ASP Message Board"
"Enter ip" inurl:"php-ping.php"
"IceWarp Web Mail 5.3.0" "Powered by IceWarp"
"Ideal BB Version: 0.1" -idealbb.com
"inurl:/site/articles.asp?idcategory="
"Obtenez votre forum Aztek" -site:forum-aztek.com
"Online Store - Powered by ProductCart"
"Powered *: newtelligence" ("dasBlog 1.6"| "dasBlog 1.5"| "dasBlog 1.4"|"dasBlog 1.3")
"Powered by A-CART"
"Powered by AJ-Fork v.167"
"powered by antiboard"
"Powered by Coppermine Photo Gallery"
"Powered by Coppermine Photo Gallery" ( "v1.2.2 b" | "v1.2.1" | "v1.2" | "v1.1" | "v1.0")
"powered by CubeCart 2.0"
"Powered by CubeCart"
"Powered by DCP-Portal v5.5"
"Powered by DMXReady Site Chassis Manager" -site:dmxready.com
"Powered by FUDforum"
"Powered by Gallery v1.4.4"
"Powered by IceWarp Software" inurl:mail
"Powered by Ikonboard 3.1.1"
"Powered by Megabook *" inurl:guestbook.cgi
"Powered by MercuryBoard [v1"
"powered by minibb" -site:www.minibb.net -intext:1.7f
"Powered by My Blog" intext:"FuzzyMonkey.org"
"Powered by ocPortal" -demo -ocportal.com
"Powered by PowerPortal v1.3"
"Powered by WordPress" -html filetype:php -demo -wordpress.org -bugtraq
"Powered by WowBB" -site:wowbb.com
"Powered by YaPig V0.92b"
"Powered by yappa-ng"
"running: Nucleus v3.1" -.nucleuscms.org -demo
"SquirrelMail version 1.4.4" inurl:src ext:php
"This page has been automatically generated by Plesk Server Administrator"
+"Powered by Invision Power Board v2.0.0..2"
+"Powered by phpBB 2.0.6..10" -phpbb.com -phpbb.pl
Achievo webbased project management
allintitle:aspjar.com guestbook
E-market remote code execution
EarlyImpact Productcart
ext:php intext:"Powered by phpNewMan Version"
ext:pl inurl:cgi intitle:"FormMail *" -"*Referrer" -"* Denied" -sourceforge -error -cvs -input
filetype:cgi inurl:nbmember.cgi
filetype:cgi inurl:pdesk.cgi
filetype:cgi inurl:tseekdir.cgi
filetype:php intitle:"paNews v2.0b4"
filetype:php inurl:index.php inurl:"module=subjects" inurl:"func=*" (listpages| viewpage | listcat)
intext:"Powered by phpBB 2.0.13" inurl:"cal_view_month.php"|inurl:"downloads.php"
intext:("UBB.threads? 6.2"|"UBB.threads? 6.3") intext:"You * not logged *" -site:ubbcentral.com
intitle:"EMUMAIL - Login" "Powered by EMU Webmail"
intitle:"MRTG/RRD" 1.1* (inurl:mrtg.cgi | inurl:14all.cgi |traffic.cgi)
intitle:"View Img" inurl:viewimg.php
intitle:"WebJeff - FileManager" intext:"login" intext:Pass|PAsse
intitle:"WordPress > * > Login form" inurl:"wp-login.php"
intitle:guestbook "advanced guestbook 2.2 powered"
intitle:welcome.to.horde
inurl:"/cgi-bin/loadpage.cgi?user_id="
inurl:"/site/articles.asp?idcategory="
inurl:"comment.php?serendipity"
inurl:"forumdisplay.php" +"Powered by: vBulletin Version 3.0.0..4"
inurl:"messageboard/Forum.asp?"
inurl:"slxweb.dll"
inurl:/SiteChassisManager/
inurl:cal_make.pl
inurl:citrix/metaframexp/default/login.asp? ClientDetection=On
inurl:comersus_message.asp
inurl:directorypro.cgi
inurl:gotoURL.asp?url=
inurl:technote inurl:main.cgi*filename=*
inurl:ttt-webmaster.php
inurl:wiki/MediaWiki
Invision Power Board SSI.PHP SQL Injection
mnGoSearch vulnerability
powered.by.instaBoard.version.1.3
總結
以上是生活随笔為你收集整理的GOOGLE HACKING 系列文章 【FreeXploiT整理收集】的全部內容,希望文章能夠幫你解決所遇到的問題。
- 上一篇: 基于webpack的PC端和mobile
- 下一篇: Jenkins持续集成 之 Jenkin