Author | Message | ||||
---|---|---|---|---|---|
Ashura Unstopable Posts: 370 | [list:6cf4b055a5] 1. Searching URLs : - allinurl:wwwboard/passwd.txt ("allinurl" command is used to search for a particular string present) - username:password (password is encrypted using DES crypto and can be cracked using john the ripper) "WWWBOARD" is a CGI message board which saves it's password by default in a filename called "passwd.txt".This is a very outdated message board script but many new types of CGI/PHP/ASP messages boards and scripts save their passwords, text files cud be encrypted or not, but encrypter is not that hard to find -allinurl:passwd.txt site:hyve.com (this command searches for a file called passwd.txt present in exact url/website; hyve.com here is just example for web hosting name) -allinurl:config.txt site:.co.uk (searches in special type domain level, cud be .de, .com, .jp or some other random) -allinurl:admin.txt site:.net 2. Searching for Index browsing enabled directories : -"Index of /admin" -"Index of /secret" -"Index of /cgi-bin" site:.edu (Dont forget the "...") 3. Searching for exact file types: -filetype:.doc site:.att classified (.att is just example; http://www.cryer.co.uk/filetypes/ here u can find list of different other filetypes) 4. Searching for easy exploitable webs: just examples: if u know exploit for phpBB 2.0.* then search: -"Powered by phpBB 2.0.5" or "Powered by phpBB 2.0.5" site:.co.uk [/list:u:6cf4b055a5] | ||||
Methodman n00b Posts: 36 | good... but to be simpler and fast can be used "Google_Hacker or t3chn0bra1n'z Googler " :wink: they are old but still rolls | ||||
Ashura Unstopable Posts: 370 | to see all images belonging to some web site type in www.images.google.com "site:" and the specific address following example:
you could also define what exactly you want to find example:
|