WS_FTP.ini is a configuration file for a popular win32 FTP client that stores usernames and weakly encoded passwords.

There is another way to find this file, that was added by Xewan:

This finds the liveice.cfg file which contains all configuration data for an Icecast server. Passwords are saved unencrypted in this file.

This returns xls files containing login names and passwords.
it works by showing all the xls files with password:(something)so a downside is that u do get stuff like "password protected", "password services" etc. (and the same for login)But...
most of the decent ones have the login and password in the text given to you by google, so its easy to seperate the useful ones from the others.

User names and password hashes from web server backups generated by cpanel for ProFTPd. Password hashes can be cracked, granting direct access to FTP accounts. Unix passwd and shadow files can sometimes be found with this query as well.

Most duware products use Microsoft Access databases in default locations without instructing the users to change them. The plain text admin passwords are just a click away for any attacker who knows how to type an URL.

For Ducalendar it's: /ducalendar/_private/ducalendar.mdb

Most duware products use Microsoft Access databases in default locations without instructing the users to change them. The plain text admin passwords are just a click away for any attacker who knows how to type an URL.

For Duclassified it's: /duclassified/_private/duclassified.mdb

For Duclassified it's: /duclassified/_private/duclassified.mdb

For Duclassmate it's: /duclassmate/_private/duclassmate.mdb

Most duware products use Microsoft Access databases in default locations without instructing the users to change them. The plain text admin passwords are just a click away for any attacker who knows how to type an URL.

For DuDirectory it's: /dudirectory/_private/dudirectory.mdb

Most duware products use Microsoft Access databases in default locations without instructing the users to change them. The plain text admin passwords are just a click away for any attacker who knows how to type an URL.

rename ../xxx to ../_private/dudownload.mdb

Elite forums is one of those Microsoft Access .mdb file based forums. This one is particularly dangerous, because the filename and path are hardcoded in the software. An attacker can modify index.php for ./data/users/userdb.dat, open the file and see something like this:

Link management script with advanced yet easy to use admin control panel, fully template driven appearance, static HTML front-end and email notifications.
Below the link list a folder 'ld' exists which contains various juicy information like encrypted admin passwords and session data.

This search reveals channel keys (passwords) on IRC as revealed from IRC chat logs.

Here is another DUware product, DUpaypal. Once you get hold of the database it contains the admin username and password. The default by the way is admin/password

The default location for the database is ../_private/DUpaypal.mdb

The WinFrame-Client infos needed by users to connect to
Citrix Application Servers (e.g. Metaframe).
Often linked/stored on Webservers and sometimes reachable from Internet.
Password is 16-byte-Hash of unknown encryption (MSCHAPv2 ?).
File Extension is "ica" the so called Citrix® Independent Computing Architecture.

These files may contain login information (Username, Password, Domain).

Not all of these pages are administrator's access databases containing usernames, passwords and other sensitive information, but many are!

DCForum's password file. This file gives a list of (crackable) passwords, usernames and email addresses for DCForum and for DCShop (a shopping cart program(!!!). Some lists are bigger than others, all are fun, and all belong to googledorks. =)

These are eggdrop config files. Avoiding a full-blown descussion about eggdrops and IRC bots, suffice it to say that this file contains usernames and passwords for IRC users.

Another Cisco configuration search. This one is cleaner, gives complete configuration files and it catches plaintext, "secret 5" and "password 7" passwords.

This search gets you access to the etc directory, where many many many types of password files can be found. This link is not as reliable, but crawling etc directories can be really fun!

Search for plaintext database credentials in ASA and BAK files.

Database connection strings including passwords