Tuesday, September 28, 2010

Dork for locating passwords

Dork for locating passwords

http://*:*@www” site

passwords for site, stored as the string “http://username:password@www…”

filetype:bak inurl:”htaccess|passwd|shadow|ht users”

file backups, potentially containing user names and passwords

filetype:mdb inurl:”account|users|admin|admin istrators|passwd|password”

mdb files, potentially containing password information

intitle:”Index of” pwd.db

pwd.db files, potentially containing user names and encrypted passwords

inurl:admin inurl:backup intitle:index.of

directories whose names contain the words admin and backup

“Index of/” “Parent Directory” “WS _ FTP.ini”

filetype:ini WS _ FTP PWD

WS_FTP configuration files, potentially containing FTP server access passwords

ext:pwd inurl:(service|authors|administrators |users) “# -FrontPage-”

files containing Microsoft FrontPage passwords

filetype:sql (“passwd values ****” | “password values ****” | “pass values ****” )

files containing SQL code and passwords inserted into a database

intitle:index.of trillian.ini

configuration files for the Trillian IM

eggdrop filetype:user

user configuration files for the Eggdrop ircbot

filetype:conf slapd.conf

configuration files for OpenLDAP

inurl:”wvdial.conf” intext:”password”

configuration files for WV Dial

ext:ini eudora.ini

configuration files for the Eudora mail client

filetype:mdb inurl:users.mdb

Microsoft Access files, potentially containing user account information
Posted by Omkar Pardeshi at 5:21 PM
Labels:

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)