05:32
Обновить
GooGle - Форум
| RSS



[ Новые сообщения · Участники · Правила форума · Поиск · RSS ]
  • Страница 1 из 1
  • 1
Модератор форума: aka_kludge, LeadyTOR  
GooGle
aka_kludgeДата: Четверг, 28.02.2008, 12:39 | Сообщение # 1
Admin
Группа: Администраторы
Сообщений: 1058
Награды: 2
Репутация: 25
Статус: Offline
Пароли:

Some people actually keep their VPN profiles on the internet...omg... Simply donwload the pcf file, import it in your Cisco VPN client and try to connect

Code
!Host=*.* intext:enc_UserPassword=* ext:pcf
Files containing passwords
!Host=*.* intext:enc_UserPassword=* ext:pcf

Frontpage.. very nice clean search results listing !!
No further comments required..

changelog:
22 jan 2005: improved by vs1400 !
24 nov 2007: improved by arrakis

Code
"# -FrontPage-" ext:pwd inurl:(service | authors | administrators | users)
Files containing passwords
ext:pwd inurl:(service | authors | administrators | users)

Searches for logs containing admin server account information such as username and password.

Code
"admin account info" filetype:log
Files containing passwords
"admin account info" filetype:log

This searches the password for "Website Access Analyzer", a Japanese software that creates webstatistics. For those who can read Japanese, check out the author's site at: http://www.coara.or.jp/~passy/

Note: google

Code
"AutoCreate=TRUE password=*"
Files containing passwords
"AutoCreate=TRUE password=*"

This is a query to get inline passwords from search engines (not just Google), you must type in the query followed with the the domain name without the .com or .net

"http://*:*@www" bangbus or "http://*:*@www"bangbus

Another way is by just typing
"http://bob:bob@www"

Code
"http://*:*@www" domainname
Files containing passwords
"http://*:*@www" bob:bob
 
aka_kludgeДата: Четверг, 28.02.2008, 12:53 | Сообщение # 2
Admin
Группа: Администраторы
Сообщений: 1058
Награды: 2
Репутация: 25
Статус: Offline
This search is a cleanup of a previous entry by J0hnny. It uses "parent directory" to avoid results other than directory listings.

WS_FTP.ini is a configuration file for a popular win32 FTP client that stores usernames and weakly encoded passwords.

There is another way to find this file, that was added by Xewan:

Code
filetype:ini ws_ftp pwd
   

"index of/" "ws_ftp.ini" "parent directory"
Files containing passwords
"index of/" "ws_ftp.ini" "parent directory"

This finds the liveice.cfg file which contains all configuration data for an Icecast server. Passwords are saved unencrypted in this file.

Code
"liveice configuration file" ext:cfg -site:sourceforge.net
Files containing passwords
"liveice configuration file" ext:cfg -site:sourceforge.net

This returns xls files containing login names and passwords.
it works by showing all the xls files with password:(something)so a downside is that u do get stuff like "password protected", "password services" etc. (and the same for login)But...
most of the decent ones have the login and password in the text given to you by google, so its easy to seperate the useful ones from the others.

Code
"login: *" "password: *" filetype:xls
Files containing passwords
"login: *" "password= *" filetype:xls

User names and password hashes from web server backups generated by cpanel for ProFTPd. Password hashes can be cracked, granting direct access to FTP accounts. Unix passwd and shadow files can sometimes be found with this query as well.

Code
"parent directory" +proftpdpasswd
Files containing passwords
"parent directory" +proftpdpasswd

Most duware products use Microsoft Access databases in default locations without instructing the users to change them. The plain text admin passwords are just a click away for any attacker who knows how to type an URL.

For Ducalendar it's: /ducalendar/_private/ducalendar.mdb

Code
"powered by ducalendar" -site:duware.com
Files containing passwords
"powered by ducalendar" -site:duware.com

Most duware products use Microsoft Access databases in default locations without instructing the users to change them. The plain text admin passwords are just a click away for any attacker who knows how to type an URL.

For Duclassified it's: /duclassified/_private/duclassified.mdb

Code
"Powered by Duclassified" -site:duware.com
Files containing passwords
"Powered by Duclassified" -site:duware.com
 
aka_kludgeДата: Четверг, 28.02.2008, 12:53 | Сообщение # 3
Admin
Группа: Администраторы
Сообщений: 1058
Награды: 2
Репутация: 25
Статус: Offline
Most duware products use Microsoft Access databases in default locations without instructing the users to change them. The plain text admin passwords are just a click away for any attacker who knows how to type an URL.

For Duclassified it's: /duclassified/_private/duclassified.mdb

Code
"Powered by Duclassified" -site:duware.com "DUware All Rights reserved"
Files containing passwords
"Powered by Duclassified" -site:duware.com "DUware All Rights reserved"
 
aka_kludgeДата: Четверг, 28.02.2008, 13:33 | Сообщение # 4
Admin
Группа: Администраторы
Сообщений: 1058
Награды: 2
Репутация: 25
Статус: Offline
Most duware products use Microsoft Access databases in default locations without instructing the users to change them. The plain text admin passwords are just a click away for any attacker who knows how to type an URL.

For Duclassmate it's: /duclassmate/_private/duclassmate.mdb

Code
"powered by duclassmate" -site:duware.com
Files containing passwords
"powered by duclassmate" -site:duware.com

Most duware products use Microsoft Access databases in default locations without instructing the users to change them. The plain text admin passwords are just a click away for any attacker who knows how to type an URL.

For DuDirectory it's: /dudirectory/_private/dudirectory.mdb

Code
"Powered by Dudirectory" -site:duware.com
Files containing passwords
"Powered by Dudirectory" -site:duware.com

Most duware products use Microsoft Access databases in default locations without instructing the users to change them. The plain text admin passwords are just a click away for any attacker who knows how to type an URL.

rename ../xxx to ../_private/dudownload.mdb

Code
"powered by dudownload" -site:duware.com
Files containing passwords
"powered by dudownload" -site:duware.com

Elite forums is one of those Microsoft Access .mdb file based forums. This one is particularly dangerous, because the filename and path are hardcoded in the software. An attacker can modify index.php for ./data/users/userdb.dat, open the file and see something like this:

Code
"Powered By Elite Forum Version *.*"
Files containing passwords
"Powered By Elite Forum Version *.*"

Link management script with advanced yet easy to use admin control panel, fully template driven appearance, static HTML front-end and email notifications.
Below the link list a folder 'ld' exists which contains various juicy information like encrypted admin passwords and session data.

Code
"Powered by Link Department"
Files containing passwords
"Powered by Link Department"

This search reveals channel keys (passwords) on IRC as revealed from IRC chat logs.

Code
"sets mode: +k"
Files containing passwords
"sets mode: +k"
 
aka_kludgeДата: Четверг, 28.02.2008, 13:41 | Сообщение # 5
Admin
Группа: Администраторы
Сообщений: 1058
Награды: 2
Репутация: 25
Статус: Offline
This search finds log files containing the phrase (Your password is). These files often contain plaintext passwords, although YMMV.

Code
"your password is" filetype:log
Files containing passwords
"your password is" filetype:log

Here is another DUware product, DUpaypal. Once you get hold of the database it contains the admin username and password. The default by the way is admin/password

The default location for the database is ../_private/DUpaypal.mdb

Code
"Powered by DUpaypal" -site:duware.com
Files containing passwords
"Powered by DUpaypal" -site:duware.com

The WinFrame-Client infos needed by users to connect to
Citrix Application Servers (e.g. Metaframe).
Often linked/stored on Webservers and sometimes reachable from Internet.
Password is 16-byte-Hash of unknown encryption (MSCHAPv2 ?).
File Extension is "ica" the so called Citrix® Independent Computing Architecture.

These files may contain login information (Username, Password, Domain).

Code
[WFClient] Password= filetype:ica
Files containing passwords
[WFClient] Password= filetype:ica

Not all of these pages are administrator's access databases containing usernames, passwords and other sensitive information, but many are!

Code
allinurl: admin mdb
Files containing passwords
allinurl: admin mdb

DCForum's password file. This file gives a list of (crackable) passwords, usernames and email addresses for DCForum and for DCShop (a shopping cart program(!!!). Some lists are bigger than others, all are fun, and all belong to googledorks. =)

Code
auth_user_file.txt
Files containing passwords
allinurl:auth_user_file.txt
 
aka_kludgeДата: Четверг, 28.02.2008, 13:55 | Сообщение # 6
Admin
Группа: Администраторы
Сообщений: 1058
Награды: 2
Репутация: 25
Статус: Offline
This search brings up sites with "config.php" files. To skip the technical discussion, this configuration file contains both a username and a password for an SQL database. Most sites with forums run a PHP message base. This file gives you the keys to that forum, including FULL ADMIN access to the database. Way to go, googleDorks!!

Code
config.php
Files containing passwords
intitle:index.of config.php

These are eggdrop config files. Avoiding a full-blown descussion about eggdrops and IRC bots, suffice it to say that this file contains usernames and passwords for IRC users.

Code
eggdrop filetype:user user
Files containing passwords
eggdrop filetype:user user

Another Cisco configuration search. This one is cleaner, gives complete configuration files and it catches plaintext, "secret 5" and "password 7" passwords.

Code
enable password | secret "current configuration" -intext:the
Files containing passwords
enable password | secret "current configuration" -intext:the

This search gets you access to the etc directory, where many many many types of password files can be found. This link is not as reliable, but crawling etc directories can be really fun!

Code
etc (index.of)
Files containing passwords
index.of.etc

Search for plaintext database credentials in ASA and BAK files.

Code
ext:asa | ext:bak intext:uid intext:pwd -"uid..pwd" database | server | dsn
Files containing passwords
ext:asa | ext:bak intext:uid intext:pwd -"uid..pwd" database | server | dsn

Database connection strings including passwords

Code
ext:inc "pwd=" "UID="
Files containing passwords
ext:inc "pwd=" "UID="
 
aka_kludgeДата: Среда, 27.05.2009, 08:43 | Сообщение # 7
Admin
Группа: Администраторы
Сообщений: 1058
Награды: 2
Репутация: 25
Статус: Offline
cool
 
  • Страница 1 из 1
  • 1
Поиск:

Профиль
ИнформацияУправление
Сегодня: 27, 27.12.2024, 05:32
Вы используете: " v "
ВаШ внешний IP: "3.149.242.223"
У вас новых личных сообщений · Мой профиль | Выход




    Главная      
...
На службе : дней

05:32
Обновить


Пользователи
aka_kludge
qwerty
LeadyTOR
aka_Atlantis
AdHErENt
mAss
Sissutr
hiss
DrBio
tHick

Поиск


Copyright tHR - TeAM 2024 г. admin: aka_kludge (ICQ:334449009) Moderator's: LeadyTOR, ... Яндекс.Метрика