Using Google, and some finely crafted searches we can  find a lot of interesting information.
For Example we can find:
Credit  Card Numbers
Passwords
Software / MP3's
...... (and on and on  and on)  Presented below is just a sample of interesting searches  that we can send to google to obtain info that some people might not  want us having.. After you get a taste using some of these, try your own  crafted searches to find info that you would be interested in. 
Try a few of these searches:intitle:"Index of" passwords modifiedallinurl:auth_user_file.txt
"access denied for user" "using  password"
"A syntax error has occurred" filetype:ihtml
allinurl:  admin mdb 
"ORA-00921: unexpected end of SQL command"
inurl:passlist.txt
"Index  of /backup"
"Chatologica MetaSearch" "stack tracking:"
Amex Numbers: 300000000000000..399999999999999
MC Numbers:  5178000000000000..5178999999999999
visa  4356000000000000..4356999999999999
"parent  directory " /appz/ -xxx -html -htm -php -shtml -opendivx -md5 -md5sums
"parent directory " DVDRip -xxx -html -htm -php -shtml  -opendivx -md5 -md5sums
"parent directory  "Xvid -xxx -html -htm -php -shtml -opendivx -md5 -md5sums
"parent directory " Gamez -xxx -html -htm -php -shtml  -opendivx -md5 -md5sums
"parent directory "  MP3 -xxx -html -htm -php -shtml -opendivx -md5 -md5sums
"parent directory " Name of Singer or album -xxx -html -htm  -php -shtml -opendivx -md5 -md5sums
Notice  that I am only changing the word after the parent directory, change it  to what you want and you will get a lot of stuff.
METHOD 2
put this string in google search:
?intitle:index.of?  mp3
You only need add the name of the  song/artist/singer.
Example:  ?intitle:index.of? mp3 jackson
METHOD 3
put  this string in google search:
inurl:microsoft  filetype:iso
You can change the string  to watever you want, ex. microsoft to adobe, iso to zip etc…
"#  -FrontPage-" inurl:service.pwd
Frontpage passwords.. very nice  clean search results listing !!
"AutoCreate=TRUE  password=*" 
This searches the password for "Website Access  Analyzer", a Japanese software that creates webstatistics. For those who  can read Japanese, check out the author's site at:  http://www.coara.or.jp/~passy/
"http://*:*@www"  domainname
This is a query to get inline passwords from search  engines (not just Google), you must type in the query followed with the  the domain name without the .com or .net
"http://*:*@www"  bangbus or "http://*:*@www"bangbus
Another  way is by just typing
"http://bob:bob@www"
"sets  mode: +k"
This search reveals channel keys (passwords) on IRC as  revealed from IRC chat logs.
allinurl:  admin mdb
Not all of these pages are administrator's access  databases containing usernames, passwords and other sensitive  information, but many are!
allinurl:auth_user_file.txt
DCForum's  password file. This file gives a list of (crackable) passwords,  usernames and email addresses for DCForum and for DCShop (a shopping  cart program(!!!). Some lists are bigger than others, all are fun, and  all belong to googledorks. =)
intitle:"Index  of" config.php
This search brings up sites with "config.php"  files. To skip the technical discussion, this configuration file  contains both a username and a password for an SQL database. Most sites  with forums run a PHP message base. This file gives you the keys to that  forum, including FULL ADMIN access to the database.
eggdrop  filetype:user user
These are eggdrop config files. Avoiding a  full-blown descussion about eggdrops and IRC bots, suffice it to say  that this file contains usernames and passwords for IRC users.
intitle:index.of.etc
This  search gets you access to the etc directory, where many many many types  of password files can be found. This link is not as reliable, but  crawling etc directories can be really fun!
filetype:bak  inurl:"htaccess|passwd|shadow|htusers"
This will search for  backup files (*.bak) created by some editors or even by the  administrator himself (before activating a new version).
Every  attacker knows that changing the extenstion of a file on a webserver can  have ugly consequences.
Let's pretend  you need a serial number for windows xp pro.
In  the google search bar type in just like this - "Windows  XP Professional" 94FBR
the key is the  94FBR code.. it was included with many MS Office registration codes so  this will help you dramatically reduce the amount of 'fake' porn sites  that trick you.
or if you want to find the  serial for winzip 8.1 - "Winzip 8.1" 94FBR 
 
 
No comments:
Post a Comment